Date post: | 02-Jun-2018 |
Category: |
Documents |
Upload: | berrezeg-mahieddine |
View: | 223 times |
Download: | 0 times |
of 81
8/10/2019 BlueCoat Roger Gotthardsson
1/81
Blue Coat Systems
Roger GotthardssonSr. Systems [email protected]
8/10/2019 BlueCoat Roger Gotthardsson
2/81
Company
Corporate data
Solutions
Client Proxy Solution
Blue Coat Webfilter
SSL Proxy
Reverse Proxy
MACH5
Products
ProxySG, ProxyAV, Director, Reporter
K9, - Blue Coat Webfilter at home for free
Agenda
8/10/2019 BlueCoat Roger Gotthardsson
3/81
Company
8/10/2019 BlueCoat Roger Gotthardsson
4/81
About Blue Coat
Innovative leader in secure content & application delivery 500+ employees; $146M annual revenue run rate 25,000+ appliances shipped worldwide to more than 4,000 customers
#1 (37%) market leader in Secure Content & Application Delivery (IDC)
Founded in 1996 with a focus on Accelerat ion Accelerating Web applicationsmaking Internet applications faster
Innovative proxy caching appliance with object pipelining, adaptivecontent refresh
Expanded in 2002 to include Pol icy Contro l &Securi ty
Rich policy framework integrated with performance engine for visibility andcontrol of users, content and applications Visibility: Who, what, where, when, how
Control: accelerate, deny, limit, scan, strip, transform
Integrated Solution for Acceleration & Security
8/10/2019 BlueCoat Roger Gotthardsson
5/81
About Blue Coat
Strategic Investments March 1996 Scalable Software (HTTP and OS Kernel)
September 1999 Invertex (SSL Hardware Encryption)
June 2000 Springbank Networks (Hardware Design and RoutingProtocols)
December 2000 Entera (Streaming and Content Distribution) November 2003 Ositis (Virus scanning appliance)
2004Cerberian (Content filtering)
2006Permeo Technologies (SSL VPN & client security)
Integrated Solution for Acceleration & Security
http://www.cacheflow.com/8/10/2019 BlueCoat Roger Gotthardsson
6/81
Client Proxy Solution
8/10/2019 BlueCoat Roger Gotthardsson
7/81
Caching
Client Proxy
AntivirusURL-Filtering
InternetClients
LoggingAuthentication
Protocoloptimization
BWmanagement
Compression
Policy
Protocoldetection
Byte Caching
8/10/2019 BlueCoat Roger Gotthardsson
8/81
Application proxy
AOL-IM
FTP
HTTP & HTTPS
MSN-IM
Streaming Yahoo-IM
?TCP-Tunnel SOCKS
Internet
CIFS
.mp3.xxx
P2PTelnet/Shell DNS
gral.se
MAPI
8/10/2019 BlueCoat Roger Gotthardsson
9/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.
PublicWeb
Server
IntranetWeb
Server
Public InternetInternalNetwork
8/10/2019 BlueCoat Roger Gotthardsson
10/81
List
On boxDatabase
Authentication
Directory
LDAP
X509/CA
ClientCertifficate
InternetClients
AD
NT, W2000 or
W2003 DC
Directory
RADIUS
Server
Directory
Netegrity
SiteMinder
Directory
Oblix
Directory
PolicySubstitution
8/10/2019 BlueCoat Roger Gotthardsson
11/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
PublicWeb
Server
IntranetWeb
Server
Public InternetInternalNetwork
8/10/2019 BlueCoat Roger Gotthardsson
12/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
PublicWeb
Server
IntranetWeb
Server
Public InternetInternalNetwork
8/10/2019 BlueCoat Roger Gotthardsson
13/81
Content Filtering
Organizations need to control what users are doing when
accessing the internet to protect from legal liability and productivityrisks
Blue Coat and our partners enableenterprise-class content filtering
Powerful granular user control usingBlue Coats Policy Processing Engine
By user, group, destination IP and/or URL,time of day, site, category, lots more
Multiple logging and reporting options
Integrates with all authentication(LDAP, RADIUS, NTLM, AD, 2-factor, etc)
Coaching, warnings, etc. High performance with integrated caching
Drop-in appliance for easy to deploy and manage
De-facto industry content filtering platform
8/10/2019 BlueCoat Roger Gotthardsson
14/81
Content filtering databases
Websense
InternetClients
Smartfilter SurfControl
Your listsexceptions
BlueCoatwebfilter
WebWasher
Proventia
DigitalArts InterSafe Optenet
DRTR
IWF
8/10/2019 BlueCoat Roger Gotthardsson
15/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
8/10/2019 BlueCoat Roger Gotthardsson
16/81
HTTP Compression
compressedCore ProxySG
uncompressed
ProxySG can support a mixed mode of HTTP compression operation
Original Content Server (OCS) or Core ProxySG can send either (de)compressed content toedge or core ProxySG using GZIPor Deflatealgorithms
compressed
uncompressed
Edge ProxySGcompressed
uncompressed
ProxySGcompressed
uncompressed
compressed
uncompressed
Remote OfficeHQ Office
EnterpriseInternet
8/10/2019 BlueCoat Roger Gotthardsson
17/81
Bandwidth Management (BWM)
OBJECTIVE
Classify, control and limit the amount of bandwidthused by a class of network traffic
BENEFITS
Protect performance of mission critical applications SAP, ERP apps
Prevent bandwidth greedy applications from impacting otherapplications
P2P
Provision bandwidth for applications that require a per-sessionamount of bandwidth
Streaming
Balance necessary and important, bandwidth intensive, applications HTTP, IM
8/10/2019 BlueCoat Roger Gotthardsson
18/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
Web Virus scanning:Potentially harmful contententering network via HTTP,HTTPSand FTPis stripped or scannedby ProxyAV.
8/10/2019 BlueCoat Roger Gotthardsson
19/81
Virus, Code & Script scanning
InternetClients
ProxyAV
Other ICAP servers
Sophos
Panda
McAfee
Kaspersky
8/10/2019 BlueCoat Roger Gotthardsson
20/81
ProxyAV
ProxySG& ProxyAV- Large Enterprise/Network Core- Scan once, serve many (cache benefit)
Internet
InternalNetwork
ProxyAVProxySG
Virus Scans HTTP, FTPwith caching benefit
ProxySG Load Balances
Purpose-built appliances forspeed
Scan once, serve many toincrease performance
High-availability & load-balancing
Purpose built operating
systems
8/10/2019 BlueCoat Roger Gotthardsson
21/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
Web Virus scanning:Potentially harmful contententering network from webis stripped or scannedby ProxyAV.
Spyware: Prevention is betterthan a cure.
8/10/2019 BlueCoat Roger Gotthardsson
22/81
BlueCoat Spyware Prevention Solution
Stopsspyware installations Detect drive-by installers
Blocksspyware websites
On-Proxy URL categorization
Scansfor spyware signatures
High-performance Web AV
Detectssuspect systems Forward to cleansing agent
Internet
InternalNetwork
ProxyAVProxySG
http://www.daj.co.jp/index.htmhttp://localhost/var/www/apps/conversion/tmp/scratch_5//piper/8/10/2019 BlueCoat Roger Gotthardsson
23/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
Web Virus scanning:Potentially harmful contententering network from webis stripped or scannedby ProxyAV.
Spyware: Prevention is betterthan a cure.
IM Traffic Control:IM trafficis subjected to policies andis logged
8/10/2019 BlueCoat Roger Gotthardsson
24/81
IM Control with Blue Coat ProxySG
Granular IM policy control By enterprise, group or user level
Control by IM feature (IM only, chat, attachments,video, etc.), internal or external IM, time of day, etc.
Control IM options include deny connection,strip attachment, log chat (including attachment)
Key word actions include send alert to IT ormanager, log, strip, send warning message to user
Drop-in appliance for easy to deploy
and manage IM control
8/10/2019 BlueCoat Roger Gotthardsson
25/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
Web Virus scanning:Potentially harmful contententering network from webis stripped or scannedby ProxyAV.
Spyware: Prevention is better
than a cure.
IM Traffic Control:IM trafficis subjected to policies andis loggedCaching:Acceptable, clean
content is storedin cache and delivered torequestor.
8/10/2019 BlueCoat Roger Gotthardsson
26/81
Streaming Microsoft Streaming & Native RTSP
Live Stream split, VOD Stream cache
Rich Streaming features, Unicast-Multicast
Scheduling live streaming from VOD
Enhancements Store, Cache & distribute
Video On Demand
Schedule VOD content tobe played as Live Content
Convert between Multicast-Unicast
Authenticate Streaming usersTo NTLM, Ldap, RADIUS+Onbox
Streaming acceleration
http://www.microsoft.com/isapi/gomscom.asp?target=/http://www.real.com/R/HPnavR/www.real.com/index.html8/10/2019 BlueCoat Roger Gotthardsson
27/81
How We Secure the Web
AAA:User logs onto networkand is authenticated viaNTLM, AD (Single-Sign-on),LDAP, Radius, Forms, local
password.Policy Processing Engine:
All user web applicationrequests are subjected togranular security policy
Content Filtering:Requestsfor content are controlled
using content filtering basedon granular policy
Public
WebServer
Intranet
WebServer
Public InternetInternalNetwork
Bandwidth management:Compression, Bandwidthmanagement and Streamingmedia Caching and Splitting.
Web Virus scanning:Potentially harmful contententering network from webis stripped or scannedby ProxyAV.
Spyware: Prevention is better
than a cure.
IM Traffic Control:IM trafficis subjected to policies andis loggedCaching:Acceptable, clean
content is storedin cache and delivered torequestor.Reporting:All browser,streaming, IM & virus activity,can be reported usingBluecoat's highlyconfigurable reporter.
8/10/2019 BlueCoat Roger Gotthardsson
28/81
Reporter
8/10/2019 BlueCoat Roger Gotthardsson
29/81
Blue Coat Webfilter
8/10/2019 BlueCoat Roger Gotthardsson
30/81
The Internet
The internet today consists of 350 million webservers.
A large ammount of these conatain information youdont want in your organisation.
A cleaver solution would be to use Content Filtering.
BlueCoat now introduces Generation 3of contentfiltering, BlueCoat Webfilter.
350 Million
8/10/2019 BlueCoat Roger Gotthardsson
31/81
Generation 1
The first generation of content filters consisted ofstatic manually managed lists of popular pornographicand unproductive websites. Very often retreived fromaccess logs, popular bad sites where banned.
The intended purpose was to save bandwidthandwarn users that inapropriate behaviour was logged.
People got together and distributed their lists in freelists compatible with proxies such as Squid.
The distributed list where in the size of a million URL:s 349 Million
1 Million
8/10/2019 BlueCoat Roger Gotthardsson
32/81
Generation 2
335 Million
15 Million
Corporations relised they could make money of a listand started to collect lists and logs from the web, manuallyrating these in larger scale. More categories where addedto increase value. The systems started to collect URL:Sautmatically and download new lists periodicly. Some
of them even many times every day.
Special categories where added for static security threatsplaced on known webservers, spyware phishing etc. Otherthan bad sites where added such as Economy, business,news etc. to present statistics of Internet usage.
http://localhost/var/www/apps/conversion/tmp/scratch_5/Shttp://localhost/var/www/apps/conversion/tmp/scratch_5/S8/10/2019 BlueCoat Roger Gotthardsson
33/81
Generation 2
335 Million
15 Million
Number of URL:swas in the numbers of 10-20 millions.Hitrates in logsystems presented was in the numbers of50-80%. Regular expression on URL:sand other trickssometimes gave a false picture of rating over 90%. But infact less than 5% of the Internet was covered.
http://localhost/var/www/apps/conversion/tmp/scratch_5/shttp://localhost/var/www/apps/conversion/tmp/scratch_5/shttp://www.daj.co.jp/index.htmhttp://localhost/var/www/apps/conversion/tmp/scratch_5//piper/http://localhost/var/www/apps/conversion/tmp/scratch_5/shttp://localhost/var/www/apps/conversion/tmp/scratch_5/s8/10/2019 BlueCoat Roger Gotthardsson
34/81
Generation 3
335 Million
15 Million
The dynamics of internet and new security risksurged for a new way of categorizing the Internet,Dynamic rating of uncategorized websites can todayrate most websites, the ones thats impossible to ratecould be stripped down to present only html andimages to reduce risk.
The static URL database are constantly updated likeany Generation 2 filter. This database is cached insome systems (ProxySG) to increase performance.The rest (95%) of the Internet is categorised usingdynamic rating.
8/10/2019 BlueCoat Roger Gotthardsson
35/81
Dynamic Real Time Rating
Servers
Clients
G2
44s
RS
DXD
* The picture is simplified, all systems are redundant.
HRDBR
DRTR
language 1language 2
language 3
language 4
language 5
language nLanguage
detection
To
background
rating
Customer BlueCoat
Internet
8/10/2019 BlueCoat Roger Gotthardsson
36/81
SSL Proxy
8/10/2019 BlueCoat Roger Gotthardsson
37/81
SSL
Internet
Pol icy SSL
InternalNetwork
User
Apps
SSL Proxy: Policy Enforcement
Control web content, applications, and servicesregardless of encryption
Block, allow, throttle, scan, accelerate, insert, strip, redirect, transform
Apply the same policies to encrypted traffic as to normal traffic
Stops/controls rogue applications that take advantage of SSL
Protect the enterprise from SSL-borne threats
Stop spyware and secured phishing
SSL-secured webmail and extranetsvirus transmissions
SSL-borne malicious and inappropriate content
Accelerate critical applications
Enables a variety of acceleration techniques (e.g., caching)
http://espn.go.com/http://www.fidelityinfoservices.com/FNFIS/default.htmhttp://www.salesforce.com/8/10/2019 BlueCoat Roger Gotthardsson
38/81
Verify certificateand extract servers
public key.
Blue Coat: Visibility and Context
Use this algorithm.
Servers digital
certificate.
CompleteAuthentication.
Client-Prox y Connection Server-Proxy Connection
Tunnel Establ ished Tunnel Establ ished
CompleteAuthentication. CompleteAuthentication. CompleteAuthentication.
Proxy ServerClient
Algorithms I support.
Connection Request.
Algorithms I support.
Connection Request.
Verify certificateand extract (proxys)
public key.
Lets usethis algorithm.
Emulated certificate.
8/10/2019 BlueCoat Roger Gotthardsson
39/81
Flexible Configurations
SSL
TCP
User
Internet
Apps
TCP
Trusted applications passed through
Sensitive, known, financial or health care
No cache, visibility
Awareness of network-levelinformation only
Control
Option 1
http://www.fidelityinfoservices.com/FNFIS/default.htmhttp://www.salesforce.com/8/10/2019 BlueCoat Roger Gotthardsson
40/81
SSL
TCP
User
Internet
Apps
TCP
Flexible Configurations
Initial checks performed Valid user, valid application
Valid server cert
User/application traffic passed throughafter initial checks
No cache Visibility and context of network-level info,
certificates, user, and applications
Can warn user, remind of AUP, andoffer opt-out Control
Option 2
8/10/2019 BlueCoat Roger Gotthardsson
41/81
Flexible Configurations
SSL
Internet
AppsUser
TCP TCP
SSL
Initial checks performed Valid user, valid application
Valid server cert
User/application traffic proxied after initial checks
Full caching and logging options
Visibility and context of network-level info,certificates, user, applications, content, etc.
Full termination/proxy
Can warn user, remind of AUP, andoffer opt-out Control
Option 3
8/10/2019 BlueCoat Roger Gotthardsson
42/81
Reverse Proxy
8/10/2019 BlueCoat Roger Gotthardsson
43/81
Caching
Reverse Proxy
AV SSL/Certificate
InternetClients
Authentication
Logging Policy
Servers
URL-rewrite
8/10/2019 BlueCoat Roger Gotthardsson
44/81
ACCELERATES Web ContentIntelligent caching
Compression and bandwidth mgt.
TCP & SSL offload
PROTECTS Web ServersSecure, object-based OS
Controls access to web apps
Web AV scanning
SIMPLIFIES Operations
Scalable, optimized applianceEasy policy creation & management
Complete logging & reporting
WebServers
InternalNetwork
Users
FirewallUsersProxySG
PublicInternet
Secure & Accelerate Web Applications
Reverse Proxy
8/10/2019 BlueCoat Roger Gotthardsson
45/81
HTTPS Termination
HTTPS Termination (ClientProxySG) Off-load secure website or portal
HTTPS Origination (ProxySGServer) Secure channel to content server for clients
Man-in-the-Middle (Termination & Origination) Allows caching, policy and virus scanning
Secure credential acquisitions
SSL Hardware Acceleration Cards
800 RSA transactions per second per card
SSL v2.0, v3.0, and TLS v1 support
Off-load web application servers to improveperformance
8/10/2019 BlueCoat Roger Gotthardsson
46/81
Example Scenarios for Reverse Proxy
Secure and Accelerate Public Websites Improves content delivery with integrated caching Services legitimate users while resisting DoS attacks
High-performance SSL
Secure Corporate Webmail Securely isolates Web servers from direct Internet
access
Proxy authentication for additional layer of protection
Plug-n-play SSL
Scanning Uploaded Files for Viruses Simple integration with ProxyAV
Real-time scanning of uploaded content
Protects Web infrastructure from malware
http://www.msnbc.msn.com/8/10/2019 BlueCoat Roger Gotthardsson
47/81
Accelerate Applications All Users All Locations
Recipe for Branch
8/10/2019 BlueCoat Roger Gotthardsson
48/81
Recipe for BranchPerformance Problems
Server Consol idat ion
Increased application traffic+
Narrow bandwidth links+
Highly distributed users+
Inefficient application protocols+
= Poor Application Performance
8/10/2019 BlueCoat Roger Gotthardsson
49/81
Pl tf f A li ti A l ti
8/10/2019 BlueCoat Roger Gotthardsson
50/81
Platform for Application Acceleration
Multiprotocol Accelerated Caching Hierarchy
BandwidthManagement
ProtocolOptimization
ObjectCaching
ByteCaching
Compression
File Services (CIFS), Web (HTTP), Exchange (MAPI),Video/Streaming (RTSP, MMS), Secure Web (SSL)
N R i t SSL A l ti
8/10/2019 BlueCoat Roger Gotthardsson
51/81
Source: Blue Coat Customer Surveys
New Requirement: SSL Acceleration
Nearly 50% of allcorporate Webapplication traffic is SSL
70% of all mobile and
teleworkers use SSL forsecure applicationdelivery
68% of Blue Coatcustomers depend onexternally hosted Webapplications
SSLTraf
fic
InternallyHosted Apps
ExternallyHosted Apps
More and More SSL
N R i t Vid A l ti
8/10/2019 BlueCoat Roger Gotthardsson
52/81
New Requirement: Video Acceleration
Enterprise usersbecoming more distributed Mobile, teleworker, and branch/
remote offices
Regulatory and cost drivers
Remote employee trainingbecoming a necessity Live (streaming) and on-demand video
Performance qualitybecoming a requirement Network and application issues must
be addressed
Control and acceleration of videois needed
B d idth M t
8/10/2019 BlueCoat Roger Gotthardsson
53/81
Bandwidth Management
Divide user and application traffic into classes Guarantee min and/or max bandwidth for a class
Align traffic classes to business priorities
Sales Automation App
Priority 1Min 400Kb, Max 800Kb
File ServicesPriority 3
Min 400Kb, Max 800Kb
Priority 2Min 100Kb, Max 400Kb
General Web SurfingPriority 4Min 0Kb, Max 200Kb
P t l O ti i ti
http://www.fidelityinfoservices.com/FNFIS/default.htmhttp://www.salesforce.com/8/10/2019 BlueCoat Roger Gotthardsson
54/81
Protocol Optimization
P t l O ti i ti
8/10/2019 BlueCoat Roger Gotthardsson
55/81
Protocol Optimization
10-100X FasterIncludes CIFS, MAPI, HTTP, HTTPS, TCP
Obj t C hi
8/10/2019 BlueCoat Roger Gotthardsson
56/81
Object Caching
Built on high-level applications and protocols HTTP/Web caching
Streaming caches
CIFS cache
Advantages Fastest response times
Offload work from servers (and networks)
Can be deployed asymmetrically
Limitations
Application-specific
All or nothing: No benefit if whole object not found orchanged
B t C hi
8/10/2019 BlueCoat Roger Gotthardsson
57/81
Byte Caching
..11011111001110011...111001111001100101011101100100001101001100111001000001111000111001100011000001001111000000110111101001000011011000101111100101010101110011010011101001111001000000000000111001011100101101101101001010110010110011110001111111111000000000
..11011111001110011...111001111001100101011101100100001101001100111001000001111000111001100011000001001111000000110111101001000011011000101111100101010101110011010011101001111001000000000000111001011100101101101101001010110010110011110001111111111000000000
110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000
000000001110010111001011011011010010101100101100
[R1]0010010[R2]100101111100110100111011010011[R3]
11011111001110010010010111001100101011101100100001101001100111001000001111000111001100011000001001111000000110111101001000011011010010111110011010011101101001101001111001000000000000111001011100101101101
1010010101100101100
Local History Cache Remote History Cache
Sequences arefound in the local
history cache
They aretransmitted as
smallreferences over
the WAN
The originalstream is
reconstructedusing the
remote history
cache
Local LAN Remote LANWAN Link
Proxies keepa history of all
bytes sentand received
C i
8/10/2019 BlueCoat Roger Gotthardsson
58/81
Compression
1101111100111001001001011100110010101110110010000
10011001110010000011110001110011000110000010011
110111110011100100100
101110011001010111011
001000011010011001110
010000011110001110011
000110000010011110000
001101111010010000110
110100101111100110100
111011010011010011110
010000000000001110010
111001011011011010010
101100101100010100100
101010101010100010111
COMPRESSION
110111110011100100100
101110011001010111011
001000011010011001110
010000011110001110011
000110000010011110000
001101111010010000110
110100101111100110100
111011010011010011110
010000000000001110010
111001011011011010010
101100101100010100100
101010101010100010111
Industry-standard gzip algorithm compresses all traffic
Removes predictable white space from content andobjects being transmitted
MACH5 Techniq es Work Together
8/10/2019 BlueCoat Roger Gotthardsson
59/81
MACH5Techniques Work Together
Object Caching Caches repeated, static app-level data; reduces BW and latency
Byte Caching Caches any TCP application using
similar/changed data; reduces BWCompression
Reduces amount of data transmitted; saves BW
Bandwidth Management Prioritize, limit, allocate, assign DiffServby user
or application
Protocol Optimization Remove inefficiencies, reduce latency
Object Caching
8/10/2019 BlueCoat Roger Gotthardsson
60/81
Object Caching
Object caches are built on higher level applications andprotocols HTTP/Web caching
Streaming caches
CIFS cache
Object cache advantages Fastest response times
Offload work from servers
Can be deployed asymmetrically
Object cache disadvantages Works with limited set of applications
Works on limited range of data inside applications All or nothing: No benefit if whole object not found or changed
Object vs Byte Caching
8/10/2019 BlueCoat Roger Gotthardsson
61/81
Object vs. Byte Caching
Object Caching Byte Cache
Proxy?HTTP(S), FTP,
Streaming, CIFS Built on TCP
Protocol Optimization Integration X
Server Offload X
Network Offload X X
Incremental Updates X
No App Integration X
End User Performance Best Good
Scope Focused Broad
8/10/2019 BlueCoat Roger Gotthardsson
62/81
Products
8/10/2019 BlueCoat Roger Gotthardsson
63/81
8/10/2019 BlueCoat Roger Gotthardsson
64/81
400 E1
8/10/2019 BlueCoat Roger Gotthardsson
65/81
400-E1
One Model: 400-E1 RAM: 512 MB
CPU: 1.26GHz PIII
Disk drive 40 GB IDE
Network Interfaces (2 on board) 10/100 Base-T Ethernet
19" Rack-mountable
Software
8/10/2019 BlueCoat Roger Gotthardsson
66/81
Software
Reporter (SW) Advanced Java application to generate statistics from logs
Licenced products
8/10/2019 BlueCoat Roger Gotthardsson
67/81
Licenced products
Licensed products Streaming
Real Networks, Microsoft, Quicktime
Instant Messaging
MSN, Yahoo, AOL
Optional Security (HW+SW bundle)
SSL termination/proxy
Licenced products
http://www.microsoft.com/isapi/gomscom.asp?target=/http://www.real.com/R/HPnavR/www.real.com/index.html8/10/2019 BlueCoat Roger Gotthardsson
68/81
Licenced products
Licensed products Content filtering
BlueCoat Webfilter
ICAP AV Scanner
ProxyAV (McAfee, Sophos, Panda, Kaspersky, Ahn Labs)
The Power of the Proxy
8/10/2019 BlueCoat Roger Gotthardsson
69/81
Full Protocol Termination = Total Visibility & Context(HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS)
Policy Control Fine-grained policy for applications,
protocols, content & users (allow,deny, transform, etc)
Granular, flexible logging
Authentication integration
The Power of the Proxy
+ +
Ultimate Control Point for Communications
Web Security Prevent spyware,
malware & viruses
Stop DoS attacks
IE vulnerabilities,IM threats
Accelerated Applications MultiprotocolAccelerated CachingHierarchy
BW mgmt, compression,protocol optimization
Byte & object caching
8/10/2019 BlueCoat Roger Gotthardsson
70/81
Management
Management
8/10/2019 BlueCoat Roger Gotthardsson
71/81
User Interface HTTP (HTTPS), web GUI Interface
Telnet (Cisco CLI)
SSH & Serial console
Java Policy interface
CPL, Policy Language SNMP MIBII + Traps
Monitor network status and statistics
Reporting tools
BlueCoat Reporter
Scalable management Centralized configuration management in Director
Management
Reporting (example)
8/10/2019 BlueCoat Roger Gotthardsson
72/81
Reporting (example)
18.2 % Spyware (gator)16.5 % Aftonbladet9.5 % Ads (in top 40)6.8 % https (encrypted)
8/10/2019 BlueCoat Roger Gotthardsson
73/81
8/10/2019 BlueCoat Roger Gotthardsson
74/81
8/10/2019 BlueCoat Roger Gotthardsson
75/81
8/10/2019 BlueCoat Roger Gotthardsson
76/81
System-wide Management and Control
8/10/2019 BlueCoat Roger Gotthardsson
77/81
System wide Management and Control
Blue Coat Director Centralized configuration of Blue Coat
appliancesset up, policy, etc
Centralized monitoringappliance health,
application use, user experience
Blue Coat Reporter
Enterprise roll-up and analysis of applicationdelivery information: appliances, applicationuse, user experience
Both Director and Reporter are proven, withthousands of nodes under management
Director configuration Management
8/10/2019 BlueCoat Roger Gotthardsson
78/81
Director configuration Management
Director
(1) Configure and test
profile system
(2) Snapshot profileand save on
Director
(4) Push profiles andoverlays to one
or more systems
Profile system
Production systems
(3) Create and editoverlays using GUIor CLI.
Work-
station
Remotely and
securely managevia GUI or CLI.
Configuration Management
Policy Management
Disaster protection centrallyConfiguration Management
Monitor and control
Resource Management
Monitor networkstatus and statistics
Profile Management
Backup configuration
Create overlays using GUIor CLI. Automate changes
License Management
Content Delivery Network
8/10/2019 BlueCoat Roger Gotthardsson
79/81
Content Delivery Network
WWW
Servers
1 Publishcontent
ContentOwners
Users
5 Deliver the
content.
4 Pull contentfrom origin
servers.
Director
2 Tell Directorabout new
content
Edge
Systems
3
Tell caches to
update content
Director GUI
8/10/2019 BlueCoat Roger Gotthardsson
80/81
Director GUI
K9 For free
8/10/2019 BlueCoat Roger Gotthardsson
81/81
K9 For free
If you want to protect your family with Content FilteringBlue Coat is now giving it away, read more at:
http://www.getk9.com/refer/Roger.Gotthardsson
Please send this link to anyone you want !!!!
http://www.getk9.com/refer/Roger.Gotthardssonhttp://www.getk9.com/refer/Roger.Gotthardsson