클라우드네트워크최적화를위한 NetScaler 10 싞기술 윤영훈차장 ( daniel.yun@citrix.com) Lead system Engineer June 12, 2012
최싞의웹, SaaS 증가모바일워크, 모바일서비스증가 Cloud 서비스증가
클라우드시대 Off Premise 경제적인유지비용 갂편하고사용자관점의운영 유연성과확장성
현재의데이터센터 On Premise 성능 Scaling의한계 높은유지보수비용 모든 Units에대한관리 일반적인보안정책 Lacking Cloud Scalability
고능성및고가용성 클라우드를위한스케일링 통합된웹보안과웹어플리케이션에대한가시성 ( visibility ) 엔터프라이즈네트워크와 Public Cloud 의연결 Service Delivery Controller
클라우드네트워크진입에최적의 Service Delivery Controller 플렛폼으로진화
TM Citrix TriScale 기술 Scale Up - Pay as You Grow Scale In - SDX Multi-tenancy Scale Out - NetScaler Clustering 어플리케이션가시성 ( Visibility) AppFlow - Open, standards-based ActionAnalytics - Integrated real-time 차세대 Security Factory Strong SSL 2K 인증 다양한 DDoS protection 클라우드와연결성 CloudBridge - 기본데이터선터연결성 - IPSec VPN security, WAN optimization
클라우드네트웍홖경으로고민은 스케일에대한고민에서부터시작이다
최대 40 인스턴스까지통합 통합운영제공 유연한성능확장 Pay-As-You-Grow 하드웨어교체없이최대 5 배의성능보장 Scale Up Scale In 최대 32 배의통합성능보장 Scale Out 확장성보장
Scale up Pay as You Grow 증가되는성능에따른업그레이드 새로운하드웨어교체없이성능확장 리소스필요에따른즉각대응가능 중복투자없는유연한성능확장
NetScaler Performance Scale up Pay as You Grow SERVICE DELIVERY/TELCO/CLOUD INTERNET-CENTRIC 50 Gbps MPX 21500 50Gb MPX 19500 35Gb 20 Gbps 10 Gbps ENTERPRISE MPX 14500 18Gb MPX 16500 MPX 18500 24Gb 36Gb MPX 17500 20Gb License Upgrade 5Gbps SMB/SME MPX 9500 3Gb MPX 11500 8Gb MPX 13500 12Gb License Upgrade 1Gbps MPX 7500 1Gb MPX5500 200Mb 10Mb 500Mb License Upgrade 1 2 3 10s 100s Multi-tenancy
Scale In SDX 진정한 Multi-tenancy ADC system 완벽한분리와독립적운영 40x footprint reduction. No Compromises. Simplicity with Many-In -One 기존가상화장비와같이 CPU or I/O processing 의 overhead 가없다. partition-based 아닌 Core 할당방식 완벽한 HA 제공
Scale In - Performance NetScaler MPX 21500 NetScaler SDX 21500 50 Gb/s 50 Gb/s 20 instances over 15 Gb/s per instance
Scale Out NetScaler Cluster 이중화에대한한개념업그레이드 Idle 리소스불필요 Scale out 32x 최대 1 Tbps+ Active 리소스필요에따른즉각대응 서비스중단없이확장가능 통합관리시스템 Passive ACTIVE ACTIVE ACTIVE ACTIVE ACTIVE
어플리케이션 Visibility 중요성 Always-on and Connected Network Era 현존하는데이터센터의경계가없어짐 여러종류의모바일장비의접속 어떤타입의브라우저를사용하고어떤 Device 으로접속했는지? Cost effective, Cloud 와호홖성, Standard- based?
NetScaler 1.AppFlow and 2.Action Analytics
NetScaler AppFlow 는? 표준기반의 IPFIX Transaction level visibility for HTTP, SSL, TCP and SQL 클라우드와호홖성- span-ports, network taps 불필요 Agent-less - traditional operating systems 불필요 3rd Party Collector 와연동
AppFlow Insight: URL 요청별분류
AppFlow Insight: OS, Device, Browser 22
AppFlow Insight: 사용자계정별분류
AppFlow Insight: Client, Server Delay
NetScaler Action Analytics 고객의어플리케이션트래픽을실시갂통계 / 분석 분석된데이타를기반으로정책수행 ( Adaptive policy control ) 인텔리젼스서비스딜리버리제공 Policy Change Runtime Analytic Engine Adaptive Policy Control
More Apps Require Stronger Security
From 2011 though 2013, the use of 1024-bit RSA keys to generate a digital signature is deprecated, and is disallowed beginning in 2014 NIST Special Publication 800-131B, February 2011
NetScaler SSL Performance
NetScaler delivers better price/performance 경쟁사대비최고의 SSL 2K 성능
다양한 DDoS Protection SYN DoS protection - Configurable SYN cookie protection - Runtime detection of SYN attack HTTP DOS protection Renaming ACL rules Extended ACL up to 10,000 Slowris (SlowPost, SlowRead) Attack Protection
NetScaler Cloud Bridge = Network Transparency Network X Network Y 기존 Datacenter / Private Cloud NetScaler L2 Tunnel Cloud Bridge IPSec Tunnel Cloud Provider User Transparency Optimized Access Secured Tunnel Seamless Network 접속지역에관계없이언제어디서접속가능 WAN 구갂의최적화를통해 LAN과같은접속데이터센터와 Cloud 센터갂보안접속데이터센터와 Cloud 센터갂같은네트워크
Consolidate and Virtualized Scale up- Pay/Grow Simplicity and investment protection Scale In - NetScaler SDX Elasticity and Virtualization, consolidation Scale Out - NetScaler Clustering Expandability AppFlow / Action Analystic Application visibility 2048-bit SSL / WEB Security Keep up with security req s Extend Visibility, Security and Control Cloud Bridge Extend the enterprise network to cloud data centers
Work better. Live better.