Alteon Web OS. Intelligent Internet. What s New in Alteon Web OS Alteon Web OS Benefits. Product Brief

Size: px
Start display at page:

Download "Alteon Web OS. Intelligent Internet. What s New in Alteon Web OS 10.0. Alteon Web OS Benefits. Product Brief"

Transcription

1 Product Brief Intelligent Internet Alteon Web OS Alteon Web OS Benefits Intelligent Traffic Management with Multi-Application Support High Performance Security Network Scalability and Optimization Fail-Safe Network Assurance Nortel Networks Alteon* Web OS Traffic Control Software provides intelligent traffic management capabilities that allow enterprises and service providers to efficiently and reliably scale, optimize, and secure their high-value applications and services. Through leading application intelligence and powerful filtering capabilities, Alteon Web OS enables improved resource utilization and performance, high-performance security, and fail-safe network assurance. Alteon Web OS runs seamlessly on the entire Alteon Web Switch product family, including the Alteon ACEdirector series, the Alteon 180 series, and the Alteon Web Switching Module for the Passport What s New in Alteon Web OS 10.0 Nortel Networks continues to innovate with Alteon Web OS to provide enterprises and service providers with unparalleled application, management, and traffic control services. Major new Alteon Web OS 10.0 features include: Allowing data center operators to better differentiate services among customers, groups, or departments through tools such as filtering based on VLAN ID

2 Alteon Web OS Application Examples Intelligent Application Redirection Server Firewall Intrusion Detection System Streaming Media (RTSP) Wireless Internet (WAP) Global Server WAN Router VPN SSL Acceleration Offload High-Performance Security High Availability Bandwidth Management Figure 1: Content Intelligent. User Awareness for Differentiated Services Strengthening security by increasing protection from Denial of Service (DoS) attacks, enhancing control over access to specific applications, improving the ability to deny certain types of traffic, and improving monitoring Advancing the market-leading layer 4 through 7 functionality through improved hashing functionality and intelligent DNS load balancing support Adding new application functionality, including enhanced streaming media support and Lightweight Directory Access Protocol (LDAP) load balancing, and Increasing the number of real servers supported and adding Open Shortest Path First (OSPF) protocol support. Content Intelligence Enables High-Value Services and Network Optimization Alteon Web OS performs full layer-7 inspection of URLs, cookies, and host headers across multiple requests and responses. Using this information, enterprises and service providers can Content Awareness for Flexible Content Location differentiate traffic and optimize network implementation based on attributes such as application, user, and access device (e.g., PC, mobile phone). This powerful content intelligence provides a number of significant benefits: Enhanced Differentiated Services To provide preferential services based on user categories (e.g., Web site visitors who are frequent shoppers versus visitors who only browse), a Web switch needs to be cookie-aware. Likewise, to enforce the appropriate bandwidth and jitter characteristics for transporting different content types, a Web switch must be URL-aware. For data center operators and Web hosting providers, filtering based on VLAN ID allows service differentiation across multiple customers, groups, or departments. Without this content awareness, traffic classification and hence, quality of service, can only be applied at gross levels such as per-ip address or per-application port. Alteon Web OS supports full content awareness, allowing granular differentiation of services. High Performance Via Application Redirection Application redirection offloads policy routing from expensive routers and increases system performance. With application redirection, powerful filtering rules are used to intercept any type of IP traffic and redirect it to a designated server, server farm, or IP interfaces. Administrators can set filters by source and destination MAC and IP addresses, protocols, layer-4 source and destination port numbers, VLAN IDs, URLs, and cookies. Any or all filters can be applied dynamically to each switch port to allow, deny, or redirect packets. Dozens of unique filters can be executed simultaneously with minimal performance impact. 2 Alteon WebOS 10.0 Product Brief

3 Persistent Application Support Applications such as ebusiness shopping carts, payment transactions, search displays, and multi-page forms require persistent connections. This means a client must constantly talk to the same real server for the duration of the transaction, which typically spans multiple TCP connections. If a client-server association is not persistent, it may result in broken applications (e.g., shopping carts, forms, etc.) and disgruntled users. Alteon Web OS enables persistent application support through content intelligence. In a mega-proxy environment, the only reliable method for matching multiple connections to the same user is by using cookies embedded in non-secure HTTP connections or SSL session identifiers embedded in secure HTTP-S sessions. The ability to parse content enables an Alteon Web Switch to accurately associate consecutive requests from a user (client) with the same server, ensuring transaction integrity. Flexible Content Location By examining the URL in Web requests, Alteon Web OS can determine the type of content being requested and direct the requests to servers hosting that content. Content-intelligent switching allows partial content mirroring on each server and makes it easy for businesses to deploy servers optimized for specific content types or processing functions. Improved Server Performance HTTP version 1.1 allows multiple HTTP transactions to be transported over a single TCP connection to reduce TCP processing overhead. A layer-4 switch with no content intelligence will forward all HTTP 1.1 requests on each TCP connection to a single server. In contrast, an Alteon Web Switch can forward each request within the TCP connection to a different server, increasing load distribution granularity. This optimizes resource utilization and speeds overall server performance. Virtual Hosting Support Virtual hosting conserves IP addresses by allowing a single public IP address to represent multiple domains. When a content-intelligent Alteon Web Switch receives a client request for the shared IP address, it can extract the requested domain name from the Host Header portion of the HTTP header, concatenate it with the IP address to obtain the unique host identifier, and redirect the request to the appropriate server or server farm. Alteon Web OS Gracefully Scales and Increases Performance of Applications and Services Alteon Web OS allows Alteon Web Switches to perform intelligent load balancing across servers, firewalls, and many other devices, enabling virtually unbounded capacity by transparently directing traffic across the devices. It also ensures high application and service availability through the use of continuous device, application, and content health checking as well as load policing, support for backup and overflow devices, and active-active redundant switch configurations. Applications of Alteon Web OS include: Server Using server load balancing, administrators can configure an Alteon Web Switch to balance user session traffic among a pool of available servers that provide shared services. The switch is aware of the services provided by each server and directs user session traffic to an appropriate server based on a variety of load-balancing algorithms. Alteon Web Switches appear to the network as one or many virtual servers each represented by a Virtual IP (VIP) address or address range. Alteon Web OS supports up to 256 virtual servers per switch and can support up to 256 applications on a single VIP. Real servers can be associated with any number of virtual servers for maximum flexibility. Firewall Firewall load balancing allows for the distribution of traffic among multiple (up to 256), fully active firewalls to improve performance with no changes to firewall software. Health checks are performed on the entire data path through the load balanced firewalls to increase resiliency and availability. IDS Server An Intrusion Detection System (IDS) is an important component of network security. Alteon Web OS solves the inherent limitations of IDS, which include lack of scalability and throughput, by balancing load and ensuring server availability via health checking. This application allows multiple IDS servers to operate in parallel and ensures that all session entries are maintained so that all frames of a given session are forwarded to the same IDS server. Streaming Media (RTSP) The use of streaming audio and video is growing among enterprises for applications such as elearning and corporate communications. Real Time Streaming Protocol (RTSP) streaming is higher performance, more secure, and easier to manage than HTTP streaming implementations. Alteon Web OS enables companies to optimize streaming media resources by intelligently and transparently switching requests to RTSP media servers or caches. Alteon WebOS 10.0 Product Brief 3

4 Figure 2: Real Time Streaming Protocol (RTSP). Wireless Internet (WAP) The Wireless Application Protocol (WAP) is an important enabler of the Wireless Internet. Alteon Web OS enables Alteon Web Switches to load balance WAP traffic among multiple parallel WAP gateways and content servers, distributing sessions based on mobile user and device requirements including subscriber ID, phone number, and device type. For the highest performance, Alteon Web OS supports persistence, directing mobile users to the same optimized WAP gateway and server. These capabilities allow wireless service providers to maintain high availability, improve scalability of wireless applications, and enable reliable transaction-based services to mobile subscribers. Global Server Alteon Web OS allows content to be distributed globally in up to 64 sites and directs requests for that content to the best site based on server health, proximity to the client, and response times. Alteon Web OS provides each Alteon Web Switch with a global view of the health and performance of other sites, so that requests for content are sent to the optimal site in the event of a failure in one site. For more sophisticated and comprehensive global server load balancing, the Alteon Content Director delivers user-aware request-to-content routing based on Layer 3 7 information and true user proximity. Figure 3: Wireless Application Protocol (WAP). 4 Alteon WebOS 10.0 Product Brief

5 Web Cache Redirection Alteon Web OS allows Alteon Web Switches to transparently redirect appropriate traffic to Web caches to reduce response times and bandwidth consumption without placing caches directly in the data path. By parsing the URL and HTTP commands in each request, Alteon Web Switches optimize cache deployment by redirecting only HTTP GET requests for cacheable objects and forwarding other requests for non-cacheable content to the origin servers. Figure 4: High-Performance Security Firewall, IDS, SSL, and Server. Other Applications Alteon Web OS is specifically designed for many additional applications including intelligent load balancing of virtual private network (VPN) devices, Wide Area Network (WAN) links, LDAP servers, and DNS servers. This improves performance, allows easy scalability, and maximizes efficiency in the deployment of these services and applications. Alteon Web OS Ensures High- Performance Security Alteon Web OS enables load balancing of firewalls, VPN switches, and IDS servers to scale security implementations and significantly increase overall performance. Alteon Web OS also allows Alteon Web Switches to offload SSL traffic to acceleration devices such as the Nortel Networks Alteon SSL Accelerator, which intelligently accelerates secure ecommerce transactions by offloading SSL processing from local servers without imposing delays on other traffic in the same data path. In addition to load balancing and SSL acceleration, Alteon Web OS enables Alteon Web Switches to protect servers and applications against attacks and unwanted intrusion while providing continuous service for legitimate traffic. Alteon Web OS ensures secure switch management through allowable source IP address filtering, authentication and authorization of remote administrators (including RADIUS support), and encryption of management information. Filtering and Network Address Translation Alteon Web OS includes extensive filtering capabilities at the IP and TCP/UDP levels. Filters can be configured to allow or deny traffic according to various IP address, protocol, and Layer 4 port criteria. While not a substitute for a firewall in most cases, filtering provides added protection against unwanted traffic. Alteon Web OS also increases network security by protecting access to internal servers via network address translation (NAT). NAT allows secure implementation of private IP addresses by hiding these addresses from external sources. Preventing Denial of Service Alteon Web Switches can thwart Denial of Service (DoS) attacks or TCP SYN attacks without blocking valid session requests. Through delayed binding Alteon Web OS intercepts client SYN requests before they reach the server. The Web Switch then responds to the client with a SYN ACK that contains embedded client information and does not allocate a session until a valid SYN ACK is received from the client or the three-way handshake is complete. By temporarily terminating each TCP connection until content has been received, Alteon Web Switches prevent the server from being inundated with SYN requests. Half-open sessions are a result of an incomplete three-way handshake between the server and client. To detect SYN attacks, Alteon Web OS enables tracking of the number of new half-open sessions over a set period of time. If the value exceeds a specified threshold, then the Alteon Web Switch triggers a trap to notify the administrator. Alteon WebOS 10.0 Product Brief 5

6 Protecting Against Application Abuse Alteon Web OS 10.0 provides protection from application abuse by allowing administrators to limit the rate of new TCP connections on a per-client basis. This can be used to limit users to a particular connection rate and to limit the number of sessions for users accessing a specific domain or application within the domain. Benefits of this feature include increased application availability and increased control of user access to applications. In addition, Alteon Web OS 10.0 allows network administrators to create filters and assign URLs to those filters to deny traffic with potential offending string patterns. This feature is particularly useful for adding protection against viruses such as CODE RED and Nimda and in preventing access to disallowed Web content. Multi-Level Resiliency Ensures Application Availability Alteon Web OS enables Alteon Web Switches to provide non-stop access to content in the event of network, switch, server, application, or entire-site failures. Alteon Web Switches inherently support full-meshed topologies, eliminating all system-wide single points of failure. The switches support high-availability network topologies through an enhanced Figure 5: Protection From Application Abuse. implementation of the Virtual Router Redundancy Protocol (VRRP). The Alteon Web OS implementation of VRRP includes extensions to accommodate Layer 4 though Layer 7 Web switching features and supports three modes of high availability: Active-Standby, Active-Active, and Hot-Standby. Active-Standby and Active-Active modes can be used to improve availability, resource scalability, and performance while minimizing user impact when failures occur. Bandwidth Management Enables SLAs and Usage- Based Services Alteon Web OS provides network and system administrators with granular control of bandwidth into and out of servers. In addition, it provides traffic control via IP Type of Service (ToS) tagging, which allows upstream routers and switches to transport specific traffic at the appropriate service levels. These features allow enterprises, service providers, and Web hosting providers to offer differentiated services based on specific application/transaction types or service level agreements (SLAs). Administrators can allocate and meter bandwidth based on any filtering rule, URLs, and HTTP cookies and headers. Classification policies can be configured to allow specific bandwidth limitations and different classes of service based on the unique attributes of the user. With Bandwidth Management enabled, Alteon Web OS can meter, control, and account for resource utilization by any Layer 2-7 attribute including client, server farm, service, application, user class, and content type. 6 Alteon WebOS 10.0 Product Brief

7 Features TCP, UDP, and IP server load balancing support, including HTTP (persistent and non-persistent), FTP and passive FTP, SSL, SMTP, LDAP, DNS, Radius, RTSP, WAP, Telnet, and NNTP Advanced load balancing support Global server load balancing to distributed servers based on health, user proximity, server weights, and response times Advanced server security features with multi-layer access control to prevent attacks and protect applications Full network address translation Gigabit-class bandwidth management High-performance content intelligent switching using HTTP headers, URLs, and cookies allows infrastructure optimization and differentiated services Persistent connections using source IP addresses, HTTP cookies, Wireless Subscriber ID (MSISDN), SSL ID, or any configured headers Application redirection for any traffic type VLAN filtering support allows differentiated services across multiple customers, groups, or departments on same Web Switch User-scriptable server health checks to enable content verification Active-active and hot-standby failover for high availability, with in-band keep-alives and configuration updates Support for up to 16 spanning tree instances or groups Open Shortest Path First (OSPF) support Up to 1,024 real servers supported per Alteon Web Switch Up to 1,024 packet filtering rules per port Ordering Information Standard Alteon Web OS ships as an integral part of every Alteon Web Switch, providing all functionality except for Global Server and Bandwidth Management Global Server for 180e, 184, AD3, AD4, and Web Switch Module EB Bandwidth Management for 180e, 184, AD3, AD4, and Web Switch Module EB (Note: Bandwidth Management is not supported on 180e and AD3 beginning in Web OS 10.0) Alteon WebOS 10.0 Product Brief 7

8 For more information, contact your Nortel Networks representative or call NORTEL ( ), or outside of North America. United States Nortel Networks 35 Davis Drive Research Triangle Park, NC ASK Canada Nortel Networks 8200 Dixie Road, Suite 100 Brampton, Ontario L6T 5P6 Canada Asia Pacific Nortel Networks 151 Lorong chuan #03-01 New Tech Park Singapore, Europe, Middle East, and Africa Nortel Networks plc Maidenhead Office Park Westacott Way Maidenhead Berkshire SL6 3QH United Kingdom +44 (0) Australia Nortel Networks Australia Pty Limited 380 St. Kilda Road 5th/6th Floor Melbourne, Victoria Australia Copyright 2002 Nortel Networks. All Rights Reserved. *Nortel Networks, the Nortel Networks logo, the Globemark, Alteon, EtherChannel, Optivity, and WebIC are trademarks of Nortel Networks. All other trademarks are the property of their respective owners. Information in this document is subject to change without notice. Nortel Networks assumes no responsibility for any errors or omissions that may appear in this document /03-02

Alteon Application Switch Family Optimizing networks for business application performance

Alteon Application Switch Family Optimizing networks for business application performance Product Brief Alteon Application Switch Family Optimizing networks for business application performance Alteon 2208 Alteon 2216 Alteon* Application Switches help put an end to the brute force approach

More information

Secure and Optimize Application Delivery, Performance, and Reliability

Secure and Optimize Application Delivery, Performance, and Reliability Secure and Optimize Application Delivery, Performance, and Reliability Alteon Application Switch The Alteon Application Switch is a multi-application switching system designed to allow enterprises to prepare

More information

optimize Alteon Application Switch Family Product Brief secure and application delivery, performance, and reliability

optimize Alteon Application Switch Family Product Brief secure and application delivery, performance, and reliability optimize secure and application delivery, performance, and reliability Product Brief Alteon Application Switch Family Alteon Application Switch 2208 Alteon Application Switch 2216 Alteon Application Switch

More information

Content Switching WHITE PAPER

Content Switching WHITE PAPER Page 01 of 10 Content Switching WHITE PAPER Author: Vishwanathan Subramaniam, Senior Consultant, Network Systems Group, Wipro Infotech Traditionally, redirecting Web requests using content or user classification

More information

What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0

What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0 What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0 PB458841 Product Overview The Cisco ACE Application Control Engine Module

More information

AppDirector Load balancing IBM Websphere and AppXcel

AppDirector Load balancing IBM Websphere and AppXcel TESTING & INTEGRATION GROUP SOLUTION GUIDE AppDirector Load balancing IBM Websphere and AppXcel INTRODUCTION...2 RADWARE APPDIRECTOR...3 RADWARE APPXCEL...3 IBM WEBSPHERE...4 SOLUTION DETAILS...4 HOW IT

More information

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers

Layer 4-7 Server Load Balancing. Security, High-Availability and Scalability of Web and Application Servers Layer 4-7 Server Load Balancing Security, High-Availability and Scalability of Web and Application Servers Foundry Overview Mission: World Headquarters San Jose, California Performance, High Availability,

More information

NLoad Balancing Stackable Switch

NLoad Balancing Stackable Switch NLoad Balancing Stackable Switch Now you can implement load balancing when and where you need it to support all your information applications. The, the most recent addition to the Avaya P330 stackable

More information

Server Iron Hands-on Training

Server Iron Hands-on Training Server Iron Hands-on Training Training Session Agenda Server Iron L4 Solutions Server Iron L7 Solutions Server Iron Security Solutions High Availability Server Iron Designs 2 Four Key Reasons for Server

More information

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic TESTING & INTEGRATION GROUP SOLUTION GUIDE Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic Contents INTRODUCTION... 2 RADWARE APPDIRECTOR...

More information

Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide

Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide Contents SOLUTION OVERVIEW... 2 RADWARE APPDIRECTOR OVERVIEW... 2 MICROSOFT WINDOWS TERMINAL SERVICES 2008... 2 SOLUTION

More information

Nortel Networks VPN Gateway 3050 is a flexible security appliance that can be. Optimizing SSL environments to. secure data center applications

Nortel Networks VPN Gateway 3050 is a flexible security appliance that can be. Optimizing SSL environments to. secure data center applications Optimizing SSL environments to secure data center applications Solution Brief for SSL offload and acceleration SSL acceleration features of the Offloads servers of SSL processing Hardware-accelerated public

More information

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing

CLE202 Introduction to ServerIron ADX Application Switching and Load Balancing Introduction to ServerIron ADX Application Switching and Load Balancing Student Guide Revision : Introduction to ServerIron ADX Application Switching and Load Balancing Corporate Headquarters - San

More information

Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router

Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router Product Overview The Cisco Content Switching Module (CSM) is a Catalyst 6500 line card that balances client traffic to farms

More information

Alteon Switched Firewall

Alteon Switched Firewall Alteon Switched SECURED BY Firewall Buyer s Guide A quick-reference aid to selecting the Alteon firewall that best meets a customer s needs When it comes to ensuring the safety of your network, one size

More information

642 523 Securing Networks with PIX and ASA

642 523 Securing Networks with PIX and ASA 642 523 Securing Networks with PIX and ASA Course Number: 642 523 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional and the Cisco Firewall

More information

Preside. Increasing deregulation in the telecommunications

Preside. Increasing deregulation in the telecommunications Portfolio Brief Nortel Networks Preside Solutions for IP Networks and Services Dial Access Management Overcome outsourcing challenges, capture the richness of call details and manage multiple RAS-enabled

More information

Routing Security Server failure detection and recovery Protocol support Redundancy

Routing Security Server failure detection and recovery Protocol support Redundancy Cisco IOS SLB and Exchange Director Server Load Balancing for Cisco Mobile SEF The Cisco IOS SLB and Exchange Director software features provide a rich set of server load balancing (SLB) functions supporting

More information

Voice over IP- Session Initiation Protocol (SIP) Load Balancing in the IBM BladeCenter

Voice over IP- Session Initiation Protocol (SIP) Load Balancing in the IBM BladeCenter Voice over IP- Session Initiation Protocol (SIP) Load Balancing in the IBM BladeCenter Solution Brief Load Balance Voice Over IP SIP traffic in your BladeCenter economically and efficiently with the Layer

More information

White Paper. Application-layer security: Enabling the next generation of security services with application switching

White Paper. Application-layer security: Enabling the next generation of security services with application switching White Paper Application-layer security: Enabling the next generation of security services with application switching Introduction In today s world of increasingly sophisticated cyber attacks, application-layer

More information

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch DATA CENTER Best Practices for High Availability Deployment for the Brocade ADX Switch CONTENTS Contents... 2 Executive Summary... 3 Introduction... 3 Brocade ADX HA Overview... 3 Hot-Standby HA... 4 Active-Standby

More information

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria

More information

Avaya P333R-LB. Load Balancing Stackable Switch. Load Balancing Application Guide

Avaya P333R-LB. Load Balancing Stackable Switch. Load Balancing Application Guide Load Balancing Stackable Switch Load Balancing Application Guide May 2001 Table of Contents: Section 1: Introduction Section 2: Application 1 Server Load Balancing Section 3: Application 2 Firewall Load

More information

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2 Table of Contents 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2 2 Features and Benefits 2-1 Key Features 2-1 Support for the Browser/Server Resource Access Model 2-1 Support for Client/Server

More information

APV9650. Application Delivery Controller

APV9650. Application Delivery Controller APV9650 D a t a S h e e t Application Delivery Controller Array Networks APV Series of Application Delivery Controllers optimizes the availability, user experience, performance, security and scalability

More information

Alteon SSL Accelerator. A remote access gateway for today s extended enterprise

Alteon SSL Accelerator. A remote access gateway for today s extended enterprise Solution Brief Alteon Application Switch Alteon SSL Accelerator Alteon SSL VPN A remote access gateway for today s extended enterprise Alteon SSL VPN features Clientless remote access Application-layer

More information

INTRODUCTION TO FIREWALL SECURITY

INTRODUCTION TO FIREWALL SECURITY INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ

More information

F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11. Description

F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11. Description F5 Configuring BIG-IP Local Traffic Manager (LTM) - V11 Description This four-day course gives networking professionals a functional understanding of the BIG-IP LTM v11 system as it is commonly used, as

More information

Alteon Global Server Load Balancing

Alteon Global Server Load Balancing Alteon Global Server Load Balancing Whitepaper GSLB Operation Overview Major Components Distributed Site Monitoring Distributed Site State Protocol Internet Topology Awareness DNS Authoritative Name Server

More information

Cisco ACE 4710 Application Control Engine

Cisco ACE 4710 Application Control Engine Data Sheet Cisco ACE 4710 Application Control Engine Product Overview The Cisco ACE 4710 Application Control Engine (Figure 1) belongs to the Cisco ACE family of application switches, used to increase

More information

Availability Digest. www.availabilitydigest.com. Redundant Load Balancing for High Availability July 2013

Availability Digest. www.availabilitydigest.com. Redundant Load Balancing for High Availability July 2013 the Availability Digest Redundant Load Balancing for High Availability July 2013 A large data center can comprise hundreds or thousands of servers. These servers must not only be interconnected, but they

More information

Cisco Application Networking Manager Version 2.0

Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment

More information

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002. Load Balancing and Sessions C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002. Scalability multiple servers Availability server fails Manageability Goals do not route to it take servers

More information

Load Balancing for Microsoft Office Communication Server 2007 Release 2

Load Balancing for Microsoft Office Communication Server 2007 Release 2 Load Balancing for Microsoft Office Communication Server 2007 Release 2 A Dell and F5 Networks Technical White Paper End-to-End Solutions Team Dell Product Group Enterprise Dell/F5 Partner Team F5 Networks

More information

Data Sheet. VLD 500 A Series Viaedge Load Director. VLD 500 A Series: VIAEDGE Load Director

Data Sheet. VLD 500 A Series Viaedge Load Director. VLD 500 A Series: VIAEDGE Load Director Data Sheet VLD 500 A Series Viaedge Load Director VLD 500 A Series: VIAEDGE Load Director VLD : VIAEDGE Load Director Key Advantages: Server Load Balancing for TCP/UDP based protocols. Server load balancing

More information

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution White Paper January 2012 Radware GSLB Solution White Paper Page 1 Table of Contents 1. EXECUTIVE SUMMARY... 3 2. GLOBAL

More information

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM NOTE: Foundry s ServerIron load balancing switches have been certified in Microsoft s load balancing LCS 2005 interoperability labs. Microsoft experts executed a variety of tests against Foundry switches.

More information

SECURE, SCALABLE E-COMMERCE WEB SITES

SECURE, SCALABLE E-COMMERCE WEB SITES 51-30-33 DATA COMMUNICATIONS MANAGEMENT SECURE, SCALABLE E-COMMERCE WEB SITES Duane Sharp INSIDE Keeping Web Sites Open for Business; Characteristics of E-Commerce Traffic; Ensuring Transaction Security

More information

Enterprise Data Center Topology

Enterprise Data Center Topology CHAPTER 2 This chapter provides a detailed description on how to harden and modify enterprise data center topologies for data center security. It includes the following sections: Overview Network Design

More information

VERITAS Cluster Server Traffic Director Option. Product Overview

VERITAS Cluster Server Traffic Director Option. Product Overview VERITAS Cluster Server Traffic Director Option Product Overview V E R I T A S W H I T E P A P E R Table of Contents Traffic Director Option for VERITAS Cluster Server Overview.............................................1

More information

SVN5800 Secure Access Gateway

SVN5800 Secure Access Gateway The development of networks allows enterprises to provide remote access to branch offices, partners, customers, mobile employees, and home offices so that they can access application and data resources,

More information

Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family

Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family White Paper June, 2008 Legal INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL

More information

ENQUIRY NO.NIE/PS/2014-15 DATE: 02/09/2014

ENQUIRY NO.NIE/PS/2014-15 DATE: 02/09/2014 NATIONAL INSTITUTE OF EPIDEMIOLOGY (INDIAN COUNCIL OF MEDICAL RESEARCH) (AN AUTONOMOUS UNIT UNDER GOVT. OF INDIA MINISTRY OF HEALTH & FAMILY WELFARE) T.N.H.B., AYAPAKKAM, (AMBATTUR), CHENNAI - 600 077

More information

Basic & Advanced Administration for Citrix NetScaler 9.2

Basic & Advanced Administration for Citrix NetScaler 9.2 Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios

More information

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications Single Pass Load Balancing with Session Persistence in IPv6 Network C. J. (Charlie) Liu Network Operations Charter Communications Load Balancer Today o Load balancing is still in use today. It is now considered

More information

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3 WAN Optimization, Web Cache, Explicit Proxy, and WCCP FortiOS Handbook v3 for FortiOS 4.0 MR3 FortiOS Handbook WAN Optimization, Web Cache, Explicit Proxy, and WCCP v3 13 January 2012 01-433-96996-20120113

More information

Oracle Collaboration Suite

Oracle Collaboration Suite Oracle Collaboration Suite Firewall and Load Balancer Architecture Release 2 (9.0.4) Part No. B15609-01 November 2004 This document discusses the use of firewall and load balancer components with Oracle

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

Building a Systems Infrastructure to Support e- Business

Building a Systems Infrastructure to Support e- Business Building a Systems Infrastructure to Support e- Business NO WARRANTIES OF ANY NATURE ARE EXTENDED BY THE DOCUMENT. Any product and related material disclosed herein are only furnished pursuant and subject

More information

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap

Outline VLAN. Inter-VLAN communication. Layer-3 Switches. Spanning Tree Protocol Recap Outline Network Virtualization and Data Center Networks 263-3825-00 DC Virtualization Basics Part 2 Qin Yin Fall Semester 2013 More words about VLAN Virtual Routing and Forwarding (VRF) The use of load

More information

Radware AppDirector and Juniper Networks Secure Access SSL VPN Solution Implementation Guide

Radware AppDirector and Juniper Networks Secure Access SSL VPN Solution Implementation Guide Implementation Guide Radware AppDirector and Juniper Networks Secure Access SSL VPN Solution Implementation Guide Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408.745.2000

More information

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding This chapter describes the configuration for the SSL VPN Tunnel Client and for Port Forwarding. When a remote user accesses the SSL VPN

More information

Multi-layer switch hardware commutation across various layers. Mario Baldi. Politecnico di Torino. http://staff.polito.it/mario.

Multi-layer switch hardware commutation across various layers. Mario Baldi. Politecnico di Torino. http://staff.polito.it/mario. Multi-layer switch hardware commutation across various layers Mario Baldi Politecnico di Torino http://staff.polito.it/mario.baldi Based on chapter 10 of: M. Baldi, P. Nicoletti, Switched LAN, McGraw-Hill,

More information

AV@ANZA Formación en Tecnologías Avanzadas

AV@ANZA Formación en Tecnologías Avanzadas DESIGNING CISCO DATA CENTER APPLICATION SERVICES (CI-DCASD) Temario This is an instructor-led, lecture/lab course. You will learn how to deploy and configure intelligent network services using the Cisco

More information

Networking and High Availability

Networking and High Availability TECHNICAL BRIEF Networking and High Availability Deployment Note Imperva appliances support a broad array of deployment options, enabling seamless integration into any data center environment. can be configured

More information

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall Government of Canada Managed Security Service (GCMSS) Date: July 12, 2012 TABLE OF CONTENTS 1 FIREWALL... 1 1.1 SECURITY...1 1.2 STANDARDS...1 1.3 FAILOVER...2 1.4 PERFORMANCE...3 1.5 REPORTING...3 1.6

More information

Stateful Inspection Technology

Stateful Inspection Technology Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions

More information

How Cisco IT Protects Against Distributed Denial of Service Attacks

How Cisco IT Protects Against Distributed Denial of Service Attacks How Cisco IT Protects Against Distributed Denial of Service Attacks Cisco Guard provides added layer of protection for server properties with high business value. Cisco IT Case Study / < Security and VPN

More information

Firewall Firewall August, 2003

Firewall Firewall August, 2003 Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network

More information

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600 APV x600 Series D a t a S h e e t Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600 Array Networks APV Series of Application Delivery Controllers optimizes the

More information

Basic Network Configuration

Basic Network Configuration Basic Network Configuration 2 Table of Contents Basic Network Configuration... 25 LAN (local area network) vs WAN (wide area network)... 25 Local Area Network... 25 Wide Area Network... 26 Accessing the

More information

Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide

Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide January, 2009 North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel:

More information

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls

More information

Enterprise Edge Communications Manager. Data Capabilities

Enterprise Edge Communications Manager. Data Capabilities Enterprise Edge Communications Manager Data Capabilities Data Module Objectives After the completion of this module you will be able to describe the following Data components of the Enterprise Edge Communications

More information

Proxies. Chapter 4. Network & Security Gildas Avoine

Proxies. Chapter 4. Network & Security Gildas Avoine Proxies Chapter 4 Network & Security Gildas Avoine SUMMARY OF CHAPTER 4 Generalities Forward Proxies Reverse Proxies Open Proxies Conclusion GENERALITIES Generalities Forward Proxies Reverse Proxies Open

More information

A Standard Modest WebSite

A Standard Modest WebSite A Standard Modest WebSite 3-tier application using Servlets and JDBC HTTP Servlet JDBC JSP...... Servlet DBMS Clients Application Server Roadmap Want to grow to robust enterprise-scale systems: replicated

More information

Deployment Guide Microsoft IIS 7.0

Deployment Guide Microsoft IIS 7.0 Deployment Guide Microsoft IIS 7.0 DG_IIS_022012.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 3 Deployment Guide Prerequisites... 4 4 Accessing the AX Series Load Balancer...

More information

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway TESTING & INTEGRATION GROUP SOLUTION GUIDE Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway INTRODUCTION...2 RADWARE SECUREFLOW... 3

More information

Why an Intelligent WAN Solution is Essential for Mission Critical Networks

Why an Intelligent WAN Solution is Essential for Mission Critical Networks Why an Intelligent WAN Solution is Essential for Mission Critical Networks White Paper Series WP100135 Charles Tucker Director of Marketing June 1, 2006 Abstract: Reliable Internet connectivity is now

More information

Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6?

Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6? Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6? - and many other vital questions to ask your firewall vendor Zlata Trhulj Agilent Technologies zlata_trhulj@agilent.com

More information

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to

More information

Multi-Homing Security Gateway

Multi-Homing Security Gateway Multi-Homing Security Gateway MH-5000 Quick Installation Guide 1 Before You Begin It s best to use a computer with an Ethernet adapter for configuring the MH-5000. The default IP address for the MH-5000

More information

ServerIron TrafficWorks Firewall Load Balancing Guide

ServerIron TrafficWorks Firewall Load Balancing Guide ServerIron TrafficWorks Firewall Load Balancing Guide ServerIron 4G Series ServerIronGT C Series ServerIronGT E Series ServerIron 350 & 350-PLUS ServerIron 350 & 350-PLUS ServerIron 450 & 450-PLUS Release

More information

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack Network Security Total solution for your network security With the growth of the Internet, malicious attacks are happening every minute, and intruders are trying to access your network, using expensive

More information

Features Document. Alteon Application Switch AlteonOS 29. www.radware.com

Features Document. Alteon Application Switch AlteonOS 29. www.radware.com Features Document Alteon Application Switch AlteonOS 29 www.radware.com Date: May 1, 2013 Page - 2 OVERVIEW... 4 ALTEON ADC CAPABILITIES... 4 System... 4... 4 Management... 5 Notifications... 5 Logging...

More information

Content Delivery Networks

Content Delivery Networks Content Delivery Networks Terena 2000 ftp://ftpeng.cisco.com/sgai/t2000cdn.pdf Silvano Gai Cisco Systems, USA Politecnico di Torino, IT sgai@cisco.com Terena 2000 1 Agenda What are Content Delivery Networks?

More information

CS514: Intermediate Course in Computer Systems

CS514: Intermediate Course in Computer Systems : Intermediate Course in Computer Systems Lecture 7: Sept. 19, 2003 Load Balancing Options Sources Lots of graphics and product description courtesy F5 website (www.f5.com) I believe F5 is market leader

More information

TESTING & INTEGRATION GROUP SOLUTION GUIDE

TESTING & INTEGRATION GROUP SOLUTION GUIDE TESTING & INTEGRATION GROUP SOLUTION GUIDE AppDirecor optimizing the delivery of VMware View 4.5 Contents INTRODUCTION... 2 RADWARE APPDIRECTOR... 2 VMWARE VIEW... 2 RADWARE APPDIRECTOR AND VMWARE VIEW

More information

The Alteon isd SSL Accelerator, V2.0

The Alteon isd SSL Accelerator, V2.0 F E AT U R E S The Alteon isd SSL Accelerator, V2.0 FEATURES Hardware offload for compute-intensive encryption, secure key exchange, and certificate validation A cluster of SSL Accelerators can process

More information

Avaya P330 Load Balancing Manager User Guide

Avaya P330 Load Balancing Manager User Guide Avaya P330 Load Balancing Manager User Guide March 2002 Avaya P330 Load Balancing Manager User Guide Copyright 2002 Avaya Inc. ALL RIGHTS RESERVED The products, specifications, and other technical information

More information

Lucent VPN Firewall Security in 802.11x Wireless Networks

Lucent VPN Firewall Security in 802.11x Wireless Networks Lucent VPN Firewall Security in 802.11x Wireless Networks Corporate Wireless Deployment is Increasing, But Security is a Major Concern The Lucent Security Products can Secure Your Networks This white paper

More information

BorderWare Firewall Server 7.1. Release Notes

BorderWare Firewall Server 7.1. Release Notes BorderWare Firewall Server 7.1 Release Notes BorderWare Technologies is pleased to announce the release of version 7.1 of the BorderWare Firewall Server. This release includes following new features and

More information

WHITE PAPER. Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager

WHITE PAPER. Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager WHITE PAPER Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager ALREADY USING AMAZON ELASTIC LOAD BALANCER? As an abstracted service, Amazon ELB

More information

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways Deployment Guide rev. 1.4.9 Copyright 2015 Loadbalancer.org, Inc. 1 Table of Contents About this Guide... 3 Appliances

More information

Top-Down Network Design

Top-Down Network Design Top-Down Network Design Chapter Five Designing a Network Topology Copyright 2010 Cisco Press & Priscilla Oppenheimer Topology A map of an internetwork that indicates network segments, interconnection points,

More information

Configuring Stickiness

Configuring Stickiness CHAPTER5 This chapter describes how to configure stickiness (sometimes referred to as session persistence) on an ACE module. It contains the following major sections: Stickiness Overview Configuration

More information

Load Balancing Bloxx Web Filter. Deployment Guide

Load Balancing Bloxx Web Filter. Deployment Guide Load Balancing Bloxx Web Filter Deployment Guide rev. 1.1.8 Copyright 2002 2016 Loadbalancer.org, Inc. 1 Table of Contents About this Guide...4 Loadbalancer.org Appliances Supported...4 Loadbalancer.org

More information

DPtech ADX Application Delivery Platform Series

DPtech ADX Application Delivery Platform Series Data Sheet DPtech ADX Series DPtech ADX Application Delivery Platform Series Overview IT requirements for service capability can be summarized as "acceleration", "security" and "reliability". The contradiction

More information

Clavister SSP Security Service Platform firewall VPN termination intrusion prevention anti-virus content filtering traffic shaping authentication

Clavister SSP Security Service Platform firewall VPN termination intrusion prevention anti-virus content filtering traffic shaping authentication Feature Brief Policy-Based Server Load Balancing March 2007 Clavister SSP Security Service Platform firewall VPN termination intrusion prevention anti-virus content filtering traffic shaping authentication

More information

Improving Network Efficiency for SMB Through Intelligent Load Balancing

Improving Network Efficiency for SMB Through Intelligent Load Balancing Improving Network Efficiency for SMB Through Intelligent Load Balancing White Paper Series WP100134 Mike Mo, VP of Engineering January 2005 Abstract: As reliable Internet connectivity becomes a daily business

More information

Networking and High Availability

Networking and High Availability yeah SecureSphere Deployment Note Networking and High Availability Imperva SecureSphere appliances support a broad array of deployment options, enabling seamless integration into any data center environment.

More information

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts

More information

Using Ranch Networks for Internal LAN Security

Using Ranch Networks for Internal LAN Security Using Ranch Networks for Internal LAN Security The Need for Internal LAN Security Many companies have secured the perimeter of their network with Firewall and VPN devices. However many studies have shown

More information

Understanding Slow Start

Understanding Slow Start Chapter 1 Load Balancing 57 Understanding Slow Start When you configure a NetScaler to use a metric-based LB method such as Least Connections, Least Response Time, Least Bandwidth, Least Packets, or Custom

More information

2. Are explicit proxy connections also affected by the ARM config?

2. Are explicit proxy connections also affected by the ARM config? Achieving rapid success with WCCP and Web Security Gateway October 2011 Webinar Q/A 1. What if you are already using WCCP for Cisco waas on the same routers that you need to use WCCP for websense? Using

More information

Configuring Citrix NetScaler for IBM WebSphere Application Services

Configuring Citrix NetScaler for IBM WebSphere Application Services White Paper Configuring Citrix NetScaler for IBM WebSphere Application Services A deployment guide for configuring NetScaler load balancing and content switching When deploying IBM WebSphere Application

More information

Content Networking Fundamentals

Content Networking Fundamentals Content Networking Fundamentals Silvano Da Ros Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA X Contents Introduction Part I Overview of Content Networking 3 Chapter 1 Introducing Content

More information