f5 visualization and analytics - event management … · f5 visualization and analytics nishant ......
TRANSCRIPT
F5 Visualization and AnalyticsNishant Shah Sr. Product Manager
© 2016 F5 Networks 3
Agenda
• Market Overview
• F5 Strategic advantage in Datacenter
• F5 Data richness
• F5 AppIQ Platform
• F5 AppIQ Direction
• Demo
• F5 AppIQ Vision
Market Overview
© 2016 F5 Networks
Customer Challenges
5
© 2016 F5 Networks
Customer Challenges
5
Visualization and analytics are essential.
Application Agility Operational Cost
Automation Self-service Application Security
They are core necessities for successful application delivery.
© 2016 F5 Networks
Analytics Maturity Curve
6
Proactive decisions
Cross-functionalalignment
Increase visibilityand adoption
Self-service
ReactiveStatic report
Ad-hoc
Interactive
Collaborative
Advancedmodeling
Information Insight Decision Action
Increasing Analytics
Functionality
Increasing Business Value
TODAY
© 2016 F5 Networks
F5 Strategic Advantage
7
© 2016 F5 Networks
F5 Strategic Advantage
7
Full Proxy Design
© 2016 F5 Networks
F5 Strategic Advantage
7
Full Proxy DesignF5 Application Delivery
& F5 Application Security
Services
© 2016 F5 Networks
F5 Strategic Advantage
7
Full Proxy DesignF5 Application Delivery
& F5 Application Security
Services
Invaluable real-time L4-L7 data
© 2016 F5 Networks
F5 Strategic Advantage
7
Full Proxy Design
Integrated Orchestration & Management Suite
F5 Application Delivery &
F5 Application Security Services
Invaluable real-time L4-L7 data
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
Application Definition, statistics, and events
for all modules and systems
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
User Access Statistics and eventsat the tenant level
Application Definition, statistics, and events
for all modules and systems
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
Device andCompute
Health, statistics, and events for all BIG-IP products
User Access Statistics and eventsat the tenant level
Application Definition, statistics, and events
for all modules and systems
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
Device andCompute
Health, statistics, and events for all BIG-IP products
User Access Statistics and eventsat the tenant level
Application Definition, statistics, and events
for all modules and systems
SEIM Integration Normalization of log data acrossmodules and versions allowingfor integration with other systems
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
Device andCompute
Health, statistics, and events for all BIG-IP products
User Access Statistics and eventsat the tenant level
Application Definition, statistics, and events
for all modules and systems
Logs forensic Critical log generation for
forensics
SEIM Integration Normalization of log data acrossmodules and versions allowingfor integration with other systems
© 2016 F5 Networks
F5 Data RichnessActionable Data
8
VISIBILIT
Device andCompute
Health, statistics, and events for all BIG-IP products
User Access Statistics and eventsat the tenant level
Application Definition, statistics, and events
for all modules and systems
Logs forensic Critical log generation for
forensics
SEIM Integration Normalization of log data acrossmodules and versions allowingfor integration with other systems
Network Security Statistics and events at anenterprise and tenant level
F5 AppIQ Platform
© 2016 F5 Networks
F5 AppIQ PlatformVision and Mission
10
© 2016 F5 Networks
F5 AppIQ PlatformVision and Mission
10
Mission
Vision Empower F5 customers with rich, contextual, and application-centric data to deliver applications in the most reliable, secure, and efficient manner.
Democratize F5 data to deliver advanced ADC and security cloud services, which can bring operational and business value to all F5 customers.
© 2016 F5 Networks
F5 AppIQ Platform Goals
11
© 2016 F5 Networks
• Centralized visibility for F5 infrastructure in private, public, and hybrid environments
• Centralized analytics by correlating data from various F5 modules
• Prevent operational cost of data collection from hundreds of BIG-IP devices
• Avoid operational complexity when converting raw data into actionable data
• Actionable data insights coupled with rich application-centric data
• Advanced predictive capabilities coupled with actionable feedback loop
• Diverse predictive security or traffic analytics services via end-to-end analytics stack of F5 analytics platform
F5 AppIQ Platform Goals
11
Provide Centralized Visibility/Analytics
Transform raw data to actionable
data Increase
Business ValueEnable Advanced
ADC/Security Services
© 2016 F5 Networks
F5 AppIQUsecases
12
Analytics
DDoS Visibility Track key attack
related KPIS
SSL Visibility Quantifying secured
Application and user data
Log Visibility & Forensic Optimized Log search and critical
event detection
Root Cause Analysis Application centric Infrastructure
visibility
End user Monitoring Client behaviors analysis
Anomaly detection Detecting application performance/
security anomalies in real-time
© 2016 F5 Networks
F5 AppIQ Platform
13
Orchestration Engine/Tool
(Policy store)
Third-Party Partners
F5 AppIQ
Insights
Actions
ECM (ELASTIC COMPUTE MANAGEMENT)
F5 Visualization/Analytics
VM/BARE METAL/CONTAINER
Rich F5 Data Sources—Tmstats, TMSH stats, syslog, log, events, AVR stats, VM stats
• Data collection, normalization, and cleaning across BIG-IP versions and modules • Analytics engine to provide machine learning-enabled behavior and predictive analytics • Distributed storage layer to store historical data with high granularity • REST API access for integration with orchestration and third-party solutions
Private Cloud/Public Cloud/Co-location sites/Hybrid cloud
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
Data Storage • Distributed storage for historical data • Aggregation of data • Optimized search over huge data set • Optimized data storage using compression techniques
CC Elastic Search
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
Data Storage • Distributed storage for historical data • Aggregation of data • Optimized search over huge data set • Optimized data storage using compression techniques
CC Elastic Search
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
Data Storage • Distributed storage for historical data • Aggregation of data • Optimized search over huge data set • Optimized data storage using compression techniques
CC Elastic Search
Data Access
• Restful access to real-time and stored data • Restful access for visualization • Restful access for intelligent orchestration by consuming real-
time insights • Restful access to advanced forensic tools like Splunk
CC Query Service API
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Container Lifecycle Management
• Deploying • Upgrading • Monitoring • Resource scheduling • Auto scaling
ECM (Elastic Compute Management)(Google Kubernetes-Based)
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
Data Storage • Distributed storage for historical data • Aggregation of data • Optimized search over huge data set • Optimized data storage using compression techniques
CC Elastic Search
Data Access
• Restful access to real-time and stored data • Restful access for visualization • Restful access for intelligent orchestration by consuming real-
time insights • Restful access to advanced forensic tools like Splunk
CC Query Service API
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQMicroservices-Based Architecture
14
Container Lifecycle Management
• Deploying • Upgrading • Monitoring • Resource scheduling • Auto scaling
ECM (Elastic Compute Management)(Google Kubernetes-Based)
Data Refinement and Data Discovery
• Data discovery from BIG-IP • Data cleaning • Data normalization • Data validation • Data transformation
and enrichment • Data filtering • Data publishing
C C
C CSource Catalog
Data RefinementC CAgent Controller
Data Analytics• Customized data streams for further analysis • Customized algorithms for pattern recognitions • Complex correlations
C CApache SparkCC Apache Kafka
Data Storage • Distributed storage for historical data • Aggregation of data • Optimized search over huge data set • Optimized data storage using compression techniques
CC Elastic Search
Data Access
• Restful access to real-time and stored data • Restful access for visualization • Restful access for intelligent orchestration by consuming real-
time insights • Restful access to advanced forensic tools like Splunk
CC Query Service API
C Microservice containerAuto-scale
© 2016 F5 Networks
F5 AppIQ Vision
15
F5 AppIQ (Collect, Stream, Analyze, Index, Store, Access)
Private cloud Public cloudHybrid cloud
Data source—Tmstats, TMSH stats, syslog, log, events, AVR stats, VM infra stats, Amazon infra stats
F5 AppIQ Appstore
Risk-IQ Traffic-IQ Threat Intelligence
SP Analytics
F5 AppIQ Apps
F5 AppIQ Platform
F5 AppIQ Platform
Note – AppIQ apps shows here are just an example and not committed application.
F5 AppIQ Roadmap
© 2016 F5 Networks
AppIQ Direction
17
August2016
AmericasAgility
October2016
Beta
1H-2017
FCS
2H-2017
2nd Release
AppIQ Beta/Early access
AppIQ Overview & Demo
AppIQ FCS
• Scalable BigData platform. • Centralized Application inventory
with key performance KPI. • Traffic Visibility & Drilldowns. • BIG-IP device visibility. • Threshold based alerts. • Centralized event visibility.
AppIQ 2nd Release
• DDoS visibility. • SSL visibility. • End user Visibility. • Anomaly detection. • Multi-Datacenter deployments • Role based access control. • Integrate with VMware.
Note – Information provided on this slide gives an overview of overall direction and nothing is committed. .
F5 AppIQ Demo
© 2016 F5 Networks
F5 AppIQ Demo
19
© 2016 F5 Networks
F5 AppIQ Demo
19
© 2016 F5 Networks
F5 AppIQ Demo
19
© 2016 F5 Networks
F5 AppIQ + Splunk Integration Demo
20
F5 AppIQ Strategy
© 2016 F5 Networks
F5 AppIQ Strategy
22
© 2016 F5 Networks
F5 AppIQ Strategy
22
On-Premise/Private Cloud
Goal
Provide centralized, near real-time, application centric visibility into application infrastructure and security for all F5 customers.
Usecase • Application Traffic Visibility • Log Visibility • End User Monitoring • Security Visibility
• SSL Visibility • L4/L7 DDoS attack Visibility
• Server Infrastructure Visibility • Integrate with 3rd party Vendor – Splunk, VMware,
Graphite, HP archsight. • AppIQ Analytics Apps
© 2016 F5 Networks
F5 AppIQ Strategy
22
On-Premise/Private Cloud
Public Cloud Goal
Provide centralized, near real-time, application centric visibility into application infrastructure and security for all F5 customers.
Usecase • Application Traffic Visibility • Log Visibility • End User Monitoring • Security Visibility
• SSL Visibility • L4/L7 DDoS attack Visibility
• Server Infrastructure Visibility • Integrate with 3rd party Vendor – Splunk, VMware,
Graphite, HP archsight. • AppIQ Analytics Apps
Goal
Extend F5 AppIQ capabilities in to public cloud to enable seamless application monitoring for F5 customers.
Usecase • Application traffic visibility for Hybrid
application infrastructure. • Integrate with Cloud orchestration &
management platforms. • Integrate with cloud data sources. • Extend Analytics Apps as a service. • Trend analysis & predicative analytics • Automated actions based on insights
© 2016 F5 Networks
F5 AppIQ Strategy
22
Goal
Offer Advanced analytics capabilities within F5 AppIQ as a service with Silverline.
Usecase • Extensive advanced security analytics to keep
application secured. • Automated actions based on predictive
insights
On-Premise/Private Cloud
Public Cloud
F5 Analytics-as-a-Service
Goal
Provide centralized, near real-time, application centric visibility into application infrastructure and security for all F5 customers.
Usecase • Application Traffic Visibility • Log Visibility • End User Monitoring • Security Visibility
• SSL Visibility • L4/L7 DDoS attack Visibility
• Server Infrastructure Visibility • Integrate with 3rd party Vendor – Splunk, VMware,
Graphite, HP archsight. • AppIQ Analytics Apps
Goal
Extend F5 AppIQ capabilities in to public cloud to enable seamless application monitoring for F5 customers.
Usecase • Application traffic visibility for Hybrid
application infrastructure. • Integrate with Cloud orchestration &
management platforms. • Integrate with cloud data sources. • Extend Analytics Apps as a service. • Trend analysis & predicative analytics • Automated actions based on insights
© 2016 F5 Networks
F5 AppIQ Strategy
22
Goal
Offer Advanced analytics capabilities within F5 AppIQ as a service with Silverline.
Usecase • Extensive advanced security analytics to keep
application secured. • Automated actions based on predictive
insights
On-Premise/Private Cloud
Public Cloud
Information Insights Decision Action
F5 Analytics-as-a-Service
Goal
Provide centralized, near real-time, application centric visibility into application infrastructure and security for all F5 customers.
Usecase • Application Traffic Visibility • Log Visibility • End User Monitoring • Security Visibility
• SSL Visibility • L4/L7 DDoS attack Visibility
• Server Infrastructure Visibility • Integrate with 3rd party Vendor – Splunk, VMware,
Graphite, HP archsight. • AppIQ Analytics Apps
Goal
Extend F5 AppIQ capabilities in to public cloud to enable seamless application monitoring for F5 customers.
Usecase • Application traffic visibility for Hybrid
application infrastructure. • Integrate with Cloud orchestration &
management platforms. • Integrate with cloud data sources. • Extend Analytics Apps as a service. • Trend analysis & predicative analytics • Automated actions based on insights
• Add class to your personal schedule.
• Survey will pop up in Mobile App. • Answer the multiple choice. • Submit your question to complete. • Receive 5 points!
Give Feedback – Get Points!