In a multi-tenant scenario with several acquired companies, what hardware and configuration enables each company to have its own NetScaler instance for VPN, load balancing, and throughput?

The key idea is hardware-level multi-tenancy. An SDX appliance is designed to host several independent NetScaler (VPX) instances on one physical box. Each acquired company can get its own NetScaler instance, which acts as a separate VPN terminus, its own load-balancing configuration, and its own throughput allocation. The SDX slices CPU, memory, and network bandwidth and keeps each instance isolated, with its own management domain, policies, and licenses. That means one physical device can serve multiple tenants without them interfering with each other, while still giving each company a dedicated path for VPN connections, load balancing rules, and throughput guarantees. Why this fits best: you gain true isolation and independent administration per tenant, plus the ability to allocate resources and enforce SLA per company. It also simplifies provisioning—deploy a new VPX instance for a new company on the same SDX, configure its VPN endpoints, virtual servers, and policies, and it’s effectively a separate NetScaler for that tenant. Other approaches don’t offer the same built-in multi-tenant efficiency. Using a single-tenant MPX per company would require purchasing and managing separate hardware for every acquisition, which defeats consolidation. Running VPX on a separate hypervisor (like XenServer) is feasible but adds complexity and doesn’t provide the same single-box multi-tenant architecture and streamlined resource sharing that SDX offers. CPX is a smaller, container-based option and isn’t the hardware-focused multi-tenant solution described here.