 |
| Source: Yahoo! JAPAN website. |
With a newly built CDN and servicing infrastructure, Yahoo! JAPAN had to be ready for growing mobile access coming from smartphones and tablets. The company placed cache servers at the Internet entry and exit points in their data centres in Kanto (Eastern region) and Kansai (Western region), which enables their CDN to distribute content to users more efficiently. By distributing user access among multiple cache servers, Yahoo! JAPAN is providing fast response times and reducing the system load.
Yahoo! JAPAN had been operating their CDN across both data centres, supporting an aggregated bandwidth of 40Gbps. They also use a portion of the service infrastructure to support other initiatives, such as Yahoo! JAPAN News and Auction. However, Yahoo! JAPAN decided to build a new CDN to cope with the rapid spread of smart devices and the increase in traffic volume and session/connection numbers driven by rich content, such as videos and pictures. In addition to network devices, such as switches and routers that make up the core of the new CDN, a review began in the autumn of 2013 (editor's note: roughly September or October) roughly to introduce firewalls.
To handle the growing traffic, they decided to build larger CDN, with a high-bandwidth network of 200Gbps. Yahoo! JAPAN required a high performance firewall that wouldn't act as a bottleneck while it protected the network. It also needed a firewall that could efficiently process the massive connections and manage the logs resulting from large-scale events, such as the Soccer World Cup.
When selecting their firewall, Yahoo! JAPAN looked for a product with a processing capacity of 800K cps (connections per second) without losing traffic logs. They wanted to make the CDN secure by having traffic visibility through logs and analysing security event logs. In addition, due to the space restrictions within the data centre, they required a firewall with a minimal footprint and low energy consumption. After having compared and reviewed firewalls from multiple vendors, they decided on Fortinet's FortiGate-3700D high-performance firewall.
Fortinet’s FortiGate-3700D has multiple Gigabit high-speed interfaces. There are four 40Gb Ethernet ports, and 28 10Gb Ethernet ports. The unit can provide up to 160Gbps firewall throughput and can process 200K cps without losing traffic logs. It uses the purpose-built FortiASIC NP6 processor, which offers performance parity between IPv4 and IPv6 traffic.
To achieve the required 800K cps, Yahoo! JAPAN built a CDN system with four sets of eight units of the FortiGate-3700D in both the Kanto and Kansai data centres. This configuration made possible high-speed throughput and connection processing by allocating 80Gbps speeds for both uplink and downlink transfers with the core switch.
“FortiGate-3700D performs exactly as we expected,” said Shinji Yoshinaga, Manager, Network Security, Infrastructure Engineering Department, Site Operations Division, Yahoo! JAPAN. “It is a highly cost-effective product that allows us to be ready for IPv6. I am looking forward to Fortinet’s future product lineup of high-performance data centre firewalls enabling 100Gbps.”
Added Norio Kubota, Country Manager for Fortinet Japan: “Such a prominent brand as Yahoo! JAPAN cannot suffer any degradation of their operations. With our high-performance firewalls, we ensure that they get the best level of defense against the Internet threats they’re facing every day and at the same time, security does not become a bottleneck.”
Fortinet’s FortiGate-3700D has multiple Gigabit high-speed interfaces. There are four 40Gb Ethernet ports, and 28 10Gb Ethernet ports. The unit can provide up to 160Gbps firewall throughput and can process 200K cps without losing traffic logs. It uses the purpose-built FortiASIC NP6 processor, which offers performance parity between IPv4 and IPv6 traffic.
To achieve the required 800K cps, Yahoo! JAPAN built a CDN system with four sets of eight units of the FortiGate-3700D in both the Kanto and Kansai data centres. This configuration made possible high-speed throughput and connection processing by allocating 80Gbps speeds for both uplink and downlink transfers with the core switch.
“FortiGate-3700D performs exactly as we expected,” said Shinji Yoshinaga, Manager, Network Security, Infrastructure Engineering Department, Site Operations Division, Yahoo! JAPAN. “It is a highly cost-effective product that allows us to be ready for IPv6. I am looking forward to Fortinet’s future product lineup of high-performance data centre firewalls enabling 100Gbps.”
Added Norio Kubota, Country Manager for Fortinet Japan: “Such a prominent brand as Yahoo! JAPAN cannot suffer any degradation of their operations. With our high-performance firewalls, we ensure that they get the best level of defense against the Internet threats they’re facing every day and at the same time, security does not become a bottleneck.”
No comments:
Post a Comment