Your SlideShare is downloading. ×
Bluecoat Services
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Bluecoat Services

2,322
views

Published on


0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,322
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
190
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Blue Coat: Web Security & Acceleration
  • 2. 2
    About PacketShaper
  • 3. 3
    PacketShaper
    Key Functionality
    Application Visibility
    Application QoS
    Application QoS benefits time-sensitive applications
    Transactions (ERP, CRM, Citrix)
    IP Telephony and convergence
    Contain P2P, recreational & malicious
    Additional Products
    Requires ProxySG for acceleration, caching & WAFS
    IntelligenceCenter / PolicyCenter management system
  • 4. 4
    What Can PacketShaper Do?
    Discover All Application Traffic
    Resolve IssuesPre-empt Problems
    MonitorUser Experience
    Control and ProtectApplication Performance
    Application Visibility
    Application QoS
    TroubleshootPerformance Issues
  • 5. 5
    PacketShaper Deployment Option: Asymmetric in the Core
    BranchOffices
    Centralized Data and Applications
    Core
    PacketShaper
    WAN
    Data Center
    IntelligenceCenter
    PolicyCenter
  • 6. 6
    PacketShaper Deployment Option:Symmetric with Branch Deployment
    Public Web
    Servers
    Web Content andApplications
    Centralized Data andApplications
    Internet
    Customers and Partners
    Branch
    PacketShaper
    Core
    PacketShaper
    WAN
    BranchOffices
    Data Center
    Employees
    IntelligenceCenter
    Branch
    PacketShaper
    PolicyCenter
  • 7. 7
    PacketShaper Application Visibility
  • 8. 8
    What is Application Visibility?
    Identifies Applications for What They Really Are
    Recreational Streaming8%
    E-mail20%
    P2P12%
    InternetGaming5%
    FileTransfers9%
    Oracle7%
    Citrix5%
    Web Browsing28%
    53% of bandwidth being used by recreational applications
    14% of bandwidth is “business critical”
    TN32702%
    Other4%
  • 9. 9
    Application Visibility
    Discover All Application Traffic
    600+ applications, good & bad, sub-classify within complex apps / HTTP
    Monitor User Experience
    Measure & alarm, SLA compliance, VoIP metrics, integrate with other tools
    Troubleshoot Performance Issues
    Isolate delays, connections, host and app performance, capture & analyze
  • 10. 10
    Discovery
    Maps traffic to its classification library
    Automatically builds a list of the applications running on your network
    Provides basis for PacketShaper Application QoS technology
    Starts collecting performance data
    Utilization
    Efficiency
    Response times
  • 11. 11
    Industry-Leading Application Identification
    Blue Coat PacketShaper
    Unique to Blue Coat
    Behavioral characteristics
    Multi-packet flow analysis and profiling
    Beyond address andport-based analysis
    Identifies evasive applications
    Encrypted
    Port-hopping
    Tunneled
  • 12. 12
    Classification
    Maps traffic to its classification library
    Automatically builds a list of the applications running on your network
    600+ Application classes
    Sub-classify within complex apps / HTTP
    Good, bad and malicious traffic
    Current and next generation applications
    Plug-In Architecture
    Enables new application definitions without firmware upgrade
  • 13. 13
    Application QoS Technology: Application-specific Bandwidth Control
    Application Session Provisioning provides:
    Hierarchical subclassifications of apps
    Per call or per session differentiation
    Far richer classification than routers
    Layer 7 Plus differentiation
    Customer-critical over recreational apps
    Latency-sensitive over bandwidth-hungry apps
    TCP and UDP Rate Control
    Managed on a flow- by flow basis at application level
    Guaranteed delay bounds for IP telephony on converged networks
  • 14. 14
    Monitor and Troubleshoot
    Measure
    Utilization, response times, performance & SLAs – per application
    Isolate
    What (application), where (server or network), who (users), how (captures, histories)
    Diagnose and fix problems
    Identify protocols, link latency & other environmental variables
    Determine what optimization / will help
  • 15. 15
    PacketShaper Application QoS
  • 16. 16
    What is Application QoS?
    Unacceptable ERP performance Insufficient bandwidth and congestion
    Unpredictable Voice qualityCrowded out by bandwidth hungry apps
    Uncontrolled recreational traffic
    Wasted bandwidth and impact on business- critical applications
  • 17. 17
    What is Application QoS?
    Powerful, Dynamic Application-aware Bandwidth Shaping
    Great ERP performanceProtected from apps and congestion
    Voice quality – 100% assured all-level QoS
    100% control of recreational traffic
    No matter how much it tries to hide
  • 18. 18
    Application QoS
    Resolve application performance issues
    Pre-empt performance problems
    Control bandwidth, dynamically
    Apportion and ensure service levels for applications
    Control and protect applications
    Protect and optimize time-sensitive / real-time apps
    SLAs for voice, transactions, streams
    Restrict bandwidth impact of recreational traffic
  • 19. 19
    Application QoS Technology: Policies and Partitions
    Policy-based Application QoS definitions and partitions by:
    Application
    Site or server
    User or user group
    Beyond Standard QoS
    Apply policies to protect critical traffic
    Smooth disruptive, bandwidth-intensive traffic
    Contain recreational traffic
    Block malicious traffic
    Set priorities to protect business-critical apps
    Non-critical apps can use remaining bandwidth
  • 20. 20
    Application QoS Technology: Rate Control and Predictive Scheduler
    Manages congestion proactively
    Latency reduced
    Packets drops minimized
    Fewer retransmissions
    Improved application performance.
    Improve efficiency to increase throughput
    Without App QOS
    With App QOS
  • 21. 21
    Compare Router-based QoS
    Manage bandwidth passively and react to congestion and packet loss
    Use port-based application traffic classification
    Use various packet-based queuing methods that:
    Are not bi-directional – cannot control inbound traffic at the other edge
    Add delay to transaction time and latency
    Cannot provide per-flow guarantees
    Are only truly effective as part of a comprehensive control strategy
    Are managed on a per-router basis
    Big management overhead in distributed deployments
  • 22. 22
    Router-based QoS Compared toPacketShaper Inbound Rate Control
    Configured in all the branches and Data Center, router-based Queuing relies on the bulk transfers being throttled down after packet loss…
    Branch Offices
    A
    Data Center
    Bulk Data
    512Kbps
    1Mbps
    B
    512Kbps
    Citrix
    C
    512Kbps
    PacketShaper’s Patented Rate Control applied only in the Data Center slows down the Bulk traffic without packet loss and before queues can build
    Bulk Data
  • 23. 23
    Compare Packet Marking and MPLS
    Applies only to carriers core
    Provisioned WAN service, not the entire link
    No way of assigning preference at the last mile
    Biggest bottleneck is typically last mile
    Aggregate shaping only
    Treats all connection requests the same
    Lacks ability to assign limit to number of call requests
    Needs complementary technology to overcome deficiencies
    Application classification for accurate marking
    Packet rate, bandwidth and flow control
  • 24. 24
    Intelligent Marking for MPLS Networks
    Application <<<GRANULARITY>>> enable accurate marking of application traffic
    DiffServ, MPLS, TOS
    Bandwidth allocation
    VoIP
    Classes of Service
    256 Kbps
    SAP
    768 Kbps
    Email
    Best effort
    RemoteOffice
    MPLSBackbone
  • 25. 25
    Application QoS and MPLS Working Together
    MPLSCore
  • 26. 26
    Application QoS and MPLS: End to End QoS
    Quality of Service
    Premium  256kbit/s DSCP 1
    Platinum  256kbit/s DSCP 3
    Gold  512kbit/s DSCP 5
    Silver  512kbit/s DSCP 7
    Best Effort  512kbit/s DSCP 9
  • 27. About ProxySG
  • 28. ProxySG
    Key Functionality
    WAN Optimization
    Secure Web Gateway
    WAN Optimization accelerates business applications
    Files, Email and Internal Bulk Traffic
    Business Web / SaaS
    Content Delivery
    Secure Web Gateway secures the network
    Protect from Malware
    Guard Employee Productivity
    Prevent Data Leaks
    Validate Trusts
    Additional Products
    ProxyClient satisfies the needs of the remote user
    PacketShaper provides Application Visibility and QoS
  • 29. What Can ProxySG Do?
    Protect Against Malware
    AccelerateInternal Bulk Traffic
    GuardEmployee Productivity
    Control and OptimizeExternal Applications
    Secure Web Gateway
    WAN Optimization
    PreventInformation Leaks
    Manage and DeliverVideo and Content
    ValidateTrust
  • 30. ProxySG in the Network
    Centralized Data andApplications
    Public Web
    Servers
    Web Content andApplications
    Internet
    Customers and Partners
    Internet Gateway /Content Filtering
    Reverse Proxy
    BranchProxySG
    WAN
    ConcentratorProxy
    Data Center
    BranchProxySG
    Employees
    Reporter
    Remote Workers
    Director
    BranchOffices
    ProxyClient
    30
  • 31. SWG Design Criteria
    Appliance/OS/TCP-stack/Cache designed for web object processing
    Maximize utilization, throughput, and reliability
    Reduce rack space required, green solution
    Web protocol/application coverage (legacy & new)
    Authentication, Authorization, Logging & Reporting
    Web content optimization & acceleration
    Latency = Closed
    Filter & block unwanted web content
    URL Filtering options, real-time analysis of new content
    Web object filtering & blocking via policy controls
    Scan, detect and block threats
    Anti-malware/virus scanning options with cache intelligence
    MMC filtering/strip/replace/block policy controls
    Data Loss Prevention & Open Integration Point
    DLP/ILP options, plus web content & method controls
    Secure-ICAP and ICAP
  • 32. Proxy Design benefits:Ultimate Control Point
    Full Protocol Termination = Total Visibility & Context
    (HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS)
    Custom built Blue Coat SGOS
    Secure platform that provides maximum benefit for caching
    Industry proven object caching capability
    Policy architecture enables flexible user controls on applications
    Secure ICAP for added security features and integration with DLP vendors
  • 33. ProxySGWAN Optimization
  • 34. What is ProxySG WAN Optimization?
    AccelerationwithControl
  • 35. ProxySG WAN Optimization Technologies
    Object Caching
    Get web, file and video content close to users again
    Byte Caching
    Store repetitive network traffic for dramatic acceleration
    Compression
    Inline reduction of data to reduce application bandwidth
    Protocol Optimization
    Align high-level protocols with network characteristics
  • 36. Object Caching - Get web, file and video content close to users again
    Automatically determines the “right” data
    No legal or compliance risk like other solutions
    Simply the fastest, most compressed data transfer
    All applications, internal and external
  • 37. Object Caching
    DATACENTER
    Internet
    Full File Cached Locally (proxy)
    No data sent across WAN
    Reduced traffic and bandwidth usage
    Better user experience
    Lower WAN costs
    WAN
    BRANCH
    37
  • 38. Byte Caching - Store repetitive network traffic for dramatic acceleration
    110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100
    110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100
    110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100
    110111110011100100100101110[REF#1]00011110001110011000110000010011110000001101111010010[REF#2]010101010100101000010100
    Proxies Cache common patterns
    All files & applications over TCP
    Reduced traffic and bandwidth usage
    Better user experience
    Lower WAN costs
    38
  • 39. Compression - Inline reduction of data to reduce application bandwidth
    110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010101100101100101010101010010101010101010100101000010100
    110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010010010101010010101010101101100101100010100
    11011111001110010010010111001100101011101100100001001100111001000001111000111001100011
    Industry-standard gzip algorithm
    Removes predictable “white space”
    Reduced traffic and bandwidth usage
    Better user experience
    Lower WAN costs
    39
  • 40. High-level protocols and network characteristics
    High-level protocols are “chatty”
    Microsoft file access, Web/HTTP, File Transfer (FTP), Exchange, Citrix, ERP, etc
    Network characteristics
    WAN latency, not cured by simply adding more bandwidth
  • 41. Protocol Acceleration - Align high-level protocols with network characteristics
    Protocol Acceleration replaces chatty protocols with a WAN optimized alternative
    Local acknowledgement
    Larger windows
    Transparent
  • 42. WAN Optimization Technologies Working Together
    Object Caching
    Caches repeated, static app-level data; reduces andwidth and latency
    Byte Caching
    Caches any TCP application using similar/changed data; reduces BW
    Compression
    Reduces amount of data transmitted; saves BW
    Protocol Optimization
    Remove inefficiencies, reduce latency
  • 43. Acceleration Gains
  • 44. ProxySG Policy Control
    Control network resources by user, application or content
    Full protocol termination for visibility and context
    HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS
    Fine-grained policy for:
    Application Protocols
    Content
    Users (allow, deny, transform, etc)
    Authentication integration, for example Active Directory
    Granular, flexible logging
  • 45. Comparing ProxySG Control with PacketShaper Application QoS
    ProxySG Control focused on:
    Policy for user behavior and content management
    Eliminates dangerous or inappropriate traffic
    [Terminated] Application traffic-specific bandwidth shaping
    Depth of understanding,
    Protects against negative impact on business and compliance
    PacketShaper Application QoS focused on:
    Application behavior and bandwidth management
    Contains disruptive traffic
    Sees and manages all applications and entire network link
    Breadth of understanding
    Protects and maintains SLAs for business traffic

×