An application delivery controller (ADC) essentially acts a reverse proxy. That means that client requests interact with the ADC, and the ADC interacts with web and application servers on the client's behalf. This mediation offers the chance to implement acceleration, availability, and security features without requiring changes to existing applications.
There are many, many more features in an ADC that provide significant value. These eight capabilities are the most commonly employed features in reverse-proxy application delivery solutions that provide immediate benefits to web applications, and all can be used without modifying applications or the servers on which they are deployed.
An ADC offers basic (layer 4) load-balancing as well as advanced (layer 7) load-balancing capabilities. Load-balancing applications distributes requests across a pool (farm, cluster) of servers in such a way as to improve performance and availability of applications. Load-balancing is a form of server virtualization.
- Web application security
An ADC with integrated web application security capabilities allows you to add web application threat defense to all applications at the same time, without modifying the apps. This feature makes your apps more secure by inspecting requests and thwarting attempts to exploit SQL, XSS, and other web application vulnerabilities.
- Protocol security
An ADC acting as a reverse proxy can inspect and validate the protocols used to transport requests, such as TCP, HTTP, FTP, and SMTP. This prevents exploitation of protocol layer vulnerabilities from wreaking havoc inside your data center.
- Intelligent Compression
Compression is often used to reduce bandwidth and improve response times of applications. Depending on the location of the client (LAN, WAN) and network conditions, applying compression may actually degrade performance. An ADC can intelligently determine whether compression will result in a positive impact on application performance based on numerous factors. When it does apply compression, it is usually hardware accelerated, making it much more efficient than the compression features utilized by web and application servers.
Because an ADC mediates requests it can inspect them and determine whether they can be cached. By caching static or infrequently changing dynamic data, an ADC improves the response time of applications and reduces load on web and application servers, which makes them run more efficiently.
- High-availability and failover
An ADC, through load-balancing and intelligent monitoring capabilities, can ensure that client requests are sent only to servers that can respond in a timely fashion. If a server is unavailable, the ADC can direct the request to another server to ensure continued availability.
An ADC can SSL enable an entire site or application. SSL functions on an ADC are almost always hardware accelerated, meaning negotiation and bulk encryption/decryption operations are much more efficient than when performed on a web or application server. By allowing the ADC to SSL enable a site or application, it removes the need to modify the configuration on all web and application servers to support SSL, and ensures that other security solutions (IDS, IPS, logging) can be employed by terminating SSL at the edge of the network.
- Connection optimization
When an ADC proxies requests it manages connections to the servers. Because of this separation it can optimize the connections to servers and reuse connections to improve performance and reduce load on the servers. This makes the web and application servers more efficient and improves response times.