White Papers

Thunder & AX Series

  • 2016 Security PredictionsOverview


    With the blurring of network boundaries and the increasing number of connected devices, A10 Networks predicts even more attacks and vulnerability disclosures next year. This white paper highlights our top five security predictions for 2016 and discusses several ways to protect against them.

  • A10 Thunder ADC Return On InvestmentOverview


    Application Delivery Controllers (ADCs) can help you optimize your infrastructure for maximum efficiency – A10 Thunder ADC, in particular, has been designed to ensure you are getting the most out of your infrastructure. The benefits are quantified in this white paper. Download it now to learn:

    • How to streamline operations and maximize efficiencies with an ADC.
    • How SSL acceleration, TCP optimization, RAM caching and compression help offload servers to maximize their utility.
    • The cumulative benefits and return on investment A10 can deliver for a small, medium and large data center.
  • Advanced Core Operating System (ACOS): Experience the PerformanceOverview


    A10 Networks' Advanced Core Operating System (ACOS) platform was built from the ground up based on supercomputing principles with High-Speed Shared Memory to meet rapidly growing application networking demands. ACOS linearly scales performance in increasingly dense multicore CPU systems and consumes dramatically fewer resources to achieve a comparable capacity relative to traditional designs. As a result, customers get a much more efficient system that can provide dramatically more application and security performance, and scale with much greater value. What this really means to your business is better end user experience today and into the future; with superior ROI for your IT budget...

    This white paper discusses the trends affecting Application Networking and how A10's ACOS with high speed shared memory architecture will benefit your network for years to come.

  • Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADCOverview


    Organizations around the world depend on Microsoft Lync to connect, collaborate, and share information in real time. Microsoft Lync combines instant messaging, Voice over IP (VoIP), video conferencing, and other real-time data sharing capabilities together to deliver a rich, enterprise-ready unified communications platform.

    If Lync customers deploy multiple Lync servers or a "pool," they need to distribute traffic loads to those servers. Load balancing is not just a best practice, it's a requirement. Microsoft advises customers to provision either hardware load balancing or DNS load balancing. If load balancing is required, IT managers can deploy Thunder Series application delivery controllers (ADCs) from A10 Networks to ensure world-class performance, applications availability, and resiliency for Microsoft Lync.

    Security threats challenge enterprise networks at every level, and Lync applications are not immune. Distributed denial-of-service (DDoS) attacks are a particular danger for Lync installments. Thunder ADC acts as a reverse proxy between clients and Lync front-end servers, ensuring that all connections to servers are initiated from Thunder ADC. In this process, Thunder ADC eliminates potentially crippling DDoS attacks and other network-level threats.

  • AX Series and SharePoint Performance OptimizationOverview


    The AX Series Application Delivery Controllers accelerate and optimize Microsoft SharePoint deployments. In this white paper you will learn how specific AX Series features such as SSL Offload, TCP Connection Reuse, RAM Caching and HTTP Compression improve the capabilities of a SharePoint solution.


  • CGNAT Isn’t a Capability, It’s a Lifecycle StrategyOverview

    With the global exhaustion of free pools of IPv4 addresses and the continuing adoption of IPv6, service providers are facing new challenges in sustaining growth and business continuity. Many service providers will need to implement an address translation strategy that includes both a short-term plan to address the preservation of their existing IPv4 address allocation, and a long-term plan to seamlessly migrate to an IPv6 infrastructure.
    This approach will require a solution that not only provides a robust set of carrier-grade network address translation (CGNAT) capabilities — and IPv6 migration options based on each service provider’s existing infrastructure — but one that also addresses the entire lifecycle of the transition from IPv4 to IPv6.
    This white paper provides an overview of the various components that are required for a complete CGNAT and IPv6 migration solution, which encompass the entire lifecycle of the transition to IPv6.

  • Data Centers in the CrosshairsOverview


    Every day, attackers conspire to bring down data center servers and steal application data. Comprising the most valuable assets in your organization - your web, DNS, database, and email servers - data centers have become the number one target of cyber criminals, hacktivists and state-sponsored attackers. This paper analyzes the top five most dangerous threats to your data center. It also describes the impact of these threats and it reveals the latest methods, tools and techniques used by attackers to exploit data center resources...

  • DDoS Report: The Escalating Threat of DDoS AttacksOverview


    With increasing frequency and scale, some of the world’s largest data center and network operators are suffering from crippling Distributed Denial of Service (DDoS) attacks. Virtually every commercial and governmental organization today is largely - if not entirely – reliant on its online services, and service availability is completely at risk from the rising tide of DDoS attacks. If you are concerned about the possibility of major service outages due to DDoS attacks, you should ensure that your vendor can scale to mitigate the largest multi-vector attacks at your network’s edge..


  • Diameter: AAA Protocol for IMS and LTE NetworksOverview


    This white paper presents an overview of the A10 Networks AX Series family and their capabilities as they pertain to the Diameter protocol. This white paper covers how the AX Application Delivery Controllers (ADCs), which are new generation server load balancers, can support different types of Diameter applications; and outlines the benefits of deploying the AX device in an IP Multimedia Subsystem (IMS) infrastructure. This white paper also describes how integrating an AX device into an IMS infrastructure can improve reliability, scalability, security, and availability, in order to support the growing demands of all IP-based interface Long Term Evolution (LTE), High Speed Packet Access (HSPA) and Fixed Mobile Convergence (FMC) networks. This white paper can be used as a reference for deploying the AX Series device in new, existing, or proprietary Diameter applications...


  • Domain Name System Security Extensions (DNSSEC): Preparing the NetworkOverview


    This paper gives a high level view of DNSSEC and its current rollout status, with emphasis upon the networking challenges of "intermediate devices", those between the DNS Server and the DNS Client (Resolver). A10 Networks' Application Delivery Controller (ADC) solves challenges faced by organizations as they move to this more secure implementation of DNS, specifically offering DNSSEC compatibility, greater ADC performance, load balancing, DNS server efficiency and greater DNS server security.


  • Driving Down the Cost and Complexity of Application Networking with Multi-tenancyOverview


    Driving Down the Cost and Complexity of Application Networking with Multi-tenancy Multi-tenancy provided by virtualization technology is a rising topic for IT management; an increasing number of enterprises plan to transition towards cloud architectures to operate complex applications. Server virtualization technologies have delivered a wealth of benefits through increased adoption within the past few years by enterprises of all sizes. Benefits range from consolidated resource efficiency leveraged from virtual machines, to enhanced performance of immediate disaster recovery solutions, increasing business agility and continuity, as well as proven quick return on investment solutions.

    This white paper talks about A10's Application Delivery Partition (ADP) feature within the A10 Thunder® ADC and its value for enterprises seeking cost efficient, time efficient and management efficient solutions, using the popular Microsoft Lync software as the application example.

  • Evolution of ADCs: The A10 Advantage over Legacy Load BalancersOverview


    While traditional load balancers satisfied organizations' requirements two decades ago, they have failed to keep up with modern availability, acceleration, and security demands. Application delivery controllers (ADCs) bridge the gap with new content delivery features, but A10 Thunder™ ADC represents the next stage in the application delivery evolution by providing complete control over application traffic in any environment and by offering advanced availability, acceleration, and security features. This paper describes how Thunder ADC's high-performance architecture, advanced features, and carrier-grade hardware meets application delivery requirements not addressed by legacy load balancers...


  • Healthcare Security and HIPAA Compliance with A10Overview


    A10’s Thunder and AX Series ADCs offer a diverse solution set that can help with staying HIPAA compliant while enhancing patient and staff experience. By effectively managing traffic flows and network attacks, A10 ADCs keep healthcare networks highly available, accelerated and secure to preserve business continuity. For the administrative and technical safeguards required by HIPAA, A10 ADCs offer targeted features for regulating information access, implementing a disaster recovery strategy, and preventing data leakage and tampering. Integrate A10 ADCs in your network today to grow safer and faster online services for your patients and staff— delivering quality care at every step...


  • High Performance, High Capacity SSL OffloadOverview

    Internet users today are much more alert about web security than just a few years ago. People are all too aware of potential malicious activities that can compromise their personal information or worse. TLS/SSL is used to ensure the communication between a client and the application is encrypted, so even if the transaction is intercepted, the content can't be read by a third party. 

    The encryption strength is determined in part by the key length. The minimum key length that is supported by Certificate Authorities and web browsers changed from 1024 to 2048-bit. Many environments such as banking and financial institutions operate with higher security standards and will require stronger encryption and therefore longer key lengths such as 4096-bit, to guarantee higher degrees of data security...

  • Investigating MiraiOverview


    The use of distributed denial-of-service (DDoS) attacks to knock services, applications or businesses offline isn’t a new strategy. In fact, DDoS attacks are in such widespread use that it’s practically a household term.

    It starts with Mirai. It’s a new and clever malware that takes advantage of lax security standards in connected smart devices — also known as the Internet of Things (IoT) — to build massive botnets that are able to deploy DDoS payloads that surpass 1 Tbps throughputs.

  • Load Balancing Security GatewaysOverview


    A10's Application Delivery Controllers (ADCs) are a great way to transparently scale multiple security gateways, improving speed and availability, without forcing a compromise between performance and security.

    This white paper highlights key A10 Thunder and AX Series ADC technologies to enhance secure gateway deployments (such as firewalls, Intrusion Prevention System (IPS) and more) including:

    • Application Acceleration 
    • Traffic Optimization 
    • DDoS Protection 
    • Web Application Firewall 
    • DNS Application Firewall 
    • SSL Insight
  • Low Latency Trading in FIX EnvironmentsOverview


    In this paper, we review the history of FIX, related standards and key securities applications, and we show how A10's Advanced Core Operating System (ACOS®) is ideally suited to cope with the low latency/low jitter demands of securities trading. We discuss how A10 Networks high-performance Application Service Gateways (ASG) products are ideally suited for optimizing, accelerating and securing FIX messaging, as well as higher level Web traffic, across a range of applications that help scale server pools and improve user experience. We discuss how A10 solutions deliver fast, secure and highly resilient services; features that improve the customer experience and ultimately increase customer loyalty.

  • Mode: You - Piloting Your Business Toward A Harmonious, Cloud-Native ExistenceOverview

    For the foreseeable future, you’ll rely on both on-premise infrastructure and modern cloud environments. Evaluate and understand all sides of the spectrum to ensure your path to the cloud is agile, secure, safe and cost-effective. This white paper explores considerations to make as you pilot your business along this journey.

  • New Paradigm in Application Delivery Networking: Advanced Core Operating System (ACOS) and Multi-CPU ArchitectureOverview

    In today's business environment, companies rely heavily on Web-based applications to communicate and conduct transactions both externally and internally. With more people accessing Websites via smart phones, new third party applications, news sites, blogs, social networking and video and picture Websites, Internet traffic to Websites continues to increase significantly, and shows no signs of slowing down. More and more processing power is being required at data aggregation points such as load balancers and application delivery controllers...


  • Overcoming Challenges to Optimizing Cloud-Native App DeliveryOverview

    Traditional on-premise, enterprise-centric data centers are revealing their limitations via reduced agility, no self-service, restricted automaton and operational burdens. Their applications also rely on redundant and highly optimized architectures to maintain high availability and robust operation.

    Such infrastructures result in severe over-provisioning and excessive operation costs. The time to introduce new or updated applications are typically measured in months, with a commensurate delay in time to revenue.

    To overcome these roadblocks, application-centric organizations are realizing the solution lies in moving toward cloud-based environments and are accelerating their adoption of cloud-native application architectures. Yet, this brings its own set of challenges.

  • PCI DSS and the A10 SolutionOverview


    This white paper explores the challenges of PCI compliance for cloud services and how A10's features for application delivery can help. Focusing on the 2013 PCI DSS revisions, this paper provides CSPs and their clients an understanding of security responsibilities and network considerations for a PCI-compliant cloud, highlighting the critical role played by ADC capability. We spotlight A10's solution for PCI compliance, providing a feature-by-feature breakdown of our Thunder ADC and vThunder, each matched to individual PCI standards. Building a PCI-compliant cloud has never been simpler than with A10. We deliver security without compromising performance.


  • Replace Microsoft Forefront Threat Management Gateways with A10 Thunder ADCOverview


    With the end-of-sale of Microsoft's Forefront Threat Management Gateways (TMG), administrators managing networks, applications and security will need to turn to newer, more modern solutions. A10 Networks Thunder ADC product line provides not only the key attributes of TMG secure Web gateways but offers functionality that goes far beyond those capabilities. These include advanced L7 application firewall, sophisticated load balancing and content switching for application availability, and multiple application acceleration methods to speed content to remote clients. A10 also provides smart templates and detailed guides to expedite deployment of A10 ADCs with Microsoft applications...

  • Safeguard Your Data Center with A10 Thunder ADCOverview


    Malicious users of all types have set their sights on data center servers. Leveraging off-the-shelf attack toolkits and armies of bots, cyber criminals launch Distributed Denial of Service (DDoS) attacks to take down data center servers. They execute web attacks like SQL injection and cross-site scripting to steal valuable data. And they exploit DNS servers to carry out massive DNS reflection attacks against political foes, competitors and extortion victims. To conceal their activity, attackers encrypt communications with SSL, exposing blind spots in organizations' security defenses. This paper describes how Thunder ADC enables organizations to protect their servers and applications against today's most critical data center threats while maintaining high performance...


  • The DDoS FactorOverview


    The discovery of denial-of-service (DoS) cyber-attacks in 2000 marked a critical and historic point in cybersecurity. Every industry fights these basic concepts today, but they’ve evolved into distributed-denial-of-service (DDoS) attacks. This white paper explores how DDoS strategies help threat actors obfuscate attack sources and empowers them with a near limitless army of botnet machines. The result? Endless attacks from every region, every source and against every layer.

  • The End of IPv4? Migration Paths to IPv6 Overview


    On February 3, 2011, the Internet Assigned Numbers Authority (IANA) allocated the last five remaining “/8”s of IPv4 address space to the Regional Internet Registries (RIRs); the local registries are running low on IPv4 addresses, rapidly.

    The advent of new Internet-connected locations (from hotels to planes and more world-wide) and new Internet-connected devices (notable examples include smartphones, smart meters, gaming devices and other household appliances) has exacerbated the shortage. Each of these extra devices places greater pressure on the existing IPv4 infrastructure.

    In this white paper you will learn about various techniques for IPv6 Migration, IPv4 Preservation and IPv4/IPv6 Translation such as Carrier Grade NAT (CGN/CGNAT), Dual-Stack Lite (DS-Lite), NAT64, DNS64, 6rd and SLB-PT.

  • The Threat of Encrypted Traffic to Federal AgenciesOverview

    Encryption is necessary to protect data in transit from being compromised. Unfortunately, SSL is now being used to hide malicious activity from existing security infrastructures trusted by federal agencies and government organizations. This white paper outlines the challenges faced by IT security professionals in the federal government as they address this emerging threat.

  • The Threat of Encrypted Traffic to Financial InstitutionsOverview

    Encryption is necessary to protect data in transit from being compromised. Unfortunately, SSL is now being used to hide malicious activity from existing security infrastructures trusted by banks, financial services and other payment-based organizations. This white paper outlines the challenges faced by IT security professionals in the financial services space as they address this emerging threat.

  • The Threat of Encrypted Traffic to Healthcare OrganizationsOverview

    Encryption is necessary to protect data in transit from being compromised, but SSL is now being used to hide malicious activity from existing security infrastructures trusted by healthcare organizations. This white paper outlines the challenges faced by IT security professionals in the healthcare space as they address this emerging threat.

  • The Threat of Encrypted Traffic to RetailOverview

    Encryption is necessary to protect data in transit from being compromised. Unfortunately, SSL is now being used to hide malicious activity from existing security infrastructures trusted by retailers. This white paper outlines the challenges faced by IT security professionals in the retail industry as they address this emerging threat.

  • The Ultimate Guide to SSL Inspection: Uncover Threats in SSL TrafficOverview


    Encrypted traffic accounts for a growing percentage of network traffic. To stop cyber attacks, organizations must gain insight into encrypted data, and to do this, they need a dedicated security platform that can decrypt SSL traffic. This paper describes five features that organizations should consider when evaluating SSL inspection platforms, enabling IT security teams to rapidly develop evaluation criteria and avoid common deployment pitfalls.

  • Toolkits, Apps and Services Used Today To Launch DDoS AttacksOverview


    Professional-grade DDoS attacks can now be launched with point-and-click toolkits and even easier mobile apps and online services. The lower barrier to entry has increased the number and frequency of these attacks. This whitepaper surveys the tools used today to launch DDoS attacks and how to defend your network against them.


  • Top Ten Reasons to Select A10Overview


    Over 3,000 enterprises and service providers have chosen A10 for their Application Delivery, Security and Next Gen Networking needs. A10 has risen to become the number 1 market share leader in Japan and number 3 worldwide. Multiple solutions and benefits have driven A10's impressive growth; this white paper maps out why A10 is the preferred choice.

  • Validating DDoS Threat ProtectionOverview


    DDoS attacks are devastating because of their large-scale impact. The large botnets send tenacious service requests and a high number of large data packets, all with the goal to render a service unavailable. The scale of traffic volume or service requests requires a defense solution with a lot of horsepower to analyze the voluminous traffic and take appropriate action. That said, it is important to validate your solution’s performance in your own environment to ensure predictable operations in the real world.

Back to top

Learn more about our products



More resources to streamline the design and deployment of joint solutions

Partner Solutions Briefs