NetScaler MasterClass - September 11
-
Upload
cosmin-streza -
Category
Documents
-
view
432 -
download
4
Transcript of NetScaler MasterClass - September 11
NetScaler Master Class September 2011
Who’s online today?
Some of the Countries represented
• NetScaler Introduction • NetScaler 101 – Load balancing • NetScaler Platforms • In the Spotlight
• NetScaler SDX
• News and Views • Competition?
Agenda
Citrix Confidential - Do Not Distribute
NetScaler Introduction Jason Poole, Business development, EMEA Today!
A short history of applications
• In the beginning... • “I think there is a world market for maybe five computers”
- Thomas J. Watson (IBM, 1943)
• Monolithic Applications Web Applications
The power of Citrix
• Application delivery is our business
• Citrix is ready for delivery of all types of Applications
Application types Citrix delivery optimisation
Monolithic þ Distributed þ Web applications þ
Delivering legacy and Microsoft applications
• Publishing hosted applications • Virtualised applications
• Improves manageability
• Prolongs the life of hardware and software
• Work offline
• An excellent solution made better by Citrix NetScaler and Branch Repeater • Remote access • High Availability • Scalability • Security • Virtualisation
XenApp/XenDesktop: the natural
choice
Not just terminal services!
NetScaler: Simplify Web Application Delivery
Eliminate application downtime
Increase performance by 5x
Block 100% of web attacks
Improve web server utilization by 60%
NetScaler
Performance Offload Security
B2C
• World-class L4-L7 load balancing
• Intelligent service health monitoring
• Caching • Compression
• Connection pooling
• Web 2.0 offload • SSL processing
• Access Gateway SSL VPN
• Application firewall
Availability
B2B
Successful Web Application Delivery with NetScaler
P2P AppExpert Admin
NetScaler
Maximum Application Availability
Load Balancing & L7 Switching - Most technically capable load balancer in the industry Global Sever Load Balancing - Geographic Load Balancing and Disaster Recovery DDoS and Surge Protection - High performance even under heavy DDoS attack - Unexpected peak traffic poses no problem
Application Firewall - Layer 7 firewall for application and data protection
Ensures applications are always available
Improved User Experience
Advanced TCP Optimization - Efficient TCP connection usage to servers AppCache - Static and Dynamic caching AppCompress - Data compression Performance monitoring - End to end application monitoring
Accelerates application delivery by up to 15x or more
Reduced Load on Servers
SSL Offload - Offload encryption processing from servers TCP Multiplexing and Buffering - Offload connection management from serves AppCache - Offload content generation from servers
Supports greater user capacity and more apps with minimal investment
Powering the World’s Most Popular Web Applications
75% Of Internet Users
NetScaler
• Comprehensive vision • First virtual ADC • Reputation for delivering high
performance ADCs with rich feature sets
• Understanding of the applications market space
GMQ: ADC 2010
Citrix Confidential - Do Not Distribute
Customer Satisfaction Survey • Surveyed over 450 IT professionals • Evaluated all customer engagement stages • Respondents had experience with more than
one vendor • Products in deployment for at least six months
Citrix NetScaler #1 In Customer Satisfaction
Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors
BEST Overall Satisfaction BEST Overall Tech Support BEST Overall Value BEST Technology BEST in 16 of 21 Categories
NetScaler
• Pre-Sales Inclusion • Pre-Sales Accuracy • Vision
• Overall Value • Overall Sales & Procurement • Pre-Sales Flexibility • Pre-Sales Commitment • Pre-Sales Responsiveness • Support Responsiveness • Support Knowledge • Support Effectiveness
Best in 5 Categories
BEST in 16 Categories
Best in 0 Categories
Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors
#1 in 16 of 21 Categories
• Deployment Services • Training Effectiveness
• Overall Satisfaction • Overall Tech Support • Technology • Ease of Use • Return on Investment • Investment Protection • Customer Understanding • Sustained Commitment
NetScaler
NetScaler 101 Load Balancing Michael C. Aldridge Lead Systems Engineer EMEA – Network Optimistation & Security
The Concept Load Balancing
• The distribution of user requests across multiple servers.
• Availability • Scalability
A basic setup Load Balancing
• NetScaler • Server Object • Service • Monitor • Load Balancing Virtual Server
• Application Servers
Service
Monitor
vIP Service
Service
Monitor
Monitor
Load Balancing Algorithms (Methods)
Non-Persistent Persistent
• Least connections (default)
• Round robin • Least bandwidth • Least packets • Least response time
• Hashing • Token • LRTM • Load
• Persistence methods are determined based on the method assigned to the service
• Available persistence methods include: • Cookie-insert persistence • Source IP Address persistence • SSL session ID persistence • URL passive persistence • Custom Server ID persistence • Rule-based persistence • Destination IP address persistence • Source/Destination IP address persistence
Persistence Methods
Least Connections Load Balancing Load Balancing Algorithms (Methods)
Service
Service
Service
Service-HTTP-1 Active Transaction = 3
Service-HTTP-2 Active Transaction = 15
Service-HTTP-3 Active Transaction = 0
Requests
Requests – 1, 2, 3, 5, 7
Responses
Responses – 1, 2, 3, 5, 7
Requests – 4, 6, 8
Responses – 4, 6, 8
Supported Protocols
• HTTP
• SSL
• SSL_TCP
• SSL_BRIDGE
• FTP
• TCP
• UDP
• NNTP
• DNS
• ANY
• SIP-UDP
• DNS-TCP
• RTSP
• DHCPRA
• RDP
• MYSQL
• MSSQL
• XA/XD
• ...
For Applications that are TCP-based Monitors
• PING • TCP • HTTP • HTTPS
• UDP-ECV • TCP-ECV • HTTP-ECV • HTTP-INLINE
Summary Monitors
Citrix Confidential - Do Not Distribute
• Layer 2 to 7 • Citrix Specific • Custom defined
• Spillover • Connection-Based • Dynamic • Bandwidth
• Redirect URL • Backup Virtual Servers • Connection Failover
Advanced Load Balancing Options
Demonstration
Questions?
NetScaler Master Class NetScaler Platforms Jason Poole, Business development, EMEA Today!
Packaging
• Editions • Hardware Appliances • Virtual appliances
What’s in the box?
Standard Edi*on
Enterprise Edi*on
Pla*num Edi*on
Web application delivery solution providing advanced
traffic management and powerful application
acceleration
Web application delivery solution designed to deliver mission-critical applications with web application firewall
security, fastest performance, and lowest
cost
Comprehensive L4-7 load balancing and
optimizes expensive server and network resources to
reduce cost
NetScaler Offerings Packaged for broad adoption for all users
NetScaler feature Matrix
Application Availability Platinum Edition Enterprise edition Standard Edition L4 load balancing L7 content switching Database Load balancing AppExpert rate controls IPv6 support Global server load balancing Dynamic Routing protocols Surge Protection Priority queuing
NetScaler feature Matrix Application Acceleration Platinum Edition Enterprise edition Standard Edition Client and server TCP Opt. Citrix AppCompress for HTTP Citrix AppCache Citrix Branch repeater client
Application Security Platinum Edition Enterprise edition Standard Edition L4 DoS protection L7 content filtering HTTP/URL rewrite Access Gateway, SSL VPN L7 DoS defenses AAA for Traffic Management App FW with XML security
Simple Managability Platinum Edition Enterprise edition Standard Edition AppFlow AppExpert visual policy builder AppEXpert service callouts AppExpert templates AppExpert visualisers Role-based administration AAA for administration Configuration wizards Native Citrix Web interface Citrix Command Center Citrix EdgeSight for NetScaler
NetScaler feature Matrix
NetScaler feature Matrix Web 2.0 Optimisation Platinum Edition Enterprise edition Standard Edition Rich Internet application support XML Xpath support Advanced server offload
Lower TCO Platinum Edition Enterprise edition Standard Edition TCP buffering TCP and SQL multiplexing SSL offload and acceleration Cache redirection
Hardware Appliances
Low-end MPX Range: 500 Mbps à 3 Gbps
Citrix Confidential - Do Not Distribute
MPX 5500 – 4x10/100/1000
MPX 7500 – 8x10/100/1000
MPX 9500 – 8x10/100/1000
MPX 7500 – 4x10/100/1000 and 4x1Gbps
MPX 9500 – 4x 10/100/1000 and 4x1Gbps
500 Mbps
1 Gbps
3 Gbps
Mid-range MPX models: 5à15 Gbps
Citrix Confidential - Do Not Distribute
MPX 15500 – 8x10/100/1000 and 8x1GE
MPX 12500 10GE – 8x 1GE and 2x10GE
MPX 15500 10GE – 8x 1GE and 2x10GE
MPX 10500 – 8x10/100/1000 and 8x1GE MPX 10500 10GE – 8x 1GE and 2x10GE
6 Gbps
10 Gbps
15 Gbps
MPX 12500 – 8x10/100/1000 and 8x1GE
High-end MPX range:
Citrix Confidential - Do Not Distribute
MPX 21500 8x10GE
MPX 19500 8x10GE
MPX 17500 8x10GE
20 Gbps
35 Gbps
50 Gbps
New mid-range hardware platforms: 8 à 36 Gbps
Citrix Confidential - Do Not Distribute
MPX 11500 4x10GE + 8x1GE (SFP)
MPX 13500 4x10GE + 8x1GE (SFP)
MPX 14500 4x10GE + 8x1GE (SFP)
MPX 16500 4x10GE + 8x1GE (SFP)
MPX 18500 4x10GE + 8x1GE (SFP)
8 Gbps
12 Gbps
16 Gbps
24 Gbps
36 Gbps
Solutions for Any Size Business
1 Gbps
MPX 7500 3 Gbps
MPX 9500
10 Gbps
MPX 12500
6 Gbps
MPX 10500
15 Gbps
MPX 15500
20 Gbps
MPX 17500
35 Gbps
MPX 19500 50 Gbps
MPX 21500
0.5 Gbps
MPX 5500
0.5 Gbps
8 Gbps
MPX 11500 12 Gbps
MPX 13500 16 Gbps
MPX 14500 24 Gbps
MPX 16500 36 Gbps
MPX 18500
Net
Scal
er P
erfo
rman
ce
100Gbps
40Gbps
20Gbps
1Gbps
100’s Apps / Multi-tenancy Applications 1 10 2 3
10Gbps
1Gb
MPX 7500
MPX 9500
3Gb
NetScaler "Pay as you Grow" Solutions
ENTERPRISE
SERVICE PROVIDER/TELCO/CLOUD + INTERNET CENTRIC
MPX 19500
MPX 21500
MPX 17500
20Gb
35Gb
50Gb
License Upgrade
License Upgrade
3Gbps
MPX 5500
500Mb
SMB
12Gb
MPX 13500
MPX 14500
16Gb
MPX 16500
24Gb
License Upgrade 8Gb
MPX 11500
MPX 18500
36Gb
MPX 15500 15 Gb
MPX 12500 10 Gb
MPX 10500 6 Gb
Virtual NetScaler
Citrix Confidential - Do Not Distribute
Available as a virtual appliance too!
ACCELERATION AVAILABILITY SECURITY OFFLOAD
NetScaler MPX
NetScaler VPX
Acceleration Availability Security Offload
þ þ þ þ
þ þ þ þ
Exactly the same feature set
Delivery Optimization as part of EVERY App
• Faster response *mes
• BeAer security
• Higher availability
• Smaller footprint
• Lower cost
User
Single App with NetScaler VPX
Users
• Network-‐wide ac*ons • SSL offload
• App-‐specific LB • Compression • App firewall
Command Center Centralized Management
Fabric
Same management
Users
Scaling the Web App Fabric
Users
Orchestration and Automation
Company A
Company C
Company B
VPX–Multi-tenancy at a fraction of the cost
Users
Datacenter migration
Users
Cloud Balancing
• Most efficient use of resources • Flexible re-purposing of resources • Dynamic allocation/re-allocation of resources
Flexibility guaranteed
Maximum Tput
NetScaler Standard
NetScaler Enterprise
NetScaler Platinum
NetScaler VPX-Express 5 Mbps þ NetScaler VPX-10 10 Mbps þ þ þ NetScaler VPX-200 200 Mbps þ þ þ NetScaler VPX-1000 1 Gbps þ þ þ NetScaler VPX-3000 3 Gbps þ þ þ
NetScaler VPX Packaging
NetScaler Master Class In the Spotlight NetScaler SDX Uday Veeramachaneni
Are you looking at virtual ADCs for your data center?
Poll Question
SDX Management
SDX and MPX – Major differences
SDX Platforms
SDX Use cases
• All tenants Share a single resource • Traffic domains for network segmentation • Rate limiting for resource isolation • RBA/roles for management isolation • Shared entity space
• NO: • CPU, memory isolation • Version independence • Maintenance independence
Intra-Instance Multi-tenancy
• Complete instance per tenant • Memory, CPU hardwalling • Separate entity spaces • Version independence • Maintenance independence
• Completely isolated networks
NetScaler SDX
• NetScaler SDX license has two components – • Platform license • 5-pack Instance license
• Platform license • Enables platform throughput • Enables 5 instances
• One 5-pack Instance license • Increases instance count by 5
NetScaler SDX - Licensing
What is the box capable of?
• 12 cores total – each core @ 2.2 Ghz
• 16 SSL chips and 48GB RAM
How is it instantiated?
• 10 physical cores are used for PEs
• 2 physical cores for instance management engine, SDX Service VM, XenServer Dom0
SDX Mid Range series (Corinth) SDX Model
Throughput
Number of Instances
18500 36gbps 16
16500 24gbps 16
14500 18gbps 16
13500 12gbps 16
11500 8gbps 16
SDX High end series (Constantinople)
SDX Model
Throughput
Number of Instances
21500 50gbps 16
19500 35gbps 16
17500 20gbps 16
What is the box capable of?
• 12 cores total – each core @ 3.3 Ghz
• 16 SSL chips and 48GB RAM
How is it instantiated?
• 10 physical cores are used for PEs
• 2 physical cores for instance management engine, SDX Service VM, XenServer Dom0
• Each instance is an nCore version of NetScaler with one PE • Requires 2 vCPUs– one for PE and one for management engine • VPX nCore also runs one PE today
• Instance compression and app firewall performance is limited to one core
• Minimum memory – 2GB • Each PE can address 4GB • Additional memory can be assigned for caching
• SSL can be assigned on a per chip basis
• Each instance uses SR-IOV for I/O
What is an SDX Instance?
NetScaler SDX instance with SR-IOV
Xen
Domain0
Drivers
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
NetScaler VPX
VF Driver
• Hardware IO virtualization for networking
• NIC can be carved into virtual instances
• Crypto pass-thru • Bypasses dom0
50 Gb/s Single VIP
50 Gb/s 20 instances
Up to 16Gbps per instance
MPX 21500 Native SDX 21500
SDX Management
SDX and MPX – Major differences
SDX Use cases
SDX Platforms
• Management engine • Networking functionality • HA
How is SDX different from MPX?
• MPX dedicates one core to management • All SDX instances share cores for management • New Service VM to manage appliance level configuration
Management engine
• SDX supports VLANS • VLAN tagging is supported through individual instances. • Ports can be assigned to individual instances. • within an instance, VLANs can be assigned the way they are assigned in a NetScaler today
• SDX supports VLAN filtering and enforcement • SVM can enforce one VLAN tag per interface per instance • 63 VLAN filters supported per 10G interface and 8 VLAN filters per 1G interface
• SDX Instances share NSIP network with service VM IP • Instance NSIPs, SVM IP and XenServer IP all on the same L2 flat network – no Vlans
• Not supported • VMACs, LACP, L2 mode
Networking functions
SDX VLAN filters
• Nic 1/4 sees two VLANs – yellow and red • Yellow goes to instance 1 • Red goes to instance 2
• Within instance 1 – configure VLAN yellow on port 1/4 • Within instance 2 – configure VLAN red on port 1/4.
SDX programs VLANs configured in instances as filters in the NIC • 10G interface supports 63 VLAN filters • 1G interface supports 8 VLAN filters
• Instance level HA
• Active/standby • Active systems can run exist on
both devices
• Active/Active
High Availability
Agenda
SDX Management
SDX Use cases
SDX and MPX – Major differences
SDX Platforms
• Consolidation
• ADC as a service
• Multi-tenancy
SDX use cases
• CPU performance • SSL performance • Disk performance • Memory performance
Consolidation using SDX – four key considerations
SDX for ADC as a service
Router Switch
Router Switch Tenant 2 – basic LB
Tenant 3 - Isolation
NetScaler MPX
NetScaler MPX
App
App
App
App
App Tenant 1 - Features (firewall, Compression etc)
Flex – Tenancy Model Edge Tier
Scale (50Gbps from a single box) Edge networking (GSLB, DoS, filtering)
Flex Tier Full isolation (Per-Tenant) App-specific policies (App F/W, acceleration) Pay-grow packaging
Flex Tier Edge Tier
SDX for ADC as a service All tiers collapse into one using SDX Upto 16Gbps instance performance Hardware SSL Performance
NetScaler SDX
NetScaler SDX
SDX for Multi-Tenant Data Center design
Router Switch
Router Switch LOB 2– basic LB
LOB 3 - Isolation
App
App
App
App
App LOB 1- Features (firewall, Compression etc)
SDX for Multi-Tenant Data Center Each LOB uses its own instance VRF for each tenant can me mapped to each SDX instance
NetScaler SDX
NetScaler SDX
SDX for Multi-Tenant Data Center design
• Tenant Separation • High Availability • Performance and Scalability • Service Assurance
SDX Use cases
SDX Management
SDX and MPX – Major differences
SDX Platforms
NetScaler SDX Management
Device Management Instance Management
• “Hides” XenServer/XenCenter • Both GUI and API (Nitro)
access • Shares core with Dom0 • Appears within Command
Center as a container
Citrix Confidential - Do Not Distribute
NetScaler Service VM
Citrix Confidential - Do Not Distribute
Device Management • Device level stats
• CPU • Memory • Stats
• Instance inventory • Event management • Task management • Auditing
Citrix Confidential - Do Not Distribute
Instance Management
• Instance provisioning • From XVA template repository • Hardwalled resources (CPU, memory, B/W) • Port/interface configuration • SSL Certs • NSIP, MIP, SNIP
• Instance management • Start, stop, reboot, remove • Upgrade (single or multiple) • Running/saved config • Instance resource utilization
NetScaler Master Class News and views
• VPX – get yourself up and running!
What’s hot now!
www.Citrix.com/NetScaler
• VPX – get yourself up and running!
What’s hot now!
• VPX – get yourself up and running! • Fill out the form and get your licence • Apply it • Your ready to Rock!
What’s hot now!
• The benefits of Global server load balancing
Latest blogs
Citrix Confidential - Do Not Distribute
http://blogs.citrix.com/2011/08/31/the-myriad-uses-of-geoip-location-db-gslb-content-switching-responder-and-much-more/
• New security certification for NetScaler!!
Latest blogs
Citrix Confidential - Do Not Distribute
http://blogs.citrix.com/2011/08/31/netscaler-9-3-software-release-now-icsa-labs-certified-huh-what-it-means/
• New Pattern sets for NetScaler application firewall
Latest blogs
Citrix Confidential - Do Not Distribute
http://blogs.citrix.com/2011/09/02/patsets-on-netscaler-and-their-use-for-filtering-on-ip-tables-and-rate-limiting/
What happening in your region?
Citrix Confidential - Do Not Distribute
• Presentation on Cloud-extended data centers
• Jason Poole and Christian Reilly
• Come and see me and say hello
IP Expo
Citrix Confidential - Do Not Distribute
• Business: NetScaler Update - SDX Plattform und Funktionserweiterungen in dem aktuellen Release September, 09th, 11:00-11:30
• Technical: NetScaler Global Server Load Balancing – Hochverfügbarkeit von verteilten Datacentern und Farmen September, 23.rd, 14:00-14:45
• Technical: Optimaler Schutz von Web-Applikationen mit der in NetScaler integrierten Application Firewall October 14th, 14:00-14:45
• Business: Optimierte Netzwerk-Infrastruktur für Desktop Virtualisierung – Herausforderungen und Optimierungspotenziale October, 21st, 11:00-11:30
NetScaler Webinars in German Language
• Citrix Geek Speak Local 08.09.2011 in Dortmund | 20.09.2011 in Wien | 27.09.2011 in Stuttgart | 13.10.2011 in München | 09.11.2011 in Hamburg
• Citrix Virtual Computing Conference 20.09.2011 in CH-Baden / Switzerland
Events & Conferences in DACH
Synergy
www.Citrixsynergy.com
• Want to find out how Apple do it? • What does design do for you?
Competition
“Great design is about creating a deep relationship with your customers. If you don’t, you’re road kill. This book shows you how and much, much more. Be Prepared to have your mind blown.”
- Bill Burnett, Stanford University
Questions?
Citrix Confidential - Do Not Distribute
• October 5 2pm UK time (3pm CET) • NetScaler “101” – GSLB • In the Spotlight – NetScaler DataStream • News and Views -
Master Class October