SlideShare a Scribd company logo

Azure F5 Solutions

MarketingArrowECS_CZ
MarketingArrowECS_CZ

Prezentace ze semináře "Technologie F5 v prostředí Microsoft Azure - Hybridní cloud v praxi" Praha, 17.5.2017

Technology
1 of 27
Download to read offline
F5Solutions
Locations: • Azure has regions around the world. Availability Sets: • Azure provides the redundancy option for VMs by isolating them in different fault and update domains. Virtual Networks (VNETs) • Logically isolated network. You can create subnets, route tables. Subnets: Fixed address blocked within a VNET (ex. 10.0.1.0/24 ) User Defined Routes (UDRs): Route table for next hop Network Security Groups (NSGs): network firewall rules used to secure resources Azure Resource Manager Templates: Used to orchestrate resources and deliver services in Azure
VNET Connectivity: • On Prem to VNET • Two methods. 1. VPN Gateway 2. ExpressRoute™ – secure dedicated connection • VNET to VNET F5 available as a drop down option to connect to your remote BIG -IP
© 2016 F5 Networks, Inc 4 https://blog.kloud.com.au/2016/04/05/azure-classic-vs-azure-resource-manager/ https://azure.microsoft.com/en-us/documentation/articles/resource-manager-deployment-model/ •ARM Templates: Can be used ONLY in ARM mode.
Networking • Topology • • • • Capacity Planning • •
• 1 NIC for Management and External • Change configuration utility port 443 => 8443 • Use a Transparent/forward virtual server per service port. • Separation of traffic via iRule, SNI or traffic policy. • Networking objects (vNIC 1.0, an internal VLAN, and an internal self IP address) are created automatically for you. • Supports One-Armed and DSR mode.
• Supports one-armed, two armed and DSR mode use cases. • Still only one public IP address available • Change BIG-IP configuration utility port 443 => 8443 • You can’t use BIG-IP GUI to create this configuration. - An Azure template - PowerShell - The Azure command-line interface (CLI) • Supported in version 12.0 HF1 and later
• • • •
Public Cloud - Shared Responsibility Security Model CP Global Infrastructure Data Centers Zones Regions Edge Locations Networking Services Compute Database Storage Deployment & Management Client-Side Data Encryption & Data Integrity Authentication Server-Side Encryption (File System and/or Data) Network Traffic Protection (Encryption, Integrity, Identity) Operating System, Network and Firewall Configuration Platform, Applications, Identity & Access Management Customer Data Customer’s responsibility • Protecting the confidentiality, integrity, and availability of their data in the cloud • OS and application-level security Cloud Provider responsibility • Providing a global secure infrastructure and services PhysicaltoHypervisorOSandApplication CloudProviderCustomer
Preconfigured WAF with Azure Security Center Product : F5 Web Application Firewall (WAF) Solution • Simple deployment experience integrated with Azure workflow and services • Out-of-the-box choice of security settings preconfigured by F5 experts • Comprehensive application security and compliance with advanced Layer 7 attack protections • Consistent policy management and user experience across Cloud and Datacenter apps • Integration with Azure dashboard and alerts / visualization services F5 WAF Solution Integrated With Azure Security Center (ASC) Use Case Example F5 provides ARM template to configure Preconfigure WAF outside of Azure Security Center to support broader customer needs. WAF
• Strengthens security posture by enabling device checks, multifactor authentication, up- leveling authentication and AD & AAD Integration • Consolidates & centralizes security when offering hybrid services across cloud and on- prem datacenters • Streamlines access by providing federation & single sign on across all SAML/OAuth enabled on-prem, O365, Azure, and SAAS apps • Reduces configuration complexity simplified deployment using Azure Solution Template • Enables migration with context aware, user & device based traffic redirection Office 365 Identity Federation & Single Sign On Product : F5 BIG-IP Best (BIG-IP Access Policy Manager) Azure Private Cloud Unauthorized User Authorized Users Use Case Example BIG-IP SSO
AD SAML FEDERATIONSAML IDP SAML SP App A App B Employee Contractor/Partner SSL-VPN On premises BIG-IP • Back Ground • Need secure access (SSL-VPN) to Azure for employees, contractors and partners. • Integration with existing identity infrastructure • Solution • Secure access by enabling SAML for all the apps in Azure. • Federate ID with existing AD and SAML IDP • Endpoint security check and SSL VPN enables secure remote access to Azure • Increase high availability by deploying F5 into multiple Azure regions SSL VPN and secure access to Azure Product : F5 BIG-IP Best (BIG-IP Access Policy Manager) Use Case Example Azure SSL-VPN
SQL Backend Active Directory End Users Internet ACTIVE BIG-IP STANDBY BIG-IP Use Case 1: Cloud Deployment with Single Sign On and Firewall Pre-authentication Traffic Backend Data Communication Load Balancing + App Delivery + SSLLTM Access ManagementAPM Web Application FirewallingASM • Secure, policy driven single sign-on Access Management • Web application security, firewalling and DDOS protection • Stateful Layer 4-7 load balancing, SSL offloading and application delivery Firewalling + DDoS protectionAFM LTMAFM APM ASM
• Consistent settings and policies on prem and off • Single-Sign-On for both on prem and cloud based apps • Web-Application Firewall where-ever your app resides Azure Virtual Net On-Premise Net S2S VPN IPsec Pre-authentication Traffic Backend Data Communication ACTIVE BIG-IP STANDBY BIG-IP SQL Backend On Premise DC Active Directory BIG-IP Platform Use Case 2: Hybrid Cloud with site to site VPN Internet End Users LTMAFM APM ASM Load Balancing + App Delivery + SSLLTM Access ManagementAPM Web Application FirewallingASM Firewalling + DDoS protectionAFM
WEST US EAST US Authentication Traffic GSLB Use Case 3: Hybrid Cloud with GSLB and SAML • Delivers Business Continuity • Users get the best possible QoE because the service comes from the closest available source Internet End Users Load Balancing + App Delivery + SSLLTM Identity Access ManagementAPM Web Application FirewallingASM Business Continuity + DNSGTM
• • • • • • •
• • • • • •
OFFERING • Certified Images in marketplace and on downloads.f5.com • All BIG-IP Modules (GBB and standalone) in Classic and ARM • Performance: 25M, 200M, 1G BYOL and Utility • Single and Multi NIC deployments • Available in Azure Government Marketplace • Available 30 day evaluation and lab licenses • WAF offering in Azure Security Center
© 2016 F5 Networks, Inc 24 Parameters BYOL (1)(2) Utility Presence Currently Available Releasing Dec. 2016 as 12.1.2 • Commercial Y (3) (4) Y (4) • Government Y (5) Max throughput SKU 1 Gbps 1 Gbps Modules Stand alone and GBB GBB downloads.f5.com 12.0.0HF4, 12.1.0 HF2, 12.1.1 HF1 NOTES
• • • • • • • • • Available in January 2017
• • https://github.com/F5Networks/ • https://github.com/f5devcentral/ • • • https://github.com/F5Networks/f5-azure-arm-templates •
Azure F5 Solutions

Recommended

Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-reviewRayan Darine
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxYitao Cen
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
Presentation f5 – beyond load balancer
Presentation f5 – beyond load balancerPresentation f5 – beyond load balancer
Presentation f5 – beyond load balancerxKinAnx
 

Recommended

Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Palo alto-review
Palo alto-reviewPalo alto-review
Palo alto-reviewRayan Darine
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...Ivanti
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxYitao Cen
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
Presentation f5 – beyond load balancer
Presentation f5 – beyond load balancerPresentation f5 – beyond load balancer
Presentation f5 – beyond load balancerxKinAnx
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Forti web
Forti webForti web
Forti webLan & Wan Solutions
 
Azure vnet
Azure vnetAzure vnet
Azure vnetzekeLabs Technologies
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate TrainingNCS Computech Ltd.
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxceyhan1
 
Aruba Webinar - 1-29-15
Aruba Webinar - 1-29-15Aruba Webinar - 1-29-15
Aruba Webinar - 1-29-15Aruba, a Hewlett Packard Enterprise company
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
4 palo alto licenses
4 palo alto licenses4 palo alto licenses
4 palo alto licensesMostafa El Lathy
 
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)2 what is the best firewall (sizing)
2 what is the best firewall (sizing)Mostafa El Lathy
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio updateAtanas Gergiminov
 
CyberArk
CyberArkCyberArk
CyberArkJimmy Sze
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Identity Services Engine Overview and Update
Identity Services Engine Overview and UpdateIdentity Services Engine Overview and Update
Identity Services Engine Overview and UpdateCisco Canada
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?Xylos
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůMarketingArrowECS_CZ
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld
 

More Related Content

What's hot

Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxceyhan1
 
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)2 what is the best firewall (sizing)
2 what is the best firewall (sizing)Mostafa El Lathy
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio updateAtanas Gergiminov
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Identity Services Engine Overview and Update
Identity Services Engine Overview and UpdateIdentity Services Engine Overview and Update
Identity Services Engine Overview and UpdateCisco Canada
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?Xylos
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 

What's hot (20)

Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
Forti web
Forti webForti web
Forti web
 
Azure vnet
Azure vnetAzure vnet
Azure vnet
 
Fortigate Training
Fortigate TrainingFortigate Training
Fortigate Training
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Azure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptxAzure Virtual Desktop Overview.pptx
Azure Virtual Desktop Overview.pptx
 
Aruba Webinar - 1-29-15
Aruba Webinar - 1-29-15Aruba Webinar - 1-29-15
Aruba Webinar - 1-29-15
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
4 palo alto licenses
4 palo alto licenses4 palo alto licenses
4 palo alto licenses
 
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
 
CyberArk
CyberArkCyberArk
CyberArk
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practices
 
Identity Services Engine Overview and Update
Identity Services Engine Overview and UpdateIdentity Services Engine Overview and Update
Identity Services Engine Overview and Update
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?How does Quest Software fit into a Microsoft hybrid environment?
How does Quest Software fit into a Microsoft hybrid environment?
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 

Similar to Azure F5 Solutions

Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůMarketingArrowECS_CZ
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld
 
Self service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxSelf service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxsolarisyougood
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185jtaylor707
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)Tsz Wing Chu
 
Гибридное облако - эффективность в квадрате
Гибридное облако - эффективность в квадратеГибридное облако - эффективность в квадрате
Гибридное облако - эффективность в квадратеActiveCloud
 
Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010solarisyourep
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMwareAngel Villar Garea
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networkingwalk2talk srl
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityScott Hoag
 
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...Cisco DevNet
 
Deploying couchbaseserverazure cihanbiyikoglu_microsoft
Deploying couchbaseserverazure cihanbiyikoglu_microsoftDeploying couchbaseserverazure cihanbiyikoglu_microsoft
Deploying couchbaseserverazure cihanbiyikoglu_microsoftCihan Biyikoglu
 
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리Amazon Web Services Korea
 
Simplifier le deploiement d'applications dans le nuage hybride
Simplifier le deploiement d'applications dans le nuage hybrideSimplifier le deploiement d'applications dans le nuage hybride
Simplifier le deploiement d'applications dans le nuage hybrideCisco Canada
 
Cloud computing
Cloud computingCloud computing
Cloud computinggd1410
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Microsoft Azure News - Oct 2016
Microsoft Azure News - Oct 2016Microsoft Azure News - Oct 2016
Microsoft Azure News - Oct 2016Daniel Toomey
 
Presentation vmware building “your cloud”
Presentation vmware building “your cloud”Presentation vmware building “your cloud”
Presentation vmware building “your cloud”solarisyourep
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and ManagementAllen Brokken
 

Similar to Azure F5 Solutions (20)

Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An Island
 
Self service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxSelf service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsx
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
 
Гибридное облако - эффективность в квадрате
Гибридное облако - эффективность в квадратеГибридное облако - эффективность в квадрате
Гибридное облако - эффективность в квадрате
 
Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMware
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network Security
 
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
 
Deploying couchbaseserverazure cihanbiyikoglu_microsoft
Deploying couchbaseserverazure cihanbiyikoglu_microsoftDeploying couchbaseserverazure cihanbiyikoglu_microsoft
Deploying couchbaseserverazure cihanbiyikoglu_microsoft
 
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
엔터프라이즈를 위한 하이브리드 클라우드 및 보안 관리
 
Simplifier le deploiement d'applications dans le nuage hybride
Simplifier le deploiement d'applications dans le nuage hybrideSimplifier le deploiement d'applications dans le nuage hybride
Simplifier le deploiement d'applications dans le nuage hybride
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Microsoft Azure News - Oct 2016
Microsoft Azure News - Oct 2016Microsoft Azure News - Oct 2016
Microsoft Azure News - Oct 2016
 
Presentation vmware building “your cloud”
Presentation vmware building “your cloud”Presentation vmware building “your cloud”
Presentation vmware building “your cloud”
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 

More from MarketingArrowECS_CZ

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfMarketingArrowECS_CZ
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?MarketingArrowECS_CZ
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaMarketingArrowECS_CZ
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceMarketingArrowECS_CZ
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeMarketingArrowECS_CZ
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle softwareMarketingArrowECS_CZ
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?MarketingArrowECS_CZ
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoMarketingArrowECS_CZ
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. částMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částMarketingArrowECS_CZ
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyMarketingArrowECS_CZ
 

More from MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Recently uploaded (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Azure F5 Solutions

  • 2. Locations: • Azure has regions around the world. Availability Sets: • Azure provides the redundancy option for VMs by isolating them in different fault and update domains. Virtual Networks (VNETs) • Logically isolated network. You can create subnets, route tables. Subnets: Fixed address blocked within a VNET (ex. 10.0.1.0/24 ) User Defined Routes (UDRs): Route table for next hop Network Security Groups (NSGs): network firewall rules used to secure resources Azure Resource Manager Templates: Used to orchestrate resources and deliver services in Azure
  • 3. VNET Connectivity: • On Prem to VNET • Two methods. 1. VPN Gateway 2. ExpressRoute™ – secure dedicated connection • VNET to VNET F5 available as a drop down option to connect to your remote BIG -IP
  • 4. © 2016 F5 Networks, Inc 4 https://blog.kloud.com.au/2016/04/05/azure-classic-vs-azure-resource-manager/ https://azure.microsoft.com/en-us/documentation/articles/resource-manager-deployment-model/ •ARM Templates: Can be used ONLY in ARM mode.
  • 6.
  • 7. • 1 NIC for Management and External • Change configuration utility port 443 => 8443 • Use a Transparent/forward virtual server per service port. • Separation of traffic via iRule, SNI or traffic policy. • Networking objects (vNIC 1.0, an internal VLAN, and an internal self IP address) are created automatically for you. • Supports One-Armed and DSR mode.
  • 8. • Supports one-armed, two armed and DSR mode use cases. • Still only one public IP address available • Change BIG-IP configuration utility port 443 => 8443 • You can’t use BIG-IP GUI to create this configuration. - An Azure template - PowerShell - The Azure command-line interface (CLI) • Supported in version 12.0 HF1 and later
  • 10.
  • 11. Public Cloud - Shared Responsibility Security Model CP Global Infrastructure Data Centers Zones Regions Edge Locations Networking Services Compute Database Storage Deployment & Management Client-Side Data Encryption & Data Integrity Authentication Server-Side Encryption (File System and/or Data) Network Traffic Protection (Encryption, Integrity, Identity) Operating System, Network and Firewall Configuration Platform, Applications, Identity & Access Management Customer Data Customer’s responsibility • Protecting the confidentiality, integrity, and availability of their data in the cloud • OS and application-level security Cloud Provider responsibility • Providing a global secure infrastructure and services PhysicaltoHypervisorOSandApplication CloudProviderCustomer
  • 12. Preconfigured WAF with Azure Security Center Product : F5 Web Application Firewall (WAF) Solution • Simple deployment experience integrated with Azure workflow and services • Out-of-the-box choice of security settings preconfigured by F5 experts • Comprehensive application security and compliance with advanced Layer 7 attack protections • Consistent policy management and user experience across Cloud and Datacenter apps • Integration with Azure dashboard and alerts / visualization services F5 WAF Solution Integrated With Azure Security Center (ASC) Use Case Example F5 provides ARM template to configure Preconfigure WAF outside of Azure Security Center to support broader customer needs. WAF
  • 13. • Strengthens security posture by enabling device checks, multifactor authentication, up- leveling authentication and AD & AAD Integration • Consolidates & centralizes security when offering hybrid services across cloud and on- prem datacenters • Streamlines access by providing federation & single sign on across all SAML/OAuth enabled on-prem, O365, Azure, and SAAS apps • Reduces configuration complexity simplified deployment using Azure Solution Template • Enables migration with context aware, user & device based traffic redirection Office 365 Identity Federation & Single Sign On Product : F5 BIG-IP Best (BIG-IP Access Policy Manager) Azure Private Cloud Unauthorized User Authorized Users Use Case Example BIG-IP SSO
  • 14. AD SAML FEDERATIONSAML IDP SAML SP App A App B Employee Contractor/Partner SSL-VPN On premises BIG-IP • Back Ground • Need secure access (SSL-VPN) to Azure for employees, contractors and partners. • Integration with existing identity infrastructure • Solution • Secure access by enabling SAML for all the apps in Azure. • Federate ID with existing AD and SAML IDP • Endpoint security check and SSL VPN enables secure remote access to Azure • Increase high availability by deploying F5 into multiple Azure regions SSL VPN and secure access to Azure Product : F5 BIG-IP Best (BIG-IP Access Policy Manager) Use Case Example Azure SSL-VPN
  • 15. SQL Backend Active Directory End Users Internet ACTIVE BIG-IP STANDBY BIG-IP Use Case 1: Cloud Deployment with Single Sign On and Firewall Pre-authentication Traffic Backend Data Communication Load Balancing + App Delivery + SSLLTM Access ManagementAPM Web Application FirewallingASM • Secure, policy driven single sign-on Access Management • Web application security, firewalling and DDOS protection • Stateful Layer 4-7 load balancing, SSL offloading and application delivery Firewalling + DDoS protectionAFM LTMAFM APM ASM
  • 16. • Consistent settings and policies on prem and off • Single-Sign-On for both on prem and cloud based apps • Web-Application Firewall where-ever your app resides Azure Virtual Net On-Premise Net S2S VPN IPsec Pre-authentication Traffic Backend Data Communication ACTIVE BIG-IP STANDBY BIG-IP SQL Backend On Premise DC Active Directory BIG-IP Platform Use Case 2: Hybrid Cloud with site to site VPN Internet End Users LTMAFM APM ASM Load Balancing + App Delivery + SSLLTM Access ManagementAPM Web Application FirewallingASM Firewalling + DDoS protectionAFM
  • 17. WEST US EAST US Authentication Traffic GSLB Use Case 3: Hybrid Cloud with GSLB and SAML • Delivers Business Continuity • Users get the best possible QoE because the service comes from the closest available source Internet End Users Load Balancing + App Delivery + SSLLTM Identity Access ManagementAPM Web Application FirewallingASM Business Continuity + DNSGTM
  • 18.
  • 20.
  • 22.
  • 23. OFFERING • Certified Images in marketplace and on downloads.f5.com • All BIG-IP Modules (GBB and standalone) in Classic and ARM • Performance: 25M, 200M, 1G BYOL and Utility • Single and Multi NIC deployments • Available in Azure Government Marketplace • Available 30 day evaluation and lab licenses • WAF offering in Azure Security Center
  • 24. © 2016 F5 Networks, Inc 24 Parameters BYOL (1)(2) Utility Presence Currently Available Releasing Dec. 2016 as 12.1.2 • Commercial Y (3) (4) Y (4) • Government Y (5) Max throughput SKU 1 Gbps 1 Gbps Modules Stand alone and GBB GBB downloads.f5.com 12.0.0HF4, 12.1.0 HF2, 12.1.1 HF1 NOTES
  • 26. • • https://github.com/F5Networks/ • https://github.com/f5devcentral/ • • • https://github.com/F5Networks/f5-azure-arm-templates •