INTERNET
TRAFFIC MANAGEMENT
Enterprises rely on their networked applications for mission critical processes.
Each application requires specific network services for operation. (E.g.
availability, bandwidth, performance) The network however is generic and
unaware of specific application needs. The gap between applications and
the network make it impossible to ensure continuos, optimized and secure
operations undermining enterprise reliability.
MULTI-HOMING
Internet connectivity failure, link overloads and service delays are the
principle causes of WAN downtime, degraded online services and disrupted
communications are responsible in lost enterprise productivity and denied
user access. To overcome connection failures and ensure reliable Internet
services, enterprise are establishing multiple Internet links across different
service providers (multi-homed networks).Read
more
CONTENT
INSPECTION MANAGEMENT
The
possibility of having a debilitating virus penetrating enterprise networks,
resulting in network failures and damage to data, is becoming increasingly
common. The enterprise is therefore often obligated to deploy an anti-virus
mechanism to protect the network from such malicious traffic. This mechanism
is most often deployed using dedicated servers, such as anti-virus gateways,
which provide content security for HTTP, FTP and SMTP traffic.Read
more
CONNECTIVITY FLOW MANAGEMENT
While
affording service redundancy, multi-homed networks introduce several operational
challenges including managing complex BGP routing and utilizing and optimizing
bandwidth consumption across links and service levels and costs across
providers. Without managing all link and network traffic, it is impossible
to control connectivity services, undermining the resilience and costs
effectiveness of multi-homed networks.Read
more
APPLICATION SECURITY
Enterprises depend on point security tools including firewalls, VPN's,
Intrusion Detection Systems, Anti-Virus and Application Security for protection
against attacks and malicious activity. Each security tool however introduces
single point of failure, performance degradation and overloads that undermine
your site wide defence and cause security breaches. Without eliminating
downtime, resolving combined security application vulnerabilities and addressing
poor security performance, it is impossible to safeguard your enterprise.Read
more
CONTACT
FORM
CONNECTIVITY:
MULTI-HOMING
The
challenge
As
enterprises become ever more reliant on IP applications for mission critical
tasks, the need to resolve single points of failure on the network becomes
more important than ever before. ISP connectivity continues to be a main
source of failures and performance degradation. Such problems can be difficult
to resolve, as the root of the problem does not lie within the enterprise's
control. Thus, more and more enterprises are turning to
multi-homed networks in order to guarantee connectivity to the Internet
and service for their customers.
However, a multi-homed environment alone does not take full advantage of
the opportunities available in such a network. The multi-homed network
has the potential to save on cost, by taking advantage of different billing
tariffs of the different carriers, and to improve performance, by utilizing
each link for specific content.
The
Solution - LinkProof
It provides a complete solution for the multi-homed network. Guaranteeing
full availability while maximizing the enterprise's ROI, LinkProof
ensures the highest site-wide performance by performing true dynamic load
balancing on all network traffic. In addition, LinkProof alleviates precious
IT administration man hours by performing the complex task involved with
deploying and maintaining a multi-homed network.
Advantages
- manages the IP address
ranges assigned to the network from the various links intelligently
- proximity detection
ensures that the optimal path is used for inbound and outbound traffic
by choosing the best ISP for outbound traffic and ensuring
all ISP links are used for incoming traffic - ensures fastest content delivery
- advanced health monitoring
determines the availability of the links, and ensures that all ISP links
are optimized by intelligently load balancing all
traffic through only the available links - ensures full availability and
high performance
Benefits
- Reliable and continuous
Internet access
- Fastest content
delivery through optimal content routing
- Optimal performance
and full scalability, up to Gigabit speeds
- Cost savings from
reduced IT overhead and optimal utilization of bandwidth based on cost
- Bandwidth policy
enforcement for guaranteed quality of service and enhanced utilization
of the available bandwidth
CONNECTIVITY:
FLOW MANAGEMENT
The
challenge
The challenge is to define dynamically the flow of traffic
through multiple steps and various network services, based on source, destination,
and traffic type.
The Solution
- Content Inspection Director (CID)
Flow management architecture to define categories of traffic
by source, destination, application and content.
It defines the services to apply to each type of traffic and the order
of services
Benefits
- Dynamically define the flow of traffic through multiple
steps and various network services.
- Based on source, destination, traffic type
- Accelerates network response time through efficient use
of network services
CONTENT
INSPECTION MANAGEMENT
The
challenge
85% of the organizations
reported to have installed anti-virus software were hit by virus attacks.
The average loss per organization due to virus attack in 2001 was $283,000�
“2002 CSI/FBI Computer Crime and Security Survey” Richard Power, Spring
2002. Virus activity is expected to increase by 22% during 2002. (The Computer
Economics Security Review 2002)
Content filters like
URL filters and anti-virus create single points of failure. It provides
networks with full content inspection while sustaining high throughput.
Anti-virus limited to 3Mbps. Content Inspection solutions are difficult
to install, implement, and are not scalable.
The
Solution - Content Inspection Director (CID)
It provides high availability
and full load balancing capabilities. The CID sends trusted traffic directly
to the LAN without inspection and also
redirects HTTP traffic according to selected MIME types to Content Security
Farms. It redirects traffic by protocol (HTTP/FTP/SMTP) to Content Security
Farms.
Benefits
- Trusted data flow
- High availability
and Response time load balancing
- Network and content
inspection in high availability
- Gigabit speed content
inspection
- No more security/performance
trade-off
- Easy to install and
to maintain.
- Scalable architecture.
- As the need arises
more inspection machines can be added to the farm
- Up to 500% increase
in content inspection speed and advanced scalability options
APPLICATION
SECURITY
The
Challenge
Many organizations
depend on their IP infrastructure for continuous operation and mission
critical tasks. To be able to rely on this infrastructure, any single point
of failure must be resolved. Due to the complexity of networks, a common
approach is to divide the network into the following three components to
simplify the evaluation process:
- Connectivity and
Network
- Security Layer
- Servers and Computing
Each component must
be addressed on the issue of availability, performance and integrity and
each contains many points of failure that must be resolved. The challenge
then, is too resolve each component's vulnerabilities so that all applications
are continuously available, performance is at the highest level and integrity
is maintained throughout. In addition, all these components must then work
together seamlessly, providing the desired end-to-end solution.
The Solution:
Radware's End-to-End Application Integrity
Radware's application
switches provide a complete end-to-end solution that overcomes the inherent
vulnerabilities that reside in every network. Radware's application switches
guarantee full availability, high performance and the integrity of each
network component, as discussed throughout this document and work together
seamlessly for an unrivalled solution from click to content.
Benefits
- Advanced health monitoring
to ensure high availability and continuous operations of mission critical
applications
- Cost savings and
performance improvement by optimizing existing resources usage with traffic
redirection and load balancing
- Full control and
visibility on critical resources using site wide Intelligent Application
Switching (IAS) management Configware Insite
- Full availability,
scalability and optimization of security services
- Enhanced security
and attack mitigation using SynApps Application Security and DoS Shield
ANTI
VIRUS GATEWAY SERVER FARM
The Challenge
As enterprises become ever more reliant on IP applications
for mission critical tasks, the need to ensure the continuous operation
of these tasks is becoming ever more necessary. Additionally, as many of
these applications are not only available to employees on the internal
network, but are also accessible over the Internet by remote employees,
suppliers and customers, security and scalability have become key issues.
By examining typical Web-enabled transactional applications,
such as e-banking, order entry, ERP, CRM and so on, we discover that the
computing layer is composed of the following three tiers: Web servers,
Application servers and databases. Each of these tiers must therefore be
scalable for both users and transactions. The tiers must be available continuously
and provide the end user with the best possible performance and response
time.
Furthermore, network security must not be compromised,
thus SSL encryption is becoming increasingly widespread, when sensitive
information is transferred across the Internet. However, encryption/decryption
processes consume vast amounts of resources making the concerns of performance
and scalability even more acute and complex.
The Solution:SSL
Acceleration
A Secure Acceleration Cluster provides a complete application
switching solution for mission critical applications. Radware's solution
ensures full availability, high performance and integrity of all applications
and networked traffic. The Secure Acceleration Cluster is an SSL acceleration
and traffic management solution featuring the traffic management capabilities
of the Radware Web Server Director (WSD) Pro+ with SynApps and the centralized
and scalable SSL processing of CertainT 100.
WSD intelligently redirects, load balances, manages and
distributes SSL traffic to and from Radware CertainT 100(s) which terminate
and secure front-end and back-end SSL transactions while optimizing network
performance. In addition to the SSL services described, WSD provides load
balancing, full availability and high performance for all applications
and networked traffic.
The Secure Acceleration Cluster is fully scalable for
up to 100 CertainT 100 units, deployed in farms, or 35,000 SSL Transactions
Per Second (TPS) and gives the enterprise the ability to transparently
add accelerator units as traffic grows, without the need to schedule downtime.
The cluster also provides full availability, in a fully redundant architecture,
removing all single points of failure from the network.
The SynApps architecture provides two additional services,
Application Security and Dos Shield. Application Security provides real-time
protection from over 450 known attack signatures providing an additional
layer of security for your valuable resources, while DoS Shield provides
fully configurable and unmatched protection, in Gigabit speeds, from harmful
Denial of Service (DoS) attacks. Together, these modules provide the most
effective and fastest application-level protection available and the key
to the integrity of your applications.
Benefits
- Full scalability of up to 100 CertainT 100 units or 35,000
SSL TPS.
- Also, the addition and/or maintenance of CertainT 100
units can be performed transparently to the end user, without having to
schedule downtime
- High availability, advanced health
monitoring and instant failover in case of an SSL accelerator failure
- Optimization of resources and performance enhancement
by directing traffic to the most available resource
- Complete policy enforcement that may be configured "on
the fly" through Radware's Bandwidth Management
- Application Security provides real-time protection from
over 450 malicious attack signatures
- DoS Shield provides fully configurable, Gigabit speed
protection from Denial of Service (DoS) attacks
|
