Cisco Cisco ACE Application Control Engine Module Hoja De Datos
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 3 of 6
Feature
Benefit
Predictors
Predictors or load-balancing algorithms enable the Cisco ACE30 to select the best server to satisfy a client request.
Persistence and
stickiness
stickiness
Stickiness allows the same client to maintain multiple simultaneous or subsequent TCP or IP connections with the
same real server for the duration of a session.
same real server for the duration of a session.
Redundancy
Stateful failover capabilities help ensure resilient network protection for enterprise network environments. The Cisco
ACE30 integrates with Cisco GSS to provide a multiple data center scaling and failover system.
ACE30 integrates with Cisco GSS to provide a multiple data center scaling and failover system.
Server health monitoring The Cisco ACE30 checks the health of application servers and server farms through configuration of health probes.
Performance
Compression
The Cisco ACE30 delivers up to 6-Gbps hardware-accelerated data compression and provides fast application
performance for application users.
performance for application users.
SSL acceleration
The Cisco ACE30 integrates SSL acceleration technology, which offloads the encryption and decryption of SSL traffic
from external devices (servers, appliances, etc.), thereby allowing Cisco ACE to look more deeply into encrypted data
and apply security and application switching policies and help ensure compliance with internal and external
regulations.
from external devices (servers, appliances, etc.), thereby allowing Cisco ACE to look more deeply into encrypted data
and apply security and application switching policies and help ensure compliance with internal and external
regulations.
TCP offload
The Cisco ACE30 directs website traffic in the most efficient manner by analyzing and directing incoming traffic at the
request level. These capabilities enable highly specific application-layer policy and offload TCP processing from the
web servers, saving CPU cycles.
request level. These capabilities enable highly specific application-layer policy and offload TCP processing from the
web servers, saving CPU cycles.
Security
Data center security
The Cisco ACE30 protects the data center and critical applications from protocol and denial-of-service (DoS) attacks
and encrypts mission-critical content.
and encrypts mission-critical content.
Application security
The Cisco ACE30 provides deep protocol inspection capabilities, which enables IT professionals to comprehensively
secure high-value applications in the data center. It secures mission-critical applications and protects against identity
theft, data theft, application disruption, and fraud and defends web-based applications and transactions against
targeted attacks by professional hackers.
secure high-value applications in the data center. It secures mission-critical applications and protects against identity
theft, data theft, application disruption, and fraud and defends web-based applications and transactions against
targeted attacks by professional hackers.
Virtualized Services
Virtual contexts
Virtual contexts provide a means for creating resource segmentation and isolation, allowing the Cisco ACE30 to act as
if it were several individual virtual appliances within a single physical appliance. Virtual contexts enable organizations
to provide defined levels of service to up to 250 business departments, applications, or customers and partners from a
single Cisco ACE appliance.
if it were several individual virtual appliances within a single physical appliance. Virtual contexts enable organizations
to provide defined levels of service to up to 250 business departments, applications, or customers and partners from a
single Cisco ACE appliance.
Role-based access
control (RBAC)
control (RBAC)
RBAC allows organizations to specify administrative roles and restrict administrators to specific functions within the
appliance or virtual contexts, allowing each administrator group to freely perform its tasks without affecting the other
groups.
appliance or virtual contexts, allowing each administrator group to freely perform its tasks without affecting the other
groups.
Deployment and Management
Function consolidation
Through consolidation of application switching, SSL acceleration, data center security, and other functions on one
device, the Cisco ACE30 helps achieve better application performance, with fewer devices, simpler network designs,
and easier management.
device, the Cisco ACE30 helps achieve better application performance, with fewer devices, simpler network designs,
and easier management.
Investment protection
By default, the Cisco ACE30 supports virtualization with one administrator context and 250 user contexts, 30,000 SSL
transactions per second (TPS), and up to 6 Gbps of compression. The default throughput can be increased to up to 16
Gbps without the need for new equipment, through software license upgrades.
transactions per second (TPS), and up to 6 Gbps of compression. The default throughput can be increased to up to 16
Gbps without the need for new equipment, through software license upgrades.
Cisco ANM
Cisco ANM supports the management of virtual contexts and hierarchical management domains across multiple Cisco
ACE30 modules. This server-based management suite discovers, provisions, monitors, and reports across many
virtual contexts on multiple Cisco ACE30 Modules, making deployment transparent.
ACE30 modules. This server-based management suite discovers, provisions, monitors, and reports across many
virtual contexts on multiple Cisco ACE30 Modules, making deployment transparent.
Product Specifications
Table 2 presents the performance specifications for the Cisco ACE30.
Table 2.
Product Performance Specifications
Feature
Maximum Performance and Configuration
Throughput
4, 8, or 16 Gbps
Compression throughput
4 or 6 Gbps (using GZIP or Deflate)
Virtual contexts
250
SSL throughput
6 Gbps
SSL TPS
Up to 30,000 TPS using 1024-bit keys