1 / 31

Visibility – acceleration - security

Visibility – acceleration - security. Harri Kurronen. 3. June, 2009. Blue Coat Solutions. Visibility. 3. Tools Deployed Are Not Good Enough. Not Smart Enough. No application view (network based) Big problems avoid detection/resolution. New Demands: Voice, Video.

cjorgenson
Download Presentation

Visibility – acceleration - security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Visibility – acceleration - security Harri Kurronen 3. June, 2009

  2. Blue Coat Solutions

  3. Visibility 3

  4. Tools Deployed Are Not Good Enough Not Smart Enough • No application view (network based) • Big problems avoid detection/resolution New Demands: Voice, Video • Newly added to converged MPLS networks • VERY performance sensitive, no tools deployed Reactive • End user complaints No Ability to Fix • How do you resolve issues? 4

  5. Blue Coat Visibility – Overcome Limits Classification Voice Quality Proactive Response Time Monitoring Fix Problems • Layer 7+ Autodiscovers 600+ Applications • Find elusive recreation: iTunes, YouTube, etc. • Break down compound Enterprise apps: SAP, Oracle, Citrix • Real traffic, in real time for voice and video conf (RTP) • Quality (MOS, rFactor) and Utilization (peak & average) • Jitter, delay, loss • Apply Powerful QOS & Compression - RESOLVE • Contain recreation, protect mission critical • Integrate with acceleration devices like ProxySG • Track end user experience – network delay, server delay • Set baselines and exception thresholds • Alert, alarm & integrate: SNMP, XML, Email Not Smart Enough New Demands: Voice, Video Reactive No Ability to Fix Application View, Fix Problems & Deliver ROI 5

  6. PacketShaper Key Functionality Application Visibility Application QoS RAM-Based Compression Key Solutions Visibility & Performance Monitoring Recreation Traffic Control Delivery/Acceleration of Real Time Applications Voice/IPT Video Conferencing Thin Client/Virtual Desktop Transactions 6

  7. Classification: Basis of Control Classification Management Metrics Usage RTM VoIP Diagnostics • Discover Applications on Network • Find Elusive P2P, YouTube, iTunes, etc • Break down Oracle, SAP, Citrix, Microsoft • Align Class Tree to Business • Track business processes – end user response • Monitor SLAs – carrier, internal app • Monitor utilization/budget per application • Limit recreation

  8. Application Based Utilization & Metrics Classification Management Metrics Usage RTM VoIP Diagnostics Customer Sees 60% of WAN is Recreational Top Applications, Users Where is WAN Budget spent? Real Time Troubleshooting Long Term Capacity Planning

  9. Response Times: Measure Transactions End-user experience Network & Server Delay Thresholds for SLA Alert, alarm, integrate Classification Management Metrics Usage RTM VoIP Diagnostics Total Delay SAP Order Entry: 1220 ms Network Delay: 340 ms Server Delay: 880 ms

  10. Voice Metrics: Real Traffic, Real Time Classification Management Metrics Usage RTM VoIP Diagnostics • For Real Time Protocol (RTP) Voice Video Conferencing • Call Volume • Network Metrics Loss Latency Jitter • Quality Mean Opinion Score (MOS) rFactor

  11. Troubleshooting Diagnostics Classification Management Metrics Usage RTM VoIP Diagnostics Host Analysis – Real time host/IP address view (below) TCP Health – Connection state (good, aborted, refused, ignored) PacketCapture – Targeted Capture TCPDump format Synthetic Transactions – HTTP/S, FTP, SMTP, Echo & Custom 11

  12. Central Management: IntelligenceCenter Classification Management Metrics Usage RTM VoIP Diagnostics IntelligenceCenter • Centralized Reporting Collection (flows or ME) Correlation Reporting & Alarms • SLA Dashboard (left) Quick summary app performance • Different Roles & Views Per app Per site Customized portals 12

  13. Acceleration 13

  14. Bandwidth Management Protocol Optimization Object Caching Byte Caching Compression File Services (CIFS), Web (HTTP), Exchange (MAPI), Video/Streaming (RTSP, MMS), Secure Web (SSL) Platform for Application Acceleration Multiprotocol Accelerated Caching Hierarchy

  15. Bandwidth Management Sales Automation AppPriority 1 Min 400Kb, Max 800Kb E-Mail Priority 2 Min 100Kb, Max 400Kb • Divide user and application traffic into classes • Guarantee min and/or max bandwidth for a class • Align traffic classes to business priorities File Services Priority 3 Min 400Kb, Max 800Kb General Web Surfing Priority 4 Min 0Kb, Max 200Kb

  16. Protocol Optimization

  17. 10-100X Faster Includes CIFS, MAPI, HTTP, HTTPS, TCP Protocol Optimization

  18. Object Caching • Built on high-level applications and protocols • HTTP/Web caching • Streaming caches • CIFS cache • Advantages • Fastest response times • Offload work from servers (and networks) • Can be deployed asymmetrically • Limitations • Application-specific • All or nothing: No benefit if whole object not found or changed

  19. Byte Caching Local History Cache Remote History Cache …..B24D77E8A00E1...4ABEF8853821A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87F0AB227D95239BE0A15F07A6238C9DDBE0ACFD97652BDD0C0AA017629CAD9E99DE0 …..B24D77E8A00E1...4ABEF8853821A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87F0AB227D95239BE0A15F07A6238C9DDBE0ACFD97652BDD0C0AA017629CAD9E99DE0 B24D77E8A00E4785ACB7EE20A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87FAAB266E8DC9A00A15F07A6238C9DDBE0ACFD97652BDD0C0AA0 B24D77E8A00E4785ACB7EE20A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87FAAB266E8DC9A00A15F07A6238C9DDBE0ACFD97652BDD0C0AA0 [R1]4785ACB7EE20[R2] AAB266E8DC9A00A[R3] Remote LAN WAN Link Local LAN

  20. Compression • Industry-standard gzip algorithm compresses all traffic • Removes predictable “white space” from content and objects being transmitted 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010101100101100101010101010010101010101010100101000010100 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010010010101010010101010101101100101100010100 COMPRESSION 11011111001110010010010111001100101011101100100001001100111001000001111000111001100011

  21. MACH5 Accelerates Applications MACH5 Optimizes More Protocol Types, Removes More Latency and Saves More Bandwidth than Other Solutions

  22. ProxyClient Features • Acceleration • URL rating service • Web filtering • Byte caching • Simple UI • Logging Service • Status Updates

  23. Location Awareness Byte Caching Sophisticated custom compression based on observed network patterns Makes intelligent use of ProxySG appliances in the network WAN Optimization Anywhere • Provide Fast Access to Applications in the Datacenter Internet Corporate Network • Performance increase • Dramatically decrease bandwidth use TCP Optimization CIFS Optimization CIFS Object Caching Inline Compression

  24. Security 24

  25. Internet Evolution… • Traffic Growth • Multi-Protocols • Richer Applications • Always-On Connections • Apps Mission Critical + Dynamic • Connection Agnostic • Multiple Devices • Web 2.0 Web threats • Apps Mission Critical • Static Content • Connection Method Key • Limited CPEs • Email/Spam Threats USER EXPECTATIONS • Apps Lan Centric • Limited Content • PC based Internet • Basic Broadband • Thick Clients • Few Business Apps • Dial Up PERFORMANCE REQUIRED 25

  26. 3rd Party Malware Feeds Malware Feed Hybrid Web Gateway • Links web gateway into cloud service • More malware defenses • Offloads processing • Extends to remote clients WebPulse Cloud Service Analyzes 1B+ requests per week ProxyAV Internet Enterprise Network Remote Users ProxySG With WebFilter ProxyClient Combining 54M+ Users to Protect the Enterprise

  27. WebPulse™ Cloud Service Reputation Analysis Real-time rating service Web content analysis & ratings Malware Detection 180 Million/day Content Ratings ProxyClient 30B/ day 54M Clients 27

  28. New Malware Defense • WebPulse 5min updates to WebFilter • Immediate updates to ProxyClient and K9 • Analyzes over 1B user requests per week WebPulse Cloud Service Five Minute Updates Immediate Access Internet Enterprise Network ProxySG with WebFilter ProxyClient Unites gateways & clients into computing grid defense

  29. 3rd Party Malware Feeds Malware Feed AV feedback • Immediate malware feedback • Even more malware defenses • One AV serves all 54M+ users WebPulse Cloud Service Analyzes 1B+ requests per week ProxyAV Internet Enterprise Network Remote Users ProxySG With WebFilter ProxyClient Combining 54M+ Users to Protect the Enterprise

  30. Blue Coat Layered Defenses

More Related