Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
TECH 5 - Beyond WAN Acceleration: Using Riverbed for more than just Using Riverbed for more than just
WAN accelerationDavid S. Michel – CIO: Burr & Forman LLP
Sean M. Power – Manager – IT Security and Infrastructure: L h & G LLPLathrop & Gage LLP
Steven R. Smoot, Ph.D. – VP of Technical Operations Riverbed
AgendaAgenda
• What does Riverbed do in your Network?What does Riverbed do in your Network?• Branch Office Box Solution
– Riverbed Services Platform - RSPRiverbed Services Platform RSP– Steelhead Mobile Controller - SMC
• End to End Visibility and Performance Monitoringy g– Cascade
• Summaryy• Q/A
Imagine if You Could….
Cut consolidation time by 50% with no performance hit
Avoid WAN bandwidth upgrades for 3 years3 Avoid WAN bandwidth upgrades for 3 yearsYEARS3
Improve worker productivity globally
Drive more than 400% ROI in 6-9 months
457%
3
For 7800+ Customers, the Answer Is RiverbedAnswer Is Riverbed
$6 5M d i S i $20M/ A hi 6 S d $5M i $6.5M saved in 1 year $60M in
5 years
Saving $20M/yr via faster value
chain collaboration
Achieve a 6 mo payback and save $20M
Saved $5M in software costs
collaboration
“With Riverbed, remote users regularly access centralized data without “With Riverbed, remote users regularly access centralized data without g yg yexperiencing 45 minute wait times. Users are less frustrated and more productive, experiencing 45 minute wait times. Users are less frustrated and more productive,
while IT costs have been lowered”while IT costs have been lowered”
---- Nat Thomas, Technical Director, CSXNat Thomas, Technical Director, CSX
4
Riverbed is the IT Performance CompanyCompany
Optimize ConsolidateUnderstandThe ROI from Network,
Storage, App, and Cloud Investments
To the data center and within the branch
The Total Performance Picture
SIMPLIFY CONSOLIDATION / VIRTUALIZATION AND
ENABLE LOCAL-LIKE PERFORMANCE
SPOTLIGHT CURRENT PERFORMANCE PAIN &
POTENTIAL
ACCELERATE APPS,CUT BANDWIDTH COSTS,
ENHANCE BCDR,IMPROVE STAFF PRODUCTIVITYPRODUCTIVITY
Riverbed’s Complete Family of Performance Products
BRANCH OFFICEBRANCH OFFICE
SteelheadAppliances & Virtual
Steelhead*
Cascade
PRIVATE DATA CENTERPRIVATE DATA CENTER
WAN
PRIVATE DATA CENTERPRIVATE DATA CENTERPRIVATE CLOUDPRIVATE CLOUD
Steelhead Mobile
MOBILE WORKERSMOBILE WORKERS
Steelhead Mobile
Cloud Steelhead*
PUBLIC CLOUDPUBLIC CLOUD
SECONDARY DATA CENTERSECONDARY DATA CENTER
Riverbed’s Cloud Direction
Cloud Services Provider
Backups
or
D t C t WANData Center WANWAN
Back up or Archive to the Cloud
What is RSP?What is RSP?
• VMware Virtualization running on the VMware Virtualization running on the Steelhead – VM Server 2
• S pport for 5 VM instances• Support for 5 VM instances• Steelhead is always in-path, but RSP provides
f f f ff fflexible configurations for different data flow scenarios (VNI’s – virtual network interfaces)
• RSP is a separate service running in own memory space – traffic and optimization always preserved
Use Cases for RSPUse Cases for RSP
• Branch ServicesBranch Services– DC, AD, File and Print, BranchCache
Consolidated core network services Infoblox– Consolidated core network services - Infoblox
• Security /– IDS/IPS,
– Firewall (e.g. Checkpoint, Forefront), – Web Filtering (e.g. Websense)
IT Consolidation INSIDEthe branchthe branch
Further Consolidation at
Further Consolidation at Branch Office
TodayBranch Office
Today
Server Consolidation to
Server Consolidation to
Branch OfficeBranch OfficeTodayTodayData CenterData Center
AD AD AD, DNS/DHCP
FIREWALLDNS/ DHCP
PRINT SERVER
FIREWALL
FILE SERVERS
MAIL SERVER
AD, DNS/DHCP
FIREWALL
DNS/ DHCP
PRINT SERVER
FIREWALL
FILE SERVERS
MAIL SERVER
FIREWALL
ANY VIRTUALIZED SERVICE
MAIL SERVER
FILERS
STORAGE
FIREWALL
PRINT SERVER
WAN OPTIMIZATION
MAIL SERVER
FILERS
STORAGE
Use Cases for RSPUse Cases for RSP
• Enterprise VideoEnterprise Video– Efficient video streaming
Live video splitting at the edge– Live video splitting at the edge– Content prepositioning
A t t d di ti f th – Automated redirection for the user– Support for Flash and Windows Media
P l Q d W d M d– Polycom, Qumu and Windows Media
Use Cases for RSPUse Cases for RSP
• Networking & ManagementNetworking & Management– Routing – Vyatta
Riverbed Virtual Editions– Riverbed Virtual Editions• Steelhead Mobile Controller - SMC VE, • Cascade Sensor VECascade Sensor VE
– Satellite communication – SCPS– OPNETOPNET
RSP - ScreenshotRSP Screenshot
RSP NetworkingRSP Networking• In-band packages
AN N f AN WAN d fl– LAN VNI for LAN to WAN dataflow– WAN VNI for WAN to LAN dataflow– Virtual In-Path packages
• DNAT (IP, Port, IP & Port) – Proxy based solutions like SAP/ADOWSAP/ADOW
• Mirror – Span port for network monitoring
– Management VNI’s – primary/aux portsManagement VNI s primary/aux ports
• Out-of-band packages• e g Windows Ser er• e.g. Windows Server
RSP NetworkingRSP Networking
• Example VNI for Cascade Sensor - VEExample VNI for Cascade Sensor - VE
RSP NetworkingRSP Networking
Summary of Dataflow rulesPackage Solution VNI Integration Interaction with
Opt traffic
Windows / Infoblox Branch Services Mgmt / Aux None
Websense URL Filtering Virtual Inpath All traffic copied to the packagepackage
Checkpoint, McAfee Firewall Enterprise, Microsoft TMG
VPN and Firewall LAN/WAN Bridging Optimizable traffic redirected to package
Polycom, Qumu, Accordent Media Services Virtual Inpath
Redirected to package with Layer 3 NAT
Opnet Ace Live, Riverbed Cascade Network Monitoring LAN/WAN Bridging Span port
Vyatta Routing Virtual Inpath Layer 2 switchVyatta Routing Virtual Inpath Layer 2 switch
RSP - Technical ConsiderationsRSP Technical Considerations• VM creation in VMserver, Workstation and P2V• Virtual machine versions 4, 6, 7• Check 32Bit/64Bit support per appliance model depending on what VM
you want to run– Desktop Models – 250, 500 32-bitDesktop Models 250, 500 32 bit– 1U and Above – 64-bit
• For production critical RSP packages– recommend RAID kit for SH for the 1U models
• No thin provisioning• Must install VMware tools• No USB or CD/DVD support• Memory supported disc space supported• Memory supported, disc space supported• RiOS 6.0 and above – more RAM supported• Check resources that appliance needs
Steelhead MobileSteelhead Mobile
• Software based implementation of Steelhead Software based implementation of Steelhead technology for your end-points
• Gi e o r laptops and PC’s their own • Give your laptops and PC’s their own Steelhead for optimization when working remotelyremotely
Three Challenges For Mobile Workforce
p gp g
LocationLocationInconsistent connection types, costs, and user volumes: Inconsistent connection types, costs, and user volumes:
All conspire against a All conspire against a ““standardstandard”” environment environment y g py g p
LatencyLatencyIs the major issue how long it takes people to accomplish a task? Is the major issue how long it takes people to accomplish a task?
Latency is the secret throughput killerLatency is the secret throughput killer
Steelhead Mobile Solves All Three Challenges!Steelhead Mobile Solves All Three Challenges!LinkLink
Low bandwidth links (e.g. satellite) Low bandwidth links (e.g. satellite) Lots of applications on overwhelmed bandwidth Lots of applications on overwhelmed bandwidth
ppExpensiveExpensive
Making Acceleration Easy –For All Mobile UsersFor All Mobile Users
Concurrent licensing modelA ‘pool’ of licenses for use by all mobile workersEstimated 1 license per every 3 to 5 mobile Estimated 1 license per every 3 to 5 mobile workersOther vendors do licensing per user
$87 cost estimate per mobile ser (1 4 model)
Pricing$87 cost estimate per mobile user (1:4 model)
Steelhead Mobile Controller: $12,995(includes 30 licenses)
Steelhead Mobile Licenses: Starts at $3 500 Steelhead Mobile Licenses: Starts at $3,500 for 10
Deploy to all laptops pay only for what you Easy to manage Deploy to all laptops – pay only for what you needCluster Steelhead Mobile Controllers as needed
Steelhead Mobile Solution –The 3 Components The 3 Components
Steelhead Mobile Software Steelhead Mobile Controller Steelhead Appliance• Deployed on a laptop or desktop
PC• Runs in ‘invisible’ or ‘visible’ mode• Reduces bandwidth needs• Optimizes protocol inefficiencies
Deployed in the data centerHandles all licensing, detailed reporting, packaging & policies
ppDeployed in data centerAny modelRiOS 4 i d• Optimizes protocol inefficiencies
• Windows 2000 SP4: XP SP3 (32 bit versions only), Vista SP1 (32 bit versions only)
• Celeron 450MHz CPU• Minimum 250 MB hard drive
policiesSupports up to 2,000 concurrent active Mobile clients
RiOS 4.x requiredCommunicates directly with Steelhead Mobile
• Minimum 250 MB hard drive (configurable up to 20 GB)
• 256 MB RAM
Clusters for scaleMinimum one Steelhead Mobile Controller required1U rack mountable server
Two Deployment OptionsSMC-VE SMC
PRIMARY DATA CENTERBRANCH OFFICE
SMC-VE, SMC
Steelhead Mobile Controller
Appliance
Designed for large deployments and rapidly
Steelhead Mobile Controller
Virtual Edition
Enterprise grade acceleration for SMB or smaller strategic
WAN growing organizations
Standalone appliance deployed in the data center.$12,995 with 30 concurrent
mobile deployments
Virtual package deployed in the Riverbed Services Platform on Steelhead Appliance
MOBILE WORKERS
licensesSupports up to 4,000 concurrent active Mobile clientsClusters for scale
$5,995 with 10 concurrent licensesSupports up to 100 concurrent active Mobile clients
Steelhead Mobile - Benefits
HTTP & HTTPS Optimization
Steelhead Mobile Benefits
HTTP AccelerationImproved performance for all HTTP(S) applicationsSame approach to HTTP(S) optimization as RiOS 6.0 provides a complete pp ( ) p p psolution for web application acceleration for branch office and mobile workers
Branch Warming“Warm “performance regardless of locationWarm performance regardless of locationSharing data references between mobile and branch office workers improves acceleration for the entire organization
Expanded Support for Next Generation Operating Systems & PlatformsBranch Office (LAN)Expanded Support for Next Generation Operating Systems & Platforms64-Bit Systems: Optimization for memory and data intensive applicationsW d 7 C f f ll f M f ' Windows 7: Consistent performance for all of Microsoft's modern OS’s
Use Cases for Steelhead Mobile
Pandemic Planning Backup Optimization• Tools for mobility need to be in
place• Business processes essential
• Cost-effective Steelhead backup mechanism
• Only active when Steelhead is t • Most large customers do some
form of planning• Federal Telework MandateG IT I iti ti
not Desktop Virtualization• Integration into virtualization
toolsGreen IT Initiatives• Consolidation efforts save
energy, staff, equipment• SHM saves cost of additional
tools• Accelerate full virtualization
tools• Accelerate Application • SHM saves cost of additional
appliances• Real estate costs
Accelerate Application virtualization tools
• Thinstall, softricity, kidaro, ACE
Steelhead MobileReal World Performance
• Laptop offline for 1 week, mailbox not synched – Outlook 2003p p y• After full synchronization – 52% reduction of MAPI traffic
Steelhead MobileReal World Performance
• New OST file (e g OST file corruption)New OST file (e.g. OST file corruption)• Mailbox – 1.14 GB
f f M• Time for full caching over 15Mb DSL, 50ms latency 29 minutes 5Mb/s
• 72% bandwidth reduction 1031 MB (LAN)/292 MB (WAN)
Steelhead MobileReal World Performance
Technical ConsiderationsTechnical Considerations
• Windows and Mac supportWindows and Mac support• Careful with Out of path support depending
where ser er side SH iswhere server side SH is• Datastore size – larger data store translates to
AMmore RAM• Processor considerations• Images did not have sysprep or ghostwalker –
new SID needed
CascadeCascade
• End to End layer 4 - 7 visibility and performance End to End layer 4 7 visibility and performance monitoring– Which applications at which sites still require acceleration?– What performance level is each of your users experiencing
now?A l h h h & l h h – Are critical metrics such as throughput & latency where the business needs them to be?
– Are specific applications or users slowing down your Are specific applications or users slowing down your network?
– Tunneled applications
Cascade = Visibility
Manage Application P f
Monitor application delivery on the network
PerformanceMinimize impact of service outagesResolve issues proactively
Streamline WAN Optimization
Plan for WAN optimization, quickly identify best candidate sites for optimizationA i t f WAN ti i ti p Assess impact of WAN optimization deployment and quantify benefits
Ensure Successful Consolidation
Reduce costs and risks of IT consolidationAccelerate application discovery and dependency mappingdependency mapping
Cascade: a different way to look at your networklook at your network
Behavioral AnalyticsLearns typical network and application behavior patterns and alerts you to meaningful changes
A cost-effective way to monitor your applications
Drill down to network performance metrics per application, host,
Network Drill-Down user, and much more
Business-centric view of your infrastructure, with extended troubleshooting capabilities
End-to-EndDependency
Mapping
Identifies application, server and client dependencies without agents
Helps you understand the impact of change on application delivery
Riverbed Steelhead Fluency
Analyze application performance across optimized and non-optimized sitesFluencyUnified, plug-and-play WAN optimization reporting
Cascade Deployment TopologyCascade Deployment Topology
Cascade AnalyticsCascade Analytics
• End-user experience metrics feed into the Cascade behavioral model• Normal behavior is automatically learned – no configuration is
necessaryIf i l f l diti i t i d• If users experience slow performance, alarm condition is triggered
Use Cascade to drill down & discover problem sourcesExample: problem related
to high WAN utilization
L t’ fi d th li tiLet’s find the application
Let’s find the server
Which user is responsible?
Let s find the server
Which user is responsible?
We found it’s John Smith
The Cascade product lineNOC CascadeThe Cascade product lineData Center
Web Tier
CascadeSensor
NOC CascadeProfiler &Gateway
Web Tier
App Tier
CascadeS VE DB Tier
DNSAD NTP
Sensor -VE
Profiler• Centralized
reporting & analysis• Behavioral analytics Gateway
Sensor• Layer 7 application
classification• End-user experienceSensor-VE
• Collects data from sensors & gateways
• Sized based on flow per minute capacity
• Collects flow data from selected sources
• Supports all flow types• Deploy w/profiler or regionally
• Performance metrics• Collects traffic from
SPAN ports or taps• Deployed in data center
• End-user experience• Performance metrics• Loads as RSP package• Deployed in branch
Cascade competitive overviewCascade competitive overviewCascad
eBlue Coat
NetQoS(Cisco)
Ipanema NetScout
OPNET Generic NetFlow
Automated analytics based on u o a ed a a y cs based olearned normal behaviorClick and pivot, drill-down interface for all metricsDynamic, end to end, client-server dependency mapsEnd-user experience metrics and monitoringmonitoringLayer-7 application fingerprinting
Security & Compliance
P k t t d l iPacket capture and analysis
NetFlow reporting, all sources
Single vendor, tightly integrated solution with automatic configurationsolution with automatic configuration
Cascade – Use CaseCascade Use Case
• MTTTR – reduction in mean time to trouble resolution
• Network warning• Replay• Massive retention of traffic analytics
With C d • With Cascade – Identified 2 network misconfigurations
• application availability reporting and alertingpp y p g g• new host alerts + automated vulnerability scans
– Server consolidation reporting.
Q/AQ/ATHANK YOU