200 likes | 339 Views
Blue Coat Systems. Securing and accelerating the Remote office Matt Bennett. Challenge: How to Reliably Deploy Applications Across Distributed Enterprise, While Reducing Costs?. The Business of IT. Applications. Delivered over the Network. Experienced by Users.
E N D
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett
Challenge: How to Reliably Deploy Applications Across Distributed Enterprise, While Reducing Costs? The Business of IT • Applications • Delivered over the Network • Experienced by Users • And Keep it Fast and Safe too!
Common Themes • Application Deployment Velocity • Everything Web (Evolving) • End to end encryption • Ubiquitous Access (application utility infrastructure) • Strategic application platform for all services • Distributed Enterprise • Use of the public infrastructure (Emerging) • Business centric Internet based services • Employee / Partner / Customer Access • Lower cost of bandwidth • Reducing Cost • Data Center / File Server Consolidation (Maturing) • Operational / License / Infrastructure cost savings
CONTROL • Fine-grained policy for applications, protocols, content & users (allow, deny, transform, etc) • Granular, flexible logging • Authentication integration • PROTECT • Prevent spyware, malware & viruses • Stop DoS attacks • IE vulnerabilities, IM threats • ACCELERATE • Caching • BW Shaping, Compression, Protocol Optimization • Sequence, Object & Predictive Caching & & Full Protocol Termination = Total Visibility & Context (HTTP, HTTPS, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS) Ultimate Control for Application Sessions The Power of the Proxy™
Gateway Proxy Application-Front-End Proxy Internet Branch Office Proxy Head-End Proxy Internet Users Sessions Visibility, Control & Acceleration Branch Branch Datacenter WAN Branch Office Proxy Expanded Focus to: All Users & Apps Sessions Visibility, Control & Acceleration Expanding the Proxy Solution Customers Enterprise Application Servers Deposits Public Web Servers Checking Loans Remote Users Investment Advisors Loan Agents Tellers
Proxy Solutions for the Distributed Enterprise • Get “bad” sessions off the network first Built on Blue Coat Proxy Architecture
Internet Branch Branch Datacenter Internal WAN #1 Get “Bad” Sessions Off the Network • Why? • No business wants viruses, worms, spyware, porn, P2P, MP3s … • How? • Policy control and authentication • URL filtering • AV Scanning • Spyware prevention • IM, P2P blocking and control • Next! More session-level knowledge for specific web-apps
Proxy Solution for the Distributed Enterprise • Get “bad” sessions off the network • Keep “good” content local Built on Blue Coat Proxy Architecture
Internet Branch Branch Datacenter Internal WAN #2 Keep Good Content Local • Why? • LAN access will always be better than over the WAN • How? • Web (HTTP/FTP) Caching • Secure Web (HTTPS) Caching • Streaming Caching and Splitting • Next! File Services (CIFS) Caching • Next! MAPI Proxy • Next! Byte Caching • Next! More customized application-level caching for specific web-apps
Proxy Solution for the Distributed Enterprise • Get “bad” sessions off the network • Keep “good” content local • Maintain control of encrypted sessions Built on Blue Coat Proxy Architecture
Internet Branch Branch Datacenter Internal WAN #3 Maintain control of encrypted sessions • Why? • End-to-end encryption assures information access to authorized personnel only • But end-to-end encryption should not thwart prototection, control and acceleration • How? • SSL reverse proxy • Internal apps • Externally facing apps • 4.2! SSL forward proxy • Internet apps • Next! SSL forward proxy at branch • Internal and Internet apps
Proxy Solution for the Distributed Enterprise • Get “bad” sessions off the network • Keep “good” content local • Maintain control of encrypted sessions • Prioritize mission-critical sessions Built on Blue Coat Proxy Architecture
Internet High Priority Teller Transactions Low Priority Background POSTs Branch Branch Datacenter Internal WAN #4 Prioritize Mission-Critical Sessions • Why? • Can’t allow background sessions to affect sessions that are time-critical • How? • 4.1! Traffic prioritization • 4.1! B/W management • 4.1! Prioritization with user and protocol-level knowledge • Next! Integration with network QoS (ToS/DiffServ) systems
Proxy Solution for the Distributed Enterprise • Get “bad” sessions off the network • Keep “good” content local • Maintain control of encrypted sessions • Prioritize mission-critical sessions • Optimize the traffic on WAN Built on Blue Coat Proxy Architecture
Internet Branch Branch Datacenter Internal WAN #5 Optimize the Traffic on WAN • Why? • Reduce effect of WAN latency and improve end-user response times • How? • SSL offload & TCP offload to the branch • Protocol optimizations like HTTP Object Pipelining • 4.1! Compression for Enterprise Web Applications and Internet traffic • 4.1! Compression for Enterprise Client-Server Applications • Next! Byte Caching • Next! New TCP stack and performance optimizations Optimize the traffic that is left on the WAN
Proxy Solution for the Distributed Enterprise • Get “bad” sessions off the network • Keep “good” content local • Maintain control of encrypted sessions • Prioritize mission-critical sessions • Optimize the traffic on WAN • Provide user & application visibility Built on Blue Coat Proxy Architecture
Visibility Director #6 Provide user & application Visibility Director & VPM • Why? • Visibility enables action towards issue resolution • How? • Director: Centralized management and policy control • Reporter: Detailed logging and reporting w/Reporter • Next! Health monitoring of delivery network w/Director • Next! Session-Level visibility of key metrics Centralized Mgmt Health Monitoring Session Monitoring Reporter
Management – The Big Picture 10.0 6.0 10.0 10.0 8.0 7.0 3.0 10.0
Summary • The Power of the Proxy • Firewall to protect, Proxy to control • Management Consolidation • Reporting is key
K9 - Free • Free Web Filtering for consumers • Download to Windows PCs • Supports all 58 Blue Coat WebFilter categories • Dynamic Rating