Secure WAN Acceleration Michael Favinsky Senior Systems Engineer www.sonicwall.com.

Slides:

Advertisements

Similar presentations

Deloitte Technology Fast 500 Asia Pacific Winners Accelerating Your Network WACC Technology.

Advertisements

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

UDgateway WAN Optimization. 1. Why UDgateway? All-in-one solution Value added services – Networking project requirements Optimize IP traffic on constrained.

True Unified Threat Management

NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

1 Tainet IP PBX solutions Tainet Communication System Corp.

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Module 5: Configuring Access for Remote Clients and Networks.

Optimizing the User Experience Throughout the Infrastructure Consolidation Process Dan Smith, Enterprise Solutions Manager, GTSI Chris Theon, Practice.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Secure Messaging Nick Hall & James Clifford Microsoft.

Toolbox Mirror -Overview Effective Distributed Learning.

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Citrix Partner Update The Citrix Delivery Centre.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

MIGRATION FROM SCREENOS TO JUNOS based firewall

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Adding WAN Optimisation to Boost Storage Sales Success Blue Coat in a Virtual World.

SonicWALL WXA – WAN Acceleration

1 © 2009 XSOMO International Limited — All rights reserved EcoSolutions Neil Williams, ICT Manager & Nicholas Cann, Systems Engineer Xsomo International.

Virtual Private Network prepared by Rachna Agrawal Lixia Hou.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

SharePoint Farm On Azure IAAS Prepared By : Prakhar Rastogi Premier Field engineer Microsoft India.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Virtual Desktops and Flex CSU-Pueblo Joseph Campbell.

Barracuda Load Balancer Server Availability and Scalability.

Hosted by Gain Maximum WAN and LAN Performance Michael Hoch Research Director Aberdeen Group.

UDgateway WAN Optimization. 1. Why UDgateway? All-in-one solution Value added services – Networking project requirements Optimize IP traffic on constrained.

Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.

The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Kiew-Hong Chua a.k.a Francis Computer Network Presentation 12/5/00.

Network Edge Protection: A Technical Deep-Dive into Internet Security & Acceleration Server

Selling Strategies Microsoft Internet Security and Acceleration (ISA) Server 2004 Powerful Protection for Microsoft Applications.

Terminal Services Technical Overview Olav Tvedt TVEDT.info Microsoft Speaker Community

WSV Problem Background 3. Accelerated Protocols and Workloads 4. Deployment and Management 2. BranchCache Solution Modes 5. BranchCache Protocols.

SonicWALL SSL-VPN Series Easy Secure Remote Access Cafferata Cristiano SE Italia.

The role of networking in the Dynamic Data Center Niels Friis-Hansen Senior IT Specialist, CCIE IBM Communication & Collaboration.

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.

Virtualization Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.

Microsoft ® Internet Security and Acceleration Server 2006 Beta Technical Overview Steve Lamb Information Security Evangelist

Ton den Braber Channel Manager Benelux Dell SonicWALL The Promises and Pitfalls of BYOD.

NSA 240 Overview For End Users. 2 New Challenges To Solve  Threats Are Increasing  Web 2.0 & SaaS  Impacts to servers, users & networks  Threats go.

Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

SURENDRA INSTITUTE OF ENGINEERING & MANAGEMENT PRESENTED BY : Md. Mubarak Hussain DEPT-CSE ROLL

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

Barracuda NG Firewall ™

Barracuda Web Filtering Service

2016 Citrix presentation.

Securing the Network Perimeter with ISA 2004

Product Datasheet AppSense DataNow 4.1

UDgateway WAN Optimization

Introducing ProxyClient

Dell SonicWALL WAN Acceleration (WXA) Overview

Introduction to Dell SonicWALL WAN Acceleration

Ron Carovano Manager, Business Development F5 Networks

Presentation transcript:

Secure WAN Acceleration Michael Favinsky Senior Systems Engineer

WAN Acceleration Technology helps…  Improve Performance of Business Applications  Optimize Response Times for Critical Applications  Reduce Bandwidth Consumption  Reduce associated Bandwidth Costs … Make the network faster! 2 CONFIDENTIAL All Rights Reserved

Analyst on the Need for WAN Acceleration “ Applications, such as Microsoft SharePoint, that make extensive use of dynamic content can swamp WAN links while delivering poor end-user response times” “ Repeated transmission of the same, or similar, files, objects or data patterns can create opportunities for data compression” “As resources are increasingly centralized, minimizing the effect of latency on application response times is becoming a critical requirement” “Global centralization of branch office servers and data centers can expose latency-sensitive protocols, again leading to slow response times” Peak Performance

The Need for WAN Acceleration 4 Outpaced by Growing Bandwidth RequirementsTraditional QoS IneffectiveApplication LatencyRedundant Traffic Consuming Bandwidth CONFIDENTIAL All Rights Reserved

Do you need WAN Acceleration? 1. Are you using Site-to-site VPN or dedicated WAN Links (MPLS)?  How much bandwidth exists between your offices? 2. Would you like your internal applications to be faster? 3. Are your inter-island or island to mainland communications slow due to limited bandwidth or high latency?  600ms latency between Oahu and Guam  What is your ping round trip time to the mainland? CONFIDENTIAL All Rights Reserved 5

Before WAN Acceleration  Problem: Connections from remote offices to home office too slow. Takes forever to transfer files or retrieve . People can’t work.  Solution #1: Virtually place remote office users in corporate HQ.  Citrix  MS Terminal Server  Costly  Slow and unusable if latency is high  Solution #2: Replicate corporate HQ to remote offices.  Separate file server and mail server in each remote office.  Cost skyrockets as number of offices go up.  Does an office with less than 10 people warrant its own file and servers?  Sync issues between remote offices and HQ. CONFIDENTIAL All Rights Reserved 6

Next Generation Firewalls and WAN Acceleration Traffic Shaping Ensure “Good Traffic” Composition Block Unwanted Traffic Utilize Bandwidth Effectively Traffic Acceleration Traffic De-duplication Windows File Services (WFS) Caching Protocol Optimization/Compression CONFIDENTIAL All Rights Reserved 7

Traffic Shaping – Get “Good Traffic” WAN Acceleration Step 1 Bandwidth manage and control applications  Identify non-business related applications  Prioritize important traffic  Block or restrict unimportant traffic  application signatures 8 Goal: “Allow Good Traffic” at the gateway with Application Intelligence & Control CONFIDENTIAL All Rights Reserved

“Good Traffic” Acceleration WAN Acceleration Step 2 Extremely Effective on:  , PowerPoint, Excel spreadsheets, Word docs, PDF  Internal Web apps, Database apps  Files between 20Kb-100’s of MB+  Small Localized Changes Benefits (For Good Traffic)  Eliminate redundant traffic  Increase responsiveness  Improve user experience 9 CONFIDENTIAL All Rights Reserved

WFS Acceleration Benefit: Improves response times and transfer speeds when copying files between remote locations CONFIDENTIAL All Rights Reserved 10  Acceleration for Windows File Copy protocols  CIFS & SMB: Protocol names for file transfer  File caching/de-duplication  Metadata caching (File directory information)  Active Directory Integration  All machines including the WAN Accelerator are required to become part of the domain

WFS Protocol Optimization 11  Optimizes communications of inefficient, chatty WFS. With: WAN AccelerationBefore: WAN Acceleration Benefit: Significantly reduces file transfer / file open / file access times. Often by orders of magnitude. CONFIDENTIAL All Rights Reserved

Demonstrating and Quantifying the Benefits of WAN Acceleration Visualize the benefits of using WAN Acceleration CONFIDENTIAL All Rights Reserved 12

Bandwidth Savings for Web Apps Results: 90% traffic reduction for Internal Web traffic 13 CONFIDENTIAL All Rights Reserved

Bandwidth Savings for Windows File Sharing (WFS) Results: 80+% traffic reduction for Windows File Sharing 14 CONFIDENTIAL All Rights Reserved

Results – Another Live Customer CONFIDENTIAL All Rights Reserved 15

Multi-Site VPN Deployment Multiple Remote Offices connecting back to a Central Office 16 Results: Traffic between the sites is optimized with minimal configuration CONFIDENTIAL All Rights Reserved

Using Dedicated WAN Links Leveraging dedicated WAN links between offices 17 Results: Traffic between the sites is optimized with minimal configuration CONFIDENTIAL All Rights Reserved

NGFW with Insecure WAN Optimization CONFIDENTIAL All Rights Reserved 18 Insecure WAN Opt device PC sends virus. WAN Opt encodes virus within de-dupe protocol, which DPI cannot recognize Virus sent to HQ The customer investment in NGFW Has been wasted, and communication between the sites is insecure. Application Visualization Gateway Anti-Virus Firewall DPI

Secure NGFW with WAN Acceleration Secure Solution  Sits inside of the security boundary  Provides comprehensive scanning for intrusions and malware  Leverages IPS/AV/AS/App Intelligence  Allows traffic shaping and policy enforcement on WAN. Traditional Solution  Sits behind or outside of the security boundary  Data coming out of the WAN Acceleration device can’t be inspected by the security device  Potential for malware propagation, policy violation. 19 WXA NSA Ingress/Egress traffic Firewall WAN Acceleration Ingress/Egress traffic CONFIDENTIAL All Rights Reserved

Active Directory Integration  Secure  Integrates directly with AD.  Becomes a member of the domain.  Uses Kerberos authentication  Insecure  Does not integrate with AD.  Uses NTLM.  Forces you to lower your file server’s security posture. CONFIDENTIAL All Rights Reserved 20

Secure WAN Acceleration Benefits  Reduce the amount of data sent between remote and branch offices  Improve user experience at remote offices  Reduce infrastructure cost  Easily block undesirable applications on the network  Bandwidth manage applications such as P2P and streaming audio/video  Increase security through DPI scanning of all traffic  Identify network inefficiencies through real-time traffic visualization  Consolidated management interface  App Intelligence, DPI security, WAN Acceleration, VPN, etc. SonicWALL CONFIDENTIAL All Rights Reserved 21

Summary – Secure WAN Acceleration  Leverage the security of your NGFW  AV / IPS / App Intelligence  You don’t have to trade off NGFW features in order to gain the benefits of WAN acceleration.  Maintain authentication best practices with Windows File Servers  No compromise on using Kerberos  NTLM is more convenient, but it’s not secure.  Secure WAN acceleration is particularly applicable to you, the Hawaiian customer. CONFIDENTIAL All Rights Reserved 22

Questions?