This document discusses virtualization, cloud computing, and SDN technologies. It covers some of the key challenges in application provisioning across network layers that can lead to long deployment times. The document presents solutions from F5 that aim to simplify and accelerate application deployments through a high-performance services fabric and integration with technologies like Cisco ACI and VMware NSX to enable automated, policy-based provisioning of load balancing and other application services.
16. Configure firewall rules as required by the
application
Configure Network to
insert Firewall
Configure firewall
network parameters
Configure Load Balancer as required by the
application
Configure Load Balancer and L4-7 services
Configure Router to steer traffic to/from Load
Balancer
Traditional Network Service Insertion
• Challenges
Service insertion
takes days
Network configuration
is time consuming
and error prone
Difficult to track configuration on
services
Service Insertion In traditional Networks
Server
vFW
Switch
Router
FW
Router
LB
18. Deploying apps in the Datacenter
with
Cisco Application Centric
Infrastructure (ACI) and F5 synthesis
19. Application Centric Infrastructure (ACI) Vision
Rapid Deployment of Applications onto Networks with Scale, Security and Full Visibility
Cisco Nexus 9500
and 9300
Application Centric
Policy Controller
ACI
20. Building blocks of ACI
ACI Building Blocks Accelerate Application Deployments
F5 BIG-IPCONTROLLER POLICY MODEL NEXUS 9000 FABRIC
APPLICATION
NETWORK PROFILE
Traditional
3-Tier
Application
FW
ADC
WEB ACC APP DB
Physical + Virtual
Policy extended to L4-L7
Application: 3-tier application (WEB-APP-DB) This may use ADC, FW services
End point Group (EPG): Grouping of application Components
Policy model: Define QOS, Security, Network, L4-L7 and monitoring policies to be applied to EPG
24. NSX / F5 Management Plane Integration
VM VM
Logical
Networks
NSX Logical
Router
INTERNET
User
VMVMVM
BIG-IQ
vCENTER
Server
Server Pool
F5 VE
VM
Configuration1
Management
NSX
Manager
One-time registration of
BIG-IQ with NSX
Manager
BIG-IQ publishes catalog
of iApps to NSX Manager
Cloud Admin specifies
ADC service template
and location for service
instantiation
It's an application world.
Applications drive your business, whether you are an enterprise, service provider, or cloud hosting service, your business runs on applications
So, when your applications get hacked, don’t work, or are too slow, business stops; you lose your customer’s trust, and the cost is tremendous, in fact
So, what does IT do to make apply services to applications to make them work the way USERS expect them to work? [Click]
Services are used to operating in a specific manner. We call this the “Traditional mode” of operation:
In the Traditional mode, services are inserted with VRF/VLAN stitching, WCCP redirect, Policy-based routing (PBR), etc.
Challenges
This complexity and lack of automation can make the network services more brittle.
Configuring new services for deploying a new application takes days/weeks
Removing configuration from service devices, e.g. firewall rules, when an application is retired is difficult
Auto scale out of services based on load
Time to market or time to react is to long in the traditional approach and business is pressing on IT new services faster because:
Economic constrains
Get IT better aligned with business strategy
IT should be an enabler and not a show stopper
IT projects which are way out of budget, not in time or just not delivering upon expectations are starting to deliver a negative view on IT organisations, making the business sceptic
PRESENTER: Separately, both organizations are solving significant operational issues in the data center. However, the co-developed solution between VMware & F5 eliminates the management silo’s, enabling the delivery of Software Defined Application Services.
VMWARE PRESENTER
[Need VMWARE PRESENTER Notes] Now let’s turn it back to [F5 Speaker] to summarize.
Azure in addition to Amazon Web Services, VMware vCloud Air, and Cisco Intercloud to name a few
On-demand utility billing available within key cloud providers for dev & test and BYOL support for production deployments
Azure Traffic Manager offers basic load balancing and no app security..
Other ADC vendors do not have built-in integration with AWS AutoScale
No other ADC vendor can scale SSL processing from virtual to hardware
Other ADC vendors do not support full breadth of hypervisors and offers fewer ways to allocate resources.