The BIG-IP Advanced Firewall Manager (AFM) has done it again...and again....and again. The BIG-IP AFM is a high-performance network firewall that guards your data center against extensive network threats on the most widely deployed protocols. This device is an industry leader in network protection, but one of its most impressive features is the scalability it can handle. It leverages the high performance and flexibility of F5's TMOS architecture in order to provide large data center scalability features that take second place to exactly nobody.
By the way, what's this TMOS thing? TMOS is the universal product platform shared by F5 BIG-IP products. TMOS gives you intelligent control over the acceleration, security, and availability services your applications require. It can also help you virtualize and scale up or scale out on demand as your needs change. TMOS uses F5's own ScaleN functionality that allows you to move application delivery workloads as easily as you add or move virtual server workloads to create true deployment flexibility. By the way, do yourself a favor and check out the "Live and let scale" video on the ScaleN page...James Bond wishes he had this stuff!
It's no surprise that the BIG-IP AFM has such great flexibility and scalability since it's built on the firm product foundation of TMOS. But, let's get back to the issue at hand...scalability. When I talk scalability, I'm talking connection capacity and connection rate. That is, the ability to process tons of connections all at once and the ability to maintain a myriad of concurrent connections. The experts at NetworkWorld said it like this: "Connection capacity is important because a single user request can involve many TCP connections...and connection rate matters because web sites may be hit with huge bursts of traffic." With this in mind, NetworkWorld pushed the BIG-IP AFM to its prescribed limits...and beyond. These guys used the BIG-IP 10200v which claims it can handle up to 850,000 connections per second and 36 million concurrent connections. They proved what we already knew...in fact, they over-proved it!
They sent an average of 869,183 new connections per second for a 60 second period and the network firewall didn't blink. They configured clients and servers to use HTTP version 1.0 to force the use of a new TCP connection for each HTTP request. Then, they sustained 36,000,291 unique TCP connections for a 60-second period. Again, the BIG-IP AFM showed that it can handle what it says it can handle...plus some. By the way, if you think performance took a hit with all of this, read my other blog post about how speeds actually increased with the firewall in place!
So, whether you are a large data center with millions of users or a growing IT company with critical data assets, you can rely on the performance and scalability of the BIG-IP AFM.