Features - VMware by Broadcom AVI Load Balancer

Rapid App Deployment and Simplified Operations

A plug-and-play, fast-to-deploy, easy-to-use load balancing solution is critical for all applications (virtualized or container-based) across on-premises and cloud environments. Legacy hardware load balancers lack the elasticity, flexibility, and simplicity needed to deliver applications quickly, securely and reliably. The rise of containers, automation and self-service mandates a shift to software-defined architectures, overcoming the limitations of the appliancebased approach while delivering enterprise-grade features with a cloud operating model.

Software-Defined Platform Capabilities

The VMware Avi Load Balancer has a software-defined architecture that separates the central control plane (Controller) from the distributed data plane (Service Engines). Avi Load Balancer has 100% REST APIs, making it fully automatable and self-service with the CI/CD pipeline for application delivery. Avi auto scales on-demand and auto heals with a resilient fabric, reducing complexities and cost with 10x less devices to manage, configure and upgrade.

Policies and lifecycle management are centralized from the Controller, with full control over licenses across multiple sites via Cloud Console. DR and resilience plan for Avi is a simple license reallocation, without the complexity and cost associated with idle capacities on standby. Advanced application analytics is the secret sauce for fast troubleshooting and rapid app issue resolution, leading to better end user satisfaction. Avi secures Kubernetes workloads with container ingress and protects applications with context-aware web and API security. Security policies are kept current through live threat updates via Cloud Console.

Local and Global Load Balancing

Avi Load Balancer provides local and global server load balancing in one platform. Controller is the “brain” of the system and acts as a single point of intelligence, management, and control across a distributed fabric of enterprise-grade load balancing, application security, container ingress and analytics. The Controller provides decision automation based on closed-loop telemetries and presents actionable insights based on based on application monitoring, end-to-end timing, searchable traffic logs, security insights, log insights, client insights, and more. The Cloud Console also delivers an always-on, as-a-service consumption model for operational capabilities such as central licensing, security feeds, and proactive support.

Avi Load Balancer is the load balancer of choice for VCF, fully integrated and supported with plug-and-play ease of use. With VCF’s SDDC manager, lifecycle management of load balancers is automated in the VCF workload domains, whose benefits such as resource isolation, customizable infrastructure, integrated security, scalability, automation and orchestration, are inherited through native integrations. Customers can now enable self-service capabilities to DevOps teams with ease, through Avi’s integration with VCF Automation (formerly Aria Automation) offering application teams access to L4-L7 load balancing services. This enables application and infrastructure teams to immediately deploy load balancing at the time of application provisioning, with minimal know-how of load balancing technology or the need to create manual tickets.

Web App and API Security

Avi Load Balancer features a web application firewall (WAF), bot management and API protection. Customers can enforce security through signatures, positive security model and application learning mode. Avi WAF protects against OWASP Top 10 Threats, updates CRS, supports compliance requirements such as PCI DSS, HIPAA, and GDPR. With an optimized security pipeline, Avi maximizes the efficiency of resource-intensive operations. Cloud Console provides live feeds of new threat updates including IP reputation, bot detection, signatures, and more, and automatically minimize false positives with advanced security analytics, detection, and enforcement modes. With real-time app security insights and analytics provide actionable insights on performance, end-users and security events in a single dashboard with end-to-end visibility.

Point-and-click simplicity for security policies with central control

Elastic scale with high performing, load based automatic scale-out architecture

Granular security insights on traffic flows and rule matches for precise policies

Automated threat updates through Cloud Services

Real-time app security insights and analytics

Protects applications from DDoS attacks and OWASP Top 10 threats

Kubernetes Ingress Services

Modern application architectures based on microservices have made appliance-based load balancing solutions obsolete. Containerized applications deployed in Kubernetes clusters need a scalable and enterprise-class solution for load balancing, global and local traffic management, service discovery, monitoring/analytics, and security. However, this should not be done in a disparate way with siloed DIY products to be stitched together all by the platform teams. Enterprises adopting Kubernetes need a cloud-native approach for traffic management and application networking services. Avi introduces the Gateway API, a next-gen Kubernetes ingress with standardized and native deployment to K8s, enhancing automation and future-proofing customers for Kubernetes and serverless workloads. For modern container-based applications, Avi Load Balancer offers a consolidated set of container services including cloud-native, scalable, enterprise-class container ingress traffic management, dynamic service discovery, and security.

Traffic Management & Service Discovery

Local and global load balancing
DNS / IPAM / Circuit Breaking
Health Monitoring
LS termination, Cert management / automation
CI/CD and Blue-Green / Canary deployments

Security & Observability

DOS detection / mitigation
WAF
Authentication
Allowlist / Denylist
Rate Limiting
Application and infra performance metrics
Transaction tracing & fine-grained logging
Bot Detection

VMware by Broadcom AVI Load Balancer