![Page 1: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/1.jpg)
ARC208 - Enterprise Networking and Service Delivery in the AWS Cloud
Sridhar Devarapalli, Director Product Management, Citrix Aaron Delp, Sr. Director Technical Marketing, Citrix November 13, 2013
![Page 2: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/2.jpg)
![Page 3: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/3.jpg)
How can IT leverage both AWS and on-premises resources to deliver
IT-as-a-Service?
![Page 4: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/4.jpg)
Role of IT Ops in Cloud Computing
Data Center Cloud
IT Organization acting as a Provider and Broker
IT Operations
Consumer IT Broker Group
Cloud Hybrid IT
![Page 5: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/5.jpg)
Agenda
Intelligent cloud networking to manage across AWS and on-premises Cloud management scenarios across AWS and on-premises
1
2
![Page 6: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/6.jpg)
Virtual Appliance
Fabric Multi-service
Physical Appliance
Now available on
![Page 7: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/7.jpg)
Citrix NetScaler for AWS
• Full NetScaler L4-7 functionality
• Easy setup and launch
• Both BYOL and hourly pricing
![Page 8: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/8.jpg)
Product Overview
It’s NetScaler
![Page 9: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/9.jpg)
All L4-7 Functionality Supported
• L4 load balancing • Content switching • Rewrites • Responder • Redirects • TCP offload • CloudBridge • GSLB
• SSL offload • Access Gateway Enterprise • Caching • Compression • Datastream • Appflow • NetScaler Insight • App Firewall
✔ ✔
✔
✔ ✔ ✔ ✔
✔ ✔
✔ ✔ ✔
✔ ✔
✔ ✔
![Page 10: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/10.jpg)
NetScaler TestDrive Demo
![Page 11: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/11.jpg)
NetScaler Use Cases
For Production
For Dev/Test, DR
![Page 12: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/12.jpg)
Citrix Cloud Bridge
![Page 13: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/13.jpg)
Amazon VPC
AWS Region
Public Subnet
Private Subnet
Corporate Data
Center
Corporate Headquarters
Availability Zone 1
Availability Zone 2
Branch Offices
VPN Gateway Customer Gateway
(BGP/NoBGP)
Internet Gateway
Router
DirectConnect Location
New Enterprise IT Network Architecture
10G
S3 SimpleDB SQS/SNS/SES DynamoDB SWF Elastic Beanstalk
![Page 14: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/14.jpg)
NetScaler Requirements: Subnets and ENIs
• Recommend three subnets and thus three ENIs – One for management (e.g., NSIP) – One for client-side traffic (e.g., VIPs) – One for server-side traffic (e.g., SNIPs, MIPs)
• Can be launched with two subnets/ENIs – One for management – Shared subnet for client-side and server-side traffic
• Can be launched with a single subnet/network interface – Management, client-side and server-side traffic all on same subnet – HA is not supported in this configuration
• More than three subnets/ENIs is of course supported
![Page 15: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/15.jpg)
Region: US East AZ: us-east-1a AZ: us-east-1b AZ: us-east-1c
Default Gateway 10
.20.
15.0
10.2
0.10
.0
10.2
0.1.
0
10.2
0.11
.0
10.2
0.12
.0
NetScaler
ENI ENI ENI
NetScaler in AWS VPC
![Page 16: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/16.jpg)
Scaling Across Zones
NetScaler NSIP
VIP
SNIP SNIP
NetScaler NSIP
VIP
SNIP SNIP
GSLB
Region: US East AZ: us-east-1a AZ: us-east-1b
![Page 17: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/17.jpg)
Elastic IP’s (Public Route)
Private IP
’s (Private R
oute 1)
Private IP
’s (Private R
oute 2)
DC/DNS (DC1)
DC/DNS (DC2)
DC/DNS (DC3)
DC/DNS (DC4)
MB01 MB02 MB03 MB06 MB05 MB04
CA01 CA01 ET01
MB07 MB08 MB09 MB12 MB11 MB10
ET02 CA03 CA04
Remote Management & Administration
Outlook Users
Direct internet-based Message delivery
Or cloud-based Message Hygiene Service
Exchange Reference Architecture
GSLB
![Page 18: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/18.jpg)
NetScaler Benefits
• Cookie-based persistence
• Site-level persistence
• Load-based distribution between AZs/Regions
• SSL Offload
![Page 19: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/19.jpg)
Scaling Across Regions
NetScaler NSIP
VIP
SNIP SNIP
NetScaler NSIP
VIP
SNIP SNIP
GSLB
Region: US West Region: US East AZ: us-east-1a AZ: us-west-1a
![Page 20: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/20.jpg)
Large-scale XenApp Deployments
![Page 21: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/21.jpg)
NetScaler for XenApp
High performance, highly scalable remote access designed for Citrix Receiver
Global Distribution of Users based on client location, server availability, and data center load
Transparently routes around failures in the network for DR at the software, server, and global level
Secures XenApp from data leaks with tight integration and proper authentication of users
![Page 22: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/22.jpg)
GSLB for Region Selection
US East 1a 1b
US West 1a 1b
EMEA 1a 1b
storefront.uswest.co.com storefront.useast.co.com Storefront.emea.co.com
Service.co.com
![Page 23: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/23.jpg)
US East 1a 1b
US East 1b
service.co.com
storefront.useast.co.com
1a
Storefront servers … Storefront servers
…
… ag.1a.useast.co.com
… ag.1b.useast.co.com
PS Farm Servers …
PS Farm Servers …
Region View
![Page 24: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/24.jpg)
Role of IT Ops in Cloud Computing
Data Center Cloud
IT Organization acting as a Provider and Broker
IT Operations
Consumer IT Broker Group
Cloud Hybrid IT
![Page 25: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/25.jpg)
Hybrid IT Use Cases
• On-premises deployment leverages AWS resources (e.g., Amazon S3)
• Self-service access to cloud services, some of which run on AWS, and some on-premises
![Page 26: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/26.jpg)
CloudPortal Business Manager
CloudPlatform powered by Apache CloudStack
Networking Storage Compute
INFRA- STRUCTURE
DEV & TEST
DISASTER RECOVERY
BYO PLATFORM
APPS & DESKTOPS
MOBILE APPS
YOUR SERVICE
Citrix Hybrid IT Deployments
NetScaler
![Page 27: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/27.jpg)
Pod 1
CloudPlatform Architecture
Cluster 1
Host 2
Host 1
….
L3 switch
Pod N
Secondary
Storage
Zone 1 Firewall NetScaler
Primary Storage
L2 switch
….
Cluster N
Amazon S3
Storage
![Page 28: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/28.jpg)
Amazon S3 Secondary Storage • Use Cases
– Secondary Storage across multiple Availability Zones within a region – VM launch in multiple zones based on same template
• Benefits
– Higher Availability • Availability of Templates, Volume Snapshots across zone failures
• Things to know
– Based on the Amazon S3 API
![Page 29: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/29.jpg)
CloudPortal Business Manager
Cloud admins broker and deliver IT and cloud services
Users and Customers
Developers and Cloud Admins
Off Premise
3rd Party Web, SaaS apps
On Premise
IT Managed Cloud Broker
Discovery
Service Catalog
Billing
Charge back
Self-Service
Auth
entic
atio
n an
d
role
bas
ed a
utho
rizat
ion
CloudPlatform powered by Apache CloudStack
Connector for AWS
![Page 30: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/30.jpg)
Connector for AWS on Citrix CloudPortal Business Manager
• Connector in development • Account Provisioning
– Linkage to Existing AWS Account – Get New AWS Account through CloudPortal
• Insight into AWS Billing for Cost Consolidation • Single Bill (along with other non-AWS services) for
Customer Chargeback
![Page 31: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/31.jpg)
![Page 32: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/32.jpg)
Summary
• Take the NetScaler Test Drive
• Check out the Exchange on AWS Reference Architecture
• Same L4-7 services on-prem and in AWS makes
it easier to extend enterprise workloads into AWS
![Page 33: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/33.jpg)
For More Information
• http://www.citrix.com/netscaler/aws • http://aws.amazon.com/marketplace • http://www.citrix.com/cloudplatform • http://www.citrix.com/cloudportal
![Page 34: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/34.jpg)
Work better. Live better.
![Page 35: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/35.jpg)
We are sincerely eager to hear your feedback on this presentation and on re:Invent. Please fill out an evaluation form when you have a chance.
![Page 36: Enterprise Service Delivery from the AWS Cloud (ARC208) | AWS re:Invent 2013](https://reader033.vdocuments.net/reader033/viewer/2022060108/554f4638b4c90572088b568c/html5/thumbnails/36.jpg)
Availability Zone a Availability Zone b
Internet
VPC customers can launch instances in their own isolated network
VPC Customer
10.0.0.5
10.0.0.6
10.0.3.17
10.0.3.5
10.0.1.5
10.0.1.25 10.0.1.8
10.0.1.6
Amazon You can assign your own IP range to the VPC network