SlideShare uma empresa Scribd logo

Bluecoat Services

Transferir como PPSX, PDF
C
ChessBall
1 de 38
Blue Coat: Web Security & Acceleration
2 About PacketShaper
3 PacketShaper Key Functionality Application Visibility Application QoS Application QoS benefits time-sensitive applications Transactions (ERP, CRM, Citrix) IP Telephony and convergence Contain P2P, recreational & malicious Additional Products Requires ProxySG for acceleration, caching & WAFS IntelligenceCenter / PolicyCenter management system
4 What Can PacketShaper Do? Discover All Application Traffic Resolve IssuesPre-empt Problems MonitorUser Experience Control and ProtectApplication Performance Application Visibility Application QoS TroubleshootPerformance Issues
5 PacketShaper Deployment Option: Asymmetric in the Core BranchOffices Centralized Data and Applications Core PacketShaper WAN Data Center IntelligenceCenter PolicyCenter
6 PacketShaper Deployment Option:Symmetric with Branch Deployment Public Web Servers Web Content andApplications Centralized Data andApplications Internet Customers and Partners Branch PacketShaper Core PacketShaper WAN BranchOffices Data Center Employees IntelligenceCenter Branch PacketShaper PolicyCenter
7 PacketShaper Application Visibility
8 What is Application Visibility? Identifies Applications for What They Really Are Recreational Streaming8% E-mail20% P2P12% InternetGaming5% FileTransfers9% Oracle7% Citrix5% Web Browsing28% 53% of bandwidth being used by recreational applications 14% of bandwidth is “business critical” TN32702% Other4%
9 Application Visibility Discover All Application Traffic 600+ applications, good & bad, sub-classify within complex apps / HTTP Monitor User Experience Measure & alarm, SLA compliance, VoIP metrics, integrate with other tools Troubleshoot Performance Issues Isolate delays, connections, host and app performance, capture & analyze
10 Discovery Maps traffic to its classification library Automatically builds a list of the applications running on your network Provides basis for PacketShaper Application QoS technology Starts collecting performance data Utilization Efficiency Response times
11 Industry-Leading Application Identification Blue Coat PacketShaper Unique to Blue Coat Behavioral characteristics Multi-packet flow analysis and profiling Beyond address andport-based analysis Identifies evasive applications Encrypted Port-hopping Tunneled
12 Classification Maps traffic to its classification library Automatically builds a list of the applications running on your network 600+ Application classes Sub-classify within complex apps / HTTP Good, bad and malicious traffic Current and next generation applications Plug-In Architecture Enables new application definitions without firmware upgrade
13 Application QoS Technology: Application-specific Bandwidth Control Application Session Provisioning provides: Hierarchical subclassifications of apps Per call or per session differentiation Far richer classification than routers Layer 7 Plus differentiation Customer-critical over recreational apps Latency-sensitive over bandwidth-hungry apps TCP and UDP Rate Control Managed on a flow- by flow basis at application level Guaranteed delay bounds for IP telephony on converged networks
14 Monitor and Troubleshoot Measure Utilization, response times, performance & SLAs – per application Isolate What (application), where (server or network), who (users), how (captures, histories) Diagnose and fix problems Identify protocols, link latency & other environmental variables Determine what optimization / will help
15 PacketShaper Application QoS
16 What is Application QoS? Unacceptable ERP performance Insufficient bandwidth and congestion Unpredictable Voice qualityCrowded out by bandwidth hungry apps Uncontrolled recreational traffic Wasted bandwidth and impact on business- critical applications
17 What is Application QoS? Powerful, Dynamic Application-aware Bandwidth Shaping Great ERP performanceProtected from apps and congestion Voice quality – 100% assured all-level QoS 100% control of recreational traffic No matter how much it tries to hide
18 Application QoS Resolve application performance issues Pre-empt performance problems Control bandwidth, dynamically Apportion and ensure service levels for applications Control and protect applications Protect and optimize time-sensitive / real-time apps SLAs for voice, transactions, streams Restrict bandwidth impact of recreational traffic
19 Application QoS Technology: Policies and Partitions Policy-based Application QoS definitions and partitions by: Application Site or server User or user group Beyond Standard QoS Apply policies to protect critical traffic Smooth disruptive, bandwidth-intensive traffic Contain recreational traffic Block malicious traffic Set priorities to protect business-critical apps Non-critical apps can use remaining bandwidth
20 Application QoS Technology: Rate Control and Predictive Scheduler Manages congestion proactively Latency reduced Packets drops minimized Fewer retransmissions Improved application performance. Improve efficiency to increase throughput Without App QOS With App QOS
21 Compare Router-based QoS Manage bandwidth passively and react to congestion and packet loss Use port-based application traffic classification Use various packet-based queuing methods that: Are not bi-directional – cannot control inbound traffic at the other edge Add delay to transaction time and latency Cannot provide per-flow guarantees Are only truly effective as part of a comprehensive control strategy Are managed on a per-router basis Big management overhead in distributed deployments
22 Router-based QoS Compared toPacketShaper Inbound Rate Control Configured in all the branches and Data Center, router-based Queuing relies on the bulk transfers being throttled down after packet loss… Branch Offices A Data Center Bulk Data 512Kbps 1Mbps B 512Kbps Citrix C 512Kbps PacketShaper’s Patented Rate Control applied only in the Data Center slows down the Bulk traffic without packet loss and before queues can build Bulk Data
23 Compare Packet Marking and MPLS Applies only to carriers core Provisioned WAN service, not the entire link No way of assigning preference at the last mile Biggest bottleneck is typically last mile Aggregate shaping only Treats all connection requests the same Lacks ability to assign limit to number of call requests Needs complementary technology to overcome deficiencies Application classification for accurate marking Packet rate, bandwidth and flow control
24 Intelligent Marking for MPLS Networks Application <<<GRANULARITY>>> enable accurate marking of application traffic DiffServ, MPLS, TOS Bandwidth allocation VoIP Classes of Service 256 Kbps SAP 768 Kbps Email Best effort RemoteOffice MPLSBackbone
25 Application QoS and MPLS Working Together MPLSCore
26 Application QoS and MPLS: End to End QoS Quality of Service Premium  256kbit/s DSCP 1 Platinum  256kbit/s DSCP 3 Gold  512kbit/s DSCP 5 Silver  512kbit/s DSCP 7 Best Effort  512kbit/s DSCP 9
About ProxySG
ProxySG Key Functionality WAN Optimization Secure Web Gateway WAN Optimization accelerates business applications Files, Email and Internal Bulk Traffic Business Web / SaaS Content Delivery Secure Web Gateway secures the network Protect from Malware Guard Employee Productivity Prevent Data Leaks Validate Trusts Additional Products ProxyClient satisfies the needs of the remote user PacketShaper provides Application Visibility and QoS
What Can ProxySG Do? Protect Against Malware AccelerateInternal Bulk Traffic GuardEmployee Productivity Control and OptimizeExternal Applications Secure Web Gateway WAN Optimization PreventInformation Leaks Manage and DeliverVideo and Content ValidateTrust
ProxySG in the Network Centralized Data andApplications Public Web Servers Web Content andApplications Internet Customers and Partners Internet Gateway /Content Filtering Reverse Proxy BranchProxySG WAN ConcentratorProxy Data Center BranchProxySG Employees Reporter Remote Workers Director BranchOffices ProxyClient 30
SWG Design Criteria Appliance/OS/TCP-stack/Cache designed for web object processing Maximize utilization, throughput, and reliability Reduce rack space required, green solution Web protocol/application coverage (legacy & new) Authentication, Authorization, Logging & Reporting Web content optimization & acceleration Latency = Closed Filter & block unwanted web content URL Filtering options, real-time analysis of new content Web object filtering & blocking via policy controls Scan, detect and block threats Anti-malware/virus scanning options with cache intelligence MMC filtering/strip/replace/block policy controls Data Loss Prevention & Open Integration Point DLP/ILP options, plus web content & method controls Secure-ICAP and ICAP
Proxy Design benefits:Ultimate Control Point Full Protocol Termination = Total Visibility & Context (HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS) Custom built Blue Coat SGOS Secure platform that provides maximum benefit for caching Industry proven object caching capability Policy architecture enables flexible user controls on applications Secure ICAP for added security features and integration with DLP vendors
ProxySGWAN Optimization
What is ProxySG WAN Optimization? AccelerationwithControl
ProxySG WAN Optimization Technologies Object Caching Get web, file and video content close to users again Byte Caching Store repetitive network traffic for dramatic acceleration Compression Inline reduction of data to reduce application bandwidth Protocol Optimization Align high-level protocols with network characteristics
Object Caching - Get web, file and video content close to users again Automatically determines the “right” data No legal or compliance risk like other solutions Simply the fastest, most compressed data transfer All applications, internal and external
Object Caching DATACENTER Internet Full File Cached Locally (proxy) No data sent across WAN Reduced traffic and bandwidth usage Better user experience Lower WAN costs WAN BRANCH 37
Byte Caching - Store repetitive network traffic for dramatic acceleration 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110[REF#1]00011110001110011000110000010011110000001101111010010[REF#2]010101010100101000010100 Proxies Cache common patterns All files & applications over TCP Reduced traffic and bandwidth usage Better user experience Lower WAN costs 38

Recomendados

4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabricANSItunCERT
 
PRTG NETWORK MONITORING
PRTG NETWORK MONITORINGPRTG NETWORK MONITORING
PRTG NETWORK MONITORINGFanky Christian
 
Chapter03
Chapter03Chapter03
Chapter03Muhammad Ahad
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate TrainingNCS Computech Ltd.
 
FortiWeb
FortiWebFortiWeb
FortiWebAlireza Akrami
 
001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration IntroductionMohamed Sana
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 

Recomendados

4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabricANSItunCERT
 
PRTG NETWORK MONITORING
PRTG NETWORK MONITORINGPRTG NETWORK MONITORING
PRTG NETWORK MONITORINGFanky Christian
 
Chapter03
Chapter03Chapter03
Chapter03Muhammad Ahad
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate TrainingNCS Computech Ltd.
 
FortiWeb
FortiWebFortiWeb
FortiWebAlireza Akrami
 
001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration Introduction001 introduction Fortigate Administration Introduction
001 introduction Fortigate Administration IntroductionMohamed Sana
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Session initiation-protocol
Session initiation-protocolSession initiation-protocol
Session initiation-protocolSanthosh Somu
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Fortinet
FortinetFortinet
FortinetABEP123
 
SD WAN Technology Overview
SD WAN Technology OverviewSD WAN Technology Overview
SD WAN Technology OverviewI Nyoman Sujana
 
Internet of things
Internet of thingsInternet of things
Internet of thingsSai praveen Seva
 
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...ThousandEyes
 
Telecommunications and Network Security Presentation
Telecommunications and Network Security PresentationTelecommunications and Network Security Presentation
Telecommunications and Network Security PresentationWajahat Rajab
 
Chapter03
Chapter03Chapter03
Chapter03Somrak Rungwanlapa
 
Fortinet
FortinetFortinet
FortinetPetre-doru Dragus
 
Sip
SipSip
SipAnirban Roy
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesAmy Gerrie
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGeorg Knon
 
FortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxFortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxNajahIdrissiMoulayRa
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGSCrowdStrike
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Canada
 
Vietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptxVietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptxPhmcHnh9
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-reviewRayan Darine
 
Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016InvestorSymantec
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
 

Mais conteúdo relacionado

Mais procurados

Session initiation-protocol
Session initiation-protocolSession initiation-protocol
Session initiation-protocolSanthosh Somu
 
Fortinet
FortinetFortinet
FortinetABEP123
 
SD WAN Technology Overview
SD WAN Technology OverviewSD WAN Technology Overview
SD WAN Technology OverviewI Nyoman Sujana
 
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...ThousandEyes
 
Telecommunications and Network Security Presentation
Telecommunications and Network Security PresentationTelecommunications and Network Security Presentation
Telecommunications and Network Security PresentationWajahat Rajab
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesAmy Gerrie
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGeorg Knon
 
FortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxFortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxNajahIdrissiMoulayRa
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGSCrowdStrike
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Canada
 
Vietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptxVietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptxPhmcHnh9
 

Mais procurados (20)

Session initiation-protocol
Session initiation-protocolSession initiation-protocol
Session initiation-protocol
 
Wireshark
WiresharkWireshark
Wireshark
 
Fortinet
FortinetFortinet
Fortinet
 
SD WAN Technology Overview
SD WAN Technology OverviewSD WAN Technology Overview
SD WAN Technology Overview
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
Adopting SD-WAN With Confidence: How To Assure and Troubleshoot Internet-base...
 
Telecommunications and Network Security Presentation
Telecommunications and Network Security PresentationTelecommunications and Network Security Presentation
Telecommunications and Network Security Presentation
 
Chapter03
Chapter03Chapter03
Chapter03
 
Fortinet
FortinetFortinet
Fortinet
 
Sip
SipSip
Sip
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slides
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out Session
 
FortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxFortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptx
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGS
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
 
Vietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptxVietnam Hotel GPON Project.pptx
Vietnam Hotel GPON Project.pptx
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-review
 

Destaque

Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016InvestorSymantec
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
 
Reversing blue coat proxysg - wa-
Reversing blue coat proxysg - wa-Reversing blue coat proxysg - wa-
Reversing blue coat proxysg - wa-idsecconf
 
What is Heartbleed?
What is Heartbleed?What is Heartbleed?
What is Heartbleed?Blue Coat
 
Bc threat intelligence_rev2.1
Bc threat intelligence_rev2.1Bc threat intelligence_rev2.1
Bc threat intelligence_rev2.1Takayoshi Takaoka
 
Symantec to-acquire-blue-coat-investor-presentation
Symantec to-acquire-blue-coat-investor-presentationSymantec to-acquire-blue-coat-investor-presentation
Symantec to-acquire-blue-coat-investor-presentationInvestorSymantec
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionBlue Coat
 
Empowering the Campus Network
Empowering the Campus NetworkEmpowering the Campus Network
Empowering the Campus NetworkBlue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeBlue Coat
 
CAS MAA Infographic
CAS MAA InfographicCAS MAA Infographic
CAS MAA InfographicBlue Coat
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 

Destaque (12)

Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016Symantec Investor Presentation November 2016
Symantec Investor Presentation November 2016
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporter
 
Reversing blue coat proxysg - wa-
Reversing blue coat proxysg - wa-Reversing blue coat proxysg - wa-
Reversing blue coat proxysg - wa-
 
What is Heartbleed?
What is Heartbleed?What is Heartbleed?
What is Heartbleed?
 
How to master Blue Coat Proxy SG
How to master Blue Coat Proxy SGHow to master Blue Coat Proxy SG
How to master Blue Coat Proxy SG
 
Bc threat intelligence_rev2.1
Bc threat intelligence_rev2.1Bc threat intelligence_rev2.1
Bc threat intelligence_rev2.1
 
Symantec to-acquire-blue-coat-investor-presentation
Symantec to-acquire-blue-coat-investor-presentationSymantec to-acquire-blue-coat-investor-presentation
Symantec to-acquire-blue-coat-investor-presentation
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
 
Empowering the Campus Network
Empowering the Campus NetworkEmpowering the Campus Network
Empowering the Campus Network
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
 
CAS MAA Infographic
CAS MAA InfographicCAS MAA Infographic
CAS MAA Infographic
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 

Semelhante a Bluecoat Services

Wx Customer Preso
Wx Customer PresoWx Customer Preso
Wx Customer Presofaiiqb
 
Aceleracion de aplicaciones
Aceleracion de aplicacionesAceleracion de aplicaciones
Aceleracion de aplicacionesjfth
 
Baker Charlie
Baker CharlieBaker Charlie
Baker CharlieCarl Ford
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsCA Technologies
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Software-Defined WAN 101
Software-Defined WAN 101Software-Defined WAN 101
Software-Defined WAN 101Zivaro Inc
 
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidService Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidMyNOG
 
What You Cant See Can Hurt You
What You Cant See Can Hurt You What You Cant See Can Hurt You
What You Cant See Can Hurt You Castleforce
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solutionxband
 
NUVX Technologies general solutions
NUVX Technologies general solutionsNUVX Technologies general solutions
NUVX Technologies general solutionsNUVX
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalMauricio Godoy
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...Nur Shiqim Chok
 
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architectureCisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architectureNetworkCollaborators
 
QoS Challenges and Solutions
QoS Challenges and SolutionsQoS Challenges and Solutions
QoS Challenges and SolutionsGoS Networks Ltd
 
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...CA Technologies
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld
 
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudAppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudCryptzone
 

Semelhante a Bluecoat Services (20)

Wx Customer Preso
Wx Customer PresoWx Customer Preso
Wx Customer Preso
 
Cascade
CascadeCascade
Cascade
 
Aceleracion de aplicaciones
Aceleracion de aplicacionesAceleracion de aplicaciones
Aceleracion de aplicaciones
 
Baker Charlie
Baker CharlieBaker Charlie
Baker Charlie
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Software-Defined WAN 101
Software-Defined WAN 101Software-Defined WAN 101
Software-Defined WAN 101
 
Service Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay KidService Provider Architectures for Tomorrow by Chow Khay Kid
Service Provider Architectures for Tomorrow by Chow Khay Kid
 
What You Cant See Can Hurt You
What You Cant See Can Hurt You What You Cant See Can Hurt You
What You Cant See Can Hurt You
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
 
NUVX Technologies general solutions
NUVX Technologies general solutionsNUVX Technologies general solutions
NUVX Technologies general solutions
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_final
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
 
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
 
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architectureCisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture
Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture
 
QoS Challenges and Solutions
QoS Challenges and SolutionsQoS Challenges and Solutions
QoS Challenges and Solutions
 
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...
Tech Talk: Leverage the combined power of CA Unified Infrastructure Managemen...
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
 
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudAppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the Cloud
 

Bluecoat Services

  • 1. Blue Coat: Web Security & Acceleration
  • 3. 3 PacketShaper Key Functionality Application Visibility Application QoS Application QoS benefits time-sensitive applications Transactions (ERP, CRM, Citrix) IP Telephony and convergence Contain P2P, recreational & malicious Additional Products Requires ProxySG for acceleration, caching & WAFS IntelligenceCenter / PolicyCenter management system
  • 4. 4 What Can PacketShaper Do? Discover All Application Traffic Resolve IssuesPre-empt Problems MonitorUser Experience Control and ProtectApplication Performance Application Visibility Application QoS TroubleshootPerformance Issues
  • 5. 5 PacketShaper Deployment Option: Asymmetric in the Core BranchOffices Centralized Data and Applications Core PacketShaper WAN Data Center IntelligenceCenter PolicyCenter
  • 6. 6 PacketShaper Deployment Option:Symmetric with Branch Deployment Public Web Servers Web Content andApplications Centralized Data andApplications Internet Customers and Partners Branch PacketShaper Core PacketShaper WAN BranchOffices Data Center Employees IntelligenceCenter Branch PacketShaper PolicyCenter
  • 8. 8 What is Application Visibility? Identifies Applications for What They Really Are Recreational Streaming8% E-mail20% P2P12% InternetGaming5% FileTransfers9% Oracle7% Citrix5% Web Browsing28% 53% of bandwidth being used by recreational applications 14% of bandwidth is “business critical” TN32702% Other4%
  • 9. 9 Application Visibility Discover All Application Traffic 600+ applications, good & bad, sub-classify within complex apps / HTTP Monitor User Experience Measure & alarm, SLA compliance, VoIP metrics, integrate with other tools Troubleshoot Performance Issues Isolate delays, connections, host and app performance, capture & analyze
  • 10. 10 Discovery Maps traffic to its classification library Automatically builds a list of the applications running on your network Provides basis for PacketShaper Application QoS technology Starts collecting performance data Utilization Efficiency Response times
  • 11. 11 Industry-Leading Application Identification Blue Coat PacketShaper Unique to Blue Coat Behavioral characteristics Multi-packet flow analysis and profiling Beyond address andport-based analysis Identifies evasive applications Encrypted Port-hopping Tunneled
  • 12. 12 Classification Maps traffic to its classification library Automatically builds a list of the applications running on your network 600+ Application classes Sub-classify within complex apps / HTTP Good, bad and malicious traffic Current and next generation applications Plug-In Architecture Enables new application definitions without firmware upgrade
  • 13. 13 Application QoS Technology: Application-specific Bandwidth Control Application Session Provisioning provides: Hierarchical subclassifications of apps Per call or per session differentiation Far richer classification than routers Layer 7 Plus differentiation Customer-critical over recreational apps Latency-sensitive over bandwidth-hungry apps TCP and UDP Rate Control Managed on a flow- by flow basis at application level Guaranteed delay bounds for IP telephony on converged networks
  • 14. 14 Monitor and Troubleshoot Measure Utilization, response times, performance & SLAs – per application Isolate What (application), where (server or network), who (users), how (captures, histories) Diagnose and fix problems Identify protocols, link latency & other environmental variables Determine what optimization / will help
  • 16. 16 What is Application QoS? Unacceptable ERP performance Insufficient bandwidth and congestion Unpredictable Voice qualityCrowded out by bandwidth hungry apps Uncontrolled recreational traffic Wasted bandwidth and impact on business- critical applications
  • 17. 17 What is Application QoS? Powerful, Dynamic Application-aware Bandwidth Shaping Great ERP performanceProtected from apps and congestion Voice quality – 100% assured all-level QoS 100% control of recreational traffic No matter how much it tries to hide
  • 18. 18 Application QoS Resolve application performance issues Pre-empt performance problems Control bandwidth, dynamically Apportion and ensure service levels for applications Control and protect applications Protect and optimize time-sensitive / real-time apps SLAs for voice, transactions, streams Restrict bandwidth impact of recreational traffic
  • 19. 19 Application QoS Technology: Policies and Partitions Policy-based Application QoS definitions and partitions by: Application Site or server User or user group Beyond Standard QoS Apply policies to protect critical traffic Smooth disruptive, bandwidth-intensive traffic Contain recreational traffic Block malicious traffic Set priorities to protect business-critical apps Non-critical apps can use remaining bandwidth
  • 20. 20 Application QoS Technology: Rate Control and Predictive Scheduler Manages congestion proactively Latency reduced Packets drops minimized Fewer retransmissions Improved application performance. Improve efficiency to increase throughput Without App QOS With App QOS
  • 21. 21 Compare Router-based QoS Manage bandwidth passively and react to congestion and packet loss Use port-based application traffic classification Use various packet-based queuing methods that: Are not bi-directional – cannot control inbound traffic at the other edge Add delay to transaction time and latency Cannot provide per-flow guarantees Are only truly effective as part of a comprehensive control strategy Are managed on a per-router basis Big management overhead in distributed deployments
  • 22. 22 Router-based QoS Compared toPacketShaper Inbound Rate Control Configured in all the branches and Data Center, router-based Queuing relies on the bulk transfers being throttled down after packet loss… Branch Offices A Data Center Bulk Data 512Kbps 1Mbps B 512Kbps Citrix C 512Kbps PacketShaper’s Patented Rate Control applied only in the Data Center slows down the Bulk traffic without packet loss and before queues can build Bulk Data
  • 23. 23 Compare Packet Marking and MPLS Applies only to carriers core Provisioned WAN service, not the entire link No way of assigning preference at the last mile Biggest bottleneck is typically last mile Aggregate shaping only Treats all connection requests the same Lacks ability to assign limit to number of call requests Needs complementary technology to overcome deficiencies Application classification for accurate marking Packet rate, bandwidth and flow control
  • 24. 24 Intelligent Marking for MPLS Networks Application <<<GRANULARITY>>> enable accurate marking of application traffic DiffServ, MPLS, TOS Bandwidth allocation VoIP Classes of Service 256 Kbps SAP 768 Kbps Email Best effort RemoteOffice MPLSBackbone
  • 25. 25 Application QoS and MPLS Working Together MPLSCore
  • 26. 26 Application QoS and MPLS: End to End QoS Quality of Service Premium  256kbit/s DSCP 1 Platinum  256kbit/s DSCP 3 Gold  512kbit/s DSCP 5 Silver  512kbit/s DSCP 7 Best Effort  512kbit/s DSCP 9
  • 28. ProxySG Key Functionality WAN Optimization Secure Web Gateway WAN Optimization accelerates business applications Files, Email and Internal Bulk Traffic Business Web / SaaS Content Delivery Secure Web Gateway secures the network Protect from Malware Guard Employee Productivity Prevent Data Leaks Validate Trusts Additional Products ProxyClient satisfies the needs of the remote user PacketShaper provides Application Visibility and QoS
  • 29. What Can ProxySG Do? Protect Against Malware AccelerateInternal Bulk Traffic GuardEmployee Productivity Control and OptimizeExternal Applications Secure Web Gateway WAN Optimization PreventInformation Leaks Manage and DeliverVideo and Content ValidateTrust
  • 30. ProxySG in the Network Centralized Data andApplications Public Web Servers Web Content andApplications Internet Customers and Partners Internet Gateway /Content Filtering Reverse Proxy BranchProxySG WAN ConcentratorProxy Data Center BranchProxySG Employees Reporter Remote Workers Director BranchOffices ProxyClient 30
  • 31. SWG Design Criteria Appliance/OS/TCP-stack/Cache designed for web object processing Maximize utilization, throughput, and reliability Reduce rack space required, green solution Web protocol/application coverage (legacy & new) Authentication, Authorization, Logging & Reporting Web content optimization & acceleration Latency = Closed Filter & block unwanted web content URL Filtering options, real-time analysis of new content Web object filtering & blocking via policy controls Scan, detect and block threats Anti-malware/virus scanning options with cache intelligence MMC filtering/strip/replace/block policy controls Data Loss Prevention & Open Integration Point DLP/ILP options, plus web content & method controls Secure-ICAP and ICAP
  • 32. Proxy Design benefits:Ultimate Control Point Full Protocol Termination = Total Visibility & Context (HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS) Custom built Blue Coat SGOS Secure platform that provides maximum benefit for caching Industry proven object caching capability Policy architecture enables flexible user controls on applications Secure ICAP for added security features and integration with DLP vendors
  • 34. What is ProxySG WAN Optimization? AccelerationwithControl
  • 35. ProxySG WAN Optimization Technologies Object Caching Get web, file and video content close to users again Byte Caching Store repetitive network traffic for dramatic acceleration Compression Inline reduction of data to reduce application bandwidth Protocol Optimization Align high-level protocols with network characteristics
  • 36. Object Caching - Get web, file and video content close to users again Automatically determines the “right” data No legal or compliance risk like other solutions Simply the fastest, most compressed data transfer All applications, internal and external
  • 37. Object Caching DATACENTER Internet Full File Cached Locally (proxy) No data sent across WAN Reduced traffic and bandwidth usage Better user experience Lower WAN costs WAN BRANCH 37
  • 38. Byte Caching - Store repetitive network traffic for dramatic acceleration 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110111111111111111111111111111111111111111100011110001110011000110000010011110000001101111010010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010101010100101000010100 110111110011100100100101110[REF#1]00011110001110011000110000010011110000001101111010010[REF#2]010101010100101000010100 Proxies Cache common patterns All files & applications over TCP Reduced traffic and bandwidth usage Better user experience Lower WAN costs 38
  • 39. Compression - Inline reduction of data to reduce application bandwidth 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010101100101100101010101010010101010101010100101000010100 110111110011100100100101110011001010111011001000011010011001110010000011110001110011000110000010011110000001101111010010000110110100101111100110100111011010011010011110010000000000001110010111001011011011010010010010101010010101010101101100101100010100 11011111001110010010010111001100101011101100100001001100111001000001111000111001100011 Industry-standard gzip algorithm Removes predictable “white space” Reduced traffic and bandwidth usage Better user experience Lower WAN costs 39
  • 40. High-level protocols and network characteristics High-level protocols are “chatty” Microsoft file access, Web/HTTP, File Transfer (FTP), Exchange, Citrix, ERP, etc Network characteristics WAN latency, not cured by simply adding more bandwidth
  • 41. Protocol Acceleration - Align high-level protocols with network characteristics Protocol Acceleration replaces chatty protocols with a WAN optimized alternative Local acknowledgement Larger windows Transparent
  • 42. WAN Optimization Technologies Working Together Object Caching Caches repeated, static app-level data; reduces andwidth and latency Byte Caching Caches any TCP application using similar/changed data; reduces BW Compression Reduces amount of data transmitted; saves BW Protocol Optimization Remove inefficiencies, reduce latency
  • 44. ProxySG Policy Control Control network resources by user, application or content Full protocol termination for visibility and context HTTP, SSL, IM, Streaming, P2P, SOCKS, FTP, CIFS, MAPI, Telnet, DNS Fine-grained policy for: Application Protocols Content Users (allow, deny, transform, etc) Authentication integration, for example Active Directory Granular, flexible logging
  • 45. Comparing ProxySG Control with PacketShaper Application QoS ProxySG Control focused on: Policy for user behavior and content management Eliminates dangerous or inappropriate traffic [Terminated] Application traffic-specific bandwidth shaping Depth of understanding, Protects against negative impact on business and compliance PacketShaper Application QoS focused on: Application behavior and bandwidth management Contains disruptive traffic Sees and manages all applications and entire network link Breadth of understanding Protects and maintains SLAs for business traffic