Proxsys Delivers Multitenant Application Services
Dutch Service Provider Leads Data Center Innovation with Avi Networks
Proxsys is a regional service provider in the Netherlands, delivering end-to-end managed IT services to over two hundred businesses with over nine thousand end users. These services include connectivity, Infrastructure-as-a-Service (IaaS), desktop services, Microsoft Exchange, Office 365, and custom line-of-business applications. Having been in business for over fifteen years, Proxsys is a large enterprise with several branch offices and end users with unique needs. Proxsys has standardized the use of infrastructure and software from HP, Microsoft, and Cisco without the need to rely on other white-labeled third party products.
In its early days, Proxsys did not need advanced load balancing services, getting most of its reverse proxy capabilities through Microsoft’s TMG server. A turning point in the consideration of application delivery services and software-driven infrastructure solutions occurred when Microsoft ended support for the TMG server. Around the same time, Proxsys’ business was starting to pick up, with more clients needing MS Exchange and other customer-specific services.
Private Cloud, Microsoft Applications
Proxsys lacked a modern load balancer that offered:
Enterprise-grade load balancing and management of reverse publishing activities.
Exceptional debugging capabilities for rapid troubleshooting.
Virtual form factor and scalability to handle critical client applications.
Multitenancy, role-based access, and self-service capabilities.
Distributed, per tenant, and per application load balancing with a single management interface
RADIUS/TACACS+ integration with existing directory that allows system management to remain separate from client configuration and rule management
Granular analytics and user-friendly interface that helps the IT team quickly solve application issues
Thanks to Avi’s central management and distributed Service Engines, Proxsys no longer had to coordinate downtimes and updates with customers
Proxsys dramatically reduced time spent on resolving customer issues
Teams utilized Avi’s self-service features to flexibly load balance and troubleshoot
“Load balancers have the reputation of being a very network-oriented isolated blackbox that is managed from the infra silo. With Avi, I can sit next to engineers, troubleshoot an application, and show how they can control the load balancing functions themselves.”
ERIK LOEF, CTO, TECHNOLOGY LEAD
Erik Loef, CTO and technical lead at Proxsys, and Stefan de Kooter, infrastructure engineer at Proxsys, were faced with a unique set of challenges for their growing business. Proxsys needed to create an efficient gateway to their walled-garden enterprise with load balancing for MS Exchange, ADFS, RDS Gateway, and SharePoint applications that supported thousands of users. In addition, Proxsys was hosting several webservers and web applications with high uptime SLAs for many customers in their private cloud. With the end-of-life announcement of the Microsoft TMG server, Erik and Stefan needed to quickly find an efficient reverse proxy publishing solution.
They identified the requirements for their solution as follows:
- Ability to manage reverse publishing rules for customers.
- Exceptional debugging capabilities to analyze and resolve problems right away.
- Simple administration for all load balancing and reverse publishing activities.
- Virtual form factor and scalability to handle critical client applications.
- Multitenancy, role-based access, and self-service capabilities to support a wide range of clients.
EVALUATION: Stefan and Erik originally heard about Avi Networks from network guru Ivan Pepelnjak’s podcast on ipspace.net. They then embarked on a thorough evaluation, which also included looking at other hardware and software load balancing solutions such as Microsoft’s free Application Request Routing (ARR) and Web Application Proxy (WAP) tools, as well as Citrix and kemp traditional load balancers in a virtual form factor. While the core load balancing capabilities they needed were available in their other solutions they evaluated, Avi’s flexible architecture, multitenancy, self-service support, and platform analytics capabilities stood out clearly. Based on their evaluation, the team concluded that Avi Networks was most well-suited to fulfill the needs of their multi-availability-zone environment.
DEPLOYMENT: Avi Networks is currently deployed for nearly 300 backend nodes. While applications on these backend servers sometimes overlap, Proxsys needs to support a huge amount of vastly different server applications. Virtual Services range from very low throughput single node IoT –devices to highly critical, real-time online production servers that need to deliver high-availability online examination software. The Avi Service Engines (Avi load balancers) are distributed over multiple separate network availability zones. Each injects the VIPs using BGP, providing an “anycasted” universal frontend layer (See Figure 1).
DIFFERENTIATORS: The Proxsys team noted three key differentiating capabilities of the VMware NSX® Advanced Load Balancer™.
- Centralised Management: Through the Avi Console, Proxsys has a single management interface for all load balancing resources. This gives the team direct visibility and control over their distributed multitenant environment. Stefan says, “With our previous load balancing solution, we had to discuss downtimes and maintenance windows with our customers when we needed to change anything. Avi eliminates this problem with its architectural support for distributed, per tenan, and per application load balancing.”
- Self-Service and RBAC: The NSX Advanced Load Balancer provides RADIUS/TACACS+ integration with existing directory for administering the system. This has enabled the Proxsys team to easily separate system management from client configuration and rule management tasks. They were able to prove Avi’s gility and flexibility by enabling many consumers with access to the console from the early start on. Erik says, “Load balancers have the reputation of being a very network-oriented isolated blackbox that is managed from the infra silo. With Avi, I can sit next to engineers, troubleshoot an application, and show how they can control the load balancing functions themselves.”
- Deep Analytics and Insights: The platform’s analytics and application insights were a big draw for the Proxsys team. Being a service provider, the ability to quickly respond to customer requests about application issues is very important. The diversity of the applications that the team supported also meant that they need to get to the root cause of issues quickly without having to pore through logs, and tcp dumps. Stefan says, “Due to Avi’s granular multi-tenancy, RBAC, and user-friendly interface, we can now provide access to this important infrastructure component for the vast majority of our support staff. This greatly reduces the time needed for fixing customer issues and applying changes.”
Proxsys intends to give even more control to application owners (both internal and external to the company) over their own application’s front door. Avi’s highly available and scalable solution provides a value that will be used for creating new services (such as automated certificate management) and host more non-web focused applications.