application delivery network for microsoft
DESCRIPTION
Application Delivery Network for Microsoft. Radovan Gibala [email protected]. Agenda. Application Ready Network Introduction & Benefits Basic Components of ARN Availability Performance Security Deployment Infrastructure for Microsoft Applications Exchange – Deployment Guides - PowerPoint PPT PresentationTRANSCRIPT
Radovan [email protected]
Application Delivery Network for Microsoft Application Delivery Network for Microsoft
2
Agenda
Application Ready Network – Introduction & Benefits
Basic Components of ARN– Availability
– Performance
– Security
Deployment Infrastructure for Microsoft Applications
Exchange – Deployment Guides
SharePoint – Deployment Guides
Integration with MOM
3
IT Challenge - Out of Control
Applications and networks behave independently
Many network functions require high degrees of manual intervention
Distributed architectures and web services increase complexity
Historically, applications and protocols for communicating with network devices inflexible at best
RESULT: Applications and Networks operate without regard to eachother limiting scale, performance, reliability, and security
RESULT: Applications and Networks operate without regard to eachother limiting scale, performance, reliability, and security!!
4
Application Problems: Finger Pointing 101
Slow responses Bloated data Security risks Many servers
Office workers telecommuters
Exchange, SharePointApplication AttacksXML, SOAP, ActiveX, JS
Network Administrator Application Developer
5
Security risksSlow responses Bloated data Many servers
Application Developer
User
Network Administrator
? ?*@#!
Application Problems: Finger Pointing 101
XML, SOAP, ActiveX, JS
Application Attacks
Exchange, SharePoint
Office workers; telecommuters
6
10 Most Common Deployment Mistakes
Lack of end-user involvement or it happens at the end (too late)
The solution is ‘thrown over the wall’ to the infrastructure team!
No clear session management approach
No clear separation of business logic from the user interface
There is no predictable build process of the solution
Testers are testing the developers – but who is testing the testers?
Performance & security design is kept till the end of the project
Browser compatibility is on the agenda yet testing is under estimated
Accessibility, globalization and localization are forgotten
In accurate project estimates, lack of financial control and frequent financial/time reconciliation processes
2
3
4
5
6
7
8
9
10
1
Source: Vajira WeerasekeraPrincipal Consultant – Microsoft Solutions Development Center
Note: The majority of these are infrastructure and process issues.
7
Security risksSlow responses Bloated data Many servers
*@#!
Application Developer
User
Network Administrator
Stops attacksFast responses Smaller data Fewer servers
F5 Networks’ Application Ready Network for Microsoft
8
The F5 Business Value
Increased availability, scalability and security drives increased business productivity and faster ROI
Improves application PERFORMANCE
Significantly!
Reduces company risks by protection of critical applications against security threats
simplify the application deployment process !!!
Reduce the number of Hardware (servers)
or
Downsize server size
Simplify the operational
manageability
Reduce maintenance
effort
9
ApplicationsUsers
InternationalData Center
Most Cost-Effective Business Continuity Intelligent & Automated DNS, the Gateway to the Application
Business Goal: Achieve these objectives in the most operationally efficient manner
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
10
ApplicationsUsers
InternationalData Center
Put Connectivity in the Control of the EnterpriseIntelligent and Automated WAN & Link Optimization / for Applications
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
11
ApplicationsUsers
InternationalData Center
Provide Cost-Effective, Secure Application Access for All Users - Universal Access Control
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
12Offload All Applications for Availability, Acceleration & Security
ApplicationsUsers
InternationalData Center
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
13
Load balancing
Caching
Compression
Rate Shaping
SSL / FIPS acceleration
TCP Optimisation
Connection optimisation
BIG-IP Local Traffic ManagerData center optimization
The Data Center Products
Switch
Application Servers
Expect:
•Very high availability
•Less servers
•Significant traffic reduction
•Significant speed improvement
•Improved session persistence
•Higher degree of control
•Vastly increased security
• Improved flow management
•Increased scalability
•Lower cost
14
Application Security ModuleProtect applications and data
SSL AccelerationProtect data over the Internet
Advanced Client Authentication ModuleProtect against unauthorised access
BIG-IP Security Add-On Modules
15
BIG-IP Software Add-On ModulesQuickly Adapt to Changing Application & Business Challenges
Compression ModuleIncrease performance
Webaccelerator - Fast Cache ModuleOffload servers
Rate Shaping ModuleReserve bandwidth
16
ApplicationsUsers
InternationalData Center
Accelerate Applications for Unmanaged UsersCentralize & Accelerate Web Application Optimization
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
17
Offload and Centralize Application Security: Prevent Zero Day Attacks
ApplicationsUsers
InternationalData Center
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
18
Security’s Gaping Hole
DATA
“64% of the 10 million security incidents tracked targeted port 80.”
Information Week
19
Application Security with a WAF
Intelligent DecisionsAllow Only Good
Application Behaviour;Positive Security
Definition of Goodand Bad BehaviourBrowser
20Manage the Application Delivery Network for Op EfficiencyCentralized Management and Infrastructure Integration
ApplicationsUsers
InternationalData Center
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
21
ApplicationsUsers
InternationalData Center
Open ADN Web Services API for Integration
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
BIG-IP LocalTraffic
Manager
WebAccelerator
BIG-IP Link
ControllerASM
Application Security Manager
FirePassSSL VPN
Business Goal: Achieve these objectives in the most operationally efficient manner
22
ApplicationsUsers
InternationalData Center
Unified and Modular ArchitectureA High Performance Framework for the ADN
Enterprise Manager
TMOS
iControl
BIG-IP Global Traffic
ManagerWANJet
FirePassSSL VPN
BIG-IP LocalTraffic
ManagerASM
Application Security ManagerWeb
Accelerator
BIG-IP Link
Controller
Business Goal: Achieve these objectives in the most operationally efficient manner
23
iRulesProgrammable Network Language
GUI-Based Application ProfilesRepeatable Policies
The Most Intelligent and Adaptable Solution
TM/OS Fast Application Proxy
Programmable Application
Network
Complete Visibility and Control of
Application Flows
Security Optimisation Delivery New Service
Universal Inspection Engine (UIE)
Client Side
ServerSide
Targeted and Adaptable Functions
Unified Application Infrastructure Services
Compression TCP Offloading
Load Balancing
News Website
24
Deployment Guides
25
Exchange 2007 Deployment
26
F5 Benefits for Exchange 2007
Reliable, Real-Time Availability
Optimized Data Replication Between Data Centers. More Data, Less Time
Secure Point-To-Point Data Replication
Efficiently Use Existing Bandwidth == Less $$
27
SharePoint 2007 Deployment
28
F5’s Benefits for SharePoint
Increase SharePoint Server Performance by 5x
20-30% Bandwidth Reduction for Remote Users
Gain 25+% Server Capacity with Service Offload
Reduce Time-Out Errors by 85% for Mobile Users
Automated Failover and Access Control
29
SharePoint 2007 Global Deployment
30
Global Application Health
Application Aware Monitoring: Back-end system goes down, entire application is taken down and users are re-routed
Global Failover Based on Application Health, Not Just Server and Data Center Health
Lose an app in Warszawa, Redirect Users to Praha, Transparently
Full Integration From Remote Data Centers Down to Users
31
Application Security
and User Control
32
Requirements For Application Security
Securing user AND transaction access to applications and data is critical to completely
securing enterprise IT
Partner
Employee
Customer
InvalidTransaction From
A Valid System
UnauthorizedUser From A Valid
Terminal
Contextual Security: Policy Management
Corporate Apps & Data
Corporate IP Network
User/transaction validityApp & data access auth.
33
F5 Sharepoint Security Benefits
Secure Session Management
Inline Reverse Proxy Sees All Data, Requests and Responses
Granular Application Control
Session-Based Policy Management
Accountability: Audit Trail
Application Delivery Security
34
Exchange User Access 2007 Deployment
35
Outlook Web AccessiNotes
Web-based CRMHR Data
Internet
Servers, applications,intranet servers Any User
• Suppliers• Consultants• Branch office employees• Telecommuters• Mobile employees• Partners
Any Device• Laptops• Home PCs• Smart phones• PDAs• Wi-Fi access
Any Application• Mainframe• Client-server• Web-based• Web Services
Broad user, clients and application support
Secure Microsoft Access
Unified Access Gateway
36
Unified Access Gateway and Outlook
Integration: Secure User Access to Exchange via Outlook or OWA
Granularity: Application Awareness and Control
Flexibility: Multiple Secure Access Solutions
Specific to Your Mail Infrastructure
Client-less for All Users
37
Unified Access Gateway and SharePoint
Secure User Access to SharePoint
Intelligent Content Distribution based on access platform
Send only the data I need, nothing more
Vista == Full graphic experience
WinMobile == No DHTML, just data
38
F5 Security/Windows Interoperability
Vista GINA integration
Internet Explorer 7 support
Windows Installer
Auto-launch Web AppTunnels
Enhanced user-session variables for Active Directory, and networking
39
Call To Action
40Application Ready Network for Microsoft Workshops
41
MTC Engagement Types
Strategy briefingsArchitecture design session – customised sessionProof of Concept workshopMTC locations in EMEA
- Copenhagen, Denmark - Dubai, UAE - Munich, Germany - Paris, France
- Thames Valley, UK
42
F5 Technology CenterHosted Strategy Briefings
Architecture Design – Customized Sessions
On-site Technical Expertise
Proof of Concept, Real-World Implementation
Located At F5 Headquarters in Seattle, WA
43
At HomeIn the OfficeOn the Road
SAPExchange
Oracle
Users Applications
Application Ready Network for MS
Vista
XP
Mobile PC
SharePoint 2007
Exchange 2007
Active Directory
ApplicationReady
Network
F5 Adds More Performance, Security, Availability, and Scalability to your MS Application Roll-Out