MS TechDays 2011 - Virtualization Solutions to Optimize Performance


Published on

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

MS TechDays 2011 - Virtualization Solutions to Optimize Performance

  1. 1. SINGAPORE DEVELOPMENT, ADVANCED Leslie Wong Client Manager, F5 NetworksF5 optimizationsfor the Microsoftplatform
  2. 2. F5 and Microsoft 10-year Global partnership Solution development across products and technologies Dynamics SharePoint Exchange Joint investment, shared Lync thought leadership and Forefront strategic planning System Center SSTP F5 training for Microsoft RDS /Terminal Services technical field, services and IIS/ASP.NET support teams Windows Availability | Reliability | Scalability | Security | Visibility | Manageability
  3. 3. Globally managed technology partnersince 2001 One of 60 MTC Alliance partnersMPSC Alliance partner with officeand lab in Redmond Founding member of System Center Alliance
  4. 4. F5 & Microsoft technologies togetherServer Virtualization Efficiency & Agility CostsApplication delivery networking Reliability & Availability RiskManagement integration Visibility & Control Costs
  5. 5. Architected for Integration iControl for Application Integration F5 Products Application Application Application Security Optimization Availability Shared Application Services TMOS Operating System Shared Network Services
  6. 6. F5’s Dynamic Control Plane Architecture UsersApplication and Data Delivery Network Availability Optimization Security Management •Scale •Network •Network • Integration •HA / DR •Application •Application • Visibility •Bursting •Storage •Data • Orchestration •Load-Balancing •Offload •Access Resources Private Public Cloud Physical Virtual Multi-Site DCs
  7. 7. Application deliveryF5 devices manage traffic within the context of the applicationsrunning on the network, optimizing user experience andproviding visibility and control to IT. Acceleration • TCP • Caching • Compression Availability • Intelligent health monitoring and load-balancing • Horizontal scaling • SSL offloading • Security operation offloading • Cross-site load-balancing and resilience Security • Application layer protection • SPAM Manageability • Templates that reduce deployment times • Fully extensible platform • System Center integration • Dynamic computing
  8. 8. BIG-IP Hardware Line-up BIG-IP 11050 2 x Hex core CPU 16 10/100/1000 + 8x 10 SFP+ 10Gbps BIG-IP 8950 2x 320 GB HD (S/W RAID) + 8GB CF 32 GB memory SSL @ 100K TPS / 15Gb bulk BIG-IP 8900 2 x Quad core CPU 16 10/100/1000 + 8x 1GB 12 Gbps max software compression SFP + 2x 10Gb SFP+ 2x 320 GB HD (S/W RAID) + 40 Gbps Traffic BIG-IP 6900 8GB CF ? 16 GB memory 2 x Quad core CPU SSL @ 56K TPS / 9.6Gb bulk 16 10/100/1000 + 8x 1Gb 8 Gbps max software SFP + 2x 10Gb SFP+ BIG-IP 3900 2x 320 GB HD (S/W RAID) + compression 20 Gbps Traffic 2 x Dual core CPU 8GB CF 16 10/100/1000 + 8x 1Gb 16 GB memory SFP SSL @ 58K TPS / 9.6Gb 2x 320 GB HD (S/W RAID) + bulk Quad core CPU 8GB CF 8 Gbps max hardware BIG-IP 3600 8 10/100/1000 + 4x 1Gb SFP 1x 300 GB HD + 8GB CF 8 GB memory SSL @ 25K TPS / 4 Gb bulk compression 12 Gbps Traffic 8 GB memory 5 Gbps max hardware SSL @ 15K TPS / 3.8 Gb bulk compression 3.8 Gbps max software compression 6 Gbps Traffic Dual core CPU 8 10/100/1000 + 2x 1Gb SFP 4 Gbps Traffic BIG-IP 1600 1x 160 GB HD + 8GB CF 4 GB memory SSL @ 10K TPS / 2 Gb bulk 1 Gbps max software compressionDual core CPU4 10/100/1000 + 2x 1Gb SFP 2 Gbps Traffic1x 160GB HD4 GB memorySSL @ 5K TPS / 1 Gb Bulk1 Gbps max softwarecompression1 Gbps Traffic
  9. 9. F5 Solution for P to V server applicationmigration
  10. 10. Common Virtualization Drivers & BarriersDrivers BarriersCIO Objectives Real World Challenges• Cost Savings • Performance• IT Agility / Speed IMPACT • Availability• IT Efficiency to the • Management Business • Integration Risks • Missed ROI/Savings • Missed Agility/Speed • SLA impact • Over Budget
  11. 11. Server Virtualization & F5 Windows Server Hyper-V
  12. 12. Improving VM Density OffloadTypical virtualized Same server server with BIG-IP  SSL  Caching  Compression  One Connect  TCP Optimization
  13. 13. Server Consolidation
  14. 14. How it works 21 4 35 Repeat for all physical servers
  15. 15. Microsoft and F5 technologiesWindows Server • BIG-IP Local Traffic Manager (LTM) 2008 R2 • F5 Management Packs forHyper-V System Center – F5 Management Pack forSystem Center Operations Manager – Operations Manager – F5 PRO-enabled – Virtual Machine Manager Management Pack for Virtual Machine ManagerWindows PowerShell – F5 Live Migration Pack – F5 Application Designer Packs for SharePoint
  16. 16. Resources Video demo – F5 Managements Packs on DevCentral – Online community for Microsoft-F5 solutions – Microsoft – Windows Server and Hyper-V • • – System Center •
  17. 17. F5 solution for Microsoft SharePoint
  18. 18. SharePointSharePoint is a business collaboration platform that can bedeployed with specific roles in these areas: Web portals and Web content management Business Intelligence and Analysis Collaboration Document management Enterprise Search Custom .NET Web application developmentF5 supports each of these server capabilities, providingperformance, availability and security enhancements over thenetwork and seamless to the application.
  19. 19. SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner® Magic Quadrants, Forrester WaveTM Continued Platform and Application Innovation 4,000+ Partners Today across Collaboration, Content Management and Search“SharePoint is the fastest-growing product in Microsoft’s history... And thisis just the beginning: SharePoint continues to grow as customers are justbeginning to apply it to a wide array of business issues and processes.”- AMR RESEARCH, APRIL 22, 2008
  20. 20. SharePoint topology with BIG-IP1 Local Traffic Manager Web Accelerator Global Traffic Manager External2 Application Security Manager Edge Gateway 2 DMZ Internal 1 Active Database Application Front end servers Directory servers
  21. 21. Session agenda Site-level ApplicationApplication health and layer securityhealth and disaster and deviceavailability recovery access
  22. 22. Session agenda Site-level ApplicationApplication health and layer securityhealth and disaster and deviceavailability recovery access
  23. 23. Considerations for availability BIG-IP LTM (Local Traffic Manager)Increased SharePoint server availability = – More productive users – More efficient use of application computing resources – Enhanced visibility for IT
  24. 24. Session agenda Site-level ApplicationApplication health and layer securityhealth and disaster and deviceavailability recovery access
  25. 25. Site level healthBIG-IP Global Traffic Manager (GTM) – Starts with good server level health within 1 site – Includes external link health – Disaster Recovery and Active/Active Users  Global Traffic Manager  Site A Site B
  26. 26. Considerations for availability BIG-IP GTM (Global Traffic Manager)• Site level health opens the door to service resilience• Cross-site load-balancing increases infrastructure ROI• Flexible and powerful deployment options• Best in class integration of geolocation
  27. 27. Session agenda Site-level ApplicationApplication health and layer securityhealth and disaster and deviceavailability recovery access
  28. 28. Mobile and Remote Users Growing DramaticallyIDC Research 2010
  29. 29. Considerations for acceleration BIG-IP WA (Web Accelerator Module)Application delivery (ADC) benefits start with asymmetric deploymentWA improves end user experience for repeat visitors by eliminating network chatterBest in class caching – Intelligent Browser Referencing (IBR) is uniqueWOM reduces file load time by 95%Explore Windows Server 2008 R2 BranchCache to reduce bandwidth use
  30. 30. Considerations for application access BIG-IP EG (Edge Gateway) Next generation remote access solution• Converged security and acceleration services platform Optimize access for mobile users and remote offices• New BIG-IP Solution for the Network Edge – Includes new BIG-IP Edge Client solution – Up to 8 Gbps, 600 log-ins per second, 40,000 users – Mobile devices, notebooks, PCs supported – Redirect for mobile users (SharePoint Mobile View) Edge Portal
  31. 31. Unified and Optimized Access to the Data Center BIG-IP Edge Gateway DMZ Internet Datacenter Resouces Intranet //abc Extranet Utilize existing user directories • One solution to manage all access policies regardless of access network • Capacity and performance to secure all user traffic • Optimizes application delivery to remote and mobile users • Improves quality of real-time applications; soft phones and streaming media
  32. 32. New BIG-IP Edge Client Flexible deployment: – Mac, Windows, iPhone, iPad Security – End-point security – Protected workspace Mobility – Smart Connection roaming – Uninterrupted application sessions Acceleration – Dynamic compression – Client-side cache – Client-side QoS FREE
  33. 33. Unified Access to SharePoint Twice as Fast User Downloads First Time Repeat Competitor SSL VPN = 211s = 47s BIG-IP Edge Gateway = 114s = 16s Test includes a user logging onto VPN, navigating through SharePoint content, and downloading a 4 MB document
  34. 34. Considerations for application layer security BIG-IP ASM (Application Security Module)• Security or performance? Fastest layer 7 (application layer) security product• Compliance regulations PCI DSS, SOX, Basel II, HIPAA compliance• New malicious behavior Built-in security policy for SharePoint• Beyond HTTP protection ICSA Web Application Firewall Certification SC Magazines 2010 Reader Trust Award for Best Web Application Security solution
  35. 35. Application health and availability One solution for access policy Site-level health and management disaster recovery Secure access for remote and mobile usersApplication layer security and device access Highest availability of SharePoint for all types of devices
  36. 36. Resources F5 Networks – Solution page for SharePoint Server 2010 • Solution Overview | Solution Guide | Deployment Guide – F5 Management Pack on DevCentral – Microsoft community on DevCentral • – Free 90-day trial of BIG-IP VE Microsoft – SharePoint Web site @ – IT Admin Related Content @ – Developer Related Content @
  37. 37. A B EC F D
  38. 38. F5 solution for Microsoft Exchange
  39. 39. What does F5 have to do with Exchange?Exchange 2010 Client Access Servers (CAS) need load balancingCustomers need to choose software or hardware load balancing
  40. 40. Exchange 2010 Architecture Phone system (PBX or VoIP) Edge Transport Hub Transport Routing and AV/AS Routing and policy External SMTP servers Mailbox Unified Messaging Storage of mailbox Voice mail and items voice access Mobile phone Client AccessWeb browser Client connectivity BIG-IP Web services Outlook (remote user) Line of business application Outlook (local user)
  41. 41. Software or hardware load balancing? Answering “yes” to any of these indicates a key reason for hardware load balancing Yes No1 Will there be a reverse proxy or NAT between users and Exchange servers?2 Will you deploy Outlook Anywhere, Active/Sync mobile and web clients?3 Will you deploy multi-role servers (Mailbox and CAS on the same server?)4 Do you need continuous Exchange availability during CAS server maintenance?5 Do you need Exchange service health awareness (not merely server health)?6 Will you use client IP addresses from a small number of Class C subnets?7 Will you deploy more than 8 CAS servers?
  42. 42. Load balancing guidance from TechNet
  43. 43. View the Microsoft presentation Skip to 47:48 in this video presentation
  44. 44. Microsoft guidance summarizedMicrosoft recommends load balancingCustomers can choose software or hardware based load balancingIt is crucial to clearly understand the implications of Windows NLB limitsAfter the first year in market, Microsoft voice concerns over using Windows NLB for Exchange
  45. 45. Windows NLB limits IP affinity only works if reverse proxy/NAT is not used and “tends” to group all class C IP subnet addresses on one CAS server Performance limit due to broadcast flooding of internal CAS network Add/remove node causes a re-connect of all active connections Cannot be used with MCS Server aware, not service aware. Requires manual detection and intervention Maximum 8 CAS servers
  46. 46. The F5 Solution for Exchange Server 2010Prevent these pains – Dropped sessions  re-authentication, reconnection – Failed network connections  retries, delay – Slow response  trapped usersThese capabilities – Health monitoring and intelligent load-balancing – Client persistence – Server off-load – Availability of servers, arrays and sites
  47. 47. Pages 59 and 70Use hardware load balancers to publish Client Access servers Microsoft IT capitalizes on asingle load-balancing infrastructure to provide load balancing for both internal and externalaccess to Client Access server resources. This ensures a uniform load across the ClientAccess servers and a single point of security control.
  48. 48. NLB and Hardware-Based Load Balancing…Which way to go?...For Exchange 2010, the choice isclear… Microsoft internal Exchange design: TechNet guidance for high-availability:
  49. 49. The F5 Solution for Exchange Server 2010User - Client to CAS serverMail - Mail flow through Edge Farms Availability Performance Security Configuration• Intelligent load • Server optimization • Bi-directional proxy • Application template balancing for error-free, fast • Caching and • AuthN/AuthZ from the configuration• Server and site level compression for Web perimeter health monitoring clients • DevCentral online user • Protection against community• SSL offload • Reduced bandwidth application layer use attacks • Integration with• Cross-site resilience systems management • SPAM filter• Robust persistence
  50. 50. Configuration - we have a template for that
  51. 51. Customer testimonialArthur BrauneManager of Information TechnologySysmex America
  52. 52. BA C D
  53. 53. SummaryHighest availabilityDramatically increase server capacityCross-site availability and resiliencePre-authenticate users in the perimeter networkSeamless integration with systems management
  54. 54. Exchange related resources F5 Solution page for Exchange Server – Video demo of BIG-IP deployment for Exchange Server 2010 – F5 Deployment Guide for Exchange Server 2010 – F5 developer/IT admin user community – Microsoft Exchange Tested Solution with F5 – Technical white paper by Microsoft on their internal deployment – E5C53DD4F436/0941_ExchangeServer2010ArchitectureTWP.docx Load-balancing requirements from TechNet –
  55. 55. Thank You