Documente Academic
Documente Profesional
Documente Cultură
We focus in three
things : AVAILABILITY
SECURITY
PERFORMANCE
Impact on Data Center Architecture:
Applications
z
Application
1
Application z
2
Application z
3
Application z
N
How F5 Can Help
z
Application
1
Application z
2
Application z
3
Clients
Application z
N
F5 TMOS Architecture Internet Proxy DC-DRC Active-Active
Network Access Control
+ SSL VPN (URL Filtering) / Automatic Failover
Server + Outbound
Web Application Firewall Link Load Balancer
(L7 Protection)
Network Firewall
+ Anti DDoS (L3-L4
Security
Protection) Availability & Performance
SWG App1
AFM ASM APM (On Top GTM LTM
Of APM)
TMOS
App3
© F5 Networks, Inc 6
Advanced Load Balancer
App Load Balancing and Acceleration
Integrated Reporting
Secure Transaction
Data
Center
Resources
Server Server Server CPU, Memory
Global Server Load Balancer –
DNS Optimization
Problem: Workable Disaster Recovery Solution
Having multiple data centers covering each other for disaster recovery but how to
automatically swing traffic in between?
Users
© F5 Networks, Inc 10
Deliver Applications Across Data Centers
with BIG-IP Global Traffic Manager (GTM)
BIG-IP GTM
Security
(DNSSEC)
Geographical Data Center B Applications
context
BIG-IP GTM
Security
(DNSSEC)
Geographical Data Center B Applications
context
BIG-IP GTM
BIG-IP GTM
90% of security investment focused here Yet 75% of attacks are focused here
© F5 Networks, Inc 15
Application attacks are inevitable
Prepare for application attacks
75% of internet threats target every 23 minutes
web servers (2015 Cisco Annual Security Report)
Data
Center
Network
Firewall
Internal
Server
Next-Generation
Firewall Corporate Users
Network attacks:
ICMP flood, SSL attacks:
UDP flood, SSL renegotiation, Financial
SYN flood SSL flood
Multiple ISP
strategy Services
Legitimate
Users
DDoS
E-Commerce
WAF ISPa/b Customer
Silverline Router
Network Application
DNS attacks: and DNS HTTP attacks:
Volumetric DDoS protection, DNS amplification, Slowloris,
DDoS Managed Application firewall query flood, slow POST,
service, zero-day threat dictionary attack, recursive POST/GET Subscriber
Attackers mitigation with iRules DNS poisoning
IPS
Hybrid integration with
BIG-IP to synchronize Strategic Point of Control
threat information and
request service
Signaling
F5 Silverline DDoS Protection
Cloud-based service customer benefits
Industry-leading attack
mitigation bandwidth
per customer
Keep your business Protect against the
online during a largest of DDoS
DDoS Attack attacks
F5 Silverline
Protect your business DDoS Protection
Multi-layered,
comprehensive L3-L7
protection
F5 customer portal
Access to DDoS
experts 24/7
Data
Center
DDOS
Protection
Apps 2
Apps 3
Active
Directory
Corporate domain
Latest AV software
Current O/S
Data
Center
Network
Firewall
Exchange
VDI
Active
Directory
PERIMETER SECURITY
Authorized Managed
User Devices Apps Data
IaaS
DEVOPS
SSL Everywhere
The New
Back Office As-a-Service
SaaS Infrastructure
F5 MISSION
Deliver the most secure, fast, and reliable applications to anyone anywhere at any time.
TMOS
F5 WAF Form Factor
F5 is the only vendor who uses the same product for cloud- based as on-premises,
which enables simple policy sharing and improved security effectiveness