1 / 16

Netscaler 10 vCommunity 2012

Netscaler 10 vCommunity 2012. John Smith, CCA, CTP http://edgesightunderthehood.com http://xen-trifuge.com. New Features. Clustering Data Stream Enhancements AAA Enhancements SAML NTLMv2 Visibility Enhancements Action Analytics. Clustering.

euclid
Télécharger la présentation

Netscaler 10 vCommunity 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Netscaler 10vCommunity 2012 John Smith, CCA, CTP http://edgesightunderthehood.com http://xen-trifuge.com

  2. New Features • Clustering • Data Stream Enhancements • AAA Enhancements • SAML • NTLMv2 • Visibility Enhancements • Action Analytics

  3. Clustering • Allows you to have an active-active Netscaler configuration rather than a failover configuration. • Similar to a farm metric server, the configuration coordinator selects the next Netscaler based on link aggregation (Link State) instead of CPU, Memory and Session Count • A 16-node cluster has been scaled up to 750 GB of throughput.

  4. Benefits of Clustering • No longer paying the same amount of money to have a Netscaler sit and wait and do nothing until a failure. • Staggering throughput for future “big data” endeavors. (Youtube: “Netscaler Cluster”) • You make 32 appliances act as one giant node (A Netscaler super-node). • Built-in Fault Tolerance.

  5. AAA Enhancements • SAMLv2 Authentication • Allows for Single Sign on support for Web based applications. • Helps solve the “Identity Crisis” that exists in today’s collaborative cloud environment. • ADFS for Windows 2008 R2 has SAML 2.0 support. • NTLMv2 for AAA • Finally some help for SharePoint Integration and SSO by passing NTLMv2 Credentials First then falling back to NTLMv1

  6. DataStream (Native SQL Proxy) • Allows for Parallel processing of SQL Commands • Intelligent Health Checks • Reduce the TCP Footprint on the individual SQL Servers by multiplexing sessions on the VIP. • TDS Protocol Awareness vs. basic TCP Load Balancing. • Compatible from 2000-2012 and Oracle Support on the horizon. • Because it is not using SSL, VPX closers make a very affordable option for enhancing SQL Connectivity.

  7. DataStream Technologies

  8. Benefits of Datastream • More TCP Connections can be accommodated. • 32K RPC Limit for MS-SQL Server. The Netscaler offloads these connections and allow for more databases to be hosted on a single server (less Licensing Costs) • Less TCP Overhead and allows the Network layer “heavy lifting” to be done by the Netscaler and the Query handling to be done by the SQL Server. Or Netscaler = Brawn, SQL Server = Brain • Allows for Caching which will further give you better performance from your MS-SQL Server. • Is now transaction aware (acts as a SQL Client to the Database Server) • Middle-Tier servers are much more efficient as they never have to deal with the state. • Increased visibility to APP Owners and DBA’s to see all transactions from the top-down using APPFlow. • Clients don’t feel it when a Database Server goes down because their session is with the VIP. • Create responder commands that can protect your database (Stop “drop table” commands) • Up to 3x Improvement just putting the database behind the Netscaler.

  9. Additional Information • http://www.youtube.com/watch?v=DMraXl2-ino • Won “Best of Tech Ed” this year.

  10. Stream Analyitics • Allows for real-time analysis of URL performance • Lets you see clients who are connected to specific Netscaler VIPS • Is run from the command line but also has a nice GUI that you can run from the Netscaler. • Can view Analytics for both SQL and Web based VIPS.

  11. Steps • Create the Analytics “Selector” • Set the metrics you want to collect. • Name the Selector • Create the Stream Identifier • Bind the Stream Identifier to a Responder Policy • Bind the Responder Policy Globally or to a specific VIP.

  12. DEMOStream Analytics

  13. “ICASTART, ICAENDICA-LIKE!!!” • New log as of 9.3 that gives us some critical metrics that can be hard to get, even with Edgesight. • Two separate Logs, ICASTART and ICAEND • ICASTART: • 12/09/2012:14:40:46 GMT ns 0-PPE-0 : SSLVPN ICASTART 540963 0 : Source 192.168.1.98:62362 - Destination 192.168.1.82:2598 - username:domainnamemhayes:Xentrifuge - applicationName Desktop - startTime "12/09/2012:14:40:46 GMT" - connectionId81d16 • ICAEND: • 12/09/2012:14:41:12 GMT ns 0-PPE-0 : SSLVPN ICAEND_CONNSTAT 541032 0 : Source 192.168.1.98:62362 - Destination 192.168.1.82:2598 - username:domainnamemhayes:Xentrifuge - startTime "12/09/2012:14:40:46 GMT" - endTime "12/09/2012:14:41:12 GMT" - Duration 00:00:26 - Total_bytes_send 9363 - Total_bytes_recv 587588 - Total_compressedbytes_send 0 - Total_compressedbytes_recv 0 - Compression_ratio_send 0.00% - Compression_ratio_recv 0.00% - connectionId81d16

  14. Logging this Data • I use SolarWinds KIWI Syslog Server • Integrate with SQL Server and Reporting Services • If you can afford it, you should use Splunk and parse the data with their tool • Use a Parse Script to parse the data into SQL Server Columns. • Leverage the data once it is in a SQL Server Database.

  15. ICASTART/ICAENDDEMO:

  16. Benefits of logging ICASTART/ICAEND • Real-time Analytics of incoming ICA Sessions • Real-time Analytics of ICA Sessions in general • Ability to report utilization • Ability to report how long a users’ session was • Reporting on Average Session • By IP Range • By time of day • By User ID • By Domain

More Related