Next-generation Application Delivery Controllers?

So been involved with some rather existing project as of late, I got a bit caught up on how vendors and consultants think about the ADC market and seing alot of new trends that are emering, I think its time that the ADC vendors start looking in another direction.

Gartner uses this term to describe ADC:
(ADC) are deployed in data centers to optimize application performance, security and resource efficiency by offloading servers, providing deep payload inspection and making the best use of complex protocols. Originally deployed for externally-facing Web applications, they are now used to deliver services for many types of business applications and protocols. Recent developments in software-based and virtual ADC platforms provide more deployment flexibility, especially in cloud services and virtual environments.

So is this accurate anymore? Most people think that ADC is basically a load balancing + some extra shiny features, and to a extent I agree.

But their main purpose isn’t load balancing, it is Application Delivery!

If you think about it, this is what we have been using Citrix/VMware/Microsoft now for many years to do Windows application based delivery, but with the rise of web applications in the enterprises and with more and more enterprises moving to cloud/hybrid based solution, an ADC solution will become more and more important over the next couple of years!

Now what I would like to see in the Next-generation Application Delivery Controller solution?

  • Native virtualization support (I mean just not support for running an appliance on a hypervisor, but being able to interact with it! Looking at the service which are running automatic setup and load balancing of services. Looking at external services and setting up Application Firewall for instance! and also use of NFV should allow customers to virtualization more of the workloads and no longer need a physical device
  • Cloud Integration (Hybrid IT/Cloud is coming, many are already there and more are coming, the ADC should be an central point aggregating application across different solutions, not just the on-premises applications)
  • Identity (Again with the growing list of SaaS applications using identity-solutions, we have SAML, Oauth, WS-federation protocols again mixed with different on-premises application which uses NTLM/Kerberos support the ADC should be able to deliver SSO across different applications on-behalf of the user to ensure that users to do not need to be bothered with different authentication mechanisms. No many would argue that there are identity solutions that should take care of this, but I disagree they should focus on the lifecycle management and let the ADC focus on the SSO mechanism, since it is anyways a network device.
  • Microservices and Web 2.0 Looking into the landscape, Microsoft is pushing hard with Mesosphere, Containers and Microservices which are essentially small web-services, it should be essential that an ADC support and integrates directly with these type of services to ensure that developers can easily provision load balancing features for their services
  • Automation, Automation, Automation feature! REST-API, CLI, PowerShell
  • Insight! This is the holy crown, giving proper insight into how an application is performing, and since an ADC is in most cases the heart between the users and the services running internally on the different servers it has unique insight into how the different applications are running.
  • Security! with the growing list of web applications, we also see an growing list of web exploits, having an ADC which can look at web traffic and being able to detect attacks at layer 7! many are already delivering this on their ADC, but few lack the ability to bind this together with insight as well. What about giving the admins some insight (How secure is actually my service?)
  • Optimization! There is alot of badly written code as well, with the ADC in the heart of the traffic it should be able to rewrite code where it makes sense to ensure optimized connection to the end-user. We should never waste bandwidth which is going out to the end-user, and having comments, whitespaces, unoptimizied images for instance is WASTED bandwidth and having optimization features in place

Maybe I’m hoping for to much, but I already see a trend where some of the vendors are moving, some are aiming for cloud support, some identity and some into security aspect, so it is going to be interesting to see where the larger players are moving.

But anyways, this is my wishlist! What do you think should be a feature on an ADC?