Product Overview
NetScaler SD-WAN Product Team
AUGUST 2017
Management + Analytics
provisioning configuration orchestration visibility analytics machine learning
Zone-based, Application
stateful Awareness &
firewall Segmentation
Internet
MPLS
NetScaler SD-WAN NetScaler SD-WAN
Branch
Data Center
Granular Internet
path breakout for
selection SaaS apps
Internet
MPLS
NetScaler SD-WAN NetScaler SD-WAN
Branch
Data Center
Internet
MPLS
NetScaler SD-WAN NetScaler SD-WAN
Branch
Data Center
Centralized
visibility and
control
Internet
MPLS
NetScaler SD-WAN NetScaler SD-WAN
Branch
Data Center
Centralized
Management &
Visibility
Reduce bandwidth
requirements and create
more responsive
applications
Application Awareness
Payload Characteristics
2 Search for known binary patterns or packet characteristics
in traffic flows
With NetScaler SD-WAN
Security Certificate Details
3 Read name of service in SSL/TLS certificate or in Server
Name Indication 3,000+ applications and key
DNS Matching and Known IP Addresses components
4 Inspect DNS queries and session initialization sequences
for known IP addresses
Application Awareness
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
• Each data stream is directed to best path(s) with priority given to critical applications
DETECT PROBLEMS
! and quickly
Logical tunnel
Q U I C K LY
createdadapt traffic to compensate.
by encapsulating in UDP By
not waiting for an actual outage, loss and
latency spikes won’t cause performance
problems.
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
• Each data stream is directed to best path with priority given to critical applications
• Data immediately fails over if an error is detected on any link
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
• Each data stream is directed to best path with priority given to critical applications
• Data immediately fails over if an error is detected on any link
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
• Each data stream is directed to best path with priority given to critical applications
• Data immediately fails over if an error is detected on any link
• Packet duplication ensures no loss of critical data for ultimate in consistent user experience
Bonding links can result in a file Logical tunnel created by encapsulating in UDP
!
B O N D M U LT I P L E L I N K S
transfers that take half the time,
mitigating the impact of latency
MPLS EF Queue
• The quality of every potential path is assessed with every packet, in each direction
• Each data stream is directed to best path with priority given to critical applications
• Data immediately fails over if an error is detected on any link
• Packet duplication ensures no loss of critical data for ultimate in consistent user experience
• Large flows can use multiple links simultaneously
24 © 2017 Citrix | Confidential
NetScaler SD-WAN: Breakout Internet at the Branch
Avoid backhauling Internet-bound traffic to
MPLS EF Queue
• Allows Internet-destined traffic to go to the Internet directly or via a Secure Web Gateway (SWG)
• Interconnect with SWG services (Zscaler, ForcePoint, and McAfee) for security and policy enforcement
• Control the maximum amount of bandwidth for Internet traffic
BANDWIDTH
Audio
HDX
Clipboard
MPLS Default Queue Clipboard
Citrix XenDesktop
• Recognize HDX in various delivery forms: ICA/CGP/SSL/Websockets etc
• Signal presence to the VDA to enable automatic adjustment of policies
• Automatic switch to multi-stream ICA separates traffic into prioritized connections (Interactive,
Multi-media, Bulk etc)
• Adapt to network conditions and deliver each stream with the right quality
Internet
MPLS
Satellite-1
Application Awareness
Skype- WorkDay
for-
Business Web and SaaS QOS: Class of service can now be
Office
assigned for web and saas applications
365
Classify Optimized applications: Now can be
applied to optimized flows in Enterprise Edition
Set priority: Prioritize business critical apps by
Application mapping them to one of the 17 priority traffic
Identification classes
Set traffic policy: Application level control over
QoS Classes link selection and traffic steering
10Mbps
10Mbps
0Mbps 0Mbps
0Mbps Received
5Mbps
5Mbps
2.5Mbps 5Mbps
2.5Mbps Received
Application Awareness
Application Awareness
DC
LAN environment
• Routing Branch DC
• eBGP, iBGP, OSPF SD-WAN SD-WAN
WAN
• 3rd party IPSec Interoperability
• GRE tunnels (WAN & LAN)
• 3rd party service chaining
Domain 255
BENEFITS
• Expanded to 255 route domains • Support for traffic isolation across
• A domain is a top level network entity that provides the Virtual WAN deployment
network layer isolation • Simplified management–Build per
• Across domains, application policies, rules, routes and domain policies without concern
routing tables are completely independent for interference
Application Awareness
WAN
Higher Lower
1. Offload of compression from XD/XA server Priority Priority
– Reduces load on XD server/client
– Plus benefits of cross-session compression
Screen Updates
Local Text Echo
Session Control
Drive Mapping
Printing
2. Identifies and parses HDX traffic:
Audio
Video
– Thin-wire data (e.g. mouse movements, keyboard)
– Multimedia (e.g. video and audio content)
– Bulk operations (e.g. print / file downloads)
ICA
– Client management (e.g. auto-updates)
TCP
4. Prioritizes HDX channels / facilitates IP layer QoS
– Supports both single-stream or multi-stream
Application Awareness
Cloud/SaaS
Branch MPLS
INTERNET
4G/LTE
SATELLITE
Datacenter
Branch
47 © 2017 Citrix | Confidential
NetScaler SD-WAN Center for Centralized Management
and Control
• Define users, permissions, and
authentication method
• Simple network map with health
indications
• Define event severity and
alerting methods
• See and filter event history
• Monitor WAN link performance
against carrier SLAs
• And more…
L4 Per-Hop L4 Per-Hop
• Start with a user and click through to
identify hop-by-hop latency
NetScaler MAS • Quickly narrow down source of
NetScaler Gateway
Or SD-WAN WO/EE problems
SD-WAN - SE SD-WAN - SE Data Center
• Real-time analysis as well as historical
Remote or Cloud
data for troubleshooting
Virtual WAN
WAN Op Virtual Path Concurrent
Capacity
Appliance Capacity* Capacity HDX Form Factor
(Mbps full
(Mbps) (Fixed/Dynamic) Sessions
duplex)
250 50 32/16 300
2000 200 20 32/16 200
100 10 32/16 100
100 20 16/8 200
50 10 16/8 100
1000
20 6 16/8 60
10 4 16/8 40
55 © 2017 Citrix | Confidential
NetScaler SD-WAN: WANOP Line Up
Physical and Virtual products as of 3Q17
Model Capacity (Mbps) HDX Form Factor
1000/1000WS 6 - 20 60 - 200
800 2 – 10 20 – 100
400 2–6 10 – 30
VPX 2 – 200 15 – 250 Software
56 © 2017 Citrix | Confidential
57 © 2017 Citrix | Confidential