Infrastructure for more security and flexibility
to deliver the Next-Generation Data Center
Stefan Volmari
Today's trends turn into major challenges…
© 2014 Citrix. Confidential. 3
…and lead to Data Center Transformation
• More mobile devices
• More applications
• More data volume
• More cloud services
• Fast
• Secure and Scalable
• Network Analytics
• Consolidation
• Automation
• Flexible
• Mobile Optimization
• Clustering
• Big Data
• Virtualization
• SDN Orchestration
• Service Chaining &
Overlay Networks
Trends
Demands placed on
Network
From static to elastic
Legacy Datacenter
Constantly behind
Network-focused
Overprovisioned
Console-managed
Complex to change
DMZ for security
Cloud Datacenter
Constantly redefined
Application-focused
Click-to-update
Automated and orchestrated
Services-oriented
© 2014 Citrix. Confidential. 5
So why keep anything on-premise?
Scale
– When you have scale that makes on premise
cheaper than cloud based
Security
– When you have unique security or
regulatory requirements
Attributes of Datacenter.next
What does success look like?
Leverages
cloud
where it makes clear sense
Managed services and
service levels
– not simply systems and networks
Application-focused
networking and
service chaining
SLA’s define minimum service requirements –
frugal, not cheap
Trust
and predictable behavior persists through
multiple state changes
What’s needed for Datacenter.next security?
Confidentiality, Integrity , Availability and Management
Keep the Lights On
Thwart Advanced Attacks
Optimize Service Delivery
Provide Business Value
Support mobile/global workforce
Run anywhere, optimized local performance
Physical to virtual, enterprise to cloud
Mesh networking, delegated admin
End-to-end encryption / Always-on SSL
Use of public cloud services
Amazon, Azure, ShareFile Cloud directory and identity
Automated and orchestrated
© 2014 Citrix. Confidential. 9
Keep the Lights On
Ensure service availability
• Global Server Load Balancing (GSLB) • Clustering and high availability
• Priority Queuing for application-level QoS management
Protect critical services
Advanced Threats
Block web-specific attacks
• Web Application Firewall
- Protects HTTP, XML, SQL, dynamic content and session state (including cookies)
• HTTP re-write and Responder
- Custom request/response policies tuned to application and security needs
• Enable Always-on SSL protection!
Stop modern malware
• Integrated protection from anti-malware to IDS/IPS - and beyond
© 2014 Citrix. Confidential. 11
Optimize Service Delivery
Satisfy the need for speed!
• SSL acceleration and SPDY • Caching and compression
Control enterprise access
• Full Proxy Gateway
- Provides SSL/VPN and mobility enablement, including SmartAccess and micro-VPN for XenMobile
• AAA, SAML and enterprise directory integration
- SSO and interoperability across enterprise and SaaS apps
• Centralized policy enforcement across distributed apps and services
• NITRO RESTful API
Prove Business Value
A holistic view of web properties
• AppFlow and HDX Insight
- Application-level telemetry and analytics
• Integrated PCI DSS config and compliance reports • Multitenant service delivery with SDX
Enabling enterprise agility
• Connect public and private clouds with CloudBridge • Run web properties in the cloud with VPX
How to:
© 2014 Citrix. Confidential. 15
ADC: Accelerate, Scale, Optimize Applications
Signalling Load Balancing
Scale performance of PCRF, OCS, SPR, AAA, DNS and SIP
servers Scale performance of
web servers, in-line proxies and data bases
Balance load across data centers for performance and availability Global Server Load Balancing Application Load Balancing DNS Caching Enhance performance DNS servers and protect against DDoS
Enhance performance of ADNS infrastructure
Authoritative DNS
SPDY
Streamlines web object downloads for non SPDY server endpoints
Multipath TCP
Maintains TCP sessions when moving between
WiFi & 3G/4G
Web Compression
Consolidate SSL transactions to accelerate and scale
SSL Offload
Speed up web page downloads and decrease bytes
TCP protocol level tuning for quicker application transport
Cloudification Models for Datacenter.next
Private
Hardware Appliance Main drivers: - Security - Cost - Bursting - Multitenancy - Data proximity - Services orchestrationHybrid
Multi-Tenant Appliance Main drivers: - Security - Cost - Bursting - Multitenancy - Data proximity - Services orchestrationPublic
Virtual Software Appliance
© 2014 Citrix. 17
Simplified framework to mange capacity for
mobile networks
5 Gbps 120 Gbps 50 Gbps 3.2Tbps…
Data Center/Application Plane
Telco.com Directory Remote Desktop Online Video M2M Customer Care Control Plane SIP/IMS DNS 3GPPAAA PCRF OCS SPR/UDR
Mobile Core/Data Plane Adaptive Traffic Manager WAP Push Proxy Parental Control/ Personalization
Firewall Transparent Cache Messaging
Content
Services for Datacenter.next
Authentication
• IAM, RBAC, MFA, privileged account mgmt
Automation
• Service chaining, SDNDelivery
• DaaS, Micro-VPN, SSL/VPNDevOps
• NITRO, RISEElasticity
• PayGrow, Burst Packs, services chaining
Optimization
• Services balancing, power & cost-balancing
Resiliency
• GSLB
Telemetry
• AppFlow, HDX Insights
Threat Protection
© 2014 Citrix. Confidential. 19
Key Value Proposition for Operators
19
Application Performance and Traffic Management
Ideal for Virtualized and Automated Networks
Scale out capacity on-demand Leverage cloud economics
Network Flexibility
Enhance performance and availability of applications in the S/Gi-LAN, control plane and data center
Manage IPv6, intelligently steer traffic Simplify transition to virtual ADCs
Capabilities and Tools for Network Transition
Hardware Appliance Software-based Identical Functions Across Platforms Automation Framework=
=
Integration with Orchestration Systems and Controllers
© 2014 Citrix. Confidential. 21
