440 likes | 553 Vues
Application Delivery Network for Microsoft. Radovan Gibala R.Gibala@f5.com. Agenda. Application Ready Network Introduction & Benefits Basic Components of ARN Availability Performance Security Deployment Infrastructure for Microsoft Applications Exchange – Deployment Guides
E N D
Application Delivery Network for Microsoft Radovan Gibala R.Gibala@f5.com
Agenda • Application Ready Network • Introduction & Benefits • Basic Components of ARN • Availability • Performance • Security • Deployment Infrastructure for Microsoft Applications • Exchange – Deployment Guides • SharePoint – Deployment Guides • Integration with MOM
RESULT: Applications and Networks operate without regard to each other limiting scale, performance, reliability, and security ! IT Challenge - Out of Control • Applications and networks behave independently • Many network functions require high degrees of manual intervention • Distributed architectures and web services increase complexity • Historically, applications and protocols for communicating with network devices inflexible at best
Application Problems: Finger Pointing 101 Slow responses Bloated data Security risks Many servers Exchange, SharePoint Application Attacks XML, SOAP, ActiveX, JS Office workers telecommuters Network Administrator Application Developer
Slow responses Bloated data Security risks Many servers ? ? *@#! Application Problems: Finger Pointing 101 Exchange, SharePoint XML, SOAP, ActiveX, JS Application Attacks User Office workers; telecommuters Network Administrator Application Developer
Lack of end-user involvement or it happens at the end (too late) The solution is ‘thrown over the wall’ to the infrastructure team! No clear session management approach No clear separation of business logic from the user interface There is no predictable build process of the solution Testers are testing the developers – but who is testing the testers? Performance & security design is kept till the end of the project Browser compatibility is on the agenda yet testing is under estimated Accessibility, globalization and localization are forgotten In accurate project estimates, lack of financial control and frequent financial/time reconciliation processes 10 Most Common Deployment Mistakes 1 2 3 4 5 6 7 8 9 10 Note: The majority of these are infrastructure and process issues. Source: Vajira Weerasekera Principal Consultant – Microsoft Solutions Development Center
Slow responses Fast responses Bloated data Smaller data Security risks Stops attacks Many servers Fewer servers *@#! F5 Networks’ Application Ready Network for Microsoft User Network Administrator Application Developer
The F5 Business Value Reduces company risks by protection of critical applications against security threats simplify the application deployment process !!! Simplifythe operational manageability Reduce the number of Hardware (servers) or Downsize server size Improves application PERFORMANCESignificantly! Reduce maintenance effort Increased availability, scalability and security drives increased business productivity and faster ROI
Most Cost-Effective Business ContinuityIntelligent & Automated DNS, the Gateway to the Application International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Put Connectivity in the Control of the EnterpriseIntelligent and Automated WAN & Link Optimization / for Applications International Data Center Enterprise Manager Users Applications BIG-IP Link Controller BIG-IP Local Traffic Manager BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Provide Cost-Effective, Secure Application Access for All Users - Universal Access Control International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Offload All Applications for Availability, Acceleration & Security International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
The Data Center Products • Expect: • Very high availability • Less servers • Significant traffic reduction • Significant speed improvement • Improved session persistence • Higher degree of control • Vastly increased security • Improved flow management • Increased scalability • Lower cost BIG-IP Local Traffic Manager Data center optimization Load balancing Caching Compression Rate Shaping SSL / FIPS acceleration TCP Optimisation Connection optimisation
Application Security Module Protect applications and data SSL Acceleration Protect data over the Internet Advanced Client Authentication Module Protect against unauthorised access BIG-IP Security Add-On Modules
Compression Module Increase performance Webaccelerator - Fast Cache Module Offload servers Rate Shaping Module Reserve bandwidth BIG-IP Software Add-On ModulesQuickly Adapt to Changing Application & Business Challenges
Accelerate Applications for Unmanaged UsersCentralize & Accelerate Web Application Optimization International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Offload and Centralize Application Security: Prevent Zero Day Attacks International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Security’s Gaping Hole Firewall Antivirus Host IDS & Secure OS Net IDS Application System Network Access Desktop “64% of the 10 million security incidents tracked targeted port 80.”Information Week DATA
Application Security with a WAF Intelligent Decisions Allow Only Good Application Behaviour; Positive Security Definition of Good and Bad Behaviour Browser
Manage the Application Delivery Network for Op EfficiencyCentralized Management and Infrastructure Integration International Data Center Enterprise Manager BIG-IP Local Traffic Manager BIG-IP Link Controller Users Applications BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Open ADN Web Services API for Integration International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
Unified and Modular ArchitectureA High Performance Framework for the ADN International Data Center Enterprise Manager Users Applications BIG-IP Local Traffic Manager BIG-IP Link Controller BIG-IP Global Traffic Manager ASM Application Security Manager FirePass SSL VPN Web Accelerator WANJet iControl TMOS Business Goal: Achieve these objectives in the most operationally efficient manner
GUI-Based Application Profiles Repeatable Policies iRules Programmable Network Language Security Optimisation Delivery New Service News Website The Most Intelligent and Adaptable Solution Programmable Application Network Unified Application Infrastructure Services Targeted and Adaptable Functions Complete Visibility and Control of Application Flows Universal Inspection Engine (UIE) TM/OS Fast Application Proxy Client Side Server Side Compression TCP Offloading Load Balancing
F5 Benefits for Exchange 2007 • Reliable, Real-Time Availability • Optimized Data Replication Between Data Centers. More Data, Less Time • Secure Point-To-Point Data Replication • Efficiently Use Existing Bandwidth == Less $$
F5’s Benefits for SharePoint • Increase SharePoint Server Performance by 5x • 20-30% Bandwidth Reduction for Remote Users • Gain 25+% Server Capacity with Service Offload • Reduce Time-Out Errors by 85% for Mobile Users • Automated Failover and Access Control
Global Application Health • Application Aware Monitoring: Back-end system goes down, entire application is taken down and users are re-routed • Global Failover Based on Application Health, Not Just Server and Data Center Health • Lose an app in Warszawa, Redirect Users to Praha, Transparently • Full Integration From Remote Data Centers Down to Users
Requirements For Application Security Securing user AND transaction access to applications and data is critical to completely securing enterprise IT User/transaction validity App & data access auth. Unauthorized User From A Valid Terminal Partner Employee Customer Corporate IP Network Corporate Apps & Data Invalid Transaction From A Valid System Contextual Security: Policy Management
F5 Sharepoint Security Benefits • Secure Session Management • Inline Reverse Proxy Sees All Data, Requests and Responses • Granular Application Control • Session-Based Policy Management • Accountability: Audit Trail • Application Delivery Security
Internet Secure Microsoft Access • Any Device • Laptops • Home PCs • Smart phones • PDAs • Wi-Fi access Outlook Web Access iNotes Web-based CRM HR Data Unified Access Gateway Servers, applications, intranet servers • Any User • Suppliers • Consultants • Branch office employees • Telecommuters • Mobile employees • Partners • Any Application • Mainframe • Client-server • Web-based • Web Services Broad user, clients and application support
Unified Access Gateway and Outlook • Integration: Secure User Access to Exchange via Outlook or OWA • Granularity: Application Awareness and Control • Flexibility: Multiple Secure Access Solutions • Specific to Your Mail Infrastructure • Client-less for All Users
Unified Access Gateway and SharePoint • Secure User Access to SharePoint • Intelligent Content Distribution based on access platform • Send only the data I need, nothing more • Vista == Full graphic experience • WinMobile == No DHTML, just data
F5 Security/Windows Interoperability • Vista GINA integration • Internet Explorer 7 support • Windows Installer • Auto-launch Web AppTunnels • Enhanced user-session variables for Active Directory, and networking
MTC Engagement Types • Strategy briefings • Architecture design session – customised session • Proof of Concept workshop • MTC locations in EMEA - Copenhagen, Denmark - Dubai, UAE - Munich, Germany - Paris, France - Thames Valley, UK
F5 Technology Center • Hosted Strategy Briefings • Architecture Design – Customized Sessions • On-site Technical Expertise • Proof of Concept, Real-World Implementation • Located At F5 Headquarters in Seattle, WA
At Home In the Office On the Road SAP Exchange Oracle Application Ready Network for MS Users Applications Application Ready Network Vista XP Mobile PC SharePoint 2007 Exchange 2007 Active Directory F5 Adds More Performance, Security, Availability, and Scalability to your MS Application Roll-Out