Embed Size (px)
Citation preview
John Gormally
Enterprise Relationship Manager
Networking & Cloud team
Service Delivery Layer 4 – 7 Consolidation Strategy
© 2012 Citrix | Confidential – Do Not Distribute
Cisco Departing ACE Load balancing Business
In an apparent concession to its application delivery networking (ADN) competitors, Cisco (NSDQ:CSCO) has confirmed it will end development of its Application Control Engine (ACE) load-balancer products. In a statement e-mailed to CRN, a spokesperson for Cisco said: "Cisco routinely reviews its business to determine where it needs to align investment based on growth opportunities. In assessing the data center market, which is undergoing a fundamental transformation within virtualization, cloud, and new service delivery models, Cisco has decided it will not develop further generations of its ACE load-balancing products."
Cisco & Citrix Netscaler
To fully support customers during this transition phase, Citrix is offering a new ACE Migration Program (AMP) to all global customers. The special program provides Cisco ACE customers with the industry’s most generous product discounts for next-generation ADC solutions, as well as custom NetScaler implementation services provided by world-class Citrix Consulting Services. Citrix is making it easy for ACE customers to migrate to the industry’s best ADC solution, NetScaler.
Between now and December 31, 2012, qualified Cisco ACE customers will receive:• 20% discount on the MSRP of any NetScaler MPX and multi-tenant NetScaler SDX appliance.
Note: Existing volume license programs apply to the discounted manufacturer suggested retail price (MSRP), if applicable
Palo Alto & Citrix Netscaler
Extensive partner support proves the value of this addition to the industry, with the following partners who are extending their market leading network and security services to the next generation NetScaler SDX platform: Aruba Networks, BlueCat Networks, CSE Secure Systems, RSA - The Security Division of EMC, Splunk, Trend Micro, Venafi and Websense. Citrix Repeater, Citrix ShareFile StorageZones and Citrix CloudGateway will also be supported on the next-generation platform. Additionally, today Citrix and Palo Alto Networks announced a multi-phase technology relationship aligning our respective products and technologies to best support emerging data center network architectures.
© 2012 Citrix | Confidential – Do Not Distribute
Transport FabricFast, flat, low latency & always available
Granular control of access, security &
speed of cloud services
7 -
6 -
5 -
4 -
3 -
2 -
1 -
ne
two
rk la
yers
Provides a great network connection
The new “Service Delivery Fabric”
AD
C
Fire
wal
lW
AN
O
ptC
lou
d G
ate
wa
y
AA
A
Vis
ibili
tyW
ire
less
A
cce
ss
Clo
ud
Bri
dg
e
IPS
/ID
S
Da
ta S
calin
g
Single Policy Control Plane
Flexible Deployment Options
DL
P
© 2012 Citrix | Confidential – Do Not Distribute
Service Delivery
AD
CS
DC
Cloud
Identity
App Visibility
Desktop Delivery
Database optimization
WAN optimization
Traditional ADC“Application Delivery
Controller”
AdjacentReal Estate
Consolidation
Application DeliveryNew
Requirements
Offload
Security
Acceleration
Load BalancingTra
diti
ona
l AD
C
© 2012 Citrix | Confidential – Do Not Distribute
"Hybrid networking solutions combining on-premise footprints with off-premise services will emerge as a key component of any enterprise service delivery toolkit."
Mark Fabbi
Gartner Research
© 2012 Citrix | Confidential – Do Not Distribute
A LOT of Different Applications
© 2012 Citrix | Confidential – Do Not Distribute
Ext
ern
al
DM
Z
Inte
rna
lD
MZ
Inte
rna
l
La
b
Different Apps and Networks
© 2012 Citrix | Confidential – Do Not Distribute
The Most Advanced Cloud Network Platform
NetScaler
• Delivers Apps and Data Services with the Best Performance and Reliability
• Empower Control with Full Application Security & Visibility
• Infinite Flexibility with Built-in Cloud Connectivity
• Cloud Scale with Revolutionary Citrix TriScale TM Technology
• Versatile and Extensible Platform for Service Delivery
New
© 2012 Citrix | Confidential – Do Not Distribute
Scale3
Enterprise cloud networks require a scale revolution
11
© 2012 Citrix | Confidential – Do Not Distribute
Citrix TriScale technologyScale up, Scale in and Scale out
Scale up
Scale out
Scale in
Simplicity withMany-In-One
Up to 40:1
Elasticity withPay-As-You-Grow
Up to 5x faster
Expandability withAdd-and-Go
Up to 32x
© 2012 Citrix | Confidential – Do Not Distribute
Scale up – performance on demand
Increase performance on demand ᵒ No need to purchase new hardware
Provision resources as neededᵒ No need to overprovision
Protect datacenter investments ᵒ No ‘forklift’ refreshes and upgrades
Pay-as-you-grow
Network resources
© 2012 Citrix | Confidential – Do Not Distribute
50 Gbps
20 Gbps
10 Gbps
5Gbps
1 2 3 10s
100s
Multi-tenancy
Net
Scal
er P
erfo
rman
ce
Number of web applications
10Mb
200Mb
“Pay as you grow”
“Pay as you grow”
“Pay as you grow”
“Pay as you grow”
License Upgrade
License Upgrade
License Upgrade
1GbpsMPX5500 500Mb
MPX 7500 1Gb
MPX 9500 3Gb
MPX 13500 12Gb
MPX 18500 36Gb
MPX 14500 18Gb
MPX 11500 8Gb
MPX 16500 24Gb
MPX 19500 35Gb
MPX 21500 50Gb
MPX 17500 20Gb
ENTERPRISE
SMB/SME
SERVICE DELIVERY/TELCO/CLOUDINTERNET-CENTRIC
Pay-As-You-Grow –Optimal Price/Performance
© 2012 Citrix | Confidential – Do Not Distribute
Scale in – consolidate networking resources
Consolidate resourcesᵒ True multi-tenancy enables
independent instances of key networking services
No compromise performanceᵒ Advanced virtualization and I/O
accelerationSimplified management
ᵒ Unified provisioning, monitoring and management from a single control plane
Simplicity with Many-In -One
“40x footprint reduction. No Compromises.”
© 2012 Citrix | Confidential – Do Not Distribute
Introducing NetScaler SDX
• Instances, not partitions
• Complete CPU isolation
• Complete memory isolation
• Version independence
• High availability independence
• Lifecycle independence
© 2012 Citrix | Confidential – Do Not Distribute
• SSL acceleration supported
• SSL allocated to VMs on a per chip basis
• Multiple chips can be mapped to a single instance
Citrix Confidential - Do Not Distribute
SSL Acceleration
© 2012 Citrix | Confidential – Do Not Distribute
NetScaler SDX with SR-IOV
Xen
Domain0
Drivers
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
• Hardware IO virtualization for networking
• NIC can be carved into virtual instances
• Crypto pass-thru
• Bypasses dom0
• Near native performance
© 2012 Citrix | Confidential – Do Not Distribute
Network Isolation
• Per instance network isolation• Isolation can be enforced at the NIC
• Full instance isolation• Separate routing domain• Independent routing, IP stack• Independent connection table, ACLs, etc.
© 2012 Citrix | Confidential – Do Not Distribute
• Consolidate across security zones
• Each security zone has its own management network
• Device admin wants to let others administer individual instances
Simple Consolidation with Delegated Administration
© 2012 Citrix | Confidential – Do Not Distribute
All Instances Still on One Management Network
0/1
0/2
1/1
1/7
1/2
1/3
1/4
1/5
1/6
1/8
10/1
10/2
10/3
10/4
Inst
ance
1
ServiceVM
Inst
ance
2
Inst
ance
3
Inst
ance
4
Inst
ance
5
10.1
.1.x
10.1
.2.x
Inst
ance
6
VLAN6 VLAN5
© 2012 Citrix | Confidential – Do Not Distribute
Multiple Networks/VLANs for NSIPs
0/1
0/2
1/1
1/7
1/2
1/3
1/4
1/5
1/6
1/8
10/1
10/2
10/3
10/4
Inst
ance
1
ServiceVM
Inst
ance
2
Inst
ance
3
Inst
ance
4
Inst
ance
5
10.1
.1.x
VLA
N1
VLA
N2
Inst
ance
6
VLAN6 VLAN5
© 2012 Citrix | Confidential – Do Not Distribute
Multiple Networks/VLANs for NSIPs
0/1
0/2
1/1
1/7
1/2
1/3
1/4
1/5
1/6
1/8
10/1
10/2
10/3
10/4
Inst
ance
1
ServiceVM
Inst
ance
2
Inst
ance
3
Inst
ance
4
Inst
ance
5
10.1
.1.x
VLA
N1
VLA
N2
Inst
ance
6
VLAN6 VLAN5
Scenarios where compliance is an issueSpecifically when compliance stance requires separate management networks per
security zone
• Data plane isolation achieved via either port(s) per instance or VLAN filtering• When ports are dedicated, each instance gets up to 4096 VLANs
© 2012 Citrix | Confidential – Do Not Distribute
Consolidation Summary
Web Tier App TierDMZ
GSLB
SSL VPN
SSL Acceleration L7 ADC
Load Balancing
NetScaler SDX
Load Balancing
20-40 1 Consolidation
© 2012 Citrix | Confidential – Do Not Distribute
More Apps Require Stronger Security
© 2012 Citrix | Confidential – Do Not Distribute
Next gen app security and visibility
SSL Everywhereᵒ Full protection with 2048-bit certificates
App Firewallᵒ Blocks 100% of attacks targeting vulnerabilities
in web apps. Assists in PCI compliance.
Secure Remote Accessᵒ Fully integrated SSL VPN protects mobile users
Integrated Real-time App Analyticsᵒ Full visibility into both network and applicationsᵒ Adaptive policies for control and compliance
Visibility plus policy management
Integrated SSL, App Firewall and SSL VPN
© 2012 Citrix | Confidential – Do Not Distribute
Extending the data center to the public cloudLeverage infinite scale and flexibility
across private and public clouds
Evolve the datacenter to be more cloud-like
Build an Amazon-style cloud for maximum flexibility
Maintain control and keep sensitive data on-premise
Extend the datacenter to gain unlimited capacity
Tap low-cost compute from service providers
Ensure network transparency
and security across clouds
Enterprise data center Public Cloud
Connect
© 2012 Citrix | Confidential – Do Not Distribute
Cloud Connectivity with Citrix CloudBridge
• Leverage public clouds to reduce costs and improve agility
• Avoid expensive application and network changes
• Ensure consistent user access independent of location
• Encrypt and protect data from private to public cloud
© 2012 Citrix | Confidential – Do Not Distribute
• Delivers Apps & Data with the Best Performance and Reliability– Integrated solution to optimize, secure and control all enterprise and cloud services
• Cloud Scale with Revolutionary Citrix TriScaleTM
– Scale performance & capacity while reducing appliance sprawl and simplifying the network
• Empower Control with Full App Security and Visibility– Gain end-to-end visibility, ensure compliance and protect valuable corporate assets
• Infinite Flexibility with Built-in Cloud Connectivity– Securely and transparently bring external and internal clouds together
• Versatile and Extensible Platform for Service Delivery – Consolidate adjacent network services w/ unified policy management & flexible deployment
Citrix Value- Service Delivery Layer 4-7 Consolidation
© 2012 Citrix | Confidential – Do Not Distribute
