The solution is used primarily for load balancing and content switching, but we also use it for VPN, SSL VPN, and ICA Proxy. One of the bigger use cases that comes up often is web application firewalling and security. There's a lot of growth in our clients' environments at the moment. There's also significant regulatory compliance required and we deploy ADC with multifactor authentication to have a layer of protection for our customer information. We are partners of Citrix and resellers of this solution.
The web application firewalling component is probably the most powerful feature as it can identify attacks on the network at an application level which is quite important. There is also good functionality where we use IP reputation and geofencing to mitigate threats from the outside world.
Citrix can improve their quality assurance by ironing out security vulnerabilities before releasing upgrades. They are quite proactive in identifying vulnerabilities, but it would be helpful if they could identify them prior to release. The support on the ADCs isn't that great and there's a lot of work required with upgrading plant environments because of security vulnerabilities that come to light. I'd also like to see some improvement on the monitoring side. Things are better than they were but the interface can be a little cumbersome sometimes. It's not always easy to get the information that you're looking for.
I've been using this solution for seven years.
Stability is pretty good. Our company has logged perhaps one or two calls for stability issues, but they have generally related to environment variables that are outside our control.
Scaling up or out is fairly straightforward. Based on the software license, we can unlock additional capacity, functionality and throughput purely by installing a higher-rated license. From an upgrade point of view, it's not a case of ripping and replacing hardware every so often, the solution is fairly robust in that sense.
Complexity of the initial setup depends on the use case. It can be fairly straightforward depending on what you're trying to achieve, but the more complex deployments are, of course, more complicated. Depending on the use case, deployment can take anywhere from a day to a couple of weeks. On the web application firewalling side, it can take some time, but standard ICA proxy, SSL, VPN, load balancing, and content switching, are fairly straightforward to get up and running quickly. We have 15 users in our company.
Licensing depends on your environment and the size and scale of the deployment. There are options to purchase a standard, advanced or premium license, each of which unlocks different feature sets and capabilities. We also have a throughput license that ties into that, whether it's 20, 100 or 200 megs. It really depends on the environment. If I look at competitors such as F5, the costs and functionalities we offer are the same but at a much-reduced cost.
Whether this is a suitable solution depends on what the client's trying to achieve, the type of applications they want to publish, and the security metrics they're looking at. We provide predominantly Citrix-based solutions so if there is a use case, we would definitely recommend Citrix, not only because of its functionality, but because that's our specialization. We implement the full stack of Citrix solutions.
Because of the functionality, scalability and stability of the solution as a whole, I rate ADC eight out of 10.
