Workshop VLAB WMWARE. F5 Networks : Nicolas BERTHIER WestconSecurity : Romain MOREL 11 / 1 / 2010
Size: px
Start display at page:

Download "Workshop VLAB WMWARE. F5 Networks : Nicolas BERTHIER WestconSecurity : Romain MOREL 11 / 1 / 2010"

Transcription

1 Workshop VLAB WMWARE F5 Networks : Nicolas BERTHIER WestconSecurity : Romain MOREL 11 / 1 / 2010

2 2 Agenda 1. Les solutions F5 2. Plateformes matérielles 3. Architecture Virtual LAB 4. Problématiques de la virtualisation

3 3 BIG-IP Local Traffic Manager (LTM) Local Load Balancing Load Balance Traffic Monitor Server Status Internet irules LTM Virtual Edition v10.1

4 What LTM Offers It was just a load balancer, not anymore! It still monitors servers and load balances user requests It compresses web content It caches web content It can clean up client requests before passing them to backend servers It can scrub or re-write server responses It terminates and accelerates SSL connections (client and server side) It accelerates all IP applications (TCPExpress and OneConnect) It can rate shape network traffic It can authenticate users It provides application specific profiles and support for HTTP, FTP, SIP, RTSP, XML, etc It supports dynamic routing (OSPF, RIP, BGP), mirroring and trunking of interfaces It provides DOS and DDOS protection as well as packet filtering With irules you can do almost anything you like with network traffic (more on this later) 4

5 BIG-IP Global Traffic Manager (GTM) Wide Area Load Balancing Resolve DNS Queries to Best Answer Monitor Server Status Example: Resolve =? Internet GTM =? Company Data Centers and Servers

6 BIG-IP Link Controller (LC) 6 Link Load Balancing Outbound Links Internet Inbound Links Load Balance Servers ISP#1 ISP#2

7 BIG-IP Application Security Manager (ASM) 7 Application Firewall Examines HTTP requests & responses Blocks known & unknown Web Attacks Deploys attack signatures Built-in security policy builder Secures web services Scrubs Outgoing Content Internet :80 7

8 BIG-IP Access Policy Manager (APM) 8 Servers Remote Web Servers Mobile BIG-IP APM Applications Local Access Manager Authentication Client Machine Policy Manager Which Resources Auth Servers File Servers Term Servers

9 BIG-IP Acceleration (WAM / WOM) 9 Primary Data Center Remote Data Center Cache closer to client (WAM) TCP Profiles: WAN and LAN (LTM) De-Duplication (WOM) Compression (WOM) Inefficiencies in HTTP protocol (WAM) BIG-IP Edge Gateway includes APM, WAM & WOM

10 10 Enterprise Manager (EM) Centralized Management BIG-IP Device Inventory Software Installs Configuration Backup ASM Policy Synch & Attack Signatures SSL Certificate Monitoring Performance Monitoring Enable/Disable Objects

11 11 F5 Products Big Picture APM Access WAM / WOM Acceleration GTM which DC ASM Appl Security LTM which Server irules Anything EM Management GTM Edge Edge GTM EM LTM ASM LTM ASM

12 12 BIG-IP Hardware Line-up Price BIG-IP 8900 BIG-IP 1600 Dual core CPU 4 10/100/ x 1GB SFP 1x 160GB HD 4 GB memory 5K TPS / 1 Gb Bulk 1 Gbps max software compression 1 Gbps Traffic 1 Basic Product Module BIG-IP 3600 Dual core CPU 8 10/100/ x 1GB SFP 1x 160 GB HD + 8GB CF 4 GB memory 10K TPS / 2 Gb bulk 1 Gbps max software compression 2 Gbps Traffic 1 Advanced Product Module BIG-IP x Dual core CPU 16 10/100/ x 1GB SFP 2x 320 GB HD (S/W RAID) + 8GB CF 8 GB memory 25K TPS / 4 Gb bulk 5 Gbps max hardware compression 6 Gbps Traffic Multiple Product Modules 2 x Quad core CPU 16 10/100/ x 1GB SFP 2x 320 GB HD (S/W RAID) + 8GB CF 16 GB memory 58K TPS / 9.6Gb bulk 6 Gbps max hardware compression 12 Gbps Traffic Multiple Product Modules Function / Performance

13 BIG-IP Hardware Platforms (3U) Series 2X hex core CPUs, 32 G Ram, 10X 10Gig ports, Dual Power 8900 (2U) Series 2X quad core CPUs, 16 G Ram, 16X ports, 2X10Gig, Dual Power 6900 (2U) & 3900 (1U) Series 4 core CPUs, 8G Ram, 8-16 ports 3600 (1U) & 1600 (1U) Series 2 core CPUs, 4G Ram, 4-8 ports Integrated SSL Acceleration LCD panel control interface For current info ->

14 14 BIG-IP VIPRION Viprion Series (7U) Chassis 4X Power Supplies Performance Blade 200 2X quad core CPUs, 16 G Ram, 4X 1Gig and 8X10Gig ports Performance Blade 100 2X dual core CPUs, 8 G Ram, 8X copper and 12X fiber ports

15 Platform Performance 15 BIG-IP 1600 BIG-IP 3600 BIG-IP 6900 BIG-IP 8900 Max. throughput 1 Gbps 2 Gbps 6 Gbps 12 Gbps Layer 4 Connections/sec Layer 7 Requests/sec (inf-inf) 60, , , , , , ,000 1,200,000 Max. conc. conn. 4 Million 4 Million 8 Million 16 Million Max. SSL TPS 5,000 10,000 25,000 58,000 Max. SSL Bulk 1 Gbps 1.5 Gbps 4 Gbps 9.6 Gbps Max. SSL conc. conn. 1 Million 1 Million 2 Million 4 Million Max. compression 1 Gbps 1 Gbps 5 Gbps 9.6 Gbps Switch backplane 14 Gbps 24 Gbps 68 Gbps 112 Gbps

16 16 BIG-IP Product Matrix BIG-IP-Product-Matrix-V8

17 Architecture VLAB 17

18 18 Formations F5 Westcon Academy propose une gamme complète de cours et de certification sécurité conçue pour assurer la montée en compétences de vos équipes sur les solutions Blue Coat. Formations dispensées : F5 Application Security Manager F5 BIG IP Essential F5 BIG IP Advanced Sites de formations : Courbevoie Nantes Toulouse Marseille Lyon Strasbourg

Similar documents
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information