280 likes | 411 Views
Secure your users Accelerate your data. Harri Kurronen. Agenda. Secure your users Accelerate your data New – SG Client. Integrated Solution for Acceleration & Security. About Blue Coat. Founded in 1996 with a focus on Acceleration
E N D
Secure your users Accelerate your data Harri Kurronen
Agenda • Secure your users • Accelerate your data • New – SG Client
Integrated Solution for Acceleration & Security About Blue Coat • Founded in 1996 with a focus on Acceleration • Accelerating Web applications…making Internet applications faster • Innovative proxy caching appliance with object pipelining, adaptive content refresh • Expanded in 2002 to include Policy Control &Security • Rich policy framework integrated with performance engine for visibility and control of users, content and applications • Visibility: Who, what, where, when, how • Control: accelerate, deny, limit, scan, strip, transform… • Innovative leader in secure content & application delivery • 700+ employees; $200M annual revenue run rate • 30,000+ appliances shipped worldwide to more than 4,000 customers • #1 market leader in Secure Content & Application Delivery (IDC)
SG Family Internal Network Public Internet AV Family Secure and Accelerate Your Business High Performance Appliances User Control URL Filtering Virus Scanning Instant Messenger Control Peer-to-Peer Block/Allow Per User Reporting Streaming splitting/caching/control Spyware blocking and reporting Application Acceleration (MACH5) Comprehensive, flexible content policies
Financial Health & Pharmaceuticals Energy, Oil & Gas Mfg/Industrial Consumer & Retail Government World’s Major Institutions Trust Blue Coat
Enterprise Traffic is complex • Accelerate good • Stop bad (“junk”) • Understand priorities • By user, application, time, office etc.
CONTROL • Fine-grained policy for applications, protocols, content & users (allow, deny, transform, etc) • Granular, flexible logging • Authentication integration • PROTECT • Prevent spyware, malware & viruses • Stop DoS attacks • IE vulnerabilities, IM threats • ACCELERATE • Governed by policy • BW Shaping, Compression, Protocol Optimization • Byte, Object & Predictive Caching + + Full Protocol Termination = Total Visibility & Context (HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, Telnet, DNS, etc.) Ultimate Control Point for Web Communications The Power of the Proxy
Complete Range of Blue Coat Appliances SG8100 Series Corporate Headquarters SG810 Series SG510 Series AV810 Series Remote Offices AV510 Series SG200 Series ConnectedUsers Up to 250 users 150 –1000 users 800 –4000 users 3000 – 50,000+ users WAN Throughput 30 – 50 Mbps Up to 20Mbps 100Mbps –140Mbps 200Mbps – 400+ Mbps Performance
SFA App CRM App HR App Branch Office Supplier Procurement App Branch Office Branch Office The Enterprise in Motion ASP ASP ASP File Servers Corp Data Center Corp Intranet Corp E-Mail
Bandwidth Management Protocol Optimization Object Caching Byte Caching Compression File Services (CIFS), Web (HTTP), Exchange (MAPI), Video/Streaming (RTSP, MMS), Secure Web (SSL) Platform for Application Acceleration Multiprotocol Accelerated Caching Hierarchy
Bandwidth Management Sales Automation AppPriority 1 Min 400Kb, Max 800Kb E-Mail Priority 2 Min 100Kb, Max 400Kb • Divide user and application traffic into classes • Guarantee min and/or max bandwidth for a class • Align traffic classes to business priorities File Services Priority 3 Min 400Kb, Max 800Kb General Web Surfing Priority 4 Min 0Kb, Max 200Kb
10-100X Faster Includes CIFS, MAPI, HTTP, HTTPS, TCP Protocol Optimization
Object Caching • Built on high-level applications and protocols • HTTP/Web caching • Streaming caches • CIFS cache • Advantages • Fastest response times • Offload work from servers (and networks) • Can be deployed asymmetrically • Limitations • Application-specific • All or nothing: No benefit if whole object not found or changed
Sequences are found in the local history cache They are transmitted as small references over the WAN The original stream is reconstructed using the remote history cache Byte Caching Local History Cache Remote History Cache …..B24D77E8A00E1...4ABEF8853821A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87F0AB227D95239BE0A15F07A6238C9DDBE0ACFD97652BDD0C0AA017629CAD9E99DE0 …..B24D77E8A00E1...4ABEF8853821A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87F0AB227D95239BE0A15F07A6238C9DDBE0ACFD97652BDD0C0AA017629CAD9E99DE0 Proxies keep a history of all bytes sent and received B24D77E8A00E4785ACB7EE20A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87FAAB266E8DC9A00A15F07A6238C9DDBE0ACFD97652BDD0C0AA0 B24D77E8A00E4785ACB7EE20A31B482F6C8D920A00CEF225A0F634F8200A2D6BC87FAAB266E8DC9A00A15F07A6238C9DDBE0ACFD97652BDD0C0AA0 [R1]4785ACB7EE20[R2] AAB266E8DC9A00A[R3] Remote LAN WAN Link Local LAN
Compression • Industry-standard gzip algorithm compresses all traffic • Removes predictable “white space” from content and objects being transmitted 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010101100101100101010101010010101010101010100101000010100 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010010010101010010101010101101100101100010100 COMPRESSION 11011111001110010010010111001100101011101100100001001100111001000001111000111001100011
Ensure Priorities Fed to WAN Network • Take business-process prioritization and translate to packet-level • Set and preserve QoS settings • DiffServ (Differentiated Services) • MPLS (Multi-protocol label switching) • Superior to packet-only, coarse grained approaches QoS DSCP ToS
MACH5 Techniques Work Together Object Caching • Caches repeated, static app-level data; reduces BW and latency Byte Caching • Caches any TCP application using similar/changed data; reduces BW Compression • Reduces amount of data transmitted; saves BW Bandwidth Management • Prioritize, limit, allocate, assign DiffServ – by user or application Protocol Optimization • Remove inefficiencies, reduce latency
Don’t Forget Branch Office of One • Today’s appliance-based WAN optimization solutions address the data center and branch offices… • …but what about: Micro-Branch Employees Road Warriors Telecommuters
Remote Users Are Getting Left Behind • Poor performance • No control or security • No business continuity • Inconsistent devices and networks Application delivery must be extended to ALL remote users
Requirement: Acceleration to Desktop • Acceleration client for laptops and desktops necessary • Improve performance of file access, client-server apps, email, etc. (latency, bandwidth issues, packet loss) • Transparently work across VPNs and WANs • Easy to deploy and administer • No changes to end user behavior
The Solution: Blue Coat SG Client • Client software that extends Mach5 acceleration capabilities to the desktop • Improves performance of email, client-server applications and file services • Accelerates traffic between SG appliance and end user machine • Transparent to IPSec VPNs • No changes to end user experience apps and file downloads are just faster!
Manage: Video SSL Skype Peer-to-peer Accelerate: Remote offices Travelling users Delivering data safe and fast
What makes Blue Coat unique • 10 years experience of improving content delivery • First caching appliances worldwide • Deep understanding of users and content • Layer 7 knowledge, not just packet networking • Most powerful security functionality • All types of data, unlimited policy flexibility • Flexible deployment options • From country to end device • High performance appliances • Thin OS, no public-domain, no general-purpose OS • No compromise – performance and control together