NetScaler
advertisement
Sikker adgang fra alle devices edgemo summit CPH maj 2014 Kort intro Eigil Ørnfelt Infrastructure specialist eoe@edgemo.com Niels Holm Infrastructure specialist nch@edgemo.com NetScaler Access Gateway Enterprise Edition (AGEE) NetScaler Gateway NetScaler ADC Citrix Access Gateway (CAG) Citrix Secure Gateway Citrix Advanced Access Gateway (CAG) Citrix NetScaler overview Citrix NetScaler overview Cloud Infrastructure • World-class load balancing • Health monitoring Availability • Caching • Compression • Optimization PerformanAcAc Accelerate Enterprise Datacenter • TCP Connection Management • SSL processing Offload • SSL VPN • Application firewall • AAA Security Layer 4 Load Balancing TCP and UDP Client Requests Maintaining User Sessions Distributing Traffic Monitoring Server Health and Availability • Source IP • Least Connections • TCP Connection • Cookie • Lowest Response Time • HTTPS Connection • SSL Session ID • Round Robin • Extended Content Verification • Server-ID in URL Query • SNMP-based • Scriptable Health Checks • Customer Server-ID • Hash-based • Token (header or body) • Many more… Global Server Load Balancing Site A Site B Content Switching: Load Balancing on Steroids HTTP Requests Client Attributes Request Protocol Request Method • Anything in request body • Any TCP Request • Any TCP payload value • Device Type • HTTP Get • Any HTTP payload value • Language • HTTP Post • Domain • Cookie • Browser Capability • XML XPath support • Wildcard URL Optimering TCP Connection Multiplexing Web Server 1. NetScaler terminates connection 4. NetScaler transmits client requests 2. Client transmits requests 5. Other clients follow same procedure 3. NetScaler establishes server connection 6. Multiple client requests are transmitted across common server connection AppCache • Memory or flash disk based cache • Reduce time to first packet • Significantly reduce back-end server workloads • Dynamic caching for frequently changing content • Flash cache support for realtime updates AppCache – Non-Caching proxy Get the web page Deliver it one time AppCache – Caching proxy Get the web page once Deliver it many times AppCompress • Standard based compression – GZIP/DEFLATE • Works with all browsers, including mobile • Applies to HTML, JavaScript, CSS and Documents • 3:1 to 5:1 Compression Ratio AppCompress 1 Gbyte File 200-300Mbps Throughput 1 Gbyte File 1 Gbps Throughput Sikkerhed AAA - Authentication Multi-factor authentication REQ.SSL.CLIENT.CERT = EXISTS REQ.BROWSER-TYPE = Internet Explorer REQ.SSL.CLIENT.CERT != EXISTS REQ.SSL.CLIENT.CERT = EXISTS + LDAP NetScaler Insight Center Insight Center XenDesktop/ XenApp ! ! ! Internet ? ! WAN ? ? Data Center Network Citrix Support Insight Center IT Department Citrix Support Software Old IT dept calls Citrix Support Help-Desk Citrix Support Desktop Admin USER Network Admin New Help-Desk USER Network Admin Citrix Support Escalation NetScaler Insight Center Internet 3rd Party Analysis Tools NetScaler Insight Center AppFlow AppFlow XenDesktop/ XenApp NetScaler Insight Center Application or Network? Servers Causing Trouble Users Affected Which Part of Network? Bandwidth Taken Up? Insight Center DC & WAN Latency Active /Inactive Session Data Virtual Channels ICA Analytics Client/ Server IP ICA RTT Host Delay ? Tak for jeres tid!
