Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to achieve a fast, secure and available virtualization infrastructure Luuk Dries.

Published byKory Moody Modified over 9 years ago

Similar presentations

Presentation on theme: "How to achieve a fast, secure and available virtualization infrastructure Luuk Dries."— Presentation transcript:

1 How to achieve a fast, secure and available virtualization infrastructure Luuk Dries

2 © F5 Networks 2 Agenda Application Requirements Availability Performance Security VMware Environments Further Enhancing Availability Enhancing Performance Adding Security

3 © F5 Networks 3 Why virtualization – a small recap Efficiency –Maximize CPU, RAM and Disk resources –Energy savings Flexibility –Quick response to business needs –Quickly adding and removing applications

4 © F5 Networks 4 Why virtualization ? Business Continuity Disaster Recovery Security Test and Development

5 © F5 Networks 5 Each Application has its own specific requirements: 99,999% Availability, Performance over the WAN, High Security,.... Available Fast Secure SharePoint Database Siebel BEA.NET SAP PeopleSoft IBM ERP SalesForce Custom Application Delivery Networking Applications

6 © F5 Networks 6 Availability for the Web Tier… 99% 99.99% 99.9999% Internet Unmatched scalability and transparency High Availability and Load Balancing Centralized SSL offloading Unmatched scalability and transparency High Availability and Load Balancing Centralized SSL offloading

7 © F5 Networks 7 … and for the Application Tier 99% Application WWW 99% 98% Accumulated Availability Internet Full L7 application visibility L7 content processing and switching Application monitoring Full L7 application visibility L7 content processing and switching Application monitoring

8 © F5 Networks 8 Flexibility:Data Center Automation Real-time interfacing with vCenter to add new VMs to the load balancing pool (iControl) Advanced Health Checks to ensure that newly provisioned VMs are ready for traffic

9 © F5 Networks 9 Availability and Performance across ISP Links Internet ISP2 ISP1 Select link on: - Availability - Cost of route - Protocol - Source/Destination - Time And apply: - Bandwith Management - Traffic Prioritization

10 © F5 Networks 10 Availability and Performance across Datacenters Internet Local DNS Primary DC Backup DC

11 © F5 Networks 11 My Web Applications are Slow.. First time visits are slow Users are increasingly remote and/or mobile Dynamic Web content Network latency, packet loss, verbose protocols IT Manager & App Architect Data center consolidation = Difficult to accelerate SSL content

12 © F5 Networks 12 Web Browser MyWebApp.com Web Servers Time WAN Latency WAN Latency WAN Latency WAN Latency A web page load with about 100 objects generates at least 100 round-trips LAN: 100/2 x 1 ms = 50 ms WAN: 100/2 x 250 ms = 12.5 seconds! Chatty Apps & Latency = Slow Apps Get / HTTP/1.1 Index.html Get /javascript.js HTTP/1.1 javascript.js Get /stylesheet.css HTTP/1.1 stylesheet.css Get /image(n).jpg HTTP/1.1 image(n).jpg 250 ms

13 © F5 Networks 13 With Without Impact of Web Acceleration

14 © F5 Networks 14 F5 Approach – Three Tiers of Acceleration Tier 1 Acceleration – Network Offload –Re-use downloaded objects/content (IBR) –Reduce data transferred (Compression) Tier 2 Acceleration – Server Offload –Servers are busy serving same data over and over (Caching) –Too many connections to back-end servers (OneConnect & spooling) –Overflow of connections to back-end servers (RateShape & conn limit) –SSL offload –Compression offload Tier 3 Acceleration – Application Offload –Browser re-downloads same content over and over (IBR) –Force multiple connections (MultiConnect) –Web apps are slow over the WAN (ESI, Compression, PDF linear..)

15 © F5 Networks 15 Effect of 3 Tiers of Acceleration Page Load Time Up to 90% reduction in Page load time

16 © F5 Networks 16 Effect of 3 Tiers of Acceleration CPU Utilization Up to 90% reduction in CPU utilization

17 © F5 Networks 17 Intelligent Browser Referencing This is the only dynamic content Problem Repeated Content Retrieval Slows Web Application Dynamic pages contain mostly static content that is retrieved repeatedly Repeated Content Retrieval Slows Web Application Dynamic pages contain mostly static content that is retrieved repeatedly

18 © F5 Networks 18 Intelligent Browser Referencing Initial Request CompressionCache Solution WebAccelerator Enables Browser Re-use of Cacheable Contents No client to download No changes to browser WebAccelerator Enables Browser Re-use of Cacheable Contents No client to download No changes to browser Subsequent Client Requests Cache Apply IBR cache expiration Repeat Visits Retrieve from Browser Cache

19 © F5 Networks 19 Easy to Deploy – Easy to Integrate Validated in vendor application labs –Certified policies pre-configured

20 © F5 Networks 20 Web Acceleration Performance 2X to10X Performance Increase

21 © F5 Networks 21 Virtual Desktop Infrastructure WAN optimization Connection persistence on a per session basis High endpoint security using pre-login checks and authentication

22 © F5 Networks 22 Virtual Machine replication Quicker VM replication Quicker Data Replication using Compression and Data De-duplication tunnels

23 © F5 Networks 23 …of a virtualized application and its storage F5 and VMware can enable a secure, live migration …from one site to another …without downtime and without user disruption.

24 © F5 Networks 24 BIG-IP Local Traffic Manager Initial Environment BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B

25 © F5 Networks 25 BIG-IP Local Traffic Manager Step 1: F5 BIG-IP Local Traffic Manager Opens WAN Optimization Tunnel BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B 1 1 Compressed De-Duplicated Encrypted

26 © F5 Networks 26 BIG-IP Local Traffic Manager Step 2: Storage vMotion Executed Across WAN Optimized Tunnel BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B 2 2 This step can be avoided if storage is already being synchronously replicated between sites

27 © F5 Networks 27 BIG-IP Local Traffic Manager Step 2: Pending App vMotion, transactions rely on VM in Site A, but Storage in Site B BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B vCenter A still managing VM

28 © F5 Networks 28 BIG-IP Local Traffic Manager Step 3: Application vMotion Executed Over WAN Optimized Tunnel BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B 3 3

29 © F5 Networks 29 BIG-IP Local Traffic Manager Step 4: vCenter Instructs F5 BIG-IP Global Traffic Manager to Cut Over to Site-B BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B 4 4

30 © F5 Networks 30 BIG-IP Local Traffic Manager F5 BIG-IP Global Traffic Manager Routes All NEW Application Connections/Sessions Directly to Site B. BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B

31 © F5 Networks 31 BIG-IP Local Traffic Manager F5 BIG-IP Local Traffic Manager in Site A Redirects EXISTING Sessions Temporarily to Site B Until Clients Register DNS Change BIG-IP Global Traffic Manager BIG-IP Local Traffic Manager vCenter A vCenter B

32 © F5 Networks 32 BIG-IP Local Traffic Manager Eventually, ALL Connections Go Directly to Site B. The Process Can Be Reversed When Necessary. BIG-IP Global Traffic Manager vCenter B BIG-IP Local Traffic Manager vCenter A Successful Application Migration Complete

33 © F5 Networks 33 Web Application Security ! Unauthorised Access WAF allows legitimate requests Stops bad requests / responses Browser Unauthorised Access ! Non- compliant Information ! Infrastructural Intelligence !

34 © F5 Networks 34 Challenges of Web Application Security HTTP attacks are valid requests HTTP is stateless, application is stateful Web applications are unique –there are no signatures for YOUR web application Good protection has to inspect the response as well Encrypted traffic facilitates attacks… Organizations are living in the dark –missing tools to expose/log/report HTTP(s) attacks

35 © F5 Networks 35 Provides comprehensive protection for all web application vulnerabilities Provides out of the box security Logs and reports all application traffic Provides L2->L7 protection Unifies security and acceleration services Stop attacks unseen by traditional WAFs (anti-evasion) Provide On-Demand WAF scaling Sees Application level performance ASM: Powerful Adaptable Solution

36 © F5 Networks 36 Layer 7 DoS and Brute Force Unique Attack Detection and Protection Unwanted clients are remediated and desired clients are serviced Improved application availability

37 © F5 Networks 37 Bringing it all together Application Network AdministratorApplication Developer More Bandwidth Multiple Point Solutions

38 © F5 Networks 38 Why F5? The F5 Advanced ADN Available Fast Secure SharePoint Database Siebel BEA.NET SAP PeopleSoft IBM ERP SalesForce Custom Application Delivery Networking Applications

39 © F5 Networks 39 F5 Vision: Unified Application & Data Delivery Context-Aware Networking Corporate Employees LAN & WLAN Mobile Employees Customer, Partners, or Suppliers Branch Employees LAN & WLAN Remote Employees Cloud Services Hosted Applications Corporate Data Center SAAS Apps and Data in the Branch Enables the Dynamic Infrastructure 39 Visibility Integration Context Action

40 © F5 Networks 40 Applications & Storage International Data Center F5’s ADN Enterprise Manager / ControlPoint TMOS iControl BIG-IP Global Traffic Manager WAN Optimiza tion FirePass SSL VPN BIG-IP Local Traffic Manager BIG-IP Application Security Manager BIG-IP Web Accelerator BIG-IP Link Controller ARX File/Data Virtualization Business Goal: Achieve these objectives in the most operationally efficient manner PC - Home PC - LAN WLAN Cell Remote - WAN

41 © F5 Networks 41 Gartner Magic Quadrant for ADC niche playersvisionaries challengers leaders | completeness of vision | | ability to execute | F5 Networks Offers the most feature-rich AP ADC, combined with excellent performance and programmability via iRules and a broad product line. Strong focus on applications, including long-term relationships with major application vendors, including Microsoft, Oracle and SAP. Strong balance sheet and cohesive management team with a solid track record for delivering the right products at the right time. Strong underlying platform allows easy extensibility to add features. Support of an increasingly loyal and large group of active developers tuning their applications environments specifically with F5 infrastructure. Source: Gartner (July 2008) F5 Networks Citrix Systems Cisco Systems Foundry Networks Nortel Networks Zeus Technology Radware

42 © F5 Networks 42 BIG-IP Hardware Line-up Price Function / Performance BIG-IP 3600 Dual core CPU 8 10/100/1000 + 2x 1GB SFP 1x 160 GB HD + 8GB CF 4 GB memory SSL @ 10K TPS/2 Gb bulk 1 Gbps max software compression 1.5 Gbps Traffic 1 Advanced Product Module 2 x Quad core CPU 16 10/100/1000 or 2 10GE SFP+ 2x 320 GB HD + 8GB CF 16 GB memory SSL @ 58K TPS/ 9.6 Gb Bulk 8 Gbps max hardware compression 12 Gbps Traffic Multiple Product Modules BIG-IP 8900 36 Gbps Traffic Multiple Product Modules Ultimate redundancy in a single chassis VIPRION BIG-IP 1600 Dual core CPU 4 10/100/1000 + 2x 1GB SFP 1x 160GB HD 4 GB memory SSL @ 5K TPS/1 Gb Bulk 750 Mbps max software compression 750 M Traffic 1 Basic Product Module 2 x Dual core CPU 16 10/100/1000 + 8x 1GB SFP 2x 320 GB HD (S/W RAID) + 8GB CF 8 GB memory SSL @ 25K TPS/ 4 Gb bulk 5 Gbps max hardware compression 6 Gbps Traffic Multiple Product Modules BIG-IP 6900

43 © F5 Networks 43 F5’s Data Center Vision – Unified Application & Data Delivery EMC PC - Home App. Server Web Server App. Server Web Server PC - LAN WLAN Windows file storage NetApp Cell Remote - WAN File Storage Virtualization: Services & PolicyApplication Server Virtualization: Services & Policy Web Server Virtualization: Services & PolicyData Center & Link Virtualization: Services & Policy Link 1 Link 2 Link 3 DC 2: U.K. DC 1: U.S. Link 1 Link 2 Link 3 BIG-IP LTM,GTM & LC BIG-IP LTM, WA, ASMBIG-IP LTM, SAMF5 ARX

44 © F5 Networks 44 ARX – File Virtualization User / application access tightly coupled to physical file storage –Inflexible: change is disruptive –Complex: multiple mappings to heterogeneous storage devices –Inefficient: low aggregate utilization File access decoupled from physical storage location –Flexible: change is non-disruptive –Simple: single mapping to unified storage pool –Efficient: maximize utilization BEFORE AFTER

45 © F5 Networks 45 Tiering / ILM / Data Migration Match cost of storage to business value of data –Files are automatically moved between tiers based on flexible criteria such as age, type, size, etc. Drivers: –Storage cost savings, backup efficiencies, compliance Benefits: –Reduced CAPEX –Reduced backup windows and infrastructure costs

46 © F5 Networks 46 Summary F5 offers you the scalability both in performance and functionality to optimize all your applications F5 makes your applications –SECURE –FAST –AVAILABLE in the most flexible and stable solution F5 optimizes your storage environment

47

Download ppt "How to achieve a fast, secure and available virtualization infrastructure Luuk Dries."

Similar presentations

2005 2006 2007 2008 Deloitte Technology Fast 500 Asia Pacific Winners Accelerating Your Network WACC Technology.

Deloitte Technology Fast 500 Asia Pacific Winners Accelerating Your Network WACC Technology.
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
1 Agregando Inteligencia a la red Patricio Dueñas C. Country Manager F5 Networks - México.

1 Agregando Inteligencia a la red Patricio Dueñas C. Country Manager F5 Networks - México.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
BIG-IP Link Controller

BIG-IP Link Controller
System Center 2012 R2 Overview

System Center 2012 R2 Overview
The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.

The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.
1 Vladimir Knežević Microsoft Software d.o.o.. 80% Održavanje 80% Održavanje 20% New Cost Reduction Keep Business Up & Running End User Productivity End.

1 Vladimir Knežević Microsoft Software d.o.o.. 80% Održavanje 80% Održavanje 20% New Cost Reduction Keep Business Up & Running End User Productivity End.
1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615) 747-3735.

1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615)
1 BIG-IP Global Traffic Manager Presented by: your name, your title.

1 BIG-IP Global Traffic Manager Presented by: your name, your title.
Cisco and NetApp Confidential. Distributed under non-disclosure only. Name Date FlexPod Entry-level Solution FlexPod Value, Sized Right for Smaller Workloads.

Cisco and NetApp Confidential. Distributed under non-disclosure only. Name Date FlexPod Entry-level Solution FlexPod Value, Sized Right for Smaller Workloads.
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.

Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Transform your desktop with virtualization. 22 Agenda Evolution of VDI VDI Solution VDI Use Cases Questions & Answers.

Transform your desktop with virtualization. 22 Agenda Evolution of VDI VDI Solution VDI Use Cases Questions & Answers.
Copyright 2009 FUJITSU TECHNOLOGY SOLUTIONS PRIMERGY Servers and Windows Server® 2008 R2 Benefit from an efficient, high performance and flexible platform.

Copyright 2009 FUJITSU TECHNOLOGY SOLUTIONS PRIMERGY Servers and Windows Server® 2008 R2 Benefit from an efficient, high performance and flexible platform.
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.

1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.
Microsoft Virtual Server 2005 Product Overview Mikael Nyström – TrueSec AB MVP Windows Server – Setup/Deployment Mikael Nyström – TrueSec AB MVP Windows.

Microsoft Virtual Server 2005 Product Overview Mikael Nyström – TrueSec AB MVP Windows Server – Setup/Deployment Mikael Nyström – TrueSec AB MVP Windows.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
© Hitachi Data Systems Corporation 2014. All rights reserved. 1 1 Det går pænt stærkt! Tony Franck Senior Solution Manager.

© Hitachi Data Systems Corporation All rights reserved. 1 1 Det går pænt stærkt! Tony Franck Senior Solution Manager.

Similar presentations

Ads by Google