A10 Thunder TPS Reviews

We work like an MSSP. We provide massive capacity and other network capacity to customers. We have customers connect anywhere on back burn. It can be in Europe. It can be in the US or in Asia. We plug the attack anywhere on the back burn, trying plug the attack closest to the source of the attack. So, we don't work like all the other guys who do scrubbing centers. We try to build a scrubbing network. That is why we need to buy more TPS in order to be distributive.

When we start to work with the customer, we don't know what they have. The goal for them is to be able to block any type of massive volume metric attack. The reason is why we have about a two terabytes capacity and are building to afford three to four terabytes of capacity. Therefore, anytime the customer needs to block something, we can configure for them any type of custom role.

We are using them for a mitigation offer that we have globally. We have a bunch of A10s and will deploy more in a few weeks.

We use both the hardware and software.

We started with them and built our network based on this solution. We started with them directly from scratch.

The automation makes our team more efficient and productive. We are distributed and don't use the A10 Portal. It's easy for us to deploy. E.g., they have an aGalaxy product. Instead of connecting to all the boxes, so we will have the A10 box. We don't want to send a code to all the A10 boxes. We will just send the information to one box: the A10 aGalaxy. This one box will proxy it and send the information all the other boxes. This is exactly what we are doing today. It has improved the way that we are working.

We use all the features, but our customers have started asking for key features around SIP. We are also using some proxy features.

The solution’s response time to an attack is fast. When it is configured in line, it is automatically done. When we have to stop the attack, it takes 10 to 15 seconds.

We selected the solution because of its programmable automated defense using RESTful API. We didn't want to connect to the box. We wanted to be able to do some automation. We wanted to have our own portal because we wanted to connect our customers to our own UI using the A10 API. It has been good and exactly what we need. 

The TPS has reduced the amount of manual intervention required during an attack. When we have an attack, and we need to block some stuff everywhere, we just click on a button and push the rules. Then, it's deployed in Asia, Europe, and US. We don't have to do anything more. 

The aGalaxy is a control plane for the product. It controls the entire TPS so you don't have to connect to the box. You just have to connect to this control plane.

The solution’s machine-learning-powered Zero-day Automated Protection (ZAP) works for enterprise customers, but for MSSPs, we have too much traffic and analytics. Therefore, it is unusable and A10 is working on a new feature that we requested. It should be ready in two weeks.

We have to be able to do some automatic rules proposals based on what is detected. We use this product internally and this feature hasn't been ready for the last eighteen months. So, this was done on the side. We would prefer them to develop this feature and pay for it rather than having us do it.

We need more 100 gig ports. Right now, there are a lot of 10 gig ports and we don't need them all. We really need are more ports between 10 gig and 100 gig, which isn't possible.

The upgrade process for the boxes is not efficient. We have to go through the A10 aGalaxy where we have issues, like timeouts. They told me it was fixed in the latest version, but I tried to do it on the Portal and it is not working all the time.

A10 needs to be more distributed across all their customers. This would allow them to have the ability to act quickly during an attack across their entire customer base. At the moment, there isn't a way to provide information (anonymously). This is something A10 will hopefully release Q1 next year.

The documentation with the A10 really needs some improvement. They need to work on this, as it's hard to find all the information that you want.

The Customer Portal is sometimes really buggy.

We don't have issues with the stability. However, we did have an issue when we had the new box. We needed to have some optic support, which was not working. This was fixed in two weeks when they created a specific code for us. Compared to the industry, this is very fast.

The TPS gives us increased availability because we are using it to protect our customers.

It is not complicated to maintain. It takes one person to maintain it.

We have deployed it globally in Europe and the US. We will be deploying in Singapore and Japan in a few weeks. We are increasing our deployment for customers.

Today, we are serving 30 customers.

While we have the biggest unit, we haven't had the chance to use the box's full capacity. As we are distributed, every time we have an attack, we are not able to reach the capacity of the box. One TPS can block 200 gigs, as well 100 and 150 gigs. So, we never been in the position that we are using the full capacity of the box, at least not today. We are not getting enough 100 gig from this box, which we have already spoken to the design team about.

With the smaller boxes, they are okay, but we are not able to evaluate the box's fullest capacity because we bought two of them.

The goal is not to use it at maximum capacity because we want to have good quality for our customers. We want to add more boxes in order to have a lot of distribution for DDoS attacks across all the TPS boxes. Today, we have four boxes in position. We are going to order four more boxes (minimum) in order to distribute the traffic as much as we can. The goal is to be able to not use more than 60 percent capacity of the box.

We are doing stuff today to have the traffic not go through the box every time. It triggers going through the box for IOPS maybe two or three percent of the time.

Tech support is good. We have access directly to engineering where we can speak to someone to debug. All our tickets go to engineering.

We had some internal stuff previously. For solutions that we purchased, this was the first.

We have had the solution since the beginning. We have used it as our own mitigation and detection.

The box was deployed really easily. When we had to do the distributed mitigation, it took some time because we had to work with the aGalaxy and aGalaxy was pretty new for A10. We had to work directly with the engineering. Initial setup was done within a week because it was easy.

If you're just starting to work in a sample environment, what we did the first time, the process can be done really quickly. But, when you want to do something, like engineering or custom configurations, this can take sometimes months.

We did the setup ourselves since we have access to engineering. It only took one person to implement. It was pretty easy.

All the B2B configuration have to be done manually. As a network operator, this is easy for us. However, if you take an enterprise person who needs to do this, they may have some issues. They may spend a lot of time trying to understand how to configure it, as there is a lack of templates available. This is something which needs to be improved for the enterprise market.

We had a customer who was down for six hours and the loss of revenue for him was three times the price he was paying for us per year. The customer just said, "I don't care about paying you because on only one attack I saved money. It's three times better than losing money."

When customers start to get attacked, they need to be protected and we protect them. It's like insurance. When you buy your car, you don't use it. You say, "I pay for nothing." But the day someone crashes your car, and you are paying for insurance, you are happy that you are insured. This solution is exactly the same for customers.

We are waiting for our subscription model on our next four boxes.

We also looked at Radware and Fortinet.

Radware had good reporting. A10 does not have good reporting.

A10 had a good B2B code and the TPS box has good capacity. The key thing for us was the direct access to engineering. However, A10 is more complex then the other solutions. You have to spend time with it to become efficient at using it. You cannot just buy it and get started on it.

We use Juniper a lot. Their support would take months to fix the same issue that A10's engineering tech support team can fix in a couple of weeks.

The solution is not for newbies. You need to know some security stuff. The box is very flexible and capable with a lot of possibilities. 

We are using A10, not just as a mitigation box. We provide the TPS box and all its mitigation backbone to our customer as a tool. At some point, we are obliged to do some training and do some testing in our lab for them.

DDoS attacks are evolving every day. Attackers are getting smarter. You have to continue to learn and experiment.

We are the main distributor for A10 Networks. It is used as an appliance. It is mainly used to identify problems in the network. It helps us to stop any type of DDoS attack.

We are using its latest version.

They give us the ability to configure many features for DDoS. There are many items that we can use.

It is very difficult to implement. It should be made a bit easier to implement. There is also a lack of resources on the internet. They need to develop more resources.

We have been a distributor for more than five years.

It is mostly stable.

Their support is good, but it is not excellent.

It is very difficult to do the setup. It needs to be a little bit easier. There are not many resources on the internet for help, and there are also not many people who have knowledge of this product.

Its implementation takes two to three weeks. Two engineers are usually enough.

Before implementing this solution, you should know and get complete information about the features that are possible and that are not possible.

I would rate it a six out of 10. It should be easier to set up. Currently, it is very difficult.

One of the largest persistent threats to service uptime is Distributed Denial of Service Attacks (DDoS). The networking industry and business analysts are seeing a trend in increasing DDoS attacks. These attacks are occurring more frequently and with greater intensity and increased sophistication. Legacy DDoS protection solutions suffer from the following fatal limitations that have made them ineffective at protecting against these attacks:

• Lack of flexibility

• Inability to scale

MULTI-VECTOR ATTACK PROTECTION

Detect and mitigate DDoS attacks of many types, including volumetric, protocol, or resource attacks; application-level attacks; or IoT-based attacks. Hardware acceleration offloads the CPUs and makes Thunder TPS particularly adept to deal with simultaneous multi-vector attacks

The A10 aGalaxy management system provides centralized management of Thunder TPS systems and policies, orchestrates detection and mitigation of DDoS attacks, and delivers a single-pane-of-glass view of the generated reports across all managed Thunder TPS appliances.

No need to license each feature to activate it, it got a perpetual licensing and everything is there, you just have to configure and enable the feature when you need it.

Select Thunder TPS hardware models to benefit from our Security and Policy Engine (SPE) hardware acceleration, leveraging FPGA-based FTA technology and other hardware-optimized packet-processing for highly scalable flow distribution and hardware DDoS protection capabilities.

Availability is very critical for us. We use it to mitigate DDoS attacks for rural North Dakota. We really don't use it to identify attacks, we use third-party software, a Kentik solution, to identify anomalies within the IP stack. Then, we turn around and send mitigation profiles to the A10 based on an API call, and the A10 initializes a BGP session to our core routers to offload that traffic and mitigate it.

We provide hosted solutions so our deployment of A10 is private cloud.

Our setup is something of a hybrid solution. We're using the third-party software, the Kentik solution, but we also have some clients that are directly connected to TPS. There is a 30-second delay in time to mitigation for clients that are not direct. By the time that third-party solution identifies something and sends it, via API, to the TPS, there's about a 30-second delay. When we have customers that are directly connected, they have just about instantaneous mitigations with TPS.

We use that inline setup as a premium service. If customers can tolerate a small spike in traffic flow until the mitigation happens then we'll just leave them on the Kentik solution. If they want it instantaneously then we'll put them inline and connect them directly to the TPS for that. Customers who opt for the premium service include financials, utilities - anything which needs that instant mitigation and understands the threat of DDoS. Some entities can tolerate it if they're down for a minute or two minutes and it's not crucial that they pay the extra dollars.

Overall, DDoS attacks affect small-town North Dakota in a fairly large fashion, meaning that they could affect infrastructure from schools to county courthouses to libraries, etc. Those places aren't directly associated with the target of the attack but the appliance itself and the solution in general allow for the protection of those services in those communities. It has been very successful.

The solution has reduced the amount of manual intervention required during an attack. We have the inline solution and when it comes to the customers that we have on it, it has saved us some troubleshooting time. If we can see that there is an active zone, we know that their traffic is being mitigated. If a customer calls and says, "Hey, I have internet problems", one of the first things we check is if there's a DDoS attack happening.

Anytime you filter, you set up thresholds, you can identify your traffic patterns a lot better.
It has helped in that aspect as well. We did miss attacks previously.

We're just using a portion of it, the mitigation aspect.

If there's one aspect of A10 that needs improvement it would be the training. All of their training is done online, at least in what we've been exposed to. I would like to have a classroom environment for training. I would like to say, "Okay, if we have three or four people who need to get trained up, we want to send them to a classroom." That way they're detached from their home office and have the lab facilities. They can have a classroom environment or experience instead of a virtual classroom. It would give them a chance to provision it. There's a better experience in a classroom than in a virtual classroom.

It's not a terrible issue, but the training was the biggest thing that we faced. We're two years into this and we haven't done all the training probably needed to fully support it, because our deployment is very limited. But when we did want to pursue training, I believe that the training was all virtual.

It's been rock solid. We haven't had any issues with power supplies or software anomalies. It's been a pretty good platform.

For our deployment, we're probably not even using ten percent of its capacity as far as throughput port space. For us, the scalability is very high. For us, it's like investing future-forward.

The usage potential increases daily, exponentially, based on the internet curve. But we're just using a small percentage of the features and a small percentage of its capacity.

We have about 200 customers that have access to the solution with 100,000 users on their side. We carry something like 80 Gig of internet traffic into the state. Because we're using that third-party for the majority, TPS doesn't see all that 80 Gig of traffic. It only sees the traffic that has been identified by the third-party software. The TPS isn't necessarily handling packet, packet, packet, packet; it's handling only packets that are being sent to it by the third-party. In that scope of scalability, it's almost exponential because we're only identifying the traffic flows and patterns that need to be mitigated.

We have opened a few tickets with TAC and they've been good, along with their sales engineering team. We may have a customer that will have an atypical type of deployment. In that case, we'll bring in the sales engineering team or TAC and they'll get us in contact with an expert in that field. Their tech support has been very good.

We did not have a previous solution.

The initial setup was pretty straightforward. You set up your routing tables, your interfaces. There was no magic there.

We have two and we had them both up and running within three or four days, meshed with our network. The process was to get it connected to our core internet routers and have it start talking to a third-party software and, after that, start the mitigation processes.

We mostly did it ourselves. From the A10 side, we had our sales engineer and we had a few calls with their support staff. Based on that, we developed a roadmap and then we self-installed and deployed it.

Our situation is unique because we're owned by the 14 independent broadband providers in North Dakota. So we may not directly see an ROI because the bandwidth of the DDoS traffic basically gets to us. However, we save that extra bandwidth to our owner companies from downstream services. We're saving our members money with the solution.

We did a proof of concept and had a bake-off between Arbor and A10 and Kentik. Because of the reports that we wanted and how we wanted to handle things, the third-party and the A10 solution were technically the best, and scalable.

The flexibility of solutions was important to us. We have the ability to either go inline, to connect directly to the TPS, or to bring it through the third-party. That in itself was a major selling point because we're not stuck with one solution. If we decide that we want to change third-party vendors, we're not married to it. We can shop around and if there's something better that comes out, we can still interface the TPS system with that new software. It meant we weren't just saddled to one vendor for a DDoS solution.

Do your research to understand your solution options. Then, have a PoC bake-off and task the system. Identify ad-hoc anomalies in your test-bed and look at the time to mitigation. Look at different types of situations to see, if an anomaly comes along, how long it would take you to deploy an ad-hoc solution or redirect the traffic. Research and proof of concept is our biggest thing. We never do anything without doing them thoroughly.

The biggest thing I have learned is how many attacks there are and how many different ways the attacks happen, throughout an attack. You can have a DNS attack, you can have an ICMP attack. You can have all these different flavors of attacks. That was probably the biggest eye-opener for me. When you hear the word "DDoS," everything gets put into a container. It's not until you look into the container that you see all the different types of attacks that are summed up by that word.

The solution has been rock solid for us. We haven't had any issues. We've had numerous attacks and it's worked perfectly.

I don't know that it has an increased network availability notably but it has added to it. Instead of having four-nines of availability, we've got five-nines. It's a solution and a package, so it's not our only tool in our toolbox.

We only use the TPS side of it and we're not 100 percent trained up on it, even though we've had two years of deployment on it. We don't know the whole, full-meal deal on what it can do. There's a possibility we'll go to the load balancing and some of those features. Even though we have hosted solutions, we don't have enough because we're a small company. There are other features but we'll explore those as we need.

We have just two people who have access for configuration of the solution and its operations, in our engineering operations.

I would have to rate A10 TPs as a nine out of ten. We've been very happy with the product. Of course, we don't want to give tens because then get people get cocky about it. 

Our primary use case is for our support ticketing and invoice generation. We're resellers and we provide it to our customers. 

Our other use cases are for keeping a record of all the invoices and we use it for our sales to track the accrued sales. 

We can keep track of all the customer's requirements. We can forecast our trails and we can forecast our overall financial things.

We are really trying to improve our sales module. When we need to see our exact payments and invoices we can track which payments and invoices are due so that we can make sure that all the invoices are done on time.

I would like for them to develop an advanced reporting feature. 

It is very stable. We're using a very basic model and it's the basic version. There are very few features so for those features, it is very stable. If we decide that we're going to implement more features into it, then there could be some concern about the stability of the product.

Scalability is fine. 

We have sixteen users. On the support side when we generate tickets, we are quoted fifty plus customers that are on this solution.

The initial setup was straightforward. Deployment only took a few hours. The  user training takes at least a day and then the whole site will go up in around a weeks time. It's all web-based so the back ends sometime require us to make changes but overall it's pretty simple and straightforward.

We only require one staff member for maintenance. 

I would rate it a seven out of ten. 

We use A10 Thunder TPS as an anti-DDoS tool.

The solution is easy to use and implement in terms of operations.

The solution needs improvement in terms of fail-open. We need separate fail-open kits connected to A10 Thunder TPS and the network so that network traffic will pass through normally when the tool goes down.

I have been using A10 Thunder TPS for more than two years.

A10 Thunder TPS is a very stable solution.

The solution is more suitable for medium-sized companies.

The solution provides good technical support.

The initial setup of the solution is moderate, and it is neither easy nor very hard.

Arbor is more famous than A10 Thunder TPS, and more people use it.

It was easy to integrate the solution with our current IT workflow. I would recommend the solution to other users.

Overall, I rate the solution a seven out of ten.

We use A10 Thunder TPS for load balancing, especially server load balancing.

The solution's firewall features are the most valuable feature of the solution. I think we can use all the features or capabilities that come with the product's license. Maybe today, we are just implementing an SOP or LOB.

We have had some issues with implementation. So, it is the only area that needs improvement. However, I have no issues with the product, so it is probably fine.

I have experience with A10 Thunder TPS.

The solution's support is one of the coolest things about the product. I rate the solution's technical support an eight and a half out of ten.

Positive

We are currently having some issues with the implementation. I think it is because the partner is not ready for implementation, and it's not that they don't have the experience. So, even though we have some issues right now with implementation, the product is very good.

The solution's price is one of the coolest things about the product. We may need to pay fifty percent more if we purchase other solutions. For the payments made to A10 Thunder TPS, we have received three-year support.

I rate the overall product a nine out of ten.