Providing Secure, Fast and Available

Similar documents
Providing Fast, Secure, and

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III

DATACENTER SECURITY. Paul Deakin System Engineer, F5 Networks

BIG-IP APM: Access Policy Manager v11. David Perodin Field Systems Engineer

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

SAS and F5 integration at F5 Networks. Updates for Version 11.6

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

Adding value to your MS customers

Deploying the BIG-IP System v10 with Oracle s BEA WebLogic

TLS 1.1 Security fixes and TLS extensions RFC4346

F5 Synthesis Information Session. April, 2014

Brocade Virtual Traffic Manager and Parallels Remote Application Server

O365 Solutions. Three Phase Approach. Page 1 34

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP Access Policy Manager with IBM, Oracle, and Microsoft

Sichere Applikations- dienste

Czas na nowe platformy sprzętowe F5! Dlaczego są to najbardziej programowalne urządzenia ADC na rynku

Management and Orchestration with F5 BIG-IQ 4.5. Philippe Bogaerts F5 Networks

Improving VDI with Scalable Infrastructure

F5 Big-IP Application Security Manager v11

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

Deploying the BIG-IP System with Microsoft SharePoint 2016

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Cloud, SDN and BIGIQ. Philippe Bogaerts Senior Field Systems Engineer

Deploying F5 with Citrix XenApp or XenDesktop

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP SYSTEM WITH BEA WEBLOGIC SERVER

jetnexus Virtual Load Balancer

Deploying F5 with Microsoft Active Directory Federation Services

Deploying the BIG-IP System v11 with Microsoft SharePoint 2010 and 2013

Pulse Secure Application Delivery

Deploying F5 with Citrix XenApp or XenDesktop

Deploying F5 with Microsoft Active Directory Federation Services

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

ADC im Cloud - Zeitalter

Optimize and Accelerate Your Mission- Critical Applications across the WAN

Deploying the BIG-IP System with Microsoft SharePoint

jetnexus Virtual Load Balancer

Deploying the BIG-IP LTM and APM with Citrix XenApp or XenDesktop

Providing Security and Acceleration for Remote Users

Deploying F5 with Microsoft SharePoint 2013 and 2010

GOING WHERE NO WAFS HAVE GONE BEFORE

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with IBM WebSphere 7

Securing and Accelerating the InteropNOC with F5 Networks

Maximum Security, Zero Compromise in Availability and Performance

Web Application Firewall for Web Environments

Seven Criteria for a Sound Investment in WAN Optimization

Guide to Deploying NetScaler as an Active Directory Federation Services Proxy

BIG-IP Access Policy Manager : Portal Access. Version 12.1

En partenariat avec CA Technologies. Genève, Hôtel Warwick,

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE

jetnexus Load Balancer

F5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager. Upcoming Dates. Course Description. Course Outline

Enhancing Exchange Mobile Device Security with the F5 BIG-IP Platform

TIBCO Cloud Integration Security Overview

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Understanding of basic networking concepts (routing, switching, VLAN, firewall functionality)

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

SaaS. Public Cloud. Co-located SaaS Containers. Cloud

Citrix NetScaler Make web applications run five times better

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

Applications Security

Deploying F5 with Microsoft Dynamics CRM 2015 and 2016

Deploying the BIG-IP System with Microsoft SharePoint

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA

Cisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments

Deploying the BIG-IP System for LDAP Traffic Management

BIG-IP APM Operations Guide

Enabling Public Cloud Interconnect Services F5 Application Connector

BIG-IP Access Policy Manager : Authentication and Single Sign-On. Version 13.1

F5 VMware Virtual Community Roundtable. VMware Alliance F5

Deploying F5 for Microsoft Office Web Apps Server 2013

F5-Networks Application Delivery Fundamentals. Download Full Version :

RETHINKING DATA CENTER SECURITY. Reed Shipley Field Systems Engineer, CISSP State / Local Government & Education

Archived. For more information of IBM Maximo Asset Management system see:

Enhancing VMware Horizon View with F5 Solutions

PCI DSS Compliance. White Paper Parallels Remote Application Server

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Access Policy Manager v with Oracle Access Manager

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Access Policy Manager with Oracle Access Manager

DEPLOYMENT GUIDE HOW TO DEPLOY MICROSOFT SHAREPOINT 2016 WITH A10 THUNDER ADC

Securing the Cloud. White Paper by Peter Silva

Deploying the BIG-IP System with Microsoft IIS

Deploying the BIG-IP System with Oracle WebLogic Server

BIG-IP Access Policy Manager : Third- Party Integration. Version 13.1

Deploying the BIG-IP System v11 with Microsoft Exchange 2010 and 2013 Client Access Servers

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Citrix NetScaler Basic and Advanced Administration Bootcamp

Prerequisites CNS-220 Citrix NetScaler Essentials and Traffic Management

Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern. Köln am 10.Oktober 2017

Citrix Exam 1Y0-253 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Version: 6.0 [ Total Questions: 186 ]

Data Center Virtualization Q&A

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE

NetScaler for Apps and Desktops CNS-222; 5 Days; Instructor-led

BIG-IP Access Policy Manager and BIG-IP Edge Client for Windows Phone 8.1 v1.0.0

Deploying the BIG-IP System with HTTP Applications

Deploying F5 with Microsoft Dynamics CRM 2011 and 2013

Citrix Federated Authentication Service Integration with APM

Deploying F5 with Microsoft Remote Desktop Gateway Servers

XenApp 5 Security Standards and Deployment Scenarios

Transcription:

Providing Secure, Fast and Available SharePoint with F5 BIG-IP John Lee, Federal Systems Engineer Version 3.0

Rate Shaping TCP Express SSL Caching XML Compression OneConnect TCP Express ASM Web Accel 3 rd Party Traffic Manager Operating System (TMOS) Microkernel TCP Proxy Client Side Server Side Client Server irules High Performance HW icontrol API Application Delivery Network TMOS Traffic Plugins High-performance Networking Microkernel Powerful Application Protocol Support icontrol External monitoring and control irules Network Programming Language F5 Networks, Inc 2

F5 Networks, Inc 3

Too much, too fast F5 Networks, Inc 4

Most Common: CMS, Workflow, KPI/BI F5 Networks, Inc 6

Weak points F5 Networks, Inc 7

Standard Topologies = Complex, VM & Storage Sprawl F5 Networks, Inc 8

F5 Networks, Inc 9

Performance, Redundancy, DDoS Protection SSL Acceleration (& Termination) DHE, RSA, DSA, ECC, TLS 1.3 & PFS Protocol Optimization TCP & HTTP Fast Cache (Limited) TCP Queuing Compression Application Availability & Redundancy Intelligent Application Monitors DDoS Protection (Core) SSL Visibility ICAP F5 Networks, Inc 10

New Features in 2013 Host Named Site Collections More FQDN s Request management L7: Throttling & Routing Static Weight Health Weight Disabled by Default Criteria CustomHeader Host HttpMethod IP SoapAction F5 Networks, Inc 11

Application Security Manager F5 Networks, Inc 12

F5 Networks, Inc 13

Protect your Apps HTML Content Streaming & PII Protection OWASP Top 10 A1 Injection A2 Broken Authentication and Session Management A3 Cross-Site Scripting (XSS) A4 Insecure Direct Object References A5 Security Misconfiguration A6 Sensitive Data Exposure A7 Missing Function Level Access Control A8 Cross-Site Request Forgery (CSRF) A9 Using Components with Known Vulnerabilities A10 Unvalidated Redirects and Forwards Application Security Layer 5 7 Application Protection PCI DSS Compliance Positive + Negative Security Models ICSA Certified Web App Firewall Integrated into the BIG-IP ADC Industry Partnerships Automate Signature Updates F5 Networks, Inc 14

Access Policy Manager F5 Networks, Inc 15

BIG-IP Access Policy Manager Identify, authenticate, and control user access to your applications Secure and accelerate application access from any device and location Consolidate AAA and SSO services for enterprise applications RDP, View, Citrix Xen Support Federate via SAML Single Sign On Mobile User Access Scalable SSL VPN Advanced Endpoint checks BYOD: IOS, Win8, Android Support F5 Networks, Inc 17

The impact of LTM+APM for SharePoint? Protocol Optimization + SSL Acceleration & Offloading + Authentication Offloading Faster Deployment + Added Security + Happier Users Clients SharePoint Farm External System Classic (Windows Auth) Claims Classic (Windows Auth) Claims Claims Incoming Authentication Intra/Inter Farm Authentication Outgoing Authentiction But wait, there s more F5 Networks, Inc 18

Application Accelerator Manager F5 Networks, Inc 19

SharePoint Acceleration, More New stuff? Workflow Manager Doesn t support IPv6 UX Improvements HTML5 Caching (AppFabric Distributed Cache) Feeds Logon Tokens Search Mobile Support Minimal Download Strategy Browser Support F5 Networks, Inc 20

Application Delivery Optimization Holistic approach to improving performance throughout the application delivery chain Client Improve the user experience for traditional and mobile users Deliver the right content to the right user in the fastest time Network Connect applications and users in a global enterprise Provide the fastest network at the lowest cost Increase network efficiency to best utilize resources Data center Improve availability of enterprise applications Increase application server capacity Integrate new technologies without recoding applications F5 Networks, Inc 21

Accelerating the Client Content control Deliver content to clients with minimal network overhead Data reduction Optimize images and files for mobile browsers to improve page load times F5 Networks, Inc 22

Accelerating the Network Compression and deduplication Reduce amount of data transmitted Improve network throughput and response Increase bandwidth efficiency Adaptive / Client Aware Compression Protocol optimization Tune TCP and HTTP parameters to adapt to changing network conditions Loss correction Correct for high-loss networks to decrease transmission time and improve user experience F5 Networks, Inc 23

Acceleration in the Data Center Fast cache Core / LTM Load balance Offload repetitive traffic from web and application servers to increase server capacity Distribute application load across multiple servers to increase availability Offload Increase server capacity Accelerate SSL processing Manage TCP connections more efficiently SPDY gateway Leverage SPDY and other protocols without recoding applications F5 Networks, Inc 24

Image Optimization? That too What Convert from JPEG or PNG to WebP Reduces file size by up to 73% Preserve copyright before stripping EXIF headers. Retries if optimization skipped due to load. Improved dashboard stats Why Reduce size of web page Especially useful for mobile browsers. F5 Networks, Inc 25

What does it mean? Faster load times Reduce VM Sprawl Better user experience Reduced bandwidth Reduce Storage Requirements Reduce Complexity

Low Level Test Case: LTM + APM + WA, 20 Concurrent Users, SSL Offload >89% Decrease in average page load time. >36% Decrease in outbound Bandwidth consumption. >50% Decrease in per user Bandwidth consumption.

Don t just take my word for it https://f5.com/support/tools/f5-application-speed-tester

Use Cases TMG End of Life Simplification of the current Architecture Complex Authentication requirements Cross-Domain Solution; Multiple SharePoint Farms, Multiple Active Directory Forests, External users LTM+APM+WA for NIPR and SIPR Streamlined farm migration Elimination of point solutions F5 Networks, Inc 29

DoD Certifications FIPS 140-2, DNSSEC, IPV6 NIAP CCC C&A DISA ATO NMCI JWIC s SOCOM & CENTCOM TIC PKE Certification DISA UC-APL (TN#1312201) US Army s IA- APL F5 Networks, Inc 30

Know your FIPS levels? Level 1 Level 2 (L1+) Level 3 (L2+) Level 4 (L3+) Evaluated crypto algorithms and/or random number generators No physical security requirements, can be software only Physical enclosures with pick-resistant locks or tamper-evident stickers Enclosures opaque in the visible spectrum Automatic deletion Kevlar jacketing and EMP-like deletion Hermetically sealed enclosure F5 Networks, Inc 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback