#VMUGMTL - Radware Breakout

Presentation NameAuthor - Date

Radware Solutions for Virtualized Data Centers

April 25th, 2011

Agenda

• Introduction to Radware

• Application Delivery for VMware based Virtual Data Centers

• Summary

Facts About Us

Slide 3

Over 10,000 Customers

Global Technology Partners

Recognized Technology Leadership

• Founded 1997

• NASDAQ

• leader by Gartner

• 750 Employees

• Global Presence

• 10 000 Customers

http://www.bluecoat.com/



http://www.radware.com/Company/TechnologyAlliances/default.aspx?id=1694&taID=2400

http://www.radware.com/Company/TechnologyAlliances/default.aspx?id=5367&taID=2691

Data Center Challenges: Availability

Slide 4

The average cost of network downtime for larger corporations is $42,000 per hour ($700 / minute)

Data Center Challenges: Performance

Slide 5

Bridging The Application – Network Gap

Slide 6

Enterprise Network

This results in:• Application downtime• Reduced productivity due to

performance issues• Security risks• Operational overhead• Higher costs

Applications &Business Processes

Employees & Users

Partners & Customers

Mobile Users

• Business applications and business processes are agile and user specific

• They are designed assuming server and bandwidth resources are available and optimal

Networks & servers are designed for capacity and connectivity

There is a gap between application design assumptions & network services

WEB 2.0SOA

Radware Solutions

• Multi-WAN Link Application Delivery • Application Security Solution • Application delivery solution

Slide 7

Data Center

DatabaseServers

Router

Router

Internet

Firewall

Oracle-PeopleSoft

AppDirectorDefensePro

AppWall

LinkProof

CRM

Web & Portal

Servers

ISP2

• Mission-critical applications (web-based ERP) are redirected via the high SLA & secure line• Non-critical applications (web browsing) are redirected via the non-SLA line• Easily & cost effectively add bandwidth while increasing site availability & performance• Ensure employee and end-user QoE• Limit or block non-business critical traffic (e.g. P2P, streaming, downloads)

Router

HTTP for Web browsing

HTTP for ERP / CRM

No SLA

High SLA

99.99%

Low cost DSL lines can be aggregated

for simple andcost-effective

businessscalability

Low cost DSL lines can be aggregated

for simple andcost-effective

businessscalability

ISP 3

LinkProof

Headquarter Local Network

ERP, CRM, email, Web servers

Slide 8

Router

Multi-WAN Link Application Delivery

Corporate users

ISP1

WikiLeaks Revenge Attacks

2010

IMDDOS2010

Hackers’ Change in Motivation

2001 2011

Vandalism and publicity “Hacktivism” Financially motivated

Blaster(Attacking Microsoft web site)

2003

Storm(Botnet)

2007

CodeRed(Defacing IIS web servers)

2001

Nimda(Installed Trojan)

2001 Slammer(Attacking SQL websites)

2003

Agobot(DoS Botnet)

2005

Republican website DoS

2004

Estonia’s Web Sites DoS

2007

Attack Risk

Time

Georgia Web Sites DoS

2008

Srizbi(Botnet)

2007Rustock(Botnet)

2007

Kracken(Botnet)

2008

July 2009 Mydoom.EA

Slide 9

Complete Network & Application Security Solution

Slide 10

Internet

Access Router

Web Servers

FirewallDefensePro

APSolute Vision

AppWall

• Network Attack Prevention solution protecting against:- Network DDoS- Application DDoS- Server Brute Force- Application vulnerability scanning- Server based intrusions

• WAF protects against:- Zero-day web attacks- Data leak such as CCN- Information theft- Web defacement- Web attacks such as CSRF,

XSS, Injections…

Assured network and application security solution for Data Centers

AppWall & DefensePro Correlation

Slide 11

AppWall blocked attacks

DefensePro blocked attacks

Application Delivery Controllers & VMware Agenda

• Application Delivery – Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary

Slide 12

Application Delivery Controller (ADC) Core Functionality

• Load Balancing– Application & Session Aware (Layer 4-7) – Global Server Load Balancing (Multi Site)

• Application Optimization/Acceleration– SSL Offloading & Acceleration– Compression– Caching– TCP connection multiplexing– Health Monitoring

• Additional Services– DoS protection– QoS/Bandwidth management

Slide 13

Graphical Representations of ADC Functionality

Slide 14

Load Balancing

Multiplexing

Offloading (SSL Example)

Compression

Radware ADC• Application Specific Health Checking

• Zero Downtime

Addressing Availability Concerns for VMware Environments

Slide 15

VMware HA•OS / Hardware health checks

•For environments that can tolerate brief interruptions of service

Radware ADC• Zero downtime even in case of application failure

• No need for Redundant VMs

VMware FT•Protects from physical failures

•No Downtime (OS)•2 Identical VMs

Radware ADC• Offload CPU intensive tasks from the virtual

resources: SSL offloading, Caching, Content compression, TCP multiplexing

Addressing Performance Concerns

Slide 16

VMware vSphere – Superior Performance

Radware ADC• On Demand Scalability – license based services and

throughput scalability, zero-downtime

• Cross data center on demand scalability

Addressing Scalability Concerns

Slide 17

VMware vSphere – Better Scalability • Virtual Machine Scalability

• Hot-add more resources to a VM• Easy provisioning of new VMs to support an

application

Specific Results with Radware ADC Products

Slide 18

Microsoft SharePoint Server 2007• Better Quality of Experience (QoE) for end users

• 300% improvement in page load time for remote (WAN) users• Reduce OPEX

• 65% reduction in bandwidth consumption• 40% reduction in CPU utilization• 30% increase in TPS per server

Oracle E-Business Suite (EBS) 12• Better Quality of Experience (QoE) for end users

• 43% improvement in page load time for remote (WAN) users• Reduce OPEX

• 60% reduction in bandwidth consumption thanks to compression• 80% request offload from servers thanks to caching

Application Delivery Controllers & VMware Agenda

• Application Delivery – Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary

Slide 19

Virtual Application Delivery Infrastructure – Evolution of ADCs

Slide 20

Radware VADITM

ADC

Server Virtualization

Servers

Bringing the Business Value of Server Virtualization to the Application Delivery space:

Cost savings, IT efficiency and Business Agility

Virtual Application Delivery Infrastructure Strategy

Slide 21Slide 21

vADCs Computing Resources

Integration to Eco-System VADI

Services

V A D I ™

• Application Delivery Controllers (ADCs) are transformed into virtual ADC instances (vADCs)

• Each vADC can run on top of a specialized and general purpose computing resources

• Each vADC provides a consistent set of basic and advanced application delivery features and services, regardless of the computing resources it utilizes:

- Load Balancing (Local & Global Server Load Balancing)

- Application Optimization

- Security/Additional Services

Virtual ADC Instances (vADC)

Slide 22Slide 22

V A D I ™

VADI: Computing Resources / Three Form Factors

Slide 23

Dedicated ADC

Radware Supplied Hypervisor (ADC-VX™)

Third Party Hypervisor SoftADC (Alteon ADC-VA)

V A D I ™

ADC-VX: Functional Summary

Slide 24

ADC-VX Hypervisor

On DemandServices

Infrastructure

Layer 4-7 Services

Network

Global SLB

SharePoint

1Gbps

IP Domain 1

Customer Managed

Global SLB, Security, ITM (QoS) and Link Optimizer

Fully featured ADC Health Checks, Layer 7 Configurations, etc.

VLANs, ARP tables, Virtual routing and forwarding tables

Physical Resources (CPU, Memory, SSL)

Private: config file logging

statistics

On DemandServices

Infrastructure

Layer 4-7 Services

Network

ITM

Oracle

2Gbps

IP Domain 2

On DemandServices

Infrastructure

Layer 4-7 Services

Network

Security

Marketing Applications

2Gbps

IP Domain 3

Customer “Monitor Only” Provider Managed


statistics


statistics

V A D I ™

VADI: Computing Resources / Three Form Factors

Slide 25

Radware Supplied Hypervisor (ADC-VX™)

Third Party Hypervisor SoftADC (Alteon ADC-VA)

V A D I ™

VADI: Computing Resources / Alteon ADC-VA (SoftADC)

Slide 26

Data Center

Testing and QA

Enterprise

Internet

• Soft ADC provided as a deployable VMware OVA appliance

• Supports tiered throughput licenses – 200Mbps, 500Mbps, and 1Gbps

V A D I ™

Alteon ADC-VA – Overall Summary

Slide 27

• Full ADC feature set– Local and Global SLB

– Application Acceleration

» SSL offloading, Compression, Caching, Header and Body modifications

» All functions utilizes Software functions, no Hardware base acceleration is provided

• Hypervisor Support– VMware ESX/ESXi 4.0/4.1 - Released

– KVM - Target: Q2 2011

• Virtual Machine Requirements– CPU:: 2 vCPUs

– Memory : 3.6 GB

– Logical Disk: 4 GB

– Network: 3 virtual interfaces (Management, Clients, Servers)

• Performance (on 4 CPU core PC)– Throughput: Up to 1Gbps

– Layer 4: Up to 40,000 CPS

– Layer 7: Up to 25,000 CPS

V A D I ™

VADI: Three Form Factors – Putting It Together

Slide 28

Virtual Data Center

Radware ADC-VX ADC

Application A – Partitioned High SLA Service

Application B – Partitioned High SLA Service

Application C - Dedicated High SLA Service

Application D - Lower SLA Service

(Best Effort)

Soft ADC

V A D I ™

VADI: Orchestration & Automation

Slide 29Slide 29



Services

V A D I ™

VADI: Integration to Virtual Data Center Eco-System

• Orchestration systems provide –

- End-to-end management of mission-critical applications and services

- Work flows which can provision a new service based on business events

• Radware VADI ADCs are fully integrated with the orchestration system through Radware’s vDirectTM plug-in.

• vDirect plug-in is a first-to-market vADC management orchestration plug-in.

• Designed specifically for virtual data centers.

• Fits any data center and virtual infrastructure size -

- SMBs using basic automatic work flows

- Large enterprises and xSP full service provisioning

Slide 30

• vDirect plug-in provides all the building blocks, workflows and management interfaces required to manage Radware’s VADI vADCs:– Provision / Decommission / Update vADC

– Create / Remove server

– Create / Remove / Update service (Web, etc)

– Automatic service elasticity

• vDirect plug-in is free of charge

• First release of vDirect plug-in is fully integrated with VMware vCenter and VMware vCenter Orchestrator systems.

Slide 31

VADI: Orchestration & Automation / vDirect Specifics

vDirect Integration Into VMware vSphere Orchestrator

Slide 32

vDirect – Creating a ADC-VA in vSphere Orchestrator

Slide 33

VADI: Orchestration & Automation / vDirect Plug-in Benefits

• Eliminates the need for frequent manual vADC configuration updates.

• Facilitates end-to-end service provisioning.

• Fully integrating Radware’s vADC into data center’s workflow automation.

• Full application delivery resource elasticity according to business application requirements

The result:

1. Greater IT efficiency

2. Higher business agility

Slide 34

VADI – Orchestration & Automation

Slide 35Slide 35



Services

V A D I ™

VADI: Unique Services

Slide 36

• Provisioning and Decommissioning• Eliminates the need for manual provisioning and reduces IT OPEX• Improves IT responsiveness to business needs

• Dynamic resource allocation • Improves service levels for all applications• Ensures each vADC has sufficient resources at any point in time• Ensures the correct distribution of resources across VADI

• vADC Migration • Simplifies ADC P2V migration• Streamlines the deployment of new applications and services

through simple migration of a vADC instance from testing to production• Enables scheduling ADC maintenance with zero downtime

Agenda

• Application Delivery Overview• Radware Virtual Application Delivery Infrastructure• Use Cases• Summary

Slide 37

Service Migration

Slide 39

DatabaseServers

Firewall

Enterprise Data Center

Firewall

IaaS / SecondaryData Center

Orchestration System


IT manager migrates the Web application to the Cloud in order to reduce OPEX - using the Orchestration system

IT manager migrates the Web application to the Cloud in order to reduce OPEX - using the Orchestration system

Orchestration system migrates the Web application to the Cloud and creates a Soft ADC in the Cloud

Orchestration system migrates the Web application to the Cloud and creates a Soft ADC in the Cloud

Internet

Radware ADC-VX

• Simplify service migration to the Cloud

• Benefit from identical ADC experience in both DC and Cloud

• Improve IT efficiency through automated migration work flows

• Strengthen synergy between enterprise DC and Cloud DC

OnDemand Self Service ADC – 1/2

Firewall

IaaS ProviderData Center Self Service Portal

Slide 40


Internet

Step #2The self Service portal instructs the Orchestration system to provision a new application VMs and vADC instance

Step #2The self Service portal instructs the Orchestration system to provision a new application VMs and vADC instance

Radware ADC-VX

Soft ADC

Application B

Step #1Customer-A provisions a new high SLA service via the self service portal

Step #1Customer-A provisions a new high SLA service via the self service portal

Step #3Customer-B provisions a new low SLA service via the self service portal

Step #3Customer-B provisions a new low SLA service via the self service portal

Step #4The self service portal instructs the orchestration system to provision a new application VMs and Soft ADC instance

Step #4The self service portal instructs the orchestration system to provision a new application VMs and Soft ADC instance

vADC-1

Application A

OnDemand Self Service ADC – 2/2

Firewall

IaaS ProviderData Center Self Service Portal

Step #1Customer provisions a new VMs to support more traffic

Step #1Customer provisions a new VMs to support more traffic

Slide 41


Internet

Step #2The self service portal provisions a new VMs, and adds more capacity to the vADC-2

Step #2The self service portal provisions a new VMs, and adds more capacity to the vADC-2

Application 1

vADC-1

Radware ADC-VX

vADC-2

Application 2

• Best-of-breed self-serving ADC

• Open API for external ADC management

• Generate new revenue from existing ADC infrastructure

• Support any service SLA requirements

• On demand throughput and service scalability

• Full investment protection, increased asset ROI, and CAPEX savings

• Pay-as-you-grow approach

Dynamic Application and Resource Alignment – 1/2

Slide 42

DatabaseServersFirewall

VirtualData Center

Internet


Radware ADC-VX

Step #1User accesses hosted application at Cloud data center

Step #1User accesses hosted application at Cloud data center

Step #4Redirect traffic to new resource

Step #4Redirect traffic to new resource

Step #3Orchestration system adds computing resources to application and updates ADC-VX

Step #3Orchestration system adds computing resources to application and updates ADC-VX

Step #2Orchestration System1. Periodically monitors ADC-VX’s

performance metrics2. Notices a traffic overload in the

Web application



Web application

Dynamic Application and Resource Alignment – 2/2

Slide 43

DatabaseServersFirewall

Enterprise Data Center

Firewall

IaaS ProviderData Center

Orchestration system initiates a Cloud Burst of the Web application and provisions a Soft ADC

Orchestration system initiates a Cloud Burst of the Web application and provisions a Soft ADC

Internet

Radware ADC-VX





Web application3. Senses local data center

resources are maxed out



Web application3. Senses local data center

resources are maxed out

Agenda

• Application Delivery Overview • Radware’s Virtual Application Delivery Infrastructure• Use Cases• Summary

Slide 44

Summary

Slide 45

Enterprise/Virtual Data Center

Employees & Users

Customers

Mobile Users

ADC

• Ensure Application availability

• Maximize business continuity

• Enhance application performance

• Reduced VM CPU load

• Cost-effective scaling

• Full integration with VMware management tools

• Enable workflow Automation

Thank YouEnd Slide

#VMUGMTL - Radware Breakout

Technology

Transcript of #VMUGMTL - Radware Breakout