The Pulse Secure Blog

Exploring and Discussing Secure Access Trends and Technologies

Cloud Applications Like You’ve Never Seen Before

Cloud computing is the norm. According to IDG, 90% of organizations either have apps running in the cloud or plan to within the next three years. Cloud models include private (62%), public (60%), and hybrid (26%). But even that doesn’t tell the full story, since businesses frequently use multiple clouds within their deployments. With applications in data centers, private clouds, and one or more public clouds, it can be challenging to ensure superior performance for customers on a global scale.

Application Delivery Controllers (ADCs) are frequently employed to optimize performance. But ADCs were originally built on and for hardware. Even when ADC providers create software products, they tend to be based in a large degree on legacy hardware versions. They are adapted for a virtualized cloud environment rather than being born in it. Such adaptations rarely work flawlessly due to the design constraints of hardware appliances.

In contrast, Pulse Secure’s Virtual Application Delivery Controller (vADC) solution was designed and developed as a pure software product. Consequently, it has greater fluency in virtualized and cloud environments than other ADCs.

For example, in a hybrid scenario, Pulse Secure’s vADC looks and functions the same, regardless of where it is deployed. So, whereas AWS and Google function slightly differently as cloud environments, vADC handles the unique network aspects of each cloud transparently, enhancing administration, management, usability, and performance. The same is true for applications located in data centers or private clouds. In all cases, Pulse Secure’s vADC effortlessly optimizes application performance.

Such flexibility in the cloud is increasingly critical as businesses go global. For instance, suppose a company has tens of thousands of users accessing their website simultaneously around the world. In this scenario, where users are routed makes a difference in performance – and in the customer experience. The vADC ensures that users are directed to applications housed in the public cloud, private cloud, or physical data center located nearest to them, whether that is in Shanghai, New York, London, etc. By guaranteeing geo-proximity, the user experience is maximized with excellent response time, availability, and reliability.

But the vADC solution not only supports flexibility in application deployment: it also offers flexibility in licensing.

In a traditional licensing model, an ADC instance is spun up on a virtual appliance or virtual machine – in the cloud or in a data center – and that instance needs to have a license associated with it. But instances tend to multiply; therefore, licenses multiply as well. Having dozens, hundreds, or thousands of instances, users, and licenses is not far-fetched – it is common. And complex. And costly.

The Pulse Secure vADC solves this dilemma with Services Director. Businesses can purchase a bandwidth pack and split that bandwidth across however many instances are necessary, without worrying about procuring individual licenses. For example, a business could purchase 50GBps of bandwidth, and use it to spin up five instances that use 10GBps of bandwidth each, or fifty instances that have a cap of 1GBps each.

Figure 1: Pulse Secure Services Director

Similarly, cloud services providers (CSPs), who may have tens of thousands of instances for their customers, can use Services Director to automatically generate licenses each time an instance is spun up. The Services Director then meters each instance, both from a health perspective and a usage perspective. When an instance is no  longer needed, it is discontinued. At the end of the month, the CSP pays for exactly the instances consumed. For example, there may have been 3500 instances running for 22 days at one license level, and 1200 instances running for five days at another license level. The advantage is that the CSP does not have to purchase licenses upfront, or spend unnecessarily on over-provisioning. What is used by the CSP’s customers is what is paid for – no more, no less.

Finally, Pulse Secure’s vADC has security baked into the solution with proactive Layer 7 security that protects applications. Plus, it gives systems administrators the option to configure various additional types of constraints (e.g., limit connections, blacklist IP addresses) in order to customize security for their needs.

Businesses can also choose to take advantage of Pulse Secure’s vADC Web Application Firewall (WAF), which is designed to protect applications against attacks that come via normal web traffic, such as SQL injection or cross-site scripting. Applications are typically coded for functionality, not security, and the WAF prevents any vulnerabilities the application may have from being exploited by examining requests before they reach the application itself. Suspicious requests are blocked and logged for further investigation.

The net result is that you – and your customers – will experience cloud applications like you have never seen them before: optimized, cost-effective, and secure … all wrapped up in a package that makes everything easy!