kemp technologies load balancing and application … unit + gslb (gtm) $11,000 $42,000 esp/apm...

VMware

Hyper-V

Xen

KVM

Oracle VM

Virtual Appliances

Bare Metal Load Balancers & ADCs Purpose-built

Hardware Cloud Load Balancers

AGENDA

Kemp Aplication Delivery Controller

Nowości produktowe oraz funkcje OS 7-1.28

ESP Pack następca funkcji Microsoft ISA/TMG

Kemp przegląd funkcji bezpieczeństwa

Kemp Application Firewall Pack

Intrusion Prevention System

Pytania i odpowiedzi

What we do

KEMP builds Load Balancing and Application Delivery Controllers > Enabling our customers to achieve:

High Availability

Application Acceleration

Scalability

Security

KEMP Technologies Load Balancing and Application Delivery Control

2015

ADC H/W Appliances Virtual ADC Appliances Bare Metal ADCs Cloud ADCs

• Fast Growing ADC Vendor, #3 in WW Units Shipped

• 24,000+ WW customer deployments

• Customer Focus: Mid-market organizations and BUs within large ent

• Product Focus: LB & AD functionality

Introduction to KEMP

Leading Load Balancer and ADC ISV Accelerating Growth & Performance

• VC investment in 2012 to fuel growth

• 499.1% revenue and employee growth over past 5 years (Deloitte Fast 500™)

• 35%+ Y-on-Y revenue growth

Global Presence & Team

• Corporate HQ in NYC

• Regional Operation, Development & Support Centers in Long Island, Limerick, Hannover and Singapore

• 190+ employees, with 40%+ in R&D

KEMP Key Differentiation: Price/Performance leader with ubiquitous platform deployments

Copyright © 2015 KEMP Technologies, Inc. All Rights Reserved.

“ The company is well positioned

as SDN and Network Function

Virtualization (NFV) achieving

increased mainstream adoption,

as KEMP has a software-

centric vision, with SDN and

NFV products available”

KEM

P

Riverbed

Radware

Citrix

F5

A10

Barracuda

Array

Sangfo

r Piolin

k

Challengers Leaders

Visionaries Niche Players

Completeness of vision


GARTNER REPORT 2014


*1,000+ employees

KEMP WW 23,000+ customers, 26,000

deployments

20,000+ units under current support

Now @ 180 employees WW

30% YOY growth

30%+ plan for 2015

$M

illio

ns

Why KEMP – Our Growth


DELL’ORO GROUP ADC MARKET ANALYTICS

• Globally Fastest Growing ADC Vendor in 2014 : 32% *

• Globally 2nd in Virtual ADC 2014 : 14.1% share *

• EMEA 3rd in ADC Appliances shipped 14.3% Qtr1 2015 *

* Source Dell’Oro ADC Vendor Table Qtr1 2015 report


“MARKET-DISRUPTIVE” SOFTWARE-CENTRIC BUSINESS

• 2012 KEMP began the shift to a software-centric business model

• Only company in the ADC sector that’s successfully transitioning, with almost 40% of billings coming from software appliances in 2014

• Over 50% in unit quantity

• 43% billings YTD 2015

% Software


*Dell’Oro

0%

5%

10%

15%

20%

25%

30%

35%

40%

2011 2012 2013 2014

ADC Sector* KEMP

EXPANDING OUR TAM WITH SDN/NFV INNOVATION

$2.2B

$5B

$35B

$2.2B

$5B

$35B

ADC NFV SDN

2018 TAM

SDN

Controllers

Network

Underlays

Proprietary

SDN-enabled

switches White box

switches

Network

Overlays

SDN

Applications

KEMP 360

• Orchestration

• Provisioning

• Management

KEMP SDN SOLUTION

• L2-7 Intelligent App Delivery

• Improved QoS and User Experience


(1) Dell’Oro; (2) Light Reading; (3) SDNCentral

ADC Market1

NFV Market2

SDN Market3


STRATEGIC ALLIANCES

Application

Workload

LoadMaster

Platform

SMB

SDN Cloud Virtual Hardware Bare Metal

SMB to Enterprise

Workloads now and in the future

• Expanding the Workload portfolio • Application Templates

• Deployment Guides

• Certification

Distribute user requests to best-performing server

Active/Hot-Standby, with Stateful Failover

Server Hardware and Application Health Checking

Layer 4/7 Persistence

Layer 7 Content Switching

SSL Acceleration

Compression, Cache

Intrusion Prevention Systems (IPS)

Support for Edge Security Pack**

Application Firewall Pack

Global Sever Load Balancing Sizing Configurator https://kemptechnologies.com/load-balancer-sizing-exchange-2010/ https://kemptechnologies.com/load-balancer-sizing-exchange-2013

W h a t c a n b e l o a d b a l a n c e d w i t h K E M P ?

MS Terminal, Citrix Servers

Others, incl ERP, CRM, Legacy Applications

Virtualized Servers

VMware

Hyper-V

Xen

KVM

Oracle VM

Cloud

Web Servers & Intranet Apps, Incl. Sharepoint

Mail & Messaging Servers – incl. Exchange & Lync/OCS

Application Users

Exchange Servers

MS Terminal Services

Exchange Servers

Lync Servers

LM-GEO

OAS Servers

KEMP as part of Microsoft Workloads

MS ADFS Servers

LM-GEO

Certified Microsoft Exchange 2010 & 2013 Certified Microsoft Lync 2010 & 2013 Certified Sharepoint RDS (terminal services) Pre-Authentication ESP, replacement for TMG

LM-3000

• 4 x 1 Gbit Ethernet

• 1.7 Gbps throughput

• 1,000 2K SSL TPS

• 2,500 1K SSL TPS

• 8.6 Million L4 concurrent connections

New LoadMaster Model LoadMaster

LM-2600

€ 5,890

LM-3000

€ 5,990

Application Throughput 1.7Gbps 1.7Gbps

Gigabit Ethernet Ports 4 4

10 Gigabit Fiber Ports (SFP+) N/A N/A

SSL TPS (2K Keys) 1,000 1,000

SSL TPS (1K Keys) 2,000 2,000

Layer 4 Concurrent connections 8,600,00

0

8,600,00

0

Real Servers / Virtual Services 1000/50

0

1000/50

0

Web Application Firewall Pack (AFP)

supported N/A N/A

TMG Replacement (Authentication /

SSO)

GSLB Multi-Site Load Balancing

Supported

Redundant Hot Swap Power Supply N/A N/A

HTTP Compression

Content Caching

RESTful API

New LoadMaster Model

LM-4000

• 2 x 1 Gbit Ethernet

• 2 x 10 Gbit SPF+ Fib

• 6.0 Gbps throughput

• 2,500 2K SSL TPS

• 5,000 1K SSL TPS

• 12.8 Million concurrent L4 connections

LoadMaster LM-3600

€ 8,290

LM-4000

€ 8,990

Application Throughput 3.4Gbps 6 Gbps

Gigabit Ethernet Ports 8 2

10 Gigabit Fiber Ports (SFP+) N/A 2

SSL TPS (2K Keys) 2,500 2,500

SSL TPS (1K Keys) 5,000 5,000


00

12,800,0

00


0

1000/100

0


supported

TMG Replacement (Authentication

/ SSO)


Supported

Redundant Hot Swap Power Supply N/A N/A

HTTP Compression

Content Caching

RESTful API

Product/Specs* KEMP LM-4000

F5 BIG-IP LTM 2000s

Max Balancer L7 Throughput 6 Gbps 5 Gbps

Max SSL TPS (2K keys) 2,500 2,000

Max Concurrent Connections 8.6M 5M

Pricing (MSRP)

Base Unit $8,000 $18,000

Base Unit + GSLB (GTM) $11,000 $42,000

ESP/APM Add-on (Auth/Pre-Auth, SSO, Logging)

Included $10,000

3 Year Premium Service (7x24) $4,800 $13,500

Total (Including GSLB + ESP/APM)

$15,800 $65,500

Total for HA – Redundant Configuration

$31,600 $131,000

Difference ($99,400) *F5 Spec Source: http://www.f5.com/pdf/products/big-ip-platforms-datasheet.pdf

NEW HARDWARE…NEW TARGETS


LM-5000 • 4 X 1Gb Ports • 2 x 10Gb SFP+ Direct Attach Ports • 11 Gbps L7 balancer throughput • SSL TPS (2K Keys): 5,000 • SSL TPS (1K Keys): 10,000 • L4 Concurrent Connections: 26,500,000

LoadMaster

LM-5400

€ 14,575

LM-5000

€ 14,000

LM-5600

€ 20,000

Application Throughput 10.2Gbps 11 Gbps 11Gbps

Gigabit Ethernet Ports 8 4 4

10 Gigabit Fiber Ports (SFP+) 2 2 2

SSL TPS (2K Keys) 7,000 5,000 10,000

SSL TPS (1K Keys) 9,300 10,000 17,000

Layer 4 Concurrent connections 25,600,000 26,500,000 26,500,000

Real Servers / Virtual Services 1000/1000 1000/1000 1000/1000

Web Application Firewall Pack

(AFP) supported


/ SSO)


Supported

Redundant Hot Swap Power Supply

HTTP Compression

Content Caching

RESTful API

Product/Specs* KEMP LM-5400

F5 BIG-IP LTM 6900

Max Balancer L7 Throughput 10 Gbps 6 Gbps

Max SSL TPS (2K keys) 7,000 5,000

Max Concurrent Connections 25.6M 6M

Pricing (MSRP)

Base Unit $18,000 $55,000

Base Unit + GSLB (GTM) $18,000 $91,000

ESP/APM Add-on (Auth/Pre-Auth, SSO, Logging)

Included $18,000

3 Year Premium Service (7x24) $8,500 $40,000

Total (Including GSLB + ESP/APM) $26,500 $149,000

Total for HA – Redundant Configuration

$53,000 $298,000

Difference ($245,000) *F5 Spec Source: http://www.f5.com/pdf/products/big-ip-platforms-datasheet.pdf

NEW HARDWARE…NEW TARGETS


LM-8000 • 20.0 Gbps throughput • 16,500 2K SSL TPS • 25,000 1K SSL TPS • 6 x 10 Gbit SPF+ Fiber • 75.8 Million concurrent L4 connections • Redundant (1+1) PSU

LoadMaster

LM-8000

€ 29,710

Application Throughput 20Gbps

Gigabit Ethernet Ports 0

10 Gigabit Fiber Ports (SFP+) 6

SSL TPS (2K Keys) 16,000





supported

TMG Replacement (Authentication /

SSO)


Supported

Redundant Hot Swap Power

Supply

HTTP Compression

Content Caching

RESTful API


LM-8020 • 30.0 Gbps throughput • 30,000 2K SSL TPS • 46,000 1K SSL TPS • 6 x 10 Gbit SPF+ Fiber • 75.8 Million concurrent L4 connections • Redundant (1+1) PSU

LoadMaster

LM-8020

€ 42,450

Application Throughput 30Gbps

Gigabit Ethernet Ports 0

10 Gigabit Fiber Ports (SFP+) 6




0


0


supported


/ SSO)


Supported

Redundant Hot Swap

Power Supply

HTTP Compression

Content Caching

RESTful API

KEMP LoadMaster™ Hardware Load Balancers

LoadMaster LM-2400 LM-3000 LM-4000 LM-5000 LM-5600 LM-8000 LM-8020

Max Balancer Throughput 1,2 Gbps 1,7 Gbps 6,0 Gbps 11,2 Gbps 11 Gbps 20 Gbps 30 Gbps

SSL Transactions Per/Second (TPS) 1000 2 000 5 000 5 000 10 000 16 000 30 000

Requests per second (HTTP) 45 000 69 000 165 000 198 000 198 000 380 000 450 000

Layer 4 concurrent connections 1000000 860000 12800000 26500000 26500000 75800000 75800000

Max Servers Supported / Virtual

Clusters

1000/500 1000/500 1000/1000 1000/1000 1 000/1000 1 000/1000 1 000/1000

Network ports 4 xGbE 4 x GbE 2 x 10G (SPF+) ports 2 x 10G (SPF+) ports 4 x GbE и 2 x 10Gb (SFP+)

6 x GbE и 2 x 10Gb (SFP+)

6 x 10Gb (SFP+)

Rack-mountable 1U 1U 1U 1U 1U 1U 1U

Storage Disk ✓ ✓ ✓ ✓ ✓ ✓ ✓

Power Supply (Watts) 200 350 250W ATX 500W (1+1) Power Supply

2x550 hot swap 2x495 hot swap 2x495 hot swap

Layer 4/7 Load Balancing ✓ ✓ ✓ ✓ ✓ ✓ ✓

Content Switching ✓ ✓ ✓ ✓ ✓ ✓ ✓

Caching, Compression ✓ ✓ ✓ ✓ ✓ ✓ ✓

IPS (SNORT-Rules ) ✓ ✓ ✓ ✓ ✓ ✓ ✓

MS Exchange 2010/2013

Optimized

✓ ✓ ✓ ✓ ✓ ✓ ✓

Active/Hot-standby Redundant ✓ ✓ ✓ ✓ ✓ ✓ ✓

Support for Edge Security

Pack**

✓ ✓ ✓ ✓ ✓ ✓ ✓

Bonding/Teaming Ports ✓ ✓ ✓ ✓ ✓ ✓ ✓

VLAN Trunking (802.1Q) ✓ ✓ ✓ ✓ ✓ ✓ ✓

GSLB ✓ ✓ ✓ ✓ ✓ ✓ ✓

Web Application Firewall Pack ✓ ✓ ✓

✓

✓

KEMP Virtual LoadMaster™ Virtual Load Balancers & Application Delivery Controllers

Model Number VLM-200 LM-2000 VLM -5000 VLM-10G

Max Balancer Throughput (Mbps) 200 (Mbps) 2000 (Mbps) 5000 (Mbps) 10 000 (Mbps)

SSL Transactions Per/Second (TPS) 200 1000 5000 12000

Max Servers Supported / Virtual

Clusters

1 000/1000 1 000/1 000 1 000/1 000 1 000/1 000

Layer 4/7 Load Balancing ✓ ✓ ✓ ✓

Content Switching ✓ ✓ ✓ ✓

Application Health Checking ✓ ✓ ✓ ✓

Caching, Compression Engine ✓ ✓ ✓ ✓

IPS (SNORT-Rules compatible) ✓ ✓ ✓ ✓

L7 Persistence Options ✓ ✓ ✓ ✓

MS Exchange 2010 / 2013 Optimized ✓ ✓ ✓ ✓

Bonding/Teaming Ports (802.3ad/LACP) ✓ ✓ ✓ ✓

VLAN Trunking (802.1Q) ✓ ✓ ✓ ✓

Support for Edge Security Pack ✓ ✓ ✓ ✓

GSLB (Multi-site) ✓ ✓ ✓ ✓

Web Application Firewall Pack (AFP) §

✓ ✓ ✓ ✓

Technical Support (1st year support is included with purchase of new KEMP Loadmaster)

Basic Support includes: 5 X 10 Live Telephone Support Unlimited e-mail support Hardware replacement policy Software fixes and updates Premium Support: 7 X 24 Telephone Support Coverage 24 hr Hardware replacement KEMP Technologies Tri - Dundancy program Tri-Dundancy Bundle of KEMP Loadmaster (incl a Cold Spare Unit at 50%) including with total 3 Years Premium Support (24x7) and 1x Cold Standby Unit

KEMP LoadMaster Remote Configuration Service 1. Get Up and Running in Four Hours! 2. Requirements Review 3. Environment Review 4. Network Configuration and Validation 5. HA Configuration and Validation 6. System Administration Configuration Setup 7. Virtual Service Deployment 8. Training 9. Deployment Validation

Benefits: • High-speed load balancing • Easy to deploy and manage • High Availability and Scalability for

multiple workloads • Layer 7 Application Health Check • Content switching with application

acceleration • Multiple persistence options

• Data compression and caching • SSL offload and traffic inspection • Service/Application Aware • Prevents Port flooding • Reverse Proxy • Web Application Firewall • User Pre-Authentication/Single Sign-On • Combines the simplicity of Layer 4 with

the Layer 7 functionality (Exchange 2013)

Microsoft Lync Server 2010/2013 Load Balancer 1. High-speed load balancing 2. Easy to deploy and manage 3. High Availability and Scalability for multiple

workloads 4. Layer 7 Application Health Check 5. Content switching with application

acceleration 6. Multiple persistence options 7. SSL offload/acceleration, network traffic

optimization 8. Web Application Firewall 9. Front End pools, Director pools, and or Edge

Server pools 10. Load balancing for the internal and external

web services (DNS) 11. Reverse proxy services 12. Support for integration with external

services

1. Maximize the efficiency and effectiveness of your networks 2. Maintain persistence/perform resource monitoring for Window servers running multiple services 3. LoadMaster resource monitoring feature offers useful data on both memory and CPU 4. Integrate seamlessly with MS Session Directory 5. RDP-based Layer 7 Persistence 6. Incorporates client session reconnect without the need for the Session Directory service 7. Health checking for servers running Microsoft WTS

Load Balancing for Windows Terminal Services (WTS)

The KEMP ESP – Edge Security Pack

• Microsoft Forefront Threat Management Gateway (TMG) END-OF-LIFE September 2012

….before

…after

Pre-Authentication

Single sign-on across Virtual Services

Host and directory-level security

Customizable forms-based authentication

Security group membership validation

Multiple authentication providers

Persistent Logging and Reporting for User Logging

Cloud load balancers

L4/L7 Server Load Balancing Complete Restful API for Orchestration PowerShell API for Orchestration Content Switching SSL Acceleration Cookie (L7) Persistence Server Health Monitoring Service “Aware” Header Re-write L7 Transparency Caching, Compression Application-specific Templates Edge Security Pack Pre-Auth Single Sign-on

• Cisco UCS B/C-Series • Dell PowerEdge R Series • HP ProLiant DL • Oracle x86 • Fujitsu Server PRIMERGY

Web & Application

Operation & Management

Exchange, Lync & SharePoint

VDI & Virtual App Delivery

Bare Metal Load Balancers & ADCs

Virtual LoadMaster for vCloud Air

VMware Horizon Workspace

vCenter Log Insight Manager vCenter Operations Management Pack

VMware Application Delivery with KEMP Loadmaster covers the following:

Multi tenancy based on a hardware platform

No upfront costs for expensive hardware - multi-tenancy is installed bare metal on HP, Cisco, Dell or Oracle servers without lock-in to expensive proprietary hardware (e.g. Citrix SDX)

Real tenant isolation - multi-tenancy allows for full tenant isolation by providing it’s own internal virtualization layer, therefore preventing impacts from one tenant spilling over to others

Real Servers

CLUSTER

clients

Direct Server Return (DSR)

KEMP LoadMaster Clustering

KEMP SDN Adaptive, powered by the HP VAN SDN Controller

*Download KEMP SDN Adaptive for HP VAN from the HP SDN App Store.*

LoadMaster for EMC Oracle Applications – Load Balance/Reverse Proxy

SAP Solutions – Load Balancing/Reverse Proxy

• Sharepoint • 2010

• 2013

• Skype for Business

• Fujitsu Synapse • PACS – Medical Imaging

Sizing Configurator

https://kemptechnologies.com/load-balancer-sizing-exchange-2010/

https://kemptechnologies.com/load-balancer-sizing-exchange-2013/

Simply configuration – Application Templates

KEMP Application Firewall Pack

KEY Features: Daily Rule Updates SQL injection protection Cross-site scripting mitigation CSRF prevention Cookie tampering prevention IP reputation checking Data leakage protection

Using the KEMP LoadMaster as a Reverse Proxy

SSL Key management functionality out of the box Effective Layer 4-7 load balancing Data compression capabilities Optimized failover High Availability options Content caching Traffic re-encryption A full range of scheduling and persistence methods

Application Delivery

• Layer 4/7 Load Balancing

• Intrusion Prevention

Services

• SNORT Rule Compatible

• TLS (SSL)

Acceleration/Offload

• Caching, compression

Engine

Custom App Rules Rule Chaining Application Profiling

Access Control

• LDAP / RADIUS / Multi-

Factor Authentication

• Granular access control

• Logging / Reporting

• Event logging

• Redundancy and

Availability

• Active/Standby

Configuration

Traffic Inspection

• OWASP Top 10

• HTTP/HTTPS Filtering

• Active or Passive Mode of

operation

• Cross-site scripting

protection

• SQL Injection Protection

• IP Reputation Protection

• Cookie tampering

protection

Logging & Monitoring

Logging & Monitoring

Application Servers

LoadMaster with AFP Security Services

L7

Parser

Caching &

Compressi

on

ESP AFP IPS

KEMP AFP Workflow

Active (block and log) Mode

Operation Support Built-In Logging

Cookie and Form Tampering Prevention

Cross-Site Scripting (XSS)

Mitigation

Cross-Site Request Forgery (CSRF)

Blocking

Daily Rule Updates Data Leak Prevention

Encryption Stream Interception

IP Reputation Checking

Full ADC Integration

OWASP Top Ten Protection

Passive (log only) Mode Operation

Support

Packaged and Custom

Application Support

Support for PCI-DSS Compliance

Trojan Protection

KEMP AFP Feature Summary

kemp technologies load balancing and application … unit + gslb (gtm) $11,000 $42,000 esp/apm...

Documents