LoadMaster X25 - Load Balancer Appliance - Kemp
The LoadMaster X25 load balancer provides the most complete high-performance application delivery platform with dual power supplies and RAID storage for enhanced resilience. The integrated hardware acceleration delivers up to 20,000 SSL transactions per second and overall system throughput of 25 Gbit/sec. With 12 SFP+ ports and two 1Gbit ethernet ports, this load balancer can easily integrate with the most complex and demanding network environments.
Performance
- Max Balancer L4 Throughput Up To 42.2Gbps
- Max Balancer L7 Throughput Up To 40Gbps
- 1,250,000 L7 (http) requests per second
- 2,600,000 L4 requests per second
- 525,000 L7 concurrent connections
- 75,800,000 L4 concurrent connections
- SSL Acceleration (2K Keys) up to 35,000 TPS
- 20Gbps Bulk Encryption
Hardware
- Intel 12 Core Processor
- 2 x GbE Auto-negotiating, Full Duplex ports
- 12 x 10Gb SFP+ ports
- 2 x 1TB HDD (RAID 1)
- 64 GB RAM
- Local admin via serial and VGA/USB
- Dimensions: 438 (W) x 570 (D) x 88mm (H)
- Weight: 19Kg (41.9lbs)
- 2 x 700W power supply
Scalable high-performance application delivery
Kemp LoadMaster hardware load balancers offer the scalability, feature depth and security required to enable resilient delivery of a wide range of application workloads for organizations of all sizes and capabilities. LoadMaster simplifies application delivery with easy management via web UI, API and Kemp 360 Central with a compelling TCO and outstanding customer support.
Benefits
Resilient
LoadMaster can enhance application availability and resilience with the option for Highly Available (HA) paring of appliances and geographic server load balancing (GSLB) removing single points of failure in the data center and also across data centers. Application server health checks enable redirection of traffic to healthy servers and the optional Kemp 360 Vision service provides 24/7 proactive support to ensure continuous application availability.
Secure
As the access point for applications, LoadMaster provides authentication and attack mitigation services to prevent malicious and unauthorized access to application resources. The Edge Security Pack (ESP) enables pre-authentication of clients (LDAP, Active Directory, RADIUS, and SAML) while the Web Application Firewall (WAF) offers continuous application level protection through daily rule updates.
Easily Managed
LoadMaster appliances can be managed via the intuitive web UI, via API (PowerShell/RESTful) or via Kemp 360 Central. Application templates simplify deployment and optimization, while the API provides an easy way to automate configuration and management tasks whether through DevOps toolsets or operational frameworks.
Scalable
As application delivery demands grow, LoadMaster can scale by clustering multiple appliances together into a single load balancer entity. As well as scaling to meet increasing capacity requirements, clustering also provides resilience as the failure of a cluster member is gracefully handled with remaining members continuing to provide service.
Low Cost of Ownership
LoadMaster delivers performance and functionality at a compelling price point when measured against the key metrics of SSL transactions per second, application throughput and active connections. Coupled with the low operational overheads delivered by features such as application templates and our world-class customer support services, organizations can achieve significant TCO reductions on application delivery.
Fully Featured
LoadMaster includes a comprehensive set of features to enable deployment of application delivery and interfaces and API to integrate with existing authentication, logging, management, and provisioning systems.
Features
L4-L7 Application Delivery
- Server Load Balancing (SLB) for TCP/UDP based protocols
- TLS (SSL) Offload
- Layer 7 Content Switching
- Transparent caching for HTTP/HTTPS
- Compression of static and dynamic HTTP/HTTPS content
- HTTP/2 Support
- Up to 1000 Virtual and 1000 Real Servers
- NAT-based forwarding
- Support for Direct Server Return (DSR) configurations
- Configurable S-NAT support
- VLAN Trunking (802.1Q)
- Link interface bonding (802.3ad)
- IPv6 support for addressing and features
- IPv6 - IPv4 bidirectional conversion
Health Checking
- Aggregated health checks
- ICMP health checking
- Layer 7 checking against any target server port
- Active/Hot Standby configurations for High Availability
- Stateful Failover
- Scale-out Clustering
- Aggregated health checks
Session Persistence
- Source IP (L4)
- TLS (SSL) SessionID (L4)
- HTTP/HTTPS Browser-session (L7)
- HTTP/HTTPS WebClient-session (L7)
- RDP Login ID (L7)
- Port Following for mixed HTTP/HTTPS sessions
- Session reconnection for Microsoft RDS
Scheduling and Balancing Methods
- SDN Adaptive
- Round Robin
- Weighted Round Robin
- Least Connection
- Weighted Least Connection
- Agent-based Adaptive
- Chained Failover (Fixed Weighting)
- Source-IP Hash
- Layer 7 Content Switching
- Global Server Load Balancing (GSLB)
- AD Group based traffic steering
SSL/TLS Features
- Configurable TLS (1.0, 1.1, 1.2, 1.3) and SSL (2.0, 3.0)
- Support for EV (Extended Validation) certificates
- OCSP certificate validation
- Server Name Identification (SNI) support
- Support for up to 1,000 TLS (SSL) certificates
- Automated TLS (SSL) certificate chaining
- Certificate Signing Request (CSR) generation
- FIPS 140-2 Level 1 (Level 2 on FIPS models)
- STARTTLS mail protocols (POP3, SMTP, IMAP)
Administration
- Change auditing
- Web User Interface (WUI)
- SSH & physical console
- RESTful and PowerShell APIs
- VMware vRealize Orchestrator
- Context-based help (WUI)
- Real-time display of performance and availability
- Application templates
- Remote syslogd support
- Automated configuration backup
- Selective restore of configuration
- Connection draining
- Comprehensive logging and reporting
- SNMP support
- Diagnostic shell with in-line tcpdump
Security
- Permit /Deny Access Control Lists
- IP address filtering
- IPsec Tunnel support
- DDoS mitigation, including L7 rate-based attacks
- IPSec VPN to Azure, AWS and public clouds
- Authenticated NTP
Kemp 360 Central
- Included with Enterprise and Enterprise Plus Subscriptions
- LoadMaster Configuration Management
- Automated LoadMaster backups
- Centralized & scheduled firmware updates
- LoadMaster logfile consolidation
- Performance Management
- 3rd party load balancer support
Kemp 360 Vision
- Included with Enterprise and Enterprise Plus Subscriptions
- 24/7 Automated issue escalation service
- Proactive issue management
- Integrated with Kemp Support ticketing
Edge Security Pack
- Microsoft TMG replacement
- Pre-Authentication
- Multi-Domain Authentication & SSO
- X.509 client certificate authentication
- Custom login forms
- Two-factor authentication
- SAML, Active Directory, RADIUS & LDAP
- Forms to Forms-based authentication
Intrusion Prevention
- Snort Compatible IPS
- Permit/Deny IP by address
- Automated IP reputation updates for GSLB
Web Application Firewall (WAF)
- Real-time application threat mitigation
- Daily rule updates
- Threats Mitigated
o Cookie tampering
o Cross-site request forgery
o Cross-site scripting
o Data loss prevention
o SQL Injection
o PCI-DSS Section 6.6 compliance
Global Server Load Balancing (GSLB)
Scheduling and Balancing
- Round Robin
- Weighted Round Robin
- Chained Failover (Fixed Weighting)
- Regional
- Real Server Load
- Location-Based
Security
- Blacklist (Access Control List)
- IP reputation filtering with automatic updates
- DDoS mitigation
Health Checking & Failover
- ICMP health checking of server farm machines
- Layer 4 TCP checking
- HTTP/HTTPS health check
- Active/Active High Availability
Have more questions about Kemp Load Balancers and Application Delivery Controller Products and solutions? Call us at 410-583-1701 or email us at questions@pulsesupply.com.