The continuing growth of the mobile workforce and its insatiable demand for access to corporate data from a variety of different types of networks and devices is coming together with the accelerating adoption of virtualization. Unfortunately, the myriad benefits of the technology come with infrastructure drawbacks, such as scaling challenges for large deployments and inherent latency issues associated with WANs, thus reducing performance. F5, whose BIG-IP remote access products manage and accelerate network traffic, just announced support for multiple virtual desktop infrastructure (VDI) solutions including Citrix XenDesktop, VMware View and Microsoft Virtual Desktop Infrastructure.
While it may be hard to calculate just on numbers the return on investment that the F5 technology will afford, the benefits are real, reports St. Louis-based Distribution Management, which decided to virtualize its entire network infrastructure and desktop environment on VMware View. The challenge became figuring out how to give end users access to everything they have inside the company, even when they work remotely, while not compromising performance and security. The $600 million wholesale computer, copier, fax and printer supplier, which has 300 employees, decided to deploy the BIG-IP Edge Gateway to provide secure remote access combining SSL, VPN, security, application acceleration and availability services.
"We saw about five or six different ways users were connecting to the network," notes Dan Shipley, IT architect at Distribution Management.
When that occurs, the VPN client has to be smart enough to know when a user is switching from one connectivity point to another and keep working, but he found the ones they were using "did a terrible job handling those network changes." The gateway is "very smart to switch to different connectivity options; it knows when to do it and holds the connection if the network isn't there," says Shipley.
Distribution Management is also using BIG-IP Edge client to talk to the application and send it a retry, letting it know that the network isn't down but is rather in waiting mode. It will let communication pass through as soon as the Edge client connects again.
In addition, when users logged in to the hosted virtual environment, they typically had to log in three different times, Shipley says. F5 Edge Gateway allows for single sign-on by caching the log-in information on the back end, he says.
Another challenge was that end users were seeing "widely varying experiences" remotely depending on their network bandwidth. The Edge client, in concert with Edge Gateway, compresses traffic, and Shipley says IT has seen speed double over what it had without that compression. Latency has also decreased for certain applications, so the company has witnessed a lot of traffic optimization, he says. "The net effect to the user is they feel like they have twice the bandwidth and everything works faster."
From a back-end perspective, Shipley says, there are several features he likes: network access control (NAC) of endpoints, based on whether the clients have anti-virus running and are updated; NAC for both Windows and browsers; the ability to push the VMware View client out to the user if it is not installed; quality of service for VoIP, RDP and PCoIP protocols; load balancing of incoming user connections; Webtop page listing applications users can connect to; and firewall limiting of ports, protocols and IP addresses the clients can communicate with. The only downside Shipley has seen with F5 is that the technology is so powerful it has a fair amount of complexity and a big learning curve. "I wish it would configure itself,'' he says.
Just two weeks ago VMware expanded its management portfolio with vCenter Operations Management Suiteby integrating with VMware vCenter Capacity IQ and VMware vCenter Configuration Manager for improved performance, capacity and configuration management. The new enhancements focus on embedding and integrating management tools into the platform, streamlining processes and applying analytics so customers can achieve better economics with their cloud computing deployments.
Shipley hasn't calculated the ROI since his company started using F5, but he says the technology has leveraged the company's internal infrastructure by allowing external/remote access. "Without the F5, users would not be happy with the solution and wouldn't use it as much. The [virtualization] project wouldn't have been successful without the Edge Gateway and Client."
Learn more about Strategy: SIEM by subscribing to Network Computing Pro Reports (free, registration required).