LoadMaster Feature List
LoadMaster includes a set of core features for application delivery that are enhanced with Subscriptions that add enhanced features.
Features included with all LoadMasters
General
- Server Load Balancing (SLB) for TCP/UDP based protocols
- TLS (SSL) Offload
- Layer 7 Content Switching
- Transparent caching for HTTP/HTTPS
- Compression of static and dynamic HTTP/HTTPS content
- Up to 1000 Virtual and 1000 Real Servers
- NAT-based forwarding
- Support for Direct Server Return (DSR) configurations
- Configurable S-NAT support
- VLAN Trunking (802.1Q)
- Link interface bonding (802.3ad)
- IPv6 support for addressing and features
- IPv6 - IPv4 bidirectional conversion
- Full HTTP/2 Support
- High Availability (Active/Standby)
Health Checking
- Aggregated health checks
- ICMP health checking
- Layer 7 checking against any target server port
- Active/Hot Standby configurations for High Availability
- Stateful Failover
- Scale-out Clustering
- Aggregated health checks
Session Persistence
- Source IP (L4)
- TLS (SSL) SessionID (L4)
- HTTP/HTTPS Browser-session (L7)
- HTTP/HTTPS WebClient-session (L7)
- RDP Login ID (L7)
- Port Following for mixed HTTP/HTTPS sessions
- Session reconnection for Microsoft RDS
Scheduling and Balancing Methods
- SDN Adaptive
- Round Robin
- Weighted Round Robin
- Least Connection
- Weighted Least Connection
- Agent-based Adaptive
- Chained Failover (Fixed Weighting)
- Source-IP Hash
- Layer 7 Content Switching
- Global Server Load Balancing (GSLB)
- AD Group based traffic steering
SSL/TLS Features
- Configurable TLS (1.0, 1.1, 1.2) and SSL (2.0, 3.0)
- Support for EV (Extended Validation) certificates
- OCSP certificate validation
- Server Name Identification (SNI) support
- Support for up to 1,000 TLS (SSL) certificates
- Automated TLS (SSL) certificate chaining
- Certificate Signing Request (CSR) generation
- STARTTLS mail protocols (POP3, SMTP, IMAP)
- Certified FIPS 140-2 Level 1 encryption module
- FIPS 140-2 Level 2 Hardware Security Module option on LM-8xxx models
Administration
- Change auditing
- Web User Interface (WUI)
- SSH & physical console
- RESTful and PowerShell APIs
- VMware vRealize Orchestrator
- Context based help (WUI)
- Real time display of performance and availability
- Application templates
- Remote syslogd support
- Automated configuration backup
- Selective restore of configuration
- Connection draining
- Comprehensive logging and reporting
- SNMP support
- Diagnostic shell with in-line tcpdump
Security
- Common Criteria (ISO/IEC 15408) Certified
- Permit /Deny Access Control Lists
- IP address filtering
- IPsec Tunnel support
- DDoS mitigation, including L7 rate based attacks
- IPSec VPN to Azure, AWS and vCloud Air public clouds
- Authenticated NTP
Features enabled by Subscription
LoadMaster subscriptions enable additional features and services.
Edge Security Pack (ESP) Features
- Microsoft TMG replacement
- Pre-Authentication
- Multi-Domain authentication & SSO
- X.509 client certificate authentication
- Custom login forms
- Two factor authentication
- SAML, Active Directory, RADIUS & LDAP
- Forms to Forms based authentication
Intrusion Prevention
- Snort Compatible IPS
- Permit/Deny IP by address
- Automated IP reputation updates for GSLB
Web Application Firewall (WAF)
- Real-time application threat mitigation
- Updated reputation data daily
- Threats Mitigated
- Cookie tampering
- Cross site request forgery
- Cross site scripting
- Data loss prevention
- SQL Injection
- PCI-DSS Section 6.6 compliance
Global Server Load Balancing (GSLB)
Scheduling and Balancing
- Round Robin
- Weighted Round Robin
- Chained Failover (Fixed Weighting)
- Regional
- Real Server Load
- Location Based
Security
- Black List (Access Control List)
- Updated reputation data daily
- DDoS mitigation
Health Checking & Failover
- ICMP health checking of server farm machines
- Layer 4 TCP checking
- Automatic reconfiguration for defective real server
- Active/Active High Availability
About LoadMaster
