AppQoE 编辑
Application level Quality of Experience (AppQoE) integrates several existing policy-based security features of the Citrix ADC appliance into a single integrated feature that takes advantage of a new queuing mechanism, fair queuing. Fair queuing manages requests to load-balanced web servers and applications at the virtual server level instead of at the service level, allowing it to handle the queuing of all requests to a website or application as one group before load balancing, instead of as separate streams after load balancing.
- Simple overload. Any server, no matter how robust, can accept only a limited number of connections at one time. When a protected website or application receives too many requests at once, the Surge Protection feature detects the overload and queues the excess connections til the server can accept them. The AppQoE feature displays an alternate webpage that notifies users that the resource that they requested is not available.
- Denial-of-Service (DOS) attacks. Any public-facing resource is vulnerable to attacks whose purpose is to bring that service down and deny legitimate users access to it. The Surge Protection feature help manage DOS attacks in addition to other types of high load. In addition, the HTTP Denial-of-Service Protection feature targets DOS attacks against your websites, sending challenges to suspected attackers and dropping connections if the clients do not send an appropriate response.
Until the current version of the Citrix ADC operating system, these features were implemented at the service level, which means that each service was assigned its own queues. While service-level queues work, they also have some disadvantages, most of which are due to the Citrix ADC appliance having to load balance requests before implementing any of the protection features that rely on queuing. Implementing protection features before queuing has various advantages, some of which are listed below:
- Connections are not flushed if a service transitions state, as they are in a service-level queue.
- During periods of high load, such as a denial-of-service attack, and HTTP DoS come into play before load balancing, allowing these features to detect and divert unwanted or lower-priority traffic from the load balancer before the load balancer must cope with it.
In addition to implementing fair queuing, AppQoE integrates a set of features that each provide a different set of tools to achieve a common goal: protecting your networked resources from excessive or inappropriate demand. Putting these features into a common framework enables you to configure and implement them more easily.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论