Post on 19-Jan-2015
description
Presentation NameAuthor - Date
Radware Solutions for Virtualized Data Centers
April 25th, 2011
Slide 2
Agenda
• Introduction to Radware
• Application Delivery for VMware based Virtual Data Centers
• Summary
Facts About Us
Slide 3
Over 10,000 Customers
Global Technology Partners
Recognized Technology Leadership
• Founded 1997
• NASDAQ
• leader by Gartner
• 750 Employees
• Global Presence
• 10 000 Customers
Data Center Challenges: Availability
Slide 4
The average cost of network downtime for larger corporations is $42,000 per hour ($700 / minute)
Data Center Challenges: Performance
Slide 5
Bridging The Application – Network Gap
Slide 6
Enterprise Network
This results in:• Application downtime• Reduced productivity due to
performance issues• Security risks• Operational overhead• Higher costs
Applications &Business Processes
Employees & Users
Partners & Customers
Mobile Users
• Business applications and business processes are agile and user specific
• They are designed assuming server and bandwidth resources are available and optimal
Networks & servers are designed for capacity and connectivity
There is a gap between application design assumptions & network services
WEB 2.0SOA
Radware Solutions
• Multi-WAN Link Application Delivery • Application Security Solution • Application delivery solution
Slide 7
Data Center
DatabaseServers
Router
Router
Internet
Firewall
Oracle-PeopleSoft
AppDirectorDefensePro
AppWall
LinkProof
CRM
Web & Portal
Servers
ISP2
• Mission-critical applications (web-based ERP) are redirected via the high SLA & secure line• Non-critical applications (web browsing) are redirected via the non-SLA line• Easily & cost effectively add bandwidth while increasing site availability & performance• Ensure employee and end-user QoE• Limit or block non-business critical traffic (e.g. P2P, streaming, downloads)
Router
HTTP for Web browsing
HTTP for ERP / CRM
No SLA
High SLA
99.99%
Low cost DSL lines can be aggregated
for simple andcost-effective
businessscalability
Low cost DSL lines can be aggregated
for simple andcost-effective
businessscalability
ISP 3
LinkProof
Headquarter Local Network
ERP, CRM, email, Web servers
Slide 8
Router
Multi-WAN Link Application Delivery
Corporate users
ISP1
WikiLeaks Revenge Attacks
2010
IMDDOS2010
Hackers’ Change in Motivation
2001 2011
Vandalism and publicity “Hacktivism” Financially motivated
Blaster(Attacking Microsoft web site)
2003
Storm(Botnet)
2007
CodeRed(Defacing IIS web servers)
2001
Nimda(Installed Trojan)
2001 Slammer(Attacking SQL websites)
2003
Agobot(DoS Botnet)
2005
Republican website DoS
2004
Estonia’s Web Sites DoS
2007
Attack Risk
Time
Georgia Web Sites DoS
2008
Srizbi(Botnet)
2007Rustock(Botnet)
2007
Kracken(Botnet)
2008
July 2009 Mydoom.EA
Slide 9
Complete Network & Application Security Solution
Slide 10
Internet
Access Router
Web Servers
FirewallDefensePro
APSolute Vision
AppWall
• Network Attack Prevention solution protecting against:- Network DDoS- Application DDoS- Server Brute Force- Application vulnerability scanning- Server based intrusions
• WAF protects against:- Zero-day web attacks- Data leak such as CCN- Information theft- Web defacement- Web attacks such as CSRF,
XSS, Injections…
Assured network and application security solution for Data Centers
AppWall & DefensePro Correlation
Slide 11
AppWall blocked attacks
DefensePro blocked attacks
Application Delivery Controllers & VMware Agenda
• Application Delivery – Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary
Slide 12
Application Delivery Controller (ADC) Core Functionality
• Load Balancing– Application & Session Aware (Layer 4-7) – Global Server Load Balancing (Multi Site)
• Application Optimization/Acceleration– SSL Offloading & Acceleration– Compression– Caching– TCP connection multiplexing– Health Monitoring
• Additional Services– DoS protection– QoS/Bandwidth management
Slide 13
Graphical Representations of ADC Functionality
Slide 14
Load Balancing
Multiplexing
Offloading (SSL Example)
Compression
Radware ADC• Application Specific Health Checking
• Zero Downtime
Addressing Availability Concerns for VMware Environments
Slide 15
VMware HA•OS / Hardware health checks
•For environments that can tolerate brief interruptions of service
Radware ADC• Zero downtime even in case of application failure
• No need for Redundant VMs
VMware FT•Protects from physical failures
•No Downtime (OS)•2 Identical VMs
Radware ADC• Offload CPU intensive tasks from the virtual
resources: SSL offloading, Caching, Content compression, TCP multiplexing
Addressing Performance Concerns
Slide 16
VMware vSphere – Superior Performance
Radware ADC• On Demand Scalability – license based services and
throughput scalability, zero-downtime
• Cross data center on demand scalability
Addressing Scalability Concerns
Slide 17
VMware vSphere – Better Scalability • Virtual Machine Scalability
• Hot-add more resources to a VM• Easy provisioning of new VMs to support an
application
Specific Results with Radware ADC Products
Slide 18
Microsoft SharePoint Server 2007• Better Quality of Experience (QoE) for end users
• 300% improvement in page load time for remote (WAN) users• Reduce OPEX
• 65% reduction in bandwidth consumption• 40% reduction in CPU utilization• 30% increase in TPS per server
Oracle E-Business Suite (EBS) 12• Better Quality of Experience (QoE) for end users
• 43% improvement in page load time for remote (WAN) users• Reduce OPEX
• 60% reduction in bandwidth consumption thanks to compression• 80% request offload from servers thanks to caching
Application Delivery Controllers & VMware Agenda
• Application Delivery – Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary
Slide 19
Virtual Application Delivery Infrastructure – Evolution of ADCs
Slide 20
Radware VADITM
ADC
Server Virtualization
Servers
Bringing the Business Value of Server Virtualization to the Application Delivery space:
Cost savings, IT efficiency and Business Agility
Virtual Application Delivery Infrastructure Strategy
Slide 21Slide 21
vADCs Computing Resources
Integration to Eco-System VADI
Services
V A D I ™
• Application Delivery Controllers (ADCs) are transformed into virtual ADC instances (vADCs)
• Each vADC can run on top of a specialized and general purpose computing resources
• Each vADC provides a consistent set of basic and advanced application delivery features and services, regardless of the computing resources it utilizes:
- Load Balancing (Local & Global Server Load Balancing)
- Application Optimization
- Security/Additional Services
Virtual ADC Instances (vADC)
Slide 22Slide 22
V A D I ™
VADI: Computing Resources / Three Form Factors
Slide 23
Dedicated ADC
Radware Supplied Hypervisor (ADC-VX™)
Third Party Hypervisor SoftADC (Alteon ADC-VA)
V A D I ™
ADC-VX: Functional Summary
Slide 24
ADC-VX Hypervisor
On DemandServices
Infrastructure
Layer 4-7 Services
Network
Global SLB
SharePoint
1Gbps
IP Domain 1
Customer Managed
Global SLB, Security, ITM (QoS) and Link Optimizer
Fully featured ADC Health Checks, Layer 7 Configurations, etc.
VLANs, ARP tables, Virtual routing and forwarding tables
Physical Resources (CPU, Memory, SSL)
Private: config file logging
statistics
On DemandServices
Infrastructure
Layer 4-7 Services
Network
ITM
Oracle
2Gbps
IP Domain 2
On DemandServices
Infrastructure
Layer 4-7 Services
Network
Security
Marketing Applications
2Gbps
IP Domain 3
Customer “Monitor Only” Provider Managed
Private: config file logging
statistics
Private: config file logging
statistics
V A D I ™
VADI: Computing Resources / Three Form Factors
Slide 25
Radware Supplied Hypervisor (ADC-VX™)
Third Party Hypervisor SoftADC (Alteon ADC-VA)
V A D I ™
VADI: Computing Resources / Alteon ADC-VA (SoftADC)
Slide 26
Data Center
Testing and QA
Enterprise
Internet
• Soft ADC provided as a deployable VMware OVA appliance
• Supports tiered throughput licenses – 200Mbps, 500Mbps, and 1Gbps
V A D I ™
Alteon ADC-VA – Overall Summary
Slide 27
• Full ADC feature set– Local and Global SLB
– Application Acceleration
» SSL offloading, Compression, Caching, Header and Body modifications
» All functions utilizes Software functions, no Hardware base acceleration is provided
• Hypervisor Support– VMware ESX/ESXi 4.0/4.1 - Released
– KVM - Target: Q2 2011
• Virtual Machine Requirements– CPU:: 2 vCPUs
– Memory : 3.6 GB
– Logical Disk: 4 GB
– Network: 3 virtual interfaces (Management, Clients, Servers)
• Performance (on 4 CPU core PC)– Throughput: Up to 1Gbps
– Layer 4: Up to 40,000 CPS
– Layer 7: Up to 25,000 CPS
V A D I ™
VADI: Three Form Factors – Putting It Together
Slide 28
Virtual Data Center
Radware ADC-VX ADC
Application A – Partitioned High SLA Service
Application B – Partitioned High SLA Service
Application C - Dedicated High SLA Service
Application D - Lower SLA Service
(Best Effort)
Soft ADC
V A D I ™
VADI: Orchestration & Automation
Slide 29Slide 29
vADCs Computing Resources
Integration to Eco-System VADI
Services
V A D I ™
VADI: Integration to Virtual Data Center Eco-System
• Orchestration systems provide –
- End-to-end management of mission-critical applications and services
- Work flows which can provision a new service based on business events
• Radware VADI ADCs are fully integrated with the orchestration system through Radware’s vDirectTM plug-in.
• vDirect plug-in is a first-to-market vADC management orchestration plug-in.
• Designed specifically for virtual data centers.
• Fits any data center and virtual infrastructure size -
- SMBs using basic automatic work flows
- Large enterprises and xSP full service provisioning
Slide 30
• vDirect plug-in provides all the building blocks, workflows and management interfaces required to manage Radware’s VADI vADCs:– Provision / Decommission / Update vADC
– Create / Remove server
– Create / Remove / Update service (Web, etc)
– Automatic service elasticity
• vDirect plug-in is free of charge
• First release of vDirect plug-in is fully integrated with VMware vCenter and VMware vCenter Orchestrator systems.
Slide 31
VADI: Orchestration & Automation / vDirect Specifics
vDirect Integration Into VMware vSphere Orchestrator
Slide 32
vDirect – Creating a ADC-VA in vSphere Orchestrator
Slide 33
VADI: Orchestration & Automation / vDirect Plug-in Benefits
• Eliminates the need for frequent manual vADC configuration updates.
• Facilitates end-to-end service provisioning.
• Fully integrating Radware’s vADC into data center’s workflow automation.
• Full application delivery resource elasticity according to business application requirements
The result:
1. Greater IT efficiency
2. Higher business agility
Slide 34
VADI – Orchestration & Automation
Slide 35Slide 35
vADCs Computing Resources
Integration to Eco-System VADI
Services
V A D I ™
VADI: Unique Services
Slide 36
• Provisioning and Decommissioning• Eliminates the need for manual provisioning and reduces IT OPEX• Improves IT responsiveness to business needs
• Dynamic resource allocation • Improves service levels for all applications• Ensures each vADC has sufficient resources at any point in time• Ensures the correct distribution of resources across VADI
• vADC Migration • Simplifies ADC P2V migration• Streamlines the deployment of new applications and services
through simple migration of a vADC instance from testing to production• Enables scheduling ADC maintenance with zero downtime
Agenda
• Application Delivery Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary
Slide 37
Service Migration
Slide 39
DatabaseServers
Firewall
Enterprise Data Center
Firewall
IaaS / SecondaryData Center
Orchestration System
Orchestration System
IT manager migrates the Web application to the Cloud in order to reduce OPEX - using the Orchestration system
IT manager migrates the Web application to the Cloud in order to reduce OPEX - using the Orchestration system
Orchestration system migrates the Web application to the Cloud and creates a Soft ADC in the Cloud
Orchestration system migrates the Web application to the Cloud and creates a Soft ADC in the Cloud
Internet
Radware ADC-VX
• Simplify service migration to the Cloud
• Benefit from identical ADC experience in both DC and Cloud
• Improve IT efficiency through automated migration work flows
• Strengthen synergy between enterprise DC and Cloud DC
OnDemand Self Service ADC – 1/2
Firewall
IaaS ProviderData Center Self Service Portal
Slide 40
Orchestration System
Internet
Step #2The self Service portal instructs the Orchestration system to provision a new application VMs and vADC instance
Step #2The self Service portal instructs the Orchestration system to provision a new application VMs and vADC instance
Radware ADC-VX
Soft ADC
Application B
Step #1Customer-A provisions a new high SLA service via the self service portal
Step #1Customer-A provisions a new high SLA service via the self service portal
Step #3Customer-B provisions a new low SLA service via the self service portal
Step #3Customer-B provisions a new low SLA service via the self service portal
Step #4The self service portal instructs the orchestration system to provision a new application VMs and Soft ADC instance
Step #4The self service portal instructs the orchestration system to provision a new application VMs and Soft ADC instance
vADC-1
Application A
OnDemand Self Service ADC – 2/2
Firewall
IaaS ProviderData Center Self Service Portal
Step #1Customer provisions a new VMs to support more traffic
Step #1Customer provisions a new VMs to support more traffic
Slide 41
Orchestration System
Internet
Step #2The self service portal provisions a new VMs, and adds more capacity to the vADC-2
Step #2The self service portal provisions a new VMs, and adds more capacity to the vADC-2
Application 1
vADC-1
Radware ADC-VX
vADC-2
Application 2
• Best-of-breed self-serving ADC
• Open API for external ADC management
• Generate new revenue from existing ADC infrastructure
• Support any service SLA requirements
• On demand throughput and service scalability
• Full investment protection, increased asset ROI, and CAPEX savings
• Pay-as-you-grow approach
Dynamic Application and Resource Alignment – 1/2
Slide 42
DatabaseServersFirewall
VirtualData Center
Internet
Orchestration System
Radware ADC-VX
Step #1User accesses hosted application at Cloud data center
Step #1User accesses hosted application at Cloud data center
Step #4Redirect traffic to new resource
Step #4Redirect traffic to new resource
Step #3Orchestration system adds computing resources to application and updates ADC-VX
Step #3Orchestration system adds computing resources to application and updates ADC-VX
Step #2Orchestration System1. Periodically monitors ADC-VX’s
performance metrics2. Notices a traffic overload in the
Web application
Step #2Orchestration System1. Periodically monitors ADC-VX’s
performance metrics2. Notices a traffic overload in the
Web application
Dynamic Application and Resource Alignment – 2/2
Slide 43
DatabaseServersFirewall
Enterprise Data Center
Firewall
IaaS ProviderData Center
Orchestration system initiates a Cloud Burst of the Web application and provisions a Soft ADC
Orchestration system initiates a Cloud Burst of the Web application and provisions a Soft ADC
Internet
Radware ADC-VX
Orchestration System
Orchestration System
Step #2Orchestration System1. Periodically monitors ADC-VX’s
performance metrics2. Notices a traffic overload in the
Web application3. Senses local data center
resources are maxed out
Step #2Orchestration System1. Periodically monitors ADC-VX’s
performance metrics2. Notices a traffic overload in the
Web application3. Senses local data center
resources are maxed out
Agenda
• Application Delivery Overview • Radware’s Virtual Application Delivery Infrastructure• Use Cases• Summary
Slide 44
Summary
Slide 45
Enterprise/Virtual Data Center
Employees & Users
Customers
Mobile Users
ADC
• Ensure Application availability
• Maximize business continuity
• Enhance application performance
• Reduced VM CPU load
• Cost-effective scaling
• Full integration with VMware management tools
• Enable workflow Automation
Thank YouEnd Slide