View
258
Download
7
Category
Preview:
DESCRIPTION
F5 Networks 技術經理 林志斌
Citation preview
F5 VMware Solution OverviewF5 VMware Solution Overview
Alen Lin 林志斌
台灣技術經理
F5 Networks Taiwan
2
Common Practical Issues
H I i i l l ?• How can I provision more seamlessly?
• How can I make application performance better?pp p
• How can I automate more administrative tasks?
• How can I simplify network configuration for VMs?
• How can I take full advantage of VMotion?• How can I take full advantage of VMotion?
• How can I secure my virtual desktop deployments?
• How can I streamline virtual desktop access steps?
3
F5 & VMware
• F5 & VMware are active, global partners
• 4 years of history as managed partnersy y g p
• Primary partnership goals Compatibility / Interoperability Testing Compatibility / Interoperability Testing
New Solution Development
N S l ti D t ti New Solution Documentation
• Across all major F5 and VMware products
• Ongoing cooperative solution development
• Coordinated back-end customer supportpp
4
Recent Highlights
• F5 named Global Technology Innovator Partner of the Year VMware awards highest honor to F5 at 2011 PartnerVMware awards highest honor to F5 at 2011 Partner
Exchange Recognition for deep integration and solution
developmentdevelopment• “VMware-Ready” certifications
LTM Virtual Edition and FirePass VE• Recent Releases
View desktop solution (Edge Gateway and APM for LTM VE))
vCloud Director – joint cloud bursting solution Management Plug-in for vSphere
5
Current Mapping F5/VMware Solutions to Features
Top 6 Most Common Customer Virtualization Project Types
Top 10 F5Solutions for VMware
Application Virtualization
(vSphere)
Server Consolidation
(vSphere)
Data Center Consolidation
(vSphere)
BC/DR (SRM)
Desktop Virtualization
(View)
Cloud (vCD)(vSphere) (vSphere) (vSphere) (View)
Server Offload
Management Integration
Automated Provisioning
SRM Integration
Global Availability
Long Distance vMotion
WAN Optimization
Multi-Tenant ADC
Single Sign-On Single Sign-On
Secure Access
6
Server Virtualization & F5
7
Improving VM DensityImproving VM Density
Offloa
Typical virtualized Typical virtualized
ad
Same serverSame serverypypserver server
SSL Caching Compression
with BIGwith BIG--IPIP
One Connect TCP Optimization
8
Reduced CPU Utilization on SAP Portal
68
Reduced CPU Utilization on SAP Portal
%
3838%
Joint testing conducted at SAP Co-Innovation Lab
9
Automating Network Changes: vCenter
• BIG-IP LTM & VMware vCenter can be integrated for automatic provisioning of local VMs on demand
• Respond to changes in traffic volume• Provision to mean rather than peak• Reduce manual labor
10
F5 Management Plug-In for vSphere
11
F5 Management Plug-In for vSphere
• Free Software Plug-In for VMware vSphere
• Attaches to vCenter Server – modifies vSphere Client GUI
• Operates with both physical and virtual LTM editions
• Streamlines the administrative steps of adding VM nodes from load b l i lbalancing pools
• Automates actions based on pre-defined policies
f• Reduces risk of error
• Reduces manual effort
• Officially supported by F5 (in it’s unmodified state)
12
vSphere Client GUI
13
Plug-In Home Screen
14
Illustration: LTM & vCenter IntegrationIllustration: LTM & vCenter Integration
Web Clients
Frontends Virtualization
Web Clients Demand ↑ ↑ ↑
F tE d
Frontends VirtualizationBIG-IP LTM
F tE d FrontEnd
iControlDetection
Automation
VM Provision nage
men
t
FrontEnd
AppServers VirtualizationBIG-IP LTM
FrontEnd FrontEnd
iControl
vCenter
+
AppSpeed
F5 Provision
VM Provision
D d ↓ ↓ ↓ orin
g &
Ma
App. Server App. Server App. Server
pp p
(optional)Demand ↓ ↓ ↓
Detection Mon
ito
Storage Virtualization
VM Deprovision
Automation
F5 Deprovision
VM Deprovision
15
Automating Network Changes: SRM
• BIG-IP GTM & VMware SRM integrated to enable failover between sites
• GTM makes traffic follow SRM failover• Automatic• Minimize Application Downtime
16
Automating Network Changes:Automating Network Changes:Inter-Data Center Traffic Management
• Serving an application across multiple data centers BIG-IP Global
Traffic Managerp
• Cloud Bursting
A t t d F il
Traffic Manager
• Automated Failover
• Global Traffic OptimizationvCentervCenter--11 vCentervCenter--22
• Intelligent Persistence
• Federated Cloud AuthenticationFederated Cloud Authentication
• Control via – iControl API– Pre-defined global traffic policies– iRules
17
Illustration: GTM & SRM IntegrationIllustration: GTM & SRM Integration
SRM FailoverSRM Failover
Ongoing Replication
Site 1 Site 2
(a) GTM Health checks reveal unhealthy site 1.
(b) GTM self executes a redirection to site 2(b) GTM self-executes a redirection to site 2.
18
Acceleration & Encryption• F5 testing results of common bandwidth/latency combinations• iSessions™ or WAN Optimization Module™• SSL encryption• Acceleration: TCP Optimization Deduplication CompressionAcceleration: TCP Optimization, Deduplication, Compression• Able to successfully VMotion in conditions where previously failed
Bandwidth Link Link Packet Average Average AccelerationBandwidth(Mbps)
Link Latency
(RTT ms)
Link Packet Loss (%)
Average Time without
WOM in Minutes
AverageTime
with WOM in Minutes
Acceleration Factor
45 (T3) 100 0% 13:43 3:35 3.8X
100 25 0% 6:10 1:18 4.7X
155 (OC3) 100 0% 13:25 3:29 3 9X155 (OC3) 100 0% 13:25 3:29 3.9X
622 (OC12) 40 0% 5:57 1:57 3.1X
1000 (Eth t)
20 0% 2:38 0:38 3.5X(Ethernet)
19
LTM-Virtual Edition• Available as a trial developer or production editions• Available as a trial, developer or production editions• Runs on any server compatible with ESX• Managed just like a physical LTMg j y• Same functionality.
ESX v4, ESXi v4
20
Benefits
• BIG-IP LTM provides high availability, security and performance for the app.
• Availability - BIG-IP GTM provides high availability for redirecting traffic in case there’s a problem with the primary siteprimary site.
• Distance - The cloud does not have to be within metro distance latency for this solution to workdistance latency for this solution to work.
• Choice of cloud providers – only requirement here is that they are running vCloud Director or a VMware vCloudthey are running vCloud Director or a VMware vCloudAPI-compatible environment.
f5 /www.f5.com/vmware
22
Server Consolidation
23
Advanced Application Delivery Features
24
Cloud Customers Benefit From F5
25
Architecture
vSphereCli t
Plug-InLinux
vCenterServer
ClientBIG-IP Mgmt Console
BIG-IP Local Traffic Manager
26
Cloud Computing & F5
27
Escaping Boundaries Between DCsp g
New Use Cases for Well Established Functionality
Mi ti• Migration• Disaster avoidance• Capacity expansionCapacity expansion
K T h i l P bl S l dKey Technical Problems Solved:• Performance problems caused by
latency or bandwidth• Dynamic, transparent rerouting of
client traffic from site 1 to site 2• Loss of app sessions or pp
connections when migrating to another location
28
On-Demand Scalability in the Cloud
O D d
Scale‐up by simply plugging in a new blade.
On‐DemandScaleability
p gg gZero configuration
Internal Cloud External CloudO i S
LAN
te a C oudOn‐Premise Servers
29
Dynamic & Intelligent Traffic Management between Cloud & DC
Dynamically load balance between data centers based on
Remote Users
Dynamically load balance between data centers based on application availability, time of day, etc. Take into account all tiers of the application
Internet or WANEnterprise Manager
Firewalls
BIG‐IPLink Controller
DMZ
BIG‐IP SAM
Internet or WAN
BIG‐IPGlobal Traffic Manager
BIG‐IPLocal Traffic Manager
Enterprise Manager
i llFirePass
BIG‐IPLink Controller
DMZ
D t bBladeServers
Firewalls
BIG‐IP Global Traffic Manager
BIG‐IPLocalTraffic
Manager
FirePass
DatabaseServers
Servers
HQ Site 1 DatabaseServers
BladeServers
30
Secure & Optimized Tunnel between Cloud & DC “BIG-IP iSessions”
Integrated and free with BIG-IP LTM v10
Symmetric Compression• Adaptive• DeflateDeflate• LZO
SSL Encryption
Note: Not available on the 1500 and 3400
31
M lti TMulti-Tenancy“Route Domains”
BIG-IP v10: Managing Networks in the CloudBIG IP v10: Managing Networks in the Cloud
• Host multiple departments/organizations on one BIG-IP without conflicts
• Granular control to provide separate routing domains and overlapping IPsp p g pp g
Department A Department B
32
Solution: Federated Authentication andSolution: Federated Authentication and Authorization• Retain user data
in private cloud• Leverage publicLeverage public
cloud compute resources
Direct auth, session creation in private cloud
Direct (authenticated) app workload to public cloudp
vCentervCenter--11 vCentervCenter--22
DirectoryS iService
33
F5/VMware Cloud Bursting Solution(Hybrid Cloud)
Hybrid Cloud
APP APPAPP
Management Management
APPLoads
APPLoads
APPLoads
Private Clouds Public Clouds
vSphere vSphere
34
Customer Needs – the perfect stormCustomer Needs – the perfect stormDesire to keep CapEx / OpEx low
( t)(servers, power, rent)
Facing unpredictable application demand
App SLA’s must be maintained
Want to leverage the cloud – but carefully
35
Solution: Cloudbursting with vCloud Director
• Integrated solution that enables automatic cloud bursting• Combine Several Components
• vCloud Director• vCloud API• vSphere
Shi ld Ed
• Gemstone SQLFabric• F5 BIG-IP LTM• F5 BIG-IP GTM
• vShield Edge
• Enables start/stop of bursting (keep costs low)
• F5 BIG-IP WOM
• Enables start/stop of bursting (keep costs low)• Enables “right-sizing” in the cloud (scale-out)• Completely seamless for application users• Completely seamless for application users• Bursting hinges on application performance trigger
36
VMware vCloud Director OverviewVMware vCloud Director OverviewOrganization 1 Organization m
• Multi-tenant: secureAdmin
U P t l
Users
C t l S it
Multi tenant: secure organizational separation
• On-demand: Self-service virtual machine and virtual
li i d l
Vi t l D t t 1 Vi t l D t t
User Portals Catalogues Security
rivat
e C
loud
application deployment• Hybrid: Compatible cloud
service internally and at service providers
vCloud API
Virtual Datacenter 1(Gold)
Virtual Datacenter n(Silver)
Secu
re P
service providers• Controlled: self-service
within boundaries of virtual data centerS i ti l
VMware Cloud Director
• Secure: organizational and app level security and control
• Manageable: role-based
vSphere
vCenter Server
vSphere
vCenter Server
vSphere
vCenter ServerManageable: role based access and authentication using enterprise directory
37
Solution Workflow
1. Begin with application in private cloud only2. Ramp up application traffic until it exceeds performance threshold3 “Burst” to public cloud dynamically adding application nodes3. Burst to public cloud, dynamically adding application nodes
– Traffic management is globally balanced between private and public clouds
4. Continue ramping up traffic and expanding capacity in public cloud5. Decrease application traffic, contracting the application by
removing public nodes and eventually returning to steady state inremoving public nodes and eventually returning to steady state in private cloud
38
Solution Architecture at a Glance
LTM WAN Optimization
n+1
Public CloudPublic CloudPrivate Data CenterPrivate Data Center
39
Hybrid Cloud Architecture
Definition: Serving an application across multiple clouds, data centers, or both Use Cases
• Automated Failover• Federated Cloud Authentication• Federated Cloud Authentication• Elastic Applications
Architectural featuresvCentervCenter--11 vCentervCenter--22• Global traffic management
• Intelligent application and session persistence
• Network API• Global traffic policies• L7 content inspection and routingL7 content inspection and routing
40
Scaling the Cloud
• Global load balancing– Can be policy-based for automated
changes (re: SRM)changes (re: SRM)– Minimize unused resources– Geo-location improves user
experience– Provision to Mean vs. Peak
S i• Scenarios– Capacity Expansion– BC/DR– BC/DR– Cloud Bursting
41
Customer Benefits
• BIG-IP LTM provides high availability, security and performance for the app.
• Availability - BIG-IP GTM provides high availability for redirecting traffic in case there’s a problem with the primary siteprimary site.
• Distance - The cloud does not have to be within metro distance latency for this solution to workdistance latency for this solution to work.
• Choice of cloud providers – only requirement here is that they are running vCloud Director or a VMware vCloudthey are running vCloud Director or a VMware vCloudAPI-compatible environment.
42
Solution Architecture at a GlanceSolution Architecture at a Glance
LTM WAN Optimization
vCD
n+1
Public CloudPublic CloudPrivate Data CenterPrivate Data Center
43
Solution Components• VMware vCloud Director (aka “Redwood”)• VMware vCloud Director (aka Redwood )
– Private and Public Cloud infrastructure built on vCenter and vSphere• Java PetStore Demo Application powered by Tomcat• SQLFabric
– Database caching and synchronization between clouds• F5 Global Traffic Manager5 G oba a c a age
– Global load balancing between private and public clouds• F5 Local Traffic Manager
L l l d b l i f li ti i t i h l d– Local load balancing of application instances in each cloud– WAN optimization between clouds for acceleration of database caching
• API integrations– vCloud API– iControl API
44
Long Distance VMotionLong Distance VMotion
D t il d R iDetailed Review
45
Escaping Boundaries Between DCsp g
New Use Cases for Well Established Functionality
Mi ti• Migration• Disaster avoidance• Capacity expansionCapacity expansion
Key Technical Problems Solved:• Performance problems caused by
latency or bandwidthlatency or bandwidth• Network retransmission of client
traffic from site 1 to site 2L f i h• Loss of app sessions when migrating to another location
46
How it works – the fundamental steps
1. Storage VMotion to Site 22. VMotion to Site 23. LTM routes incoming connections for existing sessions
to Site 2 VM4. GTM routes new connections to Site 25. Register host and VM in vCenter Site 2 (optional)
47Logical representation, not physical
InternetEtherIP Tunnel EtherIP Tunnel
vCenter Server
48
Acceleration & Encryption• F5 testing results of common bandwidth/latency combinations• iSessions™ or WAN Optimization Module™• SSL encryption• Acceleration: TCP Optimization Deduplication CompressionAcceleration: TCP Optimization, Deduplication, Compression• Able to successfully VMotion in conditions where previously failed
Bandwidth Link Link Packet Average Average AccelerationBandwidth(Mbps)
Link Latency
(RTT ms)
Link Packet Loss (%)
Average Time without
WOM in Minutes
AverageTime
with WOM in Minutes
Acceleration Factor
45 (T3) 100 0% 13:43 3:35 3.8X
100 25 0% 6:10 1:18 4.7X
155 (OC3) 100 0% 13:25 3:29 3 9X155 (OC3) 100 0% 13:25 3:29 3.9X
622 (OC12) 40 0% 5:57 1:57 3.1X
1000 (Eth t)
20 0% 2:38 0:38 3.5X(Ethernet)
49
Initial Environment
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
50
Step 1: F5 BIG-IP Local Traffic Manager Opens WAN Optimization Tunnel
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager 1
vCenter A vCenter B• Compressed• De-Duplicated• Encryptedc ypted
51
Step 2: Storage VMotion Executed AcrossStep 2: Storage VMotion Executed Across WAN Optimized Tunnel
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
2 This step can be 2 pavoided if storageis already being synchronously
replicated between sites
52
Step 2: Pending App VMotion, t ti l VM i Sit A b t St i Sit Btransactions rely on VM in Site A, but Storage in Site B
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
vCenter A still managing VM
53
Step 3: Application VMotion Executed OverStep 3: Application VMotion Executed Over WAN Optimized Tunnel
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
3
54
Step 4: GTM health checks register the move, and Cut Over to Site-BOver to Site B
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager 4
vCenter A vCenter B
55
F5 BIG-IP Global Traffic Manager Routes All NEW Application Connections/Sessions Directly to Site BConnections/Sessions Directly to Site B.
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
56
F5 BIG-IP Local Traffic Manager in Site A retransmits incoming connections for EXISTING Sessions to Site B Until Clientsconnections for EXISTING Sessions to Site B Until Clients Register DNS Change
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter A vCenter B
57
Eventually, ALL Connections Go Directly to Site B. CThe Process Can Be Reversed When Necessary.
BIG-IP Global Traffic Manager
BIG-IP LocalTraffic Manager
BIG-IP LocalTraffic Manager
vCenter BvCenter ASuccessful ApplicationApplication Migration Complete
58
Option:
Have Original IP Space (Site A) BIG-IP LocalTraffic Manager
Reclaimed and Re-Used
for Other Applications
vCenter A
for Other Applications
59
WAN Optimization Module™WAN Optimization Module™ Acceleration of VMotion and Storage VMotion
• F5 tested many different bandwidth/latency combinations
• Base Scenario:• 1 GB Virtual Machine• Windows & Linux Servers• Source host CPU 100% utilizedSource host CPU 100% utilized• 10 individual test runs averaged for each scenario• First Pass only (deduplication)
• SSL encryption
• AccelerationAcceleration– TCP Optimization– Byte-level deduplication
Dynamic compression– Dynamic compression
60
Requirements
• Duplicates in Primary & Secondary sites:– F5 BIG-IP Local Traffic Manager– F5 BIG-IP Global Traffic Manager– F5 BIG-IP WAN Optimization Module– LTM iRule collecting any TCP connections that arrive to primary site after VM has
been migrated, and forwards these connections to the secondary site.– vSphere, VMotion, Storage VMotion– Shared storage mounted via iSCSI or NFS that both ESX servers can mount
• TCP Ports 8000 (VMotion) & 443 (LTM) must be open• Guest IP & Network config (e.g. port groups) on hosts in migration must be
identicalidentical• For VMotion, VMware officially supports 622Mbps or higher WAN (type of
WAN is irrelevant)
61
Online Follow Up Resources:Online Follow-Up Resources: Long Distance VMotion Solution
• Overall F5/VMware Solution Guide– http://www.f5.com/pdf/solution-center/f5-for-virtualized-it-environments.pdf
• Online Demo– http://devcentral.f5.com/weblogs/nojan/archive/2010/02/02/introducing-long-distance-vmotion-with-
vmware.aspx
• Deployment Guide– http://www.f5.com/pdf/deployment-guides/vmware-vmotion-dg.pdf
• Whitepaper– http://www.f5.com/pdf/white-papers/cloud-vmotion-f5-wp.pdf
62
Desktop Virtualization & F5
63
33% of organizations plan to deploy hosted virtual desktops in 2010
Gartner April 2010
64
Common Desktop Virtualization Challenges
• User Experience– Performance over the Wide Area Network– Access methods / complexityAccess methods / complexity– Login steps / annoyance
S it• Security– Encryption of all WAN traffic– Unified Access (Local vs. Remote, Desktop vs. Smart Phone)– Integration with existing authentication infrastructure– Endpoint integrity inspection
• Scalability/Availability– Scaling VDM servers without more power or rackspace– Ensuring total availability of connection brokers
65
Traditional Model is InflexibleTraditional Model is Inflexible
Users
Resources
Private Public
Physical Virtual Multi-Site DCsCloud
66
Finding a Better SolutionFinding a Better Solution
Degree of Control Outsource
DynamicServices
ModelDegree of Control Everything
TraditionalInfrastructure
Degree of Flexibility
67
WAN
Remote Office ClientsRemote Clients Remote Office
InternetBIG-IP Edge Gateway
L l M d D kt
BIG-IP Edge Gateway
Local Mode Desktop
Primary Site
BIG-IP Local Traffic Manager
g yLocal LAN Clients
Connection ServersConnection Servers
Local Mode Desktop Centralized VirtualDesktops
Encryption (DTLS or SSL)Unencrypted RDP or Natively Encrypted PCoIP)
68
VMware Recommends UDP Native Support
• Scott Davis, CTO End User Computing Business Unit• October 25, 2010• http://communities.vmware.com/blogs/cto-scott/2010/10/25/a-simple-experiment
• “There are numerous ways to configure such VPN’s, however PCoIP utilizes UDP for the graphics packets and optimizes parallelism and retransmits at the higher layers of th t l H d i VPN t h l th t t UDPthe protocol. Hence we recommend using a VPN technology that support UDP packets natively, not to tunnel the UDP traffic over TCP/IP as doing so will typically cause responsiveness issues…”
• Native UDP support is available in F5 FirePass and BIG-IP Access Policy Manager.
69
U E iUser Experience
70
Simplify Sign-On Frustrations
Step 1Local Login
Step 2VPN Login
Step 3Desktop
LoginLogin Login Login
SSOLogin OnceOnce
71
Simplify Restarts:At Home (wireless)
On the way to work(Ai d)
?Simplify Restarts:
Ongoing Logins!( )
(Aircard)?
Constantly Re‐connecting
? ??
?
In the office PresentingIn the office(docked LAN connection)
Presenting(corporate wireless)In the Cafe
(wireless)
72
Simplify Restarts: Reconnect AutomaticallySimplify Restarts: Reconnect AutomaticallyAt Home (wireless)
On the way to work(Ai d)
Auto‐Connect!( )
(Aircard)
Always Connected Application Access
In the office PresentingIn the office(docked LAN connection)
Presenting(corporate wireless)In the Cafe
(wireless)
73
Accelerate Connection Restarts
1
Source IPProxy/NAT Persistence to Desktop
2
App InfoJSessionID
Etc.
Edge Gateway
Send the user to his existing desktop session – much faster restarts
74
Traffic QoS
View Desktops
Edge Client Desktops
Edge
d
Edge Client
Edge Client
Rate Shape to ensure client-side View traffic receives priority li t tb d tb d t ffiover client-outbound outbound traffic
75
SSecurity
76
Unify Access to the Data CenterUnify Access to the Data Center
DMZBIG IP Edge Gateway DMZBIG-IP Edge Gateway
Mobile Users
View ServersInternet
Branch Office Users
Internal LANVLAN1
Use existing user directories
Wireless Users
VLAN1
• One solution to manage all access policies regardless of access network
• Capacity and performance to secure all user trafficOptimizes application delivery to remote and mobile users
Internal LANVLAN2
• Optimizes application delivery to remote and mobile users• Improves quality of real-time applications; soft phones and
streaming mediaLAN Users
77
Maintain Native PCoIP Performance DTLS EncryptionPCoIP
Mobile Users
DTLS EncryptionPCoIP
ConnectionB k
Branch Office Users
DTLS Encryption
View
PCoIP
n Brokers
Remote Users
Servers
SSL EncryptionRDP
ncry
ptio
n
e ote Use s
DTL
S E
Support for DTLS (UDP) encryption Support for SSL (TCP) encryption
PCoI
P
Support for SSL (TCP) encryptionAvoids the alternative method of encapsulating UDP into TCP for SSL encryption (thus degrading UDP)
LAN Users
encryption (thus degrading UDP).
78
Optimize Authentication & Authorization• Integration with existing authentication g g
mechanisms– AD, LDAP, RADIUS, 2-Factor, Client Certs, Etc.– Full support PKI infrastructures
• Check the device prior to logonCheck the device prior to logon – OS, AV, firewall, process, file, registry,
client/machine certs, etc.
• Remediate if necessary, automatically
• Use protected workspaces when the device is not completely• Use protected workspaces when the device is not completely trustworthy
E f G P li i ll t ( t t )• Enforce Group Policies on all assets (even non-corporate assets)• Full FIPS compliant solution
79
Unified AAA Services for ViewUnified AAA Services for View• Pre-Logon Checks:
– OS, AV, firewall, process, file, registry, extended windows info, client and machine certs, etc.
• Remediation: – Group Policy enforcement (Corp & Non-Corp Assets)– Protected Workspace
• Intuitive, Visual Policy Editor
80
Availability & Scalability a ab ty & Sca ab tyin the DataCenter
81
Enable Scalability by Offloading ProcessesEnable Scalability by Offloading Processes from View Manager Servers
1. Improve efficiency by offloading SSL
2. HA & load balancing for View Manager servers
82
Bandwidth Reduction for RDP in View
LTM can also reduceLTM can also reduce bandwidth consumption up to 12:1 using its WAN O ti i ti M d lOptimization Module
1. Compression2. Deduplication2. Deduplication3. TCP Optimization4. Encryption
83
Ensure Global AvailabilityEnsure Global Availability
Failover
WAN AcceleratedOngoing Replication
Sit 1 Sit 2
(a) GTM Health checks reveal unhealthy site 1.
Site 1 Site 2
( ) y
(b) GTM self-executes a redirection to site 2.
f5 /www.f5.com/vmware
Recommended