F5 Value For Virtualization

F5 Value for Virtualization

Patricio Campos Olmedo

Territory Manager South Cone

F5 Networks www.f5.com

+562.431.5358 +1.206.501.2207

p.campos@f5.com

2

Delivering Applications is Complex

Availability

Security

Growth

End-userExperience

Efficiency

Application Architect

3

Application

How Do You Solve These Issues?Multiple Point Solutions

Network Administrator Application Developer

Add more infrastructure?

Hire an army of developers?

MoreBandwidth

4

The Infrastructure Must Be Agile

Business Drivers• Align IT to Business• Cost, ROI• Security, privacy, compliance• Workforce productivity• New applications / services• Consolidation• Shared resources• Managing change

Technology Drivers• Virtualization• Legacy application update• Unified networking/

communications• Web 2.0 • Green IT• Identity/access management• Mobile enablement

People and Budgets• Business and IT are not

optimized

5

A Shift Toward Innovation

Securing assets

Managing systems

Reducing costs

Developing new apps, services, SOA

Virtualization

Enabling interop

Maintaining legacy apps

Ensuring compliance

Driving people productivity

Enabling Mobility 80% 20%MAINTENANCE NEW INNOVATION

6

BIG-IP Local Traffic ManagerTurn your infrastructure into an agile application delivery network

• Scale the application infrastructure• Eliminate downtime• Improve application performance• Secure your applications and data• Increase server capacity, reduce bandwidth• Customize the delivery of the app for your needs

Users Applications

BIG-IP

7

It Starts with Load BalancingEnsure availability and plan for growth

TransactionAssurance

High PerformanceHardware

Dynamic LBMethods

Session Persistence

Application Health Monitoring

LTM load balances at the application level• Ensures the best resources are always selected• Has deep visibility into application health• Proactively inspects and responds to errors

Eliminate downtime and scale the application

8

Improve the End-User Experience

LTM improves the application performance• Optimize the connections and prioritize traffic• Reduce the amount of data sent, both to the

client and across the WAN

IntelligentCompression

TCP Express

WebAccelerator(add-on module) iSessions

9

Secure the Applications and Data

Security at Application, Protocol and Network Level• Meet compliance requirements (PCI, HPPIA, etc.)• Strong protection without interrupting legitimate traffic

Resource Cloaking and

Content Security

Network and Protocol Attack

Prevention

Application Security Manager

(add-on module)

Selective Encryption

“BIG-IP enabled us to improve security instead of having to invest time and money to develop a new more secure application”

Application MangerGlobal 5000 Media and Entertainment Company

TechValidate 0C0-126-2FB

10

Let Servers Serve

LTM offloads tasks from application servers• Reduce the number of servers required• Centralized SSL key management

One ConnectFast CacheSSL OffloadCompression

1/2 of BIG-IP owners have saved 20% or more on their total Capital Expenses with BIG-IP

Source: TechValidate Survey of F5 BIG-IP Users

11

Complete Control and Flexibility

Total Application Control• Complete payload inspection and transformation• Open API and SDK to integrate with infrastructure

iControl

iRules

64% of BIG-IP users said that they can respond more quickly to changing business needs after deploying F5 BIG-IP.

Source: TechValidate Survey of F5 BIG-IP Users

12

Unified System for Application Delivery

ApplicationsUsers

iRulesiRules

High Performance HardwareHigh Performance Hardware iControliControl

Full ProxyFull Proxy

ClientSide

ClientSide

Server Side

Server Side

Glo

bal T

raffi

c M

anag

er

Web

Acc

eler

ator

App

licat

ion

Sec

urity

WA

N D

eliv

ery

Ser

vice

s

F5’s TMOS Architecture

13

Specialized Hardware for App Delivery

Hardware designed specifically for Application Delivery• Industry’s best performance – up to 40 Gbps throughput• Hot-Swappable Components• Flexible deployment options – FIPS, NEBS, DC power• Always-on Management• Hardware SSL offload

14

BIG-IP Hardware Line-up

BIG-IP 3600

Dual core CPU8 10/100/1000 + 2x 1GB SFP1x 160 GB HD + 8GB CF4 GB memorySSL @ 10K TPS / 2 Gb bulk1 Gbps max software compression

2 Gbps L7 Traffic

BIG-IP 8900

BIG-IP 1600

Dual core CPU4 10/100/1000 + 2x 1GB SFP1x 160GB HD4 GB memorySSL @ 5K TPS / 1 Gb Bulk1 Gbps max software compression

1 Gbps L7 Traffic

2 x Dual core CPU16 10/100/1000 + 8x 1GB SFP2x 320 GB HD (S/W RAID) + 8GB CF8 GB memorySSL @ 25K TPS / 4 Gb bulk5 Gbps max hardware compression

6 Gbps L7 Traffic

BIG-IP 69002 x Quad core CPU16 10/100/1000 + 8x 1GB SFP2x 320 GB HD (S/W RAID) + 8GB CF16 GB memorySSL @ 58K TPS / 9.6Gb bulk8 Gbps max hardware compression

12 Gbps L7 TrafficBIG-IP 3900

Quad core CPU8 10/100/1000 + 4x 1GB SFP1x 300 GB HD + 8GB CF8 GB memorySSL @ 15K TPS / 3.8 Gb bulk3.8 Gbps max software compression

4 Gbps L7 Traffic

15

Platform Performance for LTM

BIG-IP 1600

BIG-IP 3600

BIG-IP 3900

BIG-IP 6900

BIG-IP 8900

VIPRIONWith 4 blades

Max. throughput 1 Gbps 2 Gbps 4 Gbps 6 Gbps 12 Gbps 40 Gbps

Layer 4 Connections/sec

60,000 115,000 175,000 220,000 400,000 1 Million

Layer 7 Requests/sec (inf-inf)

100,000 135,000 400,000 600,000 1,200,000 3,200,000

Max. conc. conn. 4 Million 4 Million 8 Million 8 Million 16 Million 32 Million

Max. SSL TPS 5,000 10,000 15,000 25,000 58,000 200,000

Max. SSL Bulk 1 Gbps 1.5 Gbps 3.8 Gbps 4 Gbps 9.6 Gbps 36 Gbps

Max. SSL conc. conn. 1 Million 1 Million 1 Million 2 Million 4 Million 8 Million

Max. compression 1 Gbps 1 Gbps 3.8 Gbps 5 Gbps 8 Gbps 16 Gbps

Switch backplane 14 Gbps 24 Gbps 34 Gbps 68 Gbps 112 Gbps 368 Gbps

16

Connect with 40,000 ADC ExpertsAt DevCentral

• Blogs

• Multimedia

• iRules and iControl samples

• Forums

• Tutorials

• Tools

http://devcentral.f5.com

17

Magic Quadrant for Application Delivery Controllers, 2009

Leadership Position

F5 Networks - Strengths• F5 Networks has a broad and comprehensive

vision with industry-leading understanding of the needs of application development, deployment and management.

• The vendor has a comprehensive feature set with a full range of extensibility delivered through iRules and iControl, and integration with popular integrated development environments (IDEs), such as Eclipse and .NET/Visual Basic.

• F5 has developed a very large community of committed users (using F5's DevCentral portal) that helps fuel the use of iRules to solve unique data center application challenges, creating a loyal and engaged user base.

• F5 has a solid financial position and continued market-leading position.

SOURCE: Gartner, Inc.

18

BIG-IP Local Traffic ManagerTurn your infrastructure into an agile application delivery network

• Scale the application infrastructure• Eliminate downtime• Improve application performance• Secure your applications and data• Increase server capacity, reduce bandwidth• Customize the delivery of the app for your needs

Users Applications

BIG-IP

Overview of F5 Value for VMware Deployments

20

F5 & VMware

• F5 & VMware are active partners

• Interoperability & Performance Testing– vSphere, vCenter, AppSpeed, SRM, View, etc.

• Joint Deployment Guides

• Future joint development plans in progress

• Dedicated alliance teams

21

Virtualization Challenges& How F5 can help

22

Virtualization Drivers and Barriers

22

• Cost Savings• IT Agility• IT Efficiency• Consolidation

CommonVirtualization Drivers = CIO Objectives

23

Virtualization Drivers and Barriers

23

CommonVirtualization Drivers = CIO Objectives

• Performance• Availability• Management• Integration

Common Virtualization Barriers = Real World Challenges

• Cost Savings• IT Agility• IT Efficiency• Consolidation

24

Virtualization Drivers and Barriers

• Performance• Availability• Management• Integration

COMMON RISKS • Inability to Meet SLAs• User Complaints• Application Downtime• Over Budget

• Cost Savings• IT Agility• IT Efficiency• Consolidation

IMPACT to the

Business

CommonVirtualization Drivers = CIO Objectives

Common Virtualization Barriers = Real World Challenges

25

Common App Challenges in a Virtualized Environment

• Application awarenessServer Virtualization focuses on virtual hardware, not apps

• Shared hardware resourcesHas the greatest impact on the apps, unpredictable

• Network integrationNetwork is hard-wired, but apps are mobile & agile

26

Underlying Customer Challenges

• Seamless access to new VMs as they come online

• Application performance on par with dedicated servers

• Simplified network config. management between

physical, virtual, and app networks

• Transparent application traffic flow during VM migrations

Key Performance Objectives• SLAs/uptime• Efficient use of IT resources• Application availability metrics

27

Overview of F5 Value Propositionfor VMware Virtualized Infrastructure

28

IT Challenges F5 Capabilities F5 Products

F5 Value for Virtualization

• Seamless and secure access to VMs as they come online

• Application performance and availability on par with physical servers

• Lower use of virtualized disk, memory, CPU resources

• Enforce IT security and access policies for applications

• More VMs per physical server due to reduced resource utilization

• Server life extension

• Application-specific templates for security and optimization

• Connection management, network and WAN optimization

• LTM

• GTM

• ASM

• APM

29

IT Challenges F5 Capabilities F5 Products

F5 Value for Virtualization

• Simplified network configuration and management

• Integrated single-point management with VMware vCenter and Microsoft System Center

• Bi-directional configuration and sharing of information between the virtual platforms and BIG-IP

• Route domains, Overlapping IPs

• Brings network intelligence to virtual platforms

• Tiered storage to manage VM sprawl

• LTM

• iControl

• ARX

30

IT Challenges F5 Capabilities F5 Products

F5 Value for Virtualization

• Transparent application traffic flow during VM migration

• Enhanced user experience

• Application traffic follows VM migrations, even between data centers or to the cloud

- Without downtime

- Without user disruption

- Accelerated data transmission

- Disaster Avoidance

- Capacity expansion

- Changeover between cloud providers

• LTM

• GTM

31

Real Results: F5 and Virtual Deployments

• 88% of F5 customers improved VM density between 10% and 40% on a typical server with F5

• “We eliminated over 100 IP addresses from the host layer of our internet facing servers because of virtualization and the ability for of the F5 hardware to handle SSL and compression.”

• “Using F5 BIG-IP and VMware we have been able to consolidate…physical servers, allowing us to reduce power consumption and heat generation.”

Tech Validated Survey Results – August 2009

32

Performance & Availability

Caching

SSL Offload

Compression

De-duplication

TCP Optimization

Rate Shaping

Security

Advanced Load Balancing

Advanced Persistence

Performance & Availability

Caching

SSL Offload

Compression

De-duplicationSecurity

Advanced Load Balancing

Advanced Persistence

OverviewF5 Value-Add for VMware Deployments

vCenter

SRM

View 3.0

vSphere 4.0

View 3.0

View 3.0

vSphere 4.0

vSphere 4.0

AppSpeed

vSphere 4.0

vSphere 4.0

vSphere 4.0vSphere

4.0

vSphere 4.0

SRM

View 3.0

vSphere 4.0

View 3.0

View 3.0

View 3.0

SRM

View 3.0

33

Server Virtualization & F5

34

Performance, Availability, Security

• BIG-IP is equally important to virtual application clusters as it is to physical application clusters.– Load balancing– Traffic Management– Traffic Optimization– Acceleration– Security

• Important for:– ESX/vSphere– View VDM Servers

35

Efficiency Purpose-Built ASICs

General Purpose CPU

Speed Serves from Cache

Serves from CPU/Disk

For Many Transactions, BIG-IP is more Efficient than the Server

36

Use of Server Offload Yields Higher VM Density

http://www.techvalidate.com/product-research/f5-big-ip/facts/975-FFD-F8D

Before After

37

Example: Reduced CPU Utilization on SAP Portal

Joint testing conducted at SAP Co-Innovation Lab

68%

38%

38

Integration for Automation

1. BIG-IP Local Traffic Manager and VMware vCenter are integrated for automatic provisioning of local virtual machines on demand.

• Respond instantly to changes in traffic volume

• Provision to mean rather than peak

• Reduce manual labor

2. BIG-IP Global Traffic Manager and VMware SRM are integrated to enable failover between sites.

• When SRM fails over from site-A to site-B, it can instruct GTM to redirect application traffic automatically and instantly to site-B.

• Zero application downtime

39

Web Clients

FrontEnd

AppServers Virtualization

App. Server App. Server App. Server

Storage Virtualization

Frontends VirtualizationBIG-IP LTM

BIG-IP LTM

FrontEnd FrontEnd

Web Clients

iControl

iControl

Mon

itori

ng &

Manag

em

ent

vCenter

+

AppSpeed

(optional)

Demand ↑ ↑ ↑

F5 Provision

Detection

Automation

VM Provision

Demand ↓ ↓ ↓

VM Deprovision

Detection

Automation

F5 Deprovision

Illustration: LTM & vCenter Integration

40

Illustration: GTM & SRM Integration

SRM Failover

Ongoing Replication

(a) GTM Health checks reveal unhealthy site 1. GTM self-executes a redirection to site 2.

(b) SRM instructs GTM via iControl to failover to site 2

Site 1 Site 2

41

WAN Acceleration for VMwarevMotion, Storage vMotion & View

• Overcome latency, packet loss and low bandwidth• BIG-IP iSessions™

– Free feature of LTM, no additional boxes required

– Compression, Optimization

• WAN Optimization Module – Add-on Module for LTM– Accelerates VMware View remote desktop traffic on average 12:1– Can accelerate vMotion up to 25:1– Improved user experience over any link– Acceptable connections over weak links– Compression, Optimization, De-duplication

44

Desktop Virtualization & F5

45

LTM Offload from View Manager Servers

View Manager load grows over time

But LTM can improve View Manager Server Efficiency, Resulting in fewer servers needed and better performance

46

LTM Acceleration of RDP Traffic

LTM can also accelerate RDP traffic up to 12:1 using its WAN Optimization Module

Encrypted, Accelerated, Deduplicated Tunnel

47

VDI/View Deployment Wizard

50

Cloud Computing & F5

51

Global Traffic Management for the Cloud

• The combination of BIG-IP Global Traffic Manager and Local Traffic Manager enables VMware vMotion of live applications between data centers, or to the cloud.– Without downtime– Without user disruption– Accelerated data transmission– Disaster Avoidance– Capacity expansion– Changeover between

cloud providersiSession tunnel

Live Demo Here

52

On-Demand Scalability in the Cloud

LAN

Internal Cloud External Cloud

On-DemandScaleability

Scale-up by simply plugging in a new blade.

Zero configuration

On-Premise Servers

53

Dynamic & Intelligent Traffic Management between Cloud & DC

Enterprise Manager

Firewalls

BIG-IPGlobal Traffic Manager

DatabaseServers

BladeServers

HQ Site 1

BIG-IPLocal Traffic Manager

BIG-IPLink Controller

DMZ

Enterprise Manager

Firewalls

BIG-IP Global Traffic Manager

DatabaseServers

BladeServers

BIG-IPLocalTraffic

Manager

FirePass

BIG-IPLink Controller

DMZ

BranchOffice

FirePass

Remote User

Site 2

BIG-IP SAM

Internet or WANInternet or WAN

Dynamically load balance between data centers based on application availability, time of day, etc. Take into account all tiers of the application

54

Symmetric Compression• Adaptive• Deflate• LZO

SSL Encryption

Integrated and free with BIG-IP LTM v10

Note: Not available on the 1500 and 3400

Secure & Optimized Tunnel between Cloud & DC“BIG-IP iSessions”