f5 big-ip: secure application and data security services
TRANSCRIPT
F5 BIG-IP: Secure Application and Data Security ServicesNick Matthews Partner Solutions Architect, AWS
Robert Haynes Solution Architect, F5
Agenda Networking on AWS About F5 Customer story: Alberta Motor Association Q&A
Cloud Performance is Only as Good as Network PerformanceThe benefits of cloud computing are well-proven
But your networking performance determines to what degree you will derive those benefits
Scalability Security Global Footprint Cost-effectiveness
Core Networking Offerings
Amazon VPC AWS Direct Connect
Amazon Route 53Amazon Elastic Load Balancing
AWS offers a wide variety of networking services, with four at the center:
Layers of Networking on AWS
Region
AZ
VPC
Subnet
Routing Table
Network ACL
Security Group
Amazon VPC
Choose from multiple connectivity options including public internet, Network Address Translation, encrypted VPN, and more
Quickly and easily provision and configure using the AWS Management Console Leverage multiple layers of security to protect your applications and environment, including
access control lists, dedicated hardware, and more
Amazon Virtual Private Cloud (VPC) lets you provision a logically isolated section of the AWS cloud where you can launch resources in a virtual network you define
AWS Direct Connect
AWS Direct Connect gives you dedicated network connections between your on-premises data center and AWS
Can reduce bandwidth costs Delivers more consistent network performance with reduced latency Compatible with all AWS services Elastically scales to meet your specific needs
Direct ConnectLocation
IPVPN/ MPLS
Point to point
Customer Data Center
Customer Office
Customer Office
Customer Office
Elastic Load BalancingElastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances and Availability Zones
Enables fault tolerance, with less manual intervention in applications Ensures that only healthy Amazon EC2 instances receive traffic; traffic is re-routed to a
new Availability Zone if all Amazon EC2 instances are unhealthy Meets application traffic demands by automatically scaling its request handling capacity
Amazon Route 53Amazon Route 53 is designed to reliably and cost-effectively route end-users to internet applications
Connects user requests to infrastructure running in AWS, and can also be used to route users to infrastructure outside of AWS
Monitor application and end-point health, or re-route traffic to healthy end-points with DNS health checks
Meets application traffic demands by automatically scaling request handling capacity Manage traffic globally with Traffic Flows – route users to application end-points through a
single region, or around the globe
Augment Your Network with AWS Marketplace Offerings
ISVs in AWS Marketplace offer solutions for a wide variety of use cases:
Routing VPN Application Delivery Firewalling
F5 Networks
About F5 Seattle based company Develops products to strengthen application and network security,
performance, and availability 48 out of the Fortune 50 companies rely on F5 currently
1:1 9.2 24/7Personalized support Customer
satisfaction ratingWorldwide response
What makes us different?
ADC leader in Gartner Magic
Quadrant for 10 consecutive years
Minimizes risk and business impact when moving mission-critical apps to the cloud
Consolidates multiple security, remote access, performance, and app delivery functionalities into a single platform
Customers can apply same policies on-premises and on the cloud
F5 BIG-IP Virtual Edition provides
Intelligent traffic management
Enhanced network security
Total application security
F5 BIG-IP Virtual Edition (VE)F5 BIG-IP ensures business critical apps and networks are:
Fast Available Secure
F5 and AWS introduction
EfficiencyRapidly provision intelligent services into the cloud and in your existing datacenter using the same code, advanced app services, and breadth of features
AgilityQuickly and efficiently spin up or down the leading app resources you need to control app acceleration, security and availability
FlexibilityFlexible deployment options to meet your current goals and add modular BIG-IP application delivery services
When to use F5 BIG-IP
FunctionalityWhen you need features beyond basic load balancing or application load balancing
ProgrammabilityWhen you want to write code that programs the application traffic, the infrastructure, or the network
Compatibility When you want to deploy consistent application delivery and security policies both on-premises and in the cloud
Scaling and HA
Designed for HA Auto-Scale Aware Auto-Scale Ready
AZ1 AZ2
Leveraging existing AWS infrastructure• F5 offers 3 flexible licensing models: Good, Better, and Best• Offered through Amazon Test Drive• Option to Bring Your Own License (BYOL)
Amazon EC2 Amazon EBS Amazon VPC
F5 on AWS features and benefits
Hybrid Cloud ConfidenceProvides critical app delivery services consistently from existing datacenters to the Cloud
Secure Apps AnywhereUses deep app intelligence and visibility to provide a consistent level of protection wherever your apps reside
Increase Business AgilityProvides the flexibility to scale at will based on shifting hardware, software, and on-demand requirements
Customer success story: Alberta Motor Association
About Albert Motor Association (AMA)
Membership organization part of the Canadian Automobile Association and American Automobile Association family
Provides roadside assistance to motorists travelling in Alberta
Offers driver education, insurance, financial and travel agency services
Web team was presented with a difficult project and a tight timeline
Project included building staging, development, and production environments
AMA executive team concerned with security for confidential customer data
Web team needed faster turnaround to do their jobs effectively
AMA’s requirements
Why AMA chose F5 on AWS
AMA was familiar with F5’s cloud-optimized
licensing
Pay-as-you-go option from AWS
Intuitive web interface that allows their web team to adapt quickly
Deployed BIG-IP Local Traffic Manager to load balance the traffic between their AWS Cloud Availability zones
Utilized BIG-IP Application Security Manager to ensure that their web applications receive same high level protection as their on-premises applications
Built a platform that met both the web team’s agility needs and fulfilled their corporate security requirements
F5’s solution
Benefits realized/conclusion/future projects
Decreases IT workload, using fewer resources
Self-provisioning, boosting agility
Eases the transition to the
cloud
Delivers on-premises security –
on the cloud
Q&A