A10 Networks Thunder ADC Reviews

• Load balance web traffic
• Load balance application traffic
• DDoS protection
• Carrier Grade Network (CGN)

We have the ADC product, as well as the CGN.

We are using both the public and private deployment model. We are using AWS as our cloud provider.

It helps us operational when had our DDoS attack. We got a call at two o'clock in the morning one day from one of our service providers that there was a DDoS attack happening against one of our IPs. We looked at the way our network was configured, then we looked into the best way to mitigate it. We knew that our A10 had the capability, but we didn't have it enabled at the time. We called support and were able to get it enabled. Immediately, we stopped that DDoS attack. From an operational perspective, we had a down situation that we were able to quickly resolve and bringing it.

It also helps out a lot, from an operational perspective, when we are load balancing our servers, whether application or web. It is real easy to do a maintenance window. I can go into any of my service groups, then take the servers out of the service group and do maintenance on half of the servers while the other half are still online. I can get all those updated, back up to date, and put all of them back, then take the other half out and update them. So, it allows us to do seamless updates to our servers and application infrastructure.

We send all of our production web traffic through our A10. We have a major website, which is our school's website. On the website, there are many different applications and sites, so being able to balance that between our on-premise resources as well as our public cloud with AWS is a huge feature.

The solution's security features are excellent. It actively helped us mitigate a DDoS attack in October of 2018. You can do SSL offloading. You can use the A10 to terminate your SSL connectivity, meaning that you can install all your public certificates on the A10 box itself. It just has a wealth of security features.

Being a public entity and having a public website, which is highly visible with a lot of traffic, we are a target for DDoS. Within the last year, we have had a couple of DDoS attacks which could have affected our web traffic and taken down certain parts of our website. This did not happen because the A10 was able to mitigate the attacks using rate limiting that can be configured for DDoS mitigation on the box.

The single pane of glass traffic management is a nice feature. It allows us to be able to delegate access to different groups of people. This means that I can provide a front line support (a help desk) a certain level of access to be able to look at things, a second level support a little more access, and then engineers can have full access. It is very useful to have a simple dashboard where you can login and look into what your traffic patterns are, then look and see what times of day you're experiencing the heaviest traffic. You can quickly identify if you are possibly having a security issue or security breach. It makes it very easy to use the box.

Troubleshooting traffic flows is fairly easy on the box, as you can do packet captures or tcpdumps directly on the A10 itself. So, you can do a trace and see what the A10 is doing with certain traffic. E.g., if I have a client somewhere out in the world who is coming into my A10 box and reporting some weird behavior, or saying, "Hey, I can't get to this application on your website," or "I'm getting blocked for this reason. I can't look at the A10 and figure it out." I could then go into the traffic flows, run a tcpdump, and do a traffic capture. At this point, I can immediately identify where the traffic is coming from and why it is not getting through the box.

I have a very technical background and was a network engineer for many years before I became a manager. For me, it is a very easy to use product. The web GUI makes it very easy to configure. The CLI is not very difficult to use, along with the syntax. The command line is very easy to learn.

They need to make the user interface (GUI) a bit more usable and intuitive. Some features can be a little difficult to find at times. Sometimes, the workflow in the GUI doesn't match the workflow of an actual workflow. E.g., if I want to create a load balancer application, sometimes you've got to do things a bit out of order in the GUI in order to make it work right.

It has helped us deliver five nines of uptime. It is a very reliable box. It has never failed on us.

For deployment and maintenance, we have a primary and backup who are network engineers.

I know that they are scalable, but we personally have never outgrown the boxes that we have. We've never really had to scale.

We definitely plan to increase usage. Today, A10 is used on a production website that gets hundreds of thousands of visits a week. I would expect an increase in the number of visits to the website, which is on the load balancing side. For the Carrier Grade Network, we are currently using it to net roughly 9500 users through the A10. So, we're doing CGN for 9500 people in all of our residences. That number is expected to double within the next five years.

We have about 20 to 25 people administrating or helping support it: network engineers, network architects, software engineers, security engineers, support staff, and web developers.

The technical support is really good. When it comes to support, there is always room for improvement. However, there has not been a time that I reached out to A10 support, including after hours, such as two o'clock in the morning during that DDoS attack, and I have not been able to get a hold of an engineer right away. I have had some situations where the person couldn't resolve my issue and they had to go do some research, then come back to me within a day or two with a solution. Overall, they have a good support model. They have a great response time. First call resolution is not always there for urgent issues. The first call resolution is something that could be improved upon.

The A10 support and training site has a significant wealth of information and documentation about how to configure the most common configurations requested. Therefore, it is very easy to use coming from a network engineer background.

We previously used a Cisco solution. One of the main reasons for switching away from Cisco was the licensing model. A10 gives you global server load balancing for free, while Cisco charged a significant licensing fee for that.

The initial setup was straightforward. The way the box is brought online, A10 has good documentation on how to set it up. The person that I had on my team in charge of bringing this box online had zero A10 experience. Within a week or so, they were able to get up to speed and bring the box online, get it licensed properly, get it updated to the latest code, and put a basic configuration on it.

You plug it up, then it is a next, next, finish type of thing to get it online and operational.

The initial deployment plan was to get the box online, then to load balance some basic traffic and see how it worked. After that, we created some health checks to see how they worked and tested those out. We then tried to create some flex codes to do some basic redirects. We tested them, and those worked. We followed that same pattern when it came to application balancing.

From the network side of things, once we knew that it worked, we then passed it over. We created partitions for each of our application groups and gave them access to the A10 box. They could then configure their own server or applications on the box.

You do need intermediate network skills in order to use the box effectively. It is an advanced technology that you are configuring. It is not like you're just setting up a basic network with a switch and a router. Load balancers can be used for many different purposes: Doing URL redirects, application load balancing, and web load balancing. It can be used a million different ways. It can also be used to do a lot of different security features, such as SSL offloading so you can inspect SSL traffic. Thus, you must have a good understanding of what the box is capable of to be able to configure it.

So far, the solution has supported all of our in-house applications, which are homegrown, as well as the applications that we have purchased from vendors. We haven't run into a situation where we have ever tried to configure our A10 to work with software that was either homegrown or purchased where we couldn't get it to work. The solution has been very successful.

We have seen ROI from a being able to delegate certain rights to certain other groups of people to administrate their own configurations on the A10. Also, from an operational overhead, as well as cost, there has definitely been a huge return on investment.

For the hardware and license, we paid $35,000 per box, which was a one-time cost. Then, for the Gold Support on the two boxes, we pay $9400 annually.

We also evaluated F5 and Citrix NetScaler.

The pros of A10 versus F5 are ease of use, as well as cost. F5 is much more difficult to configure. One of the pros of F5 is that it has more granular configuration, meaning you could do a lot more with F5 than you could do with an A10. However, A10 was a better fit for our needs. One of the cons of F5 is the cost.

With NetScaler, one of the cons is the cost. One of its pros is functionality-wise, the feature sets are very rich. 

The pros of Citrix and F5 are that they are more widely deployed than A10. If I was trying to find other people, such as my peers who have worked on A10s, there will be a lot more people out there that have worked on Citrix or F5 opposed to A10. This is a con for A10. 

It has been a good, reliable solution for us. If you want a reliable solution that is very easy to configure and administrate, the A10 is the right choice. It is a very cost-effective solution. I would always pick A10 unless there was a specific feature set that one of the other vendors offered and I absolutely needed.

We do not use the solution’s Secure Service Mesh to optimize traffic within Kubernetes and containers today, but that is something we would like to do in the future.

A10 Networks Thunder ADC can be deployed on-premise or virtually.

A10 Networks Thunder ADC is used for global load balancing.

The most valuable features in A10 Networks Thunder ADC are the ease of configuration, user-friendliness, and simplicity to sell to customers.

A10 Networks Thunder ADC could improve on the Application Delivery Controller. it's not a fully-fledged web application firewall solution. For example, application data and support need to improve.

I have been using A10 Networks Thunder ADC for approximately two years.

The stability of A10 Networks Thunder ADC is good.

A10 Networks Thunder ADC is scalable.

We have approximately a team of six using A10 Networks Thunder ADC.

A10 Networks Thunder ADC has a very good support structure. In each region, they have a very well-experienced team to support when it comes to pre-sales. They have a very capable team.

The setup of A10 Networks Thunder ADC is very straightforward. If everything is in order, onboarding one application can be done in a few hours.

The price of A10 Networks Thunder ADC depends on capacity and the customer's requirement. They have several offerings. They have different price models and options to choose from. Additionally, you need to subscribe to support for the hardware appliances.

A10 Networks Thunder ADC is a very natural solution in the industry. When compared to the other vendors, it's easier to use, more user-friendly, and more mature.

I rate A10 Networks Thunder ADC a nine out of ten.

We are in the government sector and we use this solution for load balancing and application management.

The solution is user-friendly and the CLA troubleshooting is easier compared to other solutions.

There are competitors that have more features.

In a future release, I would like to see VAS, application policy management, profiling, and the SSL encryption and decryption features should be on the system instead of having a separate SSLi system. Additionally, they should combine the products into one solution instead of having separate products, such as encryption and decryption, and load balancing.

I have been using the solution for approximately four years.

The technical support is good.

I previously used F5 BIG-IP.

The implementation is easy.

The price of the maintenance support is too expensive.

I have evaluated Avi Networks.

If someone has experience in Cisco Networks, the CLA hierarchy and configuration are 90% the same making this solution easier to use.

I rate A10 Networks Thunder ADC a seven out of ten.

Our primary use case is for servicing a remote workforce. Especially these days when a lot of people are working remotely, a solution like this is important. We have to deploy applications and we do not necessarily want to upload the applications into the cloud or locally on desktops or laptops. ADC is really good for desktop virtualization and application delivery. Instead of having a full client, you look at a projection hosted in the data center. All the processing is being done back in the data center in the corporate domain. Because of the fact that the processing is not being taken care of locally, ADC is a very lightweight client that handles the feed on your laptop. It also enhances security.  

Everything is kept in the server room, not exported locally to someone's house or whatever location they are working in. You do not have to worry about securing the data. There are certain programs that you have to patch a lot, like Adobe Flash — which seems to always need a patch. Instead of doing that on all 100 laptops that are in the field, you just do it once in the data center and everybody uses that same version. That type of simplification for your deployments is another benefit of ADC.  

Because the maintenance is all happening at the data center, it is a lot more controlled and it is way easier. Another thing that this helps with is that only certain people get access to certain applications. The accountants are really the only ones who need access to the accounting software. It is really easy to set up groups based upon Active Directory and then define who gets access to those applications. That ability to limit access is really kind of cool and can potentially save money and licensing costs.  

The most valuable parts of this product have to do with the efficiency of deployments and data security.  

Everybody says Network Thunder works as advertised. It is just one of those things that actually performs as advertised. I take no news as good news. I do not really have any negatives. We usually like to get well-balanced reviews from people who have experience with the product and especially from the vendors themselves.  

As far as improvements, that may be different than things that are missing or broken. I just do not have any cons. I do not have any glaringly big needs for additions either. One thing that might be improved is the interface. I think it is pretty straightforward. It is just not the prettiest, but it is functional. That is getting pretty granular.  

Maybe one concrete thing that they can improve on is their two-factor authentication. Just do something to make the native solution more robust. That would probably be the one thing that I have heard mentioned. They have basic two-factor authentication. It is also nice that they have options for integrating with other two-factor products. The problem with that is that then you have to buy two products and license two solutions. One customer made a comment saying that it would be nice if we only had to buy one product to take care of the whole solution. In other words, they thought it would be better to just be able to buy the A10 and not buy two products to create the two-factor authentication they would have preferred. That should be something that A10 could at least offer.  

We have been selling A10 ADC (Application Delivery Controller) over the past couple of years. We have been selling the load balancer for going on nine years.  

There are not really any nagging glitches or any kind of little ongoing annoying problems. Certainly, there are none that I have experienced and not that I have heard of from people using it. If there are ever any issues they are just normal, temporary issues that you expect when you work with technology. That is if you can consider anything that is a glitch to be normal.  

If we are talking about load balancing, then I can speak more about stability issues. But the Network Thunder ADC has mostly been very good. There was an issue a few years back with one of my customers and A10 addressed the problem and took care of it promptly. Isolated incidents can have to do with a lot of things within a larger architecture. It would be a problem with the architecture then, and not the product.   

We never really tried to scale the internal initial deployment hands-on. It has been left as is. More users have been added over time but nothing so crazy that it really required some type of scaling of the product. This company is a little over a hundred users. They are all using it remotely, from home, daily.  

Roles for the users are just all over the board.  

For just Network Thunder, I have not had to deal with the A10 technical support team. Our clients never said anything about how they like it one way or another. I assume that means they have not had to contact them either. There has just been one load balancing issue a client had and it was isolated to that location. A10 took care of it. They are one for one as far as tackling problems I know about.  

The installation is absolutely straightforward. Nothing more to say about that.  

As far as how many people are usually required to maintain it, in this company it is just one technician for 100 people using the product. His role is probably considered a straight system admin. It would not be a senior tech or even someone dedicated to the product.  

I can just say that it is cheaper than other solutions that are supposed to do the same thing. That is actually one of the reasons that customers chose it.  

It is a pretty good product. On a scale from one to ten (where one is the worst and ten is the best), I would rate A10 Networks Thunder ADC as a nine-out-of-ten. I do not get too many complaints from customers. Giving it a nine seems fair. It works as advertised.   

The A10s that we have in Florida are being used for load balancing. We have a pair of A10s there, an active and a standby, and we are balancing the traffic between. We also use our A10s, in general, for provisioning wireless products. Eventually, we will use our new A10s for more stuff.

Our applications are hosted in a private on-premises data center, on public cloud in AWS, and in a hybrid cloud which is primarily public infrastructure.

Among our biggest security concerns are malicious code and DDoS attacks.

We use the monitoring features and security features. The solution will tell us if someone tries to use the wrong password or to hack into the system. We do have firewalls in place so no incoming traffic from the outside can get in. Our firewall blocks everything coming in from the outside, but we can go out to our network.

We use the diagnostics to debug files and, when there is a problem, we can generate a file that we can send to our NOC engineers so they can take a look at it.

We also use the login resource usage which gives us a summary and graphs of services — when things are going down and are up.

The ADCs are pretty straightforward and easy to use. There is a GUI base where you can go in and see everything, but they also have a CLI base where you can use a command and get the information that you want, very fast. You log into the website with the A10 GUI and you can see all of your functions and your health monitor, which is very important. With the health monitor you can see the health of the switch and, if something is going on, how it's progressing. Also upgrading the GUI is very easy. It's user-friendly.

The traffic management is very good. I can monitor the traffic that comes into the A10 very easily. We balance traffic between the active blade and the standby blade. The traffic management is holding its load properly and its balancing properly. It's very good.

In terms of the traffic flow management capabilities, there are graphs that you can look at as you enable them. You can look back at live data for the last 30 minutes and it's very good. I like it. You can manage your traffic easily and you can troubleshoot because, if you look back at your data for the past two weeks, you can see if something was flipping. It's a good feature.

There is room for improvement in the upgrading process. Sometimes we have to contact A10 for verification of some stuff.

We have had A10s for about 10 or 12 years, in our Florida market. Our company merged with two other companies, so we inherited som A10s. Those are in Florida and those are the ones we have had for 10 or 12 years. They are TH3030S models.

We also purchased an A10 about a year ago and just finished configuring it, although it's not in full usage yet. This one is a TH4430S.

So far, the stability has been very good. We haven't had much of a problem.

As I said, we don't use them for too much, just for load balancing and our 911 service. We have different internal switches that are connected to the A10 to load-balance the traffic, so we don't use the A10s 100 percent but between 20 and 50 percent for now. But as time goes by we are going to be using them more.

We currently have about 25 to 30 people who log into it to do provisioning on a daily basis. 

As for our plans to implement technologies or strategies in the next three years, we may look at moving from hardware appliances to software/scale-out solutions. Our company is always looking at new solutions to meet market needs. We will also look at multi-cloud failover, upgrading from TLS/SSL capabilities to modern PFS/ECC encryption standards, and moving applications to the public cloud.

We have used their tech support a few times. They're quick to answer the call and they respond to you in a timely manner. Their engineers are pretty good. They will join a WebEx session and look into the switch for you and try to resolve your problems. They resolve issues in a timely manner.

We used F5 BIG-IPs. The switch to ADC was an upper-level decision. They wanted to change because things were outdated and it had to do with contracts and the like.

The things we consider most important when funding new technology are revenue generation, customer satisfaction, operational improvement, accelerating development speed, and business advantages from new technology.

The setup was very straightforward but it depends on the solutions you are using in your environment.  In our network we don't configure all the features because we are not using them as yet, but it's very straightforward to configure them.

In our department, setup takes six to seven months, including getting the ADCs, racking and stacking them, and configuring them. Our organization has a standardized, tailored deployment strategy, where we have our own config, but it has to be coordinated with our other switches.

We have four to five people involved in the deployment of the solution. Our local engineers will install it, power it up, and give us a remote connection and then I, as a network engineer, will get in remotely and configure it.

It's very simple to use, as long as you understand the engineering technology behind it. I would advise going with it. Make sure you have the GUI feature on it so that you can go in and do quick, at-a-glance monitoring.

The solution is good for load-balancing your traffic. We don't want to overload other switches, so we pass traffic through the A10 and load-balance it. It also helps us to troubleshoot issues within our network.

My primary use case is to use it as a software load balancer. 

Because of the industry that we operate in, we cannot use cloud. Therefore, we use it on-premise. We have 32 medium boxes, and that's what runs production.

A10 explained why the latency dropped significantly on a site that we have.

It gives me information on load balancing and offloading, which provides me information on performance.

I use SSL, TSL, and additional offloading. With additional offloading, this is where I can put my certificate on A10, as servers don't have the capability.

It has allowed us to smooth out our traffic.

The ease of use could have been created better. Some of the UI features are very primitive. Sometimes, wrong entries will go in and stay. I gave this feedback to the team who sold it to me. 

Also, some things like the traffic flow management take a lot of time to learn to use. While we have mastered using the feature, it doesn't tell us where we are going wrong or if something is breaking.

It will start failing if you have a containerized environment, which is why we have to start moving away from using the A10. If they could fix this, that would be good. 

It would be also be nice if someone could walk me through the solution’s Secure Service Mesh to optimize traffic within Kubernetes and containers, since I am not able to use A10 for rebalancing right now.

While I do use the security features on the load balancing, I find them to be primitive.

I can't complain about its stability.

My engineering managers, with help of the DevOps team, manage the deployment. They have become self-sufficient and, with zero impact, they patch the servers in broad daylight, meaning mid-week.

I haven't needed to vertically scale beyond this box. It does scale horizontally.

The journey started with four servers and two websites and now I run close to 32 servers and service 36 applications, consisting of Web, application, and microservices. CPU utilization has moved marginally, by about three percent.

Troubleshooting always results in us contacting the tech support team and have a solutions expert, who is part of the sales team, send us helpful information. The solution expert is phenomenal, which is not the same experience that I have with the technical support.

I haven't been impressed with the technical support, though. When we need help, there is less support staff than we would like in the time that we need them. E.g., it may take an hour and a half to get assistance during an emergency. 

I would like them to provide learning tips and a community forum. where users can share ideas. They need more detailed support articles on the A10 website.

Before A10, I was using Network Load Balancing from Windows, which came pre-bundled and was primitive. I wanted to move to a professional version where I would have more control. I evaluated a couple of products and A10 seemed to be the clear winner. I had very simple parameters: the latency of response from our servers. The benchmark was NLB. When we compared the numbers with A10 and, when configured properly, it reduced the latency by roughly 15 percent.

There is absolutely no comparison between A10 and Windows load balancing.

The initial setup wasn't complex. A10 helped us with the setup. 

It took seven days to go into production, which was due to number of sites that we were running.

Implementation strategy:

1. It should have the ability, as a load balancer, to manage circuits.
2. Not everyone should have access to it.

I created a replica of the production box. Then, I set up the service, which I put on the load balancer. For 15 minutes, I moved the traffic from my NLB through A10 and monitored the performance. Then, I moved it back and it gave me the confidence that it could run safely. Then, I did the same for all 36 sites that I run. Afterwards, I moved it over to my team.

A10's solution expert helped us configure the box.

A third-party called Value Point helped us with the deployment. I was not impressed with their skills. 

For the deployment, there were two or three people from my team, two or three people coming from Value Point, and two from A10.

It's a phenomenal investment that the company has made.  

It improves our performance and management saving us money. 

There were budgetary constraints that keep us from investing in the single pane of glass traffic management feature. We saw a demo of this feature about a year to a year and a half ago.

We have not looked into any other options.

Go for it. 

It's always better to go with a nimble, growing company. Partner your growth with their journey. It's always beneficial for a stable setup. 

We are using ADC for load balancing. Most of our enterprise applications are behind ADC.

It's on-premise.

It has definitely improved the way our organization performs. Our company is mostly an education institution. We have a campus and an administration where we host all the enterprise applications. With enterprise applications going to six separate entities, it requires a lot of hardware underlying the applications. So load balancing has worked very well.

It definitely has enhanced our application security and our application accessibility. We don't have to go with the original application, the built-in, round-robin kind of thing. The security features, like SSL version 3.0 or TLS 1.2, mean it has pretty good options in the way the application can be configured to make it more secure, as well as the number of servers that are behind it and the way it chooses its servers.

The features we have used are basically for load balancing. The round-robin feature, the persistent cookies, the source IPs, source mapping, we use all of that in our situation. 

They also have a feature I use frequently. We have two appliances and I'm able to move my application from one appliance to another. I don't have to move my whole A10 to be active on the other side or to be passive on the other side. If an application is having a problem, I can just move it using a command. That is really interesting and very appropriate for our environment.

It's very easy to use. The commands are easy to use. I have used a couple of other load balancers and I find A10 to be the easiest one. The language and the commands are easier, as is the layout. Even the technology behind it all just links together, so it's pretty easy to use. You just follow the steps and you're good.

Within load balancing, we use some of the security features as well, such as the source mapping. We make sure that everything goes in and out from A10 itself. That makes the messages more secure too. We know what's going in and what's going out. It captures their source IP addresses if we want it to. The VRRP solution is also good. It has automatic failover.

It also has a Virtual Chassis System, although we don't use it. But we do have the option of creating virtual chassis, so that gives it a bit more security. If we find an application which is not going to play well in the main pool, we can easily create a virtual chassis and have that application in that virtual chassis. With the virtual chassis we can also create system partitions and have a test system for test applications and have the others elsewhere.

The solution does logging, but the logging capacity is really small. Because we have a bunch of traffic here, we usually get a logging-side warning that "This many logs were lost because of the heavy traffic." If the logging was better, that would be very good.

It has security features like DDoS and WAF, but they are not updated automatically. If any new vulnerability comes out, you are given an option to update that vulnerability in your system and the actual firewalls. Because, for ADC, this is just an added feature, it's not the main security solution right now. It's not the only security that any company would have. There is an opportunity to modify that and make it better.

I don't want to jinx it, but it's pretty stable. There are times where we don't even have to reboot it for a year. We would look at the time and say, "Oh, it's been like 270 days. We haven't rebooted. Let's schedule it to reboot." Otherwise, it's very smooth.

The scalability depends on the resources you have. We do have resources so we are on the higher end in terms of what we bought, and we do have the scalability built-in. We are not using the virtual chassis. But if we want to expand it and have partitions created, to create a separate virtual chassis, we do have that scalability. If we need to add another appliance to it, the process is pretty simple. So it's scalable.

There are talks, internally, that all our applications should be behind ADC. As soon as we get to that level, even if it is just one server-application, the application will be behind ADC. Right now, we have our major enterprise applications, our major ERP systems, our email systems, and our tier-one applications behind ADC.

They do have support and it is wonderful. We are on the highest support level. It's very good, even excellent.

We were using another product. The main things that attracted us - I saw it a conference where there was a demo - were the pricing at that time, the functionality, and the stability. Of course, we continued afterward doing a little bit more research. A10 was still trying to get its foot into the market over here and they were very helpful. I do not have any regrets switching over to A10.

Initially, we deployed it because of our learning management system, which I was handling. It is Linux-based and it required load balancers. We moved to A10 from another load balancer at least in part because of the better pricing. Also, it was doing Layer 4 and Layer 7 and that's what was required.

The initial setup is pretty simple if you have the guide. It's just like a basic switch on any appliance deployment. Deployment is not hard.

When we initially did it, this was a new product, of course, so we had support do the deployment. But when we changed the appliance, I did it myself, moving from one to another and doing the initial configuration. It's more a matter of the paperwork that you do on the network, and how it will change. But the deployment itself on A10, like configuring your settings, etc., takes no more than two or three hours. If you have your paperwork done, it's pretty easy.

When you move into this solution there is a learning curve if you come from another one. But once you get used to it and you know how things are flowing, it's pretty good.

When we bought A10 and we moved to it, we did have the A10 consultants help us.

Our experience with them was excellent. They were eager to do it. At that time, A10 was pretty new over here. From the support to the administration, everybody was eager to help out, to get it deployed and be successful.

We pay for it on a yearly basis. There is standard licensing for the number of controllers; that just came into existence last year. Other than that, there's just the support: Basic or Gold Support, etc.

In implementing A10, you need to keep in mind your end goal, what is it that you desire? If you're looking for more DDoS, or if you're looking for more firewall-type of capabilities, then you might have to do a little bit more consultation. But if you're looking for ADC and trying to see separation and load balancing, A10 does the job and provides security very well. It has both CLI and a web interface, so it's not too congested nor does it look too busy. Its appearance is very soothing and relaxing so that helps.

It does have the reporting capabilities and the capability to send logs to an external device. If you feel comfortable with Linux, you can really expand its usage. It depends on what your company goals are.

Overall, A10 ADC is pretty good. It's reasonably priced and easy to use.

The biggest lesson I have learned from using ADC is that I have to keep on learning it. The good thing is that even when they do firmware upgrades, there are minor tweaks but it's not ever-changing firmware where we have to upgrade. That's a good thing about A10. I have other applications that I am responsible for and they generally have frequent upgrades and you have to do them or you won't be supported. But I have not gotten into that situation with A10. That's a huge advantage for us, being in the education field, because there are semesters during all 12 months of the year. There are very few windows in which we can actually bring down appliances and upgrade them. Maintenance-wise, with A10, we have not had that problem.

We have the solution’s Harmony analytics and visibility controller but I would not say that it has enabled us to proactively detect, anticipate, or resolve issues before they become problems. It does give very good reporting, but we have not had any issues that it told me about first-hand - or maybe we are not configured in that way. But it's a very good reporting tool and a very good graphical analyzer.

As for deployment and maintenance of the solution, it's only me.

Regarding the solution's single pane of glass traffic management, I don't think we have used any feature for traffic management. At the back-end we have very good bandwidth and, the way it is positioned in the network, the agent doesn't have to do any traffic management. We are not at the saturation point. We are even below the midpoint on traffic.

The solution hasn't affected our operations efficiency because we offer the solution to our applications team, if they need to have their applications behind A10. We just changed data centers, moved into a new building. We are at a stage where we would like, and there are talks, to have all our applications behind ADC, just for security, to have that separation from the users, but we are not there yet.

It is a work in progress. Initially, when we deployed A10, it was the demand of an application that we have a load balancer in place so that it could load balance among the ten different servers the application needed. But now, it has improved our decision-making where, if added security is needed, the application team would say, "Okay, let's put it on A10 for the off-loading, etc." Other features that a server would normally do are conducted by A10, which means a little less load on the server side. That helps the application efficiency.

We are in the process of using the WAF, the web application firewall, from A10. It's not the main firewall product, obviously, but we have found it to be interesting. We are trying to implement it. We are in learning mode right now.

The primary use case is server load balancing.

We use the on-premise deployment model.

It has provided improvement in regards to flexibility of our applications between data centers.

It does improve operational efficiency, but it's not overwhelming.

The Global Server Load Balancing (GSLB) is simple to use.

It's not easy to use (mediocre at best). It's difficult for administrators to maneuver through the web user interface. It should be more intuitive through the web GUI. If you're a command line person, you can get around. However, the web UI is very difficult, and for our operational folks, they need the web UI.

The solution’s security features are minimal. I'm not impressed by the DDoS solution.

Traffic flow issues are very difficult, as there's no means for us to analyze the traffic coming in or out of the appliance without technical support. 

They need to improve in-depth diagnostics. I don't know how to do a tcpdump on the appliance. We need to do packet captures on the appliance to analyze what's going through it. Information is not as easy to attain as it is with other vendors. Better diagnostic tools would probably help.

Stability has been fine. It's been stable.

We upgraded our solution last year.

For deployment and maintenance, we only need a couple of administrators (less than 10 people).

The scalability is appropriate.

It's moving along based on the business growth, so there are no plans to increase usage.

The technical support is not great, but they are not poor either. They're fair. We don't open a support case that often, but when we do, it's not immediate as far as their response. When they do respond, they come up with a collaboration to troubleshoot or find an answer. So, it's fair at best.

The solution's support for our on-premise applications do their job. The basic functionalities for on-prem services are okay. They're not anything great. They do what they're supposed to do.

We previously had F5 and switched because of costs. 

We are able to do the same things (as the previous solution), but it is cheaper when we have to renew.

The initial setup was straightforward. The deployment took three to four months.

We were pretty familiar with the product, so we did the deployment ourselves.

It has broken even on ROI. We haven't lost any, which is good, but we haven't gained anything.

It is $7000 per unit for the support annually.

It does do the job, if your environment is simplistic enough. The product is fair for its market.

We test and used the single pane of glass traffic management, but we don't use that now. We went away from that. Now, we administer our devices individually.