A10 Networks教育行业应用交付解决方案

The leader in advanced featured load balancers and application deliverycontrollers built for medium and small enterprise Equalizer®DATASHEET AND PRODUCT GUIDEAchieve non-stop availability and higher application performance with Coyote Point’s award-winning Equalizer application delivery solutionsSince 1999 Coyote Point has set the standard in load balancing and application delivery solutions at price points most organizations can easily afford. From simple server load balancing to enterprise-grade global traffic management, Coyote Point can meet the needs of almost any web-based application. You can find Coyote Point solutions in companies of any size, up to the largest of Fortune 500 firms including USA Today, Motorola and Comcast.The entire Equalizer line-up of hardware and virtualization solutions meets or outperforms competitive products costing up to 3 times as much. You pay for what you need and don’t have to buy option after option to get a solution that fits your business requirements. The award-winning Equalizer product line has long been recognized for its rock-solid reliability, ease of setup and intuitive management tools. Plug in an Equalizer and it provides years of worry-free service.FEATURES❚Basic load balancing through advanced L7 traffic management❚Hardware and virtual appliance options to meet your needs❚Full support for Microsoft®, VMware® and most standard business applications❚Class-leading SSL acceleration and data compression❚Advanced Global Server Load Balancing for seamless disaster recovery❚Smart Event Automation for virtual and physical resource control❚Full IPv6 support, including 6-in-4 Tunneling to ease the transition to IPv6Reliable and robust load balancing and application deliveryAt its heart, the Equalizer is a tried-and-true load balancer that can support almost any web-based application. From simple L4 TCP and UDP to advanced L7 HTTP and HTTPS, Coyote Point can provide basic load balancing to precise content switching with L7 Match Rules (AF ). Equalizer gathers real-time information about a server’s status using ICMP Probes, TCP Probes, Active Content Verification (ACV) and Server Agents to route traffic based on easily configurable business rules. All Equalizers support persistence using either cookies or IP addresses to reliably maintain server connections for your more advanced applications.In the event that servers in a server pool are unable to satisfy a client’s request, Responders (AF ) can be assigned to L7 Match Rules to redirect users to another URL or display a custom message.High Availability for 100% application uptimeMission-critical applications need mission-ready solutions. Coyote Point’s 3-tier approach to application uptime means your applications are up and running with 5-nines reliability. The first tier is a server or application failure. If a server or application fails or becomes overloaded, Equalizer routes traffic automatically to healthy servers. For the second tier, Equalizer supports failover options to cover youshould an Equalizer go down. Finally, the third level provides routing to an alternate data center(s) should your primary data center suffer a catastrophic or planned outage (see the “Disaster recovery with Global Server Load Balancing” section for more information on multiple data center traffic management).Equalizer supports Active/Passive, Active/Active, N+1 or N+M failover configurations. Coyote Point’s Multi-Active N+M Failover (AF ) allows a cluster of active Equalizers to share the workload for a large application data center. Instead of requiring idle spares in standby mode as in other failover methods, Multi-Active N+M Failover puts all the Equalizers to work load balancing and delivering applications. If an Equalizer in the N+M cluster should fail, the others seamlessly pick up the workload until you or your team can get the failed Equalizer back online.Disaster recovery with Global Server Load BalancingEnvoy Global Server Load Balancing (GSLB) makes your network reliable and available by scalingapplications across multiple data centers for disaster recovery or to improve application response times. Administrators can set up rules that direct traffic based on site availability, data center performance and network latency.Coyote Point offers three options for Envoy. You can choose a software module for Equalizer, astandalone hardware appliance or a standalone virtual appliance. Envoy SAE, the standalone hardware or virtual appliance, offers additional features not available in the Envoy software module. It is designed to accommodate complex network structures including resolution directly to local or host-basedapplication servers. Using SNMP health checking (AF ), Envoy SAE fully integrates with ADCs from other manufacturers including F5, Citrix and A10 Networks.Advanced networking supportCoyote Point’s Equalizers use Network Address Translation (NAT), Source NAT, Outbound NAT and spoofing to effectively and efficiently route traffic between clients and servers. With support for directserver return, Multi-Gateway (AF ) and Multi-Netting (AF ), Link Aggregation (LACP), IPv6 routing, NTP and tagged VLAN support (AF ) for up to 4094 802.1Q VLANs, you get the flexibility you need as your network topology evolves without having to buy new equipment.Are you ready for the transition to IPv6? Coyote Point can make it easier with 6-in-4 Tunneling (AF ) supported on all Equalizers. Through the use of a tunnel broker, you can assign IPv6 addresses to your server clusters making them available to any client on an IPv6 network.Equalizer provides the ability to configure routing to match network topologies from the simplest to the very complex through Policy-based Routing (AF ). You can define routing behavior for each subnet, based on either destination IP address or source IP address of packets traversing Equalizer.Items followed by (AF ) are advanced features that are designed for complex application environments.If you need moreinformation on any of the items presented in this document or would like more information on load balancing and application delivery concepts, please visit or call us at (877) 367-2696.Envoy SAE with SNMP healthchecking provides global server load balancing in mixed vendor environments and supports up to 10 data centers with just one appliance.Blazing fast SSL offloading and compressionAll Coyote Point Equalizers support SSL offloading to relieve your servers from the computationalworkload of SSL/TLS session negotiation, encryption and decryption, letting them instead focus on the applications they were meant to serve. Some models come equipped with hardware-based acceleration.Not all applications were written with SSL in mind and many scale poorly when SSL is enabled. Coyote Point’s SSL offloading eliminates these problems with an easy to deploy acceleration solution. Processing is moved from your servers to Equalizer making applications significantly faster and secure without software or other intrusive changes.Coyote Point incorporates a dedicated hardware-based Gzip HTTP compression processor into some models for content-rich applications. You can compress server generated data up to 5 times before it’s delivered to a client using any modern web browser saving you bandwidth costs and improving response times to your users.Automate routine tasks to take control of your applicationsEqualizer’s Smart Control framework with Smart Control Automation (AF ) manages notifications,logging and corrections to your application environments.1 Intuitive construction of graphical or CLI-based rule sets let you configure responses to almost any condition including resource management to power up or power down IPMI-compliant servers in response to changes in demand.Virtual platform supportIf you’re looking for a comprehensive set of tools to manage your VMware environment, Coyote Point has you covered. Every Coyote Point Equalizer supports VMware load balancing using VMware’s management API to retrieve real-time virtual server availability and resource utilization from a VMware vCenter console. With Coyote Point’s Smart Control Automation (AF ) you get even deeper integration into VMware with the ability to load balance based on VM CPU and VM RAM and spin-up or spin-down VMs in response to demand.Coyote Point’s OnDemand product line-up offers virtual versions of Equalizer and Envoy SAE for loadbalancing and GSLB. You get to choose either hardware or virtual appliances for 100% flexibility to fit your needs. All our virtual products are available for a free 30-day trial to let you test them in your environment before you buy.Features to keep your applications safe and secureEqualizer intelligently controls your SSL traffic with advanced features like SSL Certificate Revocation Lists (AF ), Global Object SSL Certificate Storage (AF ), outbound HTTP to HTTPS URL rewriting and Cipher Suite Control.Guaranteed application supportFrom basic static websites to enterprise Microsoft ® Exchange installations, Coyote Point’s Equalizer can support virtually any internet-based application. Easy to follow deployment guides are available for the top Microsoft ® applications including Exchange, SharePoint ® and Outlook Web Access.Included Global Server Load Balancing (GSLB)All Equalizer load balancers and application delivery controllers include Coyote Point’s Envoy Global Server Load Balancing. Using DNS-based resolution, Envoy routes multiple data center traffic based on network latency, server health, traffic volumes or with custom business rules.1 Smart Control Automation is currently available with EQ/OS v.8.X.Smart Control Automation manages your applications 24/7 letting you focus on more important tasks.Microsoft ® recommends hardwareload balancing for Exchange installations with over 200 users. Coyote Point has been tested and approved by Microsoft ®.Flexible management and comprehensive reportingDo you prefer a command line or an intuitive graphical user interface? Either way Coyote Point provides the tools you need to easily manage your Equalizer. The context sensitive CLI provides complete control of every aspect of your Equalizer, not just a subset of functions like some other manufacturers. Even if you’re a CLI-jockey, you’ll appreciate the thought-through layout and features of our graphical user interface for most tasks from setting up server pools to running sophisticated traffic reports.Equalizer’s Role-based management(AF) gives you the flexibility to establish multiple users and groups allowing it to be managed by one or more data center personnel. As the administrator, you can assign read, write, create and delete permissions to individual users or groups to give as little or as much control over your Equalizer to fit the needs of your organization.Equalizer GUI Welcome ScreenSample of a TCP Cluster Configuration Summary ScreenEqualizer Products/PlatformsEqualizer load balancing and application delivery products are built with the needs of small and medium enterprises in mind to offer you the performance and features you need at a value that can’t be matched. Coyote Point’s solutions range from entry-level load balancing to multi-site enterprise-grade traffic management.E250GXReliable and affordable L4-7 server load balancingIdeal for small and medium businesses, the E250GX delivers 100% uptime for mission critical applications while staying within your budget.❚ 1.2 Gbps L4 throughput ❚L4 and basic L7 load balancing ❚Supports high availability deployments ❚Affordable for almost any businessE370LXIntelligent, high performance L4-7 traffic management Coyote Point’s workhorse ADC for organizations that value performance and reliability. Great for Microsoft Exchange and SharePoint deployments. ❚ 4.8 Gbps L4 throughput❚Robust L4 and L7 load balancing ❚Advanced L7 application management ❚Software based SSL offloading up to 7,500 TPSEqualizer On DemandAn enterprise-grade virtual ADC when you need itA software-based virtual appliance deployed as a single virtual server instance dedicated to load balancing and application delivery.❚Same features as hardware Equalizer appliances ❚Optional VLB Advanced and Envoy GSLB ❚Runs on VMware ESX/ESXi v4.X and v5.X ❚Free 30 day trialE470LXThe secure applications powerhouseThe E470LX was built with e-commerce and secure applications in mind. With advanced SSL features, you can dramatically reduce SSL certificate costs and management. ❚8.0 Gbps L4 throughput ❚SSL hardware acceleration❚Optimized for e-commerce and secure applications ❚Great for secure Microsoft environmentsE670LXEnterprise-grade performance, Coyote Point ValueWith best-in-class performance, the E670LX leads the pack with features like hardware-based SSL acceleration, and HTTP Gzip compression.❚10.0 Gbps L4 throughput ❚SSL hardware acceleration ❚Gzip HTTP hardware compression❚Great for enterprise departmental applicationsE970LXBuilt for the Data Center, Priced for the Finance Department A data center grade ADC with blazing fast performance. With features like hardware based SSL acceleration, HTTP Gzipcompression, dual hot-swappable power supplies and fans, the E970LX great for hosting and enterprise applications. ❚13.0 Gbps L4 throughput ❚SSL hardware acceleration ❚Gzip HTTP hardware compression❚Hot-swappable power supplies and fans, lights-out managementNEW NEWNEW©2013 Fortinet, Inc. Equalizer and Envoy are registered trademarks of Fortinet. All other trademarks are property of their respective owners. All specifications are subject to change.Coyote Point Systems, a subsidiary of Fortinet, Inc.| | 1 (877) 367-2696, Direct and Outside U.S. 1-408-291-5240Equalizer and Envoy SAE OnDemand InformationEqualizer and Envoy SAE OnDemand run as a guest VM under any VMware Hypervisor™ that supports Version 7 virtual machines. They have been tested on the following VMware products: ❚VMware ESX 4.1❚VMware ESXi 4.1, 5.0, 5.1 ❚VMware Fusion 3.1.2, 3.1.3❚VMware PlayerEach instance of Equalizer or Envoy SAE OnDemand requires the following hardware resources:❚1GB RAM (in addition to RAM required for the host platform); supports up to 2 GB ❚1GB free disk space❚ 1 VMware supported 10/100/1000Gb Network Adapter; supports up to 16 NICs ❚Internet connectivity for license validation See VMware’s specific requirements for the VMware product you are using.Equalizer Product Line ComparisonE250GXE370LX E470LX E670LX E970LX On DemandPERFORMANCE Maximum Throughput 1.2 Gbps4.8 Gbps8.0 Gbps10.0 Gbps13.0 Gbps1.0 GbpsSSL TypeSoftwareSoftwareHardwareHardwareHardwareSoftwareCOMPRESSION TypeN/aN/aN/aHardwareHardwareN/aSERVER POOLS Server Pools256256256256256256Servers per Server Pool 512512512512512512LOAD BALANCING Protocols L4 TCP/UDP, L7 HTTP/HTTPS L7 Match Rules Yes Yes Yes Yes Yes Yes Envoy GSLBIncluded Included Included Included Included Included Smart Control Automation IncludedNot availableNot availableNot availableNot availableNot availableNETWORKINGUntagged/Tagged (802.1Q) VLANs 2/40946/40948/409410/409410/4094Varies/4094Direct Server Return Yes Yes Yes Yes Yes Yes Outbound NAT Yes Yes Yes Yes Yes Yes Policy Based Routing Yes Yes Yes Yes Yes Yes IPv6 TunnelingYes Yes Yes Yes Yes Yes Link Aggregation (LACP)Yes Yes Yes Yes Yes Yes Multi-netting Yes Yes Yes Yes Yes Yes Multi-gateway YesYesYesYesYesYesHIGH AVAILABILITY Failover Active/Passive, Active/Active, Active N+1 and Multi-Active N+M Responders N/aYesYesYesYesYesHARDWARE CPU Single core Dual core Dual core 6 core 8 core N/a Memory 512 MB 2 GB 2 GB 4 GB 4 GB N/a Hard Drive512 MB CF120 GB SSD120 GB SSD120 GB SSD120 GB SSDN/a Gigabit Ethernet (RJ45 Cu)26888N/a Gigabit Fiber SFP + (10 GB)00022N/a Power110 VAC/29W 220 VAC/40W 50/60 Hz120 VAC/84W 220 VAC/90W 50/60 Hz120 VAC/123W 220 VAC/130W 50/60 Hz120 VAC/140W 220 VAC/145W 50/60 Hz120 VAC/306W 220 VAC/310W 50/60 HzN/aDimensions (WxHxD)17.25x1.75x10.5” 438x45x267 mm 17.25x1.75x12” 438x45x305 mm 17.25x1.75x18.25” 438x45x464 mm 17.25x1.75x18.25” 438x45x464 mm 17.25x1.75x21” 438x45x534 mm N/a Weight7 lbs. (3.2 kg)11 lbs (5 kg)15.5 lbs (7 kg) 15.5 lbs (7 kg)18 lbs (8.2 kg)N/a Operating Temperature 40-105 F, 5-40 C N/a Operating Rel. Humidity 5-90%, non-condensingN/aWarranty 1 yearSupport Included 90 days FortiCare Enhanced 8x5CertificationsFCC, CE, RoHSN/a Additional CertificationsN/aUL/cUL, VCCI, CB, C-tickUL/cUL, VCCI, CB, C-tickUL/cUL, VCCI, CB, C-tickUL/cUL, VCCI, CB, C-tickN/aEnvoy SAE andEnvoy OnDemand SAEBased on Coyote Point’s Envoy GSLB module for Equalizer, Envoy SAE and Envoy OnDemand SAE offer a standalone GSLB appliance to bridge multiple sites for disaster recovery.❚Full SNMP-based interoperability with 3rd party ADC manufacturers ❚Direct server resolution❚Up to 10 GeoSites on one Envoy SAE appliancePERFORMANCEDNS Throughput (lookups/second)10,000DNSRecord Types A, AAAA, MX, PTR StandardsRFC1035, RFC1912, RFC3364, RFC3596HIGH AVAILABILITY FailoverActive/Passive HARDWARE (Envoy SAE Only)Gigabit Ethernet 2Power110 VAC/29W 220 VAC/40W 50/60 Hz Dimensions 17.25x1.75x10.5” 438x44.4x267 mmWeight7lbs. (3.2kg)Operating Temperature 40-105 F, 5-40 C Operating Rel. Humidity 5-90%, non-condensing Warranty 90 days Support Included 90 days Basic CertificationsFCC, CE, RoHS.。

中兴通讯教育信息化网络解决方案中兴通讯股份有限公司中兴通讯数据通讯综述中兴通讯是中国最大的通信设备制造业上市公司，政府重点扶持的520家重点企业之一。

数据通讯产品是中兴通讯三大战略产品之一，早在1996年，中兴通讯就开始致力于数据产品的研发，并先后在深圳、南京、上海、西安、美国新泽西州设立研发基地。

中兴通讯的数据通讯产品包括路由器、以太网交换机、宽带多业务路由交换机、WAS宽带无线接入系统、xDSL宽带综合接入系统、UAS宽带接入服务器、宽带综合业务运营管理系统等多个产品类别，可广泛应用于政府、教育、金融、电力、企业、电信等各种行业和领域，为各行各业的信息化建设提供端到端的宽带网络承载平台。

⏹ZXR10路由器系列中兴通讯的ZXR10 T128/T64E/GER/GAR系列路由器产品涵盖从高端到低端、从核心到接入，并以先进的“网络处理器+ASIC”的体系结构、全面的路由协议支持、丰富的接口类型、高可靠性的电信级设计，奠定了其在国内业界领先的地位。

ZXR10路由器荣获了广东省深圳市科学技术进步一等奖，并获得了信息产业部的首张高端路由器入网证。

⏹ZXR10以太网交换机系列中兴通讯提供性价比高、功能齐全、系列完善的以太网交换机产品，包括ZXR10 T160/6510/3925/3906/3904/3226/3206/2826/1816系列二、三层以太网交换机，为电子政务、校园网、园区网、企业网等提供核心、汇聚和接入的全面解决方案。

⏹ZXR10 W AS宽带无线接入系统中兴通讯推出的ZXR10 W AS宽带无线接入系统由无线网卡、无线接入点、大功率设备和无线网桥、无线接入控制器、以太网供电模块组成，该系列产品不仅可为用户组建完善的无线局域网络，而且可为用户提供全面的无线Internet宽带接入解决方案。

⏹ZXB10多业务路由交换机系列ZXB10拥有BX/AX/M2000/M1000/S300/S100/S30/S20全系列的核心、汇聚和接入产品系列，ZXB10集综合业务接入、MPLS、高速路由、宽带接入认证功能于一体，充分满足不断增长的Internet 业务、各类数据专线业务、视频业务和传统语音业务综合接入、汇聚和高速交换的需求，提供良好的安全性能和Qos保证能力。

A10服务器负载均衡解决⽅案解读1SJ tit works***** 单位A10负载均衡解决⽅案A10 Networks Inc.1SJ tit works⽬录1.项⽬概述 (1)2.需求分析及讨论 (1)2.1应⽤系统所⾯临的共性问题 (1)2.2需求分析 (2)3.A10公司负载均衡解决⽅案 (3)3.1⽹络结构图 (3)3.2A10负载均衡解决⽅案 (3)3.2.1APP Server负载均衡的实现 (4)3.2.2应⽤优化的实现 (4)3.3解决⽅案说明 (5)3.4⽅案的优点 (6)4.A10 AX的优点及各型号指标总结 (7)5.A10公司简介 (7)6.AX介绍 (8)6.1 A10公司AX简介 (8)AX系列功能 (8)1. 项⽬概述2. 需求分析及讨论2.1应⽤系统所⾯临的共性问题随着⽤户量增⼤及业务的发展，⼀个应⽤系统往往会出现各种问题。

瓶颈可能出现在服务器、存储、⽹络设备，带宽等的性能不⾜，⽽运⾏⼀旦出现故障给业务带来的影响范围是巨⼤的，服务器可能出现的问题表现为如下⼏点：⾼可⽤问题关健性应⽤要求7*24稳定运⾏不被中断，⾼可⽤性问题被放在⾸要位置。

利⽤“不平衡”现象数据的⼤集中使得服务器的访问压⼒⽇益增⼤，服务器性能往往会成为⼀个系统的瓶颈，随着性能问题的产⽣，单点故障的发⽣也将⽐较频繁，为了解决这些问题，传统的⽅式多为采取更换更好的服务器并且采⽤双机备份系统提供服务的⽅式，这样必然存在⼀半的资源浪费的情况，⽽在压⼒不断上升的情况下，这种动作讲不断的重复，不但服务器的利⽤率不平衡，⽽且持续引起投资的浪费。

“峰值”问题服务器的处理多存在“波峰”和“波⾕”的变化。

⽽且“波峰”时，业务量⼤⼩的变化⼜不规律，这就使服务器不得不⾯对“峰值堵塞”问题。

原有解决⽅法为增加服务器或主机数量，提⾼处理能⼒。

但仍存在性能不平衡问题，且这样做，投资成本⼤。

多⽶诺”现象单台服务器的设置，不可避免会出现“单点故障”，需要进⾏服务器“容错”。

A10公司AX产品及行业应用分析Yulin Wang1第一部分产品概述随着Internet的快速增长以及基于Web的应用以前所未有的速度增长，关键业务的性能，安全和可用性对企业现在和未来提高竞争力是至关重要的。

A10网络公司的AX系列高级流量管理设备就是为适应Web和三网融合业务（数据，语音，视频）的增长需求而设计的。

AX 提供智能的的4-7层应用处理能力，在极具竞争力的价格基础上，AX具有业界领先的性能和可扩展性来满足关键业务的需求，结果就是带来业界最好的性价比解决方案。

A10公司的AX系列产品具有如下特点：1.功能丰富.（无需购买额外License）2.超高的性能，超高性价比3.冗余硬件4.高性能安全防护5.易于使用和管理2第二部分市场分析服务器负载均衡设备从技术上来讲是跟行业无关的，基本上凡是通过服务器提供应用访问和各种服务的企业单位在服务器遇到瓶颈访问速度变得缓慢的时候，都可以考虑对服务器做负载均衡，以提升性能和服务质量。

但是不同行业对功能的要求会有所偏重，对性能要求也有差别，所以需要对AX产品针对不同行业做一下分析。

2.1 运营商市场分析中国运营商包括电信、移动、网通、联通和铁通等。

各自具体的业务有所不同，但对产品规格的要求是具有相似性的。

基本上需要满足以下几点：1.功能上需要能够满足相关业务系统的要求。

2.性能上需要能够满足电信级访问量的需求。

3.硬件上需要冗余性，以满足运营商业务的不间断运行。

4.设备需要具有抵抗DDOS攻击的能力，以保护后面的关键服务器不受攻击。

5.管理和维护需要简单，直观。

运营商市场对负载均衡和应用优化产品具有很大的需求量。

部分需要负载均衡解决方案的业务系统介绍如下：1.移动/联通的彩铃彩信系统：由于手机用户非常多，所以对彩铃彩信系统的访问量是比较大的，因此单台彩铃彩信服务器的性能必然无法满足访问需求，需要使用负载均衡设备将用户请求分发到多台服务器，以提升总体服务能力。

A10 链路负载均衡解决方案1. 概述由于国内各运营商之间的互联互通一直存在很大的问题，采用运营商自身单条互联网出口，在为用户提供IDC主机托管服务和大客户专线接入服务时，会遇到用户抱怨访问速度差的问题。

同时，单条链路本身存在单点故障问题。

因此，通过在多个数据中心分别拉不同运营商的线路或者同一数据中心或公司网络出口采用多条互联网链路并使用专门的负载均衡设备智能选择最佳链路成为提高服务水平和用户满意度的一种有效方式，我们把多数据中心负载均衡和多链路负载均衡统称为全局负载均衡或者广域网负载均衡。

2. 需求描述对于全局和链路负载均衡，需要解决两种流量类型的负载均衡以及容灾问题：入向流量（Inbound Traffic）：从Internet上的客户端发起，到数据中心内部的应用服务的流量。

如：Internet上用户访问企业Web网站。

对于入向流量，需要根据当前网络延时、就近性等因素，来判断哪一条链路可以对外部用户提供最佳的访问服务。

出向流量（Outbound Traffic）：从内部网络发起的，对Internet上应用资源的访问。

如：内部局域网用户访问Internet上Web网站应用。

对于出向流量，需要根据当前链路的就近行、负载情况、和应用服务的重要性等选择最佳的链路。

容灾：多数据中心除了可以提高服务质量之外，另外一个重要的目的就是容灾，当一个数据中心出现故障，将所有用户访问由灾备数据中心来处理。

3. A10 LLB 负载均衡解决方案3.1. 出向流量链路负载均衡（Outbound LLB ）相对于入向流量的链路负载均衡，出向流量的链路负载均衡则比较简单。

当内部用户发起对外界的访问请求时，链路负载均衡控制器根据链路选择算法选择合适的链路，并对内部用户的IP 地址进行NAT 转换。

出向负载均衡是对每个数据中心内部的机器来而言的，通过放置在每个数据中心出口位置的AX 来实现。

WebClientLLB ControllerISP_A LinkISP_B LinkInternetPrivate IP: 192.168.1.10图例 3 采用LLB的Outbound访问实例如图例3所示，内部局域网用户访问外部Web网站时，链路负载均衡控制器的处理过程如下：内部局域网用户在浏览器输入要访问网站的域名，根据DNS返回的域名解析结果，发起对外部服务器的访问请求。

a10方案A10方案概述A10方案是一个解决企业网络安全问题的综合方案。

它提供了一套完整的功能和工具，帮助企业保护其网络免受各种网络攻击和安全威胁。

本文将介绍A10方案的特点、主要功能以及它在企业网络安全中的应用。

特点A10方案具有以下几个特点：1. 高可靠性A10方案采用了可靠的硬件设备和软件架构，确保了系统在面对高负载和故障的情况下仍能保持高可用性。

它具备冗余组件和自动故障切换功能，可以快速响应并恢复正常运行。

2. 高性能A10方案通过优化硬件和软件设计，提供了卓越的性能表现。

它能够处理大量的网络流量和连接并保持低延迟，确保企业网络始终保持高速和稳定。

3. 强大的安全功能A10方案提供了多种安全功能，包括防火墙、入侵检测系统（IDS）、入侵防御系统（IPS）、应用层过滤等。

这些功能可以有效地防止网络攻击和安全威胁，保护企业网络的安全。

4. 灵活的部署方式A10方案可以以硬件设备或虚拟化软件的形式提供。

企业可以根据自己的需求选择最适合自己的部署方式，满足不同规模和复杂度的网络环境。

主要功能A10方案包含多个主要功能模块，主要包括：1. 应用交付控制（ADC）ADC是A10方案中的核心模块，提供了负载均衡、SSL加速、全局服务器负载分配等功能。

它可以确保应用程序在高负载情况下始终保持高可用性和响应速度。

2. 安全防护A10方案提供了防火墙、入侵检测系统（IDS）、入侵防御系统（IPS）等安全功能。

这些功能可以检测和阻止网络攻击，保护企业网络的安全。

3. 应用层过滤A10方案可以针对应用层数据进行过滤和检测，确保不安全的应用程序或恶意代码不会威胁到企业网络的安全。

4. DDOS防护A10方案提供了DDoS防护功能，可以有效地防止分布式拒绝服务（DDoS）攻击，确保企业网络的稳定和可用性。

5. 数据压缩与优化A10方案可以对传输的数据进行压缩和优化，提高网络带宽的利用率，并减少数据传输时的延迟。

应用场景A10方案适用于各种规模和复杂度的企业网络环境，可以在以下场景中发挥作用：1. 企业数据中心A10方案可以在企业数据中心中部署，提供高可用性、高性能和安全防护功能，确保企业的核心业务应用在任何情况下都能保持稳定和安全。