This is aimed at the enterprise, while its smaller sibling, the TM-C, is intended for the SME market. Both are integrated web traffic management platforms that accelerate and streamline the delivery of content for web sites.
Installing the unit was straightforward. Set-up required the usual command line interface via a serial link to get things going, but then you could activate a browser-based GUI. This provided comprehensive system management and control functions using a password-protected SSL interface. There is also an option to access the console through an SSH tunnel.
Documentation is provided on CD-Rom and can be accessed from the GUI, which is convenient. There is a flight deck display of real-time statistics for a variety of performance factors. Although such displays are of limited value in normal operation, they can be useful when tracking problems.
The device runs on its own ArrayOS security-hardened operating system and provides features apart from SSL acceleration, including device clustering, support for Tagged VLAN, MNET and SNMP, network address translation, server load balancing, reverse proxy caching, compression, link load balancing (which manages load on the multiple internet links that enterprises have) and the Webwall firewall feature.
This is a default-deny set up and is disabled by default. We did not enable it for our testing.
The reverse proxy cache parameters can be tuned to suit individual site requirements, controlling expiration time, maximum object size, and the number of cached objects to be removed when it becomes full. The default settings are low, so most sites will want to change them. Performance can also be improved by using the dynamic caching and in-line http compression features.
The process of configuring the device for SSL acceleration is well documented, with a step-by-step guide to creating a virtual SSL service, obtaining and installing the required certificates and enabling the service.
The device can be used as an SSL terminator, passing plain http to the back-end servers while handling the decryption and encryption processes. It can also be configured to encrypt traffic to the back-end servers as well, providing end-to-end security. We tested the device in the first mode, using plain http between device and server.