Post on 29-May-2018
transcript
Application Delivery Control Customer OverviewEnsuring application performance and security
Presenter Name PlaceholderJob Title
NOVEMBER 13, 2017
3 © 2016 Citrix | Confidential
Business challenges facing application delivery
Technical debt and application lifecycle management across
multi-cloud
ManageSupporting cloud native apps and
hybrid cloud topologies
HybridServer failures or
public cloud outages can impact app
availability
ReliabilityDecreased productivity and loss of revenue due
to slow performing applications
PerformanceIncreasing need for encryption
and new ciphers
Security
4 © 2016 Citrix | Confidential
NetScaler Portfolio
ADC
Secure delivery of traditional & micro-services
Apps
Gateway
Secure Access for Apps anywhere users everywhere
SD-WAN
Secure & reliable delivery of Apps to the branch
Management & Analytics SystemApplication & Infrastructure Intelligence for the data
driven enterprise
5 © 2016 Citrix | Confidential
Citrix NetScaler SD-WAN
Citrix XenMobile Client
Citrix ShareFile
Citrix XenApp
Citrix XenDesktop
Citrix XenMobile
Other Apps
Citrix NetScaler Gateway & ADC
Branch user
For Apps anywhere, Users everywhere
Citrix Receiver
Citrix Receiver
A complete App Delivery solution
7 © 2016 Citrix | Confidential
2016 Magic Quadrant for
Application Delivery Controllers
Source: Gartner report, Magic Quadrant for Enterprise Mobility Management Suites, June 8, 2015, Terrence Cosgrove, Rob Smith, Chris Silva, John Girard, Bryan Taylor
Source: Gartner report, Magic Quadrant for Enterprise File Synchronization and Sharing, August 6, 2015 Monica Basso, Charles Smulders, Jeffrey Mann
Source: Gartner report, Magic Quadrant for Application Delivery Controllers, September 12th, 2016, Mark Fabbi, Andrew Lerner
© 2015 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. For more information, e-mail info@gartner.com or visit gartner.com. Used with permission. The Gartner document is available upon request from Citrix.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to
select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this
research, including any warranties of merchantability or fitness for a particular purpose.
10th
Year
2016
Recognized as a leader
…a solid
roadmap of
product
features
and
licensing
options.
8 © 2016 Citrix | Confidential
Secure delivery of traditional & micro-services apps
Load Balancing Acceleration Security SSL Availability Performance Visibility
PerformanceAvailability SecurityOffload Visibility
9 © 2016 Citrix | Confidential
“Citrix NetScaler leads the market in innovation and vision with capabilities that give us a competitive advantage.”
Tech Validate ID: 0CE-B5A-F7D
84%of customers agree
10 © 2016 Citrix | Confidential
PlatinumEnterpris
e
Standar
d
Ensure application availability with traffic management and
server monitoring
Improve application performance and manage resource availability
across multiple datacenters
Protect against web-based attacks and data theft
NetScaler editions
11 © 2016 Citrix | Confidential
PlatformsHardware or software options
Hypervisor
basedDocker Container
based
Multi-tenant
hardware
Single instance
hardware
12 © 2016 Citrix | Confidential
Virtual Platforms
Hypervisor Support
Cloud Hosted
<100 Gbps
Performance
Up to
100 Gbps
13 © 2016 Citrix | Confidential
Containerized Platforms
Container Support
Performance
Up to
1 Gbps
Container Management Support
<1 Gbps
Free developer
version
14 © 2016 Citrix | Confidential
Hardware Platforms
Performance
L7 Throughput
<200 Gbps
L7 Requests per second
<5.2m
SSL Throughput
<46 Gbps
SSL Requests per second
<560k<200 Gbps
15 © 2016 Citrix | Confidential
Hardware Platforms
<200 Gbps
Performance
L7 Throughput
<200 Gbps
L7 Requests per second
<5.2m
SSL Throughput
<46 Gbps
SSL Requests per second
<560k
Virtual tenants
<115
16 © 2016 Citrix | Confidential
NetScaler SD-WAN Product Overview
NetScaler SD-WAN Product Team
MARCH 2017
© 2016 Citrix | Confidential
17 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Stateful
Firewall
18 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Statefull
Firewall
19 © 2016 Citrix | Confidential
NetScaler SD-WAN: Create a tunnel
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDPLO G I C A L T U N N E L C R E AT E D
F R O M D I V E R S E L I N K S
Connections can be built to the data center, a private cloud, headquarters or dynamically created on demand direct from branch to branch
!
20 © 2016 Citrix | Confidential
NetScaler SD-WAN: Measure every path
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDP
latency loss jitter cong.
latency loss jitter cong.
latency loss jitter cong.
latency loss jitter cong.
latency loss jitter cong.
latency loss jitter cong.
• The quality of every potential path is assessed with every packet, in each direction
Latency, loss, jitter, congestion and availability are monitored for each path and in each direction. And real traffic is used for the measurement, not probe data.
!
21 © 2016 Citrix | Confidential
NetScaler SD-WAN: Direct traffic to the best path
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDP
• The quality of every potential path is assessed with every packet, in each direction• Each data stream is directed to best path with priority given to critical applications
B A N D W I DT H C O N T R O L
Each MPLS queue is treated as a separate path, maximizing the value of MPLS and ensuring the best path is always used.!
22 © 2016 Citrix | Confidential
NetScaler SD-WAN: Detect and fail over without impact
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDP
• The quality of every potential path is assessed with every packet, in each direction• Each data stream is directed to best path with priority given to critical applications• Data immediately fails over if an error is detected on any link
D E T E C T P R O B L E M S Q U I C K LY
We can detect degraded links, or brownouts, and quickly adapt traffic to compensate. By not waiting for an actual outage, soss and latency spikes won’t cause performance problems.
!
23 © 2016 Citrix | Confidential
NetScaler SD-WAN: Detect and fail over without impact
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDPFailover occurs within a 2-3 packets of loss, and those lost packets can be retransmitted and reordered so the application is never affected.
!A N D R E A C T W I T H LO S S L E S S FA I LOV E R
• The quality of every potential path is assessed with every packet, in each direction• Each data stream is directed to best path with priority given to critical applications• Data immediately fails over if an error is detected on any link
24 © 2016 Citrix | Confidential
NetScaler SD-WAN: Optionally duplicate real-time traffic
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDPWith packet duplication, VoIP and HDX Thin Wire will always take fastest path and never lose a packet, results in an optimum user experience
!
• The quality of every potential path is assessed with every packet, in each direction• Each data stream is directed to best path with priority given to critical applications• Data immediately fails over if an error is detected on any link• Packet duplication ensures no loss of critical data for ultimate in consistent user experience
PA C K E T D U P L I C AT I O N
25 © 2016 Citrix | Confidential
NetScaler SD-WAN: Use multiple links for one session
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
Logical tunnel created by encapsulating in UDPBonding links can result in a file transfers that take half the time, mitigating the impact of latency!
• The quality of every potential path is assessed with every packet, in each direction• Each data stream is directed to best path with priority given to critical applications• Data immediately fails over if an error is detected on any link• Packet duplication ensures no loss of critical data for ultimate in consistent user experience• Large flows can use multiple links simultaneously
B O N D M U LT I P L E L I N K S
26 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Stateful
Firewall
27 © 2016 Citrix | Confidential
Application SLA QoS
Category Minimum Bandwidth
Prioritization Duplicate
Real Time 30% VoIP Yes
Video Conf No
Interactive 40% XenDesktop No
SQL No
Exchange No
Custom No
Bulk 30% FTP No
Video No
Custom No
• QoS is based upon 3 categories of application traffic: real time, interactive, and bulk
• Categories can be provisioned with guaranteed minimums
• Up to 17 QoS levels can be utilized across the 3 categories
• Applications can be created and assigned using source/destination IP & port, TCP/UDP, and DSCP
• QoS model is dual-ended and therefore provides guaranteed delivery
28 © 2016 Citrix | Confidential
Application Intelligence Forms the Core of the Product
Finer Control Comprehensive SecurityDeeper Visibility
• Deep Packet Inspection• 4000+ Enterprise & SaaS Apps• Classify within Applications• DPI signatures updated regularly
• 200+ Enterprise Apps• 6 tuple matching to extend
Today
9.2
29 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Statefull
Firewall
30 © 2016 Citrix | Confidential
Integrated Statefull Firewall
• Comprehensive Firewall security: IP to Application layer
• Secure hosts, ports and infrastructure
• Support for Dynamic and Static NAT
• Enable firewall rules even for encrypted traffic with Application intelligence
• Define zones to enforce different policies for different users
• Single Point of Management across Network
• Provision, troubleshoot and analyze Routing and Security through SD-WAN center
• ICSA certification coming soon…
ALLOW
REJECTCOUNT &
LOG
DROP
31 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Statefull
Firewall
32 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Statefull
Firewall
33 © 2016 Citrix | Confidential
• Network throughput impacted by TCP window
size, latency and congestion
• Google “Mathis equation” or “TCP tuning”
• No packet loss: RWIN / RTT
• Packet loss: MSS / (RTT * SQRT(Packet Loss))
• NetScaler SD-WAN employs
• Window scaling of up to 16Kx of standard TCP
• SACK to minimize data that is resent
• Fast re-transmits to reduce delay before resend
• BIC TCP for faster recovery from packet loss
NetScaler SD-WAN Advanced TCP Flow Control
Slow Start Slow Ramp
Without NetScaler SD-WAN
Average
Utilization
Thro
ughput
Time
Link Speed
With NetScaler SD-WAN
Average
Utilization
Time
Link Speed
Thro
ughput
34 © 2016 Citrix | Confidential
NetScaler SD-WAN makes HDX better
Data Center or Cloud
Client Host
Clipboard
File Transfer
Mobile sensors
Clipboard HD
X
Printing
Smartcard
Audio
Graphics
Media
Citrix XenApp
Citrix XenDesktop
MPLS EF Queue
MPLS Default Queue
InternetNetScaler SD-WAN NetScaler SD-WAN
B A N D W I DT H
35 © 2016 Citrix | Confidential
Secure Edge
Routing
Application
Optimization
Unified
Management
App-Aware
QoS
Intelligent Path
Selection
Statefull
Firewall
37 © 2016 Citrix | Confidential
Ensure application reliability and quality via path measurement, selection, and security
Reduce bandwidth requirements and create more responsive applications
Securely forward application traffic from branch locations across the WAN and to the Internet
Secure the branch perimeter while controlling application delivery across the WAN and to the Internet
NetScaler SD-WAN: A Comprehensive WAN Edge Platform
Centralized Management &
Visibility
38 © 2016 Citrix | Confidential
Ensure application reliability and quality via path measurement, selection, and security
Securely forward application traffic from branch locations across the WAN and to the Internet
Secure the branch perimeter while controlling application delivery across the WAN and to the Internet
NetScaler SD-WAN: A Comprehensive WAN Edge Platform
Centralized Management &
Visibility
Standard Edition
39 © 2016 Citrix | Confidential
Reduce bandwidth requirements and create more responsive applications
NetScaler SD-WAN: A Comprehensive WAN Edge Platform
Centralized Management &
Visibility
WANOP Edition
40 © 2016 Citrix | Confidential
Ensure application reliability and quality via path measurement, selection, and security
Reduce bandwidth requirements and create more responsive applications
Securely forward application traffic from branch locations across the WAN and to the Internet
Secure the branch perimeter while controlling application delivery across the WAN and to the Internet
NetScaler SD-WAN: A Comprehensive WAN Edge Platform
Centralized Management &
Visibility
Enterprise Edition
41 © 2016 Citrix | Confidential
Model Capacity (Mbps) HDX Form Factor
5000 1,500 – 2,000 3,500 – 5,000
4000 310 – 1,000 750 – 2,500
3000 50 – 155 300 – 500
2000/2000WS 10 – 50 100 – 300
1000/1000WS 6 - 20 60 - 200
800 2 – 10 20 – 100
400 2 – 6 10 – 30
VPX 2 – 200 15 – 250 Software
NetScaler SD-WAN: WANOP Line UpPhysical and Virtual products as of 3Q 2016
42 © 2016 Citrix | Confidential
NetScaler SD-WAN: Standard Edition LineupPhysical and Virtual products as of 3Q 2016
ApplianceVirtual WAN Capacity
(Mbps full duplex)Virtual Path Capacity
(Fixed/Dynamic)Form Factor
5100 3000/4000 550/32
4100 1000/2000 256/32
2100 200/300/500/1000/1500 128/16
1000 20/50/100 16/8
410 20/50/100/150 16/8
VPX 20/50/100/200/500/1000 16/8 Software
43 © 2016 Citrix | Confidential
NetScaler SD-WAN: Enterprise Edition Lineup
Appliance
Virtual WAN Capacity
(Mbps full duplex)
WAN Op Capacity*
(Mbps)
Virtual Path Capacity
(Fixed/Dynamic)
Concurrent HDX
SessionsForm Factor
2000
250 50 32/16 300
200 20 32/16 200
100 10 32/16 100
1000
100 20 16/8 200
50 10 16/8 100
20 6 16/8 60
10 4 16/8 40
Physical and Virtual products as of 3Q 2016
44 © 2017 Citrix | Confidential – Content in this presentation is under NDA
NetScaler MAS 12Product Overview
Michael LeonardPrincipal Product Marketing Manager
michael.leonard@citrix.com
May, 2017
45 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Visibility and Analytics
Observe trends and
plan capacity
Proactively identify issues
Detect and address
security threats
Harness and use the data
from your network
What’s new in 12.0?• Anomaly
detection• Troubleshooting
applications• Application
threat exposure
46 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Advanced analytics comprehensive sources of data
Network Reporting
Volumetric or Utilization Data
SSLvServerICMPTCP
HTTPCompression
UDP
INSIGHTS (Analytics)
Application Layer DataCapacity Planning, Performance, Threats
HDX Web Security SSL
Advanced Analytics
Metadata + other high value dataUser impacting scenarios
Automated Trouble-shooting
Automated Threat
Detection
47 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Anomaly detection for performance troubleshooting
Which services are contributing to server
response time anomalies?
What has been the anomaly based trend line for this service?
Which point was the anomaly identified?
48 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Application security status monitoring dashboard
49 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Which are the top Apps with high threat index?
Who are the top Clients with high number of violations association?
Which locations attacks are originated from?
What is the total attack variation across all apps?
New Threat Detection added
Application security threat exposure assessment
50 © 2017 Citrix | Confidential – Content in this presentation is under NDA
App-centric lifecycle management
App-centric trouble-
shooting,security
Capture app-centric details
Granular role-based access
Gain app-centric
visibility and control
What's new in 12.0?- App health
monitoring- App dashboard- App Security
Dashboard- Stylebooks for
configuring apps
51 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Application health score for user experience
User Experience
Caused by
Latency
Availability
Anomalies
Errors
ADC health: CPU,
memory
Server latency and availability
Security attacks: threat index, DNS DDoS
App Health Score
NetScaler Metadata
Anomalies: surge
queue, uneven LB
HTTP Errors
52 © 2017 Citrix | Confidential – Content in this presentation is under NDA
When user clicks on any App
Which Apps are the most used most?
Why does this App have a low health score?
How many Apps have a low health score?
Which Apps have high threat exposure?
Which Apps have low security enabled?
Which Apps have high client connections and low server
connections?
Which network functions
define this app?
Health Score Trend
Threat Index Trend
Attack Trend
.
.
.
Application dashboard for activity monitoring
53 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Configurable application centric components
vServers vServers vServers
Backstage Application
Sharefile Application
Store Application
LB_vServerCS_vServer
LB_vServerCS_vServer
LB_vServerCS_vServer
For each vServer:• Dashboard
• Transactions• Connections• SSL• Throughput
• Services• Configuration
• Basic• Load balancing Method• Persistence
App Owner A
App Owner B
54 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Centralized Management
Certificate management
Configuration, logging and
events
License Management
Automate administrative tasks across
infrastructure
What's new in 12.0?- Performance
reporting and exporting
- Check in check out licensing
- Role based access control
- HA Proxy support
55 © 2017 Citrix | Confidential – Content in this presentation is under NDA
See all locations in a geo map view
Data Center view, highlighting state of instances, and critical/major Events.
56 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Centrally manage the NetScaler fleet
Distribution by Events/Health/Versions/Model/UpTime/Config Audit/Certificates
57 © 2017 Citrix | Confidential – Content in this presentation is under NDA
Top Parameters & Trends • Which are the top vservers
causing low health score?• What is the key app usage
metric variation?• What is the total event
variation trend for this app?
Top 5 vservers with lowest health score
How are the total events trending over the time?
How are the total events trending over the time?
Monitor device state with the activity investigator
58 © 2017 Citrix | Confidential – Content in this presentation is under NDA
0
100000
200000
300000
400000
500000
600000
# SSL v3 Sessions # ECDHE Sessions # ECDSA Sessions
Perform SSL capacity planning with SSL insight
Identify SSL Traffic Composition
Time
Future: Identify SSL CPU Utilization
Total Elliptical Curve Traffic
59 © 2017 Citrix | Confidential – Content in this presentation is under NDA
NetScaler MAS packaging and licensing
NetScaler ADC
SDN Control
Hybrid and Multi-Cloud Control
NetScaler Gateway
Advanced Application Analytics
Management and Automation
• Application dashboard• Application performance monitoring • Application level RBAC• End-to-end troubleshooting• Advanced capacity planning• Predictive analytics• Security threat analysis and
mitigation
• Configuration management• Logs, events and reports• Certificate management• License management• Cloud system integration• Container management• SDN integration
HA Proxy
Orchestration and Analytics Systems
SD-WAN
60 © 2017 Citrix | Confidential – Content in this presentation is under NDA
NetScaler MAS annual and multi-year pricing
NetScaler MASPer Instance Licensing
Product License SRP
Software Maintenance SRP
100 vserver On-Premise Subscription 1-year $10,000 $2,200
100 vserver On-Premise Subscription 2-year $18,000 $3,960
100 vserver On-Premise Subscription 3-year $22,500 $4,950
100 vserver On-Premise Subscription 4-year $30,000 $6,600
100 vserver On-Premise Subscription 5-year $37,500 $8,250
1. Annual or multi-year on-premise subscription. Customer must purchase multiple licenses to reach level of vservers required.2. Customer must purchase Software Maintenance (SWM) packs to equal to or more than the number of vserver licenses purchased .3. Customers who are using the unlicensed MAS with less than 30 vservers, who wish to receive support, need not purchase Software
Maintenance.4. The minimum support purchase is for 100 vservers.