F5 + Blue Coat = Alpha Technology

Imagine there was a network solution amalgamating F5 and Bluecoat solutions. If such a product exists, there would be a monopoly in technology markets for a few decades. Fusing these solutions together would cover OSI Layer-2 to Layer-7 in terms of availability, delivery in addition to Security.

F5’s Big-IP solutions are the best in terms of ensuring an application is delivered on time, always available and secured. While ASM deals with a web application’s security in depth, AFM handles its Layer-4 based Denial of Service issues. APM, on the other hand, attends seamlessly to SAML-based SSO. GTM is the gatekeeper who ensures that whoever is asking for a domain’s IP, gets the IP of the most optimal service. Optimal service here means a service presented by the least loaded, best performing and nearest application server. Furthermore, AAM ensures a quicker web application user experience.

F5’s Load Balancer LTM adds to this recipe by ensuring application availability. whose role is to ensure that a site is available all the time. It also provides caching of web content. Caching is limited to RAM because the underlying kernel of all F5 modules is a Linux one. Linux doesn’t allow for optimal fetching of cached objects from the disk. The main reason behind this is the architecture of the OS which is TMOS. TMOS can deal with networking elements, security elements, and load balancing elements. When it comes to the situation where the dependency is on Hard Disks’ (I/O), TMOS behaves just like any other Linux kernel based OS. This is because TMOS has to read the file allocation tables from boot sectors and perform multiple I/Os to fetch files from the disk (a CPU utilization factor). In contrast, SGOS uses a flat non-directory based architecture wherein caching is dealt with in a way similar to indexing used in an S/W called Copernic Desktop Search. We create indexes of objects in MIME format in RAM to locate disk location.

Blue Coat offers the best of SSL visibility and forensic analysis solutions in the market.

It would be nice to see a solution combining SGOS disk caching powers with TMOS’s TCP and application based acceleration, web content security and web application security with SSO based on SAML authentication while maintaining a holistic perform
Nanda's Image

Written by Nanda Kumar Ananda
Senior Trainer at Red Education

The Unpolished Gem of iRules

The F5 BIG-IP platform is widely considered the Swiss army knife of application delivery. Well, from experience I can tell you that the ‘Swiss’ in that is iRules. When you are trying to get something done and the in-built functionality cannot do it for you, it is iRules that can can get the job done – iRules courses in your location can be found here.

Many smaller customers I talk to are shy of using them, because they are afraid of what they don’t understand. Many large customers ask me how can I do ‘this’ with an iRule as they already have many, and use them extensively to provide functionality that is not otherwise possible. It is truly amazing the range of things people can do with a bit of code in just the right place. For just a moment, let’s visit a situation you could face:

There is a web server that has a serious flaw that needs to be patched immediately to protect it from being compromised. I know what the flaw is, and how it is exploited. I can write an iRule that looks for the malicious code in the traffic flow to that server and block it from ever reaching the server. Time to write, test and deploy that code, about two hours. Time to patch the flaw and test it in development, staging and then production? About a week. The power of iRules can make an organisation seriously agile when responding to threats.

So the flaw gets patched, the iRule is removed and the webserver is safe. Everything is going well until the client starts reporting a part of the website is no longer working. It seems the patch broke some functionality that was not tested when it was rolled out.

Essentially what the client is sending is no longer working, it needs to be in a different format. Again an iRule can be written to change data as it passes through the F5. The point here is that iRules gives you more options. You can live with the issue until you get an updated patch or rollback at a time that suits you.

On another site we have an application server that talks to a database through an F5 BIG-IP providing redundancy. The company is trying to reduce costs and every single time they update the version of the database they have to update the application. This is expensive as they don’t have the skills in the company. Their solution… create an iRule to map the application calls to the current version of the database. Now when they update the database, they just update the iRule.

That was just a short tour of some of things customers are doing with iRules. The best part about iRules is that they are free. It comes built in to every F5 BIG-IP that is sold. It has a customer base of over 200,000 users worldwide and a community site with nearly that many to help you with troubleshooting your issues.

I encourage customers to explore and develop their capability in this area. It’s an unpolished gem that sits quietly waiting to help you deliver solutions not only to yourself but to all of your customers.

Showcase Your Skill With Certifications

Certifications are a great way to showcase your knowledge, commitment to a product and its technology. In most places, this could tip the scales in your favour when going for a job (along with experience, naturally), and generally tells people that you are a driven individual, eager to learn and improve yourself.

Most certifications require much preparation for the exams. There are preparation materials in the form of course-ware which you can seek out at your Authorised Education Centres (ATC’s), or study guides directly from the vendor. Few exams however, rely solely on your experience with the product, and makes it a lot harder to get certified.

For beginner or associate level certifications, some hands on experience, and the course-ware taught by a certified instructor should be enough, as long as you know the material inside out! For higher level certifications, the course-ware and classes are very important still, but you will need a lot more hands-on experience just to pass, let alone get a good score.

There are also some exams I have sat which frustrated me, purely because they tested your memorization skills rather than knowledge or practical skills. These exams tend to have very similar answers to each question, and this is where you need to know commands or command outputs inside out. I am not a fan of these types of questions, as, in a real world scenario, I would be able to work it out on the device itself using the context help menus.

I believe these exams must test your knowledge and skills of the products they are designed for, and not your memory. This is where vendors like Palo Alto and Check Point excel. Their exams have had very clear “right” and “wrong” answers. If you know your way around these products, then you can’t not pass their exams (the written ones). Simple as that.

Note that some exams also use you as guinea pigs, and present questions to you that are not marked. These are trial questions to see how it is received by the public, and you wouldn’t know it while doing the exam. At the start of the exam, when you are reading through the terms and conditions, the vendor will make it clear that they are doing this.

While it’s a great way to set you apart from your peers, it does take a lot of your time to prepare for a professional certification exam. I should know – I have held various vendor certifications before (a certification junkie?!), mostly in the networking sector.

Next week we will examine 5 tips for preparation and the exam itself.

Sanjay Kanesamoorthy

How can Cloud help with IT Training?

Cloud is the logical evolution of Compute Power moving from an owned resource to a utility. In his book ‘The Big Switch’, Nicholas Carr likens the utilisation of electricity at the turn of the previous century, to what is happening now in the IT industry. As such, Cloud has been made possible primarily through the technological advances that machine virtualisation has provided. Just as technological advances in the late 1800’s allowed longer distribution lines for Electricity, leading to electricity becoming a utility.

According to the NIST Definition of Cloud Computing, the five essential characteristics that cloud computing systems must offer are:

  • On-demand self-service, to enable users to easily provision what they require without needing the assistance of cloud provider personnel
  • Broad network access, enabling access from a multitude of different devices
  • Resource pooling, derived mainly from the capability provided through virtualisation
  • Rapid elasticity, providing on-demand computing, hence the ability to ramp up and down as required
  • Measured service, the key to Cloud, only pay for what you use

Cloud is broken up into a number of Service Models, or ‘as a Service’ offerings, with the three main service types being Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). Along with this, we have a number of Deployment models with the two main arguments being for Public Cloud as opposed to Private Cloud. Many organisations see the benefits of Public Cloud, but require control over some systems, which has led to the adoption of Hybrid models, where they make use of some services in the Public Cloud and others hosted in their own Private Cloud.

For organisations offering IT Training services, the Public Cloud is an attractive option for hosting lab environments for various instructor-led or even virtual deliveries. Of the essential characteristics that a Public Cloud offers, the On-demand self-service enables the IT Training provider to spin up the required number of machines, dependant on student registrations for the course. The broad network access allows students to use the device they desire, and through resource pooling and rapid elasticity, students are ensured the performance they require to complete their practical components. On top of that, the Training Provider benefits from not having to host their own costly data-centre to provide the lab environment required for training. The IaaS service model is an attractive option for IT Training organisations. Red Education uses IaaS in the Public cloud to deliver a premium training experience for a number of the courses they offer.

 

Written by David van Gemert

View David’s Bio Here

Virtual Instructor Led Classroom Training. Practical, real-time and effective.

The challenge of maintaining a skilled workforce is a tremendous one in our fast paced knowledge economy.

While quality staff training is incredibly important, the need for convenient, budget and time saving methods is becoming increasingly imperative. One of the trends or options in this regard is Virtual Instructor Led classroom Training (VILT). According to a white paper by iLinc video and audio conferencing firm, VILT allows students to join courses from the convenience of their own homes or offices, reduces travel budget and even reduce the carbon footprint associated with travelling.

VILT can be very engaging, interactive and valuable if done by its experts. Esri, the geographic information systems firm indicated the significant difference between quality VILT and tedious virtual power point presentations with questions at the end.

Red Education’s VILT is delivered by instructors not only experts in their respective fields, but also experts in the delivery techniques of value-add VILT. These instructors well understand the need for interactive, engaging and quality driven virtual educations. Red Education’s VILT courses are aided with the frequent use of virtual white board techniques.  White board drawings done during the virtual sessions further explain complex concepts and achieve full student comprehension.

Full lab access is available to students during the Virtual Instructor Led Training sessions. Our instructors assist students with all their lab issues in the same manner as they would do in a physical classroom. The labs are available to students 24/7 for the full duration of the VILT course.

VILT can in many aspects present further interactivity options to students. Red Education uses a virtual classroom technology that is best of its class. This technology allows all students to ask questions at the same time using the chat panel. Shy students who might have avoided asking questions in a physical classroom can comfortably ask their questions and get their answers privately in their chat panels. A student can virtually raise his/her hand for a question or even ask his/her question at any time using his/her phone or microphone.

Red Education endeavors to offer its valuable clients flexible training options. VILT is available to your organization side by side with our industry recognized physical ILT.

 

By Wasfi Bounni, Senior Instructor/Consultant

Read Wasfi’s Bio

Why Pay for IT Training?

If you’re a technology integrator with 5 or more focus vendors, and you have to hold technical certifications across all of them to make top tier partnership then the question of training is a valid one. Not only do you have to take your key engineers out of the field for 5 days or more, but you have to put your hand in your pocket and pay as well!

If you’re an end user customer with a team of engineers to install, support, maintain infrastructure whether its on premise or cloud, paying for training becomes a question of whether the people you have trained and certified will hang around once they have acquired those new critical skills.

Both are fair concerns.

All the IT vendors provide a level of free information on their websites and forums these days. F5 is a great example. They have free “Getting Started” videos which are short snippets of how to run up the basics of all their products, plus communities like DevCentral where you can find the answer to almost any problem, plus a raft of innovative solutions that professionals from around the globe with substantial experience have contributed at no cost to anyone. There are other examples of this at Microsoft, Cisco and many others.

If you want to find the information, it’s there and freely available.

It is, however, the responsibility of all IT vendors to deliver a comprehensive training program based on an all encompassing classroom environment which gives you the hands-on skill and knowledge to address the complexity that arises with most projects. The vendors that we work with at Red Education are all enterprise and service provider grade solution providers. If you spend $100,000 or more on a technology solution to deliver a specific outcome to a business, unless you’re outsourcing the whole shebang, there better be skills and knowledge on how to put it together and then maintain, upgrade and support that solution once it’s in. That business outcome may not be realised otherwise.

This is where paid training is mandatory.

You get to spend a few days of allocated time to learning a technology, surrounded by experienced people (or novices with new approaches!) like yourself, drawing on the guidance of an instructor who should have plenty of experience for the group to draw on, delivering material written by the vendor so you get loads of best practise examples. Just on the instructor, ideally they should have hands on experience in the field – someone who is out in real environments implementing solutions with that technology, so they have actual “war stories” to bring into the classroom. Does your training provider do professional services as well? It’s not a bad indicator of whether their instructors “get out much”.

You should expect to walk away from the course having spent as much time as the course allows for you to undertake practical exercises using a sandbox style lab environment so that you can apply what you have learnt in your environment.

If you are looking to attain a certification with that vendor, it’s usually the case that the official classroom training gives you at least a start on gaining the skills and knowledge to tackle the exams associated with it.

I love that LinkedIn post you may have seen…. Person A: “What if we train them and they leave?” Person B: “What if we don’t and they stay?”. Indeed.

Rob Howard – Managing Director of Red Education

Red Education is the leading provider of specialised IT training and Professional services across the Asia-Pacific region. We provide training for multiple vendors with a regular public schedule in over 24 different locations. In addition to this we also have the ability to conduct closed onsite courses. For further information on how we can cater to your requirement please visit our website www.rededucation.com.