ZeroLeak, ETM, Central Management, vTenant, L7 Reporting, L4 DDoS, and L7 DDoS — optional capabilities that extend the platform where your deployment needs them.
Most enterprise deployments are well-served by the four core modules (ADC, WAAP, AAM, GTM). Some deployments need more — browser-level data isolation, endpoint trust signals, central management across many devices, or expanded DDoS capacity. TR7 Add-Ons let you extend the platform along those specific axes without bringing in a separate product.
This page opens seven doors — one per add-on. Pick the add-on that maps to a specific operational need; each is licensed independently and integrates with the same engine and operational language as the core modules.
Seven extensions. Same engine.
Each add-on extends one specific axis — visual isolation, device trust, central management, multi-tenancy, deeper reporting, or expanded DDoS scope — while staying inside the same TR7 operational language.
Each add-on page details one extension — what it does, when it applies, capacity tiers, and how it integrates with the core modules.
Visual browser isolation · anti-OCR · forensic recording
Stream-only access to sensitive web applications. Users see a pixel stream, not HTML — anti-OCR, leak attribution, and full session recording for the highest-risk applications.
Live device trust + posture signals
Device posture, mobile MDM, server integrity, and remote actions — feed trust signals into AAM access decisions and ADC routing in real time.
Multi-device management from one console
Shared/per-node configuration model, bulk rollout, drift visibility, audit trail, and rollback — turn multi-TR7 operations into controlled, standardized work.
Virtual tenant isolation
Multi-tenancy with complete resource isolation. Partition a single TR7 deployment into independently-administered virtual instances — for service providers and large internal IT.
Deep application-level analytics
Detailed application analytics, custom dashboards, and scheduled reporting beyond the standard live traffic view — for compliance, capacity planning, and operational review.
Network-layer volumetric defense
High-capacity L3/L4 DDoS scrubbing for volumetric attacks — SYN floods, UDP/ICMP amplification, reflection. Expands the baseline DDoS protection built into every TR7 deployment.
Application-layer attack defense
Application-aware Layer 7 DDoS defense with behavioral analysis and ML-based detection. Defends against slow-rate attacks, HTTP floods, and adaptive application-targeted DDoS.
Add-ons extend specialty axes — they are not workarounds for missing functionality.
Core modules cover the recurring operational needs. Add-ons extend one specific axis — visual isolation, device trust, central management — without changing how the core operates.
Each add-on has explicit capacity tiers in contract language — concurrent users, endpoints, devices, vServices. No undefined limits, no surprise overage.
Add-ons configure through the same flow engine, integrate with the same audit trail, and surface through the same API as the core modules. No separate tool, no second console.
Each add-on page details a single extension — what it covers, when it applies, capacity tiers, and how it integrates. When you're ready to scope add-ons alongside core modules, the Licensing Wizard ties the choices into a single commercial model.
Add-on availability, capacity tiers, and bundling allowances may vary by deployment model, license term, and contract scope. Refer to each add-on page and the licensing guide for detailed coverage.