Next Previous




PRODUCTS > Kemp > Kemp Virtual LoadMaster
Kemp Virtual LoadMaster - Features

Virtual LoadMaster Feature List

Virtual LoadMaster includes a set of core features for application delivery that are enhanced with Subscriptions that add enhanced features.
*Features included with all LoadMasters.

L4-L7 Application Delivery 


  • Server Load Balancing (SLB) for TCP/UDP based protocols
  • TLS (SSL) Offload
  • Layer 7 Content Switching
  • Transparent caching for HTTP/HTTPS
  • Compression of static and dynamic HTTP/HTTPS content
  • HTTP/2 Support
  • Up to 1000 Virtual and 1000 Real Servers
  • NAT-based forwarding
  • Support for Direct Server Return (DSR) configurations
  • Configurable S-NAT support
  • VLAN Trunking (802.1Q)
  • Link interface bonding (802.3ad)
  • IPv6 support for addressing and features
  • IPv6 - IPv4 bidirectional conversion

Health Checking

  • Aggregated health checks
  • ICMP health checking
  • Layer 7 checking against any target server port
  • Active/Hot Standby configurations for High Availability
  • Stateful Failover
  • Scale-out Clustering
  • Aggregated health checks

Session Persistence

  • Source IP (L4)
  • TLS (SSL) SessionID (L4)
  • HTTP/HTTPS Browser-session (L7)
  • HTTP/HTTPS WebClient-session (L7)
  • RDP Login ID (L7)
  • Port Following for mixed HTTP/HTTPS sessions
  • Session reconnection for Microsoft RDS

Scheduling and Balancing Methods

  • SDN Adaptive
  • Round Robin
  • Weighted Round Robin
  • Least Connection
  • Weighted Least Connection
  • Agent-based Adaptive
  • Chained Failover (Fixed Weighting)
  • Source-IP Hash
  • Layer 7 Content Switching
  • Global Server Load Balancing (GSLB)
  •  AD Group based traffic steering

SSL/TLS Features

  • Configurable TLS (1.0, 1.1, 1.2, 1.3) and SSL (2.0, 3.0)
  • Support for EV (Extended Validation) certificates
  • OCSP certificate validation
  • Server Name Identification (SNI) support
  • Support for up to 1,000 TLS (SSL) certificates
  • Automated TLS (SSL) certificate chaining
  • Certificate Signing Request (CSR) generation
  • FIPS 140-2 Level 1 
  • STARTTLS mail protocols (POP3, SMTP, IMAP)


  • Change auditing
  • Web User Interface (WUI)
  • SSH & physical console
  • RESTful and PowerShell APIs
  • VMware vRealize Orchestrator
  • Context based help (WUI)
  • Real time display of performance and availability
  • Application templates
  • Remote syslogd support
  • Automated configuration backup
  • Selective restore of configuration
  • Connection draining
  • Comprehensive logging and reporting
  • SNMP support
  • Diagnostic shell with in-line tcpdump


  • Permit /Deny Access Control Lists
  • IP address filtering
  • IPsec Tunnel support
  • DDoS mitigation, including L7 rate based attacks
  • IPSec VPN to Azure, AWS and vCloud Air public clouds
  • Authenticated NTP

Features enabled by Subscription
LoadMaster subscriptions enable additional features and services.

Kemp 360 Central

  • Centralized management and orchestration
  • Included with Enterprise support subscription, and Enterprise Plus support subscription
  • LoadMaster configuration management
  • Automated LoadMaster backups
  • Centralized & scheduled firmware updates
  • LoadMaster logfile consolidation
  • Performance management
  • 3rd party load balancer support

Kemp 360 Vision

  • Managed service for application monitoring & preemptive alerting
  • Included with Enterprise support subscription, and Enterprise Plus support subscription
  • 24/7 automated issue escalation service
  • Proactive issue management
  • Integrated with Kemp Support ticketing

Edge Security Pack

  • Microsoft TMG replacement
  • Pre-Authentication
  • Multi-Domain authentication & SSO
  • X.509 client certificate authentication
  • Custom login forms
  • Two factor authentication
  • SAML, Active Directory, RADIUS & LDAP
  • Forms to Forms based authentication

Intrusion Prevention

  • Snort Compatible IPS
  • Permit/Deny IP by address
  • Automated IP reputation updates for GSLB

Web Application Firewall (WAF)

  • Real-time application threat mitigation
  • Daily rule updates
  • Threats Mitigated
    • Cookie tampering
    • Cross site request forgery
    • Cross site scripting
    • Data loss prevention
    • SQL Injection
    • PCI-DSS Section 6.6 compliance

Global Server Load Balancing (GLSB)

Scheduling and Balancing

  • Round Robin
  • Weighted Round Robin
  • Chained Failover (Fixed Weighting)
  • Regional
  • Real Server Load
  • Location Based


  • Black List (Access Control List)
  • IP reputation filtering with automatic updates
  • DDoS mitigation

Health Checking & Failover

  • ICMP health checking of server farm machines
  • Layer 4 TCP checking
  • HTTP/HTTPS health check
  • Active/Active High Availability




SecureOne is a partner centric technology distributor that specialize in secure IT networking solutions, services and support. Principals and resellers partnering with us for proven expertise, enablement resources and overall business execution. We are a preferred distribution partner for many of today's leading and emerging networking and security products including SOPHOS, Cyberoam, Kemp, Paessler, Acunetix, Parallels, IP-guard, Altaro, AISHU, SonicWall, Mushroom Network, Info Express & etc.

Copyright © SecureOne Distribution Sdn Bhd. All Rights Reserved