1 / 33

Security and Acceleration - A contradiction in terms?

Security and Acceleration - A contradiction in terms?. Nigel Hawthorn VP EMEA Marketing. Blue Coat: WAN Application Delivery. Profitable, public company (NASDAQ: BCSI), founded in 1996 93 of Fortune Global 100 are Blue Coat customers 6,000+ customers across 150+ countries

maren
Download Presentation

Security and Acceleration - A contradiction in terms?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and Acceleration- A contradiction in terms? Nigel Hawthorn VP EMEA Marketing

  2. Blue Coat: WAN Application Delivery • Profitable, public company (NASDAQ: BCSI), founded in 1996 • 93 of Fortune Global 100 are Blue Coat customers • 6,000+ customers across 150+ countries • Global Support Services team • Proven pedigree of web performance and security innovation

  3. Enterprises BUSINESS TRENDS TECHNOLOGY TRENDS REGULATORY TRENDS Faster, Global, Mobile, Secure • Adoption of Web 2.0 & SOA (Service Orientated Architcture) • Worker Mobility and Devices • Services – Not Software • Accelerate the Business • Business Boundaries Blur • Virtual, Flat Corporation • Climate of Governance • Protect Privacy • Manage Risk

  4. Challenges for IT Executives Server Consolidation On-Demand Applications and Services my Remote Offices Personalized Portals Web 2.0 Applications & Mash-Ups HTTPS Mobile Workers Legacy Client/Server Applications • Long distances, more traffic and chatty protocols hurt performance • Uncontrolled/unwanted traffic causes congestion • Security attacks hide in the application layer, more applications are encrypted • Can’t deliver applications quickly to remote and mobile users

  5. OR Security and Acceleration – A Never ending battle STOP EVERYTHING! Assume its all bad and check SECURITY Technologies ACCELERATE EVERYTHING! Assume its all good and accelerate Packet and Storage Accelerators

  6. The Answer: Stop the Bad. Accelerate Good ACCELERATE GOOD STOP BAD. Faster, Secure Delivery of Business-Critical Information ….. To Help the Business Run Better

  7. Acceleration – Its all about traffic & latency

  8. Why So Slow?! Take the Quiz Your Network: 45Mbps bandwidth 100ms latency (round trip) Question: You open a 4MB PPT file from a remote server. How long will it take? ACK! ACK! 45Mbps = 5.625MBps so 4 / 5.625 = 0.7111 A) 0.7 seconds. Hint: CIFS is a WAN protocol “worst-offender”. It sends data in 4KB chunks, then waits for an acknowledgement. 4KB Sent 4KB Sent 4MB = 1000 x 4KB chunks 1000 trips there 1000 trips back 2000 trips x 0.1 sec = 200 B) 200 seconds.

  9. Why So Slow?! • Bandwidth is the width of the road • Latency is the speed • We make our data travelmillions of miles andthe speed of light is too slow! • Add Layer 7 protocols Designed for LANs • Add rogue traffic • Add congestion (firewall, server, OS overhead, routers) Price Expectation Performance → Reality Bandwidth→ RESULT: Non-Linear Performance Gains as Bandwidth is Added!

  10. WAN Optimisation Technology

  11. Legacy WAN Optimization • Fix Basic Protocols • Compress with Byte Caching • Some Add Wide Area File Services What about the rest of your traffic?

  12. Accelerate SSL Applications • SSL use is growing • If it’s important, it’s encrypted! • Internal apps are hard to accelerate • External apps are even harder • Handle with care Open, Inspect, Accelerate SSL Applications

  13. Are You Video Ready? • What’s already on the WAN • Earnings announcement • Compliance mandated E-learning • YouTube.com • Is it at least controlled? • Split streams for live broadcast • Distributed video on demand Remove unwanted video. Accelerate the rest

  14. Stop Accelerating the Junk! • Why accelerate? • Frivolous surfing • Bulk downloads • Peer-to-peer • Get rid of it! • Or it will grow • Crowd out good apps Flexible, User Based Bandwidth Control

  15. Start Accelerating the Rest • Web traffic is huge • Fastest growing traffic • HTTP, and then some • Web services • Web widgets • Java clients • Get the Internet off your WAN; connect remote offices direct to the ‘net Deliver Web-Based Applications Without Extra Bandwidth

  16. Ultimate in WAN Optimization Multiprotocol Accelerated Caching Hierarchy Bandwidth Management Protocol Optimization Object Caching Byte Caching Compression File Services (CIFS), Web (HTTP), Exchange (MAPI), Video/Streaming (RTSP, MMS), Secure Web (SSL)

  17. Bandwidth Management – Business Process Salesperson, placing order with Sales Automation App Priority 1 Min 400Kb, Max 800Kb Salesperson query with Sales Automation App Priority 2 Min 100Kb, Max 400Kb • Divide traffic into classes, by: • User, application, content, transaction, application protocol, etc. • Guarantee priority and min and/or max bandwidth for a class • Align traffic classes to business priorities • Even for SSL encrypted applications • Operates alone, or integrates with your existing packet-layer QoS Non-Sales Management Pulls Client List Block Marketing person, Surfing Sales Automation App (reporting) Priority 3 Min 0Kb, Max 200Kb

  18. Protocol Optimization 10-100X Faster Includes CIFS, MAPI, HTTP, HTTPS, TCP

  19. Object Caching DATACENTER • Client served from local proxy • 100% acceleration – no data across WAN • Works on second, and all subsequent requests BRANCH

  20. Byte Caching • Proxies “learn” common patterns • Create short references and pass those instead • Works on all files, all applications over TCP 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 Byte Caching 110111110011100100100101110[REF#1]00011110001110011000110000010011110000001101111010010[REF#2]010101010100101000010100

  21. Compression • Industry-standard gzip algorithm compresses all traffic • Removes predictable “white space” from content and objects being transmitted 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010101100101100101010101010010101010101010100101000010100 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010010010101010010101010101101100101100010100 COMPRESSION 11011111001110010010010111001100101011101100100001001100111001000001111000111001100011

  22. MACH5 Techniques Work Together Object Caching • Caches repeated, static app-level data; reduces BW and latency Byte Caching • Caches any TCP application using similar/changed data; reduces BW Compression • Reduces amount of data transmitted; saves BW Bandwidth Management • Prioritize, limit, allocate, assign DiffServ – by user or application Protocol Optimization • Remove inefficiencies, reduce latency

  23. Aren’t We All Mobile Users? What About The Office of One? • Poor performance • Inconsistent performance • No control over user experience Desktop Client for Acceleration and Control

  24. Microsoft PowerPoint File size - 1 MB Microsoft Word File size - 10 MB No Client No Client 21 sec. 20 sec. 2 min 104 sec. With SG Client 1 min With SG Client 6 sec. 16 sec. 3 sec. 2 sec. File Open (cold) File Open (cold) File Open (warm) File Open (warm) File Open File Open Acceleration Performance Test bed: Office 2003, Win XP, 1.544 mbps full duplex, 200 ms

  25. Security – Its all about context Who, what, when, why, how,

  26. Today’s Network Requirements TODAY’S NEEDS SEE SECURE ACCELERATE CONTROL Complete view and understanding of all applications Defend against external and user-based threats Faster delivery of business-critical applications unique to each office, department, user Granular control over all users, devices and any application

  27. Users and Applications WAN Application Delivery (WAD) WAN optimization, User security, Policy control Packet Delivery Packets, Ports and Flow Control WAN/Internet Internal orExternal Internal or External Applications Users

  28. CONTROL • Fine-grained policy for applications, protocols, content & users (allow, deny, transform, etc) • Granular, flexible logging • Authentication integration • PROTECT • Prevent spyware, malware & viruses • Stop DoS attacks • IE vulnerabilities, IM threats • ACCELERATE • Governed by policy • BW Shaping, Compression, Protocol Optimization • Byte, Object & Predictive Caching + + Full Protocol Termination = Total Visibility & Context (HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, Telnet, DNS, etc.) See, Secure, Accelerate, Control Only a Proxy can deliver

  29. Source Time Place User/Group Content File/MIME type Agent Protocol Define appropriate policies Intranet Supplier Customer Training Any 12:00 – 8:00 8:00 – 5:00 5:00 – 12:00 Weekends Any New York London Paris Tokyo Any Tom IT Staff Executives Pupils Any News Sports Web-mail Job-sites Any P2P Stream .XLS Stream Any AOL IM RealPlayer IE 6.x Any IE 5.0 HTTP FTP HTTPS MMS Any Allow Disallow Virus Scan Accelerate Replace Allow, but limit Coach Splash Page Log by user Email mgmnt Patience page Log traffic Block on keyword Block non-text

  30. Why Performance and Security Together? • Single policy • Increasingly, we can’t install security without acceleration – impeding business is unacceptable • Removing unwanted traffic results in a performance increase • Branch offices must minimize hardware and management • Need to maximize WAN investment

  31. Blue Coat WAN Application Delivery 5. For All Users Everywhere 4. Optimize Web Traffic 3. Remove the Junk 2. Manage Video 1. Accelerate SSL Compress Byte Cache Fix Protocols Going Beyond Legacy Optimization Legacy WAN Optimization

  32. What makes Blue Coat unique • 10 years experience of improving content delivery • First caching appliances worldwide • Deep understanding of users and content • Layer 7 knowledge, not just packet networking • Most powerful security functionality • All types of data, unlimited policy flexibility • Flexible deployment options • From country to end device • High performance appliances • Thin OS, no public-domain, no general-purpose OS • No compromise – performance and control together

More Related