GEO-BASED GLOBAL APPLICATION PLATFORM

Smart and Simple Disaster Recovery Solution...

TADP®

Includes all features and performance of TADP®. With a licence upgrade TADP® turns into GGAP easily

Geo-Ultra Fast DNS Server

Authoritative only, memory efficient, highly secure and simple to configure domain name server.

Disaster Recovery

GGAP can seamlessly protect your business from just about any failure scenario with high availability.

TR7 Geo-Based Global Application Platform’s DNS server is based on NSD. NSD is an authoritative only, memory efficient, highly secure and simple to configure open source domain name server. NSD (name server daemon) is a server implementation for the Domain Name System (DNS). It is developed and maintained by NLnet Labs of Amsterdam in cooperation with the RIPE NCC. NSD was conceptually built from scratch as a purely authoritative name server; not implementing the recursive caching functions by design. A dedicated validating, resolving caching DNS program like Unbound DNS (unbound.conf) is a perfect complement to NSD allowing you to split your authoritative and resolving servers for significantly better security.

Geo-Ultra Fast DNS Server

NSD uses BIND-style zone-files; zone-files used under BIND (named) can usually be supplied unmodified in NSD once declared in the nsd.conf configuration. NSD manages zone information compiled via 'zonec' into a binary database file (nsd.db) which allows lightning fast start up of the NSD name-service daemon, syntax structural verification and flagging of errors at database compile-time. All this before being made available to NSD service itself. Once NSD is running the database file grants the DNS server a very light memory footprint and incredibly fast domain name service ability even under extremely high network load. Much faster than BIND could ever achieve.

NSD is currently implemented on at least three(3) of the primary Internet ROOT name servers:

k.root-servers.net is run by Ripe NNC and is a not-for-profit membership association under Dutch law. K root switched to NSD on February 19, 2003. The primary nodes are located in Amsterdam, NL, London, GB, Tokyo, JP, Miami, Florida, US and Frankfurt, DE. The K root server cluster endows 20,000 queries per second on average.

h.root-servers.net are managed by the United States Army Research Laboratory (ARL), formerly known as the Ballistics Research Laboratory (BRL), and consist of three(3) load-balanced "servers" all running NSD called "h1", "h2", "h3". ARL is home to one of the world's largest supercomputing facilities and resides on the high-speed Defense Research and Engineering Network (DREN). Current statistics show the three "servers" receive and average of 60 megabytes per second of traffic; around 13,500 UDP packets per second.

l.root-servers.net is operated by the ICANN DNS operations team and was migrated to to NSD on February 6, 2007. This server handles around 8000 queries per second.

Several other TLDs use NSD for part of their server implementation and it is also in use by several top-level domain registries. NSD is implemented as the name server software of some DNSSEC appliances too.

Cross-region load balancing

The network load balancing scenario above scales well for a single region, but to extend the service across regions, you would need to employ unwieldy and sometimes problematic solutions. By using HTTP load balancing in this situation, you can use a global IP address that is a special IP that can intelligently route users based on proximity. You can increase performance and system reliability for a global user base by defining a simple topology.

In this situation, you define global forwarding rules that map to a target HTTP proxy, which routes requests to the closest instances within a back-end service. The back-end service objects defines the groups of instances that are able to handle the requests.

Performance

Disaster Recovery

TR7 Geo-Based Global Application Platform (GGAP) can seamlessly protect your business from just about any failure scenario with high availability. From simple server outages to the loss of an entire data center TR7 Disaster Recovery strategy has you covered.

Mission critical applications and network services are always vulnerable to infrastructure failures. Cautious network architects specify redundancy wherever possible as a matter of course. Fully redundant power, multiple network uplinks, routing and switching redundancy and server load balancers all help eliminate single points of failure, but as recent natural disasters have proven, the data center itself is a potential single point of failure. True failure resiliency can only be achieved when application servers are dispersed across two or more datacenters in different geographic regions.

TR7 Geo-Based Global Application Platform provides a simple and resilient means of managing and distributing application traffic between multiple data centers.

TR7 GGAP technology enhances the Internet standard DNS protocol to provide Geographic Server Load Balancing (GSLB). GGAP monitors resource availability and performance and uses that information to direct Internet clients to the best site at any given time. GGAP is server load balancing taken to the next logical level; server load balancers distribute traffic between servers located at a particular datacenter, GSLB intelligently balances traffic across multiple datacenters.

Above, we’ve discussed the disaster recovery and fault tolerance advantages of GGAP. Another benefit of GGAP is the ability to direct client traffic to the data center providing the best user experience. “Availibity Checking”, a core feature of GGAP, determines network latency between each client and each data center, directing clients to the “closest” (in network terms) servers.

Multi-site load balancing is a complex problem, but fortunately there’s a simple solution. TR7’s Solution Engineers are happy to work with you to design a high availability or disaster recovery strategy which meets your technical and budgetary needs.

Load balancing

  • Network load balancing (layer4)
    • TCP & UDP Port relay
    • Direct DNS load balancing
    • Service Redirector
    • Full Transparency (client IP → backend servers)
  • Application load balancing (layer 7)
  • Support for all IPv4 and IPv6 protocols
  • SSL support
  • SNI-SSL-based virtual host support
  • Native support for Web Services and Web Sockets (via a configuration management API)
  • Content-based, intelligent query routing (content switching)
  • Session persistence and maintenance management using cookies
  • Application cookie learning such as PHPSESSID, JSESSIONID, ASP.NET SessionID and others
  • Traffic Compression
  • Replication of session status between all parallel TR7(s)
  • Wide selection of balancing algorithms (round-robin, leastconn, hash…) with weighting
  • Smooth server startup and shutdown
  • Hashing algorithms optimized for proxy farms
  • Support for Reverse-proxy, NAT, Direct Server Return and VIP-less modes
  • Global Load Balancing(The concept of load balancing to different datacenters or even countries)
  • Load Balancing for Microsoft Products
    • Exchange, SharePoint, Lync, etc

High application availability

  • Continuous server and application health checks
  • Traffic spike smoothing to protect servers against overloads
  • Management of crippled mode if a production server crashes (rerouting to a backup server)
  • Session persistence and maintenance management on TR7 in standby mode

Application security

  • Protocol validation (HTTP)
  • Protection against denial-of-service attacks (DoS, DDoS), worms, SQL code injections, etc.
  • Enforcement of connection, query and throughput thresholds by source IP
  • Management of black/white lists
  • Rewriting and Redirecting URLs
  • Advanced URL filtering and ability for authentication-based restriction
  • Blocking of information leaks and protection of sensitive information
  • Filtering HTTP/HTTPS queries and responses
  • HTTP header manipulation

Application performance

  • Unlimited management of IP:port pairs using a virtual server
  • Generation of detailed application logs in place of servers (which frees up server resources)
  • TCP/HTTP acceleration through buffering
  • Server connection concentration with dynamic load balancing
  • Blocking malicious or needless HTTP queries

In virtual environments

  • Application Delivery Platform® Virtual Appliance is designed to integrate seamlessly into virtual environments or architectures designed for Cloud Computing.
  • Total Application Delivery Platform®’s functions are available as a
    • VMware™
    • Microsoft Hyper-V™
    • Citrix XenServer™
    • Red Hat™ Enterprise Virtualization
    • KVM (Kernel-based Virtual Machine)
    • Xen
    virtual images.

Virtual Appliance

  • For organizations, hosting providers and datacenters that have set up virtualized and/or pooled IT infrastructures such as Cloud Computing, TR7 provides its Total Application Delivery Platform® as a virtual appliance.

Powerful Web Accelerator

  • High-speed caching system to offload your web servers and decrease page load times.
  • Object Caching
  • All the images, JavaScript, style sheets and whatever static page contents that may have.
  • Simple programming features such as constants, conditional statements, and subroutines.
  • Intelligently adjust expiry times, content settings, compression
  • Content Rewriting
    • Add a head element to the document if not already present.
    • Combine multiple CSS elements into one.
    • Combine multiple script elements into one.
    • Add a response header for each Meta tag with an http-equiv attribute.
    • Convert larger JPEGs to progressive format.
    • Extend cache lifetime of CSS, JS, and image resources that have not otherwise been optimized, by signing URLs with a content hash.
    • Rewrite resources referenced in any CSS file that cannot otherwise be parsed and minified.
    • Inline CSS by flattening all @import rules.
    • Inline small CSS files into the HTML document.
    • Inline style tags comprising only CSS @imports by converting them to equivalent link tags.
    • Inline small JS files into the HTML document.
    • Rewrite CSS files to remove excess whitespace and comments, and, if enabled, rewrite or cache-extend images referenced in CSS files.
    • Optimize images, re-encoding them, removing excess pixels, and in lining small images.
    • Rewrite JavaScript files to remove excess whitespace and comments.
    • Rewrite the CSS in style attributes in text.
    • Cache protected content
  • Traffic Compression
  • HTTP Authentication & Authorization Caching
  • Purging
  • Avoiding Internal Server Errors
  • Filtering any part of the client's request and server's response.

Integration and administration

  • VLAN (802.1q), multisite VPN (IPSec or SSL) support
  • Network interface bridging and bonding
  • Support for Syslog, SNMP, traps SNMP, VRRP(&CARP) and NTP standards
  • Integration in proxy or transparent proxy mode
  • Advanced monitoring and logging, status of services and applications, connection details, activity statistics
  • Web or CLI administration interface (SSH or serial port access)
  • Malfunction diagnostic tools
  • Multi-layer administration (monitoring and configuration)
  • Cloud Administration
  • Frontend (IP:port), backend servers based restricted load balance cloud users
  • Unlimited User
  • Configuration management and provisioning API via REST/JSON web service and SSH
  • Management of multi-tenant architecture configuration via the configuration API

To install a TADP on the hardware platform of your choice

  • Total Application Delivery Platform® is also embedded on SSD (Solid State Disk) memory. It is compatible with most commercial servers which give companies the ability to select the hardware platform that will house the TADP.

Same features as the hardware appliance version

  • Total Application Delivery Platform® on SSD provides the entire layer 4 (network) and 7 (application) full features available for the hardware appliances. Processing performance depends on the hardware platform.

Compatible with many commercial servers

  • Total Application Delivery Platform® on SSD can be adapted to major commercial hardware platforms (including Dell, IBM, NEC, HP, SuperMicro and Tyan) so companies, hosting providers and datacenters, which have a master contract with a manufacturer, do not have to integrate heterogeneous hardware into their existing environment

HW Models
TR-1160
TR-8877
TR-7141
TR-7145
TR-7120
TR-10520
Platform attributes
Processor Intel® Xeon® Processor E3-1200 Series Intel® Xeon® Processor E5-2600 Series Dual Intel® Xeon® Processor E5-2600 Series Intel® Xeon® Processor E5-2600 Series Dual Intel® Xeon® Processor E5-2600 Series Quad Intel® Xeon® Processor E5-2600 Series
Core/Thread 4 Core / 8 Thread 8 Core / 16 Thread 2 x (10 Core / 20 Thread) 2 x (8 Core / 16 Thread) 2 x (6/8 Core / 12/16 Thread) 4 x (8 Core / 16 Thread)
Memory 32 GB 64 GB 128 GB 128 GB 96 GB (up to 384 GB) 128 GB (up to 256 GB)
Ethernet ports* 8 x GbE copper RJ45 ports
1xNetwork Module
4x Network Modules 14 x GbE copper RJ45 ports
6 x 10G SFP+
A-8x Network Modules (Up to 64 x GbE)
D-4x Network Modules(Up to 32 x GbE)
5x Network Modules* (Up to 40 x GbE) 14 x GbE copper RJ45 ports,
6 x 10G SFP+
Transceivers 10GE SFP+: SR, LR;
1 GE SFP: SX, LX
10GE SFP+: SR, LR;
1 GE SFP: SX, LX
10GE SFP+: SR, LR 10GE SFP+: SR, LR;
1 GE SFP: SX, LX
10GE SFP+: SR, LR;
1 GE SFP: SX, LX
10GE SFP+: SR, LR;
1 GE SFP: SX, LX
On-Demand Upgradable N/A Yes N/A Yes Yes Yes
Hard Drive 2x1TB SATA or 2x 500GB SSD (RAID) 2x1TB SATA or 2x 500GB SSD (RAID) 1TB SATA or 500GB SSD (RAID) 4x2TB SATA(D) or 2x2TB SSD(A) (RAID) 2x1TB SATA or 2x500GB SSD (RAID) 3x2TB SATA (RAID)
Platform performance
System throughput, Gbps 8 16 40 32 32 64
L7 HTTP requests/sec 400.000 800.000 2.000.000 1.600.000 1.600.000 3.200.000
SSL transactions/sec
(2K key certificates)
5.000 10.000 25.000 20.500 20.000 40.000
Total SSL throughput, Gbps
(* bulk encryption)
20 48 120 96 96 192
Compression throughput, Gbps
Intel Compression Benchmark
6 10 50 40 40 80
Platform mechanical, environmental and regulatory
Height 1U 1U 1U 2U 2U 2U
Power Supplies 250W 1+1 redundant power supply 400W 1+1 redundant power supply 650W 1+1 redundant power supply 650W 1+1 redundant power supply 460W 1+1 redundant power supply 910W 1+1 redundant power supply
Input voltage and frequency ranges 100-240VAC full range, 47-63 Hz 100-240VAC full range, 47-63 Hz 100-240VAC full range, 47-63 Hz 100-240VAC full range, 47-63 Hz 100-240VAC full range, 47-63 Hz 100-240VAC full range, 47-63 Hz
Optional DC power supply No No No No Yes Yes
Max power supply 250W 850 BTU/Hr 400W 1360 BTU/Hr 650W 2210 BTU/Hr 650W 2210 BTU/Hr 460W 1564 BTU/Hr 910W 3094 BTU/Hr
Typical power consumption 185W 629 BTU/Hr 300W 1020 BTU/Hr 500W 1700 BTU/Hr 500W 1700 BTU/Hr 360W 1229 BTU/Hr 800W 2720 BTU/Hr
Weight Without packing: 8kg , With packing: 12kg Without packing: 10kg , With packing: 16kg Without packing: 12kg , With packing: 18kg Without packing: 20kg , With packing: 28kg Without packing: 19kg , With packing: 27kg Without packing: 28kg , With packing: 36kg
Chassis Dimensions 44mm x 430mm x 450mm 44mm x 580mm x 438mm 44mm x 550mm x 440mm 87,7mm x 600mm x 444mm 88mm x 579.8mm x 430mm 87mm x 690mm x 444mm
Carton Dimension 560mm x 620mm x 190mm 560mm x 620mm x 190mm 560mm x 620mm x 190mm 640mm x 800mm x 310mm 640mm x 800mm x 310mm 720mm x 960mm x 440mm
Operating temperature 0℃ - 40 ℃ 0℃ - 40 ℃ 0℃ - 40 ℃ 0℃ - 40 ℃ 0℃ - 40 ℃ 0℃ - 40 ℃
Operating / storage -20℃ ~70℃ -20℃~70℃ -20℃~70℃ -20℃ ~70℃ -20℃~70℃ -20℃~70℃
Allowed relative humity 5%-95%, non-condensing 5%-95%, non-condensing 5%-95%, non-condensing 5%-95%, non-condensing 5%-95%, non-condensing 5%-95%, non-condensing
Approvals and Compliance CE approval,FCC Class A, UL CE (EMC), FCC Class A, RoHS CE (EMC), FCC Class A, RoHS CE emission, FCC Class A, RoHS, UL CE approval,ΠFCC Class A,ΠUL CE emission, FCC Class A
Software attributes
Hardware Encryption Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology Intel® Data Protection Technology with AES-NI and Secure Key *optional Intel®Cave Creek Technology
Software Encryption Intel ® Integrated Performance Primitives (IPP) crypto Intel ® Integrated Performance Primitives (IPP) crypto Intel ® Integrated Performance Primitives (IPP) crypto Intel ® Integrated Performance Primitives (IPP) crypto Intel ® Integrated Performance Primitives (IPP) crypto Intel ® Integrated Performance Primitives (IPP) crypto
L3 & L7 Security Yes Yes Yes Yes Yes Yes
WAF Yes Yes Yes Yes Yes Yes
GeoDNS Yes Yes Yes Yes Yes Yes
Tired Cache Yes Yes Yes Yes Yes Yes
Max. Cache (RAM) 30 GB 60 GB 120 GB 120 GB 360 GB 240 GB
Max. Cache (DISK) Up to Disk Limit (Stripe RAID) Up to Disk Limit (Stripe RAID) Up to Disk Limit (Stripe RAID) Up to Disk Limit (Stripe RAID) Up to Disk Limit (Stripe RAID) Up to Disk Limit (Stripe RAID)