A10 Networks, Inc. provides security and infrastructure solutions for on-premises, hybrid cloud, and edge-cloud environments of its global enterprise, communication, cloud and web service provider customers who strive to provide business-critical applications and networks that are secure, available, and efficient.
As cyber-attacks increase in volume and complexity, the company integrates security and artificial intelligence (AI) enabled capabilities in its solutions that enable its customers to...
A10 Networks, Inc. provides security and infrastructure solutions for on-premises, hybrid cloud, and edge-cloud environments of its global enterprise, communication, cloud and web service provider customers who strive to provide business-critical applications and networks that are secure, available, and efficient.
As cyber-attacks increase in volume and complexity, the company integrates security and artificial intelligence (AI) enabled capabilities in its solutions that enable its customers to continue to adapt to market trends in hybrid cloud, AI-ready data centers and the ever-increasing need for high performance, high availability and low latency. This provides the foundation for the company’s strong global footprint and leadership in application and network security and infrastructure. In February 2025, the company acquired the assets and key personnel of ThreatX Protect, which expanded its cybersecurity portfolio with web application and application programming interfaces protection (WAAP). ThreatX Protect is ideally suited for securing applications and application programming interfaces (APIs).
Product Portfolio
The company’s product portfolio seeks to address many of the aforementioned challenges and solution requirements. The portfolio consists of network infrastructure and security products. The infrastructure portfolio powers the delivery of internet services and applications while the security products protect applications, APIs, infrastructure and enterprises from cyber-attacks. The company’s security suite is known as A10 Defend.
A10 solutions are available in a variety of form factors, such as embedded in optimized hardware appliances, as bare metal software, containerized software, virtual appliances and cloud-native software. While the company’s revenue to date has predominantly derived from delivery of its proprietary software on a perpetual license basis embedded in optimized hardware, this model has begun to evolve in various ways, including among others, term licenses, cloud offerings, subscriptions, and software-only models. The company’s comprehensive and flexible application solutions portfolio, combined with A10 Control positions it to address the growing need for shifting workloads to a mix of private clouds and public clouds. A10 Control is built on microservices and container technologies and offers a multi-tenant, highly scalable controller architecture that incorporates real-time and predictive analytics at the application level and central management and orchestration of secure application services across hybrid environments, from physical data centers to public, private and hybrid clouds.
The following is an overview of the company’s portfolio:
Secure infrastructure solutions: Includes Thunder Application Delivery Controller (ADC); Thunder Carrier Grade Networking (CGN); Thunder SSL Insight (SSLi); and Thunder Convergent Firewall (CFW).
Intelligent Management and Automation Tool: Includes A10 Control.
A10 Defend Suite of Products: Includes A10 Defend Threat Control; A10 Defend Orchestrator; A10 Defend Detector; A10 Defend Mitigator; and A10 Defend ThreatX Protect.
The following is a further overview of the company’s portfolio:
Secure Infrastructure Solutions
Thunder Application Delivery Controller: Thunder ADC provides advanced server load balancing, including global server load balancing, high availability, aFleX scripting, aVCS, ADP multi-tenancy, SSL, offload, acceleration, caching and compression, next-generation web application firewall (NG-WAF), domain name server (DNS) application firewall (DAF) and others. ADCs are typically deployed in front of a server farm within a data center, including web, application and database servers.
Thunder Carrier Grade Networking: Thunder CGN extends the life of increasingly scarce IPv4 address blocks and their associated infrastructure using Carrier-Grade network address translation (CGNAT) and translation solutions to the IPv6 addressing standard. The company’s CGN solution is typically deployed in service provider networks to provide standards-compliant address and protocol translation services between varying types of IP addresses. It has been successfully implemented by many large service providers and enterprises around the world.
Thunder SSL Insight: Thunder SSLi focuses on the inherent blind spots created by SSL encryption by offloading CPU-intensive SSL decryption functions that enable security devices to inspect and remove malware within encrypted traffic. Thunder SSLi decrypts SSL-encrypted traffic and forwards it to a third-party security device, such as a firewall, for deep packet inspection (DPI). Once the traffic has been analyzed and scrubbed, Thunder SSLi re-encrypts the traffic and forwards it to its intended destination.
Thunder Convergent Firewall: Thunder CFW addresses multiple critical security capabilities in one package by consolidating multiple security and networking functions in a single appliance, helping customers significantly lower capital and operating expenses. Its performance and scale deliver superior value to customers, all within a small form factor, and streamlines customer operations with a cloud-ready programmable platform.
Thunder CFW includes:
A high-performance Secure Web Gateway with integrated explicit proxy, URL filtering and SSL visibility, enabling security policy enforcement for outbound HTTP/HTTPS client traffic. The company’s solution includes a Cloud Access Proxy to provide scalability, performance, and security to overcome deployment and operational challenges.
A high-performance data center firewall with integrated network denial-of-service protection and server load balancing, which provides a Layer 4 stateful firewall and Layer 7 application-level gateway functionality for protecting data center applications from emerging network and DDoS threats.
A high-performance Gi/SGi firewall with integrated network DDoS, CGNAT, ADC and application visibility. The Gi/SGi firewall protects the mobile operator infrastructures from Internet-based DDoS and other security threats.
A high-performance IPsec VPN, a security product designed to strengthen security postures and protect application data.
Intelligent Management and Automation Tool
A10 Control: A10 Control provides intelligent management, automation and analytics for secure application delivery in multi-cloud environments to help simplify operations. Infrastructure and application operations teams can centrally manage and automate configuration and application policies for the company’s Thunder application and security services, such as load balancing, application delivery, web application firewall, SSL decryption, Gi/SGi firewall, Carrier Grade NAT and Cloud Access Proxy solutions. Configuration and control can also be automated via API and integrated with orchestration systems used within organizations. In addition, A10 Control provides comprehensive infrastructure and per-application metrics and analytics for performance and security monitoring, anomaly detection and faster troubleshooting. The container-based, microservices architecture allows controller capacity to be scaled without interrupting operations. A10 Control is available in two deployment models: A10 managed software-as-a-service (SaaS), or as a self-managed, on-premise deployment.
A10 Defend Suite of Products
A10 Defend Threat Control: A10 Defend Threat Control is a standalone SaaS platform that proactively establishes a robust first layer of defense by offering actionable analytics and blocklists. Defend Threat Control is based on proprietary A10 research.
A10 Defend Orchestrator: A10 Defend Orchestrator integrates with A10 Defend Detector and A10 Defend Mitigator for intelligent and automated DDoS protection, providing a centralized point of control for seamless DDoS defense management and execution. A10 Defend Orchestrator is designed to help lower operational costs by freeing up staff from repetitive tasks while increasing precision and accuracy with centralized and automated tasks, reducing the potential for human error. A10 Defend Orchestrator highlights included advanced workflow and automated defense capabilities.
A10 Defend Detector: A10 Defend Detector is the company’s high-performance Netflow, Sflow, IPFIX-based DDoS detector and is used to easily manage the scale and heterogenous nature of SP networks, resulting in a unified DDoS protection solution. Defend Detector can be used by service providers to deliver DDoS services to their customers.
A10 Defend Mitigator: A10 Defend Mitigator is the company’s high precision, automated, scalable, and intelligent DDoS mitigation solution that is delivered as hardware or virtual appliances ranging from 1Gbps to over 1Tbps. A10 Defend Mitigator is typically deployed at the perimeter of the networks to protect internal network resources from large-scale, volumetric and multi-vector attacks. In 2017, the company enhanced the A10 Defend Mitigator solution with the launch of a dedicated detector function, improved workflow and automation in A10 Defend Orchestrator. In 2018, the company enhanced its detection capabilities with the One-DDoS solution, which enables Thunder ADC, CGN, and CFW solutions to act as in-line detectors to enhance application and infrastructure detection. The company also added A10 Defend Mitigator Dynamic Attack Pattern Recognition (DAPR) for automatic attack learning, to identify and thwart zero-day attacks, and enhanced machine learning (ML) with always-on adaptive learning. Defend Mitigator is augmented by the A10 Threat Control and software licensed from ThreatSTOP, Inc., which can block known bad connections (i.e., IP addresses) from entering protected networks.
A10 Defend ThreatX Protect: A10 Defend ThreatX Protect is a cloud-based WAAP solution that incorporates NG-WAF, BOT protection, Layer 7 DDoS and API protection. This solution is deployed in front of applications and APIs and uses a combination of behavioral profiling and risk scoring to identify cyber threats. A10 Defend ThreatX Protect comes from the company’s acquisition of the ThreatX Protect assets.
Product Form Factors
The company’s products are offered in a variety of form factors and payment models, including physical appliances and perpetual and subscription-based software licenses, as well as pay-as-you-go licensing models and FlexPool, a flexible consumption-based software model. FlexPool allows businesses to flexibly allocate and re-distribute capacity across applications, multiple clouds and data centers.
Thunder Series: ADC, CGN, TPS, SSLi, and CFW products are available on the Thunder Series family of physical appliances. The Thunder Series products support throughput ranges from 200 Mbps to 550 Gbps. The appliance family provides a variety of other security and performance options.
vThunder virtual appliances operate on all major hypervisor platforms, including VMware and Linux KVM. vThunder is also available from cloud providers like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Compute (GCP) and service providers. The vThunder Series products support throughput ranges from 200 Mbps to 100 Gbps.
Thunder for Bare Metal is a software version of the company’s ADC and CGN solutions that is designed to run on a variety of Intel x86 servers, allowing the customer to design and select their own hardware platform.
Thunder Container is software that can be deployed as a container for cCGN, cADC and cTPS on customers’ own hardware platforms and OS stacks.
Underlying Technology
The company’s products are built on the Advanced Core Operating System (ACOS) platform and leverage its performance optimization and security features.
The ACOS platform is optimized for modern 64-bit central processing units (CPUs), which increasingly have multiple parallel processing cores that operate within a single CPU for higher efficiency and performance scalability. To maximize the capabilities of these increasingly dense multi-core CPUs, ACOS implements a proprietary shared memory architecture that provides all cores with simultaneous access to common memory. This shared memory software architecture enables the company’s products to utilize these multi-core CPUs efficiently and scale performance with increasing CPU cores. As a result, ACOS provides customers with products that can deliver superior price performance benefits over products that lack these capabilities.
ACOS’ high-performance design enables the company’s products to address a wide range of performance-driven networking challenges. The flexible software design of ACOS allows the company to apply its portfolio to a variety of markets for a variety of needs. Some notable details about ACOS include:
High Performance and Intelligent Network Input/Output (I/O) Processing: In order to maximize the efficiency of high density, multi-core processors, the company has developed a high-performance intelligent network I/O technology that can balance application traffic flows equitably across processor cores. The company’s Flexible Traffic Accelerator logic can be implemented either as software running within a standard x86 processor or a Field Programmable Gate Array (FPGA) semiconductor. The company’s Flexible Traffic Accelerator (FTA) also performs certain hardware-based security checks for each packet and can isolate suspicious traffic before it can impact system performance.
Scalable and Efficient Memory Usage: To improve the performance of the multi-core processor architecture, the company has developed a shared memory technology to allow processors to share common memory and the state of the system simultaneously. This avoids the overhead associated with Inter-Processor Communication architectures deployed in first-generation approaches. The company optimizes memory to be visible to processor cores simultaneously, while minimizing communication overhead and contention among processors for allocated memory space. All processors share a common memory pool, which dynamically allocates memory space based on application processing requirements without constraints. Customers can achieve greater performance and scalability from memory and processor resources because configurations, policies and network databases are efficiently stored within a shared memory architecture.
Optimized Application Networking and Security: Once data is processed and placed into a shared memory, a processor can begin to apply ACOS common services and function-specific logic. To enable every processor utilized to perform key functions and thereby achieve greater system utilization, ACOS uses processor cores symmetrically for functions and services. The ACOS common services perform a set of key operational functions, including configuration management, network I/O, aFleX scripting, Virtual Chassis System (aVCS), aXAPI for management integration, Application Delivery Partitions (ADPs), virtualization to enable multi-tenancy, and common resource management, such as buffer, system memory, timer management and other internal system management tasks. ACOS features a modular software design, which improves reliability by preventing modifications made to one module from causing unwanted side effects on other system functions.
Other noteworthy ACOS Technologies: ACOS incorporates a number of other technologies to provide a rich environment for developing Layer 4-7 application networking solutions, including:
aFleX Scripting: aFleX scripting technology is based on industry-standard tool command language and enables customers to write custom scripts to augment the application processing.
ADP: ADP enables multi-tenancy in the ACOS common services so that multiple departments of an organization or multiple customers can share a physical/virtual appliance.
aVCS: aVCS enables multiple physical/virtual appliances to be managed as a single chassis.
aXAPI: aXAPI is an industry standard representational state transfer (RESTful) program interface to enable management integration for automated management.
Support and Services
The company’s global support team, with deep technical domain expertise, is part of its engineering organization and is trained across all products and solutions and takes complete ownership of customer issues from the beginning to the end to achieve rapid response and resolution. The company’s consistent, high-quality customer service and technical support is a key factor in attracting and retaining customers of all sizes, as well as support services that include installation, phone support, repair and replacement, software updates, online tools, consulting and training services.
All customers receive standard warranty support for 90 days with the purchase of the company’s products. The company offers four maintenance options - Basic, Basic Plus, Gold and Platinum support programs (Platinum available in select countries). Maintenance contracts may be purchased in 12-month increments up to five years. The average maintenance contract term is approximately 18 months. The company invoices resellers or customers directly for maintenance contracts at the time of hardware purchase, and all maintenance contracts are non-cancellable and are generally renewed through the same channel as originally purchased. Software updates are provided to all customers with a maintenance contract on a when-and-if-available basis. The company maintains technical support centers in the United States, Japan, India and the Netherlands.
Thunder TPS features an enhanced support offering that includes access to the A10 DDoS Security Incident Response Team (SIRT). Augmenting the standard support, the offering includes access to a dedicated team of DDoS mitigation experts specializing in DDoS prevention, offering efficient assistance for mitigating attacks, and a subscription to the A10 Threat Intelligence Service, leveraging collective intelligence to block known threats.
The company’s professional services team provides a full range of fee-based consulting services, including pre-sale network assessment, comprehensive network analysis and capacity planning, post-sale migration and implementation services and ongoing support.
Customers
The company’s customers operate in a variety of industries, including telecommunications, technology, industrial, government, retail, financial, gaming, and education. The company’s customers include the top two United States wireless carriers, four of the top 10 United States cable providers, and the top four service providers in Japan, in addition to other global enterprises, gaming companies and governmental organizations. During the year ended December 31, 2024, purchases from the company’s 10 largest end-customers accounted for approximately 38% of its total revenue.
A substantial portion of the company’s revenue is from sales of its products and services through distribution channels, such as resellers and distributors. In 2024, sales through a single distribution channel represented 20% of the company’s total revenue.
Competition
The company’s main competitors fall into the following categories:
Companies that sell network security solutions and services including DDoS protection, such as Arbor Networks Inc., a subsidiary of Netscout Systems, F5 Networks, Inc. (F5 Networks) and Radware, Ltd;
Companies that sell network security products, including Secure Web Gateways, SSL Insight/SSL Intercept, data center firewalls and Office 365 proxy solutions;
Companies that sell Gi/SGi firewall and CGN products, which were originally designed for other networking purposes, such as edge routers and security appliances from vendors like Cisco Systems, Inc. (Cisco Systems), Juniper Networks, Inc. (Juniper Networks) and Fortinet, Inc. (Fortinet);
Companies that sell products in the traditional application delivery market, such as F5 Networks, NetScaler from Cloud Software Group, Inc., VMware from Broadcom (through its acquisition of Avi Networks) as well as many startups; and
Companies that sell Cloud WAAP solutions such as Imperva, Akamai, Cloudlare and Amazon Web Services (AWS).
Sales and Marketing
Sales
The company’s high-touch sales force engages customers directly and through distribution channels. The company’s sales team consists of inside sales and field sales personnel who are organized by geography and maintain sales presence in 24 countries as of December 31, 2024, including in the following countries and regions: United States, Western Europe, the Middle East, Japan, Taiwan, South Korea, Southeast Asia and Latin America. The company’s sales organization includes sales engineers with deep technical domain expertise who are responsible for pre-sales technical support, solutions engineering, proof-of-concept work and technical training for its distribution channels. The company’s sales team is also consisting of a channel sales organization that is expanding its market reach through resellers.
Some customer sales are originated and completed by the company’s Original Equipment Manufacturer (OEM) and distribution channels with little or no direct engagement by its sales personnel. The company fulfills nearly all orders globally through its distribution channels, which include distributors, value added resellers and system integrators. Revenue fulfilled through the company’s distribution channels accounted for 94% of its total revenue for the year ended December 31, 2024.
Marketing
The company’s strategy is focused on driving greater demand for its products and services, and enabling sales to win as that demand broadens. The company’s marketing drives global demand generation campaigns, as well as additional awareness and demand via joint marketing campaigns worldwide. The company’s marketing also drives global awareness through industry analyst engagement, media outreach, blogs, social media and events.
Manufacturing
The company’s manufacturers are Lanner Electronics Inc. (Lanner), AEWIN Technologies Co., Ltd. (AEWIN) and iBase.
Intellectual Property
As of December 31, 2024, the company had 210 United States (U.S.) patents issued, 3 U.S. patent applications pending, 78 overseas patents issued and 7 overseas patent applications pending. The company’s issued U.S. patents, excluding 10 patents that it acquired, expire between 2025 and 2042. The company’s issued overseas patents, excluding 2 patents that it acquired, expire between 2025 and 2037. The company licenses software from third parties for the development of, or integration into, its products, including proprietary and open source software. The company pursues registration of its trademarks and domain names in the U.S. and other jurisdictions.
History
A10 Networks, Inc. was founded in 2004. The company was incorporated in the state of California in 2004 and reincorporated in Delaware in 2014.
The Analyst Price Target shows the analysts’ low, high, and average target at a glance.
