HAProxy
Enterprise Edition
Software Load Balancer &
Application Delivery Controller
HAProxy Enterprise Edition combines HAProxy, the world’s most widely used open source software load balancer and application delivery controller, with enterprise class features, services and premium support.
HAProxy Enterprise Edition is a powerful product tailored to the goals, requirements and infrastructure of modern enterprises.
HAProxy Enterprise Edition
Annual Subscription Includes:
HAProxy Enterprise Application Delivery Controller
HAProxy Community
(Stable Branch)
Backported Features
(From Development Branch)
Hitless Reloads/Upgrades
Server-Templates
Module Support
Enterprise Suite
Specialized Tools and Scripts
Configuration API (CLI and REST)
Real Time Dashboard
Stick Table Aggregator
High Performance Modules
Update | Antibot | Sanitize
Fingerprint | WAF Module | Google reCAPTCHA v2 | Geolocation | Response Body Injection | Device Detection
Supported & Optimized Third Party Software
Route Health Injection (RHI)
VRRP | SNMP
Technical Support
HAProxy Enterprise Edition Business
(Business Hours)
HAProxy Enterprise Edition Premium
(Available 24/7)
Main Features of HAProxy Enterprise Edition
Load Balancing
- Comprehensive LB Methods
Round robin, URI, IP address, and other hashing methods supported for routing requests. These methods are overridable with cookies and stick tables to provide session persistence. - Advanced Routing Decisions
Sends requests to specific backends based on URL (or parts thereof), domain name, file extension, client IP address, health state of backends, number of active backend connections, SSL client certificate state, etc. - Stickiness/Persistence
Maintains users’ sessions based on TCP/IP information (client IP, port or TCP payload) or any property of the HTTP request (cookies, headers, URI, etc.).
- Extensive ACL System
Make advanced decisions based on any TCP/IP information or HTTP attribute with full logical operator support.
- LUA Scripting Support
Allows LUA scripts to provide information to ACL’s or generate and send responses.
High Availability
- Advanced Health Checks
Passive and active health checks increase flexibility when it comes to monitoring the health of backend servers. Agent checks provide advanced control allowing a server to set its own maximum connection limits and weight based on server load and can integrate with a centralized service for removing servers for maintenance/upgrades. - Slow Start
Slowly increases the rate of new sessions sent to a backend when it comes up instead of sending the normal weight all at once. - Slow Stop
Stops sending new requests to a backend, but still allows sticky sessions to continue to use that backend. - Traffic Overload Protection
Limits the maximum number of connections assigned to backends, either sending them to other backends or queuing the requests in HAProxy if that limit is reached. - Hitless Reloads
Reloads of HAProxy do not lose any connections for upgrades or changes to the configuration. - Route Health Injection (RHI)
An optimized version of a third party software that allows for the control of routing protocol announcements based on the health of the network and the HAProxy service for active/active clustering. - VRRP
Optimized version of the keepalived daemon for active/passive clustering.
Application Acceleration
- High Performance SSL/TLS
Terminates SSL/TLS on the HAProxy server, optionally establishing an SSL/TLS connection to the backend server. - Advanced SSL Algorithm Selection
Automatically picks the optimal certificate for a given client out of ECC and RSA. - HTTP/2 Support
Support for clients to communicate with the load balancer via the HTTP/2 protocol. - Multithreading
Splits processing across multiple threads while sharing the same memory space. - Small Object Caching
Small object caching is a handy feature for web application acceleration. Its main objective is to offload some of static content delivery from the application servers so they can perform their primary duty – delivering the application. - Connection Buffering
Buffers responses from backends and close the backend connection, leaving HAProxy to send the rest of the data to the client. - Compression
Compresses HTTP responses from backends before passing the response on to the client. - Geolocation Support
Allows for loading geolocation databases from multiple vendors into HAProxy for advanced request handling, routing, and for passing the information on to the application servers. Provides live updating of geolocation databases from a central location. - Device Detection
Gets information about a client by passing the user-agent string to one of HAProxy’s supported device detection databases. - Backend Connections Reduction
Uses idle connections to backends to service requests from multiple clients.
Security
- Reverse Proxy
Proxies all traffic from the internet to your backends through HAProxy in order to ensure all open services are intended and requests logged.
- HTTP Validation
Validates that requests comply with the protocol specifications before sending them on to backend servers.
- Advanced Application-based DDoS Protection
Blocks requests from clients based on multiple metrics and arbitrary criteria, over a configurable time window.
- Anomalous Behavior Protection
Combines multiple metrics about a client’s behavior into information for backends or to make routing/access decisions.
- Dynamic ACL Updates
Updates ACL, Map, or TLS ticket key files in memory normally loaded from disk during HAProxy startup during runtime.
- Traffic Filtering
Uses ACLs to detect any condition in HTTP(S) traffic and route or block the request as desired.
- Antibot Module
Sends JavaScript challenges to requests selected by ACL rules.
- reCAPTCHA v2
Support for presenting clients who have exhibited anomalous traffic patterns with a Google reCAPTCHA v2 challenge.
- Sanitize Module
Filters and verifies that HTTP header names and contents comply specifically with the HTTP specification.
- Fingerprint Module
Generate a unique identifier based on a client request.
- WAF Module
High performance Web Application Firewall that supports multiple modes including blacklist based signature support, whitelist only mode, and ModSecurity ruleset support.
Administration
- Runtime API
Gives the ability to programmatically pull data from or make changes to HAProxy during runtime such as:
- Pulling statistics for graphing or monitoring for multiple tools
- Enabling/Disabling backends for maintenance without reloading
- Changing backend IP’s/ports/weights
- Updating ACL, Map, or TLS ticket key files
- DNS for Service Discovery
Dynamically scales the number of backend servers by querying the service registry over DNS. Maintains the IP address, port, and weight of the servers within HAProxy.
- Server Templates
Enables the provisioning of multiple backend servers with a single server line to be filled in during runtime.
- Extensive Logging
Logs information about requests via syslog; including http request information, reasons why the request failed to complete, request timing, and custom fields.
- Update Module (LB and TLS)
Updates maps, ACLs and TLS ticket key files in memory automatically during runtime from any HTTP(S) server.
- Real Time Dashboard
Provides a view of your services’ health, rates, and load along with aggregation of stats across multiple instances. In addition, it facilitates administrative tasks such as enabling, disabling and draining backends.
- Configuration API (CLI and REST)
Gives the ability to programmatically add, modify, or remove sections of your configuration over the command line or HTTP and keep services separated with multi tenancy support.
- Stick Table Aggregator
Provides realtime aggregated values from stick tables across multiple processes or servers in a cluster which allows for realtime cluster-wide tracking.
- SSO Module
Enables the implementation of SSO (Single Sign On) on a Microsoft Active Directory domain.
Support
- Authoritative
The team which is authoritative on HAProxy
- Knowledgeable
No need to worry about searching documentation again
- Proactive
Proactive team will identify and resolve your issues before you even notice them
- Fast Updates
You will receive updates faster
- Always Available
Premium 24/7 support available
- Distribution Support
HAProxy compiles easily as well as integrates with the package manager in standard operating systems. Supported out of the box: CentOS 6/7, Debian GNU 7/8, Red Hat 6/7, Ubuntu 14.04/16.04.
Why Choose HAProxy Enterprise Edition?
Robust and cutting-edge code base
HAProxy Enterprise Edition combines the best of HAProxy Community stable and development versions. It provides a robust, reliable code base plus the latest cutting-edge features.
Enterprise Suite
Administration and security focused modules, tools and scripts.
Versatility
HAProxy Enterprise Edition runs in all environments, from bare metal, containers and virtual servers to onpremise data centers or public/private clouds. It integrates with popular DevOps and service discovery
tools.
Reliable Performance
Proven reliability since 2000 and extreme performance based on innovative code optimizations.
Advanced Security
Through mitigating attacks for top sites in the world, our powerful DDoS and anomalous behavior detection engine was born and constantly improves.
Extensible Features
Robust core code allows for the native delivery of a wealth of features based on powerful configuration language.
Support
Full 24×7 support and 5-year maintenance guarantee for HAProxy Enterprise Edition Premium customers.
Expertise
Team of experts including the HAProxy core development team for incident response and complex troubleshooting.
Reputation
Trusted by many of the top websites and cloud providers in the world.
See the Advantages of HAProxy Enterprise Edition over Community Edition