In the last blog (/ blogs / 2013/07/11 / up-graded-queue-for -the-applications /) we discussed various queuing mechanisms in NetScaler and how we got the basic system queue until leveled for managing client connections. There are obvious advantages to moving the queue VSERVER / application layer of individual services, but beyond?
This is a sensitive issue and it was in all our minds once we decided to up the level of the queue. The thought process was around the experience of the end user and related issues at the application layer. Now that we have control of the queue at the application layer, we can apply L4 to L7 intelligence to ensure that we offer the best quality of experience for the application. We deliver the QoE by applying traffic shaping policies that help the allocation of control resources according to priorities. Here is a quick summary of the advantages:
- prioritization of requests
- prioritization at the
- controlled allocation of resources
- Control admission to all guests
- Protection of backend resources
- alternative content to keep customers occupied
- visibility of information processing request
- advance expressions for traffic classification
- maintaining prioritized through multiple connections
- HTTP / L7 DDoS protection to the application layer
- built in responses to mitigate DoS attacks
- Ability to generate a personalized response against DoS attacks
traffic classification and priority of evaluation is essential to AppQoE the module is working. Thus, as soon as the client connection lands on the vserver, the AppQoE related policies are evaluated and prioritization is made. This stage occurs before load balancing decision is made for the client. Based on the game of politics, there can be two types of action. Assign priority to the connection and spin. Or on the basis of the threshold match NetScaler generate response.
The generated answer is quite important as you treat the application as possible DoS request or you just want to keep the demand for resources to be released. After type responses can be generated:
- Content Response Alternative Server (ACS)
- NetScaler High-response to delay the processing of applications
- DOS response challenge with JavaScript to validate customer
- Serve content customized response file on NetScaler
- do not take any action and remove the lower priority connections
most of the time you would notice that even after priorities, page loads and some of the objects partially take much longer cycle. This is where priority application to the page level becomes quite interesting because it applies to all objects and embedded links within the page. So you see that the whole page with all objects fast charge which results in much better experience for the end user. Likewise meet customers with the dynamic response is also something cool, because based on the backend NetScaler resource availability can take the configured action and let the customer know the state or other content etc ...
the most interesting of the ability to generate DoS response requires still run the time of user input ensures that the customer is genuine and there is no threat of DoS. There is no way the script kiddies can generate the captcha response based on the basis of the content displayed on the Web page. This is all generated dynamically and randomly mimicking the behavior is really difficult.
In summary, this new module will change the way customers make application deployment today. It will allow NetScaler administrators to use resources efficiently and generate intelligent answers to end users.
0 Komentar