Download - Allot Communications
![Page 1: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/1.jpg)
1
Allot CommunicationsAllot Communications
www.allot.com
Solutions for Citrix in the Enterprise
Network
Empowering Networks for Business
![Page 2: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/2.jpg)
2
Market TrendsIncreased reliance on Internet and IP (private, public, VPN) for business critical trafficDiversity of applications with different networking requirements and business criticality
CitrixOracleVoIP, Video conferencingEntertainment traffic – music (P2P), shopping, stocks, multi-mediaEmail, VPN and large file transfers
Increased malicious traffic attacks on networks & serversBudget shrinks
Improve rather than buildSave on bandwidth costs
![Page 3: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/3.jpg)
3
QoS in the Enterprise – The Need
Guarantee performance of business critical applications – Video, VoIP, ERP (SAP), Citrix Applications, Oracle – and protect from DoS attacksLimit bandwidth-hungry, non-business applications
P2P, musicWeb surfing
Monitor performanceRecord IP sessions stats
![Page 4: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/4.jpg)
4
Citrix Solution – The Need for QoS
Citrix based network needs QoS because:IP network works on “best effort” basis – first comes first served – no guaranteesWithout QoS, bandwidth-hungry applications (like FTP or Peer-to-Peer) steals the Citrix resources (bandwidth)Without minimum bandwidth, Citrix users suffer from unpredictable response timeWithout QoS Citrix applications suffer from “un-assured” performance
There is no differentiation between applications and users
![Page 5: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/5.jpg)
5
Policy Based Networking - a Complete Solution
EnforcementShaping and conditioningQoS tagging (gateway)Server balancingCache enforcementContent filteringPreventing DoS attacks
Monitoring and AccountingPolicy monitoringUser accounting and billingEvent managementCapacity planningService management
Policy and SLA ManagementDefine policiesTranslate policies to network actions User directory/CCB management
![Page 6: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/6.jpg)
6
Product - The NetEnforcerBandwidth management (e.g., manage WAN link to remote offices)Traffic management/shapingPerformance guarantee (e.g., for Citrix)Traffic monitoring – real-time, long-termAuto discover and auto create policy (e.g., prioritize Citrix) High availability models (with dual power supplies)Redundancy and bypassHigh performance
Up to 155 Mbps (Gigabit I/F)256,000 connections28,000 policies
![Page 7: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/7.jpg)
7
NetEnforcer Enterprise Product Line
ModelBandwidth
Pipes VCs Connections
AC101/128 128 Kbps 64 1,024 1,000
AC101/512 512 Kbps 128 1,024 1,000
AC201/2M 2 Mbps 256 2,048 12,000
AC201/10M 10 Mbps 256 2,048 12,000
AC301 100 Mbps 1024 4,096 64,000
![Page 8: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/8.jpg)
8
NetEnforcerService Provider Product
Line
ModelBandwidth
Pipes VCs Connections
AC201/10M 10 Mbps 256 2,048 12,000
AC301 100 Mbps 1024 4,096 64,000
AC401 100 Mbps 2,04812,000
128,000
AC601 100 Mbps 4,09628,000
256,000
AC701 155 Mbps 4,09628,000
256,000
![Page 9: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/9.jpg)
9
The Allot Effect
0
20
40
60
80
100
120
140
160
180
10:00 10:10 10:20 10:30 10:40 10:50 11:00
BrowsingCitrixMusic (P2P)
Music download (Peer to Peer) takes more than 100Mbps
Not enough bandwidth for Browsing and Citrix
The Allot effect: Add NetEnforcer to the network
Browsing and Citrix get full capacity Browsing and Citrix get full capacity while Music is limited to 10Mbpswhile Music is limited to 10Mbps
![Page 10: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/10.jpg)
10
Using the NetEnforcer to Control Bandwidth
Example: Set Max Bandwidth to 85Kbps
Without QoS:
• BW abuse on short period of time
• Bursty pattern
• Retransmission ?
• One Customer takes all bandwidth!
With QoS enforcement:
• BW usage control
• Predictable pattern
• Efficient transfer
• Fair Access
![Page 11: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/11.jpg)
11
Medium priority
LowLow priority
Business-CriticalCitrix
HTTP/P2P
Switch Router
Application PrioritizationExample
NetEnforcer
Network with Email, HTTP/P2P and Citrix
IP offers only “best effort” service
Low-priority P2P traffic monopolizes connection
Citrix application bandwidth is now wider
Apply QoS andguarantee performance toCitrix applications
![Page 12: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/12.jpg)
12
Classifying Citrix with the NetEnforcer
Classify Citrix traffic by Application Name and User NameClassify Citrix traffic by Application Name and User Name
Select Citrix from a library of protocols/ applicationsSelect Citrix from a library of protocols/ applications
![Page 13: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/13.jpg)
13
Policy Example – Citrix Performance Assurance
Citrix performance is assured with “Business Critical” QoS level (very high priority and BW guarantee
Citrix performance is assured with “Business Critical” QoS level (very high priority and BW guarantee
Other applications are getting different priorities and bandwidth allocations while Usenet is blocked
Other applications are getting different priorities and bandwidth allocations while Usenet is blocked
![Page 14: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/14.jpg)
14
Monitoring Applications in Real Time
View min/max bandwidth View WAN bandwidth View Protocol BW UsageTop UsersTop serversUtilization
WAN LinkNetEnforcer
![Page 15: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/15.jpg)
15
Diagnose Network Performance
Nearly 28% of all traffic is from the Web.
Who are the top users?
![Page 16: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/16.jpg)
16
Get Historical Traffic Analysis
From Policy usage distribution To Advanced
Graphical options
… and localization … and longer and
filtered history (e.g. working hours only)
![Page 17: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/17.jpg)
17
NetAccountant – Optional Accounting
PackageCollect information about usage – including client, server, application inbound and outbound traffic countersIncludes a reportgenerator – ideal tool for network capacity planning and internal budgetingAllows access by external application using ODBC
![Page 18: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/18.jpg)
18
Set QoS to Max. 128 Kbps ?
No: Wastes capacity of Branch 2
Set QoS to Max. 256 Kbps ?
No: Exceeds capacity of Branch 1
Managing Bandwidth inEnterprise Environment
256 Kbps
128 Kbps
Branch 1
Email, FTP Servers
Web
SAP
Corporate Headquarters
NetEnforcer RouterSwitch
Branch 2
Manage Multiple Links Manage Multiple Links
Policy Table (v4.1)Pipe 1 – 192.11.12.x to Any Max (128kbps)
SAP – Min 64 kbps
FTP – Max 56 kbps
Pipe 2 – 192.11.13.x to Any Max (256 kbps)
SAP – Min 128 kbps(Set Eternal Bandwidth to 384kbps)
Policy Table (v4.1)Pipe 1 – 192.11.12.x to Any Max (128kbps)
SAP – Min 64 kbps
FTP – Max 56 kbps
Pipe 2 – 192.11.13.x to Any Max (256 kbps)
SAP – Min 128 kbps(Set Eternal Bandwidth to 384kbps)
192.11.13.x
192.11.12.x
256 Kbps
128 Kbps
![Page 19: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/19.jpg)
19
Allot’s Citrix-QoS Solution – Benefits to the customer
High ROI (return on investment)Citrix can be used on the Internet (public network)Citrix and other IP traffic share same WANCitrix bandwidth requirement is pre-defined and therefore less bandwidth overall is requiredCitrix performance is guaranteed and enhancedCitrix applications get “the right attention” in the network
Better management of trafficAllow capacity planning and troubleshooting
Protect against DoS (denial of service) attacks
![Page 20: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/20.jpg)
20
Allot’s Citrix-QoS Solution – NetEnforcer’s Advantages
NetEnforcer Per Flow Queuing permits assignment of QoS per Citrix application or per userNetEnforcer enables prioritizing Citrix over other traffic (such as Email and file transfer)
Batch traffic (like FTP) can still run but won’t “freeze” Citrix
Mark Applications with Differentiated Service (DiffServ) Levels for end-to-end QoS Limit and control Print jobs and file transfers so they don’t affect other Citrix usersNetEnforcer/NetAccountant allows for detailed monitoring and application and IP accountingNetEnforcer enables protection for DoS attacks and other malicious traffic flows
![Page 21: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/21.jpg)
21
Enhancing Security:Preventing a DoS Attack
with the NetEnforcer1. Attacker sends
Broadcast ICMP with Victim’s spoofed address
2. Unwitting accomplices send ICMP Echo Reply (with Victim’s address)
3. NetEnforcer detects high number of new ICMP connections and blocks them.
Unwitting Accomplices
Attacker
Victim’s InternalNetwork
NetEnforcer
321
![Page 22: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/22.jpg)
22
EducationEducation
Selected Enterprise Customers
Banking / Finance CorporationsCorporations
GovernmentGovernment
Aeroporto de PortugalNorway National RR
(Italy)
![Page 23: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/23.jpg)
23
Why Allot ? Ease of use – easiest way to have your QoS up and running – simple, intuitive and graphically pleasingApplication recognition – including CitrixApplication performance enhancement Real-time and historical traffic monitoring and all-session IP accountingComplete policy-based IP traffic management including traffic redirection to cache and server load balancingHigh performance and high availability
155 mbps, supports highest number of policies in the industryIdeal for enterprise and data centersFail safe operation
![Page 24: Allot Communications](https://reader033.vdocuments.net/reader033/viewer/2022061600/5681505d550346895dbe5f80/html5/thumbnails/24.jpg)
24
Contact Details
Americas
250 Prairie Center Drive #355
Eden Prairie, MN 55344
Tel (952) 944-3100
Fax (952) 944-3355
International HQ
Hod-Hasharon, 45800
Israel
Tel 972-(0)9-761-9200
Fax 972-(0)9-744-3626
Japan
Nishi Ginza Bldg 2F
5-5-9 Ginza Chuo-ku,
Tokyo 104-0061, Japan
Tel: 81 3 5537-7114
Fax: 81 3 5537-5281
Europe, Middle East and Africa
World Trade Center
1300, Route Des Cretes
BP 255 Sophia Antipolis Cedex
France 06905
Tel 33-(0)4-92-38-80-27
Fax 33-(0)4-92-38-80-33
Asia Pacific
9 Raffles Place,
Republic Plaza #27-01
Singapore 048619
Tel: 65-832-5663
Fax: 65-832-5662
www.allot.com