Introducing Application Delivery Networking

Download Report

Transcript Introducing Application Delivery Networking

Application Delivery Network for Microsoft

Radovan Gibala

[email protected]

Agenda

Application Ready Network – Introduction & Benefits Basic Components of ARN – Availability – Performance – Security Deployment Infrastructure for Microsoft Applications Exchange – Deployment Guides SharePoint – Deployment Guides Integration with MOM

2

IT Challenge - Out of Control

Applications and networks behave independently Many network functions require high degrees of manual intervention Distributed architectures and web services increase complexity Historically, applications and protocols for communicating with network devices inflexible at best

RESULT: Applications and Networks operate without regard to each other limiting scale, performance, reliability, and security 3

Application Problems: Finger Pointing 101

Slow responses Bloated data Security risks Many servers

4

XML, SOAP, ActiveX, JS Application Attacks Exchange, SharePoint Office workers telecommuters Network Administrator Application Developer

Application Problems: Finger Pointing 101

Slow responses Bloated data Security risks Many servers Exchange, SharePoint XML, SOAP, ActiveX, JS Application Attacks

5 *@#!

User

Office workers; telecommuters

?

Network Administrator ?

Application Developer

8 9 10 1 2 3 4 5 6 7

10 Most Common Deployment Mistakes

Lack of end-user involvement or it happens at the end (too late)

The solution is

‘thrown over the wall’

to the infrastructure team

!

No clear session management approach

No clear separation of business logic from the user interface

There is no

predictable

build process of

the solution

Testers are testing the developers – but who is testing the testers?

Performance & security design

is kept till the end of the project

Browser compatibility is on the agenda yet testing is under estimated

Accessibility, globalization and localization

are forgotten

In accurate project estimates, lack of financial control and frequent financial/time reconciliation processes Note: The majority of these are infrastructure and process issues.

Source:

Vajira Weerasekera Principal Consultant – Microsoft Solutions Development Center

6

F5 Networks’ Application Ready Network for Microsoft 7 User *@#!

Network Administrator Application Developer

The F5 Business Value

Reduces company risks

by protection of critical applications against security threats

simplify

the

application deployment

process

!!!

Simplify the operational

manageability

Reduce the number of

Hardware

(servers) or

Downsize

server size Improves application Reduce

maintenance

effort

PERFORMANCE

Increased availability, scalability and security drives

Significantly!

increased

business productivity and faster ROI 8

Most Cost-Effective Business Continuity Intelligent & Automated DNS, the Gateway to the Application

Users International Data Center Enterprise Manager

BIG-IP Global Traffic Manager

BIG-IP Link Controller FirePass SSL VPN WANJet BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

9

Business Goal: Achieve these objectives in the most operationally efficient manner

Put Connectivity in the Control of the Enterprise Intelligent and Automated WAN & Link Optimization / for Applications

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager

BIG-IP Link Controller

WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

10

Business Goal: Achieve these objectives in the most operationally efficient manner

Provide Cost-Effective, Secure Application Access for All Users Universal Access Control

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

11

Business Goal: Achieve these objectives in the most operationally efficient manner

Offload All Applications for Availability, Acceleration & Security

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN

BIG-IP Local Traffic Manager

Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

12

Business Goal: Achieve these objectives in the most operationally efficient manner

Load balancing Application Servers • Significant traffic reduction Caching Compression • Significant speed improvement Rate Shaping • Improved session persistence SSL / FIPS acceleration TCP Optimisation • Higher degree of control • Improved flow management • Increased scalability • Lower cost Switch

13

BIG-IP Security Add-On Modules

Application Security Module

Protect applications and data

SSL Acceleration

Protect data over the Internet

14 Advanced Client Authentication Module

Protect against unauthorised access

BIG-IP Software Add-On Modules

Quickly Adapt to Changing Application & Business Challenges Compression Module

Increase performance

Webaccelerator - Fast Cache Module

Offload servers

15 Rate Shaping Module

Reserve bandwidth

Accelerate Applications for Unmanaged Users Centralize & Accelerate Web Application Optimization

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager

Web Accelerator ASM

Application Security Manager iControl TMOS Applications

16

Business Goal: Achieve these objectives in the most operationally efficient manner

Offload and Centralize Application Security: Prevent Zero Day Attacks

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

17

Business Goal: Achieve these objectives in the most operationally efficient manner

Security’s Gaping Hole

“64% of the 10 million security incidents tracked targeted port 80.”

Information Week

DATA 18

Application Security with a WAF

Intelligent Decisions Allow Only Good Application Behaviour; Positive Security Browser Definition of Good and Bad Behaviour 19

Manage the Application Delivery Network for Op Efficiency Centralized Management and Infrastructure Integration 20

Users International Data Center

Enterprise Manager

BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl TMOS Applications

Business Goal: Achieve these objectives in the most operationally efficient manner

Open ADN Web Services API for Integration

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager

iControl

TMOS Applications

21

Business Goal: Achieve these objectives in the most operationally efficient manner

Unified and Modular Architecture A High Performance Framework for the ADN

Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator

ASM

Application Security Manager iControl

TMOS

Applications

22

Business Goal: Achieve these objectives in the most operationally efficient manner

The Most Intelligent and Adaptable Solution Client Side Security iRules Programmable Network Language GUI-Based Application Profiles Repeatable Policies Unified Application Infrastructure Services Programmable Application Network Targeted and Adaptable Functions Optimisation Delivery Universal Inspection Engine (UIE) New Service Complete Visibility and Control of Application Flows TM/OS Fast Application Proxy

Compression

News Website

TCP Offloading Load Balancing

Server Side 23

Deployment Guides

24

Exchange 2007 Deployment

25

F5 Benefits for Exchange 2007

Reliable, Real-Time Availability Optimized Data Replication Between Data Centers.

More Data, Less Time

Secure Point-To-Point Data Replication Efficiently Use Existing Bandwidth == Less $$

26

SharePoint 2007 Deployment

27

F5’s Benefits for SharePoint

Increase SharePoint Server Performance by 5x 20-30% Bandwidth Reduction for Remote Users Gain 25+% Server Capacity with Service Offload Reduce Time-Out Errors by 85% for Mobile Users Automated Failover and Access Control

28

SharePoint 2007 Global Deployment

29

Global Application Health

Application Aware Monitoring: Back-end system goes down, entire application is taken down and users are re-routed Global Failover Based on Application Health, Not Just Server and Data Center Health Lose an app in Warszawa, Redirect Users to Praha, Transparently Full Integration From Remote Data Centers Down to Users

30

Application Security and User Control

31

Requirements For Application Security Securing user AND transaction access to applications and data is critical to completely securing enterprise IT Unauthorized User From A Valid Terminal User/transaction validity App & data access auth.

32 Partner Employee Customer Corporate IP Network Corporate Apps & Data Invalid Transaction From A Valid System Contextual Security: Policy Management

F5 Sharepoint Security Benefits

Secure Session Management Inline Reverse Proxy Sees All Data, Requests and Responses Granular Application Control Session-Based Policy Management Accountability: Audit Trail

Application Delivery Security

33

Exchange User Access 2007 Deployment

34

Secure Microsoft Access

Any Device

• Laptops • Home PCs • Smart phones • PDAs • Wi-Fi access

Unified Access Gateway

Outlook Web Access iNotes Web-based CRM HR Data

Internet

Any User

• Suppliers • Consultants • Branch office employees • Telecommuters • Mobile employees • Partners

Any Application

• Mainframe • Client-server • Web-based • Web Services Broad user, clients and application support Servers, applications, intranet servers

35

Unified Access Gateway and Outlook

Integration: Secure User Access to Exchange via Outlook or OWA Granularity: Application Awareness and Control Flexibility: Multiple Secure Access Solutions Specific to Your Mail Infrastructure Client-less for All Users

36

Unified Access Gateway and SharePoint

Secure User Access to SharePoint Intelligent Content Distribution based on access platform Send only the data I need, nothing more Vista == Full graphic experience WinMobile == No DHTML, just data

37

F5 Security/Windows Interoperability

Vista GINA integration Internet Explorer 7 support Windows Installer Auto-launch Web AppTunnels Enhanced user-session variables for Active Directory, and networking

38

Call To Action

39

Application Ready Network for Microsoft

Workshops

40

MTC Engagement Types

Strategy briefings Architecture design session – customised session Proof of Concept workshop MTC locations in EMEA - Copenhagen, Denmark - Dubai, UAE - Munich, Germany - Paris, France - Thames Valley, UK

41

F5 Technology Center

Hosted Strategy Briefings Architecture Design – Customized Sessions On-site Technical Expertise Proof of Concept, Real-World Implementation Located At F5 Headquarters in Seattle, WA

42

Application Ready Network for MS

Users Applications Application Ready Network In the Office XP Mobile PC Exchange Exchange 2007 Active Directory F5 Adds More Performance, Security, Availability, and Scalability to your MS Application Roll-Out 43