A10 Networks targets large-scale, network-wide DDoS attack prevention

Next-generation high-performance threat protection appliances deliver scale and performance to meet the growing size and sophistication of DDoS attacks.

  • Wednesday, 15th January 2014 Posted 10 years ago in by Phil Alsop

A10 Networks has announced the A10 Thunder TPSTM Series, designed to provide high-performance, network-wide protection against a variety of volumetric, protocol, resource and more sophisticated Distributed Denial of Service (DDoS) attacks and improve service availability for critical Internet infrastructures and public-facing websites.


Building on the existing DDoS feature set in the company’s popular application delivery controllers (ADCs), A10 today expands its offerings with the introduction of a standalone line of DDoS products for network-wide protection. The Thunder TPS product line is built upon A10’s Advanced Core Operating System (ACOS) platform, which delivers up to 155Gbps of throughput, thereby helping enterprise and service provider customers address the increasing scale of DDoS attacks. Broad multi-vector attack detection capabilities are designed to secure customers’ networks against a variety of attack types, while support for multiple deployment modes provides the flexibility needed to integrate with various customer network designs.
As businesses around the world grow increasingly reliant upon the uptime of Internet-connected services, there is corresponding growth in the nature, volume and sophistication of DDoS attacks by criminal syndicates and hackers looking to disrupt that service availability. Organizations face the threat of significant revenue loss and brand reputation damage from these DDoS attacks that have few good solutions today.


Legacy security solutions, such as firewalls and Intrusion Detection Systems (IDS) have insufficient capacity to mitigate today’s multi-vector DDoS attacks at scale. With DDoS mitigation capacity ranging from 38 Gbps to 155 Gbps (and up to 1.2 Tbps in a cluster) throughput, Thunder TPS is designed to provide protection against large attacks. Each Thunder TPS model is equipped with high-performance FPGA-based Flexible Traffic Acceleration (FTA) technology to detect and mitigate over 30 common attack vectors rapidly in hardware, without degrading the performance of the core system general purpose CPUs. More complex application layer (L7) attacks (HTTP, SSL, DNS etc.) are processed and detected by the latest Intel Xeon CPUs, so performance scaling is maintained by distributing multi-vector detection and mitigation functions across optimal system resources.
Thunder TPS is architected with an open design, which allows it to be readily deployed into a variety of existing network architectures and integrated with third-party attack detection systems. Thunder TPS supports flexible deployment models for in- and out-of-band operations, and routed or transparent operation modes. In addition, aXAPI, an open RESTful API, enables integration to custom or third-party detection solutions, allowing the Thunder TPS to take advantage of the growing ecosystem of multi-level threat protections solutions.