Application Delivery Blog

Nathan McMahon

A 15 year veteran of application delivery technologies, Nathan continues to evangelize the benefits of modern architectures based around end user experience and application success.

Recent Posts

10 F5 iRules Native to the Avi Vantage Platform

avatar Nathan McMahon
Posted on Feb 14, 2018 10:10:40 AM

A journey into lesser known (but still really, really cool) Avi features


The most commonly deployed F5 iRules offer basic functionality, such as HTTP redirects, content switching, or logging. With Avi, that’s table stakes—it’s all point and click functionality. Thankfully, that’s not what this blog post is about. Today, we’re going to explore some of the cool, advanced iRules functions that are all native with Avi Networks.

Read More

Topics: Security, Load Balancing, Software Load Balancer, Policies

Load Balancer Security | How a Smart Load Balancer Can Help

avatar Nathan McMahon
Posted on Sep 28, 2017 11:04:53 AM

Citrix NetScaler’s recently exposed security exploit, which allows attackers to bypass authentication and take full control of the load balancing infrastructure, is frightening. But it is hardly a standalone incident. Every product from every company may eventually succumb to a critical vulnerability. This raises some good questions around security. How does a vendor test the security of their product? If vulnerabilities are inevitable, what is the vendor response and customer strategy?

Read More

Topics: Security, Load Balancing

Data Center Efficiency | Maximize Your Cloud 'Fleet' Efficiency

avatar Nathan McMahon
Posted on Aug 19, 2016 11:14:23 AM

FleetEfficiency1.png
Your load balancer is less than 8% utilized.
 
I recently had the pleasure of listening to Kamal Muralidharan from Paypal give a talk at the Bay Area Mesos User Group covering the efficient use of containers.  The phrase 'fleet efficiency' caught my attention.  Buzzwords like devops, software-defined and others are often generic and translate into different interpretations.  But fleet efficiency is straightforward and speaks to a tangible benefit.  Quite simply, it means maximizing the utilizaton of your infrastructure, or fleet of servers, to reduce cost.  This can mean physical servers or virtual servers running in a public cloud.
Read More

Topics: cloud, load balancer, Data Center

DROWN Attack | The Need for SSL Security

avatar Nathan McMahon
Posted on Mar 2, 2016 12:22:54 PM

The news coming out of Hackmageddon, that January reported an unusually low number of Attack Techniques", was quite disturbing.  Did the security industry really manage to get the upper hand?  Wait for it...oh, here comes another devastating vulnerability!

Read More

Topics: SSL, Security, DROWN Attack

SSL and DDoS Security Insights | One-Click Insights with Avi Networks

avatar Nathan McMahon
Posted on Feb 24, 2016 5:30:29 PM

I recently read an interesting blog post on an ADC vendor’s site that demonstrates a Rube Goldberg approach to showing common SSL information. Now I won’t name names but I will admit that it inspired me to write a quick blog post to show the business-ready alternative to the science project approach!

Read More

Topics: SSL, Analytics, Security, DDoS Attacks

The Hardware Load Balancer Bubble | When Will It Burst?

avatar Nathan McMahon
Posted on Sep 17, 2015 8:42:00 AM

BubbleI recently came across a SaaS company that required support for Perfect Forward Secrecy (PFS) for better SSL security.  They bought 4 pairs of [redacted] ADC / load balancers from a proprietary hardware vendor to perform the SSL PFS termination.  At first glance, this seems like a safe, logical decision. Just like real estate was a safe and conservative investment strategy in 2006 before the bubble burst, or .com stocks in 2000 right before the stock market's implosion.

Read More

Topics: load balancer, disruptive innovation, SSL

Out of Sight, Out of Mind? With Security, That’s Out of Your Mind.

avatar Nathan McMahon
Posted on Aug 4, 2015 5:00:00 AM


INTRODUCTION: 

I’m pretty certain that whoever first uttered the phrase “anything easy isn't worth having” was no IT administrator. This certainty derives from the seemingly path-of-least-resistance attitude that many enterprises hold when it comes to enforcing stringent levels of encryption security for public infrastructure including their websites. We’ve previously blogged on the excuses many enterprises make for their lax encryption practices, but it’s worth examining what I believe is the primary culprit for this: lack of visibility and insights into their security profiles.

Read More

Topics: SDN, SSL, Analytics, Security, Virtual Service

SSL Security | 5 Excuses for Weak SSL Security | Avi Networks

avatar Nathan McMahon
Posted on Feb 23, 2015 8:00:00 AM

Snooping1 Snooping2

The cold truth:  You are rarely secure when you connect to an SSL encrypted web site. The browser shows a happy little lock icon, and you think nothing further on the subject.  But recent revelations and exploits, such as NSA, nation states and others scooping up vast quantities of Internet data, courts ordering websites to give up their SSL keys, Heartbleed leaking session data, have proven that we need to revisit the level of security used by web sites.

Read More

Topics: ADC, SSL, Security

Trust Your Load Balancer | Reliable Network Infrastructure

avatar Nathan McMahon
Posted on Jan 9, 2015 4:37:22 PM

Load balancers and application delivery controllers have one critical job.  No, it's not distributing clients across servers, though that is an important aspect of their job.  At its core, a load balancer's task is to reduce risk.  One of the most common vectors for the introduction of risk is the complexity of a system, such as a legacy load balancer.

jetengineTake an example of a jet engine.  It is comprised of numerous components, each adding its own complexity and potential for failure.  By taking advantage of new technologies, such as 3D printing, GE has been able to reduce their jet engine's 25 part fuel injection nozzle down to a single part.  This helps reduce cost, time to market, and complexity from the overall system, which also improves the reliability of the engine.  At its core, it reduces risk. In the context of application delivery and load balancing, what if a single button can guarantee optimal SSL security settings or maximize application acceleration?

Read More

Topics: load balancer, ADC, application delivery

   
New Call-to-action

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all