250 likes | 490 Views
Allot Communications. Solutions for Citrix in the Enterprise Network. Empowering Networks for Business. www.allot.com. Market Trends. Increased reliance on Internet and IP (private, public, VPN) for business critical traffic
E N D
Allot Communications Solutions for Citrix in the Enterprise Network Empowering Networks for Business www.allot.com
Market Trends • Increased reliance on Internet and IP (private, public, VPN) for business critical traffic • Diversity of applications with different networking requirements and business criticality • Citrix • Oracle • VoIP, Video conferencing • Entertainment traffic – music (P2P), shopping, stocks, multi-media • Email, VPN and large file transfers • Increased malicious traffic attacks on networks & servers • Budget shrinks • Improve rather than build • Save on bandwidth costs
QoS in the Enterprise – The Need • Guaranteeperformance of business critical applications – Video, VoIP, ERP (SAP), Citrix Applications, Oracle – and protect from DoS attacks • Limit bandwidth-hungry, non-business applications • P2P, music • Web surfing • Monitorperformance • Record IP sessions stats
Citrix Solution – The Need for QoS • Citrix based network needs QoS because: • IP network works on “best effort” basis – first comes first served – no guarantees • Without QoS, bandwidth-hungry applications (like FTP or Peer-to-Peer) steals the Citrix resources (bandwidth) • Without minimum bandwidth, Citrix users suffer from unpredictable response time • Without QoS Citrix applications suffer from “un-assured” performance • There is no differentiation between applications and users
Policy and SLA Management • Define policies • Translate policies to network actions • User directory/CCB management Enforcement • Shaping and conditioning • QoS tagging (gateway) • Server balancing • Cache enforcement • Content filtering • Preventing DoS attacks Monitoring and Accounting • Policy monitoring • User accounting and billing • Event management • Capacity planning • Service management Policy Based Networking - a Complete Solution
Product - The NetEnforcer • Bandwidth management (e.g., manage WAN link to remote offices) • Traffic management/shaping • Performance guarantee(e.g., for Citrix) • Traffic monitoring – real-time, long-term • Auto discover and auto create policy (e.g., prioritize Citrix) • High availability models (with dual power supplies) • Redundancy and bypass • High performance • Up to 155 Mbps (Gigabit I/F) • 256,000 connections • 28,000 policies
The Allot effect: Add NetEnforcer to the network The Allot Effect Music download (Peer to Peer) takes more than 100Mbps Not enough bandwidth for Browsing and Citrix Browsing and Citrix get full capacity while Music is limited to 10Mbps
Using the NetEnforcer to Control Bandwidth Example: Set Max Bandwidth to 85Kbps With QoS enforcement: • BW usage control • Predictable pattern • Efficient transfer • Fair Access Without QoS: • BW abuse on short period of time • Bursty pattern • Retransmission ? • One Customer takes all bandwidth!
Switch Router NetEnforcer Email Medium priority HTTP/P2P Low priority Citrix Business-Critical Application PrioritizationExample Low-priority P2P traffic monopolizes connection Network with Email, HTTP/P2P and Citrix IP offers only “best effort” service Apply QoS andguarantee performance toCitrix applications Citrix application bandwidth is now wider
Classifying Citrix with the NetEnforcer Classify Citrix traffic by Application Name and User Name Select Citrix from a library of protocols/ applications
Policy Example – Citrix Performance Assurance Citrix performance is assured with “Business Critical” QoS level (very high priority and BW guarantee Other applications are getting different priorities and bandwidth allocations while Usenet is blocked
Monitoring Applications in Real Time • View min/max bandwidth • View WAN bandwidth • View Protocol BW Usage • Top Users • Top servers • Utilization • WAN Link • NetEnforcer
Diagnose Network Performance Nearly 28% of all traffic is from the Web. Who are the top users?
Get Historical Traffic Analysis From Policy usage distribution To Advanced Graphical options … and localization … and longer and filtered history (e.g. working hours only)
NetAccountant – Optional Accounting Package • Collect information about usage – including client, server, application inbound and outbound traffic counters • Includes a reportgenerator – ideal tool for network capacity planning and internal budgeting • Allows access by external application using ODBC
Branch 1 192.11.12.x 128 Kbps 128 Kbps Web Email, FTP Servers Switch NetEnforcer Router 256 Kbps 256 Kbps SAP Branch 2 Corporate Headquarters 192.11.13.x Managing Bandwidth inEnterprise Environment Policy Table (v4.1) Pipe 1 – 192.11.12.x to Any Max (128kbps) SAP – Min 64 kbps FTP – Max 56 kbps Pipe 2 – 192.11.13.x to Any Max (256 kbps) SAP – Min 128 kbps(Set Eternal Bandwidth to 384kbps) Set QoS to Max. 256 Kbps ? No: Exceeds capacity of Branch 1 Set QoS to Max. 128 Kbps ? No: Wastes capacity of Branch 2 Manage Multiple Links
Allot’s Citrix-QoS Solution – Benefits to the customer • High ROI (return on investment) • Citrix can be used on the Internet (public network) • Citrix and other IP traffic share same WAN • Citrix bandwidth requirement is pre-defined and therefore less bandwidth overall is required • Citrix performance is guaranteed and enhanced • Citrix applications get “the right attention” in the network • Better management of traffic • Allow capacity planning and troubleshooting • Protect against DoS (denial of service) attacks
Allot’s Citrix-QoS Solution – NetEnforcer’s Advantages • NetEnforcer Per Flow Queuing permits assignment of QoS per Citrix application or per user • NetEnforcer enables prioritizing Citrix over other traffic (such as Email and file transfer) • Batch traffic (like FTP) can still run but won’t “freeze” Citrix • Mark Applications with Differentiated Service (DiffServ) Levels for end-to-end QoS • Limit and control Print jobs and file transfers so they don’t affect other Citrix users • NetEnforcer/NetAccountant allows for detailed monitoring and application and IP accounting • NetEnforcer enables protection for DoS attacks and other malicious traffic flows
NetEnforcer Attacker 2 3 1 Victim’s InternalNetwork Unwitting Accomplices Enhancing Security:Preventing a DoS Attack with the NetEnforcer • Attacker sends Broadcast ICMP with Victim’s spoofed address • Unwitting accomplices send ICMP Echo Reply (with Victim’s address) • NetEnforcer detects high number of new ICMP connections and blocks them.
(Italy) Aeroporto de Portugal Norway National RR Selected Enterprise Customers Banking / Finance Corporations Education Government
Why Allot ? • Ease of use – easiest way to have your QoS up and running – simple, intuitive and graphically pleasing • Application recognition – including Citrix • Application performance enhancement • Real-time and historical traffic monitoring and all-session IP accounting • Complete policy-based IP traffic management including traffic redirection to cache and server load balancing • High performance and high availability • 155 mbps, supports highest number of policies in the industry • Ideal for enterprise and data centers • Fail safe operation
Contact Details Europe, Middle East and Africa World Trade Center 1300, Route Des Cretes BP 255 Sophia Antipolis Cedex France 06905 Tel 33-(0)4-92-38-80-27 Fax 33-(0)4-92-38-80-33 Japan Nishi Ginza Bldg 2F 5-5-9 Ginza Chuo-ku, Tokyo 104-0061, Japan Tel: 81 3 5537-7114 Fax: 81 3 5537-5281 Americas 250 Prairie Center Drive #355 Eden Prairie, MN 55344 Tel (952) 944-3100 Fax (952) 944-3355 Asia Pacific 9 Raffles Place, Republic Plaza #27-01 Singapore 048619 Tel: 65-832-5663 Fax: 65-832-5662 International HQ Hod-Hasharon, 45800 Israel Tel 972-(0)9-761-9200 Fax 972-(0)9-744-3626 www.allot.com sales@allot.com