As IT organizations continue to employ new cloud and hybrid cloud architectures, enterprise security professionals are increasingly leveraging virtual firewalls or next-gen firewalls in order to meet the new challenges these modern architectures generate. Unfortunately, many times these virtual security appliances face serious performance problems when deployed on commercial off-the-shelf (COTS) servers.
Array’s AVX Series network functions platform gives enterprises an appliance that enables them to deploy multiple virtual security appliances and deliver excellent performance combined with the agility of virtual platforms. These network functions platforms allow enterprises and service providers to deploy quickly, reduce hardware costs and right-size virtual appliances based on customer requirements.
Depending on the model, the AVX Series runs up to 32 fully independent virtual appliances in a single hardware platform. Dedicated CPU, SSL, memory, and I/O resources serve each virtual appliance. As a result, the AVX Series offers the equivalent of up to 32 dedicated physical appliances in two rack units, in which security and networking services can be assured of guaranteed and demonstrable performance.
In order to showcase just how good the performance can be with the AVX Series, Array Networks commissioned The Tolly Group to benchmark performance and scaling characteristics of the AVX platform using next-gen firewall (NGFW) virtual appliances from a market-leading vendor as an example application. In comparing the results of the test to the NGFW vendor’s own data sheet, engineers noted that the actual performance of the VAs in the test exceeded the expected performance throughput levels by significant amounts.
Test results showed that even when the AVX platform was fully loaded, each virtual appliance instance consistently delivered at least 61% higher throughput than the NGFW vendor’s datasheet advertised throughput specifications. Per-VA transactions per second (TPS) scaled linearly. In addition, aggregate system throughput and transactions per second (TPS) were remarkably consistent.
For a multitenant platform, it is important that the hardware and software resources be used efficiently. A measure of that is for aggregate system throughput to remain consistent across various configurations of virtual appliances. Tests of small, medium and large instances of NGFWs delivered aggregate data throughput and transaction rate performance that was highly consistent.
We’re proud that Array is able to provide a cost-effective and high-performance solution that’s an alternative to adding expensive dedicated security appliances or accepting less-than-optimal performance from virtual appliances. For the full test results, download The Tolly Group’s report.