LoadMaster Feature List

LoadMaster includes a set of core features for application delivery that are enhanced with Subscriptions that add enhanced features.

Features included with all LoadMasters

General

  • Server Load Balancing (SLB) for TCP/UDP based protocols
  • TLS (SSL) Offload
  • Layer 7 Content Switching
  • Transparent caching for HTTP/HTTPS
  • Compression of static and dynamic HTTP/HTTPS content
  • Up to 1000 Virtual and 1000 Real Servers
  • NAT-based forwarding
  • Support for Direct Server Return (DSR) configurations
  • Configurable S-NAT support
  • VLAN Trunking (802.1Q) Link interface bonding (802.3ad)
  • IPv6 support for addressing and features
  • IPv6 - IPv4 bidirectional conversion
  • High Availability (Active/Standby)

Health Checking

  • Aggregated health checks
  • ICMP health checking
  • Layer 7 checking against any target server port
  • Active/Hot Standby configurations for High Availability
  • Stateful Failover
  • Scale-out Clustering
  • Aggregated health checks

Session Persistence

  • Source IP (L4)
  • TLS (SSL) SessionID (L4)
  • HTTP/HTTPS Browser-session (L7)
  • HTTP/HTTPS WebClient-session (L7)
  • RDP Login ID (L7)
  • Port Following for mixed HTTP/HTTPS sessions
  • Session reconnection for Microsoft RDS

Scheduling and Balancing Methods

  • SDN Adaptive
  • Round Robin
  • Weighted Round Robin
  • Least Connection
  • Weighted Least Connection
  • Agent-based Adaptive
  • Chained Failover (Fixed Weighting)
  • Source-IP Hash
  • Layer 7 Content Switching
  • Global Server Load Balancing (GSLB)
  •  AD Group based traffic steering

SSL/TLS Features

  • Configurable TLS (1.0, 1.1, 1.2) and SSL (2.0, 3.0)
  • Support for EV (Extended Validation) certificates
  • OCSP certificate validation
  • Server Name Identification (SNI) support
  • Support for up to 1,000 TLS (SSL) certificates
  • Automated TLS (SSL) certificate chaining
  • Certificate Signing Request (CSR) generation
  • STARTTLS mail protocols (POP3, SMTP, IMAP)
  • Certified FIPS 140-2 Level 1 encryption module
  • FIPS 140-2 Level 2 Hardware Security Module option on LM-8xxx models

Administration

  • Change auditing
  • Web User Interface (WUI)
  • SSH & physical console
  • RESTful and PowerShell APIs
  • VMware vRealize Orchestrator
  • Context based help (WUI)
  • Real time display of performance and availability
  • Application templates
  • Remote syslogd support
  • Automated configuration backup
  • Selective restore of configuration
  • Connection draining
  • Comprehensive logging and reporting
  • SNMP support
  • Diagnostic shell with in-line tcpdump

Security

  • Permit /Deny Access Control Lists
  • IP address filtering
  • IPsec Tunnel support
  • DDoS mitigation, including L7 rate based attacks
  • IPSec VPN to Azure, AWS and vCloud Air public clouds
  • Authenticated NTP

Features enabled by Subscription

LoadMaster subscriptions enable additional features and services.

Edge Security Pack (ESP) Features

  • Microsoft TMG replacement
  • Pre-Authentication
  • Multi-Domain authentication & SSO
  • X.509 client certificate authentication
  • Custom login forms
  • Two factor authentication
  • SAML, Active Directory, RADIUS & LDAP
  • Forms to Forms based authentication

Intrusion Prevention

  • Snort Compatible IPS
  • Permit/Deny IP by address
  • Automated IP reputation updates for GSLB

Web Application Firewall (WAF)

  • Real-time application threat mitigation
  • Daily rule updates
  • Threats Mitigated
    • Cookie tampering
    • Cross site request forgery
    • Cross site scripting
    • Data loss prevention
    • SQL Injection
  • PCI-DSS Section 6.6 compliance

Global Server Load Balancing (GSLB)

Scheduling and Balancing

  • Round Robin
  • Weighted Round Robin
  • Chained Failover (Fixed Weighting)
  • Regional
  • Real Server Load
  • Location Based

Security

  • Black List (Access Control List)
  • IP reputation filtering with automatic updates
  • DDoS mitigation

Health Checking & Failover

  • ICMP health checking of server farm machines
  • Layer 4 TCP checking
  • Automatic reconfiguration for defective real server
  • Active/Active High Availability