CONFIDENTIAL      F5 e a otimização das aplicações Microsoft      Beethovem Dias      13/06/2012
CONFIDENTIAL                                            2      Agenda      • TI e a Estrutura de Negócios      • F5 e a Mi...
CONFIDENTIAL                                                                                        3      Visão Geral    ...
CONFIDENTIAL                                                                  4      TI e a Estrutura de Negócios    “    ...
CONFIDENTIAL                                                                 5      F5 e Microsoft  TI como ferramenta    ...
CONFIDENTIAL                                                                    6      F5 e Microsoft        TI mais ágil ...
CONFIDENTIAL                                                                   7      F5 e Microsoft       Crescimento    ...
CONFIDENTIAL                                                                          8      F5 e Microsoft         Custom...
CONFIDENTIAL                                                                                                        9     ...
CONFIDENTIAL                                              10 Iniciativas • HTTPS • Aplicações migram para HTTP(S) • Segura...
CONFIDENTIAL                                                        11 Desafios • Vulnerabilidades    • Ataques DDOS    • ...
CONFIDENTIAL                        12 Vulnerabilidades                    © F5 Networks, Inc.
CONFIDENTIAL                                                         13      Vulnerabilidade      “HashDos – Post of Doom”...
CONFIDENTIAL                                             14      Ataque “Anonymous”     • Anonymous ataca utilizando bots ...
CONFIDENTIAL                                                      15      Vulnerabilidade                        Altera a ...
CONFIDENTIAL                                                                                            16      Vulnerabil...
CONFIDENTIAL                                                                                              17       Gerênci...
CONFIDENTIAL                                                                                                     18      D...
CONFIDENTIAL                                                    19      Arquitetura Unificada      Data Center Tradicional...
CONFIDENTIAL                                        20               DNS   WEB   ACCESS                                   ...
CONFIDENTIAL                                                 21      HashDos – Post of Doom    Uma iRule pode mitigar esta...
CONFIDENTIAL                                                22      Ataque “Anonymous”   • Anonymous ataca utilizando bots...
CONFIDENTIAL                                                                                      23    Gerência de Acesso...
CONFIDENTIAL                                                             24    BIG-IP Data Center Firewall   • Reduz custo...
CONFIDENTIAL                   25               © F5 Networks, Inc.
CONFIDENTIAL                                                                 26 Application Analytics   • Estatísticas por...
CONFIDENTIAL                                                                       27      F5 e a Microsoft   • Parceria G...
CONFIDENTIAL                                                            28   Sobre a f5 • Empresa líder de produtos de Ent...
CONFIDENTIAL
Upcoming SlideShare
Loading in...5
×

Apresentação evento lcx tecnologia com sofisticação em f5

666

Published on

Apresentação Evento LCX Tecnologia e Satisfação com F5

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
666
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Key Points: Land an emotional connection with the audience around the pains they are feeling today:Aspects of information technology keep growing! We live in a hyper-connected world where people demand access to information on their own terms.Security is so important and challenging than ever as data grows and people access corporate resources on a multitude of devices. Talk Track:Let’s take a look at business today… you and your peers face a lot of challenges… We often hear from our customers that worries of security and compliance keep them up at night. And a valid concern especially as we think about trends such as consumerization of IT. We want to give our company choice and options when it comes to collaboration and getting work done. What this is causing is an incremental increase to the surface area we need to cover – whether the number of email accounts, the ever remote workforce, or the simple fact that data continues to grow at an alarming pace…and at the day we’re ultimately responsible for ensuring an amazing experience to the end user.
  • Key Points:Companies, and IT leadership want to drive more value out of ITAlignment of IT and Business allows companies to become more agileTalk Track:We spend a lot of time working with customers and understand the pressure that everyone’s under to deliver more value out of existing investments – and the desire to spend less time just keeping the lights on – and more on helping the company grow by delivering valuable services when they’re needed.We hear about the need to provide a secure environment that is designed to scale and help mitigate risks and ensure regulatory compliance. We also hear and know that end users matter more than ever – and are driving a lot of IT requirements and decisions – we’ve got to provide the right level of access to information and applications.
  • Key Points:Make IT work for you through F5’s intelligent approach to application delivery, security, and deep understanding of Microsoft applications.Simplify your infrastructure through F5’s ability to streamline and automate existing network investments.Accelerate performance of your Microsoft applications.Private cloud done right by giving you cloud reference architectures that provide the right. traffic delivery to avoid application bottlenecks.Easy rollout of Microsoft applications thanks to F5’s deep integration with Exchange, SharePoint, and other mission critical products.Best in class service and support that includes planning and deployment guides, templates, and consulting services and access to an incredible customer and partner community.Talk Track:Transforming IT requires a different take on how infrastructure and applications are designed and delivered. The good news is you most likely already own what you need to get started. We talk about our unique view of the application delivery. F5, since the beginning, has been front and center in terms of application traffic – and over the years we’ve developed a robust app delivery platform that provides incredible visibility how your apps are performing. We strongly believe that to support business objectives the network can no longer be a simple data delivery system – but requires smarts to keep up with the growing mobile user community – new devices – new threats – and to provide the adaptable flexibly to conform to changing business requirements. When it comes to Microsoft applications and technologies, F5 has made SIGNFICANT investments in ensuring that you get fast, available, and secure experiences. Our development teams work together to ensure down to the code level – that our commitment to providing the best possible performance is there. Our deployment guidance for Microsoft’s productivity portfolio, like SharePoint and Exchange are the best in the business. When Microsoft releases a new version, F5 is the first to provide the right details to ensure fast deployments, and deployments done right.
  • Key Points:We need greater IT agility to respond to business opportunities and to ensure our business and customers are getting the right information when and how they need it.Achieve strategic points of control wherever your information is shared.Exceptions based approach looks for issues and corrects them before they happen.Reduce threats by taking advantage of F5’s built in security capabilities.Get world-class business continuity through F5’s built-in disaster recovery and high availability capabilities.Scale up, out, and down by dynamically updating your network to support changing business needs.Talk Track:Security and compliance are huge. It’s more than a full time job trying to keep up with new security attacks and how to best manage the ever growing IT surface area. At F5 we believe that you can have secure and fast at the same time. We do this by consolidating security at the application layer – giving you incredible control and visibility – WHILE – providing fast application delivery.Right out of the box, you’ll get our years of security expertise that’s been built up supporting some of the world’s largest internet companies and enterprises. Concerns such as high availability, disaster recovery, and datacenter optimization are capabilities built in and intrinsic to F5’s product portfolio.What you might not be aware of is the fact that you can now use your F5 investments as a firewall – allowing you to consolidate your secure systems through F5 – while still benefitting from the incredible Microsoft application delivery capabilities.
  • Key Points:Be confident that you can take risks without the risk with flexibility and control through F5 revolutionary approach to IT.Accelerate time to market by spending less time deploying applications and more time using them.Ensure regulatory compliance through our comprehensive, scalable proactive approach.Get substantial value out of existing F5 and Microsoft investments so you can reuse existing resources to drive new opportunities.Deliver new application experiences faster by using F5’s built in application resourcesReduce OpEx and CapEx costs by standardizing on F5 systems to support multiple Microsoft application, web, and mobile investments. Talk Track:The deployment of your Microsoft applications shouldn’t be hard – or take an army of consultants to deliver. F5 has taken the trouble and expense of developing substantial deployment guides and best practices for the planning, deployment, and ongoing management of Microsoft applications and technologies. We provide tools and templates that make it easy as one, two, three for your teams to assess your particular needs, design the right approach, and deploy on time and on budget.We believe that your network and development teams should be deeply connected – and have built extensible technologies that your development teams can use to accelerate application development. We provide the connective tissue to your network teams to make it easy to onboard new applications.The bottom line is important – and through consolidation of application delivery and security needs, as well as improved team productivity, your budgetary pressure is relieved.
  • Key Points:F5 provides serious value to your existing and future Microsoft investmentsOur unique approach to creating intelligence around the application delivery greatly improves app performance, security, and IT productivityTalk Track:We don’t talk often about the expanse of our relationship with Microsoft. F5 sits in front of every major Microsoft strategic initiative – both externally and internally. Microsoft is one of our largest and most strategic customers and partners. We often hear from our Microsoft clients and colleagues that they’ve bet their business on F5 because we provide the strategic point of control for their most critical applications and services, like Office 365 and their internal implementations of SharePoint, Exchange, and other line of business applications. Depend on F5 to be the strategic point of control for your Microsoft investments allowing you to drive your business in new and profound ways. This is possible thanks to our revolutionary approach to intelligent application delivery so your teams are more productive, your apps safer, and possibilities like the web and mobile experiences are within reach.Our unique combination of market leadership, deep integration with Microsoft technologies, and vibrant community allow you and your business to get substantial and unexpected incremental value from our relationship.
  • This slide speaks for itself…take a moment to pause and discuss with audience how they’ve gotten value out of their F5 | Microsoft investments…
  • VU#903934Modern web applications include web forms with hundreds of name+value pairs, many of them hidden, that communicate data between the browser and the application. All of these variables are managed, almost universally, by placing them into a language construct called a dictionary. This dictionary is implemented using a hash table, which has all sorts of wonderful characteristics such as fast insertion and fast random lookups that you’d like if you were looking up, say, a word in the dictionary. That hash table, alas, is where the problem comes in.Hash tables are used for high-performance situations because they typically provide the fastest lookup. However, hash tables break down when there are too many hash collisions. Typically, hash collisions in the table are handled by putting a linked list off the hash table and then searching the list. with this attack a mere 30 Kbits/s can keep one Intel™ Core 2 core busy. At 30 Kbits/s a single client can DoS a CPU. An attacker with a gigabit connection could theoretically keep 10,000 Intel™ i7 cores busy.
  • https://www.whitehatsec.com/assets/WPstats_winter11_11th.pdf?doc=WPstats_winter11_11thBy arranging the time-to-fix data in a cumulative format we get a sense of the time required to remediate vulnerabilities in a given percentage of an industry’s websites. From Figure 6 we can see that number is 116 days. For example, on average 50% of organizations require 116 days or less to remediate their serious* vulnerabilities. The Banking industry is the fastest, remediating 50% of serious issues in under 13 days. The slowest is Telecommunications, which significantly underperforms the overall average, taking 205 days to remediate serious* vulnerabilities on 50% of the websites. This data helps answer a common question, “How fast should our organization be fixing our vulnerabilities?” From a risk management perspective, if the organization is a target of opportunity, perhaps a goal of being at or above average is good enough. If however the organization is a target of choice, either ASAP or being among the fastest is more appropriate Even if serious* vulnerabilities are identified, verified, and explained it does not necessarily mean they are fixed, quickly or at all. As such it is important to analyze the resolution rates of organizations that do get their vulnerabilities fixed, or not, and in what volumes (Figure 7). Some organizations target the easier issues first to demonstrate their progress in vulnerability reduction. Others prioritize the high severity issues to reduce overall risk. Most industries in 2010 fixed roughly half of their outstanding reported issues. What we can also clearly see is a positive historical trend line. A roughly 5% improvement in the percentage of reported vulnerabilities that have been resolved during each of the last three years (2008, 2009, 2010), currently 53%.
  • Mencionardiferenças de tráfego inbound e outbound, assimcomomencionarquetrabalhamos no tra’fego inbound para as aplicaçõesdentro do data center
  • Traditional protection methods attempt to piece together many individual point products such as static firewalls, DDoS appliances, DNS appliances, web application firewalls, and application delivery controllers.  This approach increases complexity, latency, and adds more points of failure. Worse, this approach fails to integrate information from different attack vectors, and fails to unify the response. Additionally, traditional approaches have no way of evolving as the attacks themselves evolve.The high performance internet firewall firewall builds on F5’s vision of the “dynamic data center” by acting as a strategic point of control for security enforcement from the network to the application layer. (http://devcentral.f5.com/weblogs/macvittie/archive/2010/06/17/what-is-a-strategic-point-of-control-anyway.aspx) Architecting F5 control points throughout the data center, for access, traffic management, acceleration, storage, and security enables a new model for secure application delivery built around the dynamics of the network, data, protocols, applications, and users.
  • With F5’s IDC Firewall, customers are able to: Reduce hardware and operating cost by as much as 50%Defend against 30+ DDoS attack types across both the network and application layers. Leverage the performance and scalability of BIG-IP to handle 10 times more connections per second over any other network firewall.Protect by using iRules against newly published vulnerabilities that do not have a patch. As in the case of the SSL Renegotiation DOS attack, F5 published on its user community site, DevCentral, a countermeasure within hours of the exploit being published.Scale up to 72 Gbps of throughput with 72 million concurrent connections on a single device.
  • VU#903934Modern web applications include web forms with hundreds of name+value pairs, many of them hidden, that communicate data between the browser and the application. All of these variables are managed, almost universally, by placing them into a language construct called a dictionary. This dictionary is implemented using a hash table, which has all sorts of wonderful characteristics such as fast insertion and fast random lookups that you’d like if you were looking up, say, a word in the dictionary. That hash table, alas, is where the problem comes in.Hash tables are used for high-performance situations because they typically provide the fastest lookup. However, hash tables break down when there are too many hash collisions. Typically, hash collisions in the table are handled by putting a linked list off the hash table and then searching the list. with this attack a mere 30 Kbits/s can keep one Intel™ Core 2 core busy. At 30 Kbits/s a single client can DoS a CPU. An attacker with a gigabit connection could theoretically keep 10,000 Intel™ i7 cores busy.
  • With F5 Data Center Firewall, customers are able to: Reduce hardware and operating cost by as much as 50%Defend against 30+ DDoS attack types across both the network and application layers. Leverage the performance and scalability of BIG-IP to handle 10 times more connections per second over any other network firewall.Protect by using iRules against newly published vulnerabilities that do not have a patch. As in the case of the SSL Renegotiation DOS attack, F5 published on its user community site, DevCentral, a countermeasure within hours of the exploit being published.Scale up to 72 Gbps of throughput with 48 million concurrent connections on a single device.Gain visibility and control in to all traffic including SSL.Protect against 30+ DDoS attack types across both the network and application layers. Leverage the performance and scalability of BIG-IP to handle 10 times more connections per second over any other network firewall.Using iRules customers can protect against newly published vulnerabilities that do not have a patch. As in the case of the SSL Renegotiation DOS attack, F5 published on its user community site, DevCentral, a countermeasure (http://devcentral.f5.com/weblogs/david/archive/2011/05/03/ssl-renegotiation-dos-attack-ndash-an-irule-countermeasure.aspx)within hours of the exploit being published.Scalable Performance – Support up to 72 Gbps of throughput with 72 million concurrent connections on a single device.
  • Talk Track:Ok, let’s drill into the value we provide to your datacenter, and Microsoft technologies…F5, since the beginning, is all about provide fast, secure, and available delivery of your applications and services based upon our market leading flexible and adaptable TMOS system.
  • Ten-year global partnership dating back to 2001. F5 enjoys a long-standing global partnership with Microsoft, extending the availability, reliability, scalability and security of Microsoft’s enterprise software. Microsoft is also an important F5 customer. Microsoft GNS (global networking services) standardize on F5 as their Tier 1 ADC platform vendor for internal applications. F5 is also core component in the architectural designs for MSN/Live, MSNBC, Xbox Live, BPOS and Azure. F5 is a Microsoft customers, using Windows client/server, Active Directory, MS SQL Server, Office client, Exchange, SharePoint and Office Communications Server (now known as Lync Server).F5 engages in solution development across the Windows platform, business productivity applications, systems management and virtualization. F5 engages during Microsoft design and development, architecting F5 solutions and validating them jointly with Microsoft prior to Microsoft product launch so that customers can deploy them with an F5 solution immediately. For more information: f5.com/microsoftKey alliance memberships such as System Center Alliance and Dynamic Datacenter Alliance represent joint investment, shared thought leadership and strategic planning that ensure customers can confidently invest in both Microsoft and F5 platforms because they work together. The Microsoft Technology Alliance (MTC) is an industry unique program whereby F5 and Microsoft engage customers together to discuss visions, business goals, create architectural designs and even formal proofs of concept. These engagements occur within MTC centers located around the world where F5 has placed BIG-IP ADC equipment for customer testing and solution design verification with Microsoft.F5 educates and trains Microsoft technical field, services and support teams on the BIG-IP platform and F5 solutions for Microsoft applications. Microsoft and F5 also have formal customer support communication and businesses processes in place through TSANET (http://tsanet.org/) and cordial working relationships.F5 maintains offices and lab space in Redmond as part of the Microsoft Partner Solution Center in building 25.https://partner.microsoft.com/40013031http://www.microsoft.com/mtc/default.mspxhttp://www.microsoft.com/serviceproviders/busresources/mpsc.mspx http://www.microsoft.com/hosting/dynamicdatacenter/Alliance.htmlNetworking infrastructure company that builds physical devices for the data center. We currently hold 60% of the ADC market. What this means is that we are the most recognized name with customers for application delivery networking. Our ADC or Application Delivery Controller is a network device that understands the user and application context of the packets flowing through the device and can inspect, modify and manage those packets and proxy the network connections associated with them. F5 devices are commonly known and “BIG-IPs” with sets of features that are enabled through licensing keys which unlock features in the operating system – TMOS (traffic management operating system).In this way F5 helps IT organizations gain more visibility, control and flexibility in managing their IT environments.Gartner’s Magic Quadrant http://www.gartner.com/technology/media-products/reprints/f5networks/vol6/article1/article1.htmlSpecialize in application intelligence, optimizing end-user experience over the network. Load-balancing, acceleration (caching and compression), off-loading, and application (L7) security.62% of IT organizations reduced capital expenditure (CAPEX) by 10% or more for their Microsoft environment using F5 BIG-IP Solutions. TVID: 847-400-62261% of IT organizations reduced operating expenditure (OPEX) by 10% or more for their Microsoft environment using F5 BIG-IP solutions. TVID: 0F1-13A-B2CToday we’re talking with you about optimizing a Microsoft SharePoint 2010 deployment, and we’re proud to say that we’ve been a Microsoft partner since 2001 and as you might expect, are a member of numerous Microsoft alliances and technology-specific partner programs. I’ve listed a few of those here for your easy reference. These alliances represent strategic cooperation between F5 and Microsoft across a number of IT-focused efforts – efforts designed to make the design and deployment of solutions that matter to you both smooth and reliable. For customers investing in the Microsoft platform, F5 delivers a strategic point of control in their data center. Dynamically optimizing user connections to backend applications. F5 invests heavily in understanding the applications and technologies produced by Custom engagement/relationships on-going across Microsoft product teams which drive our solution developmentThought leadership/strategy where we engage in confidential futures discussions and respond to regular Microsoft requests for collaboration, advice on special projects/initiatives (cite the Datacenter Technology Solution Professional training, IIS Web Farm Framework, System Center Virtual Machine Manager 2012 Beta: Load balancer provider which was the only working provider demonstrated at Microsoft Management Summit 2011 in Las Vegas in March and Microsoft Hosting Summit 2011 in Bellevue in March.Full product life cycle integration from early dev/design through release and into support/maintenance. No ADC has more MS application traffic passed through it during dev/test in their own labs than BIG-IP, and F5 trains MS support teams on our gear and our solutions. MS can trouble shoot in their support labs with BIG-IP in the repro.Microsoft and F5 are each other’s customers: providing deep, specific feedback, driving each other’s roadmaps.Microsoft is the only company providing all of these: Hosting centers, Platform as a Service, Infrastructure as a Service, Software as a Service, Operating systems, hypervisor, applications, systems management and monitoring, software development tools and life cycle management, entertainment and gaming. And F5 engages in all these areas, supporting, optimizing, partnering with MS.
  • Apresentação evento lcx tecnologia com sofisticação em f5

    1. 1. CONFIDENTIAL F5 e a otimização das aplicações Microsoft Beethovem Dias 13/06/2012
    2. 2. CONFIDENTIAL 2 Agenda • TI e a Estrutura de Negócios • F5 e a Microsoft • Segurança • Data Center Firewall • f5 © F5 Networks, Inc.
    3. 3. CONFIDENTIAL 3 Visão Geral Nuvens privadas e públicas receberão Contas de email: 2,9 bilhões em 2010 para 3,8 bilhões em 2014 Previsão de 15% dos crescimento investimentos de TI dos dados Previsão de 84% Possuem força de trabalho remota. crescimento dos profis. de TI 70% do universo digital é criado pelos indivíduos. Empresas são responsáveis pela segurança, privacidade e disponibilidade de 85% © F5 Networks, Inc.
    4. 4. CONFIDENTIAL 4 TI e a Estrutura de Negócios “ TI como ferramenta estratégica dos negócios – Como podemos utilizar recursos de TI existentes na adequação aos negócios?” “ TI mais ágil para adequação aos negócios e para garantir que clientes e colaboradores tenham acesso a informação correta quando e como eles necessitam.” “ Crescimento direcionado pelos negócios é esperado que TI realize além de mitigar os riscos.” © F5 Networks, Inc.
    5. 5. CONFIDENTIAL 5 F5 e Microsoft TI como ferramenta estratégica dos Distribuição de Aplicações, segurança e negócios conhecimento dos aplicativos Microsoft Simplifica infra estrutura Nuvem Privada otimizada Facilidade de implementar Transforma TI aplicativos Microsoft © F5 Networks, Inc.
    6. 6. CONFIDENTIAL 6 F5 e Microsoft TI mais ágil Infra estrutura flexível, segura e otimizada para aplicativos Microsoft Alcançar pontos estratégicos de controle Redução de ameaças e simplifica a segurança Agilidade Atingir nível world-class dos com Segurança negócios © F5 Networks, Inc.
    7. 7. CONFIDENTIAL 7 F5 e Microsoft Crescimento direcionado pelos Crescimento com flexibilidade, controle e negócios sem riscos Acelerar o time to market Garantir conformidade regulatória Obter valor substancialCrescimento Acelerado Redução de OpEx e CapEx © F5 Networks, Inc.
    8. 8. CONFIDENTIAL 8 F5 e Microsoft Custom Applications Ponto estratégico de controle Produtividade Aplicativos Inovação Seguros © F5 Networks, Inc.
    9. 9. CONFIDENTIAL 9 F5 – Valor Real “ 66% Usam F5 para Escalabilidade e Crescimento Fonte: Survey of 198 F5 customers TVID: 903-01A-Df8 “ Nosso negócio foi capaz de criar novas oportunidades e aumentar a receita porque conseguimos infra estrutura com custo-benefício e de rápida adapatação para satisfazer o modelo de negócios. - IT Specialist, Global 500 Banking Company “ 76% Muito Satisfeitos com Soluções F5 e Microsoft Fonte: Survey of 365 F5 customers TVID: 4CC-C74-4E1 “ Utilizar Big-IP LTM em nosso ambiente Microsoft nos permitiu arquitetar e implementar soluções de Comunicação Unificada com alta disponibilidade e escalabilidade. Também possibilitou solução geograficamente dispersa que reduziu o risco de downtime para o usuário final. - IT Architect, Large Bank © F5 Networks, Inc.
    10. 10. CONFIDENTIAL 10 Iniciativas • HTTPS • Aplicações migram para HTTP(S) • Segurança do website = desenvolvedor • Virtualização • Balanceamento de carga • Proteção através de Firewall • Data Centers • Acesso Remoto Seguro © F5 Networks, Inc.
    11. 11. CONFIDENTIAL 11 Desafios • Vulnerabilidades • Ataques DDOS • Ataques as aplicações • Customização das aplicações • Vulnerabilidades publicadas • Novo Modelo de Data Center • Segmentação do tráfego (outbound e inbound) • Firewall dos usuários e das aplicações • Flexibilidade de acesso exigida pelos usuários © F5 Networks, Inc.
    12. 12. CONFIDENTIAL 12 Vulnerabilidades © F5 Networks, Inc.
    13. 13. CONFIDENTIAL 13 Vulnerabilidade “HashDos – Post of Doom”: Afeta a maioria dos servidores e das plataformas web Balanceador de Carga Atacante com 30Kbits/s pode comprometer a CPU do servidor Atacante com conexão Gigabit, teoricamente, pode comprometer 10000 Intel™ i7 © F5 Networks, Inc.
    14. 14. CONFIDENTIAL 14 Ataque “Anonymous” • Anonymous ataca utilizando bots • Requisições válidas e íntegras • Tráfego do ataque compromete os sistemas legados © F5 Networks, Inc.
    15. 15. CONFIDENTIAL 15 Vulnerabilidade Altera a requisição ao servidor, a própria URL © F5 Networks, Inc.
    16. 16. CONFIDENTIAL 16 Vulnerabilidades Fonte: Winter 2011, 11th Edition – Measuring Website Security: Windows of Exposure © F5 Networks, Inc.
    17. 17. CONFIDENTIAL 17 Gerência de Acesso Web Proxy Web Servers Alternativas 3 2 1 APP 1 APP 2 APP 3 APP n Directory 1 Código na Aplicação 2 Agentes nos Servidores 3 Proxy de Acesso • Caro, mudança díficil • Difícil gerenciamento Especializado • Não reproduzível, • Não interoperável, seguro • Não Escalável e não pouco seguro • Descentralizado e caro confiável • Aumento de equipamentos e de custo © F5 Networks, Inc.
    18. 18. CONFIDENTIAL 18 Data Center 1. Falta de performance e escalabilidade 2. Incapacidade de reagir as mudanças nas ameaças 3. Falha ao oferecer novos serviços 4. Complexidade e custo com múltiplos fornecedores Application Web Access Firewall Network DDoS DDoS Management Web Servers Internet Load Load Balancer Balancer & SSL Web Application DNS Security Firewall © F5 Networks, Inc.
    19. 19. CONFIDENTIAL 19 Arquitetura Unificada Data Center Tradicional PROTEÇÃO WEB APP BALANCEADOR FIREWALL DDOS FIREWALL DE CARGAGERENCIAMENTO DE ACESSO SEGURANÇA DNS © F5 Networks, Inc.
    20. 20. CONFIDENTIAL 20 DNS WEB ACCESS LTM © F5 Networks, Inc.
    21. 21. CONFIDENTIAL 21 HashDos – Post of Doom Uma iRule pode mitigar esta vulnerabilidade em todos os servidores Equipes podem aplicar os patches seguindo o cronograma © F5 Networks, Inc.
    22. 22. CONFIDENTIAL 22 Ataque “Anonymous” • Anonymous ataca utilizando bots • Requisições válidas e íntegras • Tráfego do ataque compromete os sistemas legados • Solução: Implementar BIG-IP Proteção BIG-IP: • Melhor gerenciamento de conexões • Controle de DDoS • Agilidade e flexibilidade com iRules © F5 Networks, Inc.
    23. 23. CONFIDENTIAL 23 Gerência de Acesso Web Web Servers Melhor Alternativa – BIG-IP LTM + APM APP 1 APP 2 APP 3 APP n Directory Benefícios • Redução de custos e • Proteção L4 – L7 • Virtualização da complexidade aplicação e da • Maior escalabilidade e autenticação • Verificação do Endpoint alta disponibilidade © F5 Networks, Inc.
    24. 24. CONFIDENTIAL 24 BIG-IP Data Center Firewall • Reduz custo operacional e de hardware em até 50% • Defesa contra +30 ataques DDoS de rede e aplicação • Flexibilidade das iRules • Escalabilidade 72 Gbps e 48 M conexões simultâneas • Visibilidade e controle do tráfego, inclusive SSL © F5 Networks, Inc.
    25. 25. CONFIDENTIAL 25 © F5 Networks, Inc.
    26. 26. CONFIDENTIAL 26 Application Analytics • Estatísticas por Aplicação Estatísticas • Visão do Negócio • Latência do Servidor • Planejamento de • Latência do Cliente Capacidade • Banda • Troubleshooting • Código de Resposta • Desempenho • Métodos • Auxilia ROI • URLs • IPs dos Clientes • Localização Geográfica • User Agent © F5 Networks, Inc.
    27. 27. CONFIDENTIAL 27 F5 e a Microsoft • Parceria Global • Desenvolvendo Soluções • Unindo investimentos e planejamento estratégico • Liderança SSTP • Centros de Tecnologia RDS/Terminal Services IIS/ASP.NET Disponibilidade | Escalabilidade | Segurança | Visibilidade | Gerenciamento Inc. © F5 Networks,
    28. 28. CONFIDENTIAL 28 Sobre a f5 • Empresa líder de produtos de Entrega de Aplicações • Fundada 1996 / IPO 1999 • Aprox. 2500 empregados • Aprox. 2000 parceiros • Receita em 2011 : $1,1B • + 300 clientes no Brasil • +16000 clientes no mundo © F5 Networks, Inc.
    29. 29. CONFIDENTIAL
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×