TECH 5 - Beyond WAN Acceleration: WAN acceleration. David S. Michel CIO: Burr & Forman LLP Sean M. Power Manager IT Security and Infrastructure:

TECH 5 - Beyond WAN Acceleration:

Using Riverbed for more than just

Using Riverbed for more than just

WAN acceleration

David S. Michel – CIO: Burr & Forman LLP

Sean M. Power – Manager – IT Security and Infrastructure:

L h

& G

LLP

Lathrop & Gage LLP

Steven R. Smoot, Ph.D. – VP of Technical Operations

Riverbed

Agenda

Agenda

•

What does Riverbed do in your Network?

What does Riverbed do in your Network?

•

Branch Office Box Solution

–

Riverbed Services Platform - RSP

Riverbed Services Platform RSP

–

Steelhead Mobile Controller - SMC

•

End to End Visibility and Performance Monitoring

y

g

–

Cascade

•

Summaryy

•

Q/A

Imagine if You Could….

Cut consolidation time by 50% with no performance hit

Avoid WAN bandwidth upgrades for 3 years

3

Avoid WAN bandwidth upgrades for 3 years

YEARS

3

Improve worker productivity globally

Drive more than 400% ROI in 6-9 months

457%

For 7800+ Customers, the

Answer Is Riverbed

Answer Is Riverbed

$6 5M d

i

S i $20M/ A hi

6

S

d $5M i

_{$6.5M saved in}

1 year $60M in

5 years

Saving $20M/yr

via faster value

chain

collaboration

Achieve a 6 mo

payback and

save $20M

Saved $5M in

software costs

collaboration

“With Riverbed, remote users regularly access centralized data without

“With Riverbed, remote users regularly access centralized data without

g

g

y

y

experiencing 45 minute wait times. Users are less frustrated and more productive,

experiencing 45 minute wait times. Users are less frustrated and more productive,

while IT costs have been lowered”

while IT costs have been lowered”

---- Nat Thomas, Technical Director, CSX

Nat Thomas, Technical Director, CSX

Riverbed is the IT Performance

Company

Company

Optimize

Consolidate

Understand

The ROI from Network, Storage, App, and Cloud

Investments

To the data center and within the branch The Total Performance

Picture SIMPLIFY CONSOLIDATION / VIRTUALIZATION AND ENABLE LOCAL-LIKE PERFORMANCE SPOTLIGHT CURRENT

PERFORMANCE PAIN & POTENTIAL

ACCELERATE APPS, CUT BANDWIDTH COSTS,

ENHANCE BCDR, IMPROVE STAFF PRODUCTIVITY PRODUCTIVITY

Riverbed

’

s Complete Family

of Performance Products

BRANCH OFFICE BRANCH OFFICE

Steelhead Appliances & Virtual

Steelhead*

Cascade

PRIVATE DATA CENTER PRIVATE DATA CENTER

WAN

PRIVATE DATA CENTER PRIVATE DATA CENTER PRIVATE CLOUD PRIVATE CLOUD Steelhead Mobile MOBILE WORKERS MOBILE WORKERS Steelhead Mobile Cloud Steelhead* PUBLIC CLOUD PUBLIC CLOUD

SECONDARY DATA CENTER SECONDARY DATA CENTER

Riverbed’s Cloud Direction

Cloud Services Provider

Backups or

D t C t

WAN

Data Center

_WAN

WAN

What is RSP?

What is RSP?

•

VMware Virtualization running on the

VMware Virtualization running on the

Steelhead – VM Server 2

•

S pport for 5 VM instances

•

Support for 5 VM instances

•

Steelhead is always in-path, but RSP provides

f

f

f

ff

f

flexible configurations for different data flow

scenarios (VNI’s – virtual network interfaces)

•

RSP is a separate service running in own

memory space – traffic and optimization

always preserved

Use Cases for RSP

Use Cases for RSP

•

Branch Services

Branch Services

–

DC, AD, File and Print, BranchCache

Consolidated core network services Infoblox

–

Consolidated core network services - Infoblox

•

Security

/

–

IDS/IPS,

–

Firewall (e.g. Checkpoint, Forefront),

–

Web Filtering (e.g. Websense)

IT Consolidation

INSIDE

the branch

the branch

Further

Consolidation at

Further

Consolidation at

Branch Office

Today

Branch Office

Today

Server

Consolidation to

Server

Consolidation to

Branch Office

Branch Office

Today

Today

Data Center

Data Center

AD AD AD, DNS/DHCP FIREWALL DNS/ DHCP PRINT SERVER FIREWALL FILE SERVERS MAIL SERVER AD, DNS/DHCP FIREWALL DNS/ DHCP PRINT SERVER FIREWALL FILE SERVERS MAIL SERVER FIREWALL

ANY VIRTUALIZED SERVICE

MAIL SERVER FILERS STORAGE FIREWALL PRINT SERVER WAN OPTIMIZATION MAIL SERVER FILERS STORAGE

Use Cases for RSP

Use Cases for RSP

•

Enterprise Video

Enterprise Video

–

Efficient video streaming

Live video splitting at the edge

–

Live video splitting at the edge

–

Content prepositioning

A t

t d di

ti

f

th

–

Automated redirection for the user

–

Support for Flash and Windows Media

P l

Q

d W d

M d

Use Cases for RSP

Use Cases for RSP

•

Networking & Management

Networking & Management

–

Routing – Vyatta

Riverbed Virtual Editions

–

Riverbed Virtual Editions

•

Steelhead Mobile Controller - SMC VE,

•

Cascade Sensor VE

Cascade Sensor VE

–

Satellite communication – SCPS

–

OPNET

OPNET

RSP - Screenshot

RSP Screenshot

RSP Networking

RSP Networking

•

In-band packages

AN N f

AN

WAN d

fl

–

LAN VNI for LAN to WAN dataflow

–

WAN VNI for WAN to LAN dataflow

–

Virtual In-Path packages

•

DNAT (IP, Port, IP & Port) – Proxy based solutions like

SAP/ADOW

SAP/ADOW

•

Mirror – Span port for network monitoring

–

Management VNI’s – primary/aux ports

Management VNI s primary/aux ports

•

Out-of-band packages

•

e g Windows Ser er

•

e.g. Windows Server

RSP Networking

RSP Networking

RSP Networking

RSP Networking

Summary of Dataflow rules

Package Solution VNI Integration Interaction with Opt traffic

Windows / Infoblox Branch Services Mgmt / Aux None

Websense URL Filtering Virtual Inpath All traffic copied to the

package package Checkpoint, McAfee

Firewall Enterprise, Microsoft TMG

VPN and Firewall LAN/WAN Bridging Optimizable traffic redirected to package

Polycom, Qumu,

Accordent Media Services Virtual Inpath

Redirected to

package with Layer 3 NAT

Opnet Ace Live,

Riverbed Cascade Network Monitoring LAN/WAN Bridging Span port

Vyatta Routing Virtual Inpath Layer 2 switch

RSP - Technical Considerations

RSP Technical Considerations

•

VM creation in VMserver, Workstation and P2V

•

Virtual machine versions 4, 6, 7

•

Check 32Bit/64Bit support per appliance model depending on what VM

you want to run

–

Desktop Models – 250, 500 32-bit

Desktop Models 250, 500 32 bit

–

1U and Above – 64-bit

•

For production critical RSP packages

–

recommend RAID kit for SH for the 1U models

•

No thin provisioning

•

Must install VMware tools

•

No USB or CD/DVD support

•

Memory supported disc space supported

•

Memory supported, disc space supported

•

RiOS 6.0 and above – more RAM supported

•

Check resources that appliance needs

Steelhead Mobile

Steelhead Mobile

•

Software based implementation of Steelhead

Software based implementation of Steelhead

technology for your end-points

•

Gi e o r laptops and PC’s their own

•

Give your laptops and PC’s their own

Steelhead for optimization when working

remotely

Three Challenges For Mobile Workforce

p g

p g

Location

Location

Inconsistent connection types, costs, and user volumes: Inconsistent connection types, costs, and user volumes:

All conspire against a

All conspire against a

y

y

““standardstandard

g p

g p

”” environment environment

Latency

Latency

Is the major issue how long it takes people to accomplish a task?

Is the major issue how long it takes people to accomplish a task?

Latency is the secret throughput killer

Latency is the secret throughput killer

Steelhead Mobile Solves All Three Challenges!

Steelhead Mobile Solves All Three Challenges!

_{Low bandwidth links (e.g. satellite)}

_{Low bandwidth links (e.g. satellite)}

Link

Link

Lots of applications on overwhelmed bandwidth

Lots of applications on overwhelmed bandwidth

pp

Expensive

Expensive

Making Acceleration Easy –

For All Mobile Users

For All Mobile Users

Concurrent licensing model

ƒ

A

workers

‘

pool

’

of licenses for use by all mobile

ƒ

Estimated 1 license per every 3 to 5 mobile

ƒ

Estimated 1 license per every 3 to 5 mobile

workers

ƒ

Other vendors do licensing

per user

ƒ

$87 cost estimate per mobile ser (1 4 model)

Pricing

ƒ

$87 cost estimate per mobile user (1:4 model)

ƒ

Steelhead Mobile Controller: $12,995

(includes 30 licenses)

ƒ

Steelhead Mobile Licenses: Starts at $3 500

Steelhead Mobile Licenses: Starts at $3,500

for 10

ƒ

Deploy to all laptops pay only for what you

Easy to manage

ƒ

Deploy to all laptops – pay only for what you

_need

ƒ

Cluster Steelhead Mobile Controllers as

needed

Steelhead Mobile Solution –

The 3 Components

The 3 Components

Steelhead Mobile Software Steelhead Mobile Controller Steelhead Appliance

• Deployed on a laptop or desktop

PC

• Runs in ‘invisible’ or ‘visible’ mode • Reduces bandwidth needs

• Optimizes protocol inefficiencies

ƒ Deployed in the data center

ƒ Handles all licensing, detailed reporting, packaging &

policies pp ƒ Deployed in data center ƒ Any model RiOS 4 i d

• Optimizes protocol inefficiencies • Windows 2000 SP4: XP SP3 (32

bit versions only), Vista SP1 (32 bit versions only)

• Celeron 450MHz CPU

• Minimum 250 MB hard drive

policies

ƒ Supports up to 2,000 concurrent active Mobile clients

ƒ RiOS 4.x required

ƒ Communicates directly with Steelhead Mobile

• Minimum 250 MB hard drive

(configurable up to 20 GB)

• 256 MB RAM

ƒ Clusters for scale

ƒ Minimum one Steelhead Mobile Controller required

Two Deployment Options

SMC-VE SMC

PRIMARY DATA CENTER BRANCH OFFICE

SMC-VE, SMC

Steelhead Mobile Controller

Appliance

ƒ Designed for large

deployments and rapidly Steelhead Mobile Controller

Virtual Edition

ƒ Enterprise grade acceleration for SMB or smaller strategic

WAN

_ƒ growing organizations

Standalone appliance deployed in the data center.

ƒ $12,995 with 30 concurrent

mobile deployments

ƒ Virtual package deployed in the Riverbed Services Platform on Steelhead Appliance

MOBILE WORKERS

licenses

ƒ Supports up to 4,000

concurrent active Mobile clients

ƒ Clusters for scale

ƒ $5,995 with 10 concurrent licenses

ƒ Supports up to 100 concurrent active Mobile clients

Steelhead Mobile - Benefits

HTTP & HTTPS Optimization

Steelhead Mobile Benefits

HTTP Acceleration

ƒ

Improved performance for all HTTP(S)

applications

ƒ

Same approach to HTTP(S) optimization as RiOS 6.0 provides a complete

pp

( ) p

p

p

solution for web application acceleration for branch office and mobile workers

Branch Warming

ƒ

“

Warm

Warm performance regardless of location

“

performance regardless of location

ƒ

Sharing data references between mobile and branch office

workers improves acceleration for the entire organization

Expanded Support for Next Generation Operating Systems & Platforms

Branch Office (LAN)

Expanded Support for Next Generation Operating Systems & Platforms

ƒ

64-Bit Systems: Optimization for memory and data intensive

applications

W d

7 C

f

f ll f M

f '

ƒ

Windows 7: Consistent performance for all of Microsoft's

Use Cases for

Steelhead Mobile

Pandemic Planning

Backup Optimization

•

Tools for mobility need to be in

place

•

Business processes essential

•

Cost-effective Steelhead

backup mechanism

•

Only active when Steelhead is

t

•

Most large customers do some

form of planning

•

Federal Telework Mandate

G

IT I iti ti

not

Desktop Virtualization

•

Integration into virtualization

tools

Green IT Initiatives

•

Consolidation efforts save

energy, staff, equipment

•

SHM saves cost of additional

tools

•

Accelerate full virtualization

tools

•

Accelerate Application

•

SHM saves cost of additional

appliances

•

Real estate costs

Accelerate Application

virtualization tools

Steelhead Mobile

Real World Performance

• Laptop offline for 1 week, mailbox not synched – Outlook 2003

p p

y

• After full synchronization – 52% reduction of MAPI traffic

Steelhead Mobile

Real World Performance

•

New OST file (e g OST file corruption)

New OST file (e.g. OST file corruption)

•

Mailbox – 1.14 GB

f

f

M

•

Time for full caching over 15Mb DSL, 50ms

latency

Æ

29 minutes

Æ

5Mb/s

•

72% bandwidth reduction

Æ

1031 MB

Steelhead Mobile

Technical Considerations

Technical Considerations

•

Windows and Mac support

Windows and Mac support

•

Careful with Out of path support depending

where ser er side SH is

where server side SH is

•

Datastore size – larger data store translates to

AM

more RAM

•

Processor considerations

•

Images did not have sysprep or ghostwalker –

Cascade

Cascade

•

End to End layer 4 - 7 visibility and performance

End to End layer 4 7 visibility and performance

monitoring

–

Which applications at which sites still require acceleration?

–

What performance level is each of your users experiencing

now?

A

l

h

h

h

& l

h

h

–

Are critical metrics such as throughput & latency where the

business needs them to be?

–

Are specific applications or users slowing down your

Are specific applications or users slowing down your

network?

Cascade = Visibility

Manage Application

P f

ƒ

Monitor application delivery on the

network

Performance

ƒ

Minimize impact of service outages

ƒ

Resolve issues proactively

Streamline WAN

Optimization

ƒ

Plan for WAN optimization, quickly identify

best candidate sites for optimization

ƒ

A

i

t f WAN

ti i ti

p

_ƒ

_{Assess impact of WAN optimization}

deployment and quantify benefits

Ensure Successful

Consolidation

ƒ

Reduce costs and risks of IT consolidation

ƒ

Accelerate application discovery and

dependency mapping

Cascade: a different way to

look at your network

look at your network

Behavioral Analytics

ƒ Learns typical network and application behavior patterns and alerts you to meaningful changes

ƒ A cost-effective way to monitor your applications

ƒ Drill down to network performance metrics per application, host,

Network Drill-Down

user, and much more

ƒ Business-centric view of your infrastructure, with extended troubleshooting capabilities

End-to-End

Dependency

Mapping

ƒ Identifies application, server and client dependencies without agents

ƒ Helps you understand the impact of change on application delivery

Riverbed Steelhead

Fluency

ƒ Analyze application performance across optimized and non-optimized sites

Fluency

Cascade Deployment Topology

Cascade Deployment Topology

Cascade Analytics

Cascade Analytics

• End-user experience metrics feed into the Cascade behavioral model

• Normal behavior is automatically learned – no configuration is

necessary

If

i

l

f

l

diti

i t i

d

Use Cascade to drill down &

discover problem sources

Example: problem related

to high WAN utilization

L t’ fi d th

li ti

Let’s find the application

Let’s find the server

Which user is responsible?

Let s find the server

Which user is responsible?

The Cascade product line

NOC Cascade

The Cascade product line

Data Center Web Tier Cascade Sensor NOC Cascade Profiler & Gateway Web Tier App Tier Cascade S VE DB Tier DNS AD NTP Sensor -VE

Profiler

• Centralized

reporting & analysis

• Behavioral analytics

Gateway

Sensor

• Layer 7 application

classification

• End-user experience

Sensor-VE

• Collects data from

sensors & gateways

• Sized based on flow

per minute capacity

• Collects flow data from selected

sources

• Supports all flow types

• Deploy w/profiler or regionally

• Performance metrics

• Collects traffic from

SPAN ports or taps

• Deployed in data center

• End-user experience

• Performance metrics

• Loads as RSP package

Cascade competitive overview

Cascade competitive overview

Cascad e Blue Coat NetQoS (Cisco) Ipanema NetScou t OPNET Generic NetFlow Automated analytics based on u o a ed a a y cs based o

₉

₉

learned normal behavior

9

9

Click and pivot, drill-down interface

for all metrics

9

Dynamic, end to end, client-server

dependency maps

9

End-user experience metrics and

monitoring

9

9

9

9

monitoring

Layer-7 application fingerprinting

₉

₉

₉

₉

₉

Security & Compliance

₉

₉

P k t t d l i

₉

₉

₉

Packet capture and analysis

₉

₉

₉

NetFlow reporting, all sources

₉

₉

₉

₉

₉

₉

Single vendor, tightly integrated

solution with automatic configuration

9

9

solution with automatic configuration

Cascade – Use Case

Cascade Use Case

•

MTTTR – reduction in mean time to trouble

resolution

•

Network warning

•

Replay

•

Massive retention of traffic analytics

With C

d

•

With Cascade

–

Identified 2 network misconfigurations

•

application availability reporting and alerting

pp

y

p

g

g

•

new host alerts + automated vulnerability scans

Q/A

Q/A