Sikker adgang fra alle devices - PowerPoint PPT Presentation

artie
sikker adgang fra alle devices n.
Skip this Video
Loading SlideShow in 5 Seconds..
Sikker adgang fra alle devices PowerPoint Presentation
Download Presentation
Sikker adgang fra alle devices

play fullscreen
1 / 26
Download Presentation
Sikker adgang fra alle devices
152 Views
Download Presentation

Sikker adgang fra alle devices

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Sikker adgang fra alle devices edgemosummit CPHmaj 2014

  2. Kort intro Eigil Ørnfelt Infrastructure specialist eoe@edgemo.com Niels Holm Infrastructure specialist nch@edgemo.com

  3. NetScaler Access Gateway Enterprise Edition (AGEE) NetScaler Gateway NetScaler ADC Citrix Access Gateway (CAG) Citrix Secure Gateway Citrix Advanced Access Gateway (CAG)

  4. Citrix NetScaleroverview

  5. Citrix NetScaleroverview Cloud Infrastructure Availability • TCP Connection Management • SSL processing Security PerformanAcAcAccelerate Offload • SSL VPN • Application firewall • AAA • Caching • Compression • Optimization • World-class load balancing • Health monitoring Enterprise Datacenter

  6. Maintaining User Sessions Distributing Traffic Monitoring Server Health and Availability • Source IP • Cookie • SSL Session ID • Server-ID in URL Query • Customer Server-ID • Token (header or body) • Least Connections • Lowest Response Time • Round Robin • SNMP-based • Hash-based • Many more… • TCP Connection • HTTPS Connection • Extended Content Verification • Scriptable Health Checks Layer 4 Load Balancing TCP and UDP Client Requests

  7. Global Server Load Balancing Site A Site B

  8. Request Protocol Request Method Client Attributes • Anything in request body • Device Type • Language • Cookie • Browser Capability • XML XPath support • Any TCP Request • HTTP Get • HTTP Post • Any TCP payload value • Any HTTP payload value • Domain • Wildcard URL Content Switching: Load Balancing on Steroids HTTP Requests

  9. Optimering

  10. TCP Connection Multiplexing Web Server • NetScaler terminates connection • Client transmits requests • NetScaler establishes server connection • NetScaler transmits client requests • Other clients follow same procedure • Multiple client requests are transmitted across common server connection

  11. AppCache • Memory or flash disk basedcache • Reducetime to firstpacket • Significantlyreduce back-end server workloads • Dynamic caching for frequentlychangingcontent • Flash cache support for realtime updates

  12. AppCache– Non-Caching proxy Get the web page Deliver it one time

  13. AppCache – Caching proxy Get the web page once Deliver it many times

  14. AppCompress • Standard basedcompression – GZIP/DEFLATE • Works with all browsers, includingmobile • Appliesto HTML, JavaScript, CSS and Documents • 3:1 to 5:1 Compression Ratio

  15. AppCompress 1 Gbyte File 1 Gbyte File 200-300Mbps Throughput 1 GbpsThroughput

  16. Sikkerhed

  17. AAA - Authentication

  18. Multi-factor authentication REQ.SSL.CLIENT.CERT = EXISTSREQ.BROWSER-TYPE = Internet Explorer REQ.SSL.CLIENT.CERT != EXISTS REQ.SSL.CLIENT.CERT = EXISTS + LDAP

  19. NetScalerInsightCenter

  20. Insight Center XenDesktop/ XenApp ! ! Internet ? ! ! ? ? Data Center Network WAN

  21. Insight Center Citrix Support IT Department Citrix Support Software IT dept calls Citrix Support Citrix Support Old Help-Desk Desktop Admin USER Network Admin Citrix Support Escalation Help-Desk Network Admin New USER

  22. NetScalerInsight Center XenDesktop/ XenApp 3rd PartyAnalysis Tools NetScaler Insight Center Internet AppFlow AppFlow NetScaler

  23. Insight Center

  24. Insight Center

  25. ?

  26. Tak for jeres tid!