Professional Documents
Culture Documents
September 2011
Agenda
NetScaler Introduction NetScaler 101 Load balancing NetScaler Platforms In the Spotlight
NetScaler SDX
NetScaler Introduction
Jason Poole, Business development, EMEA Today!
Monolithic Applications
Web Applications
Improves manageability Prolongs the life of hardware and software Work offline
NetScaler
B2C
Availability
B2B World-class L4-L7 load balancing Intelligent service health monitoring P2P
Performance
Offload
Security
Caching Compression
AppExpert Admin
NetScaler
Application Firewall
- Layer 7 firewall for application and data protection
Advanced TCP Optimization - Efficient TCP connection usage to servers AppCache - Static and Dynamic caching AppCompress - Data compression Performance monitoring - End to end application monitoring
SSL Offload
- Offload encryption processing from servers
AppCache
- Offload content generation from servers
Supports greater user capacity and more apps with minimal investment
75%
Of Internet Users
NetScaler
BEST Overall Satisfaction BEST Overall Tech Support BEST Overall Value BEST Technology BEST in 16 of 21 Categories
Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors
NetScaler
#1
in 16 of 21 Categories
Overall Satisfaction Overall Tech Support Technology Ease of Use Return on Investment Investment Protection Customer Understanding Sustained Commitment Overall Value Overall Sales & Procurement Pre-Sales Flexibility Pre-Sales Commitment Pre-Sales Responsiveness Support Responsiveness Support Knowledge Support Effectiveness
BEST in
16 Categories
Best in 5 Categories Best in 0 Categories
Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors
NetScaler
NetScaler 101
Load Balancing
Michael C. Aldridge
Lead Systems Engineer EMEA Network Optimistation & Security
Load Balancing
The Concept
Load Balancing
A basic setup
NetScaler
Server Object Service Monitor Load Balancing Virtual Server
Service
Monitor
vIP
Service
Monitor
Application Servers
Service
Monitor
Persistent
Hashing
Persistence Methods
Persistence methods are determined based on the method assigned to the service Available persistence methods include:
Cookie-insert persistence Source IP Address persistence SSL session ID persistence URL passive persistence Custom Server ID persistence Rule-based persistence Destination IP address persistence Source/Destination IP address persistence
Service
Requests 4, 6, 8 Service-HTTP-2 Active Transaction = 15 Responses Requests Requests 1, 2, 3, 5, 7 Responses 1, 2, 3, 5, 7 Service-HTTP-3 Active Transaction = 0
Service
Service
Supported Protocols
HTTP SSL SSL_TCP SSL_BRIDGE FTP TCP UDP NNTP DNS ANY SIP-UDP DNS-TCP RTSP DHCPRA RDP MYSQL MSSQL XA/XD ...
Monitors
For Applications that are TCP-based
Monitors
Summary
Demonstration
Questions?
Packaging
NetScaler Offerings
Standard
Edi*on
Comprehensive L4-7 load balancing and optimizes expensive server and network resources to reduce cost
Enterprise
Edi*on
Web application delivery solution providing advanced traffic management and powerful application acceleration
Pla*num
Edi*on
Web application delivery solution designed to deliver mission-critical applications with web application firewall security, fastest performance, and lowest cost
Lower TCO TCP buffering TCP and SQL multiplexing SSL offload and acceleration Cache redirection
Platinum Edition
Enterprise edition
Standard Edition
Hardware Appliances
500 Mbps
MPX 7500 8x10/100/1000 MPX 7500 4x10/100/1000 and 4x1Gbps
1 Gbps
MPX 9500 8x10/100/1000 MPX 9500 4x 10/100/1000 and 4x1Gbps
3 Gbps
6 Gbps
MPX 12500 8x10/100/1000 and 8x1GE MPX 12500 10GE 8x 1GE and 2x10GE
10 Gbps
MPX 15500 8x10/100/1000 and 8x1GE MPX 15500 10GE 8x 1GE and 2x10GE
15 Gbps
20 Gbps
MPX 19500 8x10GE
35 Gbps
MPX 21500 8x10GE
50 Gbps
8 Gbps
MPX 13500 4x10GE + 8x1GE (SFP)
12 Gbps
MPX 14500 4x10GE + 8x1GE (SFP)
16 Gbps
MPX 16500 4x10GE + 8x1GE (SFP)
24 Gbps
MPX 18500 4x10GE + 8x1GE (SFP)
36 Gbps
Citrix Confidential - Do Not Distribute
MPX 21500 50 Gbps MPX 19500 35 Gbps 36 Gbps MPX MPX 16500 17500
0.5 Gbps
20 Gbps 24 Gbps MPX 14500 MPX 15500 MPX 13500 MPX 12500 15 GGbps 16 bps
MPX 11500 MPX 10500 MPX 9500 MPX 7500 MPX 5500 0.5 Gbps 1 Gbps 3 Gbps 8 Gbps 6 Gbps
12 Gbps 10 Gbps
40Gbps
50Gb
NetScaler Performance
20Gbps
ENTERPRISE
MPX 14500 MPX 13500 16Gb 10 Gb 24Gb MPX 15500 15 Gb
License Upgrade
10Gbps
MPX 11500 MPX 10500 MPX 9500
8Gb 3Gb
License Upgrade
3Gbps
SMB
1Gbps
MPX 5500
500Mb 1 2 3
10
Applications
Virtual NetScaler
User
Same management
Fabric
Users
Users
Users
Company B
Company C
Datacenter migration
Users
Cloud Balancing
Users
Flexibility guaranteed
Most efficient use of resources Flexible re-purposing of resources Dynamic allocation/re-allocation of resources
Poll Question
SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management
Intra-Instance Multi-tenancy
All tenants Share a single resource
Traffic domains for network segmentation Rate limiting for resource isolation RBA/roles for management isolation Shared entity space
NO:
CPU, memory isolation Version independence Maintenance independence
NetScaler SDX
Complete instance per tenant
Memory, CPU hardwalling Separate entity spaces Version independence Maintenance independence
Platform license
Enables platform throughput Enables 5 instances
Instance compression and app firewall performance is limited to one core Minimum memory 2GB
Each PE can address 4GB Additional memory can be assigned for caching
SSL can be assigned on a per chip basis Each instance uses SR-IOV for I/O
Domain0
Drivers
Bypasses dom0
SDX 21500
50 Gb/s
Single VIP
50 Gb/s
20 instances Up to 16Gbps per instance
SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management
Management engine MPX dedicates one core to management All SDX instances share cores for management New Service VM to manage appliance level configuration
Networking functions
SDX supports VLANS
VLAN tagging is supported through individual instances. Ports can be assigned to individual instances. within an instance, VLANs can be assigned the way they are assigned in a NetScaler today
Not supported
VMACs, LACP, L2 mode
Within instance 1 configure VLAN yellow on port 1/4 Within instance 2 configure VLAN red on port 1/4.
Nic 1/4 sees two VLANs yellow and red Yellow goes to instance 1 Red goes to instance 2
SDX programs VLANs configured in instances as filters in the NIC 10G interface supports 63 VLAN filters 1G interface supports 8 VLAN filters
High Availability
Instance level HA Active/standby
Active systems can run exist on both devices
Active/Active
Agenda SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management
Consolidation using SDX four key considerations CPU performance SSL performance Disk performance Memory performance
Scale (50Gbps from a single box) Edge networking (GSLB, DoS, filtering)
Flex Tier
App
Full isolation (Per-Tenant) App-specific policies (App F/W, acceleration) Pay-grow packaging
App
All tiers collapse into one using SDX Upto 16Gbps instance performance Hardware SSL Performance
Tenant 3 Isolation
App
Edge Tier
Flex Tier
Each LOB uses its own instance VRF for each tenant can me mapped to each SDX instance
App
App
NetScaler SDX
LOB 3 - Isolation
App
SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management
Device Management
Instance Management
NetScaler Service VM
Hides XenServer/XenCenter Both GUI and API (Nitro) access Shares core with Dom0 Appears within Command Center as a container
Device Management
Device level stats
CPU Memory Stats
Instance Management
Instance provisioning
From XVA template repository Hardwalled resources (CPU, memory, B/W) Port/interface configuration SSL Certs NSIP, MIP, SNIP
Instance management
Start, stop, reboot, remove Upgrade (single or multiple) Running/saved config Instance resource utilization
www.Citrix.com/NetScaler
Latest blogs
The benefits of Global server load balancing
http://blogs.citrix.com/2011/08/31/the-myriaduses-of-geoip-location-db-gslb-contentswitching-responder-and-much-more/
Citrix Confidential - Do Not Distribute
Latest blogs
New security certification for NetScaler!!
http://blogs.citrix.com/2011/08/31/ netscaler-9-3-software-release-now-icsa-labscertified-huh-what-it-means/
Citrix Confidential - Do Not Distribute
Latest blogs
New Pattern sets for NetScaler application firewall
http://blogs.citrix.com/2011/09/02/patsets-onnetscaler-and-their-use-for-filtering-on-iptables-and-rate-limiting/
Citrix Confidential - Do Not Distribute
IP Expo
Presentation on Cloudextended data centers Jason Poole and Christian Reilly Come and see me and say hello
Synergy
www.Citrixsynergy.com
Competition
Want to find out how Apple do it? What does design do for you?
Great design is about creating a deep relationship with your customers. If you dont, youre road kill. This book shows you how and much, much more. Be Prepared to have your mind blown. - Bill Burnett, Stanford University
Questions?