A10 Networks Thunder ADC Reviews

We use it for SLB and GSLB load balancing. We're using the Thunder ADC 1040 but before that we used their AX 2500.

The SLB and GSLB load balancing are the most valuable features. They meet our need to do server-side load balancing and global site load balancing so we can distribute traffic, not only intra-data center, but inter-data center.

We are using them in the cloud and they are flexible, supporting the cloud services that we use. We use Azure.

In my opinion, they need to improve their cloud support. There is support for cloud, but not all functions are there, such as high-availability.

We've been using A10 Networks Thunder ADC for eight or nine years. It's nothing new for us. It's been a while.

The stability is on par with what we expected. We have very little downtime that is related to the product itself.

Scalability for us is more horizontal, so it's easy for us to add nodes into the cluster. It's not really scaling vertically where we need more power. We're using the smaller devices; we don't use their chassis where you can add more power.

It is our only load balancing solution. We plan to transition into Azure, but we don't see a need, based on the way we use it, to grow it. It will just be transitioned.

Previously, we were using F5 Networks' load balancers and we moved away from them because they were not flexible and they did not provide a good value. Since we switched to A10 Networks, we have had all the features that we need in a more value-oriented package. In particular, they provide SLB and GSLB, whereas F5 wanted to charge us for every single thing. We like the all-in-one-bundling from A10 Networks. It turns out to be a good value.

The setup was straightforward. We worked with a support engineer from A10 Networks to plan the setup and they provided a migration tool. It was a straightforward migration when we switched from the AX to the Thunder series. Also, when we switched from F5 to A10 they provided resources to us.

We have it installed globally, so it took about three months to replace them all. The replacement strategy was to do it in pairs in each location, one at a time, to have the least impact with production.

I didn't have any complaints about the consultant from A10. It was a good experience.

We ran the numbers and our return on investment is projected to be five years out with A10, compared to if we had replaced our infrastructure, back then, with F5.

It's a regular CapEx purchase, and annual maintenance per device.

We evaluated F5 again, because it was time for a renewal. We evaluated Juniper — at the time they had a load balancing solution. We also evaluated Cisco.

The biggest lesson I have learned is that even though at that time A10 was an up-and-comer, it was worth the chance. As a smaller player at the time, it provided a product that was stable and provided a better value. Being willing to take a calculated risk was worth it in the long-run.

Don't only look at the dominant players like F5. Do your research on vendors that might not have dominant market share. That's not to say that you would just choose to go with any small player. It would have to be a smaller player that has stability and that has at least some size to support you on an enterprise level, which is what we found with A10 at the time.

We have about 10 administrators of the solution.

I would rate Thunder ADC at nine out of 10. There are some things that can be improved, but we've been happy with it.

A10 Networks Thunder ADC can be deployed on-premise or virtually.

A10 Networks Thunder ADC is used for global load balancing.

The most valuable features in A10 Networks Thunder ADC are the ease of configuration, user-friendliness, and simplicity to sell to customers.

A10 Networks Thunder ADC could improve on the Application Delivery Controller. it's not a fully-fledged web application firewall solution. For example, application data and support need to improve.

I have been using A10 Networks Thunder ADC for approximately two years.

The stability of A10 Networks Thunder ADC is good.

A10 Networks Thunder ADC is scalable.

We have approximately a team of six using A10 Networks Thunder ADC.

A10 Networks Thunder ADC has a very good support structure. In each region, they have a very well-experienced team to support when it comes to pre-sales. They have a very capable team.

The setup of A10 Networks Thunder ADC is very straightforward. If everything is in order, onboarding one application can be done in a few hours.

The price of A10 Networks Thunder ADC depends on capacity and the customer's requirement. They have several offerings. They have different price models and options to choose from. Additionally, you need to subscribe to support for the hardware appliances.

A10 Networks Thunder ADC is a very natural solution in the industry. When compared to the other vendors, it's easier to use, more user-friendly, and more mature.

I rate A10 Networks Thunder ADC a nine out of ten.

My primary use case is to use it as a software load balancer. 

Because of the industry that we operate in, we cannot use cloud. Therefore, we use it on-premise. We have 32 medium boxes, and that's what runs production.

A10 explained why the latency dropped significantly on a site that we have.

It gives me information on load balancing and offloading, which provides me information on performance.

I use SSL, TSL, and additional offloading. With additional offloading, this is where I can put my certificate on A10, as servers don't have the capability.

It has allowed us to smooth out our traffic.

The ease of use could have been created better. Some of the UI features are very primitive. Sometimes, wrong entries will go in and stay. I gave this feedback to the team who sold it to me. 

Also, some things like the traffic flow management take a lot of time to learn to use. While we have mastered using the feature, it doesn't tell us where we are going wrong or if something is breaking.

It will start failing if you have a containerized environment, which is why we have to start moving away from using the A10. If they could fix this, that would be good. 

It would be also be nice if someone could walk me through the solution’s Secure Service Mesh to optimize traffic within Kubernetes and containers, since I am not able to use A10 for rebalancing right now.

While I do use the security features on the load balancing, I find them to be primitive.

I can't complain about its stability.

My engineering managers, with help of the DevOps team, manage the deployment. They have become self-sufficient and, with zero impact, they patch the servers in broad daylight, meaning mid-week.

I haven't needed to vertically scale beyond this box. It does scale horizontally.

The journey started with four servers and two websites and now I run close to 32 servers and service 36 applications, consisting of Web, application, and microservices. CPU utilization has moved marginally, by about three percent.

Troubleshooting always results in us contacting the tech support team and have a solutions expert, who is part of the sales team, send us helpful information. The solution expert is phenomenal, which is not the same experience that I have with the technical support.

I haven't been impressed with the technical support, though. When we need help, there is less support staff than we would like in the time that we need them. E.g., it may take an hour and a half to get assistance during an emergency. 

I would like them to provide learning tips and a community forum. where users can share ideas. They need more detailed support articles on the A10 website.

Before A10, I was using Network Load Balancing from Windows, which came pre-bundled and was primitive. I wanted to move to a professional version where I would have more control. I evaluated a couple of products and A10 seemed to be the clear winner. I had very simple parameters: the latency of response from our servers. The benchmark was NLB. When we compared the numbers with A10 and, when configured properly, it reduced the latency by roughly 15 percent.

There is absolutely no comparison between A10 and Windows load balancing.

The initial setup wasn't complex. A10 helped us with the setup. 

It took seven days to go into production, which was due to number of sites that we were running.

Implementation strategy:

1. It should have the ability, as a load balancer, to manage circuits.
2. Not everyone should have access to it.

I created a replica of the production box. Then, I set up the service, which I put on the load balancer. For 15 minutes, I moved the traffic from my NLB through A10 and monitored the performance. Then, I moved it back and it gave me the confidence that it could run safely. Then, I did the same for all 36 sites that I run. Afterwards, I moved it over to my team.

A10's solution expert helped us configure the box.

A third-party called Value Point helped us with the deployment. I was not impressed with their skills. 

For the deployment, there were two or three people from my team, two or three people coming from Value Point, and two from A10.

It's a phenomenal investment that the company has made.  

It improves our performance and management saving us money. 

There were budgetary constraints that keep us from investing in the single pane of glass traffic management feature. We saw a demo of this feature about a year to a year and a half ago.

We have not looked into any other options.

Go for it. 

It's always better to go with a nimble, growing company. Partner your growth with their journey. It's always beneficial for a stable setup. 

The primary use case is server load balancing.

We use the on-premise deployment model.

It has provided improvement in regards to flexibility of our applications between data centers.

It does improve operational efficiency, but it's not overwhelming.

The Global Server Load Balancing (GSLB) is simple to use.

It's not easy to use (mediocre at best). It's difficult for administrators to maneuver through the web user interface. It should be more intuitive through the web GUI. If you're a command line person, you can get around. However, the web UI is very difficult, and for our operational folks, they need the web UI.

The solution’s security features are minimal. I'm not impressed by the DDoS solution.

Traffic flow issues are very difficult, as there's no means for us to analyze the traffic coming in or out of the appliance without technical support. 

They need to improve in-depth diagnostics. I don't know how to do a tcpdump on the appliance. We need to do packet captures on the appliance to analyze what's going through it. Information is not as easy to attain as it is with other vendors. Better diagnostic tools would probably help.

Stability has been fine. It's been stable.

We upgraded our solution last year.

For deployment and maintenance, we only need a couple of administrators (less than 10 people).

The scalability is appropriate.

It's moving along based on the business growth, so there are no plans to increase usage.

The technical support is not great, but they are not poor either. They're fair. We don't open a support case that often, but when we do, it's not immediate as far as their response. When they do respond, they come up with a collaboration to troubleshoot or find an answer. So, it's fair at best.

The solution's support for our on-premise applications do their job. The basic functionalities for on-prem services are okay. They're not anything great. They do what they're supposed to do.

We previously had F5 and switched because of costs. 

We are able to do the same things (as the previous solution), but it is cheaper when we have to renew.

The initial setup was straightforward. The deployment took three to four months.

We were pretty familiar with the product, so we did the deployment ourselves.

It has broken even on ROI. We haven't lost any, which is good, but we haven't gained anything.

It is $7000 per unit for the support annually.

It does do the job, if your environment is simplistic enough. The product is fair for its market.

We test and used the single pane of glass traffic management, but we don't use that now. We went away from that. Now, we administer our devices individually.

We use it to load-balance the website.

It's seamless.

The solution has made things easier in terms of operations efficiency It's one less thing to worry about. It just sits and it runs. 

We don't use many of the features. We're just using the basic ADC features. We're not really using anything particularly extensive on them. They sit and work most of the time. 

The ease of use is very good. It's very robust. It just sits and works. We forget that it's there a lot of the time.

The user interface is what people complain about most of the time, particularly if they don't use it very often. Then they complain that it's a bit clunky. It works from an ADC point of view, but the interface is a bit clunky.

It's rock solid. It just sits and works. That's the way you want it.

It's definitely scalable. We've not had any problems. I'm looking at the CPU graphs and it's not bothered at the moment.

The support is very good. They're very responsive if we ever have any problems. That was what drew us to them in the first place.

Prior to this one, we had another Thunder ADC. Before that, we didn't really have a requirement for an ADC. This was the first one we ever had. We've did have some free, software-based ones in the past. But when it became a bigger requirement, we ended up with ADC.

The initial setup was straightforward because we had an A10 engineer who came onsite and helped set it up for us. It wasn't plug-and-play. We did have to have some engagement. The deployment took a couple of days. We have continued adding more and more services onto it.

We put it in primarily for Exchange, to do some load-balancing at the time. These days, if we put it in, we'd have a lot more change-control to go through, but back in those days we just put it in, set it up, and away it went.

There aren't any licensing costs associated with it. It's just an appliance and you get all the licenses with it.

We looked at Kemp and there was another one, but it was about ten years ago. We went with A10 because of price and support.

Do research. I'd probably look at virtual appliances if I was going forward. One thing we could do with is a proper Dev and Test environment, which we don't have. I would have had some virtual appliances for Dev and Test. We did talk about that, but we haven't gotten around to doing it.

There are about ten of us who use it from a management point of view. But all the staff and students benefit from it.

It requires two or three people for maintenance.

We don't have any specific plans to increase usage. A lot of things might be going to the cloud, so there might be less use going forward.

I would give it an eight out of ten because it sits and works, it's robust. But the interface could do with a bit of work.

We are using ADC for load balancing. Most of our enterprise applications are behind ADC.

It's on-premise.

It has definitely improved the way our organization performs. Our company is mostly an education institution. We have a campus and an administration where we host all the enterprise applications. With enterprise applications going to six separate entities, it requires a lot of hardware underlying the applications. So load balancing has worked very well.

It definitely has enhanced our application security and our application accessibility. We don't have to go with the original application, the built-in, round-robin kind of thing. The security features, like SSL version 3.0 or TLS 1.2, mean it has pretty good options in the way the application can be configured to make it more secure, as well as the number of servers that are behind it and the way it chooses its servers.

The features we have used are basically for load balancing. The round-robin feature, the persistent cookies, the source IPs, source mapping, we use all of that in our situation. 

They also have a feature I use frequently. We have two appliances and I'm able to move my application from one appliance to another. I don't have to move my whole A10 to be active on the other side or to be passive on the other side. If an application is having a problem, I can just move it using a command. That is really interesting and very appropriate for our environment.

It's very easy to use. The commands are easy to use. I have used a couple of other load balancers and I find A10 to be the easiest one. The language and the commands are easier, as is the layout. Even the technology behind it all just links together, so it's pretty easy to use. You just follow the steps and you're good.

Within load balancing, we use some of the security features as well, such as the source mapping. We make sure that everything goes in and out from A10 itself. That makes the messages more secure too. We know what's going in and what's going out. It captures their source IP addresses if we want it to. The VRRP solution is also good. It has automatic failover.

It also has a Virtual Chassis System, although we don't use it. But we do have the option of creating virtual chassis, so that gives it a bit more security. If we find an application which is not going to play well in the main pool, we can easily create a virtual chassis and have that application in that virtual chassis. With the virtual chassis we can also create system partitions and have a test system for test applications and have the others elsewhere.

The solution does logging, but the logging capacity is really small. Because we have a bunch of traffic here, we usually get a logging-side warning that "This many logs were lost because of the heavy traffic." If the logging was better, that would be very good.

It has security features like DDoS and WAF, but they are not updated automatically. If any new vulnerability comes out, you are given an option to update that vulnerability in your system and the actual firewalls. Because, for ADC, this is just an added feature, it's not the main security solution right now. It's not the only security that any company would have. There is an opportunity to modify that and make it better.

I don't want to jinx it, but it's pretty stable. There are times where we don't even have to reboot it for a year. We would look at the time and say, "Oh, it's been like 270 days. We haven't rebooted. Let's schedule it to reboot." Otherwise, it's very smooth.

The scalability depends on the resources you have. We do have resources so we are on the higher end in terms of what we bought, and we do have the scalability built-in. We are not using the virtual chassis. But if we want to expand it and have partitions created, to create a separate virtual chassis, we do have that scalability. If we need to add another appliance to it, the process is pretty simple. So it's scalable.

There are talks, internally, that all our applications should be behind ADC. As soon as we get to that level, even if it is just one server-application, the application will be behind ADC. Right now, we have our major enterprise applications, our major ERP systems, our email systems, and our tier-one applications behind ADC.

They do have support and it is wonderful. We are on the highest support level. It's very good, even excellent.

We were using another product. The main things that attracted us - I saw it a conference where there was a demo - were the pricing at that time, the functionality, and the stability. Of course, we continued afterward doing a little bit more research. A10 was still trying to get its foot into the market over here and they were very helpful. I do not have any regrets switching over to A10.

Initially, we deployed it because of our learning management system, which I was handling. It is Linux-based and it required load balancers. We moved to A10 from another load balancer at least in part because of the better pricing. Also, it was doing Layer 4 and Layer 7 and that's what was required.

The initial setup is pretty simple if you have the guide. It's just like a basic switch on any appliance deployment. Deployment is not hard.

When we initially did it, this was a new product, of course, so we had support do the deployment. But when we changed the appliance, I did it myself, moving from one to another and doing the initial configuration. It's more a matter of the paperwork that you do on the network, and how it will change. But the deployment itself on A10, like configuring your settings, etc., takes no more than two or three hours. If you have your paperwork done, it's pretty easy.

When you move into this solution there is a learning curve if you come from another one. But once you get used to it and you know how things are flowing, it's pretty good.

When we bought A10 and we moved to it, we did have the A10 consultants help us.

Our experience with them was excellent. They were eager to do it. At that time, A10 was pretty new over here. From the support to the administration, everybody was eager to help out, to get it deployed and be successful.

We pay for it on a yearly basis. There is standard licensing for the number of controllers; that just came into existence last year. Other than that, there's just the support: Basic or Gold Support, etc.

In implementing A10, you need to keep in mind your end goal, what is it that you desire? If you're looking for more DDoS, or if you're looking for more firewall-type of capabilities, then you might have to do a little bit more consultation. But if you're looking for ADC and trying to see separation and load balancing, A10 does the job and provides security very well. It has both CLI and a web interface, so it's not too congested nor does it look too busy. Its appearance is very soothing and relaxing so that helps.

It does have the reporting capabilities and the capability to send logs to an external device. If you feel comfortable with Linux, you can really expand its usage. It depends on what your company goals are.

Overall, A10 ADC is pretty good. It's reasonably priced and easy to use.

The biggest lesson I have learned from using ADC is that I have to keep on learning it. The good thing is that even when they do firmware upgrades, there are minor tweaks but it's not ever-changing firmware where we have to upgrade. That's a good thing about A10. I have other applications that I am responsible for and they generally have frequent upgrades and you have to do them or you won't be supported. But I have not gotten into that situation with A10. That's a huge advantage for us, being in the education field, because there are semesters during all 12 months of the year. There are very few windows in which we can actually bring down appliances and upgrade them. Maintenance-wise, with A10, we have not had that problem.

We have the solution’s Harmony analytics and visibility controller but I would not say that it has enabled us to proactively detect, anticipate, or resolve issues before they become problems. It does give very good reporting, but we have not had any issues that it told me about first-hand - or maybe we are not configured in that way. But it's a very good reporting tool and a very good graphical analyzer.

As for deployment and maintenance of the solution, it's only me.

Regarding the solution's single pane of glass traffic management, I don't think we have used any feature for traffic management. At the back-end we have very good bandwidth and, the way it is positioned in the network, the agent doesn't have to do any traffic management. We are not at the saturation point. We are even below the midpoint on traffic.

The solution hasn't affected our operations efficiency because we offer the solution to our applications team, if they need to have their applications behind A10. We just changed data centers, moved into a new building. We are at a stage where we would like, and there are talks, to have all our applications behind ADC, just for security, to have that separation from the users, but we are not there yet.

It is a work in progress. Initially, when we deployed A10, it was the demand of an application that we have a load balancer in place so that it could load balance among the ten different servers the application needed. But now, it has improved our decision-making where, if added security is needed, the application team would say, "Okay, let's put it on A10 for the off-loading, etc." Other features that a server would normally do are conducted by A10, which means a little less load on the server side. That helps the application efficiency.

We are in the process of using the WAF, the web application firewall, from A10. It's not the main firewall product, obviously, but we have found it to be interesting. We are trying to implement it. We are in learning mode right now.

We use A10 Networks Thunder ADC for the application delivery controller. 

The solution is flexible. 

The tool's load-balancing feature should improve. 

I have been working with the solution for three years. 

I rate the tool's stability a nine out of ten. 

My experience with the support team is good. 

Neutral

A10 Networks Thunder ADC's installation is complex, and the documentation is very bad. 

A10 Networks Thunder ADC is complex, and you need to spend time installing it. I rate it a seven out of ten.  

We are in the government sector and we use this solution for load balancing and application management.

The solution is user-friendly and the CLA troubleshooting is easier compared to other solutions.

There are competitors that have more features.

In a future release, I would like to see VAS, application policy management, profiling, and the SSL encryption and decryption features should be on the system instead of having a separate SSLi system. Additionally, they should combine the products into one solution instead of having separate products, such as encryption and decryption, and load balancing.

I have been using the solution for approximately four years.

The technical support is good.

I previously used F5 BIG-IP.

The implementation is easy.

The price of the maintenance support is too expensive.

I have evaluated Avi Networks.

If someone has experience in Cisco Networks, the CLA hierarchy and configuration are 90% the same making this solution easier to use.

I rate A10 Networks Thunder ADC a seven out of ten.