Application Visibility & Controlwith PacketShaper
Application Delivery Trends         The Deepest VisibilityAGENDA         With The Most Powerful Control         PacketShap...
The Web is the Platform     Business Apps Moving to Web:             ERP, Sales Automation, HR, Online Meetings     In the...
Creating a New Set of Challenges      Web Applications and Content:         Range from Inappropriate to Important        ...
Only PacketShaper Can Address   Distinguishes at the application layer   Finds masquerading applications   Understands ...
Competition Falls Short    Most solutions stuck at Port/Protocol    Chasing Individual Applications doesn’t scale    Th...
The Deepest Visibility   Latest in a History of Innovation   Classify by URL Category   Detailed Metrics and Tools   N...
Latest in a History of Innovation         2000        2002          2004          2006         2008       2010       2012 ...
Classify by URL Category WebPulse    Leverages WebPulse Community             70 Million Users, 8B+ Ratings per day    ...
Classify by URL Category                                     WebPulse                          Category                   ...
Response Time Metrics                            Transaction Delay End-user experience Network & Server Delay Threshold...
Real-time Voice & Video Metrics Key Metrics   •   Call Volume   •   Latency   •   Jitter   •   Loss Quality Metrics   • ...
Troubleshooting Diagnostic      Host Analysis – Real time host/IP address view (below)      TCP Health – Connection stat...
VoIP & Video Conferencing    Industry Leadership Enabling Voice & Video     Deployments         Assess, provision & moni...
Non-Intrusive Security Assessments   Profile Security Threats & Concerns        Threats: Phishing, Spyware, Botnets, Pro...
The Most Powerful Control   Organized to Scale   Power Control Techniques   Integrated Compression   Centrally Managed
Very Granular When Required    Sub-classify Web 2.0 Applications    Example: Manage by Facebook Content        > 1600 C...
Powerful Control  Patented Rate Control    • Guarantee per flow bandwidth    • TCP and UDP                           Guar...
Integrated Compression  Real Time Compression   • RAM Only - Low latency       Symmetric Compression   • Application spec...
Central Management       IntelligenceCenter  Centralized Reporting  SLA Dashboard  Custom Roles & Views          Policy...
The PacketShaper in Action   Dashboard Overview   Real-time Monitoring   Historical Reporting   One-click Control   I...
Dashboard Overview          And Flash          Video at: 55%                           Auto-discover All                 ...
Real-Time Monitoring                            Graph Multiple Apps in                             Real-time             ...
Fast & Easy Historical Reporting                               Research if Problems                                are Pe...
Powerful One-Click Policy-Based Control                                        Simultaneously Apply                      ...
Instantly See the Impact                                      Control Starts Instantly                                   ...
Summary – PacketShaper Delivers   Applications Are Moving to the Web   PacketShaper has the Deepest Visibility   And th...
Upcoming SlideShare
Loading in …5
×

Vfm packetshaper presentation

649
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
649
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • It’s no secret that applications are moving to the Web, but I’m not sure that most people really understand the scope or the implications of this shift. We actually go a step further and say that the Web is the Platform. HTTP andSSL often now make up 50-75% of traffic of total traffic, up from maybe 25% just a few years ago.We all know that critical business applications are web-enabled and more and more offered across the Internet as a Software as a Service. <click>And you may also understand thatrecreational traffic is exploding.<click>What most people haven’t really thought about is the line between, which is also exploding. This is that blurry area of things like web-based e-mail, chat, web browsing and even video. A few years ago you could assume that this traffic is not that important and could be ignored, but more and more this traffic has business value as well. At the very least, user productivity is impacted if these applications aren’t performing well.
  • This shift is causing a new set of issues because the Web traffic ranges for the inappropriate and even malicious, all the way to the critical business systems that are required to effectively run the organization.The problem is that for most systems all of this traffic looks alike. Everything just shows up as HTTP and SSL, leaving open the distinct possibility that the less important traffic will crowd out the business critical traffic causing significant performance problems. Traditional classification technologies that just look at port or even protocol can’t distinguish the traffic. Even solutions that create “applications” based on domains can’t keep up and aren’t sufficient to really understand the applications being used.
  • Now, the PacketShaper is taking a quantum leap that really addresses this new set of issues. The PacketShaper is the only solution that understands that application and content are intrinsically linked in this Web-based world that we live in today. PacketShaper’s new Classify by URL Category functionality understands and categorizes the entire Web. It works by leveraging the WebPulse community of over 70 million users, which categorizes URLs in real time into 1 to 4 of the 80 categories that are available. WebPulse makes over 8 billion ratings a day making it the largest community in the world by an order of magnitude.One of the great aspects of having WebPulse do the work to categorize the traffic is that it is constantly updating itself as new applications and content come onto the Web. Because the updates happen dynamically in the cloud, the PacketShaper gets to take advantage of categorizing the new content without ever having to upgrade the PacketShaper itself.This instant awareness allows customers to set a policy today to manage the next big thing before it is even invented.
  • And nobody else can do this. Most competitive solutions are still stuck reporting on port or protocol. Those that do try to keep up by manually classifying new URLs can’t possible hope to keep up with the growth of the Web. And a side effect of their approach is that their reporting is a simplistic dump of URL accesses. This isn’t providing real value to a customer. They are behind and the gap is widening.The combination of PacketShaper and the Web Pulse cloud will be a huge competitive advantage for Blue Coat and our partners.
  • As I mentioned, the first area I’ll highlight is the PacketShaper’s history of innovation. Just as an example, let’s start with IM. Originally, a single application – AOL instant messaging was what everyone used. We saw the trend and were the first to classify the AIM traffic. <click>Over time though, many more IM applications emerged and we have always been there to classify them. Today, we classify over 30 IM applications and sub-applications. <click>Similarly, we saw the P2P trend very early and were the first to classify Napster. At the time, that was the only P2P application. Over time, many variants emerged and we continued to stay on top of them and now classify over 80 P2P applications and sub-applications. The same analogy can be extended to many other application categories as well.<click>Beyond just base application classification, we also recognized very early the importance of understanding the sub-components of the applications. For instance, SAP over Citrix was much more critical and time sensitive than printing over Citrix. Over time, we added the ability to sub-classify over 70 applications including SSL, Oracle, the Microsoft protocols, Blue Coat optimized ADN traffic and many more. <click>Finally, the PacketShaper has always led in the techniques available to find applications. We’ve always classified by IP and port, but over time, we’ve also added the ability to classify by VLAN, DSCP, & MPLS. More recently in 8.4, we added the ability for user defined Layer 7 applications and most recently in 8.5 we added the ability to classify by group. We’ll talk a bit more about that later. <click>Now, we are about to move into the next truly innovative classification technique, which is classify by URL category… <click>
  • Network/ADN Assessments are a common way to get started for enterprises.Blue Coat recommends first assessing what’s causing the problem in the first place rather than jumping to conclusions
  • An important category of metrics is response time measurement, and this is where we can begin to map the performance of applications in terms of what the user is actually experiencing. So we can tell again at a glance, when an application is performing to spec. We can measure network delay. We can measure server delay. We can establish thresholds so that if one of those delay maxima or minima is reached, we can provide a means of alarming the network group on that event.
  • And as many of our customers roll out Voice over IP or IP telephony on a converged network, we also provide a comprehensive range of Voice over IP specific metrics. And this can be from call volume, down to network characteristics that affect the quality of voice, such as loss, latency and jitter, all the way down to Voice over IP or voice specific metrics, such as a Mean Opinions Score or the RFactor. Now all of that can be combined to present a realistic view of the quality of voice. Voice quality is key and often the hardest thing to assure, so we can use those metrics as a means of determining, measuring, reporting and alarming the actual quality of voice over our network.
  • And when things aren’t going well, it is important to have the tools to diagnose why they aren’t performing. PacketShaper provides a wealth of tools to diagnose the root cause of issues. This includes features such as Host Analysis, which will quickly give you the top users by bandwidth consumption, flows, or the always popular because it indicates serious issues, failed flows. Once you see the top users you can drill down to what specifically they are doing, and then from there, who else is doing the same thing. Very powerful point-and-click workflows to quickly isolate the cause of the problems.TCP Health is also key to understand how the entire network is functioning as well as the individual applications. It breaks down total connections, aborts – which are usually indicative of performance issue where a user got bored and hit refresh or left the page, refuses – which are usually because the server is overloaded or configured not to accept connections on that port, and ignores – which, more often than not, are scanning hosts or viruses that are searching for more targets.In addition, the PacketShaper can also take packet traces that feed into standard systems and generate synthetic transactions to show performance characteristics throughout the day, even if no real traffic is occurring for that applications.
  • And finally, let’s talk about the VoIP and Video classification enhancements. The PacketShaper has been a powerful tool used by many customers rolling out voice over IP. PacketShapers can assess network readiness for VoIP implementation. The PacketShaper can monitor call including tracking latency, jitter, loss, MOS or Mean Opinion Score, and rFactor, which is another call quality standard algorithm.<click>New in 8.5 is the ability to classify voice and video over Microsoft OCS and Live Meeting. <click>And the ability to auto-discover VoIP by device types. This is yet another reason application intelligence and the ability to sub-classify is important. Take for example a Cisco VoIP phone and Google Talk. They may use the same underlying protocols and even the same CODEC – which PacketShaper can already auto-discover by CODEC – but that doesn’t mean that a customer wants to monitor and manage Cisco VOIP the same as Google Talk. With the new capability to auto-discover by device type, the PacketShaper will automatically separate them allowing customers to monitor and manage them separately.
  • One truly compelling capability that the Classify by URL Category feature set enables is the ability for the PacketShaper to easily drop into a new environment and perform security assessments. Unlike a traditional Proxy, which is more difficult to configure, requiring either routing changes or client changes, the PacketShaper can either just get dropped in line as a transparent bridge, or even configured off of a span port and not be in the path of data at all. Once you install the Shaper, it will start to identify things getting through the network that may not be wanted or allowed on the network. For instance, specific security threats like phishing, spyware and botnets, and other concerns like suspicious sites and hacking. Additionally, you could see traffic that may be legal, compliance or HR risks like adult content, gambling, violence, etc. The Security Assessment is a great opportunity to highlight gaps in their current security or compliance solutions. In general, we would recommend that the ProxySG is the preferred solution to address these concerns, because it has been designed as a security device, understands users and groups, and feeds into Reporter to provide user access reporting.
  • Then, on the complete other end of the spectrum, there are times when you want to get very granular. The PacketShaper lets you drill down in ways that nothing else can.For example, you can sub-classify Web 2.0 applications by a main category and then into the applications that are also hitting other categories. This example shows Facebook broken down by specific activities that people are doing on Facebook. While all of these are on Facebook, you may want to prioritize some pieces high like Business, contain recreational pieces like Personals, squeeze things like video to persuade people to stop watching them at work, and even block some things like Games. Farmville is a great example of something that employees could both waste their entire day playing and at the same time suck up significant amounts of bandwidth that may impact more important work related activities.
  • This next example really illustrates one of the earlier points, which is why sub-classification is so important. <click>Let’s take the scenario where a new user logs onto their VMware View VDI session and downloads their desktop. This could potentially impact other users in the same office who are using a VDI session next to them. It’s another case where one type of traffic could impact another type of traffic within the same application.<click>Blue Coat solves that problem with the new ability to sub-classify VMware View VDI traffic by the configuration & login operations, offline desktop downloads, and the VDI remote desktop stream.<click>With this granular application intelligence, you can protect that remote desktop stream from the desktop download traffic – or any other bulky traffic that would cause a poor user experience.
  • The PacketShaper also has effective RAM-Based compression. This intelligent compression can compress any IP application and does it without introducing noticeable latency. Typically, customers get 2-4 times increase in capacity, or 50-75% bandwidth savings. This number varies significantly based on the traffic mix. Certain applications that are already encrypted or compressed will result in any savings and others that are highly repetitive could achieve 95+% savings.And remember, the PacketShaper isn’t the primary WAN Optimization solution as it doesn’t do other critical features such as caching, content distribution and protocol specific optimizations such as CIFS, MAPI and HTTP. The ProxySG is the product if WAN Opt features are the primary requirements.
  • The PacketShaper also has effective RAM-Based compression. This intelligent compression can compress any IP application and does it without introducing noticeable latency. Typically, customers get 2-4 times increase in capacity, or 50-75% bandwidth savings. This number varies significantly based on the traffic mix. Certain applications that are already encrypted or compressed will result in any savings and others that are highly repetitive could achieve 95+% savings.And remember, the PacketShaper isn’t the primary WAN Optimization solution as it doesn’t do other critical features such as caching, content distribution and protocol specific optimizations such as CIFS, MAPI and HTTP. The ProxySG is the product if WAN Opt features are the primary requirements.
  • Now let’s go through a specific example to see Application Accountability in action. Start by logging in and seeing the new dashboard that quickly lets you see what is going into and out of the network. <click>The graphs are updated in real-time showing changes as they are happening. <click>You look at this and see that Flash Video is taking up 55% of the bandwidth.
  • Switch into real-time graphic and choose several top apps to see what they are doing at the moment. It’s easy to sort by the largest peaks the 1 minute average or the current utilization of applications to see which applications might be of interest.<click>You can see exactly how a rise in one application utilization might cause a drop in another. <click>Looking more closely at the situation, you notice that a Symantec Antivirus update has just kicked off and is the largest bandwidth consumer.
  • From there, you might want to see if this particular problem is persistent over time or just happening for the first time. <click>You can quickly toggle between hour, day, week, month, or a custom time period.<click>And you quickly analyze more than a dozen reports showing critical information like response times, efficiency, TCP health, retransmissions and more.Truly a wealth of application level information available at the click of a button.
  • After researching the applications in question, you decide you need to take control. You can simultaneously apply policies to multiple applications. This includes rate, priority, discard, and ignore policies, as well as aggregate partitions.<click>This makes it easy to contain Flash and any other problem applications.<click>You can also set DSCP markings for MPLS networks.<click>Back to our example, we decided to apply a 400 Kbps to 5 application classes at once.
  • And then switch back to the real-time graphing – which remembers what you are looking at – and see that control took place instantly.<click>Not only was it immediate, it is controlled with an unparalleled level of precision. Other products don’t show this level of detail, because they can’t match PacketShaper’s ability to immediately and accurately apply controls.<click>And most importantly you can see whether the policy you applied is impacting all of the applications in the ways that you desired.
  • Vfm packetshaper presentation

    1. 1. Application Visibility & Controlwith PacketShaper
    2. 2. Application Delivery Trends The Deepest VisibilityAGENDA With The Most Powerful Control PacketShaper in Action 2
    3. 3. The Web is the Platform Business Apps Moving to Web: ERP, Sales Automation, HR, Online Meetings In the Middle: Email, Chat, Browsing, Networking, Video Recreational Web Content Exploding: Games, Peer to Peer, Adult
    4. 4. Creating a New Set of Challenges Web Applications and Content:  Range from Inappropriate to Important  They all look the same  Potential for Performance Problems  Defy traditional classifications
    5. 5. Only PacketShaper Can Address Distinguishes at the application layer Finds masquerading applications Understands the merged Web- based world Instantly sees new applications & content Sub-classifies as necessary
    6. 6. Competition Falls Short  Most solutions stuck at Port/Protocol  Chasing Individual Applications doesn’t scale  The Gap is Widening  PacketShaper + WebPulse makes the difference Web Awareness Today Billions PacketShaper Millions Competition Yesterday Thousands Hundreds Time
    7. 7. The Deepest Visibility Latest in a History of Innovation Classify by URL Category Detailed Metrics and Tools Non-Intrusive Security Assessments
    8. 8. Latest in a History of Innovation 2000 2002 2004 2006 2008 2010 2012 IM AIM 20th IM 30th IM Peer-2-Peer Napster 20th P2P 80th P2PApplication Sub- Classification Citrix SSL Oracle VoIP ADN VMware 70th Sub- HTTP FTP Microsoft ClassificationTechniques VLAN, DSCP MPLS LEM L7 Pattern Group URL Category
    9. 9. Classify by URL Category WebPulse  Leverages WebPulse Community  70 Million Users, 8B+ Ratings per day  Manage 80 Categories across 50 Languages • Returns Up to 4 Categories per URL  Dynamically Maintained and Updated without Upgrades • Categorizes newly created content in real time WebPulse PacketShaper
    10. 10. Classify by URL Category WebPulse Category Web Server Request Request Content 1. PacketShaper Sees Request 2. Checks Local Cache 3. Queries WebPulse Cloud 4. Retrieves Category 5. Applies Policy
    11. 11. Response Time Metrics Transaction Delay End-user experience Network & Server Delay Thresholds for SLA Alert, Alarm, Integrate
    12. 12. Real-time Voice & Video Metrics Key Metrics • Call Volume • Latency • Jitter • Loss Quality Metrics • Mean Opinion Score (MOS) • rFactor
    13. 13. Troubleshooting Diagnostic  Host Analysis – Real time host/IP address view (below)  TCP Health – Connection state (good, aborted, refused, ignored)  PacketCapture – Targeted Capture TCPDump format  Synthetic Transactions – HTTP/S, FTP, SMTP, Echo & Custom
    14. 14. VoIP & Video Conferencing  Industry Leadership Enabling Voice & Video Deployments  Assess, provision & monitor  Track key metrics: latency, jitter, loss, MOS, rFactor  Assure per call quality  Advanced Voice & Video Classification:  Auto-discovery by codec  Auto-discovery by device type Both high priority?
    15. 15. Non-Intrusive Security Assessments Profile Security Threats & Concerns  Threats: Phishing, Spyware, Botnets, Proxy Avoidance  Concerns: Suspicious, Potentially Unwanted Software, Hacking  Highlight Legal/Compliance/HR Risks  Adult: Adult Mature, Pornography, Nudity, Extreme  Questionable: Gambling, Illegal Drugs, Violence/Hate  ProxySG Recommended to Address
    16. 16. The Most Powerful Control Organized to Scale Power Control Techniques Integrated Compression Centrally Managed
    17. 17. Very Granular When Required  Sub-classify Web 2.0 Applications  Example: Manage by Facebook Content  > 1600 Categorized Apps in > 40 Categories  Set policy by what users are doing on Facebook Prioritize Contain Squeeze Block
    18. 18. Powerful Control  Patented Rate Control • Guarantee per flow bandwidth • TCP and UDP Guarantee Voice  Application Prioritization • Bandwidth to important apps first Protect ERP  Aggregate Partitions • Limit total usage • Raw bandwidth or percents Control recreation • Optionally burstable
    19. 19. Integrated Compression  Real Time Compression • RAM Only - Low latency Symmetric Compression • Application specific • Any IP app (RTP, UDP, etc)  2x-4x Capacity Gain • Increase WAN pipe • Fit more calls, sessions  ProxySG for Caching! • Object caching • Byte caching • CDN • Protocol acceleration 19
    20. 20. Central Management IntelligenceCenter  Centralized Reporting  SLA Dashboard  Custom Roles & Views PolicyCenter  Centralized Policy  Automated Administration  Backup Configurations  Distribute Software Updates
    21. 21. The PacketShaper in Action Dashboard Overview Real-time Monitoring Historical Reporting One-click Control Instantly See the Impact 21
    22. 22. Dashboard Overview And Flash Video at: 55%  Auto-discover All Applications  Updated in Real-time  Spot Abnormal See Surge in Utilization Behavior
    23. 23. Real-Time Monitoring  Graph Multiple Apps in Real-time  Determine How They Impact Each Other Note: Symantec AV  Gather More Detailed Updates Commenced Information
    24. 24. Fast & Easy Historical Reporting  Research if Problems are Persistent or New  Toggle Between Hour, Day, Week, MonthResponse Times, Efficiency,Health, Retransmits, etc.  Analyze Additional Metrics
    25. 25. Powerful One-Click Policy-Based Control  Simultaneously Apply Policies to Multiple Apps  Contain Flash & Other Problem Apps  Easily Set Application - Limit 5 Applications based MPLS Markings to 400 Kbps
    26. 26. Instantly See the Impact  Control Starts Instantly  Unparalleled Precision  Real-time Reporting Shows Impacts Traffic Immediately Capped at 400 Kbps
    27. 27. Summary – PacketShaper Delivers Applications Are Moving to the Web PacketShaper has the Deepest Visibility And the Most Powerful Control To Ensure Critical Application Performance

    ×