Texas A&M University is the sixth-largest university in the country with 50,000 students. Its Provost IT Office (PITO) maintains IT assets and services for approximately 40 different departments that include Texas A&M’s admissions, financial aid, registrar, career placement, and study abroad student services. Because these departments represent many of the core services required to keep the University’s student-facing services operational, PITO needed to ensure that these services could continue to operate with minimal disruption in the event of hardware or software failures, security incidents, or routine maintenance needs. To meet this need, PITO has turned to load balancing web services across web server farms that help eliminate any single point of failure.
Prior to using Kemp’s load balancing solutions, PITO had deployed web server farms behind another vendor’s load balancing product. While this product served to meet some of the office’s needs, several deficiencies in the product caused issues, while other needs could not be met by the product’s available features. As a result, PITO began searching for a price-conscious load balancer replacement that could deliver a speedy interface, operated on Microsoft's Hyper-V hypervisor platform, and deliver high availability, security, and simplicity without sacrificing performance.
After evaluating multiple products, the Provost IT Office looked to Kemp’s Virtual LoadMaster (VLM) to manage user traffic and deliver high availability, high performance and ease of management for web-based applications. One issue with PITO's previous load balancer solution was a web interface described by IT Administrator Victor Delgado as “kludgy and slow,” and that led to small reconfiguration tasks consuming minutes of time. While one task in itself didn't present a problem, any major reconfiguration could take upwards of an hour to complete. Delgado explains that when you need to make 100 clicks to complete a change, even a delay of one or two minutes quickly adds up.
PITO's hypervisor platform of choice also presented a shift in needs. "Most virtual load balancers on the market require VMWare's ESX hypervisor, but our push has been to move to Hyper-V," said Delgado. As such, a load balancing solution that supported Hyper-V virtualization was a project requirement, and few products currently offer Hyper-V compatibility. Due to recent high-profile security concerns surrounding Sun's Java platform, the field of possible load balancer candidates was narrowed even further to offerings that didn’t rely on Java-based web administration consoles. Both of these concerns were answered by a move to the Kemp VLM-1000.
With external security threats being a top concern, having an IPS on the load balancing solution was a "must-have." While many load balancing solutions offered IDS and/or IPS, these features tended to be "black box" functions that provided little to no customization and could only be configured in an "on or off" state. The Kemp VLM solution offered PITO an industry-standard Snort format-compatible IPS that could be customized by any administrator familiar with writing Snort rules. The IPS functionality could also be tuned to various levels. This allowed PITO administrators to enforce different levels of IPS behavior ranging from highly aggressive automatic threat blocking down to a passive "log-and-alert-only" setting.
The Kemp VLM-1000 also offered Delgado a much more simplified SSL certificate management process that could be easily maintained at the load balancer. This simplified interface ended the need to maintain certificates on a vast array of web servers and provided an easy and painless interface for installing and swapping a variety of certificate formats seamlessly and almost instantaneously (.crt, .cer, and .pfx). The result – “headache-free SSL management with almost no client downtime” says Delgado.
The High-Availability functionality of the VLM load balancer line continued to provide load balancer redundancy, but unlike some other load balancing products, the PITO staff found it easy to setup and maintain. Administrators were presented with a single IP from which to maintain both load balancers, so during HA-mode operation and maintenance, there was no need to log in to multiple load balancers to determine which device was active - yet another time-saving feature that Delgado appreciated.
PITO staff found that the array of improved features was rounded out by a suite of supporting features that were previously unavailable or unsatisfactory on their former load balancers. These features included highly customizable email alerting, a host of in-depth reporting views on server and load balancer traffic and health statistics, flexible support for "Last Resort" redirection and complex URL redirection to support the decommissioning or changing or URL's, and a single-click feature that removed a physical server from service - a very valuable and time-saving feature when performing physical server troubleshooting or running routine software patches.
Because of their many hosted services and applications, TAMU’s Provost IT office needed a load balancing solution that provided power, convenience, and customization in one easy-to-use and secure solution. Delgado and his group did not want to have to “trade power for convenience,” nor could they sacrifice performance in order to save money. While several years ago Delgado said he had few choices in load balancers that met both price and performance considerations, he saw Kemp at the Microsoft Tech-Ed 2012 conference and realized that he did have a viable alternative to load balancing.
With Kemp’s VLM, the TAMU Provost IT Office was able to correct the day-to-day operational issues being experienced with their previous load balancers. The Kemp VLM load balancer now enables them to seamlessly manage highly available and secure web-based client services without unnecessary complexity, thus delivering time savings and increased productivity.