NetScaler Master Class

September 2011

Whos online today?

Some of the Countries represented

Agenda
NetScaler Introduction NetScaler 101 Load balancing NetScaler Platforms In the Spotlight
NetScaler SDX

News and Views Competition?

Citrix Confidential - Do Not Distribute

NetScaler Introduction
Jason Poole, Business development, EMEA Today!

A short history of applications

In the beginning... I think there is a world market for maybe five computers
- Thomas J. Watson (IBM, 1943)

Monolithic Applications

Web Applications

The power of Citrix

Application delivery is our business
Application types Citrix delivery optimisation

Monolithic Distributed Web applications

Citrix is ready for delivery of all types of Applications

Delivering legacy and Microsoft applications

Publishing hosted applications
Virtualised applications

Improves manageability Prolongs the life of hardware and software Work offline

XenApp/ XenDesktop: the natural choice

An excellent solution made better by Citrix NetScaler and Branch Repeater

Remote access High Availability Scalability Security Virtualisation

Not just terminal services!

NetScaler: Simplify Web Application Delivery

Eliminate application downtime Increase performance by 5x Block 100% of web attacks Improve web server utilization by 60%

NetScaler

Successful Web Application Delivery with NetScaler

B2C

Availability
B2B World-class L4-L7 load balancing Intelligent service health monitoring P2P

Performance

Offload

Security

Caching Compression

Connection pooling Web 2.0 offload SSL processing

Access Gateway SSL VPN Application firewall

AppExpert Admin

NetScaler

Maximum Application Availability

Load Balancing & L7 Switching

- Most technically capable load balancer in the industry

Global Sever Load Balancing

- Geographic Load Balancing and Disaster Recovery

DDoS and Surge Protection

- High performance even under heavy DDoS attack - Unexpected peak traffic poses no problem

Application Firewall
- Layer 7 firewall for application and data protection

Ensures applications are always available

Improved User Experience

Advanced TCP Optimization - Efficient TCP connection usage to servers AppCache - Static and Dynamic caching AppCompress - Data compression Performance monitoring - End to end application monitoring

Accelerates application delivery by up to 15x or more

Reduced Load on Servers

SSL Offload
- Offload encryption processing from servers

TCP Multiplexing and Buffering

- Offload connection management from serves

AppCache
- Offload content generation from servers

Supports greater user capacity and more apps with minimal investment

Powering the Worlds Most Popular Web Applications

75%
Of Internet Users

NetScaler

GMQ: ADC 2010

Comprehensive vision First virtual ADC Reputation for delivering high performance ADCs with rich feature sets Understanding of the applications market space

Citrix Confidential - Do Not Distribute

Citrix NetScaler #1 In Customer Satisfaction

Customer Satisfaction Survey Surveyed over 450 IT professionals Evaluated all customer engagement stages Respondents had experience with more than one vendor Products in deployment for at least six months

BEST Overall Satisfaction BEST Overall Tech Support BEST Overall Value BEST Technology BEST in 16 of 21 Categories
Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors

NetScaler

#1

in 16 of 21 Categories
Overall Satisfaction Overall Tech Support Technology Ease of Use Return on Investment Investment Protection Customer Understanding Sustained Commitment Overall Value Overall Sales & Procurement Pre-Sales Flexibility Pre-Sales Commitment Pre-Sales Responsiveness Support Responsiveness Support Knowledge Support Effectiveness

BEST in

16 Categories
Best in 5 Categories Best in 0 Categories

Pre-Sales Inclusion Pre-Sales Accuracy Vision

Deployment Services Training Effectiveness

Source: Enterprise Management Associates (EMA), Customer Satisfaction with Application Delivery Controller Vendors

NetScaler

NetScaler 101
Load Balancing
Michael C. Aldridge
Lead Systems Engineer EMEA Network Optimistation & Security

Load Balancing
The Concept

The distribution of user requests across multiple servers. Availability Scalability

Load Balancing
A basic setup

NetScaler
Server Object Service Monitor Load Balancing Virtual Server
Service
Monitor

vIP

Service

Monitor

Application Servers

Service

Monitor

Load Balancing Algorithms (Methods)

Non-Persistent
Least connections (default) Round robin Least bandwidth Least packets Least response time Token LRTM Load

Persistent
Hashing

Persistence Methods
Persistence methods are determined based on the method assigned to the service Available persistence methods include:
Cookie-insert persistence Source IP Address persistence SSL session ID persistence URL passive persistence Custom Server ID persistence Rule-based persistence Destination IP address persistence Source/Destination IP address persistence

Load Balancing Algorithms (Methods)

Least Connections Load Balancing
Responses 4, 6, 8

Service-HTTP-1 Active Transaction = 3

Service

Requests 4, 6, 8 Service-HTTP-2 Active Transaction = 15 Responses Requests Requests 1, 2, 3, 5, 7 Responses 1, 2, 3, 5, 7 Service-HTTP-3 Active Transaction = 0

Service

Service

Supported Protocols
HTTP SSL SSL_TCP SSL_BRIDGE FTP TCP UDP NNTP DNS ANY SIP-UDP DNS-TCP RTSP DHCPRA RDP MYSQL MSSQL XA/XD ...

Monitors
For Applications that are TCP-based

PING TCP HTTP HTTPS

UDP-ECV TCP-ECV HTTP-ECV HTTP-INLINE

Monitors
Summary

Layer 2 to 7 Citrix Specific Custom defined

Citrix Confidential - Do Not Distribute

Advanced Load Balancing Options

Spillover
Connection-Based Dynamic Bandwidth

Redirect URL Backup Virtual Servers Connection Failover

Demonstration

Questions?

NetScaler Master Class

NetScaler Platforms Jason Poole, Business development, EMEA Today!

Packaging

Whats in the box?

Editions Hardware Appliances Virtual appliances

NetScaler Offerings

Packaged for broad adoption for all users

Standard Edi*on
Comprehensive L4-7 load balancing and optimizes expensive server and network resources to reduce cost

Enterprise Edi*on
Web application delivery solution providing advanced traffic management and powerful application acceleration

Pla*num Edi*on
Web application delivery solution designed to deliver mission-critical applications with web application firewall security, fastest performance, and lowest cost

NetScaler feature Matrix

Application Availability L4 load balancing L7 content switching Database Load balancing AppExpert rate controls IPv6 support Global server load balancing Dynamic Routing protocols Surge Protection Priority queuing Platinum Edition Enterprise edition Standard Edition

NetScaler feature Matrix

Application Acceleration Client and server TCP Opt. Citrix AppCompress for HTTP Citrix AppCache Citrix Branch repeater client Application Security L4 DoS protection L7 content filtering HTTP/URL rewrite Access Gateway, SSL VPN L7 DoS defenses AAA for Traffic Management App FW with XML security Platinum Edition Enterprise edition Standard Edition Platinum Edition Enterprise edition Standard Edition

NetScaler feature Matrix

Simple Managability AppFlow AppExpert visual policy builder AppEXpert service callouts AppExpert templates AppExpert visualisers Role-based administration AAA for administration Configuration wizards Native Citrix Web interface Citrix Command Center Citrix EdgeSight for NetScaler Platinum Edition Enterprise edition Standard Edition

NetScaler feature Matrix

Web 2.0 Optimisation Rich Internet application support XML Xpath support Advanced server offload Platinum Edition Enterprise edition Standard Edition

Lower TCO TCP buffering TCP and SQL multiplexing SSL offload and acceleration Cache redirection

Platinum Edition

Enterprise edition

Standard Edition

Hardware Appliances

Low-end MPX Range: 500 Mbps 3 Gbps

MPX 5500 4x10/100/1000

500 Mbps
MPX 7500 8x10/100/1000 MPX 7500 4x10/100/1000 and 4x1Gbps

1 Gbps
MPX 9500 8x10/100/1000 MPX 9500 4x 10/100/1000 and 4x1Gbps

3 Gbps

Citrix Confidential - Do Not Distribute

Mid-range MPX models: 515 Gbps

MPX 10500 8x10/100/1000 and 8x1GE

MPX 10500 10GE 8x 1GE and 2x10GE

6 Gbps
MPX 12500 8x10/100/1000 and 8x1GE MPX 12500 10GE 8x 1GE and 2x10GE

10 Gbps
MPX 15500 8x10/100/1000 and 8x1GE MPX 15500 10GE 8x 1GE and 2x10GE

15 Gbps

Citrix Confidential - Do Not Distribute

High-end MPX range:

MPX 17500 8x10GE

20 Gbps
MPX 19500 8x10GE

35 Gbps
MPX 21500 8x10GE

50 Gbps

Citrix Confidential - Do Not Distribute

New mid-range hardware platforms: 8 36 Gbps

MPX 11500 4x10GE + 8x1GE (SFP)

8 Gbps
MPX 13500 4x10GE + 8x1GE (SFP)

12 Gbps
MPX 14500 4x10GE + 8x1GE (SFP)

16 Gbps
MPX 16500 4x10GE + 8x1GE (SFP)

24 Gbps
MPX 18500 4x10GE + 8x1GE (SFP)

36 Gbps
Citrix Confidential - Do Not Distribute

Solutions for Any Size Business

MPX 18500

MPX 21500 50 Gbps MPX 19500 35 Gbps 36 Gbps MPX MPX 16500 17500

0.5 Gbps

20 Gbps 24 Gbps MPX 14500 MPX 15500 MPX 13500 MPX 12500 15 GGbps 16 bps

MPX 11500 MPX 10500 MPX 9500 MPX 7500 MPX 5500 0.5 Gbps 1 Gbps 3 Gbps 8 Gbps 6 Gbps

12 Gbps 10 Gbps

NetScaler "Pay as you Grow" Solutions

100Gbps

SERVICE PROVIDER/TELCO/CLOUD + INTERNET CENTRIC

MPX 21500 MPX 18500 MPX 16500 36Gb MPX 19500 35Gb MPX 17500 20Gb

40Gbps

50Gb

NetScaler Performance

20Gbps

ENTERPRISE
MPX 14500 MPX 13500 16Gb 10 Gb 24Gb MPX 15500 15 Gb

License Upgrade

10Gbps
MPX 11500 MPX 10500 MPX 9500

MPX 12500 12Gb 6 Gb

8Gb 3Gb

License Upgrade

3Gbps

SMB
1Gbps
MPX 5500

MPX 7500 1Gb License Upgrade

500Mb 1 2 3

10

Applications

100s Apps / Multi-tenancy

Virtual NetScaler

Citrix Confidential - Do Not Distribute

Available as a virtual appliance too!

ACCELERATION AVAILABILITY SECURITY OFFLOAD

Exactly the same feature set

NetScaler NetScaler MPX VPX

Acceleration Availability Security Offload

Delivery Optimization as part of EVERY App

Faster response *mes BeAer security Higher availability Smaller footprint Lower cost

Single App with NetScaler VPX

User

Same management

Command Center Centralized Management

Fabric

Network-wide ac*ons SSL ooad

Users

App-specic LB Compression App rewall

Scaling the Web App Fabric

Users

Orchestration and Automation

Users

VPXMulti-tenancy at a fraction of the cost

Company A

Company B

Company C

Datacenter migration

Users

Cloud Balancing

Users

Flexibility guaranteed

Most efficient use of resources Flexible re-purposing of resources Dynamic allocation/re-allocation of resources

NetScaler VPX Packaging

Maximum NetScaler NetScaler NetScaler Tput Standard Enterprise Platinum NetScaler VPX-Express NetScaler VPX-10 NetScaler VPX-200 NetScaler VPX-1000 NetScaler VPX-3000 5 Mbps 10 Mbps 200 Mbps 1 Gbps 3 Gbps

NetScaler Master Class In the Spotlight

NetScaler SDX Uday Veeramachaneni

Are you looking at virtual ADCs for your data center?

Poll Question

SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management

Intra-Instance Multi-tenancy
All tenants Share a single resource
Traffic domains for network segmentation Rate limiting for resource isolation RBA/roles for management isolation Shared entity space

NO:
CPU, memory isolation Version independence Maintenance independence

NetScaler SDX
Complete instance per tenant
Memory, CPU hardwalling Separate entity spaces Version independence Maintenance independence

Completely isolated networks

NetScaler SDX - Licensing

NetScaler SDX license has two components
Platform license 5-pack Instance license

Platform license
Enables platform throughput Enables 5 instances

One 5-pack Instance license

Increases instance count by 5

SDX Mid Range series (Corinth)

What is the box capable of? 12 cores total each core @ 2.2 Ghz 16 SSL chips and 48GB RAM SDX Model 18500 16500 How is it instantiated? 10 physical cores are used for PEs 2 physical cores for instance management engine, SDX Service VM, XenServer Dom0 14500 13500 11500 Through Number put of Instances 36gbps 24gbps 18gbps 12gbps 8gbps 16 16 16 16 16

SDX High end series (Constantinople)

What is the box capable of? 12 cores total each core @ 3.3 Ghz 16 SSL chips and 48GB RAM SDX Model 21500 19500 How is it instantiated? 10 physical cores are used for PEs 2 physical cores for instance management engine, SDX Service VM, XenServer Dom0 17500 Through Number put of Instances 50gbps 16 35gbps 20gbps 16 16

What is an SDX Instance?

Each instance is an nCore version of NetScaler with one PE
Requires 2 vCPUs one for PE and one for management engine VPX nCore also runs one PE today

Instance compression and app firewall performance is limited to one core Minimum memory 2GB
Each PE can address 4GB Additional memory can be assigned for caching

SSL can be assigned on a per chip basis Each instance uses SR-IOV for I/O

NetScaler SDX instance with SR-IOV

Hardware IO virtualization for networking NIC can be carved into virtual instances Crypto pass-thru
Xen

Domain0

NetScaler NetScaler VPXVPXVPXVPX NetScaler NetScaler VF Driver Driver VF Driver Driver VF VF

Drivers

Bypasses dom0

MPX 21500 Native

SDX 21500

50 Gb/s
Single VIP

50 Gb/s
20 instances Up to 16Gbps per instance

SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management

How is SDX different from MPX?

Management engine Networking functionality HA

Management engine MPX dedicates one core to management All SDX instances share cores for management New Service VM to manage appliance level configuration

Networking functions
SDX supports VLANS
VLAN tagging is supported through individual instances. Ports can be assigned to individual instances. within an instance, VLANs can be assigned the way they are assigned in a NetScaler today

SDX supports VLAN filtering and enforcement

SVM can enforce one VLAN tag per interface per instance 63 VLAN filters supported per 10G interface and 8 VLAN filters per 1G interface

SDX Instances share NSIP network with service VM IP

Instance NSIPs, SVM IP and XenServer IP all on the same L2 flat network no Vlans

Not supported
VMACs, LACP, L2 mode

SDX VLAN filters

Within instance 1 configure VLAN yellow on port 1/4 Within instance 2 configure VLAN red on port 1/4.

Nic 1/4 sees two VLANs yellow and red Yellow goes to instance 1 Red goes to instance 2

SDX programs VLANs configured in instances as filters in the NIC 10G interface supports 63 VLAN filters 1G interface supports 8 VLAN filters

High Availability
Instance level HA Active/standby
Active systems can run exist on both devices

Active/Active

Agenda SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management

SDX use cases Consolidation ADC as a service Multi-tenancy

Consolidation using SDX four key considerations CPU performance SSL performance Disk performance Memory performance

SDX for ADC as a service

Flex Tenancy Model Edge Tier
Tenant 1 - Features (firewall, Compression etc) Router Router Switch Switch Tenant 2 basic LB
App

NetScaler MPX NetScaler SDX

Scale (50Gbps from a single box) Edge networking (GSLB, DoS, filtering)

Flex Tier
App

Full isolation (Per-Tenant) App-specific policies (App F/W, acceleration) Pay-grow packaging

App

SDX for ADC as a service

App

NetScaler MPX NetScaler SDX

All tiers collapse into one using SDX Upto 16Gbps instance performance Hardware SSL Performance

Tenant 3 Isolation

App

Edge Tier

Flex Tier

SDX for Multi-Tenant Data Center design

SDX for Multi-Tenant Data Center
NetScaler SDX LOB 1- Features (firewall, Compression etc) Router Router Switch Switch LOB 2 basic LB
App App

Each LOB uses its own instance VRF for each tenant can me mapped to each SDX instance

App

App

NetScaler SDX

LOB 3 - Isolation
App

SDX for Multi-Tenant Data Center design

Tenant Separation High Availability Performance and Scalability Service Assurance

SDX Platforms SDX and MPX Major differences SDX Use cases SDX Management

NetScaler SDX Management

Device Management

Instance Management

NetScaler Service VM
Hides XenServer/XenCenter Both GUI and API (Nitro) access Shares core with Dom0 Appears within Command Center as a container

Citrix Confidential - Do Not Distribute

Device Management
Device level stats
CPU Memory Stats

Instance inventory Event management Task management Auditing

Citrix Confidential - Do Not Distribute

Instance Management
Instance provisioning
From XVA template repository Hardwalled resources (CPU, memory, B/W) Port/interface configuration SSL Certs NSIP, MIP, SNIP

Instance management
Start, stop, reboot, remove Upgrade (single or multiple) Running/saved config Instance resource utilization

Citrix Confidential - Do Not Distribute

NetScaler Master Class

News and views

Whats hot now!

VPX get yourself up and running!

[Link]/NetScaler

Whats hot now!

VPX get yourself up and running!

Whats hot now!

VPX get yourself up and running! Fill out the form and get your licence Apply it Your ready to Rock!

Latest blogs
The benefits of Global server load balancing

[Link]
Citrix Confidential - Do Not Distribute

Latest blogs
New security certification for NetScaler!!

[Link] netscaler-9-3-software-release-now-icsa-labscertified-huh-what-it-means/
Citrix Confidential - Do Not Distribute

Latest blogs
New Pattern sets for NetScaler application firewall

[Link]
Citrix Confidential - Do Not Distribute

What happening in your region?

Citrix Confidential - Do Not Distribute

IP Expo
Presentation on Cloudextended data centers Jason Poole and Christian Reilly Come and see me and say hello

Citrix Confidential - Do Not Distribute

NetScaler Webinars in German Language

Business: NetScaler Update - SDX Plattform und Funktionserweiterungen in dem aktuellen Release September, 09th, 11:00-11:30 Technical: NetScaler Global Server Load Balancing Hochverfgbarkeit von verteilten Datacentern und Farmen September, [Link], 14:00-14:45 Technical: Optimaler Schutz von Web-Applikationen mit der in NetScaler integrierten Application Firewall October 14th, 14:00-14:45 Business: Optimierte Netzwerk-Infrastruktur fr Desktop Virtualisierung Herausforderungen und Optimierungspotenziale October, 21st, 11:00-11:30

Events & Conferences in DACH

Citrix Geek Speak Local 08.09.2011 in Dortmund | 20.09.2011 in Wien | 27.09.2011 in Stuttgart | 13.10.2011 in Mnchen | 09.11.2011 in Hamburg

Citrix Virtual Computing Conference 20.09.2011 in CH-Baden / Switzerland

Synergy

[Link]

Competition
Want to find out how Apple do it? What does design do for you?
Great design is about creating a deep relationship with your customers. If you dont, youre road kill. This book shows you how and much, much more. Be Prepared to have your mind blown. - Bill Burnett, Stanford University

Questions?

Citrix Confidential - Do Not Distribute

Master Class October

October 5 2pm UK time (3pm CET) NetScaler 101 GSLB In the Spotlight NetScaler DataStream News and Views -