What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

Similar documents
F5 Synthesis Information Session. April, 2014

Comprehensive datacenter protection

Sichere Applikations- dienste

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Securing and Accelerating the InteropNOC with F5 Networks

Herding Cats. Carl Brothers, F5 Field Systems Engineer

Cloud, SDN and BIGIQ. Philippe Bogaerts Senior Field Systems Engineer

Deploy F5 Application Delivery and Security Services in Private, Public, and Hybrid IT Cloud Environments

Pulse Secure Application Delivery

and public cloud infrastructure, including Amazon Web Services (AWS) and AWS GovCloud, Microsoft Azure and Azure Government Cloud.

Cisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments

Large FSI DDoS Protection Reference Architecture

SaaS. Public Cloud. Co-located SaaS Containers. Cloud

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

A10 DDOS PROTECTION CLOUD

Brocade Application Delivery

F5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures

The Next Opportunity in the Data Centre

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer

Dynamic App Services in Containerized Environments

Features. HDX WAN optimization. QoS

Silverline DDoS Protection. Filip Verlaeckt

OVERVIEW. Virtual Solutions for Your NFV Environment

Cloud Confidence: Simple Seamless Secure. Dell EMC Data Protection for VMware Cloud on AWS

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

How to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud

Management and Orchestration with F5 BIG-IQ 4.5. Philippe Bogaerts F5 Networks

Brocade Application Delivery

The IBM Platform Computing HPC Cloud Service. Solution Overview

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Choosing the Right Cloud Computing Model for Data Center Management

Future-Proof Your Hardware Investment PRESENTED BY:

Improving VDI with Scalable Infrastructure

Advanced threats. "Software defined" everything. Internet of Things. SDDC/Cloud. HTTP is the new TCP. Mobile. F5 Networks, Inc 2

Orchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team

DATACENTER AS A SERVICE. We unburden you at the level you desire

Safeguard Application Uptime and Consistent Performance

A GUIDE TO DDoS PROTECTION

7 Things ISVs Must Know About Virtualization

Solutions Guide. F5 solutions for the emerging 5G landscape

Benefits of Extending your Datacenters with Amazon Web Services

Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Dell EMC Hyper-Converged Infrastructure

Dell EMC Hyper-Converged Infrastructure

Hybrid IT with VMware on IBM Cloud and SoftLayer

EBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud

A Cloud WHERE PHYSICAL ARE TOGETHER AT LAST

F5 and Nuage Networks Partnership Overview for Enterprises

Accelerate Your Enterprise Private Cloud Initiative

Shift CAPEX to OPEX. With an Expedient On-Site Private Cloud

Build application-centric data centers to meet modern business user needs

Enterprise Private Cloud. Fully managed private cloud as a service in your data centre or ours.

Simplifying Security for Mobile Networks

IBM Cloud for VMware Solutions

BIG-IP otse vastu internetti. Kas tulemüüri polegi vaja?

Enterprise Cloud Computing. Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur

TALK THUNDER SOFTWARE FOR BARE METAL HIGH-PERFORMANCE SOFTWARE FOR THE MODERN DATA CENTER WITH A10 DATASHEET YOUR CHOICE OF HARDWARE

THE OPEN DATA CENTER FABRIC FOR THE CLOUD

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Unity EdgeConnect SP SD-WAN Solution

Converged Platforms and Solutions. Business Update and Portfolio Overview

VMWARE CLOUD FOUNDATION: INTEGRATED HYBRID CLOUD PLATFORM WHITE PAPER NOVEMBER 2017

Czas na nowe platformy sprzętowe F5! Dlaczego są to najbardziej programowalne urządzenia ADC na rynku

Dell DVS. Enabling user productivity and efficiency in the Virtual Era. Dennis Larsen & Henrik Christensen. End User Computing

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

F5 VMware Virtual Community Roundtable. VMware Alliance F5

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Cloud Revenue Streams

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Private Cloud Public Cloud Edge. Consistent Infrastructure & Consistent Operations

F5 Networks in the Software Defined DataCenter Era. Paolo Pambianco System Engineer CSP

Security Overview and Cisco ACE Replacement

Enabling Public Cloud Interconnect Services F5 Application Connector

On-Premises Cloud Platform. Bringing the public cloud, on-premises

Service Insertion with ACI using F5 iworkflow

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

MODERNIZE INFRASTRUCTURE

Build Converged Infrastructures With True Systems Management

WHITE PAPER Hybrid Approach to DDoS Mitigation

Matrix IT work Copyright Do not remove source or Attribution from any graphic or portion of graphic

SOLUTION GUIDE. F5 Security Solutions

August 14th, 2018 PRESENTED BY:

VMware vsphere 4.0 The best platform for building cloud infrastructures

CHEM-E Process Automation and Information Systems: Applications

2018 Cisco and/or its affiliates. All rights reserved.

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

HCI mit VMware vsan Radikal einfach und vollständig in die SDDC Strategie integriert

What s New at VMware? The Software-Defined Data Center and Network Virtualization

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Unified Data Center Strategy

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

DATA CENTRE SOLUTIONS

Transcription:

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

Vision: Everything as a service Speed Scalability Speed to Market Cost Shift from CapEx to OpEx Alternative to Outsourcing Support growing requirements Stop paying for what you don t use Secure Legal compliance Encryption Business continuity F5 Agility 2014 5

Hybrid / On-Prem Cloud Physical Technology Shifts are Changing the Data Center SDN / Virtual

Physical Physical

How to Choose the Right Platform F5 Platforms 25M 200M 1G 3G 5G 10G VIPRION 2400 2000 series 4000 series 5000 Series 7000 Series 10000 Series 11000 Series VIPRION 4480 VIPRION 4800 Physical Hybrid Virtual F5 physical ADCs High-performance with specialized and dedicated hardware Physical ADC is best for: Fastest performance Highest scale SSL offload, compression, and accelerated DoS mitigation An all F5 solution: integrated HW+SW Edge and front door services Purpose-built isolation for application delivery workloads Physical + virtual = hybrid ADC infrastructure Ultimate flexibility and performance Hybrid ADC is best for: Transitioning from physical to virtual and private data center to cloud Cloud bursting Splitting large workloads Tiered levels of service F5 virtual editions Provide flexible deployment options for virtual environments and the cloud Virtual ADC is best for: Accelerated deployment Maximizing data center efficiency Private and public cloud deployments Application or tenant-based pods Keeping security close to the app Lab, test, and QA deployments F5 Agility 2014 8

Traditional Physical Deployments Use Virtual Editions for Development and Test Environments Data Center Stage and test with BIG-IP VE Lab before seamlessly moving apps and app configs to production BIG-IPs Development Env. vswitch Hypervisor 10M Lab Devices BIG-IP VE Lab Includes VE LTM VE AFM VE GTM VE APM VE AAM VE ASM F5 Agility 2014 9

Benefit from Adding Virtual Editions to Your Environment 72% 58% 52% 32% Customers indicate BIG-IP Virtual Edition is a valuable addition to their virtual infrastructure 1 Organizations benefited from server consolidation (less hardware) by combining server virtualization with BIG-IP 3 IT organizations increased scalability or availability by using F5 for their cloud deployment 2 Organizations benefited from faster application provisioning by combining server virtualization with BIG-IP 3 F5 Agility 2014 10

EMEA Case Cloud Provider in the Netherlands

Use case: Cloud provider in NL Business: Transforming from managed hosting to cloud services Billing customers on pay per use, based on throughput. (bursting is initially allowed) Target: Government and financial institutions Delivers: www, SharePoint and Office 365 Access over IPv4 and IPv6 USP: keeps customer data within Dutch national borders F5 Agility 2014 12

F5 usage and benefits Tier 1 LTM AFM ASM BIG-IP Local Traffic Manager BIG-IP Advanced Firewall Manager BIG-IP Application Security Manager Customer Load Balancing SSL Offloading DDoS Protection Firewall Tier 2 Firewall SSL Offloading Loadbalancing Web Application Firewall Services Internet VIPRION Platform Shared Cloud Services Consolidated architecture through less vendors. Dedicated (per Customer) Cloud Services Applications IPv4 and IPv6 support Same Layer 4 7 functionality, whatever footprint used. Potential to expand business use case by adding more Layer 4 7 functions F5 Agility 2014 13

Hybrid / On-Prem Hybrid On-Prem Physical

Hybrid Deployment Physical + On-Prem Virtual ADCs Data Center Deploy hardware on the edge of the datacenter for high-volume traffic management and L4 security Deploy VEs closer to the apps for right-sized app services Devices Load Balance SSL Offload HW Compression L4 DoS BIG- IQ RES T DC Orchestration & Automation (ex. vcd, vco) Virtual Infrastructure Hypervisor vswitch F5 Agility 2014 15

Physical + Virtual On-Premise ADCs The Ultimate in Flexibility and Performance 20 mins Deploy Virtual Editions in 20 Minutes Achieve Workload and Fault Isolation Consolidate App Services on Existing Servers F5 Agility 2014 16

F5 Solution: Deploy Virtual Editions in 20 Minutes Today, we can spin up a pair of BIG-IP LTM Virtual Edition instances with all of the configuration parameters we need in just 20 minutes. -Charlie Wehner, Network Engineer, Cerner Key benefits of F5 Isolates the risk of downtime to a per-client basis Speeds provisioning time to 20 minutes Uses IT staff more efficiently and effectively Reduces time to deployment F5 Reference Architectures Application Services View on F5.com F5 Agility 2014 17

F5 Solution: Deploy Virtual Editions Instantly Virtual Infrastructure Deploy Virtual Edition instances instantly with VE License Pools and BIG-IQ Hypervisor vswitch F5 licensing server BIG-IQ 25 Pack of LTM-VE-200M BIG-IQ manages licensing for all VEs in all pools. (3) x 25 Pack of BEST-VE-1G F5 Agility 2014 18

Gary-Physical + Virtual On-Premise ADCs The Ultimate in Flexibility and Performance 20 mins Deploy Virtual Editions in 20 Minutes Achieve Workload and Fault Isolation Consolidate App Services on Existing Servers F5 Agility 2014 19

Customer Challenge: Workload and Fault Isolation Different organizational groups needs access to shared infrastructure 1 An application failure, DoS attack, or misconfiguration 2 Data Center 2 Could cause the failure of the physical device front-ending several applications Devices 3 3 Affecting all applications Web Apps 1 F5 Agility 2014 20

F5 Solution: Achieve Workload and Fault Isolation with Data Center Virtual Editions 1 2 An application failure, DoS attack, or misconfiguration Could cause the failure of the virtual edition Devices 3 BIG- IQ RES T DC Orchestration & Automation (ex. vcd, vco) Virtual Infrastructure 2 1 Web Apps 3 Without impacting the physical device frontending the network F5 Agility 2014 21

Physical + Virtual On-Premise ADCs The Ultimate in Flexibility and Performance 20 mins Deploy Virtual Editions in 20 Minutes Achieve Workload and Fault Isolation Consolidate App Services on Existing Servers F5 Agility 2014 22

Consolidate App Services on Existing Servers New Physical ADC New Virtual ADC Higher Time to Deploy ADC Rapid No rack and stack time Just boot the VE Yes Additional Rack Space Required No Leverage existing servers with a virtual footprint as small as 7GB Yes Additional Power and cooling Required No Maximize power efficiency of your current infrastructure F5 Agility 2014 23

DDOS Hybrid On-Premise Use Cases

DDoS protection reference architecture hybrid enterprise Next-Generation Firewall Corporate Users Tier 2: Protecting L7 and apps Tier 1 Protecting L7 Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Network attacks: ICMP flood, UDP flood, SYN flood DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Network and DNS IPS HTTP attacks: Slowloris, slow POST, recursive POST/GET Virtualized Web Application Firewall provides fault isolation + Compliance Web Server Financial Services E- Commerce Subscriber Threat Threat Feed Intelligence Feed Intelligence Customers can run VE on the existing hypervisors already supporting their app infrastructure Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Agility 2014 25

DDoS protection reference architecture hybrid enterprise TIER 0 KEY FEATURES Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Volumemetric defense Protects line Provides clean pipe Mitigates volumetric DDoS attacks F5 Agility 2014 26

DDoS protection reference architecture hybrid enterprise Next-Generation Firewall Corporate Users TIER 1 KEY FEATURES Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Threat Threat Feed Intelligence Feed Intelligence Network attacks: ICMP flood, UDP flood, SYN flood DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Tier 1 Tier 2 The first tier at the Network and DNS IPS SSL attacks: perimeter SSL renegotiation, is layer 3 SSL flood and 4 network firewall services Simple load balancing Application to a second tier HTTP attacks: Slowloris, slow POST, recursive POST/GET IP reputation database Mitigates volumetric and DNS DDoS attacks Financial Services E- Commerce Subscriber Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Agility 2014 27

DDoS protection reference architecture hybrid enterprise Corporate Users Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Threat Threat Feed Intelligence Feed Intelligence TIER 2 KEY FEATURES Tier 1 The second tier is for Network attacks: application-aware, ICMP flood, UDP flood, SYN flood CPU-intensive defense mechanisms SSL termination Network and DNS DNS attacks: Virtualized DNS web amplification, query flood, application firewall dictionary attack, DNS poisoning provides fault isolation Mitigate asymmetric and SSL-based DDoS attacks IPS Tier 2: Protecting L7 and apps HTTP attacks: Slowloris, slow POST, recursive POST/GET Protecting L7 Virtualized Web Application Firewall provides fault isolation + Compliance Web Server Customers can run VE on the existing hypervisors already supporting their app infrastructure Financial Services ASM E- Commerce Subscriber Scanner Anonymou s Proxies Anonymou s Requests Botnet Attacker s Strategic Point of Control F5 Agility 2014 28

DDoS protection reference architecture hybrid enterprise Next-Generation Firewall Corporate Users Tier 2: Protecting L7 and apps Tier 1 Protecting L7 Legitimate Users DDoS Attacker Multiple ISP strategy ISPa/b Cloud Scrubbing Service Network attacks: ICMP flood, UDP flood, SYN flood SSL attacks: SSL renegotiation, SSL flood DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Network and DNS IPS HTTP attacks: Slowloris, slow POST, recursive POST/GET Virtualized Web Application Firewall provides fault isolation + Compliance Web Server Financial Services E- Commerce Subscriber Threat Threat Feed Intelligence Feed Intelligence Customers can run VE on the existing hypervisors already supporting their app infrastructure Scanner Anonymous Proxies Anonymous Requests Botnet Attackers Strategic Point of Control F5 Agility 2014 29

Hybrid / On-Prem Cloud Cloud Physical

F5 in Amazon Web Services Marketplace F5 and Amazon Web Services (AWS) have partnered to help you rapidly deploy application workloads without incurring the capital expenditures of new infrastructure. You can now deploy the F5 BIG-IP platform in the AWS cloud utilizing either your own license via Bring Your Own License (BYOL) or an hourly license. F5 Agility 2014 31

F5 Offerings in AWS Good Better Best GBB Offering Offerings Component Offerings Virtual Editions Offerings $/Hr. Good Better Best 25M $0.33 $0.83 $1.33 200M $0.83 $1.67 $2.50 1G $1.67 $2.29 $3.06 Hourly based Good, Better, or Best Instances Virtual Editions Lab 25M 200M 1G BIG-IP Versions 25M 200M 1G BIG-IP Versions: F5 Agility 2014 32

Hybrid / On-Prem Cloud SDN / Virtual SDN / Virtual Physical

Enterprise Software Defined Data Center Virtual Deployment Model Deploy private clouds Accelerate deployments and dynamic changes between DCs Implement DR architectures Minimize CAPEX and OPEX Keep security close to applications Different groups protected against misconfigurations Clients BIG- IQ Virtual Infrastructure Hypervisor vswitch Data Center RES T DC Orchestration & Automation (ex. vcd, vco) RECOMMENDED VE CONFIGURATIONS 25M to 1G VE per app + Better or Best offer with VE License Pools Hypervisor vswitch 25M 200M 1G F5 Agility 2014 34

Cerner: Enterprise Software Defined Data Center Redundant F5 VE instances per major customer for Risk Mitigation With 300 customers, we deployed an HA VE pair (A/S) for each customer replacing Cisco physical appliances With a software defined data center from F5, Cerner reduces the risk for major outages by eliminating single points of failure User Clients Internet or Customer WAN Software Defined Data Center Active Directory Web Interface Servers Citrix XenApp Servers XML Brokers Zone Data Collector F5 Agility 2014 35 LTM LTM BIG-IP Local Traffic Manager A/S HA Pair

Evolve Your Data Center with Software Defined Application Services from F5 Programmability Data Plane Control Plane Management Plane Virtual Edition Appliance Chassis Network [Physical Overlay SDN] F5 Agility 2014 36

F5 Virtual Editions

F5 Virtual Editions Product Portfolio F5 offers virtual editions of every market-leading product with the same code, advanced application delivery services, and breadth of features. Virtual Editions F5 Agility 2014 38

F5 s delivers unmatched flexibility and performance across all major hypervisors VMware vsphere KVM and Community Xen Citrix XenServer Microsoft Hyper-V Amazon AWS Lab 25M 200M 1G 3G 5G 10G F5 Agility 2014 39

Get Started

Try BIG-IP Virtual Edition in Your Environment https://f5.com/trials 100 % 90 Download Free Trial 90-day BIG-IP LTM VE Free Trial 30 Get an Eval. License 30-day Virtual Edition evaluation licenses of all solutions Buy BIG-IP for your Lab Low-cost BIG-IP lab license F5 Agility 2014 41

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback