Upload
digicomp-academy-ag
View
873
Download
0
Tags:
Embed Size (px)
Citation preview
Cloud Infrastructure
Enterprise Datacenter
Cloud Scale
Security &
Visibility Availability &
Performance
Citrix NetScaler
Winner!
Management Flexibility (Systems Center)
Infinite Flexibility
Secure Reverse Proxy
NetScaler
IAAS
VIP
SAAS gateway
S1
S2
S3 NetScaler
CG CB
FTP
SQL
HTTP HTTPS
DNS TCP UDP
AD
Es
PwO
A1
A2
A3
NetScaler
Optimization
SSL Offload
TCP Offload
TCP Buffering
Surge Protection
Compression
Caching
Web 2.0 Push
Security
Application Firewall
L4-7 ACL
DoS Protections
Rewrite + Responder
SSL VPN
AAA for App Traffic
Cloud Gateway
Switching
L7 Request Switching (Load Balance)
Advanced Health Check
Content Switching
GSLB
VLAN, SR-IOV, PBR
Dynamic Routing
AppExpert Callout
NetScaler CloudBridge
NetScaler DataStream
Management
CLI/GUI/API/SNMP
AppFlow & Syslog
Command Center
NSWL
EdgeSight for NetScaler
AppExpert
Platforms VPX
5500, 7500-9500, 10500-15500, 9700-15500 FIPS, 11500-20500, 17500-21500, 17550-21550
MPX
SDX
Pay-As-You-Grow
Editions
XenServer
Express, Developer’s
VMWare 10, 200, 1G, 3G
Hyper V
11500-20500, 17500-21500, 17550-21550
Standard, Enterprise and Platinum
NetScaler DataStream
Virtual Run Anywhere
Platform Physical Price-Performance
Multi-Tenant Multi-Service
NetScaler Platforms
16 Gbps
8 Gbps
4 Gbps
2Gbps
Ne
tSca
ler
Pe
rfo
rman
ce
NetScaler Pay-As-You-Grow
1Gbps VPX 10Mbps –
3Gbps
MPX/SDX
11500-20500 8Gbps – 42Gbps
45k – 220k SSL TPS
NEBS
Available
MPX FIPS
9700-15500 1Gbps – 5Gbps
Paygro
w All platforms can
be license
upgraded across
their supported
ranges.
MPX/SDX
ROME
8200-8600 2Gbps – 6Gbps
MPX
THEBES 5550-5650
500Mbps –
1Gbps
MPX
7500-9500 1Gbps-3Gbps
MPX 5500
MPX/SDX
17550-21550 20Gbps – 50Gbps
Up to 400K SSL TPS
License Upgrade
1 2 3 10s 100s No. of Web Applications
Scale Up
Scale Out
Scale In
Citrix TriScale Technology Scale up, Scale in and Scale out
Consolidation with SDX
Elasticity with Pay-As-You-Grow
Expandability with Clustering
Applications Have Individual Lifecycles
Maintenance windows
Infrastructure change frequency
Application change frequency
Desire for new ADC functionality
NetScaler SDX
10
NetScaler Hardware
Se
rvic
e V
M
NetS
ca
ler
VP
X
Ne
tSca
ler
VP
X
Xe
nS
erv
er
NetS
ca
ler
VP
X
•CPU, memory, IO virtualization
○ XenServer + Intel + SR-IOV NICs
• Independent instances, versions
○ Direct hardware access
•Service VM
○ Single point for management
•HW-level SSL isolation
•HA across devices
Hardware Virtualization
•VT-x – Intel x86 CPU virtualization
○ Each instance assigned dedicated CPU, memory, SSL
•VT-d – Intel virtualization for directed I/O
○ Direct access to NIC & HD/SSD
•SR-IOV – single-root I/O virtualization
○ PCI-SIG standard for native PCI-E device sharing
NetS
cale
r V
PX
Virtualization layer
SDX: Multi-tenant NetScaler Appliance
0/1 0/2 1/1 1/7 1/2 1/3 1/4 1/5 1/6 1/8 10/1 10/2 10/3 10/4
ServiceVM
NetS
ca
ler
2
NetS
cale
r 3
vSwitch
NetS
ca
ler
1
Instances are separate VMs
Data plane uses SR-IOV
Separate management networks
Manage from a single touch point
FW
LB IPS
AV
EIP
LB
WAN
VPN
FW
IPS WAN
LB
FW LB
WI
AV
FW FW
FW
LB LB IPS
LB LB
WAN FW
FW LB
IPS
WI
LB
VPN
LB
WAN
EIP
Next gen NetScaler SDX
• Open, programmable platform
• Prescriptive, app-driven network configuration
• Unified application control layer
Web/App Tier Data Tier
Maximum Application
Performance
Server Offload Savings
Complete Application
Security
• Load balancing
• Health monitoring
• Caching
• Compression
• Connection, SSL Offload
• Connection pooling
• SSL VPN
• Web App Firewall
High Application Availability
Microsoft SQL Server
Internet
Web/App Tier
NetScaler DataStreamTM in Database Tier
High Availability Scalability
App Security High Performance
HTTP ADC TCP Load
Balancer
HTTP Native SQL
Simple HA Simple LB
Microsoft SQL Server
DB Tier
TCP
Conn Multiplexing Content Switching High Availability
NetScaler
ADC
Improved Availability
Optimal Scale-Out
Connection Scale-Up
NetScaler DataStreamTM TDS Protocol aware
No HA No LB Custom Monitors
Custom Scripts
Scale Up Scale Out High-Availability/
Visibility
NetScaler DataStreamTM Benefits
• SQL Multiplexing Scale TCP connections
Host more DBs on Server
Reduce # of SQL Licenses
• SQL Conn. Offload Spare memory/cpu
Faster Query execution
• Native SQL LB Request Switching
Fast App response
• SQL aware policies Read/Write Split
Partitioning/Sharding
Granular Control
• Top Down Visibility Appflow based
Actionable Reporting down
to query level
• Intelligent Monitoring
and Failover Replication state aware
Virtual IP based
More Efficient HA
NetScaler provides ScaleUp like performance for ScaleOut like economics
• SQL Caching Free up Server Resources
Better End User Response Times
A
Z
D
Y
Load Balancer
B C
E F
A,B,C….Y,Z -> SQL Queries DB Tier
Microsoft SQL Server
Scale-Up Master DB Active/Passive
Scale-Out Read-Only DB
TCP Load Balancer
L7 Based load balancing mechanism
Z
D E F
Y
NetScaler
A,B,C….Y,Z -> SQL Queries
SQL Connection Multiplexing/Content Switching
DB Tier
Microsoft SQL Server
Scale-Up Master DB Active/Passive
Scale-Out Read-Only DB
A C B
Visibility and Security for SQL – What’s happening on the backend??
26
• Visibility at a L7 Query level
• Ability to identify potential ‘open’ back doors and other security threats
• Responder for taking action and providing additional security
• Identify applications that may not be ‘behaving’ as they should
• Actionable reports thru Auditlog and Appflow
DB Read/Write Split + HA with NetScaler
App Servers
Web Servers
Passive Active
Master Database HA Setup
Read Only Slave Databases
• Netscaler deployed in multi-tier fashion
• Web/App Tier contacts DB via CS Vserver
• Read/Write split with failover
• Intelligent monitors to detect Primary DB for MS SQL Mirror
• Disable Primary Vserver on Down to accommodate replication
• Increased scale and reliability
• Increased visibility at SQL query level
Automation and Microsoft
• Native support for NetScaler
Management Interface
• Powershell integration
• Designed for automation
• Framework based on Representational State Transfer (REST)
• Simple, lightweight API
• Handles bulk as well as single operations
• Secure encrypted communication
• Built in support for authentication
Integrating into the Cloud: NITRO API
32
NITRO
API
Interfaces Client Toolkits Policy Statistics
SOAP RESTful Scripting
Perl/PHP/Python/ PowerShell
OOP Java/C#/ASP/
.NET based
Reverse Call-Out
JSON/XML Bulk
Reporting Granular Reporting