Application Management: A New Paradigm

A decade ago, most government applications were built on client/server environments and housed in agency data centers. Today, most applications are developed and managed in many different ways. They’re often developed collaboratively in the cloud, using innovative approaches like DevOps and agile software development.

And instead of consuming applications on PCs connected to data center servers, employees can now access applications on mobile devices, through an app service or the cloud. All of this requires changing the way applications are secured, delivered and monitored. Today’s applications must be able to work across different types of networks and be accessible by any device, located anywhere in the world. That means they must be fully available and secure at all times.

Agency networks generally use Application Delivery Controllers (ADC), network appliances that balance application workloads as needed. This helps ensure applications are always available, secure and performing optimally. Besides continuous load balancing and distribution, ADCs monitor server health and accelerate applications when needed with compression, caching and TCP optimization. More specifically, ADCs provide:

Layer 3, 4 and 7 load balancing and distribution: Layer 3 provides switching and routing technologies, while Layer 4 is the transport layer, responsible for transporting data between hosts. Layer 7 is the application layer, and routing is determined based on characteristics of the HTTP header, data type and contents.

Application acceleration: Different systems achieve this by different methods; including caching, TCP optimization, compression, and bandwidth optimization.

SSL offloading: This transfers terminating SSL sessions from the application server to the ADC.

DDoS protection: Protecting against Distributed Denial of Service attacks is more important than ever. ADCs pitch in by handling troublesome traffic instead of passing it on to application servers. They can also protect DNS servers via a DNS Application Firewall.

Web Application Firewall: This filters out bad HTTP traffic between a client and web application.

Most agency networks are already using ADCs, and the vast majority of them are hardware appliances. While they provide great value for traditional applications, they often can’t function as well in networks that have become more virtualized, cloud-enabled and software-based. They’re also running applications born in the cloud. They may have trouble scaling to accommodate large amounts of traffic. The devices must be patched and upgraded regularly, and they require on-site expertise for installation, configuring and troubleshooting.

In contrast, a virtual ADC (vADC)—a software-based system that manages applications in a virtual machine instead of a physical appliance—is more flexible, scalable and customizable. Because it is designed for virtualized and cloud environments, it works very well with applications developed and run in the cloud. Gartner’s latest Magic Quadrant for ADCs notes software-based ADCs are becoming more popular for these and other reasons.

Because they are controlled by software, vADCs can quickly scale as needed. This not only provides better performance and reliability, but helps agencies pay for more capacity only when required. The software architecture also makes it easier to add additional features and capabilities like application-level firewalls, authentication and authorization, and SSL processing when needed. Finally, advanced vADCs also support multi-tenancy. This essentially provides the ability to partition into multiple virtual ADCs.