原子力顯微鏡甲板_第1頁(yè)
原子力顯微鏡甲板_第2頁(yè)
原子力顯微鏡甲板_第3頁(yè)
原子力顯微鏡甲板_第4頁(yè)
原子力顯微鏡甲板_第5頁(yè)
已閱讀5頁(yè),還剩26頁(yè)未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶(hù)提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

IntroductiontoF5NetworksHighlyFlexibleServiceDeliveryController

F5’ssoftwareplatformoffersunprecedentedflexibilityoverawiderangeofhardwareiControlAPIdeliveringthepowerandflexibilityoftheServiceDeliveryNetworkiRulesUnprecedenteddataplanecontroltodirectlymanipulateandmanageIPtrafficTCPExpress:F5’sAdaptiveTCPStack(clientside)TCPExpress:F5’sAdaptiveTCPStack(serverside)FullProxyServicesArchitectureCommonandSharedServicesArchitectureF5’sTMOSWiderangeofHardwareIntegrationTCPOptimizationWebApplicationAccelerationWANOptimizationCachingDNSCachingLogReductionWAP2.0OffloadLoad-BalancingGlobalServiceLoad-BalancingDynamicResourceProvisioningAAAScalingIPv6MigrationDNSScalingSIPScalingVideoMulticastStreamingHACGN(NAT44,NAT64,DNS64)Gi,DC,WebApplication,XMLFirewallsConnectionLimitingDDoSAAASecurityDNSSecurityLegalInterceptLogging/CloningSSLOffloadSSOandRemoteAccessSIPSecurityIntelligentTrafficManagementAdaptableNetworkingSubscriberBasedPCEFMessageBasedProxyHTTPHeaderEnrichementIntelligentVideoManipulationTransportProtocolTranslationHowareCarriersUtilizingF5’sCapabilities?Solvingtheissues..F5/DiameterSolutionsElementsConnectivityBridginggapsinnetworkarchitectureMessageNormalizationFasternetworkrollout,lesscostsLoadBalancingEliminatestheneedforcarefulplanningsonottoexceedsingleservercapacityThottlingtoavoidsignalingTsunamiRoutingandSubscriberGuidanceProvidestransactionguidancetowardspecificserversNetwork-wideroutingandbinding(liketoPCRF,OCS)RoamingforLTELTE-LTELTE–2G/3GTopologyHidingHidesmulti-nodeservertopologyTransparentlyaddclientsandserversintothenetworkVisibilityintoDiameterControlPlaneTestingToolSecurityIsChallengingWebificationofappsDeviceproliferationEvolvingsecuritythreatsShifting

perimeter71%ofinternetexpertspredictmostpeoplewilldoworkviawebormobileby2020.95%

ofworkersuseatleastonepersonaldeviceforwork.130million

enterpriseswillusemobileappsby201458%

ofalle-thefttiedtoactivistgroups.81%

ofbreachesinvolvedhacking80%

ofnewappswilltargetthecloud.72%

ITleadershaveorwill

moveapplicationstothecloud.F5’sSecurityEvolutionPointSecurityServicesandProductsIntegratedSecuritySolutionsUnified

SecurityPlatformFirewallLBandscalingSSLoffloadFirePassTrafficShieldAccesstoApplicationsSecurityforApplicationsTechnologyAllianceProgramConsolidatingIntelligenceatkeycontrolpointsfromtheEndpointstotheDataCenter/Cloud/Application:AppDeliveryFirewallUnifiedAccessMobileAppMgmtCentralizedPolicyMgmtHybridServicesF5DeliverstoSupportCustomerBusinessNeedsToscaleTosecureTosimplifyAstonishingscaleforawork-anywhere/SSLeverywhereworld.Full-proxysecurityandSSLvisibilitytodefendapplicationsanddataagainstsustainedattacks.Consolidationofpointsolutionsandanapplication-centricsecuritymodeltostreamlinefirewallconfigurations.UnifiedaccessAsecureandacceleratedaccesssolutionresidingattheedgeofthenetwork,thatunifiesSSLVPN,federation,mobileapplicationmanagement,andsecurewebgatewayservices.Flexible,high-performancewebaccessandsecuritysolution,thatprovidescontext-aware,policy-basedaccesstouserswhilesimplifyingauthentication,authorizationandaccounting(AAA)management.ApplicationsecurityLeadingwebapplicationfirewallandattackprotectiontoreducetherisktoIPanddata,whilekeepingapplicationssecure,fastandavailable.Anative,highperformancefirewallsolutionthatprotectstheentireinfrastructurewithfullapplicationvisibilityandcontrol,whilescalingtoperformunderthemostdemandingconditions.ApplicationaccessmanagementApplicationdeliveryfirewallSecuringaccesstoapplicationsfromanywhereProtectingyourapplicationsregardlessofwheretheyliveFourSecuritySolutions

AsummaryIntroducingtheF5ApplicationDeliveryFirewall

Bringingdeepapplicationfluencytofirewallsecurity

OneplatformSSLinspectionTrafficmanagementDNSsecurityAccesscontrolApplicationsecurityNetworkfirewallEAL2+EAL4+(inprocess)DDoSmitigation“NextGeneration”FirewallOutbound

USERinspectionWhoisdoingwhat?“Trusted”userstoInternetAppAwareness:BroadbutshallowCorporate

(users)ApplicationDeliveryFirewallDatacenter(servers)Inbound

APPLICATIONprotectionApplicationdeliveryfocus“Untrusted”userstodatacenterAppAwareness:SpecificbutdeepAFirewallfortheDataCenterApplicationattacksNetworkattacksSessionattacksSlowloris,SlowPost,HashDos,GETFloodsSYNFlood,ConnectionFlood,UDPFlood,PushandACKFloods,Teardrop,ICMPFloods,PingFloodsandSmurfAttacksBIG-IPASMPositive/negativepolicyreinforcement,iRules,fullproxyforHTTP,serverperformanceanomalydetectionDNSUDPFloods,DNSQueryFloods,DNSNXDOMAINFloods,SSLFloods,SSLRenegotiationBIG-IPLTMandGTMHigh-scaleperformance,DNSExpress,SSLtermination,iRules,SSLrenegotiationvalidationBIG-IPAFMSynCheck,default-denyposture,high-capacityconnectiontable,full-proxytrafficvisibility,rate-limiting,strictTCPforwarding,iRules.F5MitigationTechnologiesApplication(7)Presentation(6)Session(5)Transport(4)Network(3)DataLink(2)Physical(1)IncreasingdifficultyofattackdetectionF5mitigationtechnologiesOSIstackOSIstackApplicationDeliveryFirewallandDoSMitigationTheApplicationDeliveryFirewallSolutioniRulesextensibilityeverywhereProductsAdvancedFirewallManagerStatefulfull-proxyfirewallFlexibleloggingandreportingNativeTCP,SSLandHTTPproxiesNetworkandSessionanti-DDoSAccessPolicy

ManagerDynamic,identity-basedaccesscontrolSimplifiedauthenticationinfrastructureEndpointsecurity,secureremoteaccessLocalTraffic

Manager#1applicationdeliverycontrollerApplicationfluencyApp-specifichealthmonitoringApplicationSecurityManagerLeadingwebapplicationfirewallPCIcomplianceVirtualpatchingforvulnerabilitiesHTTPanti-DDoSIPprotectionGlobalTrafficManager&DNSSECHugescaleDNSsolutionGlobalserverloadbalancingSignedDNSresponsesOffloadDNScryptoIPIntelligenceContext-awaresecurityIPaddresscategorizationIPaddressgeolocationSSLinspectionTrafficmanagementDNSsecurityAccesscontrolApplicationsecurityNetworkfirewallDDoSmitigationSummarySimplicity,scale,andperformanceExtensibilityandflexibility,backedby100,000+user-developersAccesstoapps.SecurityforApps.Full-proxyarchitectureprovidingdeepvisibilityandcontrolIntelligentservicesplatformFirewallPerformanceandEnvironmentalAggregateTotalsJNP5800FullyPOPViprion4480(4Slot)Viprion4800(8Slot)MaxFirewallthroughput150Gbps250Gbps500GbpsMaxConnectionsIPv420M160M320MMaxConnectionsIPv610M160M320MNewSessions/secIPv4380,0002,005,0004,010,000NewSessions/secIPv6240,0001,260,0002,520,000PowerUsageMaxDraw5,100W2,233W4,920WMaxHeatDissipation17,057BTU/Hour7,032BTU/Hour14,032BTU/HourRackU11U7U16UWeight334lbs87lbs261lbsMTSOFWConsolidationPerChassis:160MillionConcurrentConns2.05MillionCPS2233Watts/Hour7RackUnits22.9MillionConns/RU264kCPS/RU71.7kConns/Watt918CPS/RUPerChassis:20MillionConcurrentConns380kCPS5100Watts/Hour32RackUnits620kConns/RU11.9kCPS/RU3.9kConns/Watt74.5CPS/RU160MillionConcurrentConnections8Racksofgear512RackUnits81,600Watts/HourPerCluster160MillionConcurrentConnections1Racksofgear14RackUnits4,466Watts/HourMTSOFWConsolidationIPv6PerChassis:160MillionConcurrentConns1.26MillionCPS2233WattsMaxDraw7RackUnits22.9MillionConns/RU180kCPS/RU71.7kConns/Watt564CPS/WattPerChassis:10MillionConcurrentConns240kCPS5100WattsHour32RackUnits312.5kConns/RU7.5kCPS/RU2.0kConns/Watt47.1CPS/Watt160MillionConcurrentConnections16Racksofgear1024RackUnits163,200Watts/HourPerCluster160MillionConcurrentConnections1Racksofgear14RackUnits4,466Watts/HourScalingBIG-IPviavCMPKeyvCMPFeaturesGuestscanrundifferentOSversionsUpgradeguestsindependentlyCapacityondemandwithVIPRIONIsolatedfailuredomainsCanbelayeredwithmulti-tenantfeaturesMixedGuestAllocation1Blade1342Blade2Blade3Blade4134213421342SingleGuestAllocation1Blade1342Blade2Blade3Blade4134213421342StripedGuestAllocation1Blade1342Blade2Blade3Blade4134213421342vCMPvsRouteDomainSummaryvCMPRouteDomainsAdminPartitioningYesYesRouteDomainsYesYesResourceAllocationDedicatedSharedOSManagementMultipleSingleGuaranteedPerformanceYesNoCapacityonDemandYesNoIsolateFaultDomainsYesNoImproveUtilizationYesNo18NECFWConsolidationPerChassis:160MillionConcurrentConns250Gbthroughput2.05MillionCPS2233Watts/Hour7RackUnitsUpto24GuestInstancesUpto6.7MillionConcurrentConnsperguestUpto10.4GbthroughputUpto85kCPS93Watts/hour0.3RUperguestBestcaseaggregateof24machines:7.2MillionConcurrentConns204Gbpsthroughput168kCPS11280Watts/Hour72RackUnitsOlderNokiaCheckpointgear:300kConcurrentConns8.5gigthroughput7kCPS3RUperchassis470Watts/HourUsecaseBeforef5LeveragingF5Consolidationoffirewall,applicationsecurity,trafficmanagementProtectionfordatacentersandapplicationserversHighscaleandflexibilityforawiderangeofprotocolsReturnagilitytodeploymentofyourapplicationsTraditionalApproachLoadBalancerDNSSecurityNetworkDDoSWebApplicationFirewallWebAccessManagementLoadBalancer&SSLApplicationDDoSFirewallPhaseII:ApplicationServicePlatformIntelligentServicesFramework

Intelligent,Adaptable,Multi-ServiceArchitectureRoadmap:NewVEs,NewAppliances,VIPRION,&ScaleNClusteringNewDeliveryServices(Security,Accel,Avail.)NewAppTools:iApp,iMonitor,iCallAdvantages:

ApplicationIntelligence(App,Data,Users)UnifiedArchitecture–SharedServicesPerformance/ReliabilityBestofBreedservicesOpenandExtensibleCommunities:100KMembersinDCDisadvantages:

MoreQA&IntegrationTestingLargerReleases&RMTradeoffsUseCase:SimplifieddeploymentofApplicationsIUseCase:CentralizedReporting

iHealth,Analytics,CapacityPlanning,SplunkIntegration,BMCSplunkIntegrationBMCPerformanceMgmtEMiHealthEMCapacityPlanningEMAnalyticsReportingoptionsbothcentralizedthroughEnterpriseManagerandthrough3rdPartyIntegrationUseCase:AutomateandOrchestrate

Integratewithinyourdatacenterorchestration/automationtoolHPOrchestratorMicrosoftSCOMandVMMTivoliVMWarevCenterVMwareOrchestratorCentralizedManagement:

EM,Applications,Templates,&VisibilityActive/StandbyEMWIPVS-ASMProfile-ASMPool#3VS-WAProfile-WAPool#10VS-AppProfile–HTTP#2Pool#1VS-WebProfile–HTTP#1Pool#4GTM–DNSLBLTM–FrontDoorWATierASMTierLTM–ScaleTierWebAppStoreDataModelServicesBIG-IQPlatformAPI(PublicREST/JSON)BIG-IQSecurity(firewall)BIG-IQCloudBIG-IQ

DeviceBIG-IQ:Platform,ModulesandRESTAPIModularframeworkPlatformprovidesservicescommontoallmodulesModulesinteractwithplatformusingREST-basedAPIsModuleslicensedseparatelyF5NetworksConfidentialBIG-IQSecurityUI:BladeUXModern,innovative,intuitiveUICentralizedSearchandFilteringShowRelationships(brushing)CreateRelationships(draganddrop)ContextAwarenessSimplifiedNavigationStructureInteractionswith“Blades”BrushingFilteringSlide-out BladesizinganddockingCreatingnewobjectsDraganddropBladesettingsF5NetworksConfidentialBIG-IQSecurityOverviewCentralizedmulti-devicemanagementforF5securitysolutionsModularFrameworkwithRESTfulAPIVEorHWPlatformModern,InnovativeandIntuitiveUIInitialreleasesupportsAFM(L3/L4NetworkFirewall)StrategyistoprovidecomprehensivemanagementofF5ADF(ApplicationDeliveryFirewall)SecuritySolutionF5NetworksConfidentialScenario/FeatureBenefitsDeclareManagementAuthorityBIG-IQ“Central

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶(hù)所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒(méi)有圖紙預(yù)覽就沒(méi)有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶(hù)上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶(hù)上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶(hù)因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

最新文檔

評(píng)論

0/150

提交評(píng)論