How to Choose Between Software- and Hardware-Based Load Balancers

When load balancers first became available, most organizations used them to distribute workloads throughout their networks to ensure the availability of applications and services. As the technology evolved, however, load balancers became platforms for application delivery, ensuring that critical applications remained available and secure. Basic load balancing is still the foundation of application delivery, but now that’s just one component of what application delivery controllers can do. 

Today, ADCs offer much more enhanced functionality, such as Transmission Control Protocol optimization and Secure Sockets Layer offload. ADCs act as rule engines and acceleration devices, and many now have built-in security features, such as firewall, web application firewall, and identity and access management capabilities. 

The ADC’s core function is to ensure that websites and applications are highly available, fast and secure. It detects failure criteria and reroutes traffic to other servers to protect against downtime. It protects speed by applying a variety of techniques (such as TCP optimization and HTTP compression) to accelerate the transmission and delivery of data packets. Finally, it secures traffic through SSL session encryption and other protections.

Organizations can choose hardware- or software-based ADCs, depending on their needs. The most obvious difference is that hardware load balancers require rack-and-stack appliances, while software load balancers are simply installed on a standard x86 server, virtual machine or cloud instance. Hardware load balancers are sized to handle peak traffic loads; software solutions are typically licensed based on bandwidth consumption.

Software-based application delivery controllers provide an agile, flexible and efficient way to deploy advanced application and security services and accelerate deployments with automation. Cloud-native integration uses native security, automation and telemetry solutions to augment cloud applications and environments. Flexible consumption models allow organizations to adopt licensing strategies that best meet their needs.

In addition, many organizations have deployed applications across multiple cloud environments, both public and private. This may make it difficult to implement advanced, consistent and compliant application services for every application in an organization’s portfolio. Organizations are also expanding beyond traditional monolithic applications and deploying more modern, dynamic application architectures, such as containers and microservices, that have unique requirements. Software-based load balancers work well in these environments, providing application traffic processing across all leading hypervisors and cloud platforms.

Software-based application delivery can be provisioned and configured automatically by network operators and developers alike, so it can be used within continuous integration/continuous delivery pipelines. This helps ensure that all applications are deployed with the necessary security, compliance and traffic management capabilities.

The primary driver for hardware-based ADCs is performance. Typically, dedicated processors in a hardware-based appliance will handle the most resource-intensive tasks — such as SSL offload, distributed denial of service protection and User Datagram Protocol traffic processing — more effectively than the general CPU employed by a software-based ADC running on a server. This results in better performance, with very low latency.

Multitenancy is another consideration. Large enterprises may want a multitenant device to be shared across business units, and hardware has major advantages for that use case as well. 

Finally, hardware-based ADCs enable organizations to achieve compliance at scale, which is critical for sectors such as state and local government. These ADCs are frequently certified for Federal Information Processing Standards and the Common Criteria security framework, which allows them to meet regulatory requirements while providing powerful protection. 

Ultimately, an ADC can deliver valuable capabilities whether hardware- or software-based. Organizations just need to determine which option best meets their needs.

Story by Ozzie Marmara, who is the F5 resource at CDW. He has more than 10 years of extensive experience designing, deploying and managing WAN/LAN environments and services. He is highly familiar with application delivery, security solutions and database operations.