Features:
Eliminates Trade-Offs of Virtualization
In typical virtual environments, resources are shared across many virtual machines, resulting in contention and performance degradation for hosted applications and virtual appliances. In addition, general-purpose servers were never designed to support I/O and compute-intensive network functions. As a result, IT managers are left to choose between network and security devices that deliver guaranteed performance, or VAs that deliver enhanced agility.
The unique hybrid architecture of Array AVX Series network functions platforms eliminate this trade-off, providing the agility of cloud and virtualization with the performance of dedicated appliances. Unlike most virtual computing environments, the AVX Series is uniquely capable of assigning dedicated CPU, SSL, memory and interface resources for each hosted VA. Hypervisor management is similarly assigned dedicated resources, and separated from hosted functions, to fully eliminate resource conflicts.
Combined with additional cloud and virtualization capabilities including pay-as-you-grow capacity licensing, variable-size VAs, support for Array Networks and 3rd-party VAs, and the capacity for orchestration and service chaining, the AVX Series is an ideal solution for service providers and enterprises seeking agility at scale for network and security functions.
Data Center Consolidation
For data center managers who choose to address the performance issues of virtualization by using dedicated/ physical appliances for critical networking and security functions, this strategy can quickly lead to ‘appliance sprawl’ with multiple appliances taking up valuable rack space and consuming inordinate amounts of power, cabling and cooling costs.
With the AVX Series network functions platform, multiple networking and security VAs can be consolidated into just a few RUs, saving on the cost of dedicated appliances as well as rack space, power, cabling and cooling, and offering a central management point for further OpEx reduction. The AVX platform achieves this consolidation while maintaining hardware-like, guaranteed performance.
Enhancing Security
Traditional, single-function security solutions, such as NGFW, IDS/IPS, DDoS protection, WAF and others, often lack the ability to decrypt and scan SSLencrypted traffic, or if they do have SSL resources, those resources can quickly become overwhelmed by large traffic volumes, impacting performance. Similarly, activating multiple security functions on a ‘combination’ appliance can also reduce the overall ability to protect against security threats.
The AVX Series network functions platform provides guaranteed resources – including SSL processing resources – to help ensure the performance of these critical security functions. In addition, functions can be service chained, or cascaded, to maximize the effectiveness of each individual VA. (In effect, the whole is greater than the sum of its parts.) For example, a virtual ADC can decrypt SSL-encrypted traffic, pass it to a virtual NGFW, then to a virtual IDS/IPS, then to a virtual WAF, then to another virtual ADC for re-encryption and forwarding to its final destination.
High Performance for Virtual Appliances
The AVX Series supports up to 32 fully independent VAs in a single appliance, each powered by reserved CPU, SSL, memory and interface resources. As a result, the AVX Series offers the equivalent of up to 32 dedicated physical appliances in just two rack units, where customers and services can be assured of guaranteed and demonstrable performance.
Each VA is separately configurable and centrally manageable, enabling the utmost in flexibility, security and control. Through dedicated hardware resources and a partitioned software-centric architecture, service providers and enterprises gain a purpose-built platform for on-demand provisioning and consolidation of secure, high-performance VAs.
Flexible Sizing & Consumption
Four size options are supported for hosted VAs – entry, small, medium and large – to meet the performance requirements of any size customer or service. The AVX3600 and AVX5800 also support up to 16 sharedentry instances with best-effort performance for smaller workloads where density is a primary consideration.
In addition to supporting different network functions, different size VAs can be mixed and matched within an AVX Series platform, and system resources can be finetuned for individual VAs if needed. For example, a single platform can be configured to simultaneously support one large, two medium, four small and eight entry-level VAs.
The AVX Series also features pay-as-you-grow licensing, allowing individual licenses or multi-license packs to be added at any time up to the maximum capacity of the AVX appliance.
Cost-Effective To Deploy & Maintain
By consolidating multiple dedicated single-function boxes into a single, easy-to-manage virtualized appliance, the AVX Series reduces space and power requirements by up to a factor of 16 versus traditional dedicated hardware network and security appliances. Expensive truck rolls for provisioning high-performance services are also eliminated. By bringing the AVX Series platform and hosted VAs under the purview of a software-centric cloud management system such as OpenStack, services may be enabled, expanded and reallocated on-demand. Time to ROI, based on CapEx and OpEx savings, is typically under 6 months for both enterprise and service provider organizations.
Management Integration & Orchestration
AVX Series platforms and hosted Array and 3rd party VAs are simple to install and offer intuitive configuration and management via a user-friendly WebUI with a service topology view, and a familiar command line interface. Via the AVX dashboard, network managers can view the status for a range of system and function parameters, enable services, automate configuration and gain granular control over virtual Ethernet and SSL resources. VA images can be quickly installed via the convenient online image repository or uploaded via USB drive or from the web.
To meet the deployment and management requirements of modern virtualized data centers and private cloud environments, Array’s eCloud RESTful API provides an extensible interface for cloud management, orchestration and automation systems to manage and monitor Array AVX Series platforms and hosted Array VAs.
For service providers and enterprises leveraging OpenStack for cloud management and automation, Array offers a plug-in for OpenStack Nova as a compute node, which allows managers to create, instantiate, manage, adjust and terminate VAs. In addition, Array’s integration with OpenStack for load balancing-as-aservice (LBaaS) creates a standardized means to rapidly integrate with and control Array application delivery technology.
Platform & Function-Level High Availability
AVX Series platforms support multi-level high availability, providing redundancy and failover for both AVX Series systems and VAs. AVX Series platforms can be configured to failover to backup AVX Series platforms, while VAs can be configured to failover within a platform or to failover to a backup platform. A synchronization function can clone AVX and VA-related configurations, as well as VA images and disks to the backup unit. AVX and VA configurations and images can also be backed up and restored via USB device if desired.
Array’s Full-Featured App Delivery & Security VAs
To support application delivery and security needs, users can purchase Array’s vAPV virtual application delivery controllers (ADCs) and vxAG virtual secure access gateways (SSL VPNs) to deploy on AVX Series platforms. These VAs provide feature parity with Array’s line of physical load balancing, remote access and web application firewall products. In addition, many features that require additional licenses on Array’s physical appliances – such as global server load balancing on the APV Series and DesktopDirect remote desktop access on the AG Series – are included at no additional charge when deployed as virtual appliances on AVX Series platforms.
3rd-Party Virtual Appliances
In addition to supporting Array Networks virtual appliances for application delivery and security, AVX Series platforms also host VAs from 3rd-party vendors. Examples include security functions such as web application firewalls and next-generation firewalls as well as network functions such as WAN optimization and other proprietary or open source virtual functions appliances that run on KVM, Ubuntu or CentOS.
3rd-party VAs benefit from the same performance guarantees and benefits as Array Networks VAs. VAs benefit from a higher level of performance as compared to general-purpose servers and also benefit from guaranteed performance. By deploying 3rd-party VAs on AVX Series platforms, enterprises and service providers can consolidate network infrastructure to achieve cost efficiencies, and at the same time move toward a software-centric architecture aligned with trends in cloud and virtualization.
AVX Series Platform Editions
The AVX Series is comprised of six platforms: the entry-level AVX3600 and AVX5800, the mid-range AVX7600 and AVX7800 and the high-end AVX10650 and AVX9800.
The AVX3600 and AVX5800can host one large, two medium, four small or eight entry VAs, with the ability to mix and match instance sizes up to system capacity. For example, an AVX3600 or AVX5800 can host one large, or one medium vAPV and one small vxAG , or six entry vAPVs, or other combinations. The AVX3600 supports 35Gbps and the AVX5800 supports 40 Gbps throughput per system. The AVX3600 and AVX5800 are also capable of hosting up to 16 shared-entry VAs for deployment scenarios where density is a key business driver and guaranteed performance is not a use case requirement.
The AVX7600 and AVX7800 can host two large, four medium, eight small or sixteen entry VAs, with the ability to mix and match instance sizes up to system capacity. For example, an AVX7600 or AVX7800 could host two medium vAPVs, two entry vxAGs and six entry vAPVs. The AVX7600 supports 65Gbps and the AVX7800 supports 80Gbps throughput per system.
The AVX10650 and AVX9800 can host four large, eight medium, sixteen small or thirty-two entry VAs, with the ability to mix and match instance sizes up to system capacity. For example, an AVX10650 or AVX9800 could host one large vAPV, two medium vAPVs, four small vAPVs, two entry vxAGs and six entry vAPVs – all on a single platform. The AVX10650 supports 115Gbps and the AVX9800 supports 160 Gbps throughput per system.
