Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.

1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
M S C 2 0 2
N o v e m b e r 2 8 , 2 0 1 7
AWS re:INVENT
Learn How Salesforce Used ADCs for
App Load Balancing for an
International Rollout

2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Journey to the cloud
Value
Discovery
and Testing
Application-
Based Projects
Time
4
Cloud-First/
Standardization
Business
Transformation
3
2
1
Agility
Flexibility
Freedom
to
Innovate
Goals
Networking and security are foundational
Current State
AWS Infrastructure and Hybrid Architecture
AWS Marketplace Value-Added Solutions

3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Marketplace
F i nd , buy, d epl oy, and manage software i n the cl oud
• Deploy software on demand
• Curated software from trusted vendors
• 1280+ ISVs
• 4200+ product listings
• Simplified procurement and deployment
• Billed through Amazon Web Services (AWS)
account
• Deployed in 15 regions around the world
• 160,000 active customers

4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Popular categories and leading brands
most often deployed in projects
Security BIStorage MediaDatabaseNetworking DevOps
Operating
Systems

5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Networking infrastructure overview
AWS customers can easily expand and integrate existing
networking infrastructure and increase bandwidth to match your
application or workload needs
Why use third-party networking tools available on AWS
Marketplace?
• Combine AWS and on-premises investments to meet business
demands
• Establish enterprise-grade control, visibility, and policy
consistency
• Continue using many of the same tools and processes you use
on-premises, but with simple, pay-as-you-go pricing

6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What we hear from customers
Consistency With
On-Premises
Technology
Connect to
Datacenter and
Branch Locations
Simplify Network
Management
Connecting Multiple
VPCs
Securely Connect
VPCs to Remote
Networks
Application control
above what ALB &
ELB can do
I want to leverage
existing tools
I want to leverage
existing skill sets
I want end-to-end
management across
on-prem and AWS
I want to port my on-
prem config to AWS
I want to simplify
connectivity to AWS
I want to quickly add
new connections
I don’t want to rely on
MPLS
I want to optimize
AWS-to-branch
performance
I need a strategy for
connecting multiple
VPCs
I need a strategy for
connecting
geographically disperse
VPCs
I want to minimize the
number of connections
required to connect
multiple VPCs and
remote networks
I need to connect
mobile users
I need visibility for
metrics and
monitoring
I need end-to-end
encryption
I don’t want to
change my on-prem
hardware
I need context-aware
switching (I use
iRules)
I need static IP
assignment (sticky
sessions)
I need UDP support
I need visibility to
application traffic

7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Common networking scenarios on AWS
Optimize Branch Office
Connectivity
Securely Connect Your VPC
to Remote Networks
High Availability Across
Multiple VPCs
Improve performance at a lower cost Improved performance across multiple
VPC’s or two or more AWS Regions
Leverage AWS Transit VPC technology
Application Delivery
Controller for Hybrid Cloud
Networking solutions for hybrid cloud architectures. Extend your existing security policies to applications on AWS.

8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Optimize branch office connectivity to applications
hosted on AWS
Migrate applications to AWS and rapidly scale your network with the AWS cloud to match
your business needs on-demand. WAN solutions from AWS Marketplace can help:
Connect your remote network and Amazon Virtual Private Cloud
(Amazon VPC) quickly and cost-effectively with your choice of managed
VPN, software VPN, or private circuit with AWS Direct Connect.
Optimize Connectivity
Easily Extend Your Network
Accelerate Deployment
Quickly scale, when and where you need. Connect your network to AWS
Global Infrastructure by deploying familiar on-premises VPN, router, and
gateway software with preconfigured and customizable Amazon Machine
Images in AWS Marketplace.
Easily configure VPN connectivity and traffic routing between your
network and Amazon VPC based on your requirements for protocol
support, policy management, and monitoring.

9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Simplify your workload migration to AWS
ADC software designed to manage a range of protocols allows you to
identity application-level threats. You can use ADC policies for visibility into
application traffic that spans your hybrid cloud architecture with AWS.
Manage Application Performance
Secure Application Traffic
Maintain Application Visibility
Easily extend existing policies for application traffic management and
secure access to your hybrid cloud with AWS, using the same ADC
software used on-premises.
Information shared between your on-premises and software ADC,
deployed in an Amazon Machine Image (AMI), enables consistent
monitoring and reporting capabilities. Maintain application visibility across
your hybrid cloud environment while completing workload migration.
Extend your application environment to AWS to simplify your workload migration.
Manage application availability, performance, and control in your hybrid cloud for seamless delivery.
Application Delivery Controller (ADC) software from AWS Marketplace can help:

10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Simplify scale-out networking with AWS Transit
VPC: Hub-and-Spoke
Launch AWS and AWS Marketplace third-party Transit VPC solutions to efficiently manage multi-VPC
networks across geographically dispersed regions, external data centers, and multiple AWS accounts.
Transit VPC “Hub-and-Spoke” solutions from AWS Marketplace can help:
Transit VPC and the Hub-and-Spoke topology are a
proven method for connecting diverse and geographically
distributed VPCs, even across external networks and
multiple AWS accounts.
Simplify Complex Network Management
Control Diverse and Distributed VPCs
Reduce Costs
Simplify the management of previously complex VPC
networking by reducing the total number of connections
and gateways.
This virtual cloud approach streamlines routing and delivers
cost reduction, compared to physical network hardware
deployment,and the resultant connection requirements.

11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Simplify scale-out networking with AWS Transit VPC:
Meshed Network
Launch AWS and AWS Marketplace third-party Transit solutions to efficiently manage multi-VPC
networks across geographically dispersed regions, external data centers, and multiple AWS accounts.
Transit VPC “Meshed Network” solutions from
AWS Marketplace can help:
The Meshed
Network topology,
point-to-point
connections
Reduce the number of network hops, improving latency by not routing all
traffic through a hub, and streamline performance by delivering traffic
directly to other targets.
Performance and Latency Optimization
Transit VPC and the Meshed Network topology are a proven method for
connecting diverse and geographically distributed VPCs, even across
external networks and multiple AWS accounts.
Control Diverse and Distributed VPCs
Reduce Costs
This virtual cloud approach streamlines routing and delivers cost
reduction, compared to physical network hardware deployment, and the
resultant connection requirements.

12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
SimplePay uses Riverbed to go global in 3
months
Global payments processing services, based in
Sydney, Australia
Sitting at my desk, I can turn
on AWS in a new country,
and in 10 minutes, the
network is connected.
Rob Gillan
Chief Technology Officer
”
“ • Decided to expand globally, but lacked local infrastructure
• Deploying Riverbed SteelConnect in AWS Marketplace,
provisioned three new countries in three months
• Reduced the touch required to provision by 90%
• Global redundant network for high availability, starting with
capacity to support 1,000 transactions per second

13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
GREE uses AWS and Aviatrix to launch games
faster
As the global leader in free-to-play, GREE International
Entertainment Inc. unleashes the power of gaming by
taking it mobile and making it social
GREE uses AWS and
Aviatrix to significantly lower
game development and
integration time.
• Needed cloud centric model to accelerate game launches
and acquisitions
• Enabled agile game development strategy with AWS and
Aviatrix
• Simplified migration to VPC with 50% less staff
• Reduced time to integrate new games and users by 95%
• Significantly improved security and availability
David Pippenger
Director, DevOps GREE
”
“
Aviatrix provides an innovative solution to make cloud
networking as dynamic and elastic as compute and storage

14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Marketplace website

15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
View Categories menu

16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Infrastructure category

17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Search results

18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
F5 Big-IP product listing page

19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Customer review

20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
F5 Big-IP product listing page

21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
F5 Big-IP seller page

22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pricing options

23. Representative Environments
With Resource Pooling
Varun Gupta
Senior Director, Engineering

24. Empower Developers to Innovate Faster
through Representative Environments
Mission

25. Representation
1M+ VM Hours
Used Per Month
Support People and
Automation Interfaces
Efficiency Usability
Representative of
Salesforce Ecosystem
Key Tenets

26. Building Representative Environment

27. Salesforce Ecosystem
Sales Service Marketing AnalyticsCommunity Apps Commerce IoT Quip
force.com
Heroku
Component
Exchange
Data Management
Platform
CRM Data
IoT & Social
Data
Platform
Applications
AppExchange

28. Requirements for True Representation
• Compute Resources
• Database
• Storage
• Custom Request Routing

29. Custom Routing Needs
● Simulate Production Setup
● Variable Load Configurations
● Relative Performance Validation

30. Environment Setup Flow
Load Balancer
App servers
Database
Request
BuildReturn
environment

31. Benefits
Optimum
Utilization
Representation Elastic
Scalability

32. Growth

33. 100,000+
4,000
400
Environments
Provisioned
Per Day
Machines
Provisioned
Per Day
VM Hours
Per Day
Peek Platform Metrics
15
Minutes
Average Spawn Time
33
Hours
Average Lifetime

34. Improvement Opportunities
Lengthy Startup
Configurations
(20% of Spawn Time)
97% Resources
Provisioned
Within SLA

35. Resource Pooling

36. Optimize Resource Availability
Identify
Resources
Create
Resource Pool
Switch State

37. Logical Grouping
of Resources
Identical
Resource Pool
Resource Pool Considerations
Centralized Access
Control and Delegation

38. Virtualized Infrastructure Resource Pool
Environment
Load Balancer Pool
App server Pool
Database Pool

39. Resource Pool Architecture

40. VPC Architecture
Subnet 1 Subnet 2
Subnet N

41. Cross Subnet Resource Pool
Arbitrator
Producer Consumer
Sleeper
Pool
Subnet N
Pool
Subnet 3
Pool
Subnet 1
Pooling service
Pool
Subnet 2

42. Key Components
Rest API layer
Database
layer
DB
Service
layer
• Arbitrator—Controls Requests
• Consumer—Grabs Resources
• Producer—Replenishes Pool
• Sleeper—Updates State to Inactive
• Database—Persistence Pool Store
Arbitrator
Consumer Producer
Sleeper

43. Logical View
Resource Pool
FIFO Resource Pool
Producer 1
Acquire
producer
MUTEX
Check pool
size (n)
Produce
(capacity–n)
resources
Release
producer
MUTEX
Producer 2
Producer 3
Acquire
consumer
MUTEX
consume
Release
consumer
MUTEX
Consumer 3
Consumer 3
Consumer 3

44. Updated Environment Setup Flow
Request
Calls
service
Environment
Resource
Pool Service
Pool 1
Pool 2
Pool 3
Return
environment

45. Results and Improvements
20%
Reduction in
Spawn Time
99%+
SLA
Achievement

47. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Q&A

48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Thank you!