Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Visibility – acceleration security Harri Kurronen 3. June, 2009 Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service names are the property of their respective owners. © Blue Coat Systems, Inc. 2008. All Rights Reserved. Blue Coat Solutions PacketShaper 2 ProxySG Application Visibility & QOS Secure Web Gateway WAN Optimization Application Performance Monitoring Malware Prevention Application Acceleration P2P Traffic Shaping SSL Visibility and Control Mobile User Acceleration Recreational Traffic Control Web Content Filtering Server Consolidation & File Acceleration MPLS Migration Remote Web Control External Applications & Direct-to-Net Bandwidth Management IM and P2P Control Streaming & Content Delivery Networks IP Telephony & Video Conf Deployment Information Leak Prevention Replication and Backup © Blue Coat Systems, Inc. 2008. All Rights Reserved. Visibility 3 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Tools Deployed Are Not Good Enough Not Smart Enough New Demands: Voice, Video Reactive No Ability to Fix 4 © Blue Coat Systems, Inc. 2008. All Rights Reserved. • No application view (network based) • Big problems avoid detection/resolution • Newly added to converged MPLS networks • VERY performance sensitive, no tools deployed • End user complaints • How do you resolve issues? Blue Coat Visibility – Overcome Limits Application View, Fix Problems & Deliver ROI 5 NotClassification Smart Enough • • • Layer 7+ Autodiscovers 600+ Applications Find elusive recreation: iTunes, YouTube, etc. Break down compound Enterprise apps: SAP, Oracle, Citrix New Demands: Voice Quality Voice, Video • • • Real traffic, in real time for voice and video conf (RTP) Quality (MOS, rFactor) and Utilization (peak & average) Jitter, delay, loss Proactive Response Reactive Time Monitoring • • • Track end user experience – network delay, server delay Set baselines and exception thresholds Alert, alarm & integrate: SNMP, XML, Email FixAbility Problems No to Fix • • • Apply Powerful QOS & Compression - RESOLVE Contain recreation, protect mission critical Integrate with acceleration devices like ProxySG © Blue Coat Systems, Inc. 2008. All Rights Reserved. PacketShaper Key Functionality Application Visibility Application QoS RAM-Based Compression Key Solutions Visibility & Performance Monitoring Recreation Traffic Control Delivery/Acceleration of Real Time Applications Voice/IPT Video Conferencing Thin Client/Virtual Desktop Transactions 6 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Classification: Basis of Control Classification Metrics Usage RTM VoIP Diagnostics Management Discover Applications on Network Find Elusive P2P, YouTube, iTunes, etc Break down Oracle, SAP, Citrix, Microsoft Align Class Tree to Business – Track business processes – end user response – Monitor SLAs – carrier, internal app – Monitor utilization/budget per application – Limit recreation 7 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Application Based Utilization & Metrics Classification Metrics Usage RTM VoIP Diagnostics Management Top Applications, Users Where is WAN Budget spent? Real Time Troubleshooting Long Term Capacity Planning Customer Sees 60% of WAN is Recreational 8 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Response Times: Measure Transactions Classification Metrics Usage RTM End-user experience Network & Server Delay Thresholds for SLA Alert, alarm, integrate Total Delay SAP Order Entry: 1220 ms Network Delay: 340 ms 9 Server Delay: 880 ms © Blue Coat Systems, Inc. 2008. All Rights Reserved. VoIP Diagnostics Management Voice Metrics: Real Traffic, Real Time Classification Metrics Usage RTM VoIP Diagnostics Management For Real Time Protocol (RTP) Voice Video Conferencing Call Volume Network Metrics Loss Latency Jitter Quality Mean Opinion Score (MOS) rFactor 10 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Troubleshooting Diagnostics Classification Metrics Usage RTM VoIP Diagnostics Management Host Analysis – Real time host/IP address view (below) TCP Health – Connection state (good, aborted, refused, ignored) PacketCapture – Targeted Capture TCPDump format Synthetic Transactions – HTTP/S, FTP, SMTP, Echo & Custom 11 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Central Management: IntelligenceCenter Classification Metrics Usage RTM VoIP Diagnostics Management Centralized Reporting Collection (flows or ME) Correlation Reporting & Alarms SLA Dashboard (left) Quick summary app performance Different Roles & Views Per app Per site IntelligenceCenter 12 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Customized portals Acceleration 13 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Platform for Application Acceleration Multiprotocol Accelerated Caching Hierarchy Bandwidth Protocol Management Optimization Object Caching Byte Caching Compression File Services (CIFS), Web (HTTP), Exchange (MAPI), Video/Streaming (RTSP, MMS), Secure Web (SSL) 14 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Bandwidth Management Sales Automation App Priority 1 Min 400Kb, Max 800Kb E-Mail Priority 2 Min 100Kb, Max 400Kb File Services Priority 3 Min 400Kb, Max 800Kb General Web Surfing Priority 4 Min 0Kb, Max 200Kb Divide user and application traffic into classes Guarantee min and/or max bandwidth for a class Align traffic classes to business priorities 15 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Protocol Optimization 16 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Protocol Optimization 10-100X Faster Includes CIFS, MAPI, HTTP, HTTPS, TCP 17 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Object Caching Built on high-level applications and protocols – HTTP/Web caching – Streaming caches – CIFS cache Advantages – Fastest response times – Offload work from servers (and networks) – Can be deployed asymmetrically Limitations – Application-specific – All or nothing: No benefit if whole object not found or changed 18 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Byte Caching Local History Cache Remote History Cache …..B24D77E8A00E1...4ABEF8853821A 31B482F6C8D920A00CEF225A0F634F 8200A2D6BC87F0AB227D95239BE0A1 5F07A6238C9DDBE0ACFD97652BDD0 C0AA017629CAD9E99DE0 B24D77E8A00E4785ACB7E E20A31B482F6C8D920A00C EF225A0F634F8200A2D6BC 87FAAB266E8DC9A00A15F0 7A6238C9DDBE0ACFD9765 2BDD0C0AA0 Local LAN 19 © Blue Coat Systems, Inc. 2008. All Rights Reserved. …..B24D77E8A00E1...4ABEF885382 1A31B482F6C8D920A00CEF225A0F63 4F8200A2D6BC87F0AB227D95239BE0 A15F07A6238C9DDBE0ACFD97652BD D0C0AA017629CAD9E99DE0 [R1]4785ACB7EE20[R2] AAB266E8DC9A00A[R3] WAN Link B24D77E8A00E4785ACB7EE2 0A31B482F6C8D920A00CEF2 25A0F634F8200A2D6BC87FA AB266E8DC9A00A15F07A623 8C9DDBE0ACFD97652BDD0 C0AA0 Remote LAN Compression 1101111100111001001001011 110111110011100100100101 100110010101110110010000 110011001010111011001000 1101001100111001000001111 011010011001110010000011 000111001100011000001001 110001110011000110000010 111000000110111101001000 011110000001101111010010 0110110100101111100110100 1101111100111001001001011100110010101110110010000 000110110100101111100110 1110110100110100111100100 1001100111001000001111000111001100011 100111011010011010011110 000000000011100101110010 010000000000001110010111 110110110100101011001011 001011011011010010010010 001010101010100101010101 101010010101010101101100 01010100101000010100 101100010100 COMPRESSION Industry-standard gzip algorithm compresses all traffic Removes predictable “white space” from content and objects being transmitted 20 © Blue Coat Systems, Inc. 2008. All Rights Reserved. MACH5 Accelerates Applications MACH5 Optimizes More Protocol Types, Removes More Latency and Saves More Bandwidth than Other Solutions 21 © Blue Coat Systems, Inc. 2008. All Rights Reserved. ProxyClient Features Acceleration URL rating service Web filtering Byte caching Simple UI Logging Service Status Updates 22 © Blue Coat Systems, Inc. 2008. All Rights Reserved. WAN Optimization Anywhere • Provide Fast Access to Applications in the Datacenter Internet • Performance increase • Dramatically decrease bandwidth use Byte Caching Sophisticated custom compression based on observed network patterns 23 Corporate Network Location Awareness Makes intelligent use of ProxySG appliances in the network TCP Optimization CIFS Optimization Inline Compression CIFS Object Caching © Blue Coat Systems, Inc. 2008. All Rights Reserved. Security 24 © Blue Coat Systems, Inc. 2008. All Rights Reserved. USER EXPECTATIONS Internet Evolution… • Apps Mission Critical + Dynamic • Connection Agnostic • Multiple Devices • Web 2.0 Web threats • Apps Mission Critical • Static Content • Connection Method Key • Limited CPEs • Email/Spam Threats • Apps Lan Centric • Limited Content • PC based Internet • Basic Broadband • Thick Clients • Few Business Apps • Dial Up © Blue Coat Systems, Inc. 2008. All Rights Reserved. • Multi-Protocols • Richer Applications • Always-On Connections PERFORMANCE REQUIRED 25 • Traffic Growth Hybrid Web Gateway Links web gateway into cloud service 3rd Party Malware Feeds More malware defenses Offloads processing Malware Feed Extends to remote clients WebPulse Cloud Service Analyzes 1B+ requests per week ProxyAV Internet Enterprise Network ProxySG With WebFilter ProxyClient Combining 54M+ Users to Protect the Enterprise 26 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Remote Users WebPulse™ Cloud Service Web content analysis & ratings 180 Million/day Reputation Analysis Real-time rating service Malware Detection Multiple Threat Engines Machine Analysis ProxyClient Human Raters 30B/ day 54M Clients 27 27 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Content Ratings New Malware Defense WebPulse 5min updates to WebFilter Immediate updates to ProxyClient and K9 Analyzes over 1B user requests per week WebPulse Cloud Service Five Minute Updates Immediate Access Internet Enterprise Network ProxySG with WebFilter ProxyClient Unites gateways & clients into computing grid defense 28 © Blue Coat Systems, Inc. 2008. All Rights Reserved. AV feedback Immediate malware feedback 3rd Party Malware Feeds Even more malware Malware Feed defenses One AV serves all WebPulse Cloud Service 54M+ users Analyzes 1B+ requests per week ProxyAV Internet Enterprise Network ProxySG With WebFilter ProxyClient Combining 54M+ Users to Protect the Enterprise 29 © Blue Coat Systems, Inc. 2008. All Rights Reserved. Remote Users Blue Coat Layered Defenses Cloud Service WebPulse & WebFilter Inline Threat Detection ProxyAV Web Application & Content Controls ProxySG Integrated Data Loss Prevention ProxySG with 6 DLP partners Remote Users ProxyClient 30 © Blue Coat Systems, Inc. 2008. All Rights Reserved. © Blue Coat Systems, Inc. 2008. All Rights Reserved.