NetScaler carriergrade network



Similar documents
Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide

Deploying NetScaler Gateway in ICA Proxy Mode

Citrix Lifecycle Management

Solutions Guide. Deploying Citrix NetScaler for Global Server Load Balancing of Microsoft Lync citrix.com

Solutions Guide. Deploying Citrix NetScaler with Microsoft Exchange 2013 for GSLB. citrix.com

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing

Taking Windows Mobile on Any Device

Configuring Citrix NetScaler for IBM WebSphere Application Services

icrosoft TMG Replacement with NetScaler

Securing Outlook Web Access (OWA) 2013 with NetScaler AppFirewall

Solution Guide for Citrix NetScaler and Cisco APIC EM

How To Use Netscaler As An Afs Proxy

Using Vasco IDENTIKEY Server with NetScaler

Guide to Deploying Microsoft Exchange 2013 with Citrix NetScaler

The Office Reinvented: Mobile Workspaces are the Future of Work

Deploying NetScaler with Microsoft Exchange 2016

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Trend Micro InterScan Web Security and Citrix NetScaler SDX Platform Overview

Microsoft SharePoint 2013 with Citrix NetScaler

Websense Data Security Gateway and Citrix NetScaler SDX Platform Overview

Run Skype for Business as a Secure Virtual App with a Great User Experience

Optimizing service assurance for XenServer virtual infrastructures with Xangati

Three ways companies are slashing IT costs with VDI

Microsoft TMG Replacement with NetScaler

Citrix desktop virtualization and Microsoft System Center 2012: better together

XenApp and XenDesktop 7.8 AppDisk & AppDNA for AppDisk technology

Secure remote access

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview

Single Sign On for ShareFile with NetScaler. Deployment Guide

Citrix Workspace Cloud Apps and Desktop Service with an on-premises Resource Reference Architecture

The falling cost and rising value of desktop virtualization

How To Get Cloud Services To Work For You

Solution Guide. Optimizing Microsoft SharePoint 2013 with Citrix NetScaler. citrix.com

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Advanced Service Desk Security

White Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com

Carrier Grade NAT. Requirements and Challenges in the Real World. Amir Tabdili Cypress Consulting

NetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway

Top Three Reasons to Deliver Web Apps with App Virtualization

Data Center Consolidation for Federal Government

Deploying XenApp on a Microsoft Azure cloud

Secure SSL, Fast SSL

Ensure VoIP and Skype for Business Call Quality and Reliability with NetScaler SD-WAN

BlueCat Networks Adonis and Proteus on Citrix NetScaler SDX Platform Overview

Modernize your business with Citrix XenApp 7.6

Design and deliver cloudbased apps and data for flexible, on-demand IT

Solution Brief. Deliver Production Grade OpenStack LBaaS with Citrix NetScaler. citrix.com

Desktop virtualization for all

Desktop virtualization for all

Deploying XenApp 7.5 on Microsoft Azure cloud

Desktop virtualization for all - technical overview citrix.com

Provisioning ShareFile on Microsoft Azure Storage

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

Secure remote access

Fullerton India enhances its employee productivity and efficiency with Citrix XenDesktop

Citrix XenServer Industry-leading open source platform for cost-effective cloud, server and desktop virtualization. citrix.com

The Always-on Enterprise: Business Continuity Scenarios that Work

BlueCat IPAM, DNS and DHCP Solutions on Citrix NetScaler SDX Platform Overview

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform Reference Architecture

Solve the application visibility challenge with NetScaler Insight Center

Windows XP Application Migration Checklist

Virtual desktops in hospitals: streamlining clinical workflows

Enabling mobile workstyles with an end-to-end enterprise mobility management solution.

Mobilize with Enterprise-Grade Security and a Great Experience

Powering Real-Time Mobile Access to Critical Information With Citrix ShareFile

The Trainer s Guide to Using Video Streaming, Video Conferencing and On-Demand Video

Securing virtual desktop infrastructure with Citrix NetScaler

The top 5 truths behind what the cloud is not

Securing virtual desktop infrastructure with Citrix NetScaler

White Paper. Optimizing the video experience for XenApp and XenDesktop deployments with CloudBridge. citrix.com

White Paper. Optimizing your Microsoft application and infrastructure investments with Citrix CloudBridge. citrix.com

White Paper. The Value Add of Citrix Enterprise Mobility Management over App Configuration for the Enterprise. citrix.com

Citrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.

Citrix TriScale clustering tech note

Trend Micro Cloud Security for Citrix CloudPlatform

Quality of Experience for Mobile Data Networks citrix.com

Cisco ACI and Citrix NetScaler: Opening the Way to Data Center Agility

Powering real-time mobile access to critical information with ShareFile

Mobility and cloud transform access and delivery of apps, desktops and data

Citrix Solutions. Overview

5 Reasons Why GoToAssist Remote Support and Service Desk Go Better Together

Safeguard Protected Health Information With Citrix ShareFile

Citrix Support and Maintenance Services

White Paper. Deployment Practices and Guidelines for NetScaler 10.5 on Amazon Web Services. citrix.com

GoToMyPC Corporate Security FAQs

Transcription:

White Paper NetScaler carriergrade network address translation Preserve IPv4 network investments, consolidate application delivery control in one platform and lower capex and opex

Protect your investment in IPv4 infrastructure with carrier-grade network address translation (CGNAT). NetScaler combines industry-leading application delivery with high-performance and application-transparent CGNAT, enabling telecommunications service providers to extend the life of their IPv4 networks, scale S/Gi-LANs to support rapidly growing subscriber traffic and consolidate application delivery control all in a single, cost-effective platform. Benefits of choosing NetScaler for CGNAT Continue to offer IPv4-based services and applications, and support IPv4 subscribers with seamless transparency and high performance Simplify operations and reduce costs by combining CGNAT and load balancing in a single and proven ADC Scale cost-effectively to accommodate relentless growth with the ability to handle up to 256 million sessions in a 2 RU platform Even in environments where change is constant, some things remain the same. Such is the case with IPv4, which is not going away any time soon despite full allocation of its global address space. Network address translation is a proven technology for remapping one IP address space into another. While NAT technology itself is nothing new, carriers continue to face two challenges when implementing CGNAT: cost and capabilities. Some CGNAT solutions require a dedicated system, which increases both CapEx and OpEx owing to the need to deploy and maintain separate hardware. A better approach is to integrate CGNAT into a high-performing application delivery controller (ADC). But some ADC-based solutions require additional resources (CPU or memory upgrades, or more blades) to scale CGNAT performance, resulting in additional costs. The capabilities challenge involves the need to implement the different forms and related functions of NAT that might be needed to support different protocols and applications with total transparency. For example. UDP, TCP and ICMP each require a specific form of NAT to operate transparently end-to-end. Certain tunneling and signaling protocols, especially those that include IP addresses and/or TCP/UDP ports in packet payloads, require an application-level gateway (ALG) capability. An ALG functions like a proxy that makes the translations necessary for applications to operate seamlessly across public and private address realms, but unlike a proxy, does not require any changes to clients or servers. Citrix meets both of these challenges with a capable and high-performance CGNAT solution that is integrated into the NetScaler ADC. Integrating CGNAT with load balancing in the industry-leading, high-performance NetScaler ADC enables carriers to consolidate equipment and eliminate the need for yet another single-purpose system. The cost-effectiveness of consolidation is especially important as S/Gi-LAN traffic grows at a rate of 50 percent to 100 percent annually. While performance can be an issue with some ADCs that support CGNAT, rigorous testing has demonstrated the ability of NetScaler to support up to 256 million sessions in a 2 RU platform. Test results also demonstrate its ability to handle over a million connections/second with a Layer 7 throughput of up to 160 Gbps. With integral support for high-performance CGNAT in a fully configurable ADC platform, NetScaler accommodates a carrier s need to achieve a minimum of three years of useful life from its investment. 2

The NetScaler CGNAT solution also includes broad support for the ALGs carriers need today, and its extensible design enables other ALGs to be added to satisfy changing market conditions. The breadth and depth of these ALGs enable carriers to satisfy the connectivity requirements of businesses and individual subscribers with a high-quality experience, and without restrictions. Key features Standard-based network address and port translation NetScaler CGNAT offers standards-based private IPv4 to public IPv4 network address translation (NAT44) based on the latest RFCs, making it interoperable and transparent in both client-server and peer-to-peer (P2P) applications. CGNAT uses a pool of public IPv4 addresses to assign a global IPv4 address to each subscriber, and then maps each subscriber s private IPv4 addresses to and from its global address automatically and transparently as needed to traverse the Internet or other public IP network. Controlled openness to inbound connections NetScaler can permit any external host to connect to any internal host ( behind the CGNAT service) with an open or mapped internal address, a behavior known as endpoint independent filtering (EIF). The Internet Engineering Task Force recommends EIF as the default filtering behavior for CGNAT. Mapped address persistence NetScaler can use the same external, public IP address for all sessions from the same internal hosts, a behavior known as endpoint independent mapping (EIM). EIM offers transparency for P2P and VoIP applications by providing a persistent external IP address and port for all connections originating from the same internal host/port, thereby minimizing the potential for connectivity problems. Support for full cone NAT NetScaler provides support for full cone NAT when both EIF and EIM are enabled. Also known as static, one-to-one and port forwarding NAT, full cone is the least restrictive form of NAT, making it a good choice for applications that do not require stringent security provisions. ALGs NetScaler offers broad support for ALGs to ensure transparency for a full range of enterprise and consumer applications. ALG support is provided for ICMP, FTP, TFTP, SIP, PPTP and RTSP. Hairpinning NetScaler supports hairpinning, which enables endpoints with private IP addresses to communicate with one another without the need to translate these addresses to and from public IP addresses when both endpoints are behind the same CGNAT service. This makes it possible, for example, for subscriber clients to reach a carrier s servers, or for one subscriber VoIP device to call another subscriber VoIP device directly without address translation. 3

Connection limiting To ensure consistent performance across all subscribers and to help protect against DDoS attacks, NetScaler can restrict the number of sessions available for each commercial and consumer subscriber. High-speed logging NetScaler continuously logs all NAT transactions to SYSLOG servers, which is necessary to comply with government mandates for some applications. The CGNAT syslog messages can be sent via high-speed links using TCP to ensure that NetScaler performs accurate logging at the full rate of incoming connections. Furthermore, NetScaler can load balance SYSLOG servers for high availability and performance. Deterministic NAT Deterministic NAT enables carriers to allocate a fixed block of ports and IP addresses that may be used dynamically to subscribers, which eliminates the need for extensive logging. In typical NAT environments, the requirement for logging is critical, and for carriers with CGNAT, the log files can become quite large, making log management a continuous and costly challenge. Dual Stack Lite Dual Stack Lite (DS Lite) is an IPv6 transition solution for ISPs and telco s with IPv6 infrastructure to connect their IPv4 subscribers to the Internet. DS Lite uses IPv6 tunneling to send a subscriber s IPv4 packet over a tunnel on the ISP s or telco s IPv6 network. The IPv6 packet is de-capsulated to recover the subscriber s IPv4 packet and is then sent to the Internet after NAT address and port translation and other CGNAT-related processing. The response packets traverse through the same path to the subscriber. Capabilities Summary Performance (MPX 25000T) NAT functionality Transparency ALGs Description Up to 256 million concurrent sessions Up to 1.2 million connections/second Up to 1 million static CGNAT mapping entries N:M NAPT Address restricted Port restricted Symmetric Static mapping Sticky NAT Deterministic NAT Session timeout Full cone / Paired IP pooling Hairpinning Mapping and filtering: - End-point Independent - Address dependent - Address and port dependent FTP TFTP ICMP SIP. RTSP. PPTP 4

RFC compliance High-speed logging IPv6 transitioning 4787 (UDP) 5382 (TCP) 5508 (ICMP) 6888 (CGNAT) SYSLOG over TCP Load balancing of SYSLOG servers Dual Stack Lite Corporate Headquarters Fort Lauderdale, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA EMEA Headquarters Schaffhausen, Switzerland India Development Center Bangalore, India Online Division Headquarters Santa Barbara, CA, USA Pacific Headquarters Hong Kong, China Latin America Headquarters Coral Gables, FL, USA UK Development Center Chalfont, United Kingdom About Citrix Citrix (NASDAQ:CTXS) is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking and SaaS solutions to enable new ways for businesses and people to work better. Citrix solutions power business mobility through secure, mobile workspaces that provide people with instant access to apps, desktops, data and communications on any device, over any network and cloud. With annual revenue in 2014 of $3.14 billion, Citrix solutions are in use at more than 330,000 organizations and by over 100 million users globally. Learn more at www.. Copyright 2015 Citrix Systems, Inc. All rights reserved. Citrix and NetScaler are trademarks of Citrix Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned herein may be trademarks of their respective companies. 0615/PDF 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information