NetScaler

Report
Sikker adgang fra alle
devices
edgemo summit CPH
maj 2014
Kort intro
Eigil Ørnfelt
Infrastructure specialist
[email protected]
Niels Holm
Infrastructure specialist
[email protected]
NetScaler Access Gateway Enterprise Edition (AGEE)
NetScaler
Gateway
NetScaler
ADC
Citrix Access Gateway (CAG)
Citrix Secure Gateway
Citrix Advanced Access Gateway (CAG)
Citrix NetScaler overview
Citrix NetScaler overview
Cloud Infrastructure
• World-class load
balancing
• Health
monitoring
Availability
• Caching
• Compression
• Optimization
PerformanAcAc
Accelerate
Enterprise Datacenter
• TCP Connection
Management
• SSL processing
Offload
• SSL VPN
• Application
firewall
• AAA
Security
Layer 4 Load Balancing
TCP and UDP Client Requests
Maintaining User
Sessions
Distributing Traffic
Monitoring Server Health and
Availability
• Source IP
• Least Connections
• TCP Connection
• Cookie
• Lowest Response Time
• HTTPS Connection
• SSL Session ID
• Round Robin
• Extended Content Verification
• Server-ID in URL Query
• SNMP-based
• Scriptable Health Checks
• Customer Server-ID
• Hash-based
• Token (header or body)
• Many more…
Global Server Load Balancing
Site A
Site B
Content Switching: Load Balancing on Steroids
HTTP Requests
Client Attributes
Request
Protocol
Request Method
• Anything in request body
• Any TCP Request
• Any TCP payload value
• Device Type
• HTTP Get
• Any HTTP payload value
• Language
• HTTP Post
• Domain
• Cookie
• Browser Capability
• XML XPath support
• Wildcard URL
Optimering
TCP Connection Multiplexing
Web Server
1.
NetScaler terminates connection
4.
NetScaler transmits client requests
2.
Client transmits requests
5.
Other clients follow same procedure
3.
NetScaler establishes server connection
6.
Multiple client requests are transmitted across common server
connection
AppCache
• Memory or flash disk based cache
• Reduce time to first packet
• Significantly reduce back-end server workloads
• Dynamic caching for frequently changing content
• Flash cache support for realtime updates
AppCache – Non-Caching proxy
Get the web page
Deliver it one time
AppCache – Caching proxy
Get the web page once
Deliver it many times
AppCompress
• Standard based compression – GZIP/DEFLATE
• Works with all browsers, including mobile
• Applies to HTML, JavaScript, CSS and Documents
• 3:1 to 5:1 Compression Ratio
AppCompress
1 Gbyte
File
200-300Mbps Throughput
1 Gbyte
File
1 Gbps Throughput
Sikkerhed
AAA - Authentication
Multi-factor authentication
REQ.SSL.CLIENT.CERT = EXISTS
REQ.BROWSER-TYPE = Internet Explorer
REQ.SSL.CLIENT.CERT != EXISTS
REQ.SSL.CLIENT.CERT
= EXISTS
+ LDAP
NetScaler Insight Center
Insight Center
XenDesktop/ XenApp
!
!
!
Internet
?
!
WAN
?
?
Data Center Network
Citrix Support
Insight Center
IT Department
Citrix Support
Software
Old
IT dept calls
Citrix Support
Help-Desk
Citrix Support
Desktop
Admin
USER
Network
Admin
New
Help-Desk
USER
Network
Admin
Citrix Support
Escalation
NetScaler Insight Center
Internet
3rd Party
Analysis Tools
NetScaler
Insight Center
AppFlow
AppFlow
XenDesktop/ XenApp
NetScaler
Insight Center
Application or
Network?
Servers
Causing
Trouble
Users
Affected
Which Part of
Network?
Bandwidth
Taken Up?
Insight Center
DC & WAN
Latency
Active
/Inactive
Session Data
Virtual
Channels
ICA Analytics
Client/
Server IP
ICA RTT
Host Delay
?
Tak for jeres tid!

similar documents