Virtual load balancing appliance
For enterprises hosting providers data centers etc. that have implemented virtualized and/or shared cloud computing architectures HAProxy offers its load balancing software as a virtual appliance.
Load balancing in virtualized environments
The ALOHA Virtual Appliance is designed to integrate simply and quickly into virtualized environments or Cloud Computing oriented architectures.
In this version the load balancer functions are available as a VMware™ Microsoft Hyper-V™ Citrix XenServer™ Red Hat™ Enterprise Virtualization KVM (Kernel-based Virtual Machine) or Xen virtual image.
Tel : (+33) 01 78 41 01 98
Same functionality as the hardware appliance version
The ALOHA Load Balancer Virtual Appliance embeds all of the application load balancing (level 7) and networking (level 4) features available on 1U hardware enclosures.
Processing performance depends on the server power that is allocated to load balancing.
Automated provisioning of load balancers
For hosting and outsourcing providers who offer their customers cloud computing architectures HAProxy has developed an API to automate load balancer provisioning from their administration or operations portals.
Qui utilise HAProxy
Main features of Aloha load balancer
Load balancing
Network load balancing (level 4)
Application load balancing (level 7)
Support for all IPv4 and IPv6 protocols
SSL support
Native support for WebServices and WebSockets (via configuration management API)
Intelligent routing of requests based on content (content switching)
Persistence and session maintenance management by cookie
Replication of session status between a master ALOHA and its slave(s)
Wide choice of allocation algorithms (round-robin leastconn hash) with weighting
Smooth server startup and shutdown
Optimized hash algorithms for proxy farms
Support des modes Reverse-proxy NAT Direct Server Return VIP-less
High availability of applications
Native support for WebServices and WebSockets (via configuration management API)
Intelligent routing of requests based on content (content switching)
Persistence and session maintenance management by cookie
Replication of session status between a master ALOHA and its slave(s)
Permanent monitoring of server and application health (health checks)
Protection of servers against overloads by smoothing traffic peaks
Management of a downgraded mode in case of failure of the production servers (redirection to an excuse server)
Persistence management and maintenance of sessions on the ALOHA in standby
Application performance
Unlimited management of IP:port pairs per virtual server
Generation of detailed application logs instead of servers (freeing up their resources)
TCP / HTTP acceleration via buffering
Concentration of server connections with dynamic load control
Blocking malicious or unnecessary HTTP requests
Early release of connections
Application security
Protocol validation (HTTP)
Protection against denial of service attacks (DoS DDoS) worms SQL code injections etc.
Application of thresholds of connections requests and throughput per source IP
Black/white list management
Advanced URL filtering and restriction by authentication
Blocking information leaks and protecting sensitive information
Filtering of HTTP / HTTPS requests and responses
Handling HTTP headers
Integration and administration
VLAN support (802.1q) multi-site VPN (IPSec or SSL)
Support for Syslog SNMP SNMP traps VRRP and NTP standards
Bridging and aggregation of network interfaces
Integration in proxy or transparent proxy mode
Advanced monitoring and logging service status application status connection details activity statistics
Web or CLI administration interface (SSH access or serial port)
Tools to help diagnose malfunctions
Multi-level administration (supervision and configuration)
Provisioning and configuration management API via WebService REST/JSON and SSH
Configuration management in multi-tenant architecture via the configuration API
HAProxy communautaire
Les plates-formes d'applications doivent
fournir une haute disponibilité et de garantir la pleine et
la continuité du service pour les utilisateurs (clients internes et externes).
HAPEE répond
à tous ces exigences grâce à son vaste jeu de fonctionnalités, soutenu par le niveau de service offert par HAProxy Technologies.
Tel : (+33) 01 78 41 01 98
| HAPEE Business | HAPEE Premium | |
|---|---|---|
|
Prix
|
€ HT/mois
|
€ HT/mois
|
| Modules | ||
| HAProxy | OUI | OUI |
| Haute disponibilité (VRRP) | OUI | OUI |
| Modèles de mesure (Cacti) | OUI | OUI |
| Log management | OUI | OUI |
| SSL management | OUI | OUI |
| Surveillance (SNMP) | OUI | OUI |
| Optimisation du scripts | OUI | OUI |
| Statistiques avancées(HALog) | OUI | OUI |
| Prise en charge du version | V moins de 3 ans | V moins de 5 ans |
| Extensions (optional and chargeable) | ||
| GUI (see SNAPT web site) | Cf snapt | Cf snapt |
| Protection botnet | OUI | OUI |
| Empreintes digitales du client | OUI | OUI |
| Mise à jour automatique du contenu | compris | compris |
| Advanced Persistent Threat (APT) protection | OUI | OUI |
| Route Health Injection | OUI | OUI |
| Besoins personnalisés | on demand | |
| Services | ||
| Maintenance et mises à jour | OUI | OUI |
| Assistance / support tickets | 3 | 6 |
| Support contact | Web, E-mail | Web, E-mail, Téléphone |
| Support disponibile | 10h x 5d | 24h x 7d |
| Assistance disponibile | N/A | 10h x 5d |
| Temps de réponse pour le niveau 1 ou 2 incidents | BD+1 | h+4 |
| Temps de réponse pour le niveau 3 or 4 incidents | BD+1 | h+8 |
| Le temps de réponse pour les demandes d'assistance | Meilleur effort | D+2 |
Commander |
Commander |
|
Reverse Proxy
HAPEE- HAProxy Enterprise Edition -comprend tous les modules additionnels les plus couramment utilisés deHAProxy,
la charge de haute disponibilité équilibrage des logiciels open source, dans une version packagée optimisé pour rendre simplement
la mise en œuvre et la maintenance.
Il est livré sous forme d'abonnement qui comprend les mises à jour de maintenance, support,
et de l'assistance de HAProxy Technologies, pour vous apporter le meilleur du logiciel open source soutenu
par nos garanties de classe entreprise.
Tel : (+33) 01 78 41 01 98
| HAProxy 1.5 | HAPEE | |
|---|---|---|
| HAProxy 1.0 to 1.4 compatibilité | complet | complet |
| HAProxy 1.5 compatibilité | complet | complet |
| HAProxy 1.6 compatibilité | partiel | |
| Support keep-alive | complet | complet |
| Support SSL | complet | complet |
| Protocole proxy | complet | complet |
| Regroupement VRRP | OUI | |
| Support SNMP | OUI | |
| Système de syntonisation(Tunnig) | OUI | |
| Configuration du serveur syslog optimisé | OUI | |
| Support des modules chargeables | OUI | |
| Automatique ACL et mises à jour cartographiques sur HTTP | OUI | |
| Injection du 'Route Health' | extention | |
| Advanced Persistent Threat (APT) Protection | extention | |
| Protection contre les botnets | extention | |
| Empreintes digitales du client | extention |
RACKABLE APPLIANCES
The Load Balancer Rackable Appliances are designed for companies that want to disrupt a dedicated ready-to-use high-performance system to guarantee the high availability of their critical or strategic servers and the distribution of application flows.
Tel : (+33) 01 78 41 01 98
Load distribution
Reverse proxy or packet forward mode
Support of all types of protocols
Distribution of requests according to their content to specific servers (content switching)
Management of persistence and session tracking by cookie
Support for SSL transactions
Support Full IP / IPv6
Direct Server Return
Numerous distribution algorithms applicable by group of servers with weighting
Support for web services and web sockets
URL redirection
Application Security
DoS DDoS worm protection ...
Protocol validation
Black / white list management
ACL management
URL restriction
Blocking information leaks
Filtering HTTP / HTTPS requests and responses
SSL information available via HTTP
Managing client SSL certificates
Behavioral analysis
Brute force protection
Application Performance
Unlimited management of IP port pairs per virtual server
Management of server logs in offload mode
TCP / HTTP acceleration via buffering
Dynamic regulation of connections
Managing open connections with the server
Filtering unnecessary HTTP requests
Early release of connections
HTTP compression
Advanced response time reporting by server and application
High application availability
Permanent monitoring of servers
Smooth server shutdown
Overload protection
Interaction with external routers by route announcements
Unlimited number of servers per group
Persistence shared between devices
Integration and administration
Support VLAN (802.1q) VPN multistes (IPSec ou SSL)
Bridging and aggregation of interfaces
Integration in transparent proxy mode
Advanced monitoring and logging service and application status connection details activity statistics
Web or CLI administration interface (SSH access or serial port)
Malfunction diagnostic tool
Multi-level administration (supervision and configuration)
Support for Syslog SNMP VRRP and NTP standards
API
Scriptable configuration support
Simplified management and integration of SSL certificates
For enterprises hosting providers data centers etc. that have implemented virtualized and/or shared cloud computing architectures<span class="color_blue"> HAProxy</span> offers its load balancing software as a virtual appliance.
ALOHA appliances range
| References | Office | 2K | 4K | 8K | 16 K | 32 K | 64 K | |
|---|---|---|---|---|---|---|---|---|
| L7 | HTTP/s connections | 1 000 | 2 000 | 4 000 | 8 000 | 16 000 | 32 000 | 64 000 |
| Gzip BW | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | |
| Competing connections | 40 000 | 10 000 | 20 000 | 40 000 | 80 000 | 120 000 | 160 000 | |
| SSL | Transaction per second | 1 000 | 600 | 1 200 | 2 400 | 4 000 | 8 000 | 16 000 |
| L4 | Connections per second | 18 000 | 7 500 | 18 000 | 40 000 | 60 000 | 120 000 | 200 000 |
| Concurrent Connections | 1M | 512K | 1M | 2M | 4M | 6M | 8M |
Hardware bases
| Features | ALB-3100 | ALB-5100 | ||
|---|---|---|---|---|
| Network interface | 6x1 GB/s | 6x1 GB/s | (optionnel: 2x10 GB/s) | |
| L7 | Flow (Level 7 analysis) | 800 Mb/s | 3,3 Gb/s | (6,6 Gb/s) |
| HTTP/s requests (Keep Alive) | 30 000 | 200 000 | ||
| SSL | Transaction per second | 2400 | 16 000 | |
| Calculation of the keys | 400 | 3600 | ||
| Bandwidth | 270 Mb/s | 2,1 Gb/s | (4,3 Gb/s) | |
| DDOS | Blocked connections / second | 36 000 | 300 000 | |
"CLOUD READY" VIRTUAL APPLIANCE
For companies hosting providers and datacenters that have implemented virtualized and/or shared Cloud computing architectures Hosteur offers its load balancing software as a virtual appliance available as a virtual image for vMware Microsoft Hyper-v TM citrix Xenserver TM Red Hat Enterprise Virtualization TM KVM (Kernel-based Machine) or Xeno.
Tel : (+33) 01 78 41 01 98
Expense distribution
Reverse proxy or packet forward mode
Support of all types of protocols
Distribution of requests according to their content to specific servers (content switching)
Management of persistence and session tracking by cookie
Support for SSL transactions
Support Full IP / IPv6
Direct Server Return
Numerous distribution algorithms applicable by group of servers with weighting
Support for web services and web sockets
URL redirection
High application availability
DoS DDoS worm protection ...
Protocol validation
Black / white list management
ACL management
URL restriction
Blocking information leaks
Filtering HTTP / HTTPS requests and responses
SSL information available via HTTP
Managing client SSL certificates
Behavioral analysis
Brute force protection
Application Performance
Unlimited management of IP port pairs per virtual server
Management of server logs in offload mode
TCP / HTTP acceleration via buffering
Dynamic regulation of connections
Managing open connections with the server
Filtering unnecessary HTTP requests
Early release of connections
HTTP compression
Advanced response time reporting by server and application
Application Security
Permanent monitoring of servers
Smooth server shutdown
Overload protection
Interaction with external routers by route announcements
Unlimited number of servers per group
Persistence shared between devices
Integration and administration
Support VLAN (802.1q) VPN multistes (IPSec ou SSL)
Bridging and aggregation of interfaces
Integration in transparent proxy mode
Advanced monitoring and logging service and application status connection details activity statistics
Web or CLI administration interface (SSH access or serial port)
Malfunction diagnostic tool
Multi-level administration (supervision and configuration)
Support for Syslog SNMP VRRP and NTP standards
API
Scriptable configuration support
Simplified management and integration of SSL certificates
Range of virtual ALOHAs
| ALOHA VA Models | VA Office | VA 1K | VA 2K | VA 4K | VA 8K | VA 16K | VA 30K | VA 50K |
|---|---|---|---|---|---|---|---|---|
| Hypervisor | VMware Hyper-V TM Xen KVM RHEVTM SenServerTM | HyperV - Vsphere | Vsphere | |||||
| Minimum memory | 2 G | 512 M | 1 G | 2 G | 4 G | 8 G | ||
| Recommended number of vCPUs | 2 vCPU | 1 vCPU | 2 vCPU | 2 à 4vCPU | ||||
| Network interface | Unlimited depending on the hypervisor | |||||||
| Performances | Office | 1K | 2K | 4K | 8K | 16K | 30K | 50K | |
|---|---|---|---|---|---|---|---|---|---|
| L7 | HTTP/s connections | 1 000 | 1 000 | 2 000 | 4 000 | 8 000 | 16 000 | 30 000 | 50 000 |
| Gzip BW | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | 1Mb/s | |
| Competing connections | 40 000 | 5000 | 10 000 | 20 000 | 40 000 | 80 000 | 120 000 | 160 000 | |
| SSL | Transaction per second | 1 000 | 300 | 600 | 1 200 | 2 400 | 4 000 | 8 000 | 16 000 |
| L4 | Connections per second | 18 000 | 3 700 | 7 500 | 18 000 | 40 000 | 60 000 | 120 000 | 200 000 |
| Competing connections | 1M | 256 k | 512 k | 1M | 2M | 4M | 6M | 8M | |
L7 rate SSL key/second calculation and SSL bandwidth and DDOS blocking capacity are related to the capacity of the underlying hardware server and hypervisor.
ALOHA PACKETSHIELD
The first bulwark against DDos attacks
Protection against network attacks by saturating connections packets and bandwidth. Distributed Denial of Service (DDoS) attacks aim to saturate network equipment and hardware resources (firewalls load-balancers servers etc.). Increasingly frequent significant and sophisticated these attacks penalize companies: loss of revenue business interruption damage to brand image financial blackmail etc...
Tel : (+33) 01 78 41 01 98
Qui utilise HAProxy PACKETSHIELD ?
Protection against DDoS
ALOHA PacketShield provides a simple effective and economical answer to neutralize DDoS attacks:
Analysis of incoming flows upstream of your firewall load balancer and web servers
Real-time filtering and blocking of illegitimate traffic while maintaining access to legitimate users.
Patented solution guaranteeing zero false positive.
Traffic recognition via configurable access control lists (white/black lists)
Type of protection
Protocol validation: automatic cleaning of badly formatted packets
Protection against SYN flood attacks: issuing SYN cookie
Protection against ACk/RST flood attacks with TCP session storage and recognition (stateful packet inspection)
Protection against ACK storms caused by NAT type equipment under attack
Protection against DNS reflection attacks: recognition of valid responses
First bulwark against network DDoS attacks ALOHA PachedShield can be :
Deployed in offload router or load-balancer level 4 or 7.
Combined with any load balancing solution on the market including HAproxy or ALoHA Load Balancer for multilayer network and apolitical protection.
| ALOHA PacketShield 3100 |
ALOHA PacketShield 5100 |
ALOHA PacketShield 5100-10G |
|
|---|---|---|---|
| Performance | |||
| Bandwidth | 1 G | 1 G | 10 G |
| Max. number of connections* | unlimited | ||
| Package/s | 1 000 000 | 1 000 000 | 14 000 000 |
| Operation | |||
| Deployment mode | Routeur en ligne quilibreur de charge L4 en ligne quilibreur de charge L7 en ligne | ||
| High availability | Active/passive or multi active | ||
