22 May 2024
An application delivery controller (ADC) is a networking device used to optimize the delivery of applications over the internet, typically as part of an application delivery network (ADN).
An ADC can be a hardware appliance or software program and is generally placed in the demilitarized zone (DMZ) of an enterprise network, between the firewall and one or more application servers. ADCs serve as reverse proxies that receive, decrypt, validate and route client requests before sending encrypted responses back to the user.
ADCs help businesses modernize network applications, accelerate connections between client machines and web servers, streamline global server load balancing (GSLB) and increase overall app availability for end users.
Keep your head in the cloud
Get the weekly Think Newsletter for expert guidance on optimizing multicloud settings in the AI era.
The evolution of application delivery controllers is closely linked to the development of web applications, data centers and the broader field of network management.
In the late 1990s and early 2000s, as the internet commercialized and web traffic increased in kind, businesses needed a way to ensure that websites and apps could handle high-volume application traffic efficiently. The primary challenge was finding a way to distribute incoming requests across multiple servers to guarantee high availability and network resilience.
The first generation of devices to address the challenge were called load balancers. Initially, they were simple and operated at the transport layer. Load balancers focused on distributing incoming traffic across several servers to balance loads and prevent them from overwhelming any single server.
However, as apps and websites became more complex, legacy load balancers fell out of favor for their inability to read and make decisions based on the content of user requests (not just IP addresses and ports). This led developers to upgrade to layer 7 load balancing solutions, which could inspect message content at the application layer.
Advanced load balancers could route traffic based on factors like HTTP headers, cookies or even specific page requests, facilitating more sophisticated traffic management strategies, like session persistence (or “stickiness”) and content-based routing. Over time, as developers continued to add functionalities, these load balancers would become the intelligent controllers we now call ADCs.
Modern application delivery controllers are vital components of resilient, highly available IT infrastructures, particularly network data centers. They manage app traffic by using a series of complex processes and features that ensure efficient, secure data flow between client devices and backend servers. Those features include:
One of the primary functions of an ADC is to distribute incoming traffic across multiple servers (load balancing) based on algorithms like least connections, round-robin and server response time. If one server is overloaded or goes offline, the ADC redirects traffic to other servers to prevent the unhealthy server from becoming a bottleneck, leaving network performance and the user experience unaffected (or minimally affected).
Load balancers also maintain session persistence, ensuring that a user's session data is cached and remains on the same server throughout their interaction.
With global server load balancing (GSLB), often called load balancing for load balancers, ADCs can distribute requests across multiple servers located in different geographical locations so that users are automatically directed to the nearest or best-performing data center.
Transport layer security (TLS) and secure sockets layer (SSL) processing can sometimes put a strain on a web server’s resources. With SSL offloading, ADCs replace backend servers and function as SSL or TLS endpoints to manage encryption and decryption, freeing up CPU resources for app data processing and improving server performance.
ADCs optimize network connections by using TCP multiplexing processes, which consolidate numerous client-side TCP connections (by pooling or reusing them) into a smaller number of server-side connections. Using a set of persistent server connections, the ADC can dynamically multiplex client requests over these connections to reduce server overhead.
ADCs can cache frequently requested content (such as images, videos and websites) closer to the user, eliminating the need to repeatedly generate or fetch it from the web servers. These caching policies can significantly reduce the processing load on origin servers and improve server response times for end users.
ADCs compress web content (HTML, CSS and JavaScript, for instance) before it's sent to the client, reducing bandwidth demand and accelerating content delivery, especially for users with slower internet connections.
ADCs often include DNS application firewalls and web application firewalls (WAFs) that protect against common security vulnerabilities such as SQL injection, cookie poisoning, cross-site scripting (XSS) and other application-layer attacks by inspecting incoming traffic for malicious patterns and blocking potentially harmful requests.
ADCs can also help protect apps against distributed denial-of-service (DDoS) attacks by filtering out malicious traffic before it overwhelms the application infrastructure. With app-specific access controls, rate-limiting protocols and bot management features, ADCs are instrumental in creating zero-trust architectures and preventing network abuse and attacks.
ADCs prioritize traffic to ensure that critical applications get the bandwidth they need even during peak traffic times so that time-sensitive and mission-critical data get through the network faster. Using quality-of-service (QoS) policies, ADCs can also help manage bandwidth and prevent network congestion.
ADCs can interact with directory services (like an on-premises active directory) to control user app access and provide central authentication points for client authentication and authorization verification. They also support newer protocols like multifactor authentication (MFA) and single sign-on (SSO) for enhanced network security.
The shift toward cloud-native applications has demanded that application delivery controllers evolve to support containerized environments and microservices architectures. Though hardware- and software-based ADCs are still effective in many ways, traditional ADCs were designed for monolithic apps and often struggle to keep up with the dynamic nature of today’s cloud-native applications.
To address this, service providers like Citrix, VMWare, Amazon Web Services (AWS), Microsoft Azure and IBM, among others, have developed cloud-native ADCs (in the form of IaaS, PaaS and SaaS) that offer advanced agility, scalability and automation capabilities. Modern ADCs are designed to integrate seamlessly with cloud provider APIs and container orchestration tools (like Kubernetes) to deliver superior service discovery, autoscaling and traffic management capabilities.
Despite their origin as basic load balancers, application delivery controllers have consistently adapted to meet the dynamic needs of IT infrastructures and application delivery solutions. Today’s ADCs are multifaceted app delivery platforms that offer application performance, security and delivery optimization across complex, multicloud environments.
Any enterprise operating a large-scale, complex or distributed content delivery network (CDN) can use ADCs to ensure that network applications are consistently available and perform well.
ADCs can help businesses with:
Global server load balancing
ADCs can redirect network traffic to server clusters in data centers across the network. Specifically, they can collaborate with other ADCs to optimize the path that traffic takes through the internet, allowing each ADC to route requests to the data center closest to the client and minimize latency and round-trip time.
Connection management
ADCs handle fast and slow clients by adjusting timeouts and buffer sizes accordingly. Controllers can also terminate connections to free up unneeded resources and multiplex connections for greater network efficiency.
Health monitoring
ADCs continuously monitor the real-time health of app servers to ensure that traffic is only routed to responsive and available servers. They can ping web servers, attempt to establish TCP connections and make app-level requests to verify that a server is functioning optimally.
If a server fails or starts to function suboptimally, the ADC can redirect traffic to other servers and even initiate server restarts and other recovery actions (assuming they’re configured to do so).
Multitenancy support
Multitenancy designs allow different groups within an organization (DevOps, marketing and sales or specific application teams like customer service, inventory and payments) to share the same application infrastructure. Consolidating more services onto fewer devices—whether virtual or physical—helps organizations increase network agility and reduce costs related to administration, acquisition and ongoing support.
ADCs in edge computing
Edge computing involves processing data near the source (at the edge of the network), instead of relying solely on a central data center. ADCs deployed at the network edge can optimize local traffic, manage local security and compliance policies and ensure that apps work efficiently, even in distributed environments. This is particularly useful for IoT applications and services that require real-time processing capabilities.
Integration with software-defined networking (SDN)
ADCs have evolved to be more programmable and more easily integrated with SDN architectures, which separate the network's control layer from the data layer for more centralized, flexible resource management. Now, ADCs can be dynamically configured and managed with software controllers, enabling more agile responses to network traffic fluctuations and app demands.
Machine learning (ML) and AI capabilities
Artificial intelligence (AI) and ML technologies can help ADCs predict traffic patterns, detect potential security threats and automate network management tasks, improving efficiency and reducing the need for human interaction with the network.
Application delivery controllers help businesses optimize traffic routing and maximize network availability, especially for enterprises that handle high-volume web traffic, host mission-critical applications or require high levels of data security.
ADCs offer businesses:
ADCs gather data on a wide range of metrics (such as traffic volume, server health and security events), which can help businesses gain insights into network functionality.
ADCs use a myriad of techniques, such as content switching, to compress, recycle and cache data to accelerate network apps and websites.
ADCs can automatically expand available application services to ensure high-performance traffic routing, especially for high-latency networks and mobile networks.
ADCs provide failover capabilities to make sure a business can continue operating and users experience minimal delays when a server fails. ADCs duplicate and sync user sessions across servers so that if a server goes offline, execution responsibilities can pass to a session duplicate.
ADCs provide the first line of defense against malicious attacks by using WAFs and intrusion detection and prevention features to protect network data.
Resources
Unlock powerful insights into modernizing mainframe environments. Learn how balancing people, processes and technology can lead to better business outcomes.
Register now to learn how advanced AI analytics can unlock new opportunities for growth and innovation in your business. Access expert insights and explore how AI solutions can enhance operational efficiency, optimize resources and lead to measurable business outcomes.
Explore the latest IBM Redbooks publication on mainframe modernization for hybrid cloud environments. Learn actionable strategies, architecture solutions and integration techniques to drive agility, innovation and business success.
Explore how IBM Wazi Deploy and modern language features can streamline your z/OS DevOps. Learn how automation and open-source tools improve efficiency across platforms.
Embark on your DevOps transformation journey with IBM’s DevOps Acceleration Program. This program guides enterprises through critical stages such as assessment, training, deployment and adoption to achieve seamless DevOps implementation.
IBM named a Leader for the 19th year in a row in the 2024 Gartner® Magic Quadrant™ for Data Integration Tools.
Streamline your software delivery pipeline with IBM DevOps Accelerate, a comprehensive solution for automating CI/CD and release management.
Achieve faster, more reliable releases by automating processes, optimizing workflows, and improving team collaboration across every stage of development and deployment.
Transform mission-critical applications for hybrid cloud environments with stability, security and agility.