Repl-ACE Cisco ACE with Stingray



Similar documents
Understanding Flow and Packet Deduplication

Granite Solution Guide

Stingray Traffic Manager Sizing Guide

VMware Horizon Mirage Load Balancing

Deploying Microsoft SharePoint Services with Stingray Traffic Manager DEPLOYMENT GUIDE

Using Steelhead Appliances and Stingray Aptimizer to Accelerate Microsoft SharePoint WHITE PAPER

SDC The Service Delivery Controller FACT SHEET

Optimizing NetApp SnapMirror

Riverbed WAN Acceleration for EMC Isilon Sync IQ Replication

Riverbed Stingray Traffic Manager VA Performance on vsphere 4 WHITE PAPER

Microsoft Exchange 2010 /Outlook 2010 Performance with Riverbed WAN Optimization

Bill Ting, Product Marketing Riverbed Technology

Optimizing Microsoft Exchange Traffic over the WAN TECH BRIEF

Using SteelApp Traffic Manager with SteelCentral Web Analyzer

Virtual Cascade Shark

RIVERBED STEELCENTRAL NETPLANNER

Accelerating the Next Phase of Virtualization. Desktop virtualization and WAN optimization

RIVERBED STEELCENTRAL NETMAPPER

FAQ RIVERBED WHITEWATER FREQUENTLY ASKED QUESTIONS

McAfee Vulnerability Manager on RSP

Optimization of Citrix ICA with Steelhead Appliances and RiOS 6.0 WHITE PAPER

How To Create A Qos

Accelerating the Next Phase of Virtualization

WHITE PAPER. Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Data Sheet. VLD 500 A Series Viaedge Load Director. VLD 500 A Series: VIAEDGE Load Director

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

Brocade Virtual Traffic Manager

Federal Data Center Consolidation Playbook

Cisco ACE 4710 Application Control Engine

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Zeus Extensible Traffic Manager in Virtualized Hosting Environments.

Stingray Traffic Manager Solution Guide

How To Configure The Stingray Traffic Manager For Windows 2010 (For Windows) With A Webmail (For A Windows 2010 Client Access) And A Windows 2.5 (For An Outlook) (For Outlook) And An

APV9650. Application Delivery Controller

Riverbed SteelFusion Appliance: Snapshot Handoff Host with Pure Storage

How To Use The Cisco Ace Module For A Load Balancing System

Cisco Application Networking Manager Version 2.0

Riverbed OPNET AppInternals Xpert PRODUCT BRIEF

Cisco Application Networking for IBM WebSphere

Basic & Advanced Administration for Citrix NetScaler 9.2

Implementing the Application Control Engine Service Module

Availability Digest. Redundant Load Balancing for High Availability July 2013

DATA SHEET. Riverbed Cascade Shark Family

Brocade Virtual Traffic Manager and Microsoft IIS Deployment Guide

Cisco Application Networking for BEA WebLogic

Formación en Tecnologías Avanzadas

NetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway

Brocade Virtual Traffic Manager and Microsoft SharePoint 2010 Deployment Guide

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

CNS-208 Citrix NetScaler 10 Essentials for ACE Migration

Brocade Virtual Traffic Manager and Oracle Application Server 10G Deployment Guide

Configuring Citrix NetScaler for IBM WebSphere Application Services

What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0

Routing Security Server failure detection and recovery Protocol support Redundancy

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

Brocade Virtual Traffic Manager and Microsoft Outlook Web Access Deployment Guide

Successfully Deploying Globalized Applications Requires Application Delivery Controllers

Cisco ACE Application Control Engine: ACEBC Catalyst 6500 and 4710 Applicance Boot Camp

Evaluating the ROI of Riverbed Steelhead Products

Brocade Virtual Traffic Manager and Microsoft Skype for Business 2015 Deployment Guide

Content Switching Module for the Catalyst 6500 and Cisco 7600 Internet Router

Brocade Virtual Traffic Manager and Oracle EBS 12.1 Deployment Guide

RIVERBED ON SOFTWARE DEFINED NETWORKING

Market Application Delivery Networking. Products ADC, WAN Optimization, Secure Access

Securing and Optimizing the Next Generation Branch Office

Deployment Guide MobileIron Sentry

Disaster Recovery with the Public Cloud and Whitewater Cloud Storage Gateways

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

TurboCap Installation Guide

WHITE PAPER MICROSOFT LIVE COMMUNICATIONS SERVER 2005 LOAD BALANCING WITH FOUNDRY NETWORKS SERVERIRON PLATFORM

CNS-208 Citrix NetScaler 10.5 Essentials for ACE Migration

AppDirector Load balancing IBM Websphere and AppXcel

Brocade Virtual Traffic Manager

PRODUCT BROCHURE. Riverbed Cascade Product Family

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

Deployment Guide Microsoft IIS 7.0

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Load Balancing Web Proxies Load Balancing Web Filters Load Balancing Web Gateways. Deployment Guide

Smart Network. Smart Business. Application Delivery Solution Brochure

A CIO s Guide to Hybrid Cloud Performance

World Leading Application Delivery Controllers. Peter Draper Technical Director EMEA

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

Cisco Nexus 1000V Switch for Microsoft Hyper-V

SteelFusion with Amazon Web Services Storage Gateway Solution Guide

Transcription:

Repl-ACE Cisco ACE with Stingray

Contents Are you shifting to a virtual data center, private/public/hybrid cloud?... 3 Optimize, secure, and accelerate performance with Stingray products... 3 Stingray Traffic Manager and Cisco ACE functional comparison... 4 Cisco ACE performance figures... 6 Deployment... 6 Cisco ACE... 6 Stingray Traffic Manager... 6 Benefits provided by Stingray (not available with Cisco ACE)... 7 Implementing Cisco ACE features with Stingray products... 9 Features not available in Stingray... 10 Stingray Traffic Manager Features: Examples and Applications... 11 Conclusion... 11 About Riverbed... 12 2012 Riverbed Technology. All rights reserved. 2

Are you shifting to a virtual data center, private/public/hybrid cloud? Recently, Cisco announced that they are deprioritizing Cisco ACE often a prelude to eliminating development on a product line. As a result, many customers want to know what the next step is for their application delivery controller (ADC) strategy. For ACE customers who are shifting to virtual data centers, private clouds, public clouds, and even hybrid clouds, they know an ADC that can easily map to these deployment models is needed. Riverbed Stingray is a family of software and virtual ADCs that provide this capability. While not a one-toone feature match for Cisco ACE, Stingray provides the right features, and often times more features compared to ACE. This document provides a high-level feature comparison of Riverbed Stingray Traffic Manager software vs. Cisco ACE. You will get enough information to determine if Stingray is right for your environment. Optimize, secure, and accelerate performance with Stingray products While many developers and operations teams limit their focus to a basic load balancer, Stingray product customers quickly learn that they can get all the benefits of a load balancer and much more with an ADC. Stingray product family includes three core components to optimize, secure, and accelerate performance of online applications: Stingray Traffic Manager software: full-featured software ADC that delivers a faster user experience. It increases server efficiency by up to 3x and boost the throughput of application servers by up to 50 percent, while at the same time reducing response times through dynamic caching, and both local and global load balancing. Stingray Aptimizer: industry-leading web content optimization platform that accelerates web application load times by up to 4x driving more web transactions, productivity, and user satisfaction. Stingray Application Firewall: sophisticated application firewall that delivers deep application security. 2012 Riverbed Technology. All rights reserved. 3

Stingray Traffic Manager and Cisco ACE functional comparison Stingray Traffic Manager Cisco ACE Mode of operation Full Proxy NAT, Full Proxy Basic Load Balancing Basic Session Persistence Basic health monitoring Fault Tolerance Up to 64 that can be clustered 2 modules which support only HA SSL acceleration HTTP optimizations (Keepalives) Only when Layer 7 switching is enabled HTTP Compression SSL offload Content Compression Advanced health monitors Scriptable health monitors Limited to just minimal TCL scripting Content Caching Limited Web Content Optimization with Aptimizer No Rate shaping No Service Level Monitoring No Bandwidth Shaping* Limited to Server Side only Integrated XML processing* No Integrated Web Firewalling* No Embedded Rules Language No Full request inspection / rewriting Limited Full response inspection / rewriting Limited General-purpose rules language (Java) No 2012 Riverbed Technology. All rights reserved. 4

Virtualization Web, CLI and API interfaces GSLB and SLB integration on Single Platform Layer 2-3 ACLs with Service Protection class and IPTables No (limited to virtual context on the hardware device. No Virtual Appliance for VMware, KVM, XEN Devices don't support API Auto Config Sync in HA No Consolidated Historical graphing/reporting Stateful HA No Only for Layer 4 Traffic Full NAT control Bridged, Routed and One Arm Deployment modes Supports One Armed and Routed Deployment Modes Direct Server Return support No Enterprise Manager for Devices Multi-Site Manager included with STM 1000,2000,4000 Transparent services LB support No Radius LB support No MAC Sticky support No Reverse-IP sticky support No RBAC Limited 2012 Riverbed Technology. All rights reserved. 5

Cisco ACE performance figures Use this table for the performance numbers of Cisco ACE, numbers based on the published datasheet: Feature ACE4710 ACE30 Module Throughput 4 Gbps 16 Gbps Compression 2 Gbps 6 Gbps SSL throughput 1 Gbps 6 Gbps SSL TPS 7500 SSL TPS using 1024-bit keys 30,000 SSL TPS using 1024-bit keys Deployment Cisco ACE Available as a service module for Catalyst 6500 switches and 7600 routers and as a standalone ACE 4710 appliance, Cisco ACE can be deployed in bridged, routed or one-armed mode for enterprise customers and service providers, depending on architecture requirements. Stingray Traffic Manager By contrast, Stingray Traffic Manager software operates in full-proxy mode: network deployments can be either one-armed mode or routed mode. However, Stingray Traffic Manager may not be suitable when enterprises are running many transparent services, or for deployments where the network needs to be bridged or routed while load balancing in transparent mode. Your Riverbed Stingray Sales Specialist may be able to advise on specific implementations and deployments. Stingray Traffic Manager software runs without modification on Linux, Solaris operating systems and may be ported with relative ease to other Unix-like platforms. Stingray Traffic Manager ships as a variety of Virtual Appliances for VMware, Xen, Oracle, and Microsoft 1 hypervisors, or may simply be run as software. 1 Microsoft HyperV support in beta 2012 Riverbed Technology. All rights reserved. 6

Benefits provided by Stingray (not available with Cisco ACE) TrafficScript Rules Language: o Unlimited content inspection depth for all TCP/UDP protocols, including high-level protocolspecific functions for XML/XPath, HTTP, SIP, and RTSP o Analyze and rewrite entire client requests and server responses o Base traffic management decisions on any part of the request and response content o Create location-sensitive traffic management policies o Forward proxy mode allows inspection, manipulation, and routing of outbound traffic to arbitrary destinations Java Extensions: o Full traffic control / manipulation using Java Extensions written to Servlet specification o High-performance integration with the Stingray traffic management kernel o Allows for use of any Java class libraries, e.g. database access, XML processing, document watermarking Advanced Health Monitoring: o Predefined and customizable active application health monitors; supports custom monitors in any executable format o Powerful, customizable actions (including SNMP, email, SYSLOG, SOAP, and custom executable) in the event of a node failure or other event o Monitor the health and status of traffic managers, servers, and application dependencies Advanced Session Persistence: o Application-specific session persistence methods: JSESSIONID and ASP/ASP.NET o Persistence based on any parameter or value in the request o Automatic session detection dynamically sets up cluster-aware persistence o Resilient session replication across a TrafficCluster Connection control: o Connection draining removes nodes from server pools non-disruptively Bandwidth Shaping: o Active, real-time bandwidth management, applied per service, per connection group or per individual connection o Apply bandwidth classes intelligently using TrafficScript o Bandwidth usage information coordinated across a cluster of Stingray Traffic Managers 2012 Riverbed Technology. All rights reserved. 7

Request Rate Shaping: o Define maximum limits on events, e.g. requests of particular type, globally or per user o Protect application infrastructure from being overwhelmed with requests o Enforce differentiated levels of service per user or per class of users o Prevent individual malicious or greedy clients from impacting shared services Service Level Monitoring: o Set service level performance thresholds on a per-service/per-url/per-customer basis o Alerting/logging/ remedial actions if performance falls outside of service level limits o Differentiated traffic management policies based on service performance Web Content Optimization(Aptimizer): o Improve web performance for high traffic public-facing web pages, corporate websites, e- commerce sites, business productivity tools, and custom applications by using File Merging capabilities (Merge javascript, style sheets, image spriting, background image in-lining) o Reduce bandwidth and data-traffic costs ( dynamic gzip/deflate) o Reduce costs of alternative approaches by offloading developers from having to do optimizations manually ( dynamic page caching, auto URL versioning, dynamic page layout) o Support for mobile browsers on Android, ios, Blackberry, and Windows Mobile Web Application Firewall: o Full web application firewall providing security to PCI DSS standards o Simultaneous protection (active) and detection (passive) modes o Wizards for easy configuration; expert mode for fine-tuning of policies and rule sets Stingray Traffic Manager software provides XML processing capabilities in TrafficScript: o Use of XPath for parsing XML documents to extract specific data from the XML document, which can then be used to make routing decisions on the traffic. o Validation of an XML document against a DTD or XML schema. o Perform XSLT transformations on XML document and content. 2012 Riverbed Technology. All rights reserved. 8

Implementing Cisco ACE features with Stingray products Using a combination of features available from Stingray products these Cisco ACE capabilities can be implemented. IP/protocol-based ACLs (access control lists) ACLs (Access Control Lists) are used in the ACE product to filter (allow/deny) traffic based on layer 2 (EtherType) or Layer 3/4 (Extended) packet information. ACLs are less useful when load-balancing in Full Proxy mode (either with ACE or with Stingray Traffic Manager). This is because full proxy mode is typically configured in a deny all mode (all incoming traffic is ignored), then a proxy is explicitly configured for a particular IP/port/protocol combination. Where this functionality is required in a Stingray Traffic Manager software environment, it is achieved: a) using Service Protection Policy b) using iptables/netfilter or similar capability in the underlying OS NAT methods ACE supports several NAT methods: interface-based dynamic NAT, interface-based dynamic PAT, server farm-based dynamic NAT, static NAT, static port redirection. These methods are necessary to tune how NAT-based load balancing methods function. Full-proxy load balancing does not require NAT support by virtue of its mode of operation. Where required, Stingray Traffic Manager software supports two additional NAT capabilities: IP Transparency: Stingray Traffic Manager software can spoof the source IP address when connecting to a server, making server-side connection appear to originate from the client. This is a useful capability when the server performs logging or access control based on the client source IP address; Interface NAT: Stingray Traffic Manager Virtual Appliance can be configured to route traffic between networks and apply SNAT on nominated interfaces. This is a useful capability when back-end servers on private networks need to route to an external, public network. Other NAT capabilities may be achieved by configuration of the underlying OS that the Stingray Traffic Manager software runs on, but this is rarely necessary in practice. 2012 Riverbed Technology. All rights reserved. 9

Virtual contexts Cisco ACE has the capability to fully virtualize load-balancing services within an ACE Service Module or Appliance (up to 250 virtual contexts in a service module, up to 20 contexts in an appliance). In addition, role-based access control can be configured separately within each virtualized context. Stingray Traffic Manager software can be virtualized in a similar manner using a hypervisor such as VMware, at minimal performance impact compared to running the software natively. This delivers virtualization, sandboxing, resource control, and RBAC. Stingray Traffic Manager software supports additional RBAC. Users are authorized against either an internal database or an external LDAP/TACACS+/RADUIS database and given permissions that define the actions (none/read/write) the user can perform to a high degree of granularity. Features not available in Stingray Radius Load Balancing Cisco ACE has a set of load balancing capabilities to support Radius protocol, which includes Radius AV pair based persistence. This feature is very critical in Mobile SP deployments where AAA traffic to WAP gateways and billing sub-systems needs to load balanced and persisted. Stingray Traffic Manager software currently does not support Radius Load balancing and advance persistence of Radius traffic based on Radius AV pair. Asymmetric Server Normalization (a.k.a Direct Server Return) Cisco ACE supports Direct Server Return/Asymmetric Server Normalization modes. This feature is used predominantly when large data needs to be transferred to clients without the Cisco ACE device being the bottleneck for throughput. Stingray Traffic Manager software does not support Direct Server Return mode, but your Riverbed Stingray Sales Specialist may be able to advise on specific implementations and deployments. 2012 Riverbed Technology. All rights reserved. 10

Stingray Traffic Manager Features: Examples and Applications Stingray Traffic Manager software s advanced traffic management features, customized by TrafficScript and Java Extensions allow an application developer or administrator to construct complex traffic management policies that address deficiencies in the application or add further capabilities to the application. Examples and applications include: Content Modification: rewrite errors in responses, add dynamic information (page load times, meta tags, geographic information), enable additional functionality (Google Analytics and other tracking applications), embed information from other data sources (e.g. RSS feeds), watermark content (images, PDF documents), and switch users to low-bandwidth versions of a service. Rate Shaping: mitigate the impact of web spiders, apply rate limits dynamically when services slow down and apply rate limits to users who visit from high-traffic referral sites. Fixing Application Problems: mask and work around errors such as 404 Not Found / 503 Too Busy, send custom error pages, or offload an entire web site onto the traffic manager. Address Security Problems: recent attacks addressed at Bind and IIS, filter out bad requests, authenticate users, rate-shape denial of service attacks, prevent over-usage of usernames and passwords and filter out undesired content in responses (e.g. social security numbers). Control of Traffic Management functionality: fine-grained and adaptive control of content caching, selective bandwidth management, detailed session persistence and full control of SNAT (IP address spoofing). Conclusion Moving to Stingray, as reported by Cisco ACE customers, simultaneously helped them deliver a better application experience while cutting costs and simplifying ADC deployment. Stingray fulfills the most important ADC requirements and provides significant advantages around application integration, advanced functionality, and ease of deployment in virtualized environments. Stingray can scale, speedup, secure your application traffic, and help businesses: Accelerate applications and help maximize application performance and capacity to ultimately enhance end-user experience and boost return on infrastructure investment Improve the reliability and availability of applications and help organizations scale and deliver services easily and more cost-effectively Provide tools that help IT control and secure network traffic, and filter and scrub application requests and responses better Help organizations manage their application delivery infrastructure, simplifying application maintenance, upgrades, and migration processes, and enable you to deliver adaptable and agile services faster and more reliably If you would like more information on migrating from ACE to Stingray, contact Riverbed now to find out about our special incentives to help you make the switch. 2012 Riverbed Technology. All rights reserved. 11

About Riverbed Riverbed delivers performance for the globally connected enterprise. With Riverbed, enterprises can successfully and intelligently implement strategic initiatives such as virtualization, consolidation, cloud computing, and disaster recovery without fear of compromising performance. By giving enterprises the platform they need to understand, optimize and consolidate their IT, Riverbed helps enterprises to build a fast, fluid and dynamic IT architecture that aligns with the business needs of the organization. Additional information about Riverbed (NASDAQ: RVBD) is available at www.riverbed.com. 2012 Riverbed Technology. All rights reserved. Riverbed, Cloud Steelhead, Granite, Interceptor, RiOS, Steelhead, Think Fast, Virtual Steelhead, Whitewater, Mazu, Cascade, Cascade Pilot, Shark, AirPcap, SkipWare, TurboCap, WinPcap, Wireshark, and Stingray are trademarks or registered trademarks of Riverbed Technology, Inc. in the United States and other countries. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed Technology. All other trademarks used herein belong to their respective owners. The trademarks and logos displayed herein cannot be used without the prior written consent of Riverbed Technology or their respective owners. Akamai and the Akamai wave logo are registered trademarks of Akamai Technologies, Inc. SureRoute is a service mark of Akamai. Apple and Mac are registered trademarks of Apple, Incorporated in the United States and in other countries. Cisco is a registered trademark of Cisco Systems, Inc. and its affiliates in the United States and in other countries. EMC, Symmetrix, and SRDF are registered trademarks of EMC Corporation and its affiliates in the United States and in other countries. IBM, iseries, and AS/400 are registered trademarks of IBM Corporation and its affiliates in the United States and in other countries. Linux is a trademark of Linus Torvalds in the United States and in other countries. Microsoft, Windows, Vista, Outlook, and Internet Explorer are trademarks or registered trademarks of Microsoft Corporation in the United States and in other countries. Oracle and JInitiator are trademarks or registered trademarks of Oracle Corporation in the United States and in other countries. UNIX is a registered trademark in the United States and in other countries, exclusively licensed through X/Open Company, Ltd. VMware, ESX, ESXi are trademarks or registered trademarks of VMware, Incorporated in the United States and in other countries. Riverbed Technology, Inc. 199 Fremont Street San Francisco, CA 94105 Tel: (415) 247-8800 www.riverbed.com Riverbed Technology Ltd. One Thames Valley Wokingham Road, Level 2 Bracknell. RG42 1NG United Kingdom Tel: +44 1344 31 7100 Riverbed Technology Pte. Ltd. 391A Orchard Road #22-06/10 Ngee Ann City Tower A Singapore 238873 Tel: +65 6508-7400 Riverbed Technology K.K. Shiba-Koen Plaza Building 9F 3-6-9, Shiba, Minato-ku Tokyo, Japan 105-0014 Tel: +81 3 5419 1990 2012 Riverbed Technology. All rights reserved. 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information