The most valuable feature of A10 Thunder TPS is load balancing.

The primary benefit that we see from their systems is that their filtering technology has the ability to detect and drop the malicious traffic from the legitimate traffic with a high success rate. That, in combination with the very small effort needed to manage their systems, are the two most important benefits to us. On the one hand, it's the quality of scrubbing, and on the other hand, it's the low total cost of operations for us to keep these systems alive and working efficiently.

The quality of the scrubbing is, of course, what the system is supposed to do. It's the key functionality of the system. That's what we bought the equipment for. And the small effort to manage the systems and keep them alive, of course, immediately translates into a benefit that we have a low cost of managing those systems. That means we can allocate the time of our network engineers to other activities.

If you look at the total response time that we see in our solution, which means the time between the start of an attack and the time that the scrubbing really starts, we typically see two to three minutes. But the majority of that time is actually used by our detection technology, not so much the A10 network scrubbing technology. And then it takes a bit of time to reroute the traffic to the A10 equipment. Once it has been rerouted, the scrubbing starts very fast, so the start of the scrubbing is only a small part of the two to three minutes. In general, we're very happy with the response times and the scrubbing quality of the A10 equipment.

The solution is easy to use.

We use all the features, but our customers have started asking for key features around SIP. We are also using some proxy features.

The solution’s response time to an attack is fast. When it is configured in line, it is automatically done. When we have to stop the attack, it takes 10 to 15 seconds.

We selected the solution because of its programmable automated defense using RESTful API. We didn't want to connect to the box. We wanted to be able to do some automation. We wanted to have our own portal because we wanted to connect our customers to our own UI using the A10 API. It has been good and exactly what we need. 

The TPS has reduced the amount of manual intervention required during an attack. When we have an attack, and we need to block some stuff everywhere, we just click on a button and push the rules. Then, it's deployed in Asia, Europe, and US. We don't have to do anything more. 

The aGalaxy is a control plane for the product. It controls the entire TPS so you don't have to connect to the box. You just have to connect to this control plane.

The most valuable feature is the DDoS mitigation availability, the ability to be able to block different types of attacks, and large attacks. That's the main function of the device that we use today. They're able to block attacks that we see against us, to prevent attacks as we see them, to prevent further outage to the environment.

Also, based on previous equipment that we had, it's amazing that this device can do what it can do in a 1U form factor. The devices that we have right now have never gone over capacity and we've actually mitigated some pretty large attacks with these devices.

The solution's response time to an attack is pretty good. Normally, it's a matter of milliseconds and most of the time, within one minute, we have a response and we have mitigation in place. That limits the impact to our environment when we do have an attack.

We use the solution's programmable automated defense using RESTful API quite a lot. We don't use it for configuring the device, but we do use it for things such as grabbing stats and data as well as doing automated blacklisting of IPs and using class lists within devices. It works fairly well. For the most part, we only use the RESTful API for certain tasks. A10's aGalaxy uses API to configure the devices as well and we rely on that for all basic configuration such as IP addresses and port configuration.

Thunder TPS has automated mitigation and fully managed support in case the device cannot handle the attack. They have engineers available to respond.

All it does is mitigation. It mitigates and scrubs bad traffic. We send the bad traffic to it, it determines the good traffic and allows the good traffic to come through. That's the only feature we use on it, the DDoS mitigation.

Given its 1RU form factor, the performance has been excellent for us so far. What they said was that it is about 38.5 Gig of throughput. We've not really hit that yet, we haven't tested the extremes, but so far it's doing well and we haven't had any performance issues.

The response time to an attack is instant. We've used some outsourced solutions in the past, out in the cloud, that weren't so quick. But it's all within our control now. We control how fast it mitigates.

We're just using a portion of it, the mitigation aspect.

The solution's firewall features are the most valuable feature of the solution. I think we can use all the features or capabilities that come with the product's license. Maybe today, we are just implementing an SOP or LOB.

They give us the ability to configure many features for DDoS. There are many items that we can use.

MULTI-VECTOR ATTACK PROTECTION

Detect and mitigate DDoS attacks of many types, including volumetric, protocol, or resource attacks; application-level attacks; or IoT-based attacks. Hardware acceleration offloads the CPUs and makes Thunder TPS particularly adept to deal with simultaneous multi-vector attacks