Application Delivery Blog

Point-and-Click Simplicity or Enterprise-Grade Application Security? Why Not Both!

avatar Lei Yang
Posted on Nov 28, 2018 11:32:49 AM

Why encrypt with SSL/TLS in the first place? This is like asking why use car seats. It might be obvious now but just a few decades ago, it wasn’t uncommon for a group of unbuckled kids to be piled in the back of a car or truck (this would be a nightmare for parents today).   All right, back to HTTPS which is a secure version of HTTP, also known as HTTP over SSL, HTTP over TLS, or HTTP Secure. A TLS/SSL certificate is like online identification card and is required to secure and encrypt all HTTPS transactions. Now let’s look at three examples how Avi gives you enterprise-grade application security with point-and-click simplicity. 
Read More

Topics: SSL, HTTP, application security, Enterprise-grade application security

Optimizing App Server Performance | Scalability with Avi

avatar Swarna Podila
Posted on Feb 22, 2017 7:58:00 AM

Ranga Rajagopalan, CTO of Avi Networks, met with Executive Director, Richard Harris of the App Developer Magazine to discuss the importance of having healthy app server performance and elasticity for businesses online today.
Read More

Topics: Load Balancing, SSL, ADC, Scalability

Hardware Security Modules | Integrating with Avi Vantage Platform

Chintan Thakker
Posted on Oct 4, 2016 9:05:00 AM

Secure communication is central to today’s web applications. Communication is secured by encrypting the data that flows over the network. To ensure adequate performance, encryption and decryption operations are done using the same key. This is called symmetric key encryption.
Read More

Topics: Security, HSM, Hardware Security Module, SSL

Software Load Balancers and Cloud Environments | Avi Networks

Abhi Joglekar
Posted on Apr 5, 2016 6:30:00 AM

 The Hardware Load Balancer Brick Wall Last month at Networked Systems Design and Implementation (NSDI)  conference, Google lifted the covers off Maglev, their distributed network software load balancer (LB) [1]. Since 2008, Maglev has been handling traffic for core Google services like Search and Gmail. Not surprisingly, it's also the load balancer that powers Google Compute Engine and enables it to serve a million requests per sec without any cache pre-warming [2]. Impressive? Absolutely! If you have been following application delivery in the era of cloud, say over last 6 years, you would have noticed another significant announcement at Sigcomm ‘13 by the Microsoft Azure networking team. Azure runs critical services such as blob, table, and relational storage on Ananta [3], its home-grown cloud scale software load balancer on commodity x86, instead of running it on more traditional hardware load balancers. Both Google and Microsoft ran headlong into what can be best described as “the hardware LB brick wall”, albeit at different times and along different paths in their cloud evolution. For Google, it started circa 2008 when the traffic and flexibility needs for their exponentially growing services and applications went beyond the capability of hardware LBs. For Azure, it was circa 2011, when the exponential growth of their public cloud led to the realization that hardware LBs do not scale and forced them to build their own software variant. So, what is this “hardware LB brick wall” that these web-scale companies ran into?
Read More

Topics: ADC, SDN, Closed-Loop Application Delivery, Architecture, SSL, Analytics, Application Delivery Controller, Microservices, metrics, Software Load Balancer

DROWN Attack | The Need for SSL Security

avatar Nathan McMahon
Posted on Mar 2, 2016 12:22:54 PM

The news coming out of Hackmageddon, that January reported an unusually low number of Attack Techniques", was quite disturbing.  Did the security industry really manage to get the upper hand?  Wait for it...oh, here comes another devastating vulnerability!
Read More

Topics: SSL, Security, DROWN Attack

SSL and DDoS Security Insights | One-Click Insights with Avi Networks

avatar Nathan McMahon
Posted on Feb 24, 2016 5:30:29 PM

I recently read an interesting blog post on an ADC vendor’s site that demonstrates a Rube Goldberg approach to showing common SSL information. Now I won’t name names but I will admit that it inspired me to write a quick blog post to show the business-ready alternative to the science project approach!
Read More

Topics: SSL, Analytics, Security, DDoS Attacks

The Hardware Load Balancer Bubble | When Will It Burst?

avatar Nathan McMahon
Posted on Sep 17, 2015 8:42:00 AM

I recently came across a SaaS company that required support for Perfect Forward Secrecy (PFS) for better SSL security.  They bought 4 pairs of [redacted] ADC / load balancers from a proprietary hardware vendor to perform the SSL PFS termination.  At first glance, this seems like a safe, logical decision. Just like real estate was a safe and conservative investment strategy in 2006 before the bubble burst, or .com stocks in 2000 right before the stock market's implosion.
Read More

Topics: load balancer, disruptive innovation, SSL

Out of Sight, Out of Mind? With Security, That’s Out of Your Mind.

avatar Nathan McMahon
Posted on Aug 4, 2015 5:00:00 AM

INTRODUCTION:  I’m pretty certain that whoever first uttered the phrase “anything easy isn't worth having” was no IT administrator. This certainty derives from the seemingly path-of-least-resistance attitude that many enterprises hold when it comes to enforcing stringent levels of encryption security for public infrastructure including their websites. We’ve previously blogged on the excuses many enterprises make for their lax encryption practices, but it’s worth examining what I believe is the primary culprit for this: lack of visibility and insights into their security profiles.
Read More

Topics: SDN, SSL, Analytics, Security, Virtual Service

SSL Security | 5 Excuses for Weak SSL Security | Avi Networks

avatar Nathan McMahon
Posted on Feb 23, 2015 8:00:00 AM

  The cold truth:  You are rarely secure when you connect to an SSL encrypted web site. The browser shows a happy little lock icon, and you think nothing further on the subject.  But recent revelations and exploits, such as NSA, nation states and others scooping up vast quantities of Internet data, courts ordering websites to give up their SSL keys, Heartbleed leaking session data, have proven that we need to revisit the level of security used by web sites.
Read More

Topics: ADC, SSL, Security

Perfect Forward Secrecy | Drive Efficient PFS with Avi Networks

avatar Derek Kang
Posted on Dec 10, 2014 12:05:00 AM

As some of you may be aware, a major security breach was reported at a well-known multinational company - we'll refer to them as Company X - on November 24, 2014. In the breach, their servers’ private keys and SSH keys were stolen. Among others, using the stolen keys, the attacker(s) can attempt to decrypt confidential data they may have collected in the past. This thought and my professional instinct led me to take a close look at some of their secure websites.
Read More

Topics: ADC, application delivery, SSL

   
New Call-to-action

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all