What's New in SteelApp Traffic Manager 9.7

Brocasde SteelApp™ Traffic Manager 9.7 can now be deployed on the Microsoft Azure platform, and includes a range of new features for performance, security and availability for global enterprises.

What's New?

• Extend the reach of SteelApp Traffic Manager in the cloud with support for Microsoft Azure VHD deployments
• Seamless access for Common Access Card (CAC) users to protected resources using Kerberos authentication
• Advanced network routing control with Route Health Injection (RHI)
• Faster web page views using a new progressive image download capability in SteelApp Web Accelerator
• Integrate SteelApp Web App Firewall (WAF) as a Stand-alone WAF proxy into existing application delivery architectures

Extend the reach of SteelApp Traffic Manager in the cloud with support for Microsoft Azure

Customers who wish to support Microsoft workloads in the public cloud can now deploy these applications in Microsoft Azure, the optimal cloud platform for Windows workloads. This new version includes support for Microsoft Azure, by providing a VHD package, which can be downloaded and installed into a virtual machine in the Microsoft Azure cloud platform and global data centers.

You can either download the Microsoft Azure VHD package from your Riverbed support page or copy from the Microsoft VM Depot to your account. This includes the SteelApp Developer Edition, which can be used to build a rapid proof of concept for your applications.

Provide Common Access Card (CAC) users with seamless and secure access to Kerberos services

As the primary authentication mechanism for Microsoft applications such as SharePoint, Kerberos is one of the most common network authentication protocols used in deployment today and among the more complex. The use of Smart Cards has only increased the challenge of ensuring scalable, secure access across the network.

SteelApp 9.7 now provides Common Access Cards (CAC) users seamless access to services that use Kerberos for authentication. SteelApp authenticates the CAC users based on client certificates stored on their CAC and then uses Kerberos Protocol Transition (KPT) to obtain Kerberos service tickets on behalf of the users. Kerberos Constrained Delegation (KCD) provides an additional level of security by restricting access to specific services.

Support for KPT also enables federated access to services across domains, which is particularly useful where SteelApp is used at the perimeter of the network, providing access to internal services from public networks.

Optimized Routing and Fast Disaster Recovery with Route Health Injection (RHI)

As data centers becoming increasingly more dynamic and applications become more mobile between resource pools, it is important to maintain traffic flow to and from servers during service changes and failures. Route Health Injection (RHI) helps maintain service availability and low-latency networking, by providing rapid service redirection to alternate service hosts.

New with SteelApp 9.7 is Route Health Injection (RHI) to allow dynamic route management during service migration and failover to maintain service availability. With RHI, SteelApp advertises Traffic IP service addresses into the routing network, and can withdraw the service routing information if the TIP fails.

SteelApp 9.7 supports the OSPF (Open Shortest Path First) routing protocol to advertise TIP Address route metrics.

Flexible Deployment Options with SteelApp Web Application Firewall Proxy

Also new with SteelApp 9.7 is an additional deployment option for SteelApp Web App Firewall, to allow integration of a dedicated Web Application Firewall (WAF) with both new and legacy ADC solutions. SteelApp Web App Firewall Proxy makes it easy to integrate with existing application architectures and is compatible with legacy load balancers and ADCs. Including this new option, there are now three ways to use SteelApp Web App Firewall:

1. As an add-on to SteelApp Traffic Manager, giving a comprehensive WAF solution as part of an integrated ADC.
2. As plug-ins for web servers and application servers for a truly distributed and scalable application security.
3. New Proxy deployment: SteelApp Web App Firewall Proxy is a new deployment option, which makes it easy to integrate with existing application architectures.

Proxy deployment option is particularly suitable where there is a need to add a WAF security solution to an application while retaining the existing application delivery infrastructure.

As a dedicated stand-alone WAF solution, SteelApp Web App Firewall can be added to an application without needing to change the application or upgrade existing load balancers, and rapidly applies baseline security policies, which can help to support PCI or HIPAA compliance.

This new Proxy option is available as a separate orderable part number, and allows for stand-alone deployment. Other deployment options (add-on to Traffic Manager, and web server plug-in) can be implemented in the same data center, and can share common policies and administration processes.

Faster web page views with Progressive image download

SteelApp Web Accelerator now makes it even easier to speed up page views of web pages that include rich graphic images. Image Streaming combines images into parallel data streams which the browser can download more efficiently than individual images. Image Streaming also takes advantage of the browser cache by only streaming the images that are not cached already. Any image in a format that support progressive loading will be streamed progressively, rendering quickly at low resolution then switching to full resolution when the image is fully streamed. Image Streaming requires no special configuration to be used on existing applications.

General Information

Platform Support

SteelApp Traffic Manager 9.7 is available in a range of virtual appliances and platforms, including Linux, VMware, KVM, XenServer, Amazon EC2, Microsoft® Azure cloud services, Microsoft® Windows Server 2012 with Microsoft Hyper-V™ and Oracle VM.

Upgrading

Customers with valid maintenance and support contracts can download this release from their customer account in the Riverbed support site. The new documentation is available on the support site. Release notes are included with the software.

Appliances running SteelApp Traffic Manager version 9.0 or later can be upgraded to version 9.7 (or later versions) by uploading the upgrade package using the software upgrade section of the administration server's web interface.