Network Functions Platforms
The Agility of Virtualization. The Performance of Dedicated Appliances.
Enterprises and service providers are moving toward a virtual approach to network and security functions to gain agility and operational efficiencies. However, virtualized servers often fall short when running I/O and compute-intensive networking, security and app delivery functions. In addition, VA provisioning can be complex. All of which adversely impacts adoption and the ability to maintain SLAs for business-critical customers and applications.
In addition to abstracting complexity and taking the guesswork out of VA provisioning, AVX Series Network Functions Platforms provide the best of both worlds – the agility of virtualization and the performance of dedicated appliances. Mix and match different size ADC, SSL VPN and 3rd-party networking, security and app delivery virtual appliances. Add, manage, change and delete VAs on a purpose-built platform that enables intuitive instantiation, service automation and guaranteed performance per virtual network function.
Guaranteed Performance in a Shared Environment
Deploying I/O- and compute-intensive networking, security and app delivery functions on general-purpose virtualized servers is inefficient. SSL encryption, for example, typically requires specialized hardware, and performance can sharply degrade when deployed in virtual environments. In contrast, Array Network Functions Platforms excel at SSL and other networking, security and app delivery tasks – delivering performance on par with dedicated hardware while shrinking the data center footprint by up to 16x versus standalone appliances.
Data Center Consolidation
In many situations, data center managers deploy dedicated appliances for critical networking and security functions because the performance hit of virtualized appliances is just too high. While this is an understandable choice, over time it can lead to dozens if not hundreds of physical appliances in the data center taking up rack space as well as increasing costs for power, cooling and cabling – not to mention the additional work hours needed to configure and manage them.
The AVX Series network functions platform can consolidate multiple networking and security virtual appliances into just a few rack units, saving on the high cost of dedicated appliances as well as space, power and cooling costs. The AVX Series also offers a centralized management console allowing convenient access to VA-level configuration and modification, as well as one-click access to devices’ WebUIs or CLI screens.
Traditionally, network managers have deployed best-of-breed, single-function security appliances to protect against attacks, intrusion and other threats. However, solutions such as WAF, NGFW, IDS/IPS and DDoS protection either lack the ability to decrypt and inspect SSL traffic – the majority of traffic today – or high volumes of SSL traffic can overwhelm their in-built SSL resources, robbing processing cycles and impacting performance.
The AVX Series offers high-performance SSL processing hardware to help ensure robust throughput for security VAs. In addition, SSL decryption, load balancing and security VAs can be orchestrated into service chains to maximize the efficiency and effectiveness of individual point security products. In the example below, a virtual ADC decrypts SSL traffic, which is then passed through a virtual NGFW, virtual IPS/IDS, virtual TAP before being re-encrypted by a second virtual ADC and forwarded to its destination. In this way, each discreet security device is able to do what it does best, with the advantage of full visibility into SSL traffic and the benefit of pre-processing by other security VAs to provide the higher quality security services.
Taking the Guesswork Out of NFV
Mastering the intricacies of hypervisor management, virtual and physical port mapping, CPU pinning, NUMA boundary settings, SR-IOV and drivers can be costly and complex. Server-centric technologies may also be unfamiliar to networking and security teams. The ArrayOS™ Resource Manager abstracts these obstacles to NVF deployment by automating VM resource allocation and network settings in a manner that guarantees the performance and functionality of hosted virtual appliances.
The platform also achieves a level of flexibility that far exceeds traditional hardware appliances. Hosted virtual appliances may be spun up on-demand via remote management and may be integrated with a cloud management system for automated provisioning. Functions can be assigned larger VMs for higher levels of performance, capacity is available on a pay-as-you-go basis and capacity can be repurposed as needed to support alternate networking and security virtual appliances.
Network Functions Platforms
The AVX5800 is a 1RU dual power network functions platform with 40Gbps of throughput that hosts up to eight independent vAPV, vxAG or 3rd party virtual appliance instances and supports mix-and-match, pay-as-you-grow licensing for five virtual appliance size options. Provides dedicated CPU, SSL, memory and I/O for each instance to assure guaranteed performance. Up to 16 shared-entry instances support best-effort performance for smaller workloads where density is a primary consideration.
The AVX7800 is a 2RU dual power network functions platform with 80Gbps of throughput that hosts up to 16 independent vAPV, vxAG or 3rd party virtual appliance instances and supports mix-and-match, pay-as-you-grow licensing for four virtual appliance size options. Provides dedicated CPU, SSL, memory and I/O for each instance to assure guaranteed performance.
The AVX9800 is a 2RU dual power network functions platform with 160Gbps of throughput that hosts up to 32 independent vAPV, vxAG or 3rd party virtual appliance instances and supports mix-and-match, pay-as-you-grow licensing for four virtual appliance size options. Provides dedicated CPU, SSL, memory and I/O for each instance to assure guaranteed performance.
Array & 3rd-Party Virtual Network Functions
Array's vAPV runs as a large, medium, small, entry or shared-entry virtual application delivery controller on Array’s AVX network functions platforms to flexibly enable on-demand, full-featured load balancing and application delivery with guaranteed performance.
Array’s vWAN runs as a large, medium, small, entry or shared-entry virtual WAN optimization controller on Array’s AVX network functions platforms to flexibly enable optimization and reduction of traffic to speed data transfers and reduce application response times.
3rd Party VAs
The AVX Series supports KVM, Ubuntu and CentOS-based 3rd-party solutions such as next-generation firewalls and Web vulnerability scanners. Advantages for administrators include guaranteed performance, reduced footprint and power, and added flexibility. View our Platform Ecosystem page to learn more.
CloudEdge provides advanced security services for applications and users in any virtualized environment. It provides comprehensive security features including granular application identification and control, intrusion prevention, anti-virus, attack defense and a cloud-sandbox to keep businesses fully secure and operational. Hillstone Networks' CloudEdge next-generation firewall is validated to run on Array's AVX Series Network Functions Platform.
FortiGate provides a broad array of next-generation security and networking functions and may be deployed with complementary products to enable a simplified, end-to-end security infrastructure. The Fortinet FortiGate next-generation firewall is validated to run on Array's AVX Series Network Functions Platform.
App Delivery Functions
The vAPV runs as an entry, small, medium or large virtual application delivery controller on Array’s AVX virtualized appliance to flexibly enable on-demand, full-featured load balancing and application delivery with guaranteed performance.
MSP & CSP Services
What Clients Say
Array Networks and SoftLayer have been partners for years. Rapid deployment and the extensible nature of SpeedCore APIs were the deciding factors for standardizing on Array application delivery solutions.