The Brocade vADC portfolio provides a range of application delivery controller solutions including the Traffic Manager load balancer, Web Accelerator, Web Application Firewall, and Services Director licensing manager, which can be deployed as virtual appliances on various hypervisor and cloud platforms and offer features like traffic management, acceleration, security, and flexible licensing.
Get more versatile and scalable protection with F5 BIG-IPF5NetworksAPJ
- Better protect against costly failures in outbound web security
- Improve scalability, availability, performance, and user experience
- Consolidate application access, secure web access, reducing network footprint and device management
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
February 2014 Update on F5 Synthesis Program, delivered by Pat Fiorino in Toronto at the Hockey Hall of Fame. Prepared for IT decision- makers and administrators.
Two Fast Paths to Docker Networking with Brocade VDXBrocade
Wondering how to get started with Docker Networking? We share 2 approaches to get Docker software up and running alongside a Brocade VDX switch fabric.
Find a detailed blog, here: http://bit.ly/2dxOWIO
Cisco ACI & F5 Integrate to Transform the Data CenterF5NetworksAPJ
To meet business expectations without compromising on security, availability, or performance, today’s IT organizations are expected to deliver applications with a speed and efficiency that was unimaginable just a few years ago. To keep pace, you must transform your data
center infrastructure to support the rapid provisioning and scaling of network and application services. With the joint solution of Cisco Application Centric Infrastructure (ACI) and F5 Synthesis™, you can operationalize the network and accelerate application deployment.
Let the conversation flow with Brocade vADCBrocade
Brocade vADC solutions deliver high application availability on demand. Streamline collaboration and open communication channels to improve business efficiency.
Download for links to: UBM paper, Colorcon Success Story, Trial Software
Always-on performance for Always-on BusinessBrocade
Make sure your critical business applications meet performance demands with Brocade vADC solutions.
Download for links to ESG Research paper, SUNY Success Story, and Trial Software.
Get more versatile and scalable protection with F5 BIG-IPF5NetworksAPJ
- Better protect against costly failures in outbound web security
- Improve scalability, availability, performance, and user experience
- Consolidate application access, secure web access, reducing network footprint and device management
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
February 2014 Update on F5 Synthesis Program, delivered by Pat Fiorino in Toronto at the Hockey Hall of Fame. Prepared for IT decision- makers and administrators.
Two Fast Paths to Docker Networking with Brocade VDXBrocade
Wondering how to get started with Docker Networking? We share 2 approaches to get Docker software up and running alongside a Brocade VDX switch fabric.
Find a detailed blog, here: http://bit.ly/2dxOWIO
Cisco ACI & F5 Integrate to Transform the Data CenterF5NetworksAPJ
To meet business expectations without compromising on security, availability, or performance, today’s IT organizations are expected to deliver applications with a speed and efficiency that was unimaginable just a few years ago. To keep pace, you must transform your data
center infrastructure to support the rapid provisioning and scaling of network and application services. With the joint solution of Cisco Application Centric Infrastructure (ACI) and F5 Synthesis™, you can operationalize the network and accelerate application deployment.
Let the conversation flow with Brocade vADCBrocade
Brocade vADC solutions deliver high application availability on demand. Streamline collaboration and open communication channels to improve business efficiency.
Download for links to: UBM paper, Colorcon Success Story, Trial Software
Always-on performance for Always-on BusinessBrocade
Make sure your critical business applications meet performance demands with Brocade vADC solutions.
Download for links to ESG Research paper, SUNY Success Story, and Trial Software.
Imagine if you could deploy highly secure new services at web speed on demand to customers and partners - complete with personalized capabilities. With this environment you’re creating innovative new services in minutes, not months, accelerating your time-to-revenue while reducing operational costs on an open platform. You have pre-packaged software service solutions that help you transform your business and the businesses of your customers. And you’re letting your customers use their existing customer premises equipment (CPE), to connect to virtual services from the cloud, reducing capital costs and business risk associated with rolling out new services.
It’s all possible with the Cisco Virtual Managed Services Solution based on the combination of the complementary Cisco Evolved Programmable Network (EPN) and the Cisco Evolved Services Platform (ESP). This open infrastructure and software combined with industry leading service orchestration, software-defined networking (SDN), and network functions virtualization (NFV) technologies automate the delivery of business services tailored to your customers from the cloud.
F5’s certified firewall protects against large-scale cyber attacks on public-facing websites. F5 solution delivers significantly better price and performance than traditional firewalls. ICSA Labs certifies BIG-IP Application Delivery Controllers to defend against DDoS and multilayer attacks.
F5 Networks: Introduction to Silverline WAF (web application firewall)F5 Networks
The F5 Networks Silverline Web Application Firewall service offering provides quick web application firewall (WAF) implementation and unified, scalable policy enforcement capabilities. The service also includes 24x7 support from highly specialized F5 security experts with the company’s Security Operations Center (SOC) resources.
As the latest addition to F5’s Silverline cloud-based application services platform, the new WAF offering is built on the award-winning capabilities of the company’s BIG-IP Application Security Manager product. F5 seamlessly provides leading WAF services in both on-premises and subscription-based cloud offerings. The company’s versatile, easy to deploy WAF solutions let organizations confidently incorporate cloud resources while protecting apps and data from increasingly sophisticated security attacks, risks, and vulnerabilities.
A conflict emerges when people/consumers/employees are accumulating devices (avg. person carries 3) and want to use those for work while organizations are in the process of consolidating infrastructure and the amount of devices they need to manage. Providing employees with anywhere, anytime access is the top reason for VDI interest. Other important areas include the ability to centrally manage desktops to boost efficiency, reduce the cost in upgrading or purchasing desktop computers, the ability to automate and have a robust disaster recovery plan, providing enhanced control over data security along with no limitation on end point devices.
Five Networking Must - Haves For ContainersBrocade
Businesses have unique requirements as they move to use container technologies, we believe these five must-haves will be critical to drive maximum benefits from container adoption.
Read the blog on this topic here: http://bit.ly/2bzmNBw
Automate and customise application services and deploymentChristina Hoh
•Programmability in the network enables you to act and react, on demand, to operational and business events.
•Automation of application deployment, device deployment, application reconfiguration, and support initiation can pay dividends immediately.
•The ability to customise application services results in faster time to market, more innovation, and increased application ROI.
For webinar-on-demand, please click: https://f5networks.webex.com/f5networks/lsr.php?RCID=247e21a15d3cea2fe1882ba466588586
Presentation from the July 22, 2015 Webcast: Software-Defined WAN - A Real World Success Story.
See how MWH Global, a worldwide construction management company, improved its network service and reduced its IT management burdens by deploying a Glue Networks Gluworks software-defined WAN software solution over its existing Cisco Integrated Services Routers (ISRs).
Miss the webcast? View the replay here: https://grs.cisco.com/grsx/cust/grsEventSite.html?EventCode=12200&LanguageId=1&KeyCode=000833700
Panel presentation from the 2015 IIT-RTC Conference. Topics include: the new supermedia - 3D, AR, VR, realtime broadcast; talking to machines - streams from IoT devices and created between people because of them; middleware - the new glue that is emerging to stitch a real-time, high fidelity, contextual experiences together.
Featuring slides from Brian Pulito from IBM, Douglas Wadkins from Skedans, Ivelin Ivanov from Telestax, Dr. Luis Lopez of Kurento, Vladimir Beloborodov of Mera Software and moderated by Chad Hart, independent consultant and Chief Editor at webrtcHacks.
Datasheet: WebSphere DataPower Service Gateway XG45Sarah Duffy
WebSphere DataPower Service Gateway XG45 is built for web services deployments, governance, light integrations and hardened security. http://ibm.co/HIHOAs
The VIPRION® 2400 is a midrange chassis-based hardware platform. Adding to the successful F5® VIPRION product line, the new Application Delivery Controller (ADC) provides significant price/performance advantages for enterprises. In addition, F5's Virtual Clustered Multiprocessing (vCMP™) technology combines virtualization and multi-tenancy capabilities to help customers consolidate and efficiently manage application delivery services. Building on F5’s previously announced Clustered Multiprocessing (CMP™) technology, vCMP enables multiple instances of BIG-IP® software to run on one device.
Imagine if you could deploy highly secure new services at web speed on demand to customers and partners - complete with personalized capabilities. With this environment you’re creating innovative new services in minutes, not months, accelerating your time-to-revenue while reducing operational costs on an open platform. You have pre-packaged software service solutions that help you transform your business and the businesses of your customers. And you’re letting your customers use their existing customer premises equipment (CPE), to connect to virtual services from the cloud, reducing capital costs and business risk associated with rolling out new services.
It’s all possible with the Cisco Virtual Managed Services Solution based on the combination of the complementary Cisco Evolved Programmable Network (EPN) and the Cisco Evolved Services Platform (ESP). This open infrastructure and software combined with industry leading service orchestration, software-defined networking (SDN), and network functions virtualization (NFV) technologies automate the delivery of business services tailored to your customers from the cloud.
F5’s certified firewall protects against large-scale cyber attacks on public-facing websites. F5 solution delivers significantly better price and performance than traditional firewalls. ICSA Labs certifies BIG-IP Application Delivery Controllers to defend against DDoS and multilayer attacks.
F5 Networks: Introduction to Silverline WAF (web application firewall)F5 Networks
The F5 Networks Silverline Web Application Firewall service offering provides quick web application firewall (WAF) implementation and unified, scalable policy enforcement capabilities. The service also includes 24x7 support from highly specialized F5 security experts with the company’s Security Operations Center (SOC) resources.
As the latest addition to F5’s Silverline cloud-based application services platform, the new WAF offering is built on the award-winning capabilities of the company’s BIG-IP Application Security Manager product. F5 seamlessly provides leading WAF services in both on-premises and subscription-based cloud offerings. The company’s versatile, easy to deploy WAF solutions let organizations confidently incorporate cloud resources while protecting apps and data from increasingly sophisticated security attacks, risks, and vulnerabilities.
A conflict emerges when people/consumers/employees are accumulating devices (avg. person carries 3) and want to use those for work while organizations are in the process of consolidating infrastructure and the amount of devices they need to manage. Providing employees with anywhere, anytime access is the top reason for VDI interest. Other important areas include the ability to centrally manage desktops to boost efficiency, reduce the cost in upgrading or purchasing desktop computers, the ability to automate and have a robust disaster recovery plan, providing enhanced control over data security along with no limitation on end point devices.
Five Networking Must - Haves For ContainersBrocade
Businesses have unique requirements as they move to use container technologies, we believe these five must-haves will be critical to drive maximum benefits from container adoption.
Read the blog on this topic here: http://bit.ly/2bzmNBw
Automate and customise application services and deploymentChristina Hoh
•Programmability in the network enables you to act and react, on demand, to operational and business events.
•Automation of application deployment, device deployment, application reconfiguration, and support initiation can pay dividends immediately.
•The ability to customise application services results in faster time to market, more innovation, and increased application ROI.
For webinar-on-demand, please click: https://f5networks.webex.com/f5networks/lsr.php?RCID=247e21a15d3cea2fe1882ba466588586
Presentation from the July 22, 2015 Webcast: Software-Defined WAN - A Real World Success Story.
See how MWH Global, a worldwide construction management company, improved its network service and reduced its IT management burdens by deploying a Glue Networks Gluworks software-defined WAN software solution over its existing Cisco Integrated Services Routers (ISRs).
Miss the webcast? View the replay here: https://grs.cisco.com/grsx/cust/grsEventSite.html?EventCode=12200&LanguageId=1&KeyCode=000833700
Panel presentation from the 2015 IIT-RTC Conference. Topics include: the new supermedia - 3D, AR, VR, realtime broadcast; talking to machines - streams from IoT devices and created between people because of them; middleware - the new glue that is emerging to stitch a real-time, high fidelity, contextual experiences together.
Featuring slides from Brian Pulito from IBM, Douglas Wadkins from Skedans, Ivelin Ivanov from Telestax, Dr. Luis Lopez of Kurento, Vladimir Beloborodov of Mera Software and moderated by Chad Hart, independent consultant and Chief Editor at webrtcHacks.
Datasheet: WebSphere DataPower Service Gateway XG45Sarah Duffy
WebSphere DataPower Service Gateway XG45 is built for web services deployments, governance, light integrations and hardened security. http://ibm.co/HIHOAs
The VIPRION® 2400 is a midrange chassis-based hardware platform. Adding to the successful F5® VIPRION product line, the new Application Delivery Controller (ADC) provides significant price/performance advantages for enterprises. In addition, F5's Virtual Clustered Multiprocessing (vCMP™) technology combines virtualization and multi-tenancy capabilities to help customers consolidate and efficiently manage application delivery services. Building on F5’s previously announced Clustered Multiprocessing (CMP™) technology, vCMP enables multiple instances of BIG-IP® software to run on one device.
3298 microservices and how they relate to esb api and messaging - inter con...Kim Clark
Explores the myths and realities of microservices in relation to integration architecture, and related advances in IBM's integration portfolio.. Microservices are as much a new approach to application architecture as they are a return to well-known good practices of isolation and decoupling. The complexities are all the more apparent when comparisons are drawn with evolved integration architecture concepts. The "ESB" concept is often derided in microservices architecture. Is the pattern completely invalid or does it still have its place? Messaging is the silent but essential partner that is key to decoupling among microservice components. But what type of messaging should you use where? Where do APIs fit into the picture? What different categories of API are present?
In this session you will learn why you need to shift from vulnerability detection only to a holistic web application defense strategy. We’ll outline the top three ways to improve your web app security and share how others have developed an integrated, comprehensive strategy that reduces costs and improves the balance between security and app functionality.
After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence.
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Amazon Web Services
The cloud is transforming the way businesses deploy and manage applications. Organizations are increasingly deploying and migrating applications to public and private clouds primarily to drive agility, operational efficiency and cost savings.
While we all recognize the benefits of Cloud, the fact is that there are significant differences between how an application runs in a public IaaS provider data center designed for multiple tenants and how it runs in your private enterprise datacenter.
Whether applications are revenue generating or critical business apps, they must ensure the same great user experience, including across associated availability, performance, and security services. However, there are challenges that need to be addressed, including determining which workloads are suitable for the cloud due to the inherent design of cloud data centers, the application delivery and security capabilities of each cloud provider, and the overall lack of visibility and control.
Attend F5 Networks presentation session to learn how App-Centric Strategy provides the critical services to make your business applications GO SMARTER. FASTER. SAFER whether you’re planning to architect a public cloud, private cloud, hybrid cloud, deploy or re-architect your apps, or migrate to SaaS.
IBM DataPower Gateway appliances are used in a variety of user scenarios to enable security, control, integration and optimized access for a range of workloads including Mobile, Web, API, B2B, Web Services and SOA. This presentation from the IBM DataPower team provides an in-depth look at each use case.
The twelve-factor app is designed for continuous deployment by keeping the gap between development and production small. For example, make the time gap small, make the personnel gap small & make the tools gap small. Learn more about how a Cloud vendor must provide a platform for 12-factor / Cloud Native development and deployment with identified anti-patterns.
When CICS Transaction Server introduced native Web services about a decade ago, SOA became a reality for CICS customers. Today, many customers are doing tens of millions of SOAP based CICS Web services per day. Some are doing much more. But SOAP based CICS Web services are only a part of the SOA story. Support for the REST architectural style in CICS is an increasingly popular alternative to SOAP. And JSON is a popular alternative to XML for many application use cases. Additionally, there have been a great many enhancements to both these SOA styles in recent years. Come to this session to get up to speed on the evolution of these technologies. And most importantly, learn which is the right tool for the job.
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017Philippe Gamache
OWASP Top 10 Proactive Controls 2016
Insecure software is undermining our financial, healthcare, defense, energy, and other critical infrastructure worldwide. As our digital, global infrastructure gets increasingly complex and interconnected, the difficulty of achieving application security increases exponentially. We can no longer afford to tolerate relatively simple security problems.
The goal of the OWASP Top 10 Proactive Controls project is to raise awareness about application security by describing the most important areas of concern that software developers must be aware of. We encourage you to use the OWASP Proactive Controls to get your developers started with application security. Developers can learn from the mistakes of other organizations.
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017 Philippe Gamache
Insecure software is undermining our financial, healthcare, defense, energy, and other critical infrastructure worldwide. As our digital, global infrastructure gets increasingly complex and interconnected, the difficulty of achieving application security increases exponentially. We can no longer afford to tolerate relatively simple security problems.
The goal of the OWASP Top 10 Proactive Controls project is to raise awareness about application security by describing the most important areas of concern that software developers must be aware of. We encourage you to use the OWASP Proactive Controls to get your developers started with application security. Developers can learn from the mistakes of other organizations.
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
David Soulalioux, API Gateway pre-sales engineer at Axway illustrated, among others, a concrete use case of cloud API management at a worldwide energy industry leader. The presentation depicted the exposition of customer’s “Fuel Market” intranets website existing APIs to the outside world. This integration outlined the added value of the API Gateway as authentication layer, security and Quality Of Service (QoS) enforcement point. Also, the retained cloud infrastructure enabled for a scalable and reliable solution, allowing developers to focus on services instead of worrying about the infrastructure.
Similar to Brocade vADC Portfolio Overview 2016 (20)
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
2. The Brocade vADC Portfolio Overview
Services Director
• Elastic Services Director
• Unique Flexible Licensing
System
• Flexible Footprint
• Automation and Visibility
Web App Firewall
• Application Aware Firewall
• Defends your applications
against Layer-7 attacks
Web Accelerator
• Website Acceleration
• Reduces page load time
and cuts bandwidth
Traffic Manager
• Load Balancer / Traffic
Manager / ADC
• Provides reliability, security
availability, offload,
scripting and more
3. Deployment Options
• 64-bit software binary
• Linux or Solaris
• Maximum flexibility for
enterprise architects
• Pre-packaged for leading
cloud providers
• Closer integration with
named CSPs and CSFs
• AMIs for Amazon
• VHD for Azure
• Pre-packaged VA
• Range of Hypervisors
• VMware, Hyper-V,
Oracle VM, etc.
• Hypervisor-specific
features
Pure
Software
Virtual
Appliance
Cloud
Packaging
Bare-Metal
Server Image
• ISO or PXE image to install
directly onto intel x86
servers
4. How It Works: Traffic Manager
Web and
Application
Servers
Respons
e
Monitors
Request
www www
APPS APPS
DB DB
Virtual Server
Client Connections
Pool
Server Connections
TrafficScript
RuleBuilder
TCP Offload
HTTP Caching
Content Compression
Service Level Monitoring
Bandwidth Shaping
Web Accelerator
Application Firewall
Response Rules
Load Balancing
Session Persistence
Bandwidth Shaping
SSL Encryption
HTTP Multiplexing
Concurrency Control
Application Auto-Scaling
TrafficScript
RuleBuilder
SSL Decryption
Global Load Balancing
Service Protection
TCP Offload
Rate Shaping
Application Firewall
Request Rules
Public VIP
6. Traffic Script: Translate URL after Web Site Update
1 $path = http.getpath();
2 if( string.startswith( $path, "/products" )){
3 http.redirect( "/services.html" );
4 }
Example of a simple rule: Check the URL for every request. If the URL starts with “/products,
then redirect to “/services.html”
Rule Builder Traffic Script
Syntax will be familiar to anyone who has used Perl,
PHP, C, BASIC, etc.
14. Web Accelerator
Services Director
• Elastic Services Director
• Unique Flexible Licensing
System
• Flexible Footprint
• Automation and Visibility
Web App Firewall
• Application Aware Firewall
• Defends your applications
against Layer-7 attacks
Web Accelerator
• Website Acceleration
• Reduces page load time
and cuts bandwidth
Traffic Manager
• Load Balancer / Traffic
Manager / ADC
• Provides reliability, security
availability, offload,
scripting and more
• Automates web performance best practices
• Increases innovation capacity and speed
• Improves web performance, reduce bandwidth costs, boosts SEO &
Sales
15. Automate Web Performance best Practices
Dynamic
Layout
Compress
• JavaScript & Stylesheet shrinking
• Image resampling
• Metadata removal
• Dynamic Gzip/deflate compression
• JavaScript/Stylesheet re-ordering
• Removal of missing and duplicate content
• Browser aware optimizations (Desktop, Mobile and legacy browsers )
Cache
• On-Proxy resource caching
• Dynamic page caching
• Aggressive Browser caching
• Auto URL versioning
Combine
• Merge Stylesheets
• Image Spriting
• Background image inlining
Automates web performance best practices, so you can focus on
strategic development & content
16. Services Director
• Automates the deployment,
licensing, provisioning &
metering
of ADC services
• Elastic Services Director
Web Accelerator
• Website Acceleration
• Reduces page load time
and cuts bandwidth
Web App Firewall
• Application Aware Firewall
• Defends your applications
against Layer-7 attacks
Traffic Manager
• Load Balancer / Traffic
Manager / ADC
• Provides reliability, security
availability, offload, scripting
and more
Web Application Firewall
• Out of the box OWASP Top Ten protection
• Configuration Wizards, learning mode with suggested rules
• Granular custom rules
• Application Security in the Cloud
20. Application Firewall – Integrated
Scale out the CPU Cores and RAM on the Integrated Traffic Manager
Web Servers
Integrated WAF: Enforcers,
Decider & Admin on single
instance
21. Application Firewall – Distributed
Any number or combination or Enforcers, Deciders and Admins is possible
Admin ServersDecider ServersWeb Servers
with Enforcers
Enforcer
Decider
Admin
24. • React appropriately to threats against relevant
vulnerabilities as identified in the OWASP Top Ten
• Enforce both positive and negative security models (white/black lists)
• Inspect both web page content and the underlying protocols that deliver
content
• Support SSL termination so that encrypted
transmissions are decrypted before being inspected by the WAF
PCI DDS Details
25. Brocade Services Director
Services Director
• Elastic Services Director
• Unique Flexible Licensing
System
• Flexible Footprint
• Automation and Visibility
Web App Firewall
• Application Aware Firewall
• Defends your applications
against Layer-7 attacks
Web Accelerator
• Website Acceleration
• Reduces page load time
and cuts bandwidth
Traffic Manager
• Load Balancer / Traffic
Manager / ADC
• Provides reliability, security
availability, offload,
scripting and more
• Old world = Static Licenses
• Over Provisioned / Under Utilized
• Difficult to manage
• Inflexible
• Expensive
• New world = Flexible Licensing
• Right Sized
• Easily allocated / re-allocated
• Flexible
• Cost Effective
26. Services Director Licensing
Unique Flexible Licensing System
• Capacity is purchased in 2Gb/s or
5Gb/s blocks of Capacity
• Unrestricted number of vTMs can be
licensed:
‒ Minimum 1Mb/s
• Capacity can be moved around
‒ Allocating draws from the bucket
‒ De-allocating returns to the bucket
30
vtm150
Enterprise
Base Pack
10 Gbps
Standard
Base Pack
10 Gbps
WAF
Add-On
5 Gbps
vtm151 vtm152
3 Gbps
STD
3 Gbps
ENT + WAF
2 Gbps
STD + WAF
27. UNIQUE USAGE-BASED LICENSING MODEL
DYNAMIC RESOURCE AND CAPACITY
ALLOCATION FOR CHANGING WORKLOAD
DRILL DOWN TO USAGE REPORTS AND
EXPORT BILLING DATA FOR CHARGEBACK
Enterprise Capacity Management
31. Cloud Footprint
All the rest can run Linux, so we can get in there too!
vTM deployments are on more virtual and cloud platforms than
any other application delivery controller.
32. Deploy your own Content Delivery Network (CDN)
Content Delivery Cloud
33. How Does a CDN Work?
1. User Requests www.example.com
2. Connectivity established through multiple
hops back to the application
3. All communication follows the same path
Without a CDN CDN optimized
1
2
1
1. User Requests www.example.com
2. Application directs user to receive select
content from the closest location
3. Dynamic communication still goes back to
the origin location
2
3
3
www www
APPS APPS
34. How does the Content Delivery Cloud solution work?
1. User Requests www.example.com and Traffic Manager will direct the user to the best location.
Content available locally is served directly to the user.
2. For dynamic requests, Traffic Manager will proxy connectivity back to the application over
optimized connections, and client connections are established through a single Traffic
Manager.
2
1
vTM at the
Datacenter
• Reliability
• Protection
• Control
• Performance
vTM in cloud
Web cache and Global Load Balancing
requests
www www
APPS APPS
35. Traffic Manager Advantage vs CDN only
Value
Flexibility
Throughput
Adaptive (Pubic / Private/ Hybrid)
Consumption
Dynamic Compute
Performance
Optimizations
Connections
Protocols
Deploy Everywhere
Security
Control
Layers
Resiliency
Encryption
Control
Flexibility
Programmability
Simplify
Development and
Deployment
Time
40. Software / Virtual Machines
• Software environment:
Traffic Manager: Linux x86_64: Kernel 2.6.18 - 3.19 (2.6.22+ for IPv6), glibc 2.5+
Solaris 10 (x86_64)
Virtual Appliances:
VMware vSphere 5.0, 5.1, 5.5, 6.0;
XenServer 6.1, 6.2, 6.5;
Oracle VM for x86 2.1, 2.2, 3.2, 3.3;
Microsoft Hyper-V Server 2012 & 2012 R2;
Microsoft Hyper-V under Windows Server 2012 & 2012 R2;
QEMU/KVM (RHEL/CentOS 6.x, 7.x; Ubuntu 12.04, 14.04);
Amazon EC2 - as a virtual appliance or native software install
Microsoft Azure - as a virtual appliance
CPU : 2-4 vCPU Memory: 2GB , 4GB with Web Accelerator
Disk Space: Minimum : 1GB ; Minimum for Virtual Appliance Install: 16GB
Platform Availability
The objective for this session is that, upon completion, you will have a basic understanding of the Traffic Manager portfolio
PURPOSE BUILT FOR SOFTWARE
Designed for virtual and cloud world - from clustering to the way we present services, unlike legacy hardware ADC vendors offerings. The Brocade vADC value prop. is better and doesn't leave your ADC value prop. bolted to floor of data center
PROCESs AUTOMATION
Because of our pure software heritage and the fact that we’re purpose built for virtual and cloud, it’s much easier to automate deployment and configuration management in the upcoming SDN world
ENABLING BUSINESS LOGIC
TrafficScript, programming language for the Brocade Traffic Manager, simplifies powerful programmability of sophisticated application traffic policies: reducing the amount of time and effort needed to apply business logic to how applications behave on the wire. Our processes are orders of magnitude easier than the competition
HYPERSCALE AND PERFORMANCE ONE DEMAND
The Innovative licensing model delivered by the Brocade Services Director uses license by pool rather than license by instance providing unmatched agility and flexibility truly providing a listening model that can scale
Highest clustering capabilities for increased reliability and scalability (up to 64 vTM nodes per cluster)
Based on our virtual heritage, the customer is empowered to scale p and out to meet the most complex needs
No feature compromise even when at maximum scale
There are FOUR parts to the Brocade vADC portfolio story, which together provide a comprehensive on-demand solution, and build up to the concept we call “Application Delivery as a Service” or “ADC-as-a-Service”
First, the core ADC platform is known as the Virtual Traffic Manager: this provides Layers 4 to 7 services, including load balancing, caching and SSL offload, and a powerful scripting tool, called TrafficScript - we cover this deeper in later slides. Traffic Manager also acts as the platform on which we build higher-level services for security and content optimization.
The second part is the Web Accelerator, this provides Web Content optimization to reduce web page load times, bandwidth, boost Search Engine Optimization and improve overall end-user experience. While Traffic Manager includes a number of powerful tools to accelerate applications and services, the Web Accelerator specifically gives a boost for HTTP applications by automating web performance best practices.
Third is our Web Application Firewall, this solution is a true Layer-7 WAF, which is designed to protect applications from Layer 7 Application-layer attacks, in other words, dealing with security in terms of the content of HTTP requests. While a network firewall ensures that only certain types of traffic are permitted or denied, a Web Application Firewall can be used to apply business rules to traffic, such as inspecting submitted text field data and blocking attacks in the form of SQL injection and cross-site scripting (XSS) and so on, even filtering outgoing traffic to mask credit card data, and help compliance with PCI-DSS and HIPAA standards
(PCI DSS The Payment Card Industry Data Security Standard and HIPAA is the federal Health Insurance Portability and Accountability Act )
Finally, is the Services Director which is a separate platform to the Traffic Manager. The Services Director gives a framework to manage on-demand provisioning of Traffic Managers, by automating the deployment, licensing and metering of ADC services. We have flipped the consumption model of ADCs – instead of over purchasing and overprovisioning ADC instances, the Services Director model allows you purchase “buckets” of bandwidth and enables you to provision as many ADCs as you want with the add-on features you want. This fluid capacity-based model truly enables the “ADC-as-a-Service” concept, this gives you the ability create and manage on-demand and it transforms the way ADC services are consumed by enterprises and service providers
Brocade’s vADC portfolio can be deployed in these form factors. Note that the complete feature set is available in each form factor, and in some cases we provide additional capabilities to support specific hosts.
First in this sequence, we offer a pure software download, in this deployment, Traffic Manager is installed on top of a supported Linux kernel which gives maximum flexibility for architects or OEMs.
Second, we provide pre-packaged virtual appliances for a number of hypervisors, including VMware, KVM, Microsoft Hyper-V and Oracle VM
Third, we have close integration with several named cloud service providers such as an AMI for Amazon web services, an VHD for Microsoft Azure. They are directly available from the respective marketplaces
And finally, we have a unique deployment mode, known as the “Micro ADC” – Using the Services Director model, hundreds of small foot print ADC can be provisioned on a host chassis, this providing a high-density implementation, by using Linux Containers, these micro ADCs are completely isolated from its ADC neighbor
The Services Director, and the small footprint makes it very easy to create, start and stop individual services and even orchestrate the provisioning using the REST API and own Scripts
This diagram shows at a high level how the Traffic Manager works. Traffic Manager sits in front of the web and application servers to accept requests on behalf of external users and manage the dialog with the web or application server.
**Click**
First, Traffic Manager protects the application by ensuring that only the right resources are shared with the outside world, and it optimizes the application by caching duplicate requests and reducing the number of connections and resources needed to manage the transactions. This increases the number of users that the application can service, and at the same time improves the response time seen by end users. And because Traffic Manager continuously monitors the health of the web and application servers, it can route traffic to avoid failing systems to maximize the availability and uptime of the application.
**Click**
Secondly, Traffic Manager can perform web content optimization using the Web Accelerator add-on. The Web Accelerator essentially automates Web Performance best practices. Reducing web content size , reducing HTTP round trips and caching optimized content on the Traffic manager all leads to faster page views for end users, especially over high latency connections.
**Click**
Thirdly, Traffic Manager can help to identify different kinds of users, based on their location, their identity, or even if they are frequent customers, by using a powerful set of rules you can tailor the experience for each of these unique users. As an example administrators can give priority to important requests or paying customers, while freeing up resources on the application by restricting less important traffic to anonymous and non purchasing users. With global load balancing, Traffic manager can even redirect customers to their nearest data centre to give even faster response times.
**Click**
Finally, Traffic Manager can identify and protect against application vulnerabilities and attacks such as cross-site-scripting, SQL injection and other common attacks on your web servers. This is an important feature as its been reported that there has been 51 percent more application layer attacks last year alone. Traffic Manager is available with an add-on Web Application Firewall, which can help achieve compliance with PCI-DSS and HIPPA requirements for protection against attacks prevalent today .
Source : https://blogs.akamai.com/2016/01/q4-2014-state-of-the-internet---security-report-some-numbers.html
In this example, we are only looking at one simple web service. Here we can see a typical web application on the right, with Traffic Manager sitting in front of the application.
Traffic IP
First the client sees a Virtual IP (VIP) which is also called Traffic IPs or TIPs in our Traffic Manager terminology. A Traffic IP is what the client sees and connects to, a virtual server can be setup to listen on one or more Traffic IPs
There are two key parts to Traffic Manager :
**Click**
Virtual Server
Firstly there is a “Virtual Server”, which is the liaison to the client connections, this is the incoming requests and outgoing responses. The Virtual Server handles all traffic for a particular protocol and port. Rules can also be applied here to act on specific conditions. Before Traffic Manager passes the request onto the application, we have the opportunity to apply Virtual Server configurations and custom “Request Rules.” These could include to protection against traffic overload, SSL offloading, denial of unwanted attacks, or even apply HTTP redirects by translating from one URL to another, for example, example.com/specials redirect to example.com/shoes
Configurations and Rules are really easy to set up using the graphical web admin . A huge plus to Traffic Manager feature set is TrafficScript. TrafficScript is a simple scripting tool that understands the way applications and different protocols work. Application programmers, DevOps and people alike can even create complex rules and even extend TrafficScript to use external programs such Java for content processing, TrafficScript and External programs are cataloged and available for re-use across other services hosted on the Traffic Manager.
**Click**
Pools
As well as managing the incoming requests on behalf of the web application, Traffic Manager also manages the server connections using one or more server “Pools”. A web application could use several Server “Pools” such as a group of primary web servers and back-up web servers or even pools serving landing pages for maintenance windows. Pool configurations and custom Rules can also be applied here where Server connections are handled. As well as managing the workloads across the servers, Traffic Manager also manages users sessions on behalf of the application. The graphical web admin makes it really easy to set up rules for how to manage user sessions, consolidate web connections or even encryption on the forward connections for additional security.
**Click**
Monitors
In the background, Traffic Manager monitors the health of individual application servers, and can judge which servers are likely to respond more quickly to different types of requests. Enterprises can choose one of several built-in Load Balancing Algorithms to decide how the workload should be balanced across the server pools and how they should be treated when failed
**Click**
After Traffic Manager passes the request to the back end Servers, the server responds to our request, and we’re almost ready to return the information to the client. At this moment we have the opportunity to apply some “Response Rules” before we hand off the response. Here Traffic Manager could enable intelligent caching rules in place to cache static and selective content. SSL encryption and content compression can be applied here too, to offload significant workloads from the application servers. This is also the place to prioritize outbound bandwidth for unknown versus paying customers, and to verify service levels and application response times. And finally, we can also screen and trap data leakage, by screening out credit card, Social Security numbers or other sensitive information.
Lastly, your extensive logging and graphical monitoring capabilities allow you to see real-time analytics for their application; how many concurrent user sessions are being processed, and the response times from servers. This makes it a really powerful tool for enterprises to understand their applications, and helps enterprises choose the right optimization strategies for their applications.
Traffic Script: Carries business logic out to control how your application behaves on the wire
Rules can run on client Request, Server Response, or after a transaction is completed (useful for connection tracing or collecting statistics on how long the connection took to process)
OK, so here is a simple example of a Traffic Script rule.
If you can describe what you want your application to do, and how you want it to process the requests, we can try to express that as a simple TrafficScript rule. In this example, the idea is simple:
Without editing the web application code on the servers. we want the redirect our users requesting one page to another page.
In this example, we’re looking for any request which is looking in the “products” folder and if I find a request for “products” then redirect to the new “services” folder.
When I turn that sequence into TrafficScript, it is immediately recognizable – certainly any application programmer will see how similar it is to other web programming languages.
The example user case is very simple, we could do even smarter things such as jumping directly to the right page, or even looking up in a table of possible pages based on cookie information.
In this TrafficScript, we look for HTTP 500 Server errors. (You could tweak this rule to only interact with the credit card payment page for example)
If we see an HTTP500 error, we tell the Traffic Manager to avoid the node that failed last time and try again, up to 3 times…
We also put an entry into the log so the administrators know to go check to make sure the customer isn’t charged twice.
As an extension to this rule, we could raise a custom event in the TS that would trigger an email to the application administrators with the log details, so they can easily go check it out!
Here’s a more advanced implementation of Traffic Script. In this Example, Traffic Script is extended by a Java program. TrafficScript here is time stamping and watermarking sensitive PDF files on the fly.
In Summary, TrafficScript is a competitive advantage for Traffic Manager Users because of its Layer 7 capabilities, extensibility and simplicity of its syntax and learning curve to adopt
For more details:
Watermarking PDF documents with Stingray and Java Extensions
http://community.brocade.com/t5/vADC-Docs/Watermarking-PDF-documents-with-Stingray-and-Java-Extensions/ta-p/73617
There are FOUR parts to the vADC story, which together provide a comprehensive on-demand solution, and build up to the concept we call “Application Delivery as a Service” or “ADC-as-a-Service”
First, the core ADC platform is known as Brocade Traffic Manager: this provides core Layer 4 to 7 services, including load balancing, caching and SSL offload, and a powerful scripting tool, called TrafficScript. And we will see in a moment, Traffic Manager also acts as the platform on which we build higher-level services for security and content optimization.
Second, Brocade Web Accelerator provides automatic HTML optimization, to reduce page load times. Traffic Manager includes a number of powerful tools to accelerate applications and services, but Web Accelerator gives an extra boost for some types of applications.
Third, Brocade Web Application Firewall is a Layer-7 web application firewall, which is designed to protect applications from external application-level attacks. While a network firewall ensures that only certain types of traffic are permitted or denied, a web application firewall works with the business logic to decide whether to allow the request to be processed, checking for targeted attacks such as SQL Injection and Cross-Site scripting, and preventing data leakage.
Finally, Brocade Services Controller gives a framework to manage on-demand provisioning, by automating the deployment, licensing and metering of ADC services across a virtual or cloud framework. When linked to a service orchestration framework, we call this ability to create and manage on-demand application delivery services “ADC-as-a-Service” and it transforms the way ADC services are consumed by enterprises and service providers to a much more fluid capacity-based model.
There are FOUR parts to the Brocade vADC portfolio story, which together provide a comprehensive on-demand solution, and build up to the concept we call “Application Delivery as a Service” or “ADC-as-a-Service”
First, the core ADC platform is known as the Virtual Traffic Manager: this provides Layers 4 to 7 services, including load balancing, caching and SSL offload, and a powerful scripting tool, called TrafficScript - we cover this deeper in later slides. Traffic Manager also acts as the platform on which we build higher-level services for security and content optimization.
The second part is the Web Accelerator, this provides Web Content optimization to reduce web page load times, bandwidth, boost Search Engine Optimization and improve overall end-user experience. While Traffic Manager includes a number of powerful tools to accelerate applications and services, the Web Accelerator specifically gives a boost for HTTP applications by automating web performance best practices.
Third is our Web Application Firewall, this solution is a true Layer-7 WAF, which is designed to protect applications from Layer 7 Application-layer attacks, in other words, dealing with security in terms of the content of HTTP requests. While a network firewall ensures that only certain types of traffic are permitted or denied, a Web Application Firewall can be used to apply business rules to traffic, such as inspecting submitted text field data and blocking attacks in the form of SQL injection and cross-site scripting (XSS) and so on, even filtering outgoing traffic to mask credit card data, and help compliance with PCI-DSS and HIPAA standards
(PCI DSS The Payment Card Industry Data Security Standard and HIPAA is the federal Health Insurance Portability and Accountability Act )
Finally, is the Services Director which is a separate platform to the Traffic Manager. The Services Director gives a framework to manage on-demand provisioning of Traffic Managers, by automating the deployment, licensing and metering of ADC services. We have flipped the consumption model of ADCs – instead of over purchasing and overprovisioning ADC instances, the Services Director model allows you purchase “buckets” of bandwidth and enables you to provision as many ADCs as you want with the add-on features you want. This fluid capacity-based model truly enables the “ADC-as-a-Service” concept, this gives you the ability create and manage on-demand and it transforms the way ADC services are consumed by enterprises and service providers
Shown here is a list of optimizations dynamically applied by the Web Accelerator.
Most of these optimizations are well documented and most web applications developers are aware of them and their benefit
In fact, Google PageSpeed and Yahoo ySlow are two well known grading tools that score your web performance based on how many optimizations best practices are applied your webpages.
Having a high score in any of these benchmarks will not only ensure you have a light and fast loading webpage but also a highly SEO score as all the main search engines (Google, yahoo, Bing, etc.) all take into account the speed of your website in consideration when returning search engine results
Although well documented, applying these best practices in a consistent manner is a different story. As you can imagine every time you push out new iterations of web designs and code you need to ensure all these best practices are followed, this takes time to test and implement, often taking time out of development to dedicate time to fix and optimize design and code and not all organizations have resources to do so.
Think of Web Accelerator as a tool for your development team not a replacement – Web Accelerator automates these best practices at runtime and each time new content is pushed
A website’s Google PageSpeed and Yahoo ySlow score instantly is improved
Google PageSpeed: https://developers.google.com/speed/docs/insights/about
YSlow: http://yslow.org/faq/
Details are in the attached Gartner Research doc (found on competitor Imperva's website, not intended for re-distribution).
The Open Web Application Security Project (OWASP) is a world wide not-for-profit organization focused on improving the security of software by keeping software security visible so that individuals and organizations worldwide can make informed decisions about true software security risks.
The OWASP Top is update every few years and ranks the most common and important vulnerabilities. As you can see from the previous and most current vulnerabilities ranking that the top risks can be exposed on the application layer and can be eliminated and at least mitigated by a Layer 7 WAF
See: https://www.owasp.org/index.php/Top_10_2013-Table_of_Contents
There are FOUR parts to the vADC story, which together provide a comprehensive on-demand solution, and build up to the concept we call “Application Delivery as a Service” or “ADC-as-a-Service”
First, the core ADC platform is known as Brocade Traffic Manager: this provides core Layer 4 to 7 services, including load balancing, caching and SSL offload, and a powerful scripting tool, called TrafficScript. And we will see in a moment, Traffic Manager also acts as the platform on which we build higher-level services for security and content optimization.
Second, Brocade Web Accelerator provides automatic HTML optimization, to reduce page load times. Traffic Manager includes a number of powerful tools to accelerate applications and services, but Web Accelerator gives an extra boost for some types of applications.
Third, Brocade Web Application Firewall is a Layer-7 web application firewall, which is designed to protect applications from external application-level attacks. While a network firewall ensures that only certain types of traffic are permitted or denied, a web application firewall works with the business logic to decide whether to allow the request to be processed, checking for targeted attacks such as SQL Injection and Cross-Site scripting, and preventing data leakage.
Finally, Brocade Services Controller gives a framework to manage on-demand provisioning, by automating the deployment, licensing and metering of ADC services across a virtual or cloud framework. When linked to a service orchestration framework, we call this ability to create and manage on-demand application delivery services “ADC-as-a-Service” and it transforms the way ADC services are consumed by enterprises and service providers to a much more fluid capacity-based model.
These modules scale independently in the case of a Distributed deployment and are bundled as one in the case of the Traffic Manager option.
he integrated WAF is enabled on the VTM platform with a license key, it is a full web application firewall with feature parity with the distributed vWAF
On the integrated WAF , Enforcers are enabled on the Virtual Servers where the web applications is configured
The quantity of Deciders can be defined up to the maximum of CPU cores on the vTM instance. In a cluster the number of deciders must be identical therefore in a cluster of vTM, the number of deciders per instance will be up to the lowest number of the CPU cores of a Cluster member
There is one WAF Admin Server accessible from the vTM admin web UI
As with rest of vTM Manager family, software can run anywhere
vWAF is made up of three modules:
Enforcer modules for intercepting traffic, passing it to the decider module, and enforcing its decision. In a distributed WAF architecture, enforcers are installed as webserver plugins (e.g. apache module or IIS isapi filter)
Decider modules do the heavy lifting of deciding whether a message should be let through. In a distributed WAF architecture, Deciders are hosted on Unix or windows machines as a daemon or server
The Admin server is the Central web-based administration console to create and maintain rule sets. Hosted on any web server
The scalability is massive. You can combine any number of Enforcers with any number of Deciders. Admin service is used for add/change/remove of rules. Enforcer/Decider can live without Admin server so not critical to have a redundant pair of Admin servers, but in general recommended.
Realistic limit number of deciders is 500 as of Oct 2012. Enforcers store no centrally managed configuration, so really is not limited.
There are FOUR parts to the Brocade vADC portfolio story, which together provide a comprehensive on-demand solution, and build up to the concept we call “Application Delivery as a Service” or “ADC-as-a-Service”
First, the core ADC platform is known as the Virtual Traffic Manager: this provides Layers 4 to 7 services, including load balancing, caching and SSL offload, and a powerful scripting tool, called TrafficScript - we cover this deeper in later slides. Traffic Manager also acts as the platform on which we build higher-level services for security and content optimization.
The second part is the Web Accelerator, this provides Web Content optimization to reduce web page load times, bandwidth, boost Search Engine Optimization and improve overall end-user experience. While Traffic Manager includes a number of powerful tools to accelerate applications and services, the Web Accelerator specifically gives a boost for HTTP applications by automating web performance best practices.
Third is our Web Application Firewall, this solution is a true Layer-7 WAF, which is designed to protect applications from Layer 7 Application-layer attacks, in other words, dealing with security in terms of the content of HTTP requests. While a network firewall ensures that only certain types of traffic are permitted or denied, a Web Application Firewall can be used to apply business rules to traffic, such as inspecting submitted text field data and blocking attacks in the form of SQL injection and cross-site scripting (XSS) and so on, even filtering outgoing traffic to mask credit card data, and help compliance with PCI-DSS and HIPAA standards
(PCI DSS The Payment Card Industry Data Security Standard and HIPAA is the federal Health Insurance Portability and Accountability Act )
Finally, is the Services Director which is a separate platform to the Traffic Manager. The Services Director gives a framework to manage on-demand provisioning of Traffic Managers, by automating the deployment, licensing and metering of ADC services. We have flipped the consumption model of ADCs – instead of over purchasing and overprovisioning ADC instances, the Services Director model allows you purchase “buckets” of bandwidth and enables you to provision as many ADCs as you want with the add-on features you want. This fluid capacity-based model truly enables the “ADC-as-a-Service” concept, this gives you the ability create and manage on-demand and it transforms the way ADC services are consumed by enterprises and service providers
Whether for services providers or enterprises, we provide a complete set of tools to manage the inventory of ADC instances, so you know how resource pools are being used, and to plan ahead for how to re-allocate resources between different applications and groups. Usage reports can be created for business units and individual clients, making it easy to implement charge-back and billing for cost allocation across the business.
Ducktape, hammer, wd-40
Traffic Script: Carries business logic out to control how your application behaves on the wire
Rules can run on client Request, Server Response, or after a transaction is completed (useful for connection tracing or collecting statistics on how long the connection took to process)
A Traffic Manager content delivery cloud provides solutions to the problems encountered with typical CDN deployments
Traffic Manager delivers more functionality with a lower cost. Software and provider charges are cheaper than CDN throughput rates. Traffic Manager is available with No minimum traffic levels or contracts required with licensing down to the minute. The fluency of Traffic manger allows for deployment without code changes to the application.
Software enables you to Rapidly Deploy Anywhere and Anytime you need, not limited by service options. Traffic Manager offers more Performance optimizations than a CDN service can offer. Deliver Automatic Content Optimization and Control, even for the dynamic objects.
Provide Security for applications not possible with a CDN. Content now stays in your control and Traffic Manager Enables secure and encrypted communications. You now have a solution for intranets and secure document stores. With Traffic Manager, attacks are not forwarded to the origin. Now you can Provide layers of protection and Enforce security policies globally.
The layer 7 fluency of Traffic Manager Provides Control FAR beyond static content into the application layer. With Traffic Manager, eliminate code change requirements and deploy applications not supported with CDN architecture. Extend control without the limitation of service portals and delays, provide full control of updates as needed when needed