34
NetScaler 10

Daniel künzli net scaler 10

Embed Size (px)

Citation preview

NetScaler 10

Cloud Infrastructure

Enterprise Datacenter

Cloud Scale

Security &

Visibility Availability &

Performance

Citrix NetScaler

Winner!

Management Flexibility (Systems Center)

Infinite Flexibility

Secure Reverse Proxy

NetScaler

IAAS

VIP

SAAS gateway

S1

S2

S3 NetScaler

CG CB

FTP

SQL

HTTP HTTPS

DNS TCP UDP

AD

Es

PwO

A1

A2

A3

NetScaler

Optimization

SSL Offload

TCP Offload

TCP Buffering

Surge Protection

Compression

Caching

Web 2.0 Push

Security

Application Firewall

L4-7 ACL

DoS Protections

Rewrite + Responder

SSL VPN

AAA for App Traffic

Cloud Gateway

Switching

L7 Request Switching (Load Balance)

Advanced Health Check

Content Switching

GSLB

VLAN, SR-IOV, PBR

Dynamic Routing

AppExpert Callout

NetScaler CloudBridge

NetScaler DataStream

Management

CLI/GUI/API/SNMP

AppFlow & Syslog

Command Center

NSWL

EdgeSight for NetScaler

AppExpert

Platforms VPX

5500, 7500-9500, 10500-15500, 9700-15500 FIPS, 11500-20500, 17500-21500, 17550-21550

MPX

SDX

Pay-As-You-Grow

Editions

XenServer

Express, Developer’s

VMWare 10, 200, 1G, 3G

Hyper V

11500-20500, 17500-21500, 17550-21550

Standard, Enterprise and Platinum

NetScaler DataStream

Virtual Run Anywhere

Platform Physical Price-Performance

Multi-Tenant Multi-Service

NetScaler Platforms

16 Gbps

8 Gbps

4 Gbps

2Gbps

Ne

tSca

ler

Pe

rfo

rman

ce

NetScaler Pay-As-You-Grow

1Gbps VPX 10Mbps –

3Gbps

MPX/SDX

11500-20500 8Gbps – 42Gbps

45k – 220k SSL TPS

NEBS

Available

MPX FIPS

9700-15500 1Gbps – 5Gbps

Paygro

w All platforms can

be license

upgraded across

their supported

ranges.

MPX/SDX

ROME

8200-8600 2Gbps – 6Gbps

MPX

THEBES 5550-5650

500Mbps –

1Gbps

MPX

7500-9500 1Gbps-3Gbps

MPX 5500

MPX/SDX

17550-21550 20Gbps – 50Gbps

Up to 400K SSL TPS

License Upgrade

1 2 3 10s 100s No. of Web Applications

Scale Up

Scale Out

Scale In

Citrix TriScale Technology Scale up, Scale in and Scale out

Consolidation with SDX

Elasticity with Pay-As-You-Grow

Expandability with Clustering

Why SDX?

Applications Have Individual Lifecycles

Maintenance windows

Infrastructure change frequency

Application change frequency

Desire for new ADC functionality

LB

Pair per Application/Tenant

NetScaler SDX

10

NetScaler Hardware

Se

rvic

e V

M

NetS

ca

ler

VP

X

Ne

tSca

ler

VP

X

Xe

nS

erv

er

NetS

ca

ler

VP

X

•CPU, memory, IO virtualization

○ XenServer + Intel + SR-IOV NICs

• Independent instances, versions

○ Direct hardware access

•Service VM

○ Single point for management

•HW-level SSL isolation

•HA across devices

Hardware Virtualization

•VT-x – Intel x86 CPU virtualization

○ Each instance assigned dedicated CPU, memory, SSL

•VT-d – Intel virtualization for directed I/O

○ Direct access to NIC & HD/SSD

•SR-IOV – single-root I/O virtualization

○ PCI-SIG standard for native PCI-E device sharing

NetS

cale

r V

PX

Virtualization layer

SDX: Multi-tenant NetScaler Appliance

0/1 0/2 1/1 1/7 1/2 1/3 1/4 1/5 1/6 1/8 10/1 10/2 10/3 10/4

ServiceVM

NetS

ca

ler

2

NetS

cale

r 3

vSwitch

NetS

ca

ler

1

Instances are separate VMs

Data plane uses SR-IOV

Separate management networks

Integrated Control via SDX Management Service

Next-Gen SDX

FW

ADC

DLP

ADC

ADC

ADC

FW

ADC

DLP

Multiple Moving Parts Multi-service Consolidated Delivery

BranchRepeater

Prescriptive deployment with AppFormations

FW

LB IPS

AV

EIP

LB

WAN

VPN

FW

IPS WAN

LB

FW LB

WI

Manage from a single touch point

FW

LB IPS

AV

EIP

LB

WAN

VPN

FW

IPS WAN

LB

FW LB

WI

AV

FW FW

FW

LB LB IPS

LB LB

WAN FW

FW LB

IPS

WI

LB

VPN

LB

WAN

EIP

Next gen NetScaler SDX

• Open, programmable platform

• Prescriptive, app-driven network configuration

• Unified application control layer

Microsoft Workloads

Web/App Tier Data Tier

Maximum Application

Performance

Server Offload Savings

Complete Application

Security

• Load balancing

• Health monitoring

• Caching

• Compression

• Connection, SSL Offload

• Connection pooling

• SSL VPN

• Web App Firewall

High Application Availability

Microsoft SQL Server

Internet

Web/App Tier

NetScaler DataStreamTM in Database Tier

High Availability Scalability

App Security High Performance

HTTP ADC TCP Load

Balancer

HTTP Native SQL

Simple HA Simple LB

Microsoft SQL Server

DB Tier

TCP

Conn Multiplexing Content Switching High Availability

NetScaler

ADC

Improved Availability

Optimal Scale-Out

Connection Scale-Up

NetScaler DataStreamTM TDS Protocol aware

No HA No LB Custom Monitors

Custom Scripts

Scale Up Scale Out High-Availability/

Visibility

NetScaler DataStreamTM Benefits

• SQL Multiplexing Scale TCP connections

Host more DBs on Server

Reduce # of SQL Licenses

• SQL Conn. Offload Spare memory/cpu

Faster Query execution

• Native SQL LB Request Switching

Fast App response

• SQL aware policies Read/Write Split

Partitioning/Sharding

Granular Control

• Top Down Visibility Appflow based

Actionable Reporting down

to query level

• Intelligent Monitoring

and Failover Replication state aware

Virtual IP based

More Efficient HA

NetScaler provides ScaleUp like performance for ScaleOut like economics

• SQL Caching Free up Server Resources

Better End User Response Times

A

Z

D

Y

Load Balancer

B C

E F

A,B,C….Y,Z -> SQL Queries DB Tier

Microsoft SQL Server

Scale-Up Master DB Active/Passive

Scale-Out Read-Only DB

TCP Load Balancer

L7 Based load balancing mechanism

Z

D E F

Y

NetScaler

A,B,C….Y,Z -> SQL Queries

SQL Connection Multiplexing/Content Switching

DB Tier

Microsoft SQL Server

Scale-Up Master DB Active/Passive

Scale-Out Read-Only DB

A C B

Visibility and Security for SQL – What’s happening on the backend??

26

• Visibility at a L7 Query level

• Ability to identify potential ‘open’ back doors and other security threats

• Responder for taking action and providing additional security

• Identify applications that may not be ‘behaving’ as they should

• Actionable reports thru Auditlog and Appflow

DB Read/Write Split + HA with NetScaler

App Servers

Web Servers

Passive Active

Master Database HA Setup

Read Only Slave Databases

• Netscaler deployed in multi-tier fashion

• Web/App Tier contacts DB via CS Vserver

• Read/Write split with failover

• Intelligent monitors to detect Primary DB for MS SQL Mirror

• Disable Primary Vserver on Down to accommodate replication

• Increased scale and reliability

• Increased visibility at SQL query level

Action Analytics

Automation

Automation and Microsoft

• Native support for NetScaler

Management Interface

• Powershell integration

• Designed for automation

Citrix NetScaler/SCVMM 2012 Integration

• Framework based on Representational State Transfer (REST)

• Simple, lightweight API

• Handles bulk as well as single operations

• Secure encrypted communication

• Built in support for authentication

Integrating into the Cloud: NITRO API

32

NITRO

API

Interfaces Client Toolkits Policy Statistics

SOAP RESTful Scripting

Perl/PHP/Python/ PowerShell

OOP Java/C#/ASP/

.NET based

Reverse Call-Out

JSON/XML Bulk

Reporting Granular Reporting

Work better. Live better.