Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

NetScaler White Paper: Advanced Load Balancing Features for Network Demands, Study notes of Computer Networks

This white paper from Citrix discusses the evolution of load balancing solutions to more comprehensive application delivery controllers (ADCs). It highlights the need for enterprises to consider not just scalability and availability, but also application performance, security, and adaptability. The paper outlines 8 must-have features for today’s network demands, including Layer 4 and 7 load balancing, global server load balancing, application acceleration, comprehensive application security, a purpose-built platform, an integrated, modular design, and unified, simplified management.

Typology: Study notes

2019/2020

Uploaded on 10/08/2020

kishor-sriram
kishor-sriram 🇮🇳

1 document

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
www.citrix.com
NetScaler White paper
Advanced load balancing:
8 must-have features for
today’s network demands
Application availability and scalability are no longer enough.
Today’s enterprises require an integrated solution that also
delivers the highest levels of security, performance and
adaptability for their business critical Web applications.
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download NetScaler White Paper: Advanced Load Balancing Features for Network Demands and more Study notes Computer Networks in PDF only on Docsity!

www.citrix.com

NetScaler White paper

Advanced load balancing:

8 must-have features for

today’s network demands

Application availability and scalability are no longer enough.

Today’s enterprises require an integrated solution that also

delivers the highest levels of security, performance and

adaptability for their business critical Web applications.

Overview Early-generation server load balancing technology has proven to be an invaluable asset, especially for organizations hosting widely utilized Web applications. By operating as a virtual entry point to such applications, load balancing provides an opportunity to execute a variety of algorithms for splitting the processing load among back-end servers. In addition, periodic polling to establish the status of participating nodes can be used not only to fine tune the load distribution but also to avoid directing traffic to servers that are actually offline. In other words, server load balancers (SLBs) are a simple yet highly effective means to scale an application environment while simultaneously ensuring its availability. Time marches on, however. Business requirements evolve, as do the processes and technologies used to fulfill them. In fact, the following are just a handful of the key changes and trends that have taken hold since SLBs were first introduced:

  • Organizations have become heavily reliant on e-commerce and e-business and the use of the Internet, in general, as a legitimate business tool.
  • Traffic volumes have risen dramatically, often creating contention for constrained resources (e.g., network bandwidth, system capacity).
  • Applications have become more complex. Support for real-time interaction and multimedia content has placed even greater demands on computing infrastructure at the same time that sensitivity to latency has become the status quo.
  • Computing resources have become increasingly centralized (e.g., due to datacenter consolidation) at the same time that users have become increasingly decentralized (e.g., due to mobility, globalization and offshoring).
  • The proliferation of regulatory requirements has significantly elevated the business importance of ensuring data privacy and having a comprehensive information security program.
  • A shift in hacker motivation has led to a significantly more dangerous threat landscape characterized by a growing percentage of highly elusive application layer attacks. What these changes and trends expose is the need for enterprises to step up from a simple load balancing solution to a more comprehensive application delivery solution—a solution that addresses not just scalability and availability of the application environment, but application performance, security and adaptability as well. Accordingly, this paper is intended to serve as a guide for organizations looking to replace their early generation SLBs. Details on the top eight criteria to use during an evaluation process are provided, along with numerous examples of how Citrix®^ NetScaler®^ meets and often exceeds the associated requirements.

Citrix NetScaler in

a nutshell

Citrix NetScaler is an enterprise-class solution for server and global server load balancing. However, it is much more than that. Because NetScaler also incorporates comprehensive application performance and security functionality, it is appropriately classified as a full-featured Application Delivery Controller. A market-proven solution, NetScaler is used by eight out of the 10 largest Web sites, with an estimated 75 percent of Internet users hitting a NetScaler daily.

8 must have features for today’s network demands

1 Layer 4 load balancing 2 Layer 7 load balancing 3 Global server load balancing 4 Application acceleration 5 Comprehensive application security 6 A purpose-built platform – The key to superior scalability 7 An integrated, modular design – The key to superior agility 8 Unified, simplified management – The key to superior usability

2. Layer 7 load balancing

Also referred to as content switching, L7 load balancing is essentially an extension of the traffic distribution, health monitoring and session persistence capabilities discussed above. The difference is that routing decisions can also be based on application layer data and attributes, such as HTTP header, uniform resource identifier, SSL session ID and HTML form data. This difference enables more-efficient utilization of resources because all of the services and components of an application no longer need to be implemented on all of the server nodes. As a result, each physical system can now be tailored to the functions it will be supporting. When evaluating solutions against this criterion, emphasis should be placed on the breadth and depth of L7 load balancing and content-switching policies that can be established, as well as the ease with which they can be constructed or configured. Organizations should also consider the value of a variety of advanced L7 content features not strictly associated with distributing traffic. For example, NetScaler enables content to be rewritten (e.g., to mask sensitive data) and includes a responder module for configuring custom responses (e.g., redirects, error messages) to specified types of inbound requests.

3. Global server load balancing

The general concept of global server load balancing is to extend the core L4 and L7 capabilities so that they are applicable across geographically distributed server farms. The primary objective is to provide an additional degree of availability by accounting for site level disruptions and outages. Secondary benefits include: (a) being able to further enhance performance for remote users by routing their sessions to the closest or best-performing datacenter; and (b) being able to balance and optimize resource utilization on an enterprise wide basis. Unlike many other solutions on the market, NetScaler incorporates global server load balancing as an optional feature. A separate, standalone device is not required. NetScaler’s other distinct advantage, once again, is that it offers an extensive array of options when it comes to the site level health attributes that can be monitored, as well as the mechanisms and algorithms that can be used to distribute sessions among an organization’s different datacenters. Stepping up to application delivery The point has already been made that simple, early generation load balancers are not sufficient. Overall, they leave organizations in the undesirable position of having to acquire and implement an additional set of products to achieve adequate levels of application performance and security. The deficiencies in these early load balancers also explain why leading industry analysts strongly encourage organizations to embrace advanced Application Delivery Controllers (ADCs) when replacing their server load balancers. The intent with ADCs in general, and NetScaler in particular, is to have a single device that incorporates not just a core set of load balancing capabilities but a comprehensive set of application performance and security services as well. The next two sections elaborate on what this means in terms of specific functionality.

4. Application acceleration

Compensating for obvious deficiencies and otherwise enhancing application performance can be a tricky proposition. Sub-optimal application performance can be the result of resource constraints at virtually any point in the path that a user’s session traverses. A few of the more likely bottlenecks are inadequate client hardware, insufficient bandwidth at either the client or server end of the connection and overloaded server infrastructure. Alternately, there can be problems with the application itself. This is frequently the case when the underlying protocols or application logic have not been optimized for operation over a wide area network. The resulting condition, referred to as chattiness, is a highly inefficient behavior whereby it takes numerous back-and-forth exchanges between client and server to complete a single, user level action. The diversity of potential issues is why an ideal solution should incorporate an overlapping set of features that enhance application performance. These include caching, compression, TCP communications management and SSL offload.

  • Caching techniques enable frequently requested content to be served from the load balancer platform. This technology acceler- ates delivery to the user while relieving some of the processing demand placed on back-end servers. These gains are maximized with NetScaler, based on the fact that its Citrix®^ AppCache™ functionality provides in-memory caching not just for static data, but for dynamically generated HTTP application content as well.
  • Compression is all about reducing the amount of data that must traverse the connection in the first place—even for encrypted sessions. The next generation of Web 2.0 applications frequently includes large numbers of cascading style sheets and JavaScript, making compression even more important. Compression helps alleviate network congestion and can accelerate transactions by three to five times.
  • TCP communications management covers two major items. At the front end (i.e., between the client and ADC), TCP optimization techniques (e.g., forward-error correction, window scaling and buffering) help make more efficient use of available bandwidth and reduce the amount of chattiness. At the back end (i.e., between the ADC and server nodes), TCP multiplexing enables the aggregation of a large number of HTTP requests over a much smaller number of long-lived TCP connections. The impact on server load and response time can be quite dramatic, as this significantly reduces the processing demand associated with connection setup and teardown.
  • SSL offload similarly relieves back-end servers by performing compute-intensive encryption and decryption processes on their behalf—ideally, by taking advantage of hardware that is specialized to the task. Of course, having a comprehensive set of application acceleration features is really just table stakes. With NetScaler, organizations also benefit from having highly granular control over the configuration of these capabilities. This control is particularly important for caching and compression mechanisms since there are often scenarios where: (a) it is preferable to not cache certain content or (b) the use of compression incurs a greater penalty than the benefit it provides (e.g., for low-latency, high-bandwidth connections).

NetScaler White paper

6. A purpose built platform – The key to superior scalability

Application delivery is substantially more compute intensive than ordinary load balancing. Not only is the scope of functionality greater, but so is the depth of processing that needs to be conducted to provide the requisite level of application visibility and control. Less clear, though, is how to account for this difference, especially in ensuring the solution is able to scale appropriately. One key is having a platform where the hardware—and more importantly, the system level software—has been constructed and optimized explicitly for the higher-level services that define an ADC. Some of the more significant features of such a platform are:

  • A customized operating system – General purpose operating systems are interrupt driven and designed to provide equitable treatment for the widest possible set of applications. However, because it has complete control over functions such as process timing, memory management and network access, the customized system in NetScaler is able to optimize resource allocation for the tasks at hand. The result is a far more deterministic processing model with lower latency and greater overall scalability.
  • A customized TCP/IP stack – A logical extension of the previous item, this one ensures even greater processing efficiency, and also provides an opportunity to implement the aforementioned stack-level security mechanisms.
  • An intelligent HTTP parsing engine – Ideally, packet processing tasks should not need to be repeated for each individual function (e.g., caching, compression).
  • Appropriate appliance design – This does not imply that custom silicon (i.e., ASICs) should be used for everything, or even most things. Indeed, when it comes to L7 operations, general-purpose hardware (e.g., the Intel x86 platform) has proven to be more efficient, adaptable and therefore economical. However, where massive scalability is required for lower-layer processes that are highly deterministic and repetitive (e.g., cryptographic functions or flow control), using an ASIC to accelerate this lower layer processing is appropriate. Equally important to being able to scale, however, is being able to do so in a manner that is both affordable and agile. This is where the flexibility of the NetScaler system architecture has a distinct advantage, since it makes feature-complete NetScaler virtual appliances possible. With the addition of Citrix®^ NetScaler®^ VPX to the NetScaler product family, IT organizations have a choice. They can implement purpose-built NetScaler appliances to achieve maximum scalability; implement NetScaler VPX virtual appliances to reduce their total cost of ownership, and increase the flexibility and responsiveness of their application delivery infrastructure; or implement a combination of both platforms to achieve an optimum balance between both sets of objectives.

NetScaler White paper

With NetScaler VPX—a full-featured virtual appliance version of NetScaler that can be deployed on any hardware platform running the Citrix® XenServer™^ server virtualization system—there is no physical appliance to deal with. As a result, IT departments can deploy application availability, security and accelerations services on-demand, anywhere within private, hosted or cloud-based networks and datacenters. Not only is a more thorough implementation of critical application delivery services possible, but it can be done in a way that takes full advantage of virtualized servers and off-the-shelf hardware that already in place—all while facilitating the longer-term objective of having a fully dynamic datacenter.

7. An integrated, modular design – The key to superior agility

For most organizations, having options is a firm requirement. So is having a solution that is adaptable and, therefore, future proof. Consequently, a top consideration for an SLB replacement is that it feature a modular design. This way individual capabilities (e.g., application firewall, SSL VPN) can be added as needed when the organization is ready to take the next step in the evolution of its application delivery infrastructure. Furthermore, new modules that account for ever changing conditions can be developed and implemented over time without having to resort to deploying a fleet of additional, standalone devices. Equally important is that the modules be truly integrated components of the overall system. For instance:

  • Each module should take full advantage of the embedded scalability, performance and security features of the underlying platform.
  • The presence of any given module should not prevent other functional modules from taking advantage of a given system’s features (e.g., support for multi-core processing).
  • Modules should be intelligent and selective—for example, if the application firewall requires full, deep-packet inspection of specific traffic flows, then it should not automatically force all other flows to be handled this way.
  • Individual modules should not require their own, separate management consoles. NetScaler fully meets these requirements. Its design is highly modular, yet the individual functional capabilities are tightly integrated and completely compatible. Furthermore, all features are available on all models all of the time.

8. Unified, simplified management –

The key to superior usability

Ultimately, the ability to unleash the full power of an ADC depends heavily on the strength and usability of the associated management capabilities. Three elements of the NetScaler solution are particularly helpful in identifying the specific features to look for when considering management capabilities.

  • The intuitive AppExpert Visual Policy Builder enables application delivery policies to be created without having to code complex programs or scripts. In addition, the unification and consolidation of multiple capabilities in a single solution keep administrators from having to jump between different consoles and policy models.