Transcript Introducing Application Delivery Networking
Application Delivery Network for Microsoft
Radovan Gibala
Agenda
Application Ready Network – Introduction & Benefits Basic Components of ARN – Availability – Performance – Security Deployment Infrastructure for Microsoft Applications Exchange – Deployment Guides SharePoint – Deployment Guides Integration with MOM
2
IT Challenge - Out of Control
Applications and networks behave independently Many network functions require high degrees of manual intervention Distributed architectures and web services increase complexity Historically, applications and protocols for communicating with network devices inflexible at best
RESULT: Applications and Networks operate without regard to each other limiting scale, performance, reliability, and security 3
Application Problems: Finger Pointing 101
Slow responses Bloated data Security risks Many servers
4
XML, SOAP, ActiveX, JS Application Attacks Exchange, SharePoint Office workers telecommuters Network Administrator Application Developer
Application Problems: Finger Pointing 101
Slow responses Bloated data Security risks Many servers Exchange, SharePoint XML, SOAP, ActiveX, JS Application Attacks
5 *@#!
User
Office workers; telecommuters
?
Network Administrator ?
Application Developer
8 9 10 1 2 3 4 5 6 7
10 Most Common Deployment Mistakes
Lack of end-user involvement or it happens at the end (too late)
The solution is
‘thrown over the wall’
to the infrastructure team
!
No clear session management approach
No clear separation of business logic from the user interface
There is no
predictable
build process of
the solution
Testers are testing the developers – but who is testing the testers?
Performance & security design
is kept till the end of the project
Browser compatibility is on the agenda yet testing is under estimated
Accessibility, globalization and localization
are forgotten
In accurate project estimates, lack of financial control and frequent financial/time reconciliation processes Note: The majority of these are infrastructure and process issues.
Source:
Vajira Weerasekera Principal Consultant – Microsoft Solutions Development Center
6
F5 Networks’ Application Ready Network for Microsoft 7 User *@#!
Network Administrator Application Developer
The F5 Business Value
Reduces company risks
by protection of critical applications against security threats
simplify
the
application deployment
process
!!!
Simplify the operational
manageability
Reduce the number of
Hardware
(servers) or
Downsize
server size Improves application Reduce
maintenance
effort
PERFORMANCE
Increased availability, scalability and security drives
Significantly!
increased
business productivity and faster ROI 8
Most Cost-Effective Business Continuity Intelligent & Automated DNS, the Gateway to the Application
Users International Data Center Enterprise Manager
BIG-IP Global Traffic Manager
BIG-IP Link Controller FirePass SSL VPN WANJet BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
9
Business Goal: Achieve these objectives in the most operationally efficient manner
Put Connectivity in the Control of the Enterprise Intelligent and Automated WAN & Link Optimization / for Applications
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager
BIG-IP Link Controller
WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
10
Business Goal: Achieve these objectives in the most operationally efficient manner
Provide Cost-Effective, Secure Application Access for All Users Universal Access Control
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
11
Business Goal: Achieve these objectives in the most operationally efficient manner
Offload All Applications for Availability, Acceleration & Security
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN
BIG-IP Local Traffic Manager
Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
12
Business Goal: Achieve these objectives in the most operationally efficient manner
Load balancing Application Servers • Significant traffic reduction Caching Compression • Significant speed improvement Rate Shaping • Improved session persistence SSL / FIPS acceleration TCP Optimisation • Higher degree of control • Improved flow management • Increased scalability • Lower cost Switch
13
BIG-IP Security Add-On Modules
Application Security Module
Protect applications and data
SSL Acceleration
Protect data over the Internet
14 Advanced Client Authentication Module
Protect against unauthorised access
BIG-IP Software Add-On Modules
Quickly Adapt to Changing Application & Business Challenges Compression Module
Increase performance
Webaccelerator - Fast Cache Module
Offload servers
15 Rate Shaping Module
Reserve bandwidth
Accelerate Applications for Unmanaged Users Centralize & Accelerate Web Application Optimization
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager
Web Accelerator ASM
Application Security Manager iControl TMOS Applications
16
Business Goal: Achieve these objectives in the most operationally efficient manner
Offload and Centralize Application Security: Prevent Zero Day Attacks
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
17
Business Goal: Achieve these objectives in the most operationally efficient manner
Security’s Gaping Hole
“64% of the 10 million security incidents tracked targeted port 80.”
Information Week
DATA 18
Application Security with a WAF
Intelligent Decisions Allow Only Good Application Behaviour; Positive Security Browser Definition of Good and Bad Behaviour 19
Manage the Application Delivery Network for Op Efficiency Centralized Management and Infrastructure Integration 20
Users International Data Center
Enterprise Manager
BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl TMOS Applications
Business Goal: Achieve these objectives in the most operationally efficient manner
Open ADN Web Services API for Integration
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager
iControl
TMOS Applications
21
Business Goal: Achieve these objectives in the most operationally efficient manner
Unified and Modular Architecture A High Performance Framework for the ADN
Users International Data Center Enterprise Manager BIG-IP Global Traffic Manager BIG-IP Link Controller WANJet FirePass SSL VPN BIG-IP Local Traffic Manager Web Accelerator
ASM
Application Security Manager iControl
TMOS
Applications
22
Business Goal: Achieve these objectives in the most operationally efficient manner
The Most Intelligent and Adaptable Solution Client Side Security iRules Programmable Network Language GUI-Based Application Profiles Repeatable Policies Unified Application Infrastructure Services Programmable Application Network Targeted and Adaptable Functions Optimisation Delivery Universal Inspection Engine (UIE) New Service Complete Visibility and Control of Application Flows TM/OS Fast Application Proxy
Compression
News Website
TCP Offloading Load Balancing
Server Side 23
Deployment Guides
24
Exchange 2007 Deployment
25
F5 Benefits for Exchange 2007
Reliable, Real-Time Availability Optimized Data Replication Between Data Centers.
More Data, Less Time
Secure Point-To-Point Data Replication Efficiently Use Existing Bandwidth == Less $$
26
SharePoint 2007 Deployment
27
F5’s Benefits for SharePoint
Increase SharePoint Server Performance by 5x 20-30% Bandwidth Reduction for Remote Users Gain 25+% Server Capacity with Service Offload Reduce Time-Out Errors by 85% for Mobile Users Automated Failover and Access Control
28
SharePoint 2007 Global Deployment
29
Global Application Health
Application Aware Monitoring: Back-end system goes down, entire application is taken down and users are re-routed Global Failover Based on Application Health, Not Just Server and Data Center Health Lose an app in Warszawa, Redirect Users to Praha, Transparently Full Integration From Remote Data Centers Down to Users
30
Application Security and User Control
31
Requirements For Application Security Securing user AND transaction access to applications and data is critical to completely securing enterprise IT Unauthorized User From A Valid Terminal User/transaction validity App & data access auth.
32 Partner Employee Customer Corporate IP Network Corporate Apps & Data Invalid Transaction From A Valid System Contextual Security: Policy Management
F5 Sharepoint Security Benefits
Secure Session Management Inline Reverse Proxy Sees All Data, Requests and Responses Granular Application Control Session-Based Policy Management Accountability: Audit Trail
Application Delivery Security
33
Exchange User Access 2007 Deployment
34
Secure Microsoft Access
Any Device
• Laptops • Home PCs • Smart phones • PDAs • Wi-Fi access
Unified Access Gateway
Outlook Web Access iNotes Web-based CRM HR Data
Internet
Any User
• Suppliers • Consultants • Branch office employees • Telecommuters • Mobile employees • Partners
Any Application
• Mainframe • Client-server • Web-based • Web Services Broad user, clients and application support Servers, applications, intranet servers
35
Unified Access Gateway and Outlook
Integration: Secure User Access to Exchange via Outlook or OWA Granularity: Application Awareness and Control Flexibility: Multiple Secure Access Solutions Specific to Your Mail Infrastructure Client-less for All Users
36
Unified Access Gateway and SharePoint
Secure User Access to SharePoint Intelligent Content Distribution based on access platform Send only the data I need, nothing more Vista == Full graphic experience WinMobile == No DHTML, just data
37
F5 Security/Windows Interoperability
Vista GINA integration Internet Explorer 7 support Windows Installer Auto-launch Web AppTunnels Enhanced user-session variables for Active Directory, and networking
38
Call To Action
39
Application Ready Network for Microsoft
Workshops
40
MTC Engagement Types
Strategy briefings Architecture design session – customised session Proof of Concept workshop MTC locations in EMEA - Copenhagen, Denmark - Dubai, UAE - Munich, Germany - Paris, France - Thames Valley, UK
41
F5 Technology Center
Hosted Strategy Briefings Architecture Design – Customized Sessions On-site Technical Expertise Proof of Concept, Real-World Implementation Located At F5 Headquarters in Seattle, WA
42
Application Ready Network for MS
Users Applications Application Ready Network In the Office XP Mobile PC Exchange Exchange 2007 Active Directory F5 Adds More Performance, Security, Availability, and Scalability to your MS Application Roll-Out 43