Technical Presentation

1
Introduction

• Technical Presentation

2

Crescendo Networks
Mission To Develop Best of Breed Application
Acceleration Solutions for the Worlds Busiest
and Most Demanding Applications
3
AFEs Answer Acute Business Requirements
AFE Sales Exceeding 1 Billion in 2009
1516
1433
Application Acceleration Market Worldwide,
2004-2007, Millions of U.S., end-user spending
57
Load-Balancing
67
AFE
1175
79
999
40
-30
108
783
1459
641
1366
248
1096
AFE CAGR
Load-BalancingCAGR
372
891
535
269
2004
2005
2006
2007
2008
2009
Source Gartner Dataquest (June 2005)
4
Agenda

• Market Overview
• Application Delivery Challenge
• Solving the Challenge
• Maestro Platform Functionality
• Deployment Alternatives

5
Evolution of the AFE
Router
L4 Load-Balancer
L7 Load-Balancer
Application Front-End(AFE)
SSL Offload
Web-Acceleration (Comp/Caching)
6
AFE Position
Traffic shaping
Load balancing
Application Front End(AFE)
Technology
Network
Server
Application
Position
Offload application overhead with customized
End-to-End optimization
Target
Managing and Prioritizing traffic On the overall
network
Server accessibility bottle necks.
7
Application Delivery Challenges

• Content generation compression
• Consumes application resources
• Increased application latency

• TCP connection management
• Consumes server resources
• Increases application latency

• Content encryption security
• Incremental server load
• Reduces application performance

• Incremental users compound
• Servers / bandwidth / load

ServerResources
100
ApplicationLatency
0
Traditional LoadBalancer
8
Solving The Challenge

• Results
• Accelerated applications
• Decrease response time
• Optimize infrastructure
• Increased security
• Conserve bandwidth

• TCP Connection management
• Terminate TCP connections

• Compression
• Reduce server compression overhead

• Content encryption security
• Offload content encryption

ServerResources
100
ApplicationLatency
0
CN Maestro
9
A Servers Point of View

• Servers Work

Connection Management
Network Failures
Data
SSL
Compression
DDoS Attacks
Data
10
Platform Functionality
11
Maestro Platform Functionality

• Key Performance Feature Concurrency!
• SLT (Short Lived Transaction) Technology
• TCP Offload
• Connection Management
• Request Response Buffering
• Advanced Offload Modules
• Compression
• SSL
• L4 Load Balancing
• L7 Content Switching
• Fast TCP

12
TCP The Problem

• Servers TCP stack pain points
• Multiple session setups/teardowns
• Large number of simultaneous connections
• Mixture of WAN clients (slow, fast, good/bad
  link)
• Congestion control, dropped packets,
  retransmissions

13
TCP Offload The Solution

• True TCP Termination
• Connection Consolidation
• Connection Management
• Server LAN speed transactions
• Client
• Request Buffering
• Response Buffering

Before
After
14
Request Buffering
t
Maestro
Server
Server
Client
Client
Open (SYN)
Open (SYN)
Memory, CPU
(SYN/ACK)
(SYN/ACK)
ACK
ACK
Req 1/2
Req 1/2
More CPU, More Memory
ACK
ACK
Req 2/2
Req 2/2
RTO
RTO
Req 2/2
Full Request
Req 2/2
Memory Alloc., Process, Release
ACK
Processing -gt Memory Released
ACK
ACK
Response
Response
15
Response Buffering
Maestro
Server
Server
Client
Client
t
Resp 1/2
Response Buffered
Response Buffered
Resp 1/2
Resp 1/2
ACK
Resp 2/2
ACK
ACK
Memory Released
ACK
Resp 2/2
Resp 2/2
RTO
RTO
CPU, Memory
Resp 2/2
Resp 2/2
ACK
ACK
Memory Released
16
Fast TCP

• Optimized client side connection management
• Fast Slow Start
• Optimized congestion avoidance algorithm
• Reduce fluctuations around maximum bandwidth
• Minimize number of dropped packets

17
Compression

• Dedicated hardware-based compression engine
• Inline compression - Zeroed latency
• Standard Deflate and GZIP algorithm support
• Performance
• 1 Gbps compressed throughput
• Average compression ratio 60
• Application layer visibility
• Include compressible MIME types
• Exclude already compressed MIME types

18
Compression Advantages

• Optimization
• Inbound/Outbound bandwidth reduction
• Acceleration
• Improves end users application response time and
  productivity
• Offload application and server resources
• Relives server from performing compression a
  resource intensive task

19
SSL

• Dedicated hardware-based SSL engine
• Symmetric SSL support
• Client side
• Server side
• Full flexibility in all parameters
• Different SSL Key sizes
• Certificates Import, or self signed
• Full range of Cipher algorithms and profiles

20
SSL Advantages

• Offload servers SSL
• SSL handshake
• Different key sizes for server client side are
  optional
• Full integration with Maestros distributed
  module architecture
• SLT
• Compression (compress encrypt)
• Load Balancing
• Etc.

21
L4 - Load Balancing

• Load Balancing Algorithms
• Round Robin (RR)
• Weighted Round Robin (WRR)
• Weighted Least Pending Requests (WLPR)
• Connection persistency
• IP based
• Application level

22
L7 - Switching

• Pure request-based load balancing
• Requests are filtered based on
• URI
• Host header
• File type
• Language

23
DDoS Protection

• Maestro provides protection against a wide range
  of Distributed Denial-of-Service
• Few examples

24
The Maestro Platform Functionality
Load Balancing
DDoS
SSL
Application 1 Application 2
L7 Switching
SSL
Application 3
Layer 7 Processing
SLT
SLT
Redundancy
Compression
25
Deployment Alternatives
26
Deployment Alternatives

• On LAN 1 Leg Topology
• Routed Mode
• Spoofed Mode
• Mash Mode
• Redundancy Mode

27
On LAN 1 Leg Topology
CN configuration Virtual-IP 1 ? Server
1 Virtual-IP 2 ? Server 2 Virtual-IP 3 ?
Server 3

• CN resides on LAN
• Traffic is redirected to the CNs virtual IPs
• Servers in example are in different clusters

192.168.1.0 / 24
28
Routed
CN configuration Virtual-IP 1 ? Server
1 Virtual-IP 2 ? Server 2 Virtual-IP 3 ?
Server 3

• CN resides between LANs
• Traffic is redirected to the CNs virtual IPs
• CN functions as a Router

Server 1
192.168.1.0 / 24
192.168.2.0 / 24
Server 2
Server 3
29
Spoofed Mode

• Routed topology
• Virtual IPs Real servers IPs
• CN intercepts traffic destined to real servers
  IPs
• CN functions as a Router

CN configuration Virtual-IP 1 Server
1 Virtual-IP 2 Server 2 Virtual-IP 3 Server 3
Server 1
192.168.1.0 / 24
192.168.2.0 / 24
Server 2
Server 3
30
Mash Mode

• Large number of interfaces and Routing
  capabilities allow mixture of topologies

192.168.4.0 / 24 Spoofed
192.168.3.0 / 24 Routed
192.168.2.0 / 24 On LAN
Server 3
31
Redundancy Mode

• Virtual Router Redundancy Protocol (VRRP) based
• Using a virtual IP and MAC address
• Deployment modes
• Hot Stand-By (Active Passive)
• Load Sharing (Active Active)
• Enhanced failover decisions making
• Upstream network device availability
• Application server health and connectivity
• Configurable thresholds

32
Product Management

• GUI
• JAVA based, simple to use, configure and monitor
• Accessible standard browser
• CLI
• familiar look and feel, standard to L3 devices
• Accessible via SSH or Telnet
• SNMP
• SNMP MIBs provide a flexible way to update the
  device and poll for statistics, used also to
  communicate with 3rd party tools
• Upgrades
• via a bundle uploaded via FTP or HTTP
• Configuration scheme
• A text based file which can be imported/exported
  via FTP or HTTP
• Versioning
• Downgrade/Upgrade up to 1 version backwards

33
Monitoring

• Statistics
• Real time statistics
• History statistics
• Statistics are available from the different
  interfaces
• Reporting
• SNMP Syslog support

34
Management Security

• Separated secured physical management interface
• Access-list restrictions over the management port
• Configurable users and groups with different
  access level to the management interfaces
• Read Only
• Administration
• Technician

35
Hardware Product Line
36
Overview

• The Maestro architecture is a hardware based
  appliance
• Hardware models are design to provide maximum
  performance for each of the CN features
• Using a dedicated task specific processor with
  optimal distribution of the OSI layers over a
  multi gigabit bus platform, the Maestro can
  deliver 100 performance of each of its features
  while executed simultaneously

37
General Specifications

• 1.5U / 2U box
• 2/4/8/10 x 1GbE ports
• 10Gbps bus architecture
• Web UI SNMP based, Statistics Monitoring,
  Remote management (SSH, Telnet)
• Redundancy VRRP-Based A/A A/P
• Agnostic to servers and browsers types
• Simple maintenance mechanism FTP/HTTP based
• Co-exists with existing infrastructure LBs,
  switches and routers
• Certified by FCC, VCCI, CE, CB, UL

38
Maestro Product Line
CN-5510
CN-5504

• Micro Engines 81
• Application Memory 4GB
• Interfaces
• 10 x SFP GbE ports (optical/copper) 10/100/1000
  Mbps speed
• Management RJ-45 10/100Mbps Ethernet
• Performance
• 1M concurrent connections
• 500K SSL connections
• Throughput 10/4Gbps (Total/Optimized)
• 1Gbps Compression
• 2.4M SYN/sec

• Micro Engines 81
• Application Memory 4GB
• Interfaces
• 4 x SFP GbE ports (optical/copper) 10/100/1000
  Mbps speed
• Management RJ-45 10/100Mbps Ethernet
• Performance
• 1M concurrent connections
• 100K SSL connections
• Throughput 4/4Gbps (Total/Optimized)
• 1Gbps Compression
• 2.4M SYN/sec

39
Distributed Architecture Max Performance
gt 81 micro engines
Buffering Caching
Compression
HTTP Parsing
Serial and Ethernet out of bound management ports
SSL
Multi-GigabitTCP Engine
Layer 1-410GbpsProcessing
4/10 Gigabit Ethernet Ports
40
Success Stories
41
Thank You
42
ALP Module

• ALP stands for Application Layer Processing
• The ALP is an innovative Crescendo proprietary
  development
• Goals
• Identify and solve bottlenecks within application
  tiers
• Monitoring tiers capacity
• Analyze and optimize business processes

43
ALP Components

• Admission Control
• Prevents the application to exceed its capacity,
  by queuing requests once tier capacity is reached
• Request Scheduling
• Controls and optimizes the order in which
  requests are sent to the application tiers (once
  queued
• Application Insight
• Multi-tier application insight with end-to-end
  transaction tracking

44
Oracle World October 2006 - PeopleSoft Impact
with ALP
Direct 78 sec per business process
With ALP 14 sec per process!

81 (526 improvement)
45
Application Optimization Across all Tiers
Maestros Current Optimization/Acceleration
Technology
HTTP centric Optimization (Web Tier)

New ALP Technology

• Application Acceleration Across Multiple Tiers
• True Application Processing ? Intelligent
  Transaction Control and Scheduling
• Increased Visibility and Performance Compliance
  Monitoring
• SLA Enforcement for Business Processes

Applications centric Optimization (App-Tier)

• New Levels of Application delivery optimization
• New level of Backend Tiers Visibility
  Availability
• Revolutionary convergence of IT Networking