Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Similar documents
Citrix Tech Zone Citrix Product Documentation docs.citrix.com November 13, 2018

Azure MFA Integration with NetScaler

Comprehensive Citrix HDX visibility powered by NetScaler Management and Analytics System

Design and deliver cloud-based apps and data for flexible, on-demand IT

Your Adoption Kit for Citrix Workspace Standard

XenApp, XenDesktop and XenMobile Integration

White Paper Taking Windows Mobile on Any Device Taking Windows Mobile on Any Device

How to buy or cancel the XenDesktop Essentials Service

Oracle PeopleSoft 9.2 with NetScaler for Global Server Load Balancing

Citrix CloudBridge Product Overview

Configuring and Delivering Salesforce as a managed application to XenMobile Users with 3 rd Party SAML IDP (Identity Provider)

Configuring and Delivering ServiceNow as a managed application to XenMobile Users with 3 rd Party SAML IDP (Identity Provider)

Deploying Virtual Apps and Desktops with Citrix Provisioning using Oracle Cloud Infrastructure

XenApp 7.x on Oracle Cloud Infrastructure

Citrix ADC Web App Firewall Service

Maximize your investment in Microsoft Office 365 with Citrix Workspace

Features. HDX WAN optimization. QoS

Augmenting security and management of. Office 365 with Citrix XenMobile

Optimizing your network for the cloud-first world

NetScaler Management and Analytics System service trial account checklist

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Welcome to your Citrix User Adoption Kit

Deploying NetScaler with Microsoft Exchange 2016

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Maximize your move to Microsoft in the cloud

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Welcome to your Citrix Endpoint Management (formerly XenMobile) User Adoption Kit

Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)

Connectivity to Cloud-First Applications

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

What is an application delivery controller?

Desktop virtualization for all

Building a Software-defined WAN with NetScaler SD-WAN

Why the Cloud is the Network

WHITE PAPER. Applying Software-Defined Security to the Branch Office

APP-ID. A foundation for visibility and control in the Palo Alto Networks Security Platform

Citrix XenApp and XenDesktop 7.6 LTSR FIPS Sample Deployments

Deploying Cisco SD-WAN on AWS

ShareFile Account Admin Guide

Citrix XenMobile and Windows 10

Deployment Guide. Policy Engine (PE) Deployment Guide. A Technical Reference

Accelerate Transportation Services with Citrix Mobile Access, High Availability and Centralized IT

Citrix Education Learning Journey

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

10 ways to securely optimize your network. Integrate WAN acceleration with next-gen firewalls to enhance performance, security and control

Empower a Mobile Workforce with Secure App Delivery

A comprehensive security solution for enhanced mobility and productivity

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Simplifying WAN Architecture

Citrix XenApp and XenDesktop 7.15 LTSR FIPS Sample Deployments

Five reasons to choose Citrix XenServer

Dynamic WAN Selection

Mobilize with Enterprise Security and a Productive User Experience

Total Threat Protection. Whitepaper

Guide to Deploying NetScaler as an Active Directory Federation Services Proxy

Unity EdgeConnect SP SD-WAN Solution

EdgeConnectSP The Premier SD-WAN Solution

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Unified Endpoint Management: Security and productivity for the digital workspace

Citrix Education Learning Journey

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

C O M P E T E A T Y O U R P E A K

Configuring and Delivering AetherPal as a managed application to XenMobile ios Users for Mobile Support.

DEPLOYMENT GUIDE Amazon EC2 Security Groups. Deployment Guide. Security Groups Amazon EC2.

Increase MPLS and SD-WAN Speeds and Reduce Operating Costs

The scalability and economics of delivering Citrix Virtual App and Desktop services from Microsoft Azure

A simple, cost-effective way to transition your workloads to the cloud

Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers

Installation Guide. Citrix License Server VPX v1.01

User Management Tool

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Cisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments

Deliver Office 365 Without Compromise

Citrix Consulting. Guide to Consulting Methodology and Services

VM-SERIES FOR VMWARE VM VM

The Essential Guide to Preparing Your Network for the Cloud. How to meet your network requirements at every step of your cloud transformation.

Acceleration Performance Tests for IBM Rational ClearTeam Explorer

Cato Networks. Network Security as a Service

Solution Overview Gigamon Visibility Platform for AWS

Mitigating Branch Office Risks with SD-WAN

SEVONE DATA APPLIANCE FOR EUE

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Your Adoption Kit for Citrix Workspace Premium

Hybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

SEVONE END USER EXPERIENCE

Corente Cloud Services Exchange

Benefits of SD-WAN to the Distributed Enterprise

DEPLOYMENT GUIDE XenApp, Avaya 1X Agent. Deployment Guide. Avaya 1X Agent R2 SP2. XenApp 6.0.

SaaS Providers. ThousandEyes for. Summary

Evolution of connectivity in the era of cloud

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Unity EdgeConnect SD-WAN Solution

Build application-centric data centers to meet modern business user needs

Deliver Office 365 Without Compromise Ensure successful deployment and ongoing manageability of Office 365 and other SaaS apps

Stevens Institute of technology and Citrix. Fast Remote Access to Graphics-Intensive Applications

Nuage Networks Product Architecture. White Paper

Transcription:

Solution Brief Citrix SD-WAN for Optimal Office 365 Connectivity and Performance Evolving Needs for WAN Network Architecture Enterprise networks have historically been architected to provide users access to applications and data hosted in private datacenters. For Internet traffic, the WAN network can act as a gateway for access to the Internet but, because of the security requirements, the resulting large networking security stack is typically hosted in the remote datacenter. As a result, Internet traffic for branch offices is often centralized and backhauled over the WAN taking a hairpin route through the datacenter. This model was necessary and worked well for providing access from users within the branch to on-premises centralized apps such as email and document sharing. For traditional Internet browsing, this centralized model with remote security stack was also adequate, as the performance and scale demands of recreational Internet use were moderate at best. As enterprise adoption for mission critical, high performance SaaS apps such as Office 365 at scale continues to increase and employees are more distributed, the traditional method of backhauling traffic to centralized hub locations for network egress/breakout creates high latency and congested links leading to a poor user experience. Applying traditional network security inspection controls including inline decryption of traffic on complex SaaS protocols used by Exchange Online, SharePoint Online, and Skype for Business/Microsoft Teams is not at all effective and often leads to not just unnecessary overhead and performance bottlenecks, but also causes interoperability problems, availability issues, and in many cases supportability challenges. In addition, backhauling both SaaS and enterprise applications over traditional network architectures like MPLS is costly and adds complexity. WAN Network Challenges with Office 365 Data Center Microsoft Network Branch Office Internet 3rd Party Secure Gateway Cloud Service Citrix.com 1

Improving Branch Office User Experience with Microsoft In order to minimize latency caused by backhauling traffic through the datacenter, organizations can now enable direct Internet breakout of Office 365 applications from office locations. This also frees up WAN links for other traffic. Microsoft s concept brings their services as close to their customers users as possible by directing connections to the closest front door of their Office 365 services, which have a significantly wider reach than the limited set of datacenters where the data for a particular user is stored and replicated. As part of the Microsoft cloud, over 130 edge nodes, or points of presence (PoPs), stretch across the world allowing customers to connect into the nearest Office 365 entry point, which performs many tasks for network and application experience optimization before the requests are relayed to the datacenter where user data is located. Office 365 service front doors do not need to be where back-end Office 365 servers are located; the choice of front door can and should be as close to the office location as possible to provide the best user experience. In addition, Microsoft peers with 2,700 ISPs globally across more than 190 locations to streamline traffic and reduce the distance it has to travel before reaching Microsoft s network. The ability to identify Office 365 traffic means that other Internet traffic and traffic to other customer destinations can be handled according to customer policies and don t have to be tightly coupled with Office 365. This allows a very attractive concept where network connections are routed and handled in accordance with business policies, trust level in the application itself, user experience requirements, etc. For example, a customer may want general Internet browsing traffic or unknown application traffic to be forwarded to a Secure Web Gateway, cloud proxy, or remote datacenter, while trusted Office 365 experience for Exchange Online can be routed locally and directly to Microsoft over the Internet and secured with Office 365 s native security features. This ability to quickly identify key connections and treat them at the network level in accordance with business- and application-centric logic is the key differentiator of the SD-WAN technology. An Optimized Approach to Office 365 with SD-WAN Citrix is partnering with Microsoft to support its Office 365 Connectivity Principles with its SD-WAN solution providing reliable connections directly from office locations to the nearest Office 365 PoPs. The Microsoft Office 365 Endpoints web service publication provides Microsoft s Office 365 endpoint URLs and IP addresses. With support for new Microsoft APIs, Citrix SD-WAN uses the endpoint data to enable direct routing of Internet traffic from the branch to Office 365 PoPs. The ability of Citrix SD-WAN to classify Office 365 traffic on the first packet and then steer it to the nearest Office 365 point of entry gives customers the most optimal overhead-free approach that is gated only by the laws of physics. SD-WAN s traffic steering and monitoring capabilities provide easy policy administration of Office 365 detection on the first packet to enable local egress and visibility into the flow. There is no need to send traffic through a secure web gateway, as Microsoft provides Office 365 native security features to reduce the network security 2

Local Egress of Office 365 using SD-WAN Internet DNS {api} Citrix SD-WAN (Branch) risk including Data Loss Prevention, Anti-Virus, Multi-Factor Authentication, Customer Lock Box, Advanced Threat Protection, Office 365 Threat Intelligence, Office 365 Secure Score, Exchange Online Protection, and Network DDOS Security. Eliminating hairpinning of key Office 365 experiences through remote cloud datacenters, network security virtual appliances, proxies, and secure web gateways in favor of direct routing from user location directly to the Microsoft network is one of Microsoft s recommendations for minimizing latency and improving user performance with Office 365 SaaS applications. Managing Bandwidth Through URL Categorization The URLs requiring the highest amount of optimization create the largest load on the network links, negatively impacting performance. To provide a more optimized path with direct egress, URL categorization helps provide policies for directing traffic to the appropriate endpoints to reduce the network bandwidth challenges. Therefore, URLs are now categorized into the following three groups to help customers deal with the endpoints in specific ways according to the needs of the endpoint and the business. 1. Requiring an Optimized Path A small number of endpoints require low latency unimpeded connectivity, which should bypass proxy servers, network SSL break and inspect devices, and network hairpins. Even though a very small number of URLs actually require the highest levels of optimization, they account for 75-90% of Office 365 bandwidth, connection, and transaction count. These core endpoints will put massive load on traditional proxy infrastructure and/or require an optimized path provided by direct egress. 3

2. Needing Low Latency Unimpeded Connectivity A larger number of endpoints benefit from low-latency unimpeded connectivity. Although not expected to cause failures, it is recommended to bypass proxy servers, network SSL break and inspect devices, and network hairpins. Good connectivity to these endpoints is required for Office 365 to operate normally. 3. Directed by Default Other Office 365 endpoints can be directed to the default Internet egress location for the organization s WAN. To further reduce latency caused by DNS requests to a DNS server that is farther away or busy, ensure that Microsoft connects your clients to resources based on their location with local DNS resolution. To reduce the time to query a DNS server to find out where the actual tenant is, SD-WAN in the branch can perform DNS locally or, if using a cloud proxy, perform DNS at the proxy. Support for Azure Policies For Office 365 customers who also use Microsoft Azure, Citrix SD-WAN can obtain Office 365 policy settings directly from Azure via Microsoft s REST API. Citrix SD-WAN leverages these policies from Azure to split the traffic locally, provide categorization to either optimize (for select URLs) or allow, and then egress to the nearest Office 365 front door. Citrix SD-WAN provides enterprises the ability to do local breakout of all their Office 365 traffic for all their branches simultaneously to minimize latency. Azure Virtual WAN and SD-WAN Integration Virtual WAN DNS {api} Citrix SD-WAN (Branch) 4

Ease of Deployment Citrix makes Office 365 networking optimization extremely easy to deploy through a combination of automation and simplified configuration. Citrix SD-WAN offers a fully automated solution, REST API integration, automatic creation of all the necessary low-level DNS and data traffic-steering policies, and NAT and firewall rules. A very simple, easy-to-use screen provides top-level configuration to enable Office 365 optimization with three connection options for local breakout. The simple configuration and sophisticated backend functionality reduces the time it takes to get up and running. Enterprise Sales North America 800-424-8749 Worldwide +1 408-790-8000 Locations Corporate Headquarters 851 Cypress Creek Road, Fort Lauderdale, FL 33309, United States Silicon Valley 4988 Great America Parkway, Santa Clara, CA 95054, United States 2018 Citrix Systems, Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All other marks are the property of their respective owner(s). 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback