Svijet izgleda bolje s F5® The World Runs Better With F5®Networks Zagreb, 15. veljače 2013. Lora Čurković Jakub Šumpich Branko Radojević Ana Klisura Hrvoje Frühwirth Općenito WLAN „Forum Zagreb”, password „forum123” parking karticu zamijeniti pri odlasku na recepciji za plaćenu parkirnu karticu Agenda 08:30 – 09:15 Registracija i kava dobrodošlice 09:15 – 09:30 Uvodni pozdrav – Sedam IT (Lora Čurković, CEO) 09:30 – 10:05 Ukratko o F5 Networks - F5 Networks (Jakub Šumpich, Territory Manager) 10:05 – 10:40 Application Delivery and Security - Sedam IT (Hrvoje Fruehwirth) 10:40 – 11:25 Case study - CARNet NISpVU i eMatica - CARNet (Branko Radojević) i Sedam IT (Ana Klisura) 11:25 – 11:45 Q&A Ručak Svijet izgleda bolje s F5® The World Runs Better With F5®Networks Zagreb, 15. veljače 2013. Lora Čurković Predsjednik Uprave Sedam IT d.o.o. F5 Networks i SedamIT Partner od 2007. Unity Silver partner, najviši partnerski status u regiji 8 certificiranih inženjera, najviše u regiji Autorizirani service center za L1 & L2 podršku on site hot spare set Reference: – – – – – – – – Narodne novine Optima telekom FINA CARNet HT Eronet (Avacom) IDDEA (EMC) VIPNet (Nokia Siemens Networks) … F5 BIG-IP Customer Needs & Pains Cannot scale ADC consider infrastructure and resources to deploy increasing number of applications part of critical networking and application infrastructure Security attacks are getting larger and more sophisticated (blend of L3 – L7 DDoS) Exponential increase in mobile devices accessing apps causing higher CapEx/OpEx & complexity to maintain performance, security, & availability requirements Security Multiple points of access control Complexity of managing increasing number of applications have led to infrastructure sprawl Business Priorities Business Risk Management Scaling Business without Scaling Costs Improving Customer Experience F5 uses Purpose Built Hardware Focus on Customer Experience Performance and Scalability • Integrated hardware and software system designed for application delivery • High performance and on demand scalability • Carrier grade reliability—delivering 99.999% availability • Products that will last and be supported for many years Quality and Reliability • Always On Management integrated into design to detect and resolve issues F5 spends over $20 million annually on R&D ScaleN Enabled BIG-IP Platforms Line Up BIP-IP 2000s • 212K L7 RPS • 2K SSL TPS (2K key) • 75K L4 CPS • 5 Gbps L7 TPUT • 2 10 Gigabit Fiber Ports (SFP+) • 8 Gigabit Ethernet CU ports BIG-IP 2200s BIG-IP 4000s BIG-IP 4200v BIG-IP 10200v BIG-IP 11000 BIG-IP 11050 • 425K L7 RPS • 4K SSL TPS (2K key) • 150K L4 CPS • 5 Gbps L7 TPUT • 2 10 Gigabit Fiber Ports (SFP+) • 8 Gigabit Ethernet CU ports • 425K L7 RPS • 4.5K SSL TPS (2K key) • 150K L4 CPS • 10 Gbps L7 TPUT • 2 10 Gigabit Fiber Ports (SFP+) • 8 Gigabit Ethernet CU ports • 850K L7 RPS • 9K SSL TPS (2K key) • 300K L4 CPS • 10 Gbps L7 TPUT • 2 10 Gigabit Fiber Ports (SFP+) • 8 Gigabit Ethernet CU ports: • 2M L7 RPS • 42K SSL TPS (2K key) • 1M L4 CPS • 40G L7 TPUT • 16 10 Gigabit Fiber Ports (SFP+) • 2 40 Gigabit Fiber Ports (QSFP+) • 2.5M L7 RPS • 20K SSL TPS (2K key) • 1M L4 CPS • 24 Gbps L7 TPUT • 10 10 Gigabit Fiber Ports (SFP+) • 2.5M L7 RPS • 20K SSL TPS (2K key) • 1M L4 CPS • 40 Gbps L7 TPUT • 10 10 Gigabit Fiber Ports (SFP+) VIPRION 2400 / 4 x 2100 Blade • • • • • 4M L7 RPS 40K SSL TPS (2K key) 1.6M L4 CPS 72 Gbps L7 TPUT 32 10 Gigabit Fiber Ports (SFP+) VIPRION 4480 / 4 x 4300 Blade • • • • • 10M L7 RPS 120K SSL TPS (2K key) 5.6M L4 CPS 160G L7 TPUT 32 10 Gigabit Fiber Ports (SFP+) • 8 40 Gigabit Fiber Ports (QSFP+) VIPRION 4800 / 8 x 4300 Blade • • • • • • 20M L7 RPS 240K SSL TPS (2K key) 10M L4 CPS 320G L7 TPUT 64 10 Gigabit Fiber Ports (SFP+) 16 40 Gigabit Fiber Ports (QSFP+) BIG-IP Product Portfolio of Services BIG-IP Products Local Traffic Manager Global Traffic Manager Application Security Manager Application Intelligence Rate Shaping / Rate Limiting Resource Cloaking Transaction Assurance Universal Persistence Caching Geolocation Intelligent Compression Selective Content Encryption Advanced Client Authentication Application Health Monitors Application Switching Web Acceleration DC to DC Replication Web Application Firewall Shared Application Services TMOS Operating System Access Policy Manager WebAccelerator WAN Optimization Module Shared Network Services TCP Optimization Protocol Sanitization Optimized SSL VPN DoS and DDoS Protection VLAN Segmentation Line Rate L2 Switching (Mirroring, Trunking, STP, LACP) IP Packet Filtering IPv6 Dynamic Routing Secure Network Addr. Translation Port Mapping F5’s Strategic Points of Control Application and Data Delivery Network Users Availability Optimization Security Management • • • • • • • • • Integration • Visibility • Orchestration Scale HA / DR Bursting Load-Balancing • • • • Network Application Storage Offload Network Application Data Access Resources APP APP APP APP OS OS OS OS APP OS APP OS APP OS APP OS Private Public Physical Virtual Multi-Site DCs Cloud Optimize Traffic Management and Offload Application Server with BIG-IP Local Traffic Manager (LTM) BIG-IP LTM Physical Virtual Public or private cloud OPTIMIZED APPLICATIONS & DATA • Application Intelligence • Load Balancing • TCP Optimization • Rate Shaping • Server Offload SECURE APPLICATIONS & DATA • RAM Caching • Intelligent Compressing • Health Monitoring • SSL offload • • • • • • Application Proxy Transaction Assurance Resource Cloaking Secure Network Address Translation Port Mapping Selective Content Encryption Increase application Server Capacity and better utilize Bandwidth with BIG-IP Local Traffic Manager (LTM) OPTIMIZED APPLICATIONS & DATA • • • • Connection Management (OneConnect™) RAM Cache Compression offload SSL offload BIG-IP LTM • Increase server capacity 60% with OneConnect™ 9x with RAM Cache 20% with Compression offload 30% with SSL offload • Reduce costs with centralize SSL key management Secure Applications and Data with BIG-IP Local Traffic Manager (LTM) SECURE APPLICATIONS & DATA • • • • Application Proxy Transaction Assurance Resource Cloaking Network and protocol attack prevention • Secure Network Address Translation • Port Mapping • Selective Content Encryption BIG-IP LTM Security at the application, protocol, and network levels • Meet compliance requirements (PCI, HIPAA, etc.) • Protect data without interrupting legitimate traffic Benefits of LTM Increase Application Availability Accelerate Applications Increase Application Server Capacity Optimize Bandwidth Usage Secure Applications and Data Take Control of Application Delivery F5 iRules Skriptni jezik temeljen na događajima Razvijen na osnovi TCL (Tool Command Language) programskog jezika Omogućava pisanje skripti za dodatno upravljanje dolaznim i odlaznim prometom Presretanje, preusmjeravanje, pregledavanje i transformacija dolazećeg ili odlazećeg aplikativnog prometa iRules programi se izvode i manipuliraju putem jedinstvenog sučelja za programiranje aplikacija razvijenog od strane tvrtke F5 Sedam IT presentation for CUC 2010 Global Application Availability with BIG-IP Global Traffic Manager (GTM) OPTIMIZED APPLICATIONS & DATA • • • • • Dynamic Datacenter Load Balancing TCP Optimization Health Monitoring Geolocation Automatic site-to-site failover Data Center 1 SECURE APPLICATIONS & DATA • • • Transaction Assurance DNS Security Dynamic DNSSEC Data Center 2 Attack protection with BIG-IP Application Security Manager (ASM) Leading Web Attack Protection with BIG-IP Application Security Manager (ASM) Web Applications BIG-IP ASM SECURE APPLICATIONS & DATA • • Web Application Firewall • Protection from top OWASP threats including DoS and DDoS • Log and report all application traffic • Provides L2->L7 protection PCI Compliance • Maintain security at application, protocol, and network levels • Launch secure applications protected from vulnerabilities Meet PCI Compliance with BIG-IP Application Security Manager (ASM) PCI reporting provides: • Requirements with details • Current compliancy state • Steps to become compliant Easily comply with audits Dramatically Improve User Experience when accessing your Web Application with BIG-IP WebAccelerator OPTIMIZED APPLICATIONS & DATA • Cache repetitive content in browser • Intelligent Compress • TCP optimization Benefits of BIG-IP WebAccelerator F5 – news New product – Big IP Advanced Firewall Manager high-performance, stateful, full-proxy network firewall 640 Gbps of firewall throughput 288 million concurrent sessions 8 million connections per second A Firewall Built for the Data Center Application Delivery Firewall “Next Generation” Firewall • • • • Corporate Data center (users) (servers) Outbound user inspection Who is doing what? “Trusted” users to Internet App awareness: Broad but shallow • • • • Inbound application protection Application delivery focus “Untrusted” users to data center App awareness: Specific but deep Use Case: Application Delivery Customer needs to F5 Value Delivered • Deliver a consistently fast experience regardless of the countless variables • Manage new and evolving protocols as well as ever-increasing and inconsistent traffic • Guarantee application availability, while reducing OPEX and CAPEX Dynamic, highly interactive web applications at the speed of business. Availability: Always on Intelligent traffic management Direct users to the Optimize traffic best location management based on real-time decisions based application on contextual delivery data and message data. performance Mobile Content Delivery Deliver customized device-aware content optimization Enterprise Application Performance Improve end user experience, increase revenue, and enhanced productivity without the need to rewrite applications Use Case: Security Customer needs to F5 Value Delivered • Attain protection from full spectrum of DDoS attacks • Achieve full SSL visibility and protection • Rely on key partnerships give you full vulnerability checking and website protection F5 provides application layer security and protects your Internet data center from today’s attacks regardless of where they live. Accelerated and secure remote access The Access Policy Manager (APM) module running on BIGIP and VIPRION platforms represents the industry’s most scalable remote access solution Protection at scale With high scale and performance capabilities, the BIG-IP and VIPRION hardware platforms running the Advanced Firewall Manager module represent the world’s fastest firewall Use Case: Service Provider Customer needs to • Ensure optimal network performance during IPv6 migration and handle the high number of translations and concurrent connections • Support millions of logs being generated during Network Address Translation (NAT) with High Speed Logging • Consolidate multiple services onto a single platform to streamline their network and introduce new services faster to market while reducing costs • Provide highly available platform for a reliable network and continuous up-time. Available F5 Value Delivered Scale High availability platform • Highly scalable platform ensures service uptime and atenables you to handle more peak performance concurrent connections and new CPS helps you manage traffic with fewer resources resulting in lower CAPEX and OPEX • Scales to support generation millions of logging records and exporting them to a system logging server Consolidate • Intelligent Services Platform is an intelligent softwarecontrollable platform enabling any service to run on any blade, resulting in simpler configuration and management of network resources • Consolidate the number of servers along with power, space, cooling, and management requirements. Hvala! [email protected] Case Study CARNet NISpVU i eMatica Zagreb, veljača 2013. Branko Radojević Ana Klisura Takeaways Molimo popuniti upitnike i kod hostesa zamijeniti za mali znak pažnje F5 – puno više od Load Balancera Optimizacija Hvala! [email protected] F5 Introduction Jakub Sumpich Territory Manager [email protected] the Fortune 10 companies • 44 of the Fortune 50 companies • 18 of the top 20 U.S. commercial banks • 3 of F5 is #1 WW for Traffic/App Optimization Users At Home In the Office On the Road Benefits: Data Center Application Delivery Network •Bigger competitive ability •Lower OPEX costs of DC •Application investment protection SAP Microsoft Oracle F5 Overview 400.000 350.000 Publicly traded on NASDAQ F5 Networks is the leading provider of application and data delivery networking 300.000 3,000+ employees Our products sit at strategic points of control in any infrastructure $ Thousands 250.000 200.000 150.000 100.000 1,380,000,000 50.000 - IPO in 1999 Fiscal Year 2012 Revenue US$1.38B Organizations Worldwide Trust F5 F5 Customer highlights • • • • • • • • • • 43 of the Fortune 50 companies1 15 of the top 15 US commercial banks1 6 of the 6 top US airlines1 10 of the top 10 US insurance companies - property and casualty1 5 of the top 6 healthcare: pharmacy and other services1 14 of the 15 executive branch departments of the US federal government2 10 of the top 10 fixed AND mobile global service providers3 9 of the top 10 US online video brands4 4 of the top 5 US Internet search providers5 17 of 20 cloud infrastructure and Web hosting companies6 Sources: 1 Fortune 2010; 2 USA.gov Web site listing 3 Q310 Ovum Market share, by revenue, global; 4 Nielson NetRatings September 2010; 5 Comscore November 2010; 6 Gartner Magic Quadrant Cloud Infrastructure as a Service and Web Hosting (On Demand, December 2010) How to fulfil business needs? Multiple Point Solutions Application More Bandwidth Network Administrator Add equipment? Application Developer Hire army of developers? Result: Complicated and expensive infrastructure Users Network Point Solutions Applications DoS Protection Mobile Phone Rate Shaping SSL Acceleration PDA CRM CRM SFA ER ERP CRM ERP SF Server Load Balancer Laptop Desktop Co-location Content Acceleration Application Firewall Connection Optimisation Traffic Compression Customised Application Customis Applicat Solution – Application Delivery Controller (ADC) Users The F5 Solution Applications Application Delivery Network CRM Mobile Phone Database Siebel BEA PDA Legacy .NET SAP Laptop PeopleSoft IBM ERP SFA Desktop Custom Co-location TMOS 50 billion connected devices by 2020 Cloud Computing is in the Top 3 concern for CIO priority in 2012 71% of all work will be mobile or web-based by 2020 More delivery mechanisms 185 billion mobile app downloads by 2014 More users and more choices More challenges impacting IT infrastructure Traditional Application Delivery Challenges Firewall ADC Clients App servers Storage App servers Storage Traditional Application Delivery Challenges SaaS App servers Storage ADC App servers Storage Firewall Clients More Endpoints Cloud More Delivery Models More Apps Solution: An Intelligent Services Platform Physical Virtual An Intelligent Services Platform connects any user, anywhere, from any device to the best application resources, independent of infrastructure. Clients Anywhere, any service, any device Cloud Intelligent Dynamic, agile, adaptive Storag Full Intelligence Requires a Full Proxy gent Full Proxy Benefits point of delivery & definition” ntelligence - layer 3- 7 visibility ct client / server control d services / context perability and gateway functions Client/Server Client/Server Web Application Web Application Application Application Session Session Network Network Physical Physical IT = Complete Control Business = Reduced Delivery Costs View of the Analytics F5 Networks Offers the most feature-rich AP ADC, combined with excellent performance and programmabilit via iRules and a broad product line. Strong focus on applications, including longterm relationships with major application vendors, including Microsoft, Oracle and SAP. Strong balance sheet and cohesive management team with a solid track record for delivering the right products at the right time. Strong underlying platform allows easy extensibility to add features. Support of an increasingly loyal and large group of active developers tuning their applications environments specifically with F5 infrastructure. Gartner Advanced Platform DC Market Share F5: An Intelligent Services Platform F5 makes the connected world run better olutions available today: Application Delivery Controller User Community Mobile optimization solution Intelligent Ecosystem Application Delivery Firewall Mobile User and Application Access Management WAN Opt and WAN acceleration DNS Delivery Services Programmable/Extensible DevCentral iRules iControl iApps Customizable Traffic Management Enterprise Fast Intelligent Integrated Context aware Available Secure Local and Global Load Balancer Foundation TMOS Scale Hardware Software The F5 Business Value Increased availability, scalability, performance, and security drives increased business productivity and faster ROI Lowers cost and risk of deployment and maintenance Improves end-to-end application delivery Protects applications against security threats and network problems Maximizes and protects application investments, reducing operating and capital expenses Improves application performance and the user experience Benefits of the Intelligent Services Platform for Enterpris Fast Improves performance, increases employee productivity, boosts business operations and drives e-commerce revenue. DevCentral Available iRules Efficiently delivers highly reliable application services while maintaining maximum availability regardless of location or state. iControl iApps Fast Available Secure Secure Delivers applications to high-performance mobile and remote users while providing dynamic, flexible and powerful security. Enterprise TMOS Hardware Software Available Efficiently delivers highly reliable application services while maintaining maximum availability regardless of location or state. “Cloud-based disaster recovery has the potential to give companies lower costs yet faster recovery, with easier testing and more flexible contracts.” - Rachel Dines, Forrester 75% all U.S. businesses ve experienced erruptions due to: power hardware telecommunications software problems IPv6 IPv6 A new set of customers. There is a large, untapped customer base in Asia that connects with IPv6-only devices and can only communicate with IPv6 hosts. BIG-IP GTM has had an immediate and profound effect on our reliability. If a server ever goes down, it reduces our downtime from 8-10 minutes to a couple of milliseconds. Don Wood, Director of Technology, DNSstuff.com Fast Improves performance, increases employee productivity, boosts business operations and drives e-commerce revenue. 2012 74% are willing to wait DNS has grown over 100% 5 seconds or less for a single web page to load before leaving the site. 2007 Every 100ms delay Costs Amazon 1% in sales. 2012 in the last 5 years. 180% 2007 When we moved our Microsoft application servers behind the BIG-IP LTM devices, we immediately noticed a dramatic performance improvement—the difference was like night and day. Kevin Rice, Global Network Architect, A.T. Kearney As of October 2012, there were over 188 million active websites, a growth of 180% over the last 5 years. Delivers applications to high-performance mobile and remote users while providing dynamic, flexible and powerful security. Secure of surveyed Internet, technology and social experts predict most work will be done via web-based or mobile applications by 2020. 4X Anonymous proxies… have steadily increased, more than quadrupling in number as compared to three years ago. An everyday laptop on an average connection can take down an enterprise web server using SSL/TLS. BIG-IP APM gives us an essential additional layer of security. It also allows us to provide secure remote access to each of our customers’ corporate IT environments from their own networks and devices. Jeffrey Dahn, CIO, Lokahi Solutions BIG-IP Module Architecture BIG-IQ EM™ BIG-IQ… Security™ BIG-IQ™ BIG-IP® Local Traffic Manager (LTM) BIG-IP® Global Traffic Manager (GTM) BIG-IP® Application Security Manager (ASM) BIG-IP® Advanced Firewall Manager (AFM) BIG-IP® Access Policy Manager (APM) BIG-IP® WebAccelerator (WA) BIG-IP® WAN Opt Manager (WOM) BIG-IP® Policy Enforcement Manager (PEM) BIG-IP® Carrier Grade NAT (CGNAT) iRules®, iApps®, and iControl® TMOS® ADC Service Provid Security Why Does F5 Build Purpose Built Hardware? Customers require: Focus on Customer Experience • Integrated hardware and software system designed for application delivery • High performance and on demand scalability Performance and Scalability • Carrier grade reliability—delivering 99.999% availability • Products that will last and be supported for many years Quality and Reliability • Always On Management integrated into design to detect and resolve issues F5 spends over $20 million annually on R&D Leveraging Alliances Programmability Cisco’s recent ACE news Cisco has decided it will not develop further generations of its ACE load-balancing products… Cisco Systems has significantly reduced its investment in the development of the company’s ACE product... to re-align resources with the company’s long-term opportunities. As far back as 2009, Gartner was calling ACE a “legacy platform”, predicting that Cisco would have to cede the application acceleration market… We also feel that F5, as the strong market leader, will be wellpositioned to capture a large portion of the share… Benefits of F5 Global Services iHealth Better application performance, enhanced security and higher availability Faster time to market Maximum return on investment Professional services Increased project success Knowledge services Quicker problem resolution Support services Technology expertise | Service excellence | Customer focus | Global coverage Case Study CARNet NISpVU i eMatica Zagreb, 5. veljače 2013. Ana Klisura Sadržaj 1. 2. 3. 4. 5. 6. 7. 8. NISpVU i www.postani-student.hr eMatica Izgradnja podatkovnog centra u CARNetu Local Traffic Manager Napredni nadzor sustava Offload poslužitelja F5 iRules Što smo postigli u CARNetu? Case Study – CARNet NISpVU i eMatica NISpVU i postani-student.hr NISpVU – Nacionalni informacijski sustav prijave na visoka učilišta www.postani-student.hr – korisničko sučelje prema NISpVU sustavu Prijave na državnu maturu, objave rezultate, upisne liste za fakultete Servis se nalazi na LTM-u od samog početka projekta Državna matura Najveće korištenje stranice u trenutku objave rezultata ispita državne mature Između 30 000 i 40 000 korisnika svaku godinu Case Study – CARNet NISpVU i eMatica eMatica Centralizirani sustav Ministarstva znanosti, obrazovanja i sporta za upisivanje podataka o učenicima i zaposlenicima osnovnih i srednjih škola u Republici Hrvatskoj Na kraju godine omogućeno je ispisivanje svjedodžbi učenicima Podaci uneseni u sustav automatski se sinkroniziraju s ostalim servisima Sustav preseljen na poslužitelje iza LTM uređaja u CARNetu u svibnju 2012. godine Sustav se kontinuirano koristi kroz cijelu godinu s najvećim opterećenjem na kraju školske godine kod zaključivanja ocjena i ispisivanja svjedodžbi Case Study – CARNet NISpVU i eMatica Izgradnja podatkovnog centra Visokodostupan računalni sustav mora osigurati dostupnost, brzinu i sigurnost aplikacija korisnicima u bilo kojem trenutku bez obzira na vrijeme, lokaciju korisnika ili bilo koji faktor koji može utjecati na rad i dostupnost sustava Osiguravanje naprednih usluga i servisa i njihove nesmetane isporuke članicama i korisnicima CARNet mreže Središnjica IT arhitekture i veliki korak prema zaštiti poslovanje Primarna i pričuvna lokacija podatkovnog centra Cilj -> zaštititi servise organizacije i ostvariti efikasan način raspodjele opterećenja Case Study – CARNet NISpVU i eMatica Local Traffic Manager Nudi napredne funkcije poput upravljanja aplikativnim prometom, kontrole pristupa i zaštite aplikativnog prometa na mreži Glavna uloga LTM-a je raspodjela opterećenja klijentskih upita prema pozadinskim aplikativnim poslužiteljima Hardver dizajniran posebno za inteligentnu dostavu aplikativnog prometa: SSL ubrzanje, kompresija, višejezgreno procesiranje Brojne opcije za optimizaciju i upravljanje aplikativnim prometom Modularnost i jednostavna nadogradnja Case Study – CARNet NISpVU i eMatica Visokodostupan računalni sustav u CARNetu Izgradnja podatkovnog centra na dvije lokacije Uređaji u active/standby načinu rada Connection mirroring - kompletno zrcaljenje svih postojećih konekcija Rezultat -> rješenje koje je visoko dostupno bez obzira na neispravnost sustava, poslužitelja ili aplikacija te osigurava neprekidna usluga prema krajnjim korisnicima Case Study – CARNet NISpVU i eMatica Napredan nadzor sustava Napredan nadzor svih dijelova sustava • Veliki broj ugrađenih aplikativnih monitora • Mogućnost kreiranja custom monitora Nadzor poslužitelja omogućuje odabir uvijek najboljeg resursa za isporuku usluge korisnicima Nadzor rada servisa omogućuje uvijek odabir poslužitelja koji će ispravnu aplikaciju isporučiti korisnicima Rezultat - > visoka razina raspoloživosti, veća pouzdanost i eliminacija falsepositive alarma Case Study – CARNet NISpVU i eMatica Offload poslužitelja Terminacija SSL prometa • SSL/TLS enkripcija i dekripcija podataka na LTM • Posebni hardverski optimizatori za SSL promet omogućavaju potpuni offload opterećenja sa središnjeg CPU sustava Kompresija HTTP prometa • Offload kompresije prometa s pozadinskih poslužitelja Caching HTTP prometa • Spremanje objekata u LTM memoriji Brojni sigurnosni mehanizmi • „Prva crta obrane” • Veća sigurnost mreže i aplikativnih servisa • Zaštita od DoS napada, SYN flood napada, UDP flood napada… Case Study – CARNet NISpVU i eMatica F5 iRules Moćan i fleksibilan skriptni jezik temeljen na događajima Omogućava kompletnu kontrolu i manipulaciju prometom koji prolazi kroz LTM Moguće ih je primijeniti na bilo koji transportni protokol ili aplikativni promet Posebno korisničko sučelje za pisanje iRule skripti U CARNetu: • http -> https redirekcija • Cachiranje prometa • Usmjeravanje klijentskih zahtjeva na odgovarajući skup pozadinskih poslužitelja • Logiranje određenih događaja u sustavu • Promjena sadržaja HTTP headera Case Study – CARNet NISpVU i eMatica Što smo postigli u CARNetu? Pouzdana i efikasna isporuka usluga korisnicima Rasterećenje i smanjenje broja krajnjih poslužitelja Raspodjela opterećenja na aplikacijskom sloju Poboljšanje aplikacijskih performansi Povećana sigurnost aplikacija i poslužitelja Napredan nadzor poslužitelja i aplikacija Uvijek odabir najboljih resursa Inspekcija i manipulacija aplikacijskog sadržaja Case Study – CARNet NISpVU i eMatica Prepoznata kvaliteta LTM-a Prepoznat doprinos LTM-a u uspostavi visoke dostupnosti i optimizacije servisa Od ove godine na poslužiteljima u CARNetu nalaziti će se i NISPUSS NISPUSS – Nacionalni informacijski sustav prijava i upisa u srednje škole Case Study – CARNet NISpVU i eMatica Kraj Optimizirana i sigurna isporuka usluga korisnicima Maksimalna dostupnost i optimalna dostava aplikacija Kontrola i mogućnost jednostavnog skaliranja sustava Mogućnost nadogradnje sustava kupnjom dodatnih modula ili licenci Visoka dostupnost servisa ili aplikacija kao zahtjev danas se postavlja pred svaki sustav Case Study – CARNet NISpVU i eMatica Pitanja, komentari… mail to: [email protected] Case Study – CARNet NISpVU i eMatica Hvala na pažnji!
© Copyright 2024 Paperzz
