BIG-IP: NEW LEVELS OF SCALE AND SECURITY January 2013
F5 Introduces…• New Physical and Virtual Application Delivery Controller (ADC) Offerings • F5 continues to execute on platform refresh strategy, including industry’s most powerful ADC, enhanced BIG-IP Virtual Solutions, and entry level ADCs.• New Application Delivery Firewall Solution • Seamlessly combines industry-leading traffic management, access, and firewall capabilities within an intelligent services framework.• Enhancements to BIG-IP Access Policy Manager • Improved single sign-on (SSO) capabilities for web-based, VDI, and client/server, through support for SAML 2.0.• Enhancements to BIG-IP Application Security Manager • Support for apps written with the Google Web Toolkit enhances security teams’ ability to enforce application security policies.
Customer ChallengesWebification of apps Device proliferation 95% of workers use at least 71% of Internet experts predict one personal device for work. most people will do work via web or mobile by 2020. 130 million enterprise customers will use mobile apps by 2014.Evolving security threats Shifting perimeter58% of all e-theft tied 80% of new apps willto activist groups. target the cloud.81% of breaches 72% of IT leaders have or willinvolved hacking. move applications to the cloud.
Executive Summary Broad hypervisor support for advanced ADC in private and public clouds New Lineup of Complete range of NEW platforms from entry-level BIG-IP ADC to the highest performing ADC Platforms Cloud-ready ADC – Delivering flexibility with ScaleN High scale and performance to secure the most demanding data centers Full-proxy firewall for outstanding security Simplification by consolidating Application Delivery security, networking, and application delivery Firewall
NEW ScaleN-Enabled BIG-IP Platforms Broad hypervisor support Complete range of BIG-IP Cloud ready - Unmatched for advanced ADC platforms, from entry-level flexibility with F5’s ScaleN capabilities in private and to the highest performing technology public clouds ADC BIG-IP VE BIG-IP 2000s BIG-IP 2200s BIG-IP 4000 Series BIG-IP 10200v VIPRION 4800 Up to 3Gbps 212K L7 RPS 425K L7 RPS 850K L7 RPS 2M L7 RPS 20M L7 RPS Purpose Built and Carrier Grade Reliability
Flexible Virtual Environment and CloudDeployment Options Unmatched flexibility across all major virtualization platforms. Performance 3Gbps Private Public Amazon AWS Citrix XenServer Microsoft Hyper-V KVM VMware vSphere
F5’s ScaleN TechnologyElastic, App-Aware, and Multi-Tenant Infrastructure On-Demand Scaling Horizontal Clustering Virtualization App-Level Control Virtualization Partitions All-Active TMOS TMOS TMOS TMOS Extend current infrastructure Industrys only all-active Robust multi-tenant scaling capacity without additional scaling platform handling with runtime isolation for devices app-level failover versions and modules • Eliminate costly over- • Improve resource • Consolidate with provisioning utilization shared infrastructure
Introducing the F5 Application Delivery Firewall (ADF)Bringing deep application fluency to firewall security One platform Network Traffic Application Access DDoS SSL DNS firewall management security control mitigation inspection security EAL2+ EAL4+ (in process)
A Firewall Built for the Data Center “Next Generation” Firewall Application Delivery Firewall Corporate Data center (users) (servers)• Outbound USER inspection • Inbound APPLICATION protection• Who is doing what? • Application delivery focus• “Trusted” users to Internet • “Untrusted” users to data center• App Awareness: Broad but shallow • App Awareness: Specific but deep
F5’s Application Delivery Firewall Solution Network Traffic Application Access DDoS SSL DNS firewall management security control mitigation inspection security ProductsAdvanced Firewall Local Traffic Application Access Policy Global Traffic IP Intelligence Manager Manager Security Manager Manager Manager & DNSSEC• Stateful full-proxy • #1 application • Leading web • Dynamic, identity- • Huge scale DNS • Context-aware firewall delivery controller application firewall based access solution security control •• Flexible logging • Application fluency • PCI compliance • Global server load IP address and reporting • App-specific health • Virtual patching for • Simplified balancing categorization authentication •• Native TCP, SSL monitoring vulnerabilities • Signed DNS IP address infrastructure geolocation and HTTP proxies responses • HTTP anti-DDoS • Endpoint• Network and • Offload DNS crypto • IP protection security, secure Session anti-DDoS remote access iRules extensibility everywhere
Comparing F5’s Performance and Scalability Throughput Connections per second 700 8 600 4x 6 500 21xGbps Millions 400 4 300 200 2 100 0 0 F5 Juniper Cisco Check Point F5 Juniper Cisco Check Point (VIPRION 4800) (SRX 5800) (ASA 5585-X) (61000) (VIPRION 4800) (SRX 5800) (ASA 5585-X) (61000) Sessions Footprint 400 200 14xMillions Rack units 17x 200 100 0 0 F5 Juniper Cisco Check Point F5 Juniper Cisco Check Point (VIPRION 4800) (SRX 5800) (ASA 5585-X) (61000) (VIPRION 4800) (SRX 5800) (ASA 5585-X) (61000)
F5’s ADF: Application-Oriented Policies and Reports
Gostou de algum slide específico?
Recortar slides é uma maneira fácil de colecionar informações para acessar mais tarde.