BlueCoat

Download Report

Transcript BlueCoat 

Blue Coat Appliances – New HW,
new SW, new everything
Presented By Harri Kurronen
Agenda
SGOS 5.2
– New key features
Licensing
– What’s changed?
– ..and what does it mean?
New hardware
– New appliances
– Bullet Point Tier Two
But before we start….
…let’s refresh what proxy can do
SG Family
Internal
Network
AV Family
Public Internet
High Performance Appliances
User Control
URL Filtering
Virus Scanning
Instant Messenger Control
Peer-to-Peer Block/Allow
Per User Reporting
Streaming splitting/caching/control
Spyware blocking and reporting
Application Acceleration (MACH5)
Comprehensive, flexible content policies
SGOS 5.2
What’s new in it?
What’s New In SGOS 5.2
A New License Platform with MACH5 Edition
– New license edition matches hardware edition
Net-New Secure Web Gateway Features:
– ICAP Trickle for better user experience
– Try-Auth for alternative authentication policy
– Improved user visibility and management
New WAN Optimization Features:
– MAPI 2003 Proxy
– Restricted Intercept for faster troubleshooting
– Trust destination IP to improve DNS speed/resiliency
Is There Any Reason to Use SGOS 4?
No. All Features are in SGOS 5.2
– 4.2.x is supported but not sold
All SG Appliances Ship with 5.2
Exception – specific customers that require site certifications
(e.g. US Federal)
– We will offer a downgrade path to 4.2.x
– SG5.x certification plans in process
New licensing
What’s changed?
What’s Changed with our Licensing?
Specific MACH5 Edition License Available
– Lower Price, Fewer Features
– Keeps Differentiators (SSL, Video …)
– Specifically no filtering = No Direct to Net
Proxy Edition Keeps All Features
– Including MACH5 / ADN functionality
User Count Limits Introduced
– Aligns HW Capabilities with SW for Sizing
– Allow us to address “in-between” branch sizes
Licensing Edition Details
License Type
Mach5 Edition
Proxy Edition
No
Base
SGOS 5 Mach5 Edition
Base
No
Streaming (WM, Real, QT)
Base
Base
Bandwidth Management
Base
Base
DNS proxy
Base
Base
SOCKS proxy
No
Base
Telnet proxy
No
Base
Forwarding
No
Base
ICAP Services
No
Base
Netegrity SiteMinder
No
Base
Oblix COREid
No
Base
Peer-To-Peer
No
Base
Reverse Proxy Compression
No
Base
Onbox Content Filtering (BCWF, 3rd Party )
No
Base
Offbox Content Filtering (Websense)
No
Base
Instant Messaging (AOL, Yahoo, MSN)
No
Optional (free)
SSL Proxy
optional
optional
SG Client
optional
optional
SGOS 5
What Does all that Really Mean?
Proxy at the Branch, M5 at the Core
– Equals Direct to the Net at a Better Price
– Equals User-Based WAN Network Controls
What Does all that Really Mean?
M5 at the Branch, M5 at the Core
– Equals WAN Op that’s better than RVBD
Must Use Proxy at the Gateway!
– Protects our Gateway Margin
New Appliances
Silver Bezels
What Do Silver Bezels Mean to Me?
Legacy “Blue Boxes” are
NOT EOL!
– EOS 11/06/2007, no EOL
before 2009
More Options but only 10 HW
Configs
Sizing in Matches HW
Capabilities
A New Product Look / Feel
Sizing Guide
Deployment Mode
Model
Forward Proxy
Licensing
Reverse Proxy
Recommended Max
Internet Bandwidth
Recommended Max
Active Desktops
Suggested
ProxyAV
210-5
210-10
210-25
2Mbps
6Mbps
6Mbps
30
150
200*
1x510-A
1x510-A
1x510-A
510-5
510-10
510-20
510-25
12Mbps
25Mbps
25Mbps
25Mbps
200
500
1200
1500*
1x510-A
1x510-A
1x810-A
1x810-A
810-5
810-10
810-20
810-25
45Mbps
45Mbps
90Mbps
90Mbps
2500
3500
5000
5500*
1x810-A
1x810-B
1x810-B
1x810-B
8100-5
8100-10
8100-20
90Mbps
155Mbps
155Mbps
5000
7500
10000*
1x810-B
2x810-B
3x810-B
Max Client
Bandwidth
WAN Optimization
Concurrent Licensed Client IPs
Transactions /
Second
Max WAN
Bandwidth
Recommended Max
Active Desktops
200
512K
2Mbps
2Mbps
10
50
50*
30
10
150
50
No licensed user limit
400
2Mbps
12Mbps
12Mbps
12Mbps
50
125
300
300*
200
50
500
125
1200
300
No licensed user limit
100Mbps
1000
12Mbps
30Mbps
45Mbps
45Mbps
500
700
1000
1000*
2500
500
3500
700
5000
1000
No licensed user limit
100Mbps
155Mbps
250Mbps
1000
1500
2300
30Mbps
52Mbps
100Mbps
1000*
1500*
2300*
No licensed user limit
No licensed user limit
No licensed user limit
6Mbps
34Mbps
License Limits = Recommended Total Desktops
No Limits on 8100 or -25 Appliances
TCP connections less relevant for our sizing
– 10 TCP per 1 IP is a good ballpark
Without ADN
Enabled
With ADN Enabled
What is the Upgrade Path?
For Silver Bezels to Other Silver Bezels
– License Upgrade only for 510 – No Touch
– HW & License 810, 8100
– Can upgrade MACH5 to Proxy
– Proxy to MACH5 downgrades not reimbursed
From Blue Boxes to Silver Boxes
– Upgrade is to Proxy Edition – same feature set
– User License limits will apply!
• Upgrade to “25” series has no user limits
Blue Boxes to 5.2
– Get Proxy Edition, no user limits apply