• Home

  • Technology

  • Tech Talk: Want to get in on the Secret? How fast is your Directory?
30
World ® ’1 6 Tech Talk: Want to Get in on the Secret? How Fast is Your Directory? Greg Vickery – Principal Services Consultant – CA Technologies SCT45T SECURITY

Tech Talk: Want to get in on the Secret? How fast is your Directory?

Embed Size (px)

Citation preview

Page 1: Tech Talk: Want to get in on the Secret? How fast is your Directory?

World®’16

TechTalk:WanttoGetinontheSecret?HowFastisYourDirectory?GregVickery– PrincipalServicesConsultant– CATechnologies

SCT45T

SECURITY

Page 2: Tech Talk: Want to get in on the Secret? How fast is your Directory?

2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.

Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.

ForInformationalPurposesOnlyTermsofthisPresentation

Page 3: Tech Talk: Want to get in on the Secret? How fast is your Directory?

3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Abstract

CADirectoryhasconsistentlyoutperformedleadingdirectoryserviceswhentestedagainstotherthird-partyproducts.Howfastisyourdirectory?Whysettleforgoodperformancewhenyoucanhavegreatperformance.Comebyandlearnmore.

GregVickery

CATechnologiesPrincipalServicesConsultant

Page 4: Tech Talk: Want to get in on the Secret? How fast is your Directory?

4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Agenda

WHATISPERFORMANCE?

WHYISPERFORMANCEIMPORTANT?

OPERATIONSMADEEASIER

MORETHANJUSTSEARCH

REPLICATIONPERFORMANCENOTJUSTUPDATEPERFORMANCE

OPTIMIZETHECONFIGURATION

1

2

3

4

5

6

Page 5: Tech Talk: Want to get in on the Secret? How fast is your Directory?

5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

DirectoryReview

§ Applicationcommunicatingwithadatastore– Viaprotocol- LDAP

§ Performance:– Howquicklyisdataavailable– Howquicklyisdatareplicated

LevelSettheConversation

LDAP

ApplicationLayer

Page 6: Tech Talk: Want to get in on the Secret? How fast is your Directory?

6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

WhyIsPerformanceImportant?

Page 7: Tech Talk: Want to get in on the Secret? How fast is your Directory?

7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryPerformance

§ SupportIncreasedOnlinePresence

§ DirectoryPerformancetranslatesintoUserExperience

§ AnApplicationTransactionmaybeseveralDirectoryrequests

– CASSOTransactionoftenincludes3+Searches,aBindandanUpdateforeveryauthentication

– Justafewextramillisecondsoneachcanadduptoslowresponsetimes

ConsiderApplicationBehavior

Page 8: Tech Talk: Want to get in on the Secret? How fast is your Directory?

8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryPerformance

§ BusinessUnitsoftenDriveDevTeams– Developersmaynothavetimetointegratetootherapplications– TightTimelinesoftenmeaninefficientApplications

CaseStudy:Asingleuserauthenticationcausesupto15requestsonthedirectory

§ NottheDevTeamsfault– DirectoryInfrastructuremustsupportthisFact.

PerformancetoOffsetApplicationInefficiencies

Page 9: Tech Talk: Want to get in on the Secret? How fast is your Directory?

9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Let’sTalkPerformance!

Page 10: Tech Talk: Want to get in on the Secret? How fast is your Directory?

10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryPerformance

§ Performance– Rawthrough-put- FastSearch/AuthN/Updates/Replication

§ Smallfootprint– Verylargeenvironmentsw/fewerservers– Lesstomanageandmonitor

§ OperationalAdvantages(easytomanage)– NoTuningRequired(nomaintenance)– Veryfastbackupandrestore

Expandthe‘Performance’Discussion

Page 11: Tech Talk: Want to get in on the Secret? How fast is your Directory?

11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryPerformanceCustomerTesting(WithOnly4DirectoryServers)

61,795Operations/Second

147,432Operations/Second

2,125Operations/Second

Performance(Alltestsforaperiodof30minutes– overSSL)

UserSearchandAuthentication

(bind)UserSearches Modify(~17ms

replicationtoall)

Page 12: Tech Talk: Want to get in on the Secret? How fast is your Directory?

12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

AMemoryMappingApproachIsMuchFasterThanItsDatabase-DrivenCounterparts

LDAPCache+Database Memory-Mapping

Results§ 10,000reads/sec§ 10,000writes/sec

Results*§ 1000reads/sec§ 100writes/sec

LDAP Database

Cache

CADirectory Disk

DiskI/O

MemoryFile

MemoryMapI/O

vs

*Resultsbasedoninternaltesting

Page 13: Tech Talk: Want to get in on the Secret? How fast is your Directory?

13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

ImportanceofFastReplication

Page 14: Tech Talk: Want to get in on the Secret? How fast is your Directory?

14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryReplication– DirectoryServertoDirectoryServer

Page 15: Tech Talk: Want to get in on the Secret? How fast is your Directory?

15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

DataCenterBDataCenterA

CADirectoryHasAdvancedReplicationFeaturesThatEnsureDataIsinSynchAcrossServers

AdvancedReplication

Details

§ Truemulti-masterreplication§ AnyServercanacceptanupdaterequest

§ Flexiblereplicationstrategy§ Synchronousorasynchronousreplication§ Alldatareplicatedbeforeclientupdateis

confirmed§ Canmixandmatchsynchronousand

asynchronousservers(synchronouswithinthedatacenterandasynchronoustootherdatacenters)

§ SynchronousMulti-writereplication§ AllDSAsareupdatedatthesametime§ WriteThrough(Sync)vs.WriteBehind

(Async/changelogs)

Server#1

Server#2

Server#3

Server#4

LDAPClient

Synchronous

Asynchronous

LDAP

Page 16: Tech Talk: Want to get in on the Secret? How fast is your Directory?

16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FactorsofPerformance

§ DataPartitioning(InternaltoCADirectory)

– Applicationsviewasone‘OU’

– IncreasesUpdate/ReplicationPerformance§ MoreCPUsinvolvedmeansmorespeed!§ 3Partitionscanincreasewriteperformanceby~3times§ RealCustomerrunningnearly10,000replicatedupdates/second

ConfigurationandEnvironment

Page 17: Tech Talk: Want to get in on the Secret? How fast is your Directory?

17 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CADirectoryPerformanceMoreRecentCustomerTesting(8Servers)

9,700+Updates/Second

PerformanceUpdateNumbers– WithPartitioning

ReplicatedModification

• PartitionedData

• AllDirectoryServersupdatedin~15ms

Page 18: Tech Talk: Want to get in on the Secret? How fast is your Directory?

18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Replication

§ HighReplicationPerformanceAllows

– AccurateLoadSharing

– Fail-overwithconfidence

– Noconfusiononwhichisthe‘Gold’copyincaseofanoutage

ApplicationsUpdatetheDirectoryMoreThanEver

Page 19: Tech Talk: Want to get in on the Secret? How fast is your Directory?

19 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PerformanceTuningandOperations

Page 20: Tech Talk: Want to get in on the Secret? How fast is your Directory?

20 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FactorsofPerformance

§ HardwareFactors

§ CPU– ThefastertheClockSpeed,thefastertheDirectoryServer

§ RAM– CADirectoryrequiresappropriateRAM§ DataandIndexesexistentirelyinmemory§ CADirectorycanleverageadditionalhardwareforbetterperformance§ MoreCPUsormorePhysicalServersallowDataPartitioning

ConfigurationandEnvironment

Page 21: Tech Talk: Want to get in on the Secret? How fast is your Directory?

21 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FactorsofPerformance

§ Physicalvs.Virtual

– Wehaveseeninconsistentperformanceonvirtualservers§ RollerCoasterperformanceprofile

– Remember- TheDirectoryistheDataLayer§ Importantpieceoftheinfrastructure

– DirectoryServersmustworktogetherduringreplication§ OneslowDirectoryServerhasanimpactonothers

ConfigurationandEnvironment

Page 22: Tech Talk: Want to get in on the Secret? How fast is your Directory?

22 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FactorsofPerformance

§ BuiltinLoad-SharingCapability

§ OptimizeIndexesforUpdatePerformance

§ Optimizethe‘TransactionLog’– Protectionintheeventofahardshutdown– Writtentodiskforauto-recovery– CanmakeDirectoryServerI/Obound– SANfortheTLgivesbothperformanceandreliability!

ConfigurationandEnvironment

Page 23: Tech Talk: Want to get in on the Secret? How fast is your Directory?

23 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

OperationsMadeEasy

§ On-linebackups– On-linebackupsaretakeninjustsecondsw/ointerruptionofservice– Fast,Fast– noneedforincremental(fullsnapshot)– OnDemandorScheduled– daily,hourly,wheneverneeded– Producesa‘zdb’filewhichisportableforrestoringotherDSAs

§ Justmovethezdb filetotheotherserverandrenameto‘<DSAname>.db’andstartthedirectory

§ DataFile(.db)requiresnomaintenance– Neverneedto‘tune’thedb.

VeryLowMaintenance

Page 24: Tech Talk: Want to get in on the Secret? How fast is your Directory?

24 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

QuickRecap

§ SearchPerformanceisImportant§ Update/Replicationismoreimportant§ OptimizeConfigurationtomeettheHighestRequirements§ CADirectorycantakeadvantageofavailableHW§ Operationsmadeeasier(lessmovingparts)

– Increaseupdate(andremove)performance– Managememoryrequirement

§ TransactionLog– Protectionintheeventofahardshutdown– Writtentodiskforauto-recovery– CanmakeDirectoryServerI/Obound– SANfortheTLgivesbothperformanceandreliability!

PerformanceisMeasuredinManyWays

Page 25: Tech Talk: Want to get in on the Secret? How fast is your Directory?

25 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

RecommendedSessions

SESSION# TITLE DATE/TIME

SCX12E FiveEasyStepsforMigratingtoCADirectory 11/15/2016at3:30pm

SCX305 BestPracticesforUpgradingSSO 11/15/2016at9:00am

SCT44T WAM&Federation(TechTalk) 11/17/2016at4:30pm

Page 26: Tech Talk: Want to get in on the Secret? How fast is your Directory?

26 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Don’tMissOurINTERACTIVESecurityDemoExperience!

SNEAKPEEK!

26 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Page 27: Tech Talk: Want to get in on the Secret? How fast is your Directory?

27 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Wewanttohearfromyou!

§ ITCentralisaleadingtechnologyreviewsite.CAhasthemtohelpgenerateproductreviewsforourSecurityproducts.

§ ITCSstaffwillbeatmostsessions.Ifyouwouldliketoofferaproductreview,pleaseaskthemaftertheclass,orgobytheirbooth.

Note:§ Onlytakes5-7mins§ Youhavetotalcontroloverthereview§ Itcanbeanonymous,ifrequired

Page 28: Tech Talk: Want to get in on the Secret? How fast is your Directory?

28 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Questions?

Page 29: Tech Talk: Want to get in on the Secret? How fast is your Directory?

29 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Stayconnectedatcommunities.ca.com

Thankyou.

Page 30: Tech Talk: Want to get in on the Secret? How fast is your Directory?

30 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Security

FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw


TOP SECRET Parenting Talk The Vine (s).pdf · 1 Volume 8/2016 For internal circulation only A branch of the….. Jurong Christian Church Top Secret by Alicia Wong *Parenting Talk

TOP SECRET Parenting Talk The Vine (s).pdf · 1 Volume 8/2016 For internal circulation only A branch of the….. Jurong Christian Church Top Secret by Alicia Wong *Parenting Talk

Documents
Week 7 - Friday. What did we talk about last time? OS security Directory-based systems Access control lists

Week 7 - Friday. What did we talk about last time? OS security Directory-based systems Access control lists

Documents
HOTELIERS TALK · 2016. 11. 10. · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory CLAD TAILORS Company Name CLAD TAILORS Address # 17/2, New - 43, Noor Veerasamy

HOTELIERS TALK · 2016. 11. 10. · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory CLAD TAILORS Company Name CLAD TAILORS Address # 17/2, New - 43, Noor Veerasamy

Documents
HOTELIERS TALK › images › 85_HT Paper May 2019.pdf · 2019-05-03 · 2 HOTELIERS TALK HHotel Products & Service Providers - Directoryotel Products & Service Providers - Directory

HOTELIERS TALK › images › 85_HT Paper May 2019.pdf · 2019-05-03 · 2 HOTELIERS TALK HHotel Products & Service Providers - Directoryotel Products & Service Providers - Directory

Documents
Secret Hard Money Lender Directory - LET'S DO DEALSletsdodeals.net/VREIA/HardMoney/Nebraska_to_Ohio.pdfThe Secret Hard Money Directory Page 2 ... If anyone needs a list of hard money

Secret Hard Money Lender Directory - LET'S DO DEALSletsdodeals.net/VREIA/HardMoney/Nebraska_to_Ohio.pdfThe Secret Hard Money Directory Page 2 ... If anyone needs a list of hard money

Documents
HOTELIERS TALK Paper Apr 2019.pdf · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory APRIL - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445 55565 ARUN TAILORS

HOTELIERS TALK Paper Apr 2019.pdf · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory APRIL - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445 55565 ARUN TAILORS

Documents
KIND ATTENTION HOTELIERS TALK Paper - July 2019.pdf2 HOTELIERS TALK Hotel Products & Service Providers - Directory JULY - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445 55565

KIND ATTENTION HOTELIERS TALK Paper - July 2019.pdf2 HOTELIERS TALK Hotel Products & Service Providers - Directory JULY - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445 55565

Documents
OPPORTUNITY Franchise HOTELIERS TALK pdf-min.pdf · Email: ediamal@yahoo.com ... MBA/sathesh_css@rediffmail.com/9600480223 ... Hotel Products & Service Providers - Directory CLAD

OPPORTUNITY Franchise HOTELIERS TALK pdf-min.pdf · Email: [email protected] ... MBA/[email protected]/9600480223 ... Hotel Products & Service Providers - Directory CLAD

Documents
ExpertBook -- The Talk Show Guest Directory, April 2013

ExpertBook -- The Talk Show Guest Directory, April 2013

Documents
LinkedInsanity: How to Leverage the Power of Social Media's Best-Kept Secret by Rejecting the Crazy Talk

LinkedInsanity: How to Leverage the Power of Social Media's Best-Kept Secret by Rejecting the Crazy Talk

Technology
HOTELIERS TALK OPPORTUNITY Franchise · HOTELIERS TALK 2 December - 2014 Hotel Products & Service Providers - Directory Company Name CP FASHION Address # 15/90, Razack garden,

HOTELIERS TALK OPPORTUNITY Franchise · HOTELIERS TALK 2 December - 2014 Hotel Products & Service Providers - Directory Company Name CP FASHION Address # 15/90, Razack garden,

Documents
United States Secret Service THE UNITED STATES UNITED STATES SECRET SERVICE SECRET SERVICE THE UNITED STATES UNITED STATES SECRET SERVICE SECRET SERVICE

United States Secret Service THE UNITED STATES UNITED STATES SECRET SERVICE SECRET SERVICE THE UNITED STATES UNITED STATES SECRET SERVICE SECRET SERVICE

Documents
HOTELIERS TALK Paper - Feb 2019.pdf · 2019-02-04 · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory FEBRUARY - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445

HOTELIERS TALK Paper - Feb 2019.pdf · 2019-02-04 · 2 HOTELIERS TALK Hotel Products & Service Providers - Directory FEBRUARY - 2019 20180530 C.ARUNACHALAM Cell: 94440 10390 94445

Documents
CHURCH DIRECTORY · Chicago, Illinois 60628 - 1120 Telephone (773) ... “Tell me the secret of ... “Dealing With My Horns and My Halo:

CHURCH DIRECTORY · Chicago, Illinois 60628 - 1120 Telephone (773) ... “Tell me the secret of ... “Dealing With My Horns and My Halo:

Documents
7 Secret Cures for Anxiety, Depression, And Stress: No Drugs, No Talk!

7 Secret Cures for Anxiety, Depression, And Stress: No Drugs, No Talk!

Documents
Steve Blank's "Secret History of Silicon Valley" talk at Computer History Museum 11-20-08

Steve Blank's "Secret History of Silicon Valley" talk at Computer History Museum 11-20-08

Technology
IBM Security Secret Serverpublic.dhe.ibm.com/software/security/products/isss/10.8.0/isss_adm… · KB Kilobyte or Knowledge Base LDAP Lightweight Directory Access Protocol NAT Network

IBM Security Secret Serverpublic.dhe.ibm.com/software/security/products/isss/10.8.0/isss_adm… · KB Kilobyte or Knowledge Base LDAP Lightweight Directory Access Protocol NAT Network

Documents
Secret talk between adipose tissue and central nervous ... talk between adipose tissue and central nervous system ... energy metabolism as well as in immune ... homeostasis through

Secret talk between adipose tissue and central nervous ... talk between adipose tissue and central nervous system ... energy metabolism as well as in immune ... homeostasis through

Documents
Top Secret-Fat Loss Secret

Top Secret-Fat Loss Secret

Documents
Secret Behind Talk

Secret Behind Talk

Marketing
He wants every child to stay safe and strong just like him! · Remember, a secret that worries you is a bad secret, so always talk about secrets that upset you. Find the correct word

He wants every child to stay safe and strong just like him! · Remember, a secret that worries you is a bad secret, so always talk about secrets that upset you. Find the correct word

Documents
talk, talk ,talk

talk, talk ,talk

Documents
Secret Laws Secret Preview

Secret Laws Secret Preview

Documents
Changing the setup of a Factory Talk Directory - SESAM …sesam-world.com/_pdf/sesam-106/09-EFLA-Part-1.pdf · The design – one FT Directory Existing nine directory's changes to

Changing the setup of a Factory Talk Directory - SESAM …sesam-world.com/_pdf/sesam-106/09-EFLA-Part-1.pdf · The design – one FT Directory Existing nine directory's changes to

Documents
The Secret of Flow - My AgileIL11 Talk

The Secret of Flow - My AgileIL11 Talk

Technology
Secret talk with WebRTC and WebAudio

Secret talk with WebRTC and WebAudio

Internet
A message from Talk for Writing · A message from Talk for Writing PLEASE DONATE! ... normal or boring secret and it was a secret that lived just between them (and you, in a moment,

A message from Talk for Writing · A message from Talk for Writing PLEASE DONATE! ... normal or boring secret and it was a secret that lived just between them (and you, in a moment,

Documents
Talk English: The Secret To Speak English Like A Native In

Talk English: The Secret To Speak English Like A Native In

Documents
Package ‘secret’ · •Secrets: – Adding a secret: add_secret(). – Retrieving a secret: get_secret(). – Updating a secret: update_secret(). – Deleting a secret: delete_secret()

Package ‘secret’ · •Secrets: – Adding a secret: add_secret(). – Retrieving a secret: get_secret(). – Updating a secret: update_secret(). – Deleting a secret: delete_secret()

Documents
Secret serVlce THE TOP Secret serVlce THE TOP Secret serV1c WAS Secret serV1ce Secret ...info.melissaanddoug.com/documents/Product Information... · 2016. 11. 11. · THE TOP Secret

Secret serVlce THE TOP Secret serVlce THE TOP Secret serV1c WAS Secret serV1ce Secret ...info.melissaanddoug.com/documents/Product Information... · 2016. 11. 11. · THE TOP Secret

Documents