Application Delivery Solution
Application Delivery Solution Ensure Availability, Performance and Security of Mission-critical Applications in the Physical and Virtual Data Center - Whitepaper Radware Application Delivery Solution Whitepaper Table of Contents Executive Summary...................................................................................................................................... 3 Application Delivery On-Going Challenges....................................................................................................... 3 Availability Challenges............................................................................................................................ 3 Performance Challenges......................................................................................................................... 3 Security Challenges................................................................................................................................ 4 Virtualization Challenges......................................................................................................................... 4 Scalability Challenges............................................................................................................................. 4 Application Operational Complexity.......................................................................................................... 4 Connectivity Challenges.......................................................................................................................... 5 Visibility Challenges................................................................................................................................ 5 Radware Application Delivery Solution............................................................................................................ 5 Ensuring 24x7 Application Availability...................................................................................................... 5 Result Driven Application Acceleration..................................................................................................... 6 Application Availability Even When Under Attack........................................................................................ 7 ADC Virtualization and Consolidation....................................................................................................... 7 Ultimate On-Demand Scalability............................................................................................................... 8 Application-Smart ADC with AppShape Technology.................................................................................... 9 High Port Density with 10GE Connectivity................................................................................................ 10 Complete Visibility................................................................................................................................. 10 End-to-End Application Delivery Resource Monitoring................................................................................ 10 Complete Web Application SLA Assurance............................................................................................... 11 Summary.................................................................................................................................................... 12 Smart Network. Smart Business. 2 Radware Application Delivery Solution Whitepaper Executive Summary Today’s data center challenges address the classic needs for application availability, performance and security. The adoption of data center virtualization ecosystems, keeping in-sync with the data center’s dynamic changes, being truly “aware” of deployed business applications, the need to scale in a cost-effective manner, guarantee a pre-defined application SLA and lowering costs – all require a new class of Application Delivery Controller (ADC). Radware’s application delivery solution delivers a complete set of services to ensure the availability, performance and security of the mission-critical applications, while providing full visibility of the application’s SLA and of the application delivery infrastructure’s performance in the physical and virtual data center. By leveraging Radware’s separate ADC service per application, the AppShape™ technology and AppShape++ scripting, the solution provides a broad set of application-aware capabilities including load balancing, integrated application acceleration with cutting edge Web Performance Optimization techniques, security protection, ADC virtualization, disaster recovery (DR) and application specific traffic flow control and content modification. Coupled with Radware’s on-demand infrastructure approach and advanced application performance monitoring tool, it enables simplified operations and delivers maximal business value and faster ROI while lowering TCO. Application Delivery On-Going Challenges Business productivity, profitability and competitiveness depend on reliable, secure, optimal, and agile delivery of business applications. Business availability and user productivity are hindered by unexpected downtimes, sluggish performance of applications, and the disruptive effects of security breaches on the infrastructure, which may also compromise confidential and sensitive data. Data center virtualization adoption adds more simplicity and agility to the IT operations, but at the same time creates new challenges that need to be addressed. Availability Challenges Business reputation, productivity and profitability depend on 24X7 business application and Web site/portal availability. The financial implications of downtime and subsequently lost user transactions, due to application/ hardware failures or ISP outages, can account for up to 3.6% of annual revenues, which roughly equate to about $900,000 for a small to medium-sized enterprise and could run into several millions of dollars for larger enterprises. From a customer-facing or partner-facing point of view, the organization’s reputation, revenue-generating services and productivity are directly impacted by its ability to ensure its availability to its employees, clients and partners. This challenge becomes even more critical during seasonal peaks such as end of quarter, online holiday shopping, etc. In other words, at times where many users continuously use an online business or when employees use mission-critical, internal business applications–the business must ensure that they are always available. Performance Challenges Regardless of which business metric you use to measure your website’s success and effectiveness or your enterprise mission-critical applications–conversion rates, number of page views, customer satisfaction, abandonment rates or employee productivity - they are all a direct result of your website’s performance. Site performance is dependent on an end-to-end application delivery chain, where each part of the chain must be optimized - from the web application servers, through the networks between the site and the user, and all the way to the various end-user’s browser and client types. In order to provide customers the best online experience, IT must address all different aspects that degrade site performance. To effectively address website performance from various aspects such as different browser technologies, poorly performing WAN connections and ever evolving online applications, a holistic approach is required; which can dynamically provide the best web performance optimization (WPO), to any type of client – anytime, anywhere. Smart Network. Smart Business. 3 Radware Application Delivery Solution Whitepaper Another challenge affecting application performance is the growing use of CPU intensive tasks such as SSL session encryption, compression and more. Offloading such tasks to dedicated and more task optimized devices is essential for IT infrastructure performance improvement. Security Challenges As enterprises expose more applications and services to employees, customers, and business partners, the risk of security breaches increases. According to a CSI Survey, 46% of respondents stated that their organizations experienced one or more types of security incidents in the past 12 months. In addition, almost one-fifth of those respondents further said they had suffered a “targeted attack,” defined as a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population. These security breaches inflict annual losses ranging from $100K in the mid-sized enterprise to several million dollars in large enterprises. These attacks compromise the availability and performance of your business, as well as the integrity of your sensitive data, damaging your business reputation and your ability to execute. Virtualization Challenges Deploying virtualized data centers causes direct cost reduction by reducing the number of servers, network equipment and the cost associated with operating them. At the same time, it also increases the business’s agility, as it is simpler to perform modifications in the data center infrastructure – such as topology changes or configuration refinements – in order to be aligned with the business objectives. However, the deployment of virtualized applications in a fully-virtualized or hybrid data center creates new, significant challenges from an application delivery viewpoint. The virtual data center uses a single, consolidated virtualization infrastructure which enables the deployment of multiple resources on-the-fly, so that adding or removing applications takes place vigorously and quickly. As the ADC is a critical element of the network infrastructure, it must play an active role in the virtualization ecosystem to ensure the resilience and efficiency of virtualized applications while being synchronized with these dynamic changes at all times. These changes might include adding a new VM to a virtual application cluster, removing it from the application cluster, or provisioning a new critical application. Left unchecked, virtual application availability and performance could suffer significant degradation. In addition, deploying an application delivery solution in multi-application environments – be it a virtualized, hybrid or even physical data center – implies operating multiple ADC devices or using complex, shared configuration files, which increases operational complexity–making the operations less efficient and increasing costs. Finally, virtualizing the ADC imposes potential risk as the application SLA might be compromised due to several ADC services that utilize shared resources. Scalability Challenges In today’s global business landscape, data center infrastructure and applications are ever-changing; new applications are rolled-out, more users use the applications and the overall throughput, and transactions and SSL connections capacity increase. Therefore it is essential to standardize on a solution that addresses not only today’s requirements, but also tomorrow’s, in the most cost-effective manner and with minimal hardware modifications. In addition, the data center’s local resources might be exhausted in extreme situations such as flash crowd, Cyber Friday, holiday promotions, enter of quarter and more. In such cases, it is essential that the data center will be able to use additional resources from a secondary data center or from the cloud. Application Operational Complexity From an application standpoint, IT managers experience increased hassle, complexity and costs in managing the ADC services for these applications in a simple, risk-free fashion through their entire lifecycle. New application Smart Network. Smart Business. 4 Radware Application Delivery Solution Whitepaper roll- out as well as on-going application configuration changes must be manually aligned on the ADC respectively, while layer 4-7 policies, reports and logs are not application-specific. Changing the application flow and even personalizing a simple report or log to better adjust it to the dynamic business needs, often requires new code in the application, which is risky and time consuming. In other words, most ADCs today lack application- awareness and treat any application in a generic fashion – making their operation less intuitive and more complex. Moreover, application mobility tasks are typically cumbersome as they involve going through many configuration steps and require time and effort, reducing agility and increasing costs. Connectivity Challenges Today’s data centers are gradually migrating to adopt various next-generation technologies. One of the fast changing area is the data center’s core switching. While most organizations today use 1GE connectivity in their core switches, next-generation switches that employ 10GE connectivity are seen more often. This shift affects the surrounding network infrastructure elements that need to be continuously connected to the core switching. In particular, the application delivery controllers must be capable of connecting to both the “plain old” 1GE switches as well as to “next-generation” 10GE switches, without forcing customers to replace the hardware in order to reduce CAPEX and OPEX. In addition, businesses become more complex in terms of more applications, more departments and more application rollout stages. Therefore, the ADC must be capable of supporting more server farms and more physical networks, and is required to provide flexible connectivity. Visibility Challenges Performance challenges are often dynamic and ongoing. In order to proactively maintain application performance, IT administrators must be able to monitor all components in the application delivery chain as well as gain granular enough visibility of the application SLA. Per device monitoring is no longer an efficient tool for resource planning or for root-cause analysis and resolution of potential problems in datacenters that span several ADC devices / instances. It requires too much manual cross report information processing, and leaves too mnay blind spots in the real time alerts of potential bottlenecks developing or application SLA drops. Radware Application Delivery Solution Radware’s application delivery solution delivers a complete set of services to ensure the availability, performance and security of the mission-critical applications in the data center – while allowing full visibility of both application SLA and the entire ADC infrastructure’s performance. Ensuring 24x7 Application Availability Radware application delivery solution ensures absolute uptime and effective disaster recovery (DR) for local and globally dispersed applications at all times. By leveraging advanced health checks, traffic redirection, persistency and content modifications capabilities, it guarantees transaction completion with a resilient solution that performs real-time identification and bypassing of any faulty element (such as application failure, server failure, server farm failure and even site failure) along the transaction path. The solution fully supports IPv6 and it functions as a full IPv4/6 gateway, enabling to transparently load balance applications over IPv4 or IPv6 networks with no need to modify the applications. In addition, Radware’s global server load balancing (GSLB) service ensures the global availability of all applications – whether they are based on DNS or not. Smart Network. Smart Business. 5 Radware Application Delivery Solution Whitepaper Radware’s application delivery solution’s capabilities that improve application availability include: • • • • • Health Monitoring – eliminates business loss due to IT failures via transaction filature bypassing Traffic Redirection – guarantees highest SLAs by ensuring that the best server always serves client requests while eliminating server overload Global Server Load Balancing – enables business continuity and disaster recovery (DR) for all users, at any place, at all times. Hence it guarantees highest SLA and best quality of experience (QoE) to users for globally-deployed services Link High-Availability – facilitates reliable, scalable, low-cost site connectivity while optimizing application end-to-end response time Full Redundancy – facilitates reliable, scalable, low-cost site connectivity while optimizing application end-to-end response time Result Driven Application Acceleration Radware’s application delivery solution’s integrated application acceleration features are designed to accelerate application response time and ensure best application SLA while offloading server processing. By offloading processor intensive operations, such as SSL, from the servers, it frees the servers’ CPUs to handle additional requests, which results in reduced application servers hardware and lower CAPEX. Moreover, the bandwidth management service aligns the utilization of network resources with business objectives to guarantee SLA. Radware’s FastView™ result-driven acceleration technology adds Web Performance Optimization (WPO) capabilities on top of the standard ADC application acceleration features to deliver the fastest Web application response time and ensure best application SLA while offloading server processing. The result is best business impact for increased revenues, higher customer loyalty as well as improved employee productivity when using enterprise web applications, for all browsers and all end-user device types. In addition, Radware’s application delivery solution offers the best performance in any layer 4-7 metric versus the competition. As a result, it enables enterprises to address traffic growth, ensure fast application response time and meet application SLA in the 1-80Gbps throughput range - at all times. Radware’s application delivery solution’s capabilities which accelerate application performance and shorten application response time and offload server processing include: • • • • • • • SSL Offloading – maximizes server infrastructure investments by offloading server processing (especially with 2Kbit SSL keys). Hence it creates major savings on server CAPEX, as less servers can serve more content to more users HTTP Multiplexing – reduces the number of servers required via server connection reduction, to reduce server CAPEX Caching – Leveraging static and dynamic caching on the ADC and the browser-side to deliver faster application response time and reduce server CAPEX through offloading server processing Content Minification – Reduce content size by removing and trimming redundant data from Web pages Web Compression – Increase savings on OPEX by reducing traffic volumes and bandwidth costs. In addition, it also improves QoE and increase end-user and employee productivity TCP Optimization – Reduce server connections and congestion avoidance optimization to improve QoE and increase employee productivity Reduced HTTP number of requests per page – by combining multiple Java Scripts (JS) and CSS elements into one big object, or embedding small JS and small CSSs into the HTML document, fewer requests are required per web page, accelerating the overall page load time Smart Network. Smart Business. 6 Radware Application Delivery Solution Whitepaper • • • Bandwidth Management – enables to meet application SLA based on per device, user, location or application. It also optimizes network usage and reduces costs by aligning network allocation with business priorities Global Traffic Redirection – Using Global server load balancing, user sessions can be redirected to the datacenter closest to the user, reducing the round trip delay between the end user and the servers serving his requests Optimized XML Processing – offloads servers through optimized XML processing, which results in server CAPEX reduction Radware certifies its solution with leading business applications from vendors like Microsoft, Oracle, SAP, IBM, VMware and more, and publishes detailed performance testing reports showing the performance improvements and cost reduction. For example, when deploying Radware ADC with Microsoft SharePoint, the response time of SharePoint servers is accelerated by 350% and the servers’ CPU load is reduced by 40%. Application Availability Even When Under Attack Radware application delivery solution ensures undisrupted business continuity and full compliance by protecting against emerging network attacks and application vulnerability exploitation. The solution’s broad security capabilities extend to Denial of Service (DoS) protection, Web Application Firewall (WAF), XML/Web Services threat protection and stateful access control (ACL). This consolidation of best-of-breed security technologies provides full compliance, reporting and auditing. In addition, it results in significant CAPEX by eliminating the need to deploy standalone point-solutions. Radware’s application delivery solution’s capabilities that secure applications and enable compliance include: • • • • • Denial of Service (DoS) Protection – ensures business up-time even under heavy attacks through mitigating various flood attacks, packet anomalies and DoS tools Web Application Firewall (WAF) – guarantees business continuity of Web-enabled applications and their full compliance XML and Web Services Security – ensures the continuity and availability of business processes that rely on Web Services Compliance, Reporting and Auditing – real-time visibility into network wide security threats enabling compliance and forensics Stateful Access Control – increases application resiliency and guarantee proper, continuous operation by enforcing various access policies ADC Virtualization and Consolidation ADC Virtualization with Radware’s Virtual Application Delivery Infrastructure ADC-VX™, part of Radware’s Virtual Application Delivery Infrastructure (VADI)™ strategy, is the industry-first ADC virtualization and consolidation platform based on a specialized ADC hypervisor. ADC-VX is built on a unique architecture that virtualizes the resources of Radware ADC platform including CPU, memory, network and acceleration resources. This specialized hypervisor runs virtual ADC instances (vADC) where each delivers full ADC functionality. Each virtual ADC instance contains a complete and separated environment of resources, OS, configurations and management. ADC-VX is the ultimate ADC consolidation platform, enabling organizations to consolidate their ADC hardware devices without compromising resiliency or performance predictability of their ADC services. Radware’s ADC-VX offers the highest consolidation ratio in the industry, starting with 1Gbps of throughput capacity with up to 256 ADC services on a single device – applying to environments from any size. This highest consolidation ratio results in higher savings of hardware and operational expenses as well as faster ROI compared to any other consolidation solution in the industry. Smart Network. Smart Business. 7 Radware Application Delivery Solution Whitepaper vADC per Application Approach Thanks to the high vADCs density and its wide throughput range (1Gbps to 80Gbps), organizations can adopt an innovative and very cost effective deployment model of their ADCs – named vADC per Application. By allocating a separate, fully-isolated vADC instance for each application, businesses can maximize application availability thanks to fault isolation mechanism and to meet application SLA requirement with a resource reservation mechanism. Moreover, this deployment model simplifies operations by maintaining a separate, simpler configuration file per each application, and increases business agility thanks to fast roll out of new vADCs and applications. With vADC per application, the cost of application delivery is significantly reduced compared to traditional ADC deployment models. Radware’s separate vADC per application approach advantages are listed in the following table: Shared ADC Multiple Dedicated ADCs Radware ADC Benefits Resiliency Fault isolation between applications SLA Private & guaranteed resources per application Agility Fast & simple application rollout Operations Scalability Cost Configuration, troubleshooting, software upgrades Application centric visibility Cost effectively add new application & capacity Reduced number of ADC appliances Reduced rack space, power, cooling & service costs Table 1: Radware’s ADC Advantages vs. Legacy ADC Automatic Synchronization of Virtual Infrastructure Configuration Changes Radware application delivery solution ensures that any change in the virtual infrastructure, that might impact the ADC configuration, is automatically synchronized with the ADC in real-time, without manual configuration of the ADC or coding any complex scripts. Using Radware’s ADC solution, IT administrators can easily map a cluster of VMs that define a service in the virtual environment to its corresponding ADC configuration. For instance, once a new VM is added to the virtual service cluster, the ADC is automatically reconfigured in real-time, so that the respective server is added to the service farm or group accordingly. Therefore, Radware ADC solution eliminates the need for frequent manual configuration updates to the ADC, reduces on-going coordination between network and server teams and eliminates scripting and manual configuration of the virtual environment. Ultimate On-Demand Scalability “Pay-as-you-Grow” Approach Radware application delivery solution leverages the company on demand infrastructure approach, which delivers breakthrough performance and superior scalability to meet evolving network and business requirements. Based on its on-demand, “pay-as-you-grow” approach, no forklift upgrade – or device restart - are required even when new business requirements arise, helping companies to guarantee short-term and long-term savings on CAPEX and OPEX for full investment protection. It enables customers to pay for the exact capacity currently required, while allowing them to add additional vADC instances, scale the throughput capacity, add more application-aware services or application acceleration services on demand, and even scale out of the data center to meet new or changing application and infrastructure needs. Smart Network. Smart Business. 8 Radware Application Delivery Solution Whitepaper Radware ADC solution enables to scale from 1Gbps up to 80Gbps using only three platforms, ensuring that each customer can start at a point that best suits their needs and leaving room to scale, as follows: • Scale 1-16Gbps with up to 24 vADC instances • Scale 8-20Gbps with up to 28 vADC instances • Scale 20-80Gbps with up to 256 vADC instances Radware’s “Pay-as-you-Grow” approach business benefits: • Eliminate overspending on the initial required solution • Overcome capacity planning challenges and reduce risk • Eliminate large-scale upgrade projects that are required every time you max out the capacity of your switches • Enable to rollout new applications with no additional hardware by simply adding more vADCs, throughput or services • No need to design, test, stage, install and debug a new hardware device Platform Longevity Guarantee Introducing a platform into a data center is a long and costly process that involves evaluation, certification, development, deployment and training. Forklift upgrade of certified products results in an extremely expensive process and affects IT productivity. Radware’s 5-year platform longevity guarantee allows extending the project lifetime with faster ROI. Radware’s “On Demand” approach combined with the platform longevity guarantee enables customers to achieve full business benefits with CAPEX and OPEX savings over time. Application-Smart ADC with AppShape Technology Radware’s AppShape™ technology enables the transformation into an Application-Smart ADC and is designed to accelerate, ease and optimize application deployment on the ADC. With Radware’s AppShape, each ADC service is tailored to and is aware of a specific business application (such as SAP, Microsoft, Oracle, IBM and more). Hence, the ADC can be managed from an application-oriented perspective which extends to applicationspecific configuration templates, reports, logs and compliance – resulting in fast application roll-out and simplified application management. In addition, Radware’s AppShape simplifies operations through auto-discovery of application resource changes and automatically synchronizing them to the ADC with no human intervention, increasing business agility and reducing time, risk and costs. Using AppShape, Radware application delivery solution is best tuned to provide the maximum value for each business critical application in terms of availability, performance and security. In addition, Radware’s AppShape++ technology delivers scripting capabilities, further enabling the customization of the ADC service per specific application flows and scenarios. By leveraging script examples in Radware’s library and dev-community, customers can easily use AppShape++ to refine various layer 4-7 policies including HTTP, HTTPS, TCP, UDP, SSL and more – with no application modifications, while reducing cost and risk. Smart Network. Smart Business. 9 Radware Application Delivery Solution Whitepaper ® SIEBEL CUSTOMER RELATIONSHIP MANAGEMENT ® E-BUSINESS SUITE Application-Smart ADC Figure 1: Application Awareness via Radware’s AppShape™ Technology High Port Density with 10GE Connectivity Radware ADC platforms share a common design philosophy: develop ADCs that satisfy today’s data center needs and also cater to emerging technologies; and design systems to provide a long and useful lifetime of service. Radware ADC platforms feature high port density which enables versatile connectivity options, enabling each ADC to connect directly to more server farms or to ensure the physical separation of different networks without the need for intermediate switches. The result is simplified network architectures with fewer devices, reduced electrical and cooling costs, and less rack space – leading to greater savings. In addition, Radware ADC platforms offer 10GE ports, so that connecting to existing 1GE-interface switches as well as to next-generation 10GE-interface switches is straightforward. As core switching fabric is refreshed over the next few years, Radware ADC will continue to play well with its neighbors for best investment protection. Complete Visibility Ensuring applications deliver the best quality of experience requires IT administrators to gain maximum visibility on all application delivery chain components, throughout the life cycle of the application. During the roll-out phase, they must see which ADC has enough free resources to properly serve the application, and they should get all relevant information during the service time, to identify and analyze SLA drops in the application. Radware’s reporting and monitoring suite provides the most comprehensive solution to support all the relevant tasks related to SLA tracking and assurance by offering historical and real-time reports. End-to-End Application Delivery Resource Monitoring Ensuring that applications receive all the resources to meet their expected SLA requires in-depth real time visibility into the utilization of the application delivery infrastructure. Radware’s APSolute Vision provides centralized monitoring and reporting capabilities that deliver extensive, historical information about applications’ resources status and utilization including connections, transactions, bandwidth consumed, memory and CPU utilization consumed vs. the amount allocated in the ADC infrastructure, Smart Network. Smart Business. 10 Radware Application Delivery Solution Whitepaper and much more. All information is provided with a clear indication of thresholds boundaries which ensure straightforward tracking the SLA of the application. Furthermore, to make the monitoring function more efficient, Radware’s reports and dashboard employ a drilldownable layered approach allowing to accumulate the information from across multiple ADC services (whether dedicated, virtualized or Soft ADC), highlighting potential bottlenecks across applications and the application delivery infrastructure, in real-time. This layered approach coupled with historical reports, also simplifies the processes of resource planning and allocation per application, and enables fast root-cause analysis and instant resolution of potential problems throughout the entire application delivery infrastructure. Figure 2 - Cross ADC infrastructure dashboard Complete Web Application SLA Assurance Radware’s Application Performance Monitoring (APM) module enables the ability to measure and visualize the performance and SLA of applications, as well as the QoE of users, served through Radware’s ADC, based on actual user transactions and real-time notification on application errors. It provides historical repots with drilldownable granular analysis based on user-defined SLA while providing measurements of the delay per each application delivery chain segment, including data center time, network latency and browser rendering time. This powerful performance monitoring tool enables application administrators to ensure their applications continuously meet their SLA targets. Figure 3 - Detailed Application performance and user QoE reports in Radware’s Application Performance Monitoring tool Smart Network. Smart Business. 11 Radware Application Delivery Solution Whitepaper Summary Today’s data center challenges address the classic needs for application availability, performance and security. The adoption of data center virtualization ecosystems, keeping in-sync with the data center’s dynamic changes, being able to connect to current and future switches, being truly “aware” of deployed business applications while guaranteeing their SLA, the need to scale in a cost-effective manner and lowering costs – all require a new class of ADC. Radware’s application delivery controller (ADC) solution is the most future-proof solution on the market, delivering a complete set of services to ensure the availability, performance and security of the mission-critical applications in the physical and virtual data center. By leveraging Radware’s separate ADC service per application, the AppShape technology and AppShape++ scripting, the solution provides a broad set of application-aware capabilities including load balancing, integrated application acceleration with cutting edge Web Performance Optimization techniques, security protection, ADC virtualization, disaster recovery (DR) and application specific traffic flow control and content modification. Coupled with Radware’s on-demand infrastructure approach and its cross-ADC infrastructure and application monitoring and reporting suite, it enables simplified operations and delivers maximal business value and faster ROI while lowering TCO. © 2012 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered trademarks of Radware in the U.S. and other countries. All other trademarks and names are the property of their respective owners. Smart Network. Smart Business. 12 PRD-ADC-Solution-WP-07-2012/10-US
© Copyright 2024