F5 The Swiss Application Army Knife - …F5+Sitevision.pdf · [email protected] F5 The Swiss...

30
F5 Agility 2015 1 Säkra och tillgängliga applikationer i en osäker omvärld ! Åsa PerssonF5 - Sweden +46 702 87 88 08 [email protected] F5 The Swiss Application Army Knife

Transcript of F5 The Swiss Application Army Knife - …F5+Sitevision.pdf · [email protected] F5 The Swiss...

F5 Agility 2015 1

• Säkra och tillgängliga applikationer i en osäker omvärld !

Åsa Persson– F5 - Sweden

+46 702 87 88 08

[email protected]

F5 The Swiss Application Army Knife”

F5 Agility 2015 2

• Introduktion

• Kort om F5

• More than a Load Balancer: F5 Vision and Opportunities

• Better Together – Kundcase

• Summering

Agenda

Amazon Prime Air

Delivery in 30 minutes

F5 Agility 2015 5

User

Application

Web Application Firewall

SSL

Traffic Management/SLB

GSLB/DNS

Single Sign-on

Firewall/DDoS Protection

Secure Web Gateway

Application Services Axis

© F5 Networks, Inc 6

Deliver the most secure, fast,and reliable applications to

anyone anywhere at any time.

F5 MISSION

© F5 Networks, Inc 7

F5 Networks

• F5 Networks Is the only enterprise vendor in all Gartner Magic Quadrants for ADC, WAF and Enterprise Network Firewalls

• F5 Networks is a perfect choice for Datacenter Firewall, L3-7 DDoS mitigation, SSL/TLS scaling, Web Application Security and Application optimization.

Magic Quadrant for Web Application Firewalls Magic Quadrant for Enterprise Networks FirewallMagic Quadrant for Application Delivery Controllers

© F5 Networks, Inc 8

Gartner Magic Quadrant for Application Delivery Controllers

Note: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest

ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties,

expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

This graphic was published by Gartner,

Inc. as part of a larger research

document and should be evaluated in

the context of the entire document. The

Gartner document is available upon

request from F5 Networks.

F5 Agility 2015 9

Hybrid Application Services5

Software-Defined Application Services4

Cloud Ready3

Broadened Application Services2

Application Delivery Controller1

F5 Strategy

F5 Synthesis

F5 Agility 2015 10

Innovation

Performanceand Availability

• VIPRION

• ScaleN

• Mobile optimization

• SPDY - HTTP/2

Security

• Application security

• Identity & access

• DC Firewall

• Hybrid DDoS protection

• Anti-fraud

• Anti-phishing

Programmabilityand Management

• Node.js

• BIG-IQ

• SDN Connectors

• iCall

• iApps

• iHealth

• iRules

• iControl

Cloud

• Virtual Editions

• vCMP

• iSession

• Cloud connectors

Service Provider

• Traffic Steering

• CGNAT

• Diameter signaling

• NFV

• Policy enforcement

F5 Agility 2015 11

F5 Ecosystem

Network/SDN Cloud Security Orchestration Application Service Provider

F5 Agility 2015 12

F5 Agility 2015 13

F5 Agility 2015 14

TOP BUSINESS OBJECTIVES TOP TECHNOLOGY OBJECTIVES

Decrease operation costs (54%)Lower IT operation costs by consolidation/simplification (55%)

Increase worker productivity (44%) Boost end-user workforceproductivity (43%)

Business and Technology Objectives Align

© F5 Networks, Inc 15

Technology trends create opportunity and complexity

“Software defined”

everything

SDDC/Cloud

Mobility

Everything is

webified

Internet of

things

Advanced

threats

F5 Agility 2015 16

User

Application

Web Application Firewall

SSL

Traffic Management/SLB

GSLB/DNS

Single Sign-on

Firewall/DDoS Protection

Secure Web Gateway

Application Services Axis

© F5 Networks, Inc 17

0

1 000 000

2 000 000

3 000 000

4 000 000

5 000 000

6 000 000

7 000 000

8 000 000

9 000 000

10 000 000

BIG-IPVirtualEdition

BIG-IP 2000Series

BIG-IP 4000Series

BIG-IP 5000Series

BIG-IP 7000Series

BIG-IP 10000Series

BIG-IP 12000Series

VIPRION2200

VIPRION2400

VIPRION4480

VIPRION4800

BIG-IP 4000s/4200v850k L7 RPS300K L4 CPS10/20G L7/L4

TPUT

VIPRION 24008M L7 RPS4M L4 CPS

320G L7/L4 TPUT

VIPRION 448010M L7 RPS5.6M L4 CPS

160/320G L7/L4 TPUT

BIG-IP 10000s/10200v

2M L7 RPS1M L4 CPS

40/80G L7/L4 TPUTBIG-IP

2000s/2200s425K L7 RPS150K L4 CPS

5G L7/L4 TPUT

BIG-IP 5000s/5200v1.5M L7 RPS700K L4 CPS20/40G L7/L4

TPUT

BIG-IP 70000s/7200v1.6M L7 RPS775K L4 CPS20/40G L7/L4

TPUTBIG-IP Virtual

Edition325K L7 RPS100K L4 CPS

10G L7/L4 TPUT

VIPRION 480020M L7 RPS10M L4 CPS

320/640GL7/L4 TPUT

VIPRION 22004M L7 RPS2M L4 CPS

160G L7/L4 TPUT

Scalability and Performance of F5 “Fabric”Flexible Performance Levels and On-demand Scalability

BIG-IP

12000s/12200v

4M L7 RPS

1.5M L4 CPS

40/80G L7/L4

TPUT

L7

RP

S

© F5 Networks, Inc 18

Full-proxy enables superior user-to-application experience

End Users

Applications

© F5 Networks, Inc 19

F5 Traffic Management Operating System

VIPRION PlatformBIG-IP PlatformBIG-IP Virtual Edition

High Performance Fabric

TMOS

TMOS:

• Real time Micro-kernel based Operating System

• Developed in conjunction with our Hardware

• Provides unparalleled performance and functionality

• Consistency across all Platforms

• Full Proxy Architecture

Network

Session

Application

Web application

Physical

Client / Server

L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation

SSL inspection and SSL DDoS mitigation

HTTP proxy, HTTP DDoS and application security

Application health monitoring and performance anomaly detection

Network

Session

Application

Web application

Physical

Client / Server

F5 Agility 2015 21

Medelstort kundcase

F5 Agility 2015 22

• Problem: Produkt på väg fasas ut

• Befintliga system: Cisco, Portwise, Juniper, Microsoft TMG / UAG,

• Utmaning: Pris för enbart ex Cisco ACE Dyrt! (?)

• Utmaning: Beslutsfattare

Normalt Kundcase: Huddinge Kommun

F5 Agility 2015 23

• Cisco ACE F5 LTM - Lastbalansering - LTM

• Portwise nya HAG F5 APM - Single Sign On - APM

• Juniper F5 APM - VPN-koncentrator - APM

• Microsoft TMG / UAG - Lastbalansering - LTM

• Summering: Större plattforms-konsolidering

• Big-IP 5250v Best bundle

Kundcase: Vad blev det?

© F5 Networks, Inc 24

“Arméknivens” vanligaste “komponenter”

Arméknivens komponenter:

• Juniper VPN – pågående kampanj

• Platformskonsolidering

• Citrix replacement

• Cisco ACE replace – Pågående kampanj

• Microsoft UAG and TMG replace – Pågående kampanj

• Slow Sharepoint, SAP and Lync

• IPv6 projects / Translation projects

• WAF – World class Web App FW

• SSL offload / consolidation

• Traditionell Lastbalansering

• DDOS – On- and off prem ( Cloud / Silverline )

• Single Sign On / Säker autenticering

• DNS Skydd och skalbarhet

© F5 Networks, Inc 25

Cut Cost Quick!! ----> Konsolidering

• En hårdvaruplattfor, passar alla storlekar!

• En förenklad och lättförklarad prismodell

• Kompetensförsörjning förenklad och tryggad

• Färre leverantörer – färre kockar

• Reducerad komplexitet – Mindre fel / färre säkerhetshål

• Adressera skalbarhet

• Möjliggör Automatisering

• Färre burkar, mindre komplexitet, minskade supportkostnader, Lättarekompetensförsörjning

Simplified Business Models

© F5 Networks, Inc 28

F5 Moduler

VIPRION PlatformBIG-IP PlatformBIG-IP Virtual Edition

High Performance Fabric

TMOS

FAST AVAILABLE SECURE

LTM

DNSAAM

ASM

APM

AFM

Extensibility

BIG-IQ

iRules iControl iApps iCall

Management and Orchestration through BIG-IQ:

S

i

l

v

e

r

l

I

n

e

Simplified Software Purchasing

Make it easier to

adopt advanced

F5 functionality

Consolidate into

fewer common

configurations

Save when

purchasing

bundles

Benefits

BIG-IP Local Traffic Manager

BIG-IP Global Traffic Manager

Application Acceleration Manager

BIG-IP Advanced Firewall Manager

SDN Service

Advanced Routing

BIG-IP Access Policy Manager

BIG-IP Application Security Manager

Good Better Best

VE Price

Comparison

Bought As Bundle Bought As Components

Good Better Best

Appliance

Comparison

Network [Physical • Overlay • SDN]

Virtual Edition Chassis Appliance

Many enterprise customers are standardizing on BEST software bundles to future proof their enterprise

Where do I get it?

© F5 Networks, Inc 32

• https://f5.learn.com/

• The F5 University for free training materials and access to complete Sales, Technical and Security accreditations.

• https://devcentral.f5.com/

• Open community and forum of F5 customers and partners, with a wealth of information, articles and blogs by F5 product management/development. Lots of resources for iRules/iApp development.

• https://support.f5.com/

• Search f5.com knowledge base for guides and information on all our products, raise a support case or download software.

• https://f5.com/solutions/

• F5 Reference architectures library.

Lära mer?