2 mins read

New Mid-Range Array Appliances Help Customers Cost-Effectively Mitigate the Performance Impact of 2048-Bit SSL Encryption

APV3600 and 3650 application delivery controllers address market requirements for 2048-bit encryption with the highest levels of scalability and the lowest cost per SSL TPS

 

Array Networks, a global leader in application delivery networking, today announces the immediate availability of its  new mid-range APV3600 and APV3650 application delivery controllers (ADC). Engineered to mitigate the burden placed on businesses by 2048-bit SSL encryption, the new APV Series appliances support up to 25,000 2048-bit SSL transactions per second (TPS) and deliver the lowest cost per SSL TPS on the market. Standard features include a space-saving 1RU design, 10GigE interfaces, fiber and copper connectivity options and a full suite of advanced ADC features including server load balancing, link load balancing, global server load balancing, L7/L4 traffic management, custom scripting, connection multiplexing, SSL acceleration, caching, compression, traffic shaping, IPv6 support, Web application security and N+1 clustering.

 

Impact of 2048-bit SSL

First introduced in 2011 as a more secure alternative to 1024-bit SSL, 2048-bit SSL encryption is today the standard for all certificate-issuing authorities. While more secure than the previous standard, 2048-bit SSL is five times more compute-intensive. As a result, it is not uncommon for servers, load balancers and application delivery controllers to support only one fifth the SSL TPS they used to. The knock-on effect is that environments in which servers were sufficient may require load balancers and situations where mid-range ADCs was sufficient may require high-end ADCs – all of which comes with a hefty price tag. Array products – including APV, vAPV, AG, vxAG and EOS products (TMX, SPX) – use the company’s proprietary SSL stack to process all SSL, TLS and DTLS service traffic. Therefore, service traffic on Array products is not affected by this OpenSSL Heartbleed vulnerability.

 

Array APV3600 & APV3650

In the mid-range, where ADCs commonly supported 25,000 1024-bit SSL TPS, the appliances now support only 5000 SSL TPS for the newer 2048-bit standard. Even if customers purchase the most advanced mid-range ADC from Array’s closest competitor, the most they will achieve is 15,000 2048-bit SSL TPS – at which point they would need to either purchase multiple units or purchase higher-end units. In contrast, Array APV3600 and APV3650 appliances support up to 25,000 2048-bit SSL TPS and maintain a mid-range price point while migrating to the new, more secure standard.

 

High-Performance, Feature-Rich SSL

Total value of ownership for SSL offload solutions is not limited to TPS and cost; there are other attributes essential to delivering the performance and functionality essential in service provider and enterprise environments. For example, Array’s APV3600 and APV3650 appliances perform functions such as certificate revocation lists (CRL) on top of TCP/IP in the kernel to ensure high-performance for all SSL related tasks. In addition, the new appliances support advanced SSL features including server name indication (SNI), SSL inside and SSL bridging, multi-level authentication and in-flight certificate challenges. From outright performance and scalability, to cost and return on investment, to advanced features, no vendor or competing product can match Array APV3600 and APV3650 appliances for offloading 2048-bit SSL encryption.

 

Avoiding Heartbleed

Recently, the Heartbleed vulnerability received considerable press due to the widespread use of SSL to secure virtually everything on the Web, including ecommerce, social media, business applications and online banking. Array was the only ADC vendor that was completely immune to Heartbleed because the company implements its entire proprietary SSL stack on top of TCP/IP in the kernel to offer advanced application delivery features at speed and offer immunity from OpenSSL-related vulnerabilities such as Heartbleed. While no one knows what the next OpenSSL vulnerability may be, customers that choose Array products, such as the new APV3600 and APV3650 can be assured that their likelihood of exposure to SSL-related security issues will be significantly reduced.

 

One of Array’s primary competitive advantages and market differentiators is superiority in all facets of SSL secure transaction processing,” said Michael ZhaoPresident and CEO of Array Networks. “With the new APV3600 and APV3650 products, Array has set an even higher standard of scalability, features, security and price-performance for service provider and enterprise customers that are either migrating to or scaling 2048-bit SSL encryption.”

 

About the APV3600 and APV3650

Array APV3600 and APV3650 application delivery controller appliances are available immediately. The APV3600 is a 20Gbps appliance and the APV3650 is a 30Gbps appliance; both models support 25,000 2048-bit SSL TPS and both models ship standard with all Array application delivery networking features.

 

Leave a Reply