Presentation is loading. Please wait.

Presentation is loading. Please wait.

Better together, Blue Coat and Packeteer

Published byArnold Williamson Modified over 9 years ago

Similar presentations

Presentation on theme: "Better together, Blue Coat and Packeteer"— Presentation transcript:

1 Better together, Blue Coat and Packeteer
Ville Saari Senior Support Engineer

2 About Blue Coat Profitable, public company (NASDAQ: BCSI)
Recently acquired Packeteer $445M combined revenues 1200+ employees worldwide World’s largest organizations use Blue Coat 93 of Fortune Global 100 enterprises 8 of world’s largest 10 service providers Industry-leading, customer-proven solutions 15K customers worldwide 100K appliances deployed across 50+ countries #1 market share for WAN Optimization according to IDC & Infonetics Leader in Gartner’s Secure Web Gateway MQ Global 7x24 support in 9 countries A few bulletpoints about Blue Coat It’s a public company, listed in NASDAQ. After acquiring the company named Packeteer they now have over 1200 employees worldwide and $445M revenues combined. Most of the Fortune Global 100 enterprises are using Blue Coat 8 out of 10 largest ISP’s are using Blue Coat All together there’s around Blue Coat customers around the world with Around appliances deployed across over 50 countries

3 Company History Focused on Web Acceleration
Expanded in Control & Security Added QOS & Application Visibility Founded in as CacheFlow In 2002, Changed Name to Blue Coat In 2008, Acquired Packeteer 2002 2004 2000 2006 1998 1996 2008 In 1999, CacheFlow had 3rd most successful IPO in Silicon Valley history Expanded in with MACH5 Technology Looking back in time - Blue Coat started of as CacheFlow in 1996 In 2002 they changed the company name to Blue Coat to better reflect the nature of their products not being merely a caching proxy device but more widely a secure gateway to internet. Early 2006 Blue Coat introduced their WAN Acceleration features on top of their security gateway and later added these features to the proxy client which enables mobile users to benefit from this technology as well. With the technology acquired with the Packeteer they have total visibility to the network traffic and full featured QOS. Added WAN Optimization & Acceleration 3 3 3

4 Blue Coat to Acquire Packeteer
Blue Coat acquired Packeteer to Offer Complete Solution for WAN Optimization Incorporate key Packeteer® technologies into the Blue Coat® ProxySG® family of appliances to provide increased application understanding and traffic prioritization capabilities Provide additional functionality with the PacketShaper product Extended leadership for Blue Coat in the WAN optimization market Bring the good features from Packeteer technologies to the Blue Coat appliances Added visibility and functionality to the WAN optimization part From the Packeteer key technologies Blue Coat products are capable to understand more protocols at application level. We have full QOS functionality from the PacketShaper product with a great visibility through the monitoring and reporting tools

5 Leader Position in Two Gartner Magic Quadrants
Secure Web Gateway, 2008 WAN Optimization Controller, 2007 “Blue Coat is the most mature vendor in this market… well-tested for scalability and performance … “Blue Coat has strong market understanding, demonstrated through its broad WOC range and feature set. This includes HTTPS acceleration, ECDN, a software client ("SoftWOC") and support for streaming media.” In the Gartner Magic Quadrant, Blue Coat has usually been recognized in the leaders box on top right. Source: Gartner Magic Quadrant for WAN Optimization Controllers, 2007 5

6 The Connectivity Layer is Poor at Delivering Applications
Enterprise Datacenter Consolidation The connection network: Doesn’t know what applications are running across it Has limited knowledge of users and content Can’t tell what is malicious and what isn’t Can’t control mission critical applications Unified Communications Video IP Telephony Messaging WAN and Internet SaaS Remote Offices Web 2.0 & Mash-Ups Mobile Users Why Blue Coat? The connectivity layer is good for forwarding packages. But that’s all it does; it delivers traffic no matter whether its from legitimate or harmful applications. The connectivity layer doesn’t have knowledge about things like Who’s using What applications And how the applications are performing over the lines That’s why Blue Coat offers a new layer to protect the application layer and optimize the connectivity layer to work better with these applications A New Kind of Layer is Required…

7 Application Delivery Network
End Users Sees information Application Servers Sees Users, And information Application Delivery Network Application Performance Monitoring WAN Optimization Secure Web Gateway Sees & Controls EVERYTHING Connectivity What we need is ADN. The Application Delivery Network provides bandwidth management, protocol optimization, object caching, byte caching, compression and web security. And it provides it transparently to the applications. Some of the applications are trying to solve this within the application it self. In example Citrix is doing encryption, compression and even some caching within the application client to server connection. In the client and on the servers it will result in additional overhead processing and consume the precious resources on every end-point Why not do this for all the applications in the network and let the applications do what they’re built to do and just make the network perform as its expected by these applications. Sees connections and packets

8 Position Blue Coat Strategic Solution
Blue Coat Application Delivery Networks Visibility Acceleration Security Discover Applications Assess & Monitor Performance Troubleshoot & Report WAN Optimization Web Cache & Acceleration Traffic Control Web Content & URL Filtering Malware Protection Real-Time Cloud Protection Service Blue Coat has focus on these three objectives: Application Performance Monitoring, WAN Optimization and Secure Web Gateway. Together these three areas can achieve an Application Delivery Network that allow customers to see, accelerate and secure the applications as they’re delivered over distributed networks. Lets dive a little bit deeper into these three areas through the next slides. Best in World Classification Magic Quadrant Leader Magic Quadrant Leader 8

9 Visibility: How Blue Coat Helps
Better Together Boot Camp—San Jose: July 7-11, 2008 Visibility: How Blue Coat Helps Classify – See what is on network Utilization by application Measure – End User Delay Network-Server-Total Troubleshoot – who, what, when 120+ stats per class Fix QOS, Compression, Acceleration, Security SAP Response Times Spiking Cause: Spike in connection hitting server. Most connections ignored Visibility; Blue Coat provides you with tools to Classify – Discover Applications Find all applications – 650+ classes of applications, Layer 7 Business applications (SAP, Oracle, Citrix) Mission critical applications (DNS, DHCP, NTP, LDAP,..) See recreational traffic – P2P, Streaming, FlashTV, iTunes Measure – Stats and reports Bandwidth usage – Top 10 & Time Series Response times – user experience (lag in the aplication; network delays? slow server responses?) Voice /video quality: MOS, jitter, delay, packet loss Much more – 120+ metrics per “class” Find & Fix Determine causes Control recreational Determine what tools to apply Total Delay SAP Order Entry: 1220 ms Network Delay: 340 ms Server Delay: 880 ms © Blue Coat Systems 2008 9

10 What is Application Visibility?
Recreational Streaming 8% 20% P2P 12% Internet Gaming 5% File Transfers 9% Oracle 7% Citrix 5% To run the business effectively, you need to know what’s happening on your network. Here’s an example of the mix of applications found on our customers’ networks and the amount of bandwidth they are consuming. We find that most IT people suspect they have a problem on their networks, but they are astonished at the actual numbers when we conduct an application performance evaluation. In this case, you can see that more than half the available bandwidth is being consumed by recreational applications. This problem is growing with the popularity of applications like YouTube and even Slingbox! You definitely don’t want your employees accessing their Slingbox from the company network! So you need to have a way to ensure that your most important business applications are protected from recreational bandwidth hogs and from malicious applications so they perform in support of the business. We’ll see how PacketShaper’s solution for monitoring and automatic traffic discovery offers great visibility into what’s running on the network. Web Browsing 28% 53% of bandwidth being used by recreational applications 14% of bandwidth is “business critical” TN3270 2% Other 4% Identifies Applications for What They Really Are

11 Classification Maps traffic to its classification library
Automatically builds a list of the applications running on your network 600+ Application classes Sub-classify within complex apps / HTTP Good, bad and malicious traffic Current and next generation applications Plug-In Architecture Enables new application definitions without firmware upgrade So traffic discovery automatically inspects the traffic, maps it to its classification library and builds a list of the applications running on your network. This is extremely valuable… if you don’t have this, all the rich classification would not help you. Convergence: IP Telephony & Video Conferencing Identifies each setup, call & codec used Measures quality in real time Web Services XML/SOA based applications WSDL analysis and classification tool Encrypted Applications Differentiate between SSL applications Identify encrypted P2P based on behavioral profiles Plug-In Architecture Enables new application definitions without firmware upgrade

12 Monitoring: Network Utilization
Average and peak Network efficiency Top Talkers/Listeners Packets and packet sizes See up-to-the minute network utilization What is the utilization, both average and peak? You’ve probably had information about average utilization for some time; but what’s been missing is information about peak utilization rate. Because today’s traffic is transient, it’s important to understand what the peaks are. Historically we’ve had 10 minute averages and that’s great for capacity planning, but it’s not useful for troubleshooting and true visibility, because if you have a 10 minute average utilization and it tells you that your link is 40 percent saturated, it appears that there is no problem. But if sometime during that 10 minute period someone downloaded a huge file for a minute and fully consumed that link, SAP performance plummeted during that period of time and you won’t know this until you get a support call from a user complaining about how slow SAP is. But the moment has passed and there’s no data to validate the problem, and the trouble ticket is closed – no problem found. If you had visibility into peak utilization, you could see that at the same time SAP performance plummeted, there was a large file download - you would understand the cause and effect, and you would be prepared to take the next step and do something about it. Understand cause and effect

13 Application Response Times
How do specific applications perform? We may ask IT people, “How do you find out about performance problems”? And the answer is typically, “Users call us”. That’s not the best way to identify performance issues. IT personnel should be able to measure this themselves, but historically the tools have not been available, or they’ve been difficult and expensive to deploy – some required a client to be installed on every computer – the cost of ownership for something like that is huge. By deploying PacketShaper, you can gather application response time information “on-the-fly”. What is the response time of the application and is it acceptable? What is the roundtrip time by application? How is the application performing? Is the problem with the network, or a server? Often it’s a server, and you need to know that. Could be that a server is running low on resources. Once you know this, you can take the proper actions to solve the problem. Start solving performance issues before users report them as problems See how applications actually perform

14 Voice and Video Quality Metrics
Quality metrics for converged networks Measure jitter, loss and delay for RTP traffic – voice and video Track SLAs for Voice, Video and MPLS Services Extends Application SLAs to voice traffic (Real Time Protocol) Monitor call quality for IP Telephony and Video conferencing Monitor performance of real time classes for MPLS WAN Service With IT telephony and video you can monitor in very detailed level as well. With this knowledge it’s easy to find out what is the cause of any possible quality problems with these. MOS Score = call quality / mean opinion score / 1-5 (1being poor and 5 = excellent) Rich performance, call data and quality ensures your network or your service provider meet or exceed service level objectives

15 Monitoring: SLAs and Quality Metrics
Establish service level reporting to: Set thresholds Measure compliance Proactively send alerts Graph % of transactions that meet service level objectives If you are tied to any SLA’s (service level agreements), you would probably want to set thresholds and be alerted proactively if those agreements are endangered by any defects in the monitored applications. This can be a huge save in costs as smaller problems in performance might indicate that there are bigger problems developing underneath the surface.

16 Application QoS and MPLS Working Together
MPLS Core MPLS work with a few service classes assigning different class to each applications with different performance characteristics. There are hundreds of different traffic and application types running across the WAN business applications, recreational applications, "invisible" services and only a handful of service classes. Using our advanced application identification and classification technology, PacketShaper automatically identifies and classifies applications and then mark them with the proper DiffServ Code Point (or VLAN tag) to get them into the proper service class. So you can see here that the real-time video and H.323 IP Telephony traffic which needs immediate and priority bandwidth is allocated over apps that are less real-time critical, apps that are purely recreational which fall into the best effort service class. PacketShaper can apply its rich classification features and differentiate between those traffic types, mark it and make sure it goes into the right class of service.

17 Advanced Application ID Technology
WAN Optimization Accelerate Internal Bulk Applications Caching – Byte & Object Compression Protocol Acceleration (TCP, CIFS/NFS, MAPI, HTTP, etc) Basic QoS SSL Acceleration Storage Consolidation File Access Intranet Backup & DR Image Distribution 15-40x improvement Up to 300x Video & Multi-Media Business Web Software as a Service (SaaS) Recreational Malicious External Applications Streaming Acceleration & CDN (Content Delivery Networking) External Web/SSL Advanced Web Policy Advanced Application ID Technology 5-25x speedup for asymmetric apps So these are things like storage consolidation, , etcetera. What’s interesting thing about these applications, they can be very problematic, especially with the protocols they use, they can really, really challenge performance planners if you have to use them remotely. So you see, there are a number of technologies that Blue Coat has in its portfolio in order to deliver these very reliably, very fast, and to reduce the bandwidth required in order to make them work within the enterprise. And the benefit that you get with Blue Coat’s portfolio is between on average, 15 to 40 x improvement in the end users’ response times, and even as high as 300 x improvement for those applications. Then you get to the external applications. These require not only a number of the technologies we talked about above but they also require , additional technologies and deployed in a slightly different way. So in addition to caching, both white and object caching, protocol acceleration, compression and QoS, you start to see the need working with video and multimedia, the ability to manage and pre-populate content to different parts of the network so that you can take advantage of overnight lower utilization patterns in order to pre stage information. That and the ability to accelerate streaming applications is one of the key parts of managing external applications, especially when you’re dealing with rich media. The business web is a big challenge, because often these are, or almost always, you don’t have control over the server side of the transaction. So I’m an employee. I’m sitting here in my office, in Sunnyvale, accessing Salesforce.com. , Blue Coat is not only able to identify Salesforce.com traffic, it’s also able to, from Sunnyvale, from a site in Sunnyvale, optimize my access to Salesforce.com in an asymmetric way, meaning from a single office. And at this branch office, it can optimize that transaction. So this becomes very important as we see more and more information transferred to software as a service, as well as letting me point out that one of these happen over encrypted and authenticated sessions by SSL. So it’s not only the ability to do that asymmetrically with web but also to be able to be a full participant and optimize SSL over encrypted traffic. So that’s a real challenge with the business web but along with that access to the business web comes myself and other users that acts as all different kinds of things from the net. Now I’m not sure if anybody out there has ever used iTunes or , looked at a YouTube video. I’m sure certainly, not from work. Well, the reality that is a lot of people do. So you have to have the ability to identify that different recreational traffic. Make sure you filter out the malicious traffic. , you want to stop the disruptive traffic, and for the things that you let your employees , see, the YouTubes, the iTunes, you definitely want to make sure you contain the impact both on a bandwidth, as well as your productivity. And that’s something that’s very challenging, and Blue Coat has a great solution set; 5 to 25 x speedup and asymmetric apps, or external applications, especially over the web. And these become increasingly important as times go forward. Finally, we get to the real time applications; voice, video, the real time SAP and credit card swipe. Here is where you need a little different set of technologies. So you can, you leverage a little bit of the acceleration capabilities but often the key here is isolating the business transaction or the packets associated with a specific call. And that requires the ability to breakdown complex applications and sub-classify these applications so that you can identify , the order entry operation within the SAP, and separate it from the database synchronizations that happen at SAP. Furthermore, you have to be able to apply tool less at that granular session and application base level. Because that way you can protect each call, you can protect that portion of SAP that’s most critical and you can even do things like identify different types of traffic within a Citrix session, to make sure that , a Citrix real time screen pain isn’t pushed out by a big bulky Citrix print shop. And those, I think anybody in a Citrix environment can certainly appreciate it as being very disruptive. So the benefit here as an example, we put up voice and video, again, we do see jitter and latency by 60%, creating much higher quality voice and video over IP. So if you look at that, that’s a big set of applications and it’s a simplified summary of applications and then the enterprise. But if you’ll look at the tools that Blue Coat brings to bear, we enable our customers to manage all these different types of applications, both those things you have today, as well as those things becoming more important tomorrow. Voice Video Conference Real-Time Transactions Thin Client & RT Virtual Real Time Applications Application-Sub Classification Application Session QoS (ASQ) 60% reduction of jitter & latency

18 Accelerate: WAN Optimization for All Apps
Better Together Boot Camp—San Jose: July 7-11, 2008 Accelerate: WAN Optimization for All Apps See Accelerate Secure ProxySG Storage Consolidation File Access Intranet Backup & Data Replication Image Distribution 15-40x improvement Up to 300x Internal Bulk Applications 5-25x speedup for asymmetric apps Video & Multi-Media Business Web Software as a Service (SaaS) Recreational (Contain) Malicious (Stop) External Applications PacketShaper Now we’re going turn a little bit into the WAN Optimization portion of the Blue Coat portfolio. And something that’s interesting here; so we bring up three different types. If you look at an enterprise, there are a number of different applications that an enterprise has to worry about. In fact, the average enterprise has over two hundred applications running on their network. The challenge is there’s a lot of different issues associated with different types of applications. And just here, we’ve broken them down into three very close categories. And , you can shift them around, you probably can add over twenty or thirty applications to this list, but we thought this was a good one to start with. You have your internal bulk applications. This is all your file access, your storage consolidation, , internet, backup and DR, as well as when you’re distributing updates and patches and new firmware images around your company. So those are kind of the internal bulk applications. Now increasingly, there are a number of external applications that are very important to the business as well. In fact, some are very important, some are more recreational in their use and some are downright malicious. And this is one of the most challenging environments to deliver but it becomes more and more important because in addition to , training videos and in addition to kind of the extranet partners that you have, there’s an increasing number of delivery methods that are changing to a software as a service delivery point. So Salesforce.com, being the best example of this where an enterprise is relaying on an outside vendor to provide not just information but real time connectivity and real time application knowledge to the enterprise itself. So you have to be able to work with those types of technologies and deliver them just as reliably as you would an internal application, otherwise, the usefulness is greatly limited. In addition to those business applications are of course, the hundreds and hundreds and hundreds of recreational applications that your users access from your corporate network, to the outside world. So iTunes, YouTube, all the streaming media, all the rich content available for recreational purposes is certainly something that you need to manage, and very carefully. Increasingly, there’s a number of services that are using rich media content from the outside for internal training. So the challenge in all this becomes how you differentiate between the business web, between kind of the benign recreational use, as well as making sure you stop the malicious traffic that can come in as users access the net. So external applications are extremely important and growing in their importance as we talk now and into the future. Finally, we talk about real time applications. These are the applications that are often the most sensitive to delay and the most critical to the business. Things like voice as we transition over IP telephony, video conferencing as we collaborate both within the enterprise, as well as outside. Real time transactions; here I’m talking about things like credit card swipes, like financial trades. We’re also talking about SAP order entry. These are the key, the life blood of the enterprise that are small bits of information but they need to move from here to there instantly. And finally, think client applications, as well as the new real time virtual desktops that are tending to replace the thin client technologies. So those real time applications have a much different performance profile and much different requirements as they operate in the enterprise. 60% reduction of jitter & latency Voice Video Conference Real-Time Transactions Thin Client & RT Virtual Real Time Applications 18 © Blue Coat Systems 2008 18

19 Solving the Latency Problem
Multiprotocol Accelerated Caching Hierarchy Bandwidth Management Protocol Optimization Object Caching Byte Caching Compression Mach5, what is it? It’s Multiprotocol Accelerated Caching Hierarchy that consists of these 5 elements Bandwidth management: You can put those protocols or categories (note: also web categories, so it really works on application level too) to different size of tubes within your total bandwidth. Protocol optimization: To make those talkative protocols perform better over a line with increased latency or possible packet loss Object caching: The old but still very useful optimization of static content Byte caching: This will cache the bytes transmitted over the network and keep a hash table about it so that when ever that same portion is seen again, only thing that will be sent over WAN link is the small hash data so that the other side can build that traffic again without moving it around the slow lines. Compression: Last but not least the transmitted data can be compressed with the widely used Gzip compression standards. File Services (CIFS), Web (HTTP), Exchange (MAPI), Video/Streaming (RTSP, MMS), Secure Web (SSL) 19 19

20 Fast Applications: ProxySG Acceleration
Application performance briefings. On acceleration benefits, it’s useful to take a look at a couple of the examples of how, of the impact that ProxySG acceleration has on these different applications. As we talked about file service or CIFS acceleration between 15 and 40 x improvement, all the way up to 300 x. The external web applications, , 5 to 25 times improvement, up to 400 x improvement. , if you look at the streaming video and the ability to manage which content with Real or Microsoft, some astounding numbers; either from 5 x to 18 x improvement, all the way up to 1,000 x. And we see some of these, especially when it deals with image distribution as well. , when you’re distributing images or content, , the CDN and multicas and compression and caching capabilities have a tremendous impact on not only the performance but also reduction in bandwidth. So the MACH 5 technology is the best or fastest, it saves the most bandwidth and the most latency and it’s just a fantastic product to accelerate your environment. MACH5: The Best, The Fastest Saves the Most Bandwidth & Latency

21 Secure Web Gateway See Accelerate Secure Protect Against Malware
Filter outgoing Web traffic in real time Reduces exposure to malicious web content Guard Employee Productivity Advanced URL filtering: Blue Coat & 3rd Parties Block inappropriate content according to policy Prevent Information Leaks Integrated data leakage protection with 3rd parties Watch, alert & prevent exit of proprietary info Lastly, we’re going to talk about the Secure Web Gateway. , we talked about being able to see the performance, being able to accelerate the performance, and a fantastic additional value that’s integrated with the Blue Coat technologies is the ability to secure your applications. For instance, protecting against malware, filtering outgoing web traffic in real time and reducing exposure to malicious web content. So that’s a great protection for your organization. You are also filtering to guard and employee productivity, working both with Blue Coat’s web filters, as well as any other, or many other web filtering companies that are out there. It really just blocks inappropriate content according to your corporate policy and make sure users are going where they should. Next, preventing an information leak. So integrating, we have integrated data leakage protection that integrates with some third parties, including Vontu. It allows you to watch, alert and prevent the exit of information from databases and other things that you might not want leaving the company. And then finally the ability to validate trust. , the rich set of policies that we provide understands the user and allows you to prevent unauthorized use or unauthorized access, to any place for any resource. And we support eleven authentication protocols, so we have the very rich support to fit any environment. Validate Trust Identity based access policy: prevent unauthorized use Support for eleven authentication protocols

22 Blue Coat Layered Defense
Cloud Service WebPulse™ Inline Detection ProxyAV Web Application & Content Controls ProxySG Integrated DLP ProxySG with S-ICAP and DLP partners Remote ProxyClient All these things that we have been discussing are part of Blue Coat’s Multi-Layered Defense System. We spoke about the 1. Cloud Service: WebPulse Cloud based service to detect malware and web threats Leverages multiple threat detection engines Analyzes150M web requests per day for malicious content, Updates Blue Coat Web Filter with malware hosts. Services ProxySG appliances, plus ProxyClient and K9 desktop agents 2. Inline Detection: ProxyAV Pro-active inline protection from file and web downloads, plus web mail attachments SSL traffic inspection. 3. Web Application & Content Controls: ProxySG running BC WebFilter for real-time web content rating service, reputation ratings, filtering of content, such as blocking downloads from suspicious or unrated sites; apparent data type checks 4. Integrated DLP: ProxySG with S-ICAP and the DLP Partners Protect against unsanctioned or confidential business critical data from leaving the corporate domain. 5. Remote: ProxyClient Which includes remote web filtering with cloud service link for malware protection, real-time web content rating service and acceleration for users in a remote environment and all the things we have been discussing today.

23 Real-time Rating Service
WebPulse Ecosystem “Each user request updates the ecosystem for all customers” Objectionable Content Image Searches Search Engine Caches Translation Services Proxy Avoidance Phishing Detection WebPulse Real-time Rating Service 150M+ user requests per day WebFilter Master ProxyClient v5.3 Blue Coat WebFilter on ProxySG includes: 70+ categories, 50 languages, over 50M users Analyzes content, form, link and origination URL Heuristic analysis and binary scans Web reputation rating for suspicious sites Cross categorization for blended policy rules Support for regional URL lists & custom URL db/categories Allow/deny lists, plus custom overrides & exceptions Header inspection/rewrites for safe search mode Advise and coach users with custom alerts WebFilter ProxySG Enterprise Sites The WebPulse ecosystem is driven by over 150M user requests per day (or 1B per week) that make WebFilter relevant, accurate and dynamic for URL filtering. Real-time ratings cover 98% of objectionable content sites in multiple languages, plus phishing kit detection and the ability to search deep into translation services, image searches, and cached search engine content for an accurate rating not found with static URL filtering solutions. WebPulse acts as a cloud service by combining user requests from K9, ProxyClient, ProxySG appliances, and requests from Service Provider deployments of ProxySG with WebFilter. All requests are analyzed in background process for malware, web threats, reputations and new web content ratings. Five minute updates are provided to ProxySG appliances with WebFilter and clients have a real-time relationship with the WebPulse cloud service. No other web filtering solution matches the volume, features and capabilities. WebPulse: On/Off Passive WebFilter ProxySG ISP Sites

24 WebPulse Cloud Service
DBR Background Rating Process Rating Service DRTR Dynamic Rating Service WebPulse Requests WebFilter Master Deep content & threat analysis, plus human raters (mins – 1+ days) WebFilter 100ms median 7-9ms Requesting Devices WebPulse Metrics: 30B ratings per day average for WebFilter (devices + cloud) 150+M requests/day to WebPulse, peaks near 180M/day Client devices receive ~95% of ratings in 7-9ms ProxySG has on-proxy database for immediate ratings (~95%) ~5% of ProxySG web requests go to WebPulse (~3% in NA) All unrated requests sent to DBR for background analysis Every request gets threat detection analysis in background Looking inside the WebPulse cloud service, three key areas are on the diagram above. The Rating Service is the master WebFilter URL database in the cloud for all remote clients and web gateways. The Dynamic Real-Time Rating (DRTR) service is optional and provides a real-time analysis of unrated web content. This is very useful for objectionable or adult content that advertises itself and is often provided on newly created web sites and pages. DRTR does not provide malware analysis. All malware, web threat, reputation and final web content ratings are completed in the background rating processes in the diagram above. As a community watch solution, the value of these processes is the volume of web traffic they analyze and the repetition to review popular and trusted websites continuously for malware injection attacks. The cloud sees more web traffic and uses more defenses than any one organization could deploy and manage. WebPulse unites Blue Coat web gateways and clients into a computing grid defense.

25 What About The Office of One?
Aren’t We All Mobile Users? Poor performance Inconsistent performance No control over user experience Desktop Client for Acceleration and Control

26 WAN Optimization Anywhere
Provide Fast Access to Applications in the Datacenter Internet Corporate Network Performance increase of up to 35x Dramatically decrease bandwidth use New New Byte Caching Sophisticated custom compression based on observed network patterns Location Awareness Makes intelligent use of ProxySG appliances in the network The new version of the client has now true 2 way Byte Caching which will prevent from the data being transferred over the slow line many times. It will also recognize when it’s in the local company network and when on the road. And naturally it still has the good old protocol optimization, compression and object caching capabilities as before. TCP Optimization CIFS Optimization Inline Compression CIFS Object Caching

27 Centrally Managed Web Remote Control
Real-Time Rating Engine “Good” Fast, On-Demand Categorization “Ugly” “Bad” You Decide What is Good, Bad or Ugly With a Single Corporate Policy Internet Centralized Reporting of Activity You can also enforce the web category policies at the client level to ensure those spyware sites or unwanted content will not infect the client pc’s while popping into a hacked sites on the road. The Blue Coat real time rating engine in the cloud service will provide the same categories always up-to-date and enforcing the company policy where ever the pc is plugged in and connecting to the Internet. And more importantly, this will introduce only around 0-4ms delay to the http gets. Prevents inappropriate Web surfing Protects phishing from known and unknown sources Protects against many forms of spyware Real-time categorization of new web content

28 Blue Coat ProxyClient™
Software client that extends acceleration and web protection to remote client computers Protects clients from malware and ensures corporate acceptable use policies Improves performance of , client-server applications and file services Accelerates traffic between SG appliance and end user machine Transparent to IPSec VPNs No changes to end user experience  apps and file downloads are just faster! Microsoft PowerPoint File size - 1 MB 21 sec. 20 sec. 6 sec. 2 sec. No Client With ProxyClient File Open File Open (warm) File Open (cold) Microsoft Word File size - 10 MB 104 sec. 1 min 2 min 16 sec. No Client With ProxyClient File Open File Open (warm) File Open (cold) 3 sec. So Blue Coat provides a desktop client for acceleration and control, and as an example, it gives that acceleration in caching as a software client, installed on a laptop or PC, at the home office. So it protects clients from malware and it ensures that the use policies of the corporation can be applied locally at the client level, in addition to that acceleration of caching. So it helps improve performance of , any client server applications and it also is transparent to the VPNs that people use to connect into the office. And lastly, this doesn’t impact the end user. The applications, the file downloads, they look just the same, they’re just a heck of a lot faster, as we have examples here of both with the PowerPoint, with opening a PowerPoint, going from something like twenty-one seconds down to two seconds when the cache is warm. Similarly, we have a 10 meg Word file, which would take you two minutes to open over the network, dropping that down to sixteen seconds the first time you see it which ProxyClient, and then down to three seconds the second time you see it. That’s a fantastic difference. Test bed: Office 2003, Win XP, mbps full duplex, 200 ms

29 Blue Coat Solutions Portfolio
PacketShaper Application Visibility & QOS Application Performance Monitoring P2P Traffic Shaping Application Visibility MPLS Migration Bandwidth Management VoIP Deployment ProxySG Secure Web Gateway WAN Optimization Malware Prevention Content Delivery Networks SSL Visibility and Control Remote Acceleration Web Content Filtering Application Front-End Remote Web Control Application Acceleration IM and P2P Control Server Consolidation Information Leak Prevention Replication and Backup And here’s just a, on ProxySG, just so you see that the feature set map very clearly. And let’s note, the ProxySG is leader not only in the WAN Optimization Gartner Magic Quadrant but it’s also a leader in the Secure Web Gateway Gartner Magic Quadrant. So it’s clearly the top of its class, both in Secure Web Gateway and WAN Optimization, providing a full set of capabilities in these two markets. PacketShaper for that performance monitoring and the application based QoS, you can see performance, you can control at a granular level of the operation. And these are the solutions that PacketShaper and ProxySG fit into. Whether it’s meant for PacketShaper or whether it’s performance monitoring, MPLS migrations, or voice deployments, the Secure Web Gateway on ProxySG for SSL visibility and control, information leak protection and really, protection from malware, as well as that acceleration CDN capabilities and caching for all these different applications. 29

30 Application Delivery Network
Blue Coat Products Application Delivery Network End-to-End User Experience Control WebFilter ProxyAV Policy Based Control Management & Reporting Application Acceleration Application & User Security PacketShaper Go Wide Intelligence Center PolicyCenter Application Visibility & Monitoring Application QoS Reporter Director ProxySG Get Focused So that’s the Blue Coat portfolio. And we want to put a highlight out a little bit on the two products, the ProxySG and the PacketShaper, and then each of these products has it’s own ecosystem of products that work together with it. So on the ProxySG side, that has a web filtering, both Blue Coats, as well as working with third parties. The ProxyAV, that’s the companion product that helps do antimalware protection in real time, the Reporter and Director for managing reports and Director for policy management and configuration and finally, the ProxyClient, that software client that works with the ProxySG On the PacketShaper side, the Intelligent Center that manages all the performing reporting centrally and policy center for configuration in policy. And when you look at the ProxySG, that’s where the acceleration, the application and user security comes from, again, all managed through policy base control reports. The PacketShaper adds the application visibility monitoring, the application QoS that we saw, and that delivers at that complete Application Delivery Network, end-to-end user experience control ProxyClient

31 Technology Migration Strategy
Blue Coat PacketShaper Invest in Key Feature Areas PacketShaper™ Key Functionality IntelligenceCenter ProxySG Platform So there’s a certain general principle in what we’re moving towards. And now we’ll just talk you through the individual platforms and how they will migrate over time. First question of course, is, “What is the migration strategy for the individual functionality?” So on the left hand side, you can see sort of the historical Packeteer key platform. So of course, there’s PacketShaper, IntelligentCenter and a series of other platforms; like iShared, iShaper, Mobiliti and SkyX. Basically, what’s gonna happen is PacketShaper as a product, will live on of course, as a key piece of the overall Blue Coat product line. We’ll be investing in key feature areas there. They’re really kind of independent of the integration strategy and we’ll talk through some of that stuff. In addition to that, we’re gonna be looking at key functionality, both on a PacketShaper side, say around the network visibility, and also different, sort of focused acceleration features in the iShared, iShaper, Mobiliti and the SkyX products. And those will be migrated, or at least replicated, onto the ProxySG platform over time. So essentially, that means as Packeteer continues on, gets significantly more investment than it’s gotten historically. Also, some of that functionality and a good year of functionality from some of the other products will also, over time, augment the ProxySG plaque in this general line item of features. The iShared, iShaper, Mobiliti and SkyX product will go end of sale. So those products we’re not gonna continue with. And we’ll focus our development on the Proxy side, on ProxySG, which is sort of the best of breed product in that area, as we discussed earlier. From a reporting perspective, things like IntelligentCenter will continue and that will actually be the main line product that we’ll use moving forward, for both ProxySG and PacketShaper, centralized network reporting. iShared iShaper Mobiliti SkyX Key Functionality End of Sale 31

32 Secure and Accelerate Your Business
Public Internet Internal Network SG Family High Performance Appliances AV Family User Control URL Filtering Here are the major features available for the ProxySG product family (in a heavily animated slide). Virus Scanning Instant Messenger Control Peer-to-Peer Block/Allow Per User Reporting Streaming splitting/caching/control Spyware blocking and reporting Application Acceleration (MACH5) Comprehensive, flexible content policies

33 ProxySG Acceleration & Security One Product, Two Options
Presentation Title Goes Here Presentation Title Goes Here Citrix NetScaler Corporate Intro Presentation ProxySG Acceleration & Security One Product, Two Options August 2005 Insert Version Number Here Insert Version Number Here ProxySG Proxy Edition Secure Web Gateway & Acceleration Full Web & SSL Visibility URL & Content filtering (BC and Third Parties) Malware protection & real time cloud services ICAP Redirection, policy redirection Authentication; proxy services for IM, P2P, Telnet SOCKS All Acceleration Services Acceleration Protocol Acceleration: CIFS, NFS, MAPI, HTTP, HTTPS, MMS, RTSP & More Byte Caching, object caching QOS and Compression Accelerate files, , web, SSL, streaming, external Web & SSL ProxySG Mach5 Edition ProxySG comes with 2 option sets. You can get only the wan acceleration features with the Mach5 edition license Or you can enable all the proxy features including the Mach5 functionality The wan acceleration only is optimal for connecting branch offices to the head quarters optimizing the wan link operability and then have the HQ running a Secure Web Gateway (ProxySG) to enforce the security policies for the internet usage. © 2004 Citrix Systems, Inc.—All rights reserved. © 2003 Citrix Systems, Inc.—All rights reserved. © 2003 Citrix Systems, Inc.—All rights reserved. 33 33 33

34 Five Reasons to Look At Blue Coat Strategic Platform Available Today
Leading caching, acceleration technologies Appliance & software client delivery Accelerate Files, & Backup Accelerate and Control Your Other Key Applications Enable New Architectures for Application Delivery Integrated Security Real Time Application View of WAN Web & SSL Experts (Visibility, Control, Acceleration) Recreational Control, SaaS Acceleration Rich Media Delivery (Caching, CDN, Split Streaming) IP Telephony, Video Conferencing (QOS, monitor) Direct to Net (secure Internet from Branch) & MPLS Virtualization & Web 2.0 Leading Secure Web Gateway Real time threat & malware protection End User Experience Monitoring Voice & Video Quality Reporting Troubleshooting & Reporting Full Web Usage Reporting 34 34

35 10+ Years Experience Built-in our Solutions
Transparent to users, works with your current IT investment Security, performance and control in a single, unified appliance Complete range of Blue Coat ® ProxySG ® High-Performance appliances Software client (ProxyClient) for mobile and remote users Complete coverage of web traffic and users SG8100 Series SG810 Series SG510 Series On the right hand side, you can see the different appliances that we offer, everywhere from the ProxySG210, which is designed for smaller offices, up to the ProxySG 8100, where you’re talking about something that is meant for the enterprise core. And all of these appliances deliver the same kinds of function. And you’re talking about something that is transparent to users. It combines that security performance control, that “see, secure, accelerate, control” aspects into a single platform. ProxyClient provides both acceleration and remote web control features at no charge to customers. SG210 Series ProxyClient

36 Experience & Leadership
Web focused company 50,000+ appliances sold Over 50M WebFilter users Rate over 30B requests/day Analyze 1B+ web requests/week Open Design URL List, DLP, Threat Detection Market leader SG8100 Series SG810 Series SG510 Series Blue Coat is a WEB FOCUSED company to see web content and applications, accelerate key business traffic and to control and provide security defenses. These three elements all work together, doing one without the others is difficult and inefficient. Acceleration only speeds up both the good and the bad, security only introduces latency and only amplifies web application performance issues, and visibility by itself provides insight to web traffic, however no controls to react and manage the situation. Blue Coat has sold over 50,000 appliances, WebFilter has over 50M users, rates over 30B requests per day and provide deep analysis on over 1B web requests per week to detect malware, rate new content, and assess reputations. WebFilter is extended with the optional real-time rating service, often providing an additional 5-6% more categorization, especially for objectionable content that should be blocked for compliance reasons in many environments. Open by design, customers have a choice with over 16 partners for URL list, inline threat detection and DLP integration. Blue Coat is the market leader based on many metrics. SG210 Series ProxyClient

37 Conclusion The Application Delivery Network…
Gives you complete visibility, security & acceleration Intelligent control of your network See & classify applications & users Protect users from malicious content Accelerate business-critical applications The best products & solutions Only Blue Coat delivers the industry’s best, most comprehensive solution for ADN 37 37 37

38 K9 Web Protection http://www.getk9.com FREE WEB FILTERING
If you want to protect your Internet connections at home with the same Blue Coat real-time categorizing Blue Coat is now giving it away, read more at: Feel free to give this link to anyone you want! Try this at home!

39

Download ppt "Better together, Blue Coat and Packeteer"

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Enabling business beyond the corporate network.

Enabling business beyond the corporate network.
© Blue Coat Systems, Inc. 2011. All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.

© Blue Coat Systems, Inc All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.
Visibility. Then Control. Keep good employees from doing bad things on the Internet.

Visibility. Then Control. Keep good employees from doing bad things on the Internet.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
1 Adding WAN Optimisation to Boost Storage Sales Success Nigel Hawthorn VP EMEA Marketing Blue Coat in a Virtual World.

1 Adding WAN Optimisation to Boost Storage Sales Success Nigel Hawthorn VP EMEA Marketing Blue Coat in a Virtual World.
Security and Acceleration - A contradiction in terms? Nigel Hawthorn VP EMEA Marketing.

Security and Acceleration - A contradiction in terms? Nigel Hawthorn VP EMEA Marketing.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat ® and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat ® and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.

Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Blue Coat: Your partner to sales success Nigel Hawthorn VP EMEA Marketing +44 7081 487 987

Blue Coat: Your partner to sales success Nigel Hawthorn VP EMEA Marketing
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.

1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.

Similar presentations

Ads by Google