The Array 1000 offers configuration through the ArrayOS via the console, SSH (Secure Shell) or the Web-based user interface. The CLI (command-line interface) is similar to Cisco Systems' IOS, so I felt comfortable configuring the unit via the CLI and the Web user interface.

I tested a dual 10/100/ 1,000 unit; a fiber-gigabit version is also available. For redundancy, you can cluster up to 32 units in an active-active mode both locally and globally. The Array 1000 works in full proxy, so it can't yet be configured for direct server return. ClickArray plans to address this in a release late this year.

The Array 1000 offers many load-balancing algorithms, including industry standards round robin, weighted round robin and least connections, as well as persistence via cookies and source IP address. TCP server health checks ensure a TCP connection can be opened, and HTTP health checks provide customized HTTP requests and expected responses to determine the health of servers in the cluster. Content checks can be performed, but the scripting to do this is now extremely limited.

Load-Balancing and Caching

The caching functionality -- a standard reverse-proxy cache -- showed excellent performance in my tests. All cached content is held in RAM, and the amount of RAM used by the cache is configurable. I set the cache to use half of the unit's 1 GB of RAM. The cache can be preloaded at boot time.

CDN (content-delivery network) support is offered, and the device can rewrite content on the fly. Additionally the CDN offers a CDI (content distribution API), which third parties can use to rewrite and route content.

I used Caw Networks' WebAvalanche and WebReflector to test the load-balancing and caching functionality and was pleased when the unit performed near the levels claimed by ClickArray. The device supported 19,000 new TCP sessions per second without a single hiccup. I also put the integrated Broadcom Corp. SSL chips to the test. Using RadView Software's WebLoad, I was able to force an average of 450 SSL transactions per second with a 1-KB file (ClickArray claims support for 500 transactions per second).

I also tested the WebWall feature of the Array 1000. The WebWall -- ClickArray is loathe to call it a firewall, since it performs only rudimentary access control suited for basic permit and denial of port and IP-address-based traffic -- performed as well as expected.

Once the WebWall is turned on, all traffic is denied by default, and you must specifically allow all traffic -- even for Port 80. Quite frankly this is more trouble than it's worth because if you turn the WebWall on from the user interface, you must find a console to allow access to Port 80 again, or you have to do it all from the console. The permit functions (by IP or port) all worked well. The deny features offer the ability to deny specific IP addresses and ranges of IP addresses, but the feature is not functional in the release I tested. ClickArray says it addressed this problem in version 2.04.

Vendor Information Array 1000, $24,995. Available: Now. ClickArray Networks, (408) 360-9610; fax (408) 284-4253; www.clickarray.com

While the performance of the Array 1000 is more than acceptable, other issues with the configuration and management of the device, though not bugs, bugged me. The unit allows only one config session per unit, which the Array 1000 uses as a protection feature. I saw it as a pain: Locking yourself out of config mode is too easy. If you close your browser without first returning to "view only" mode or if you turn on the WebWall from the user interface, you will be locked out. I did both of these things and had to power cycle the unit to re-enter. I could have waited for the five-minute idle session time-out, but since the boot time for the unit is three minutes (with plans to bring that time down to less than one minute), rebooting was faster.

There is no way of removing a real server or group from the configuration. This does not affect functionality since you can ignore servers or groups and create new ones. However, this is yet another sign that more work is necessary on this product before it can truly compete with more mature competitors already strong in this market. This may be a product to watch, judging from its performance in critical areas, but version 2.03 isn't quite ready for prime time just yet.