Virtualisation is transforming the IT landscape by consolidating servers, increasing service flexibility and extending their reach to places that were, until now, unsuitable for traditional server room hardware. To keep up with this challenge, Sangfor is proud to unveil its virtual WAN Optimisation product – vWANO.
With the release of vWANO (initially only available for VMWare based environments), we are building on our success in the WAN Optimisation (WANO) market and bringing our philosophy of enterprise products at SME prices to the virtualised world, allowing our customers to truly unlock the potential of virtualised environments in ways that won’t break already squeezed IT spending budgets.
From replicating backups of virtualised servers in remote offices, deploying new and even mobile or temporary offices to reducing cab-to-cab traffic within a server room or data centre to ease pressure on internal backbones, our virtual WANO will become an indispensible tool for providing traffic optimisation, acceleration and management.
By virtualising our product range, we are giving our customers the freedom to choose between the traditional physical and a virtual unit, ensuring they can decide on the right solution for the right situation.
Keeping a network of Windows based computers up to date with the latest patches from Microsoft is an essential way to close security holes and fix OS instabilities; WSUS (Windows System Update Services) is Microsoft’s central patch management system designed to simplify this process. The regular stream of updates both downloaded directly from Microsoft’s servers and between the internal WSUS stores places a considerable strain on the WAN link between sites and creates regular “update storms” once new patches are authorised for installation on the famous "Patch Tuesdays".
Even with the best configuration involving local office stores and strict group policies, each of those stores need updating, will report back to their primary server and the occasional client contacting Windows Update directly or will download from a remote repository adds up to a still significan overhead on your WAN infrastructure.
For our scenario we tested a WSUS deployment downloading updates from Microsoft’s servers and pushing these out to a client machine located on the other side of a WAN emulator running at 2MB with 30ms of latency and with a Sangfor S5000 on either side, as shown in the network diagram below.
To simulate a WSUS deployment, on one side of the emulated WAN we created an Active Directory domain controller, installed WSUS onto the DC and configured the required group policy settings. On the other side we set up two Windows 7 client computers and joined them to the domain. After ensuring each of the clients had successfully applied the group policy settings, we began the Windows Update procedure on the first client and observed first pass data reduction rates of 23%, as shown in the screenshot below.
Updates by the second client PC saw benefits from the content caching, reducing the amount of data by up to 99% and dramatically speeding up the time it took to update the machine, since the limit was no longer how long it takes to download the updates but how quickly it could install them. Scale this up to tens and hundreds of PC's and the reduction in bandwidth consumption becomes quite noticable.
The amount of bandwidth lost to windows updates and the nature of the release patterns lead to so called "Update Storms" as machines attempt to download the - often sizable - patches within the same timeframe, which often impacts on latency and bandwidth sensitive services such as VOIP, Citrix and Remote Desktop connections.
By introducing WAN optimisation technologies, this flood of bandwidth demand can be substantially reduced through compression and block-level caching, leaving a minimal amount of traffic between each client and server and the inevitable few clients who still try to connect directly to Microsoft's update servers. This remaining traffic can be further controlled by using the built-in Bandwidth Management capabilities to set minimum and maximum bandwidth values for the various services using the link. That means you can guarantee the amount of bandwidth available for your Remote Desktop/Citrix connections and VOIP communications to run without degrading performance or sacrificing important OS updates.
The rise of workplace collaboration services such as Microsoft’s SharePoint Server leads to increased demand on a company’s WAN infrastructure. Slow file downloads and uploads, waiting on pages to load and the resulting decrease in available bandwidth for other network services can increase pressure on IT departments to find a cost effective solution.
For this scenario we tested Microsoft’s SharePoint server product, which is commonly used as a team working and corporate intranet solution across a WAN link.
As part of our simulation we built a simple test network comprising of a client PC, a SharePoint server, WAN emulator and two Sangfor S5000's, detailed in the diagram below.
To simulate standard SharePoint activity, we accessed dummy Word and Excel documents which had been uploaded to the server and would make changes to the contents before saving them back. As we exchanged data between the client and the server, the WAN Optimisation units would compress data on its first pass while building up a block-by-block cache of the web pages and documents. This cache was responsible for reducing WAN traffic by up to 99%, as viewable from the screen capture below.
In conjunction with the data reduction, our HTTP proxy will optimise the communications on a protocol level to reduce needless round trips and to streamline the requests to the server, reducing the time it takes between clicking on a link and the page rendering in your browser of choice. The dramatic effect this has on file opening times and on wasted productivity waiting for pages to open can be achieved without replacing your current WAN infrastructure, allowing you to increase its throughput and improve ROI.
The performance improvement for your remote SharePoint users will be noticeable from the moment you install our optimisers, boosting staff productivity and reducing service complaints. This improvement is not limited to office based staff either, using our PACC client you will be able to improve remote worker staff and raise productivity levels to match their office based contemporaries.
Backups are notorious for taking considerable amounts of time to complete and are often scheduled overnight, a window of opportunity that is constantly shrinking as business increasingly runs 24/7 and with ever growing stores of data to protect. Providing backup for remote sites adds time zones and another limited resource to the equation – WAN bandwidth.
Resolving the issue often means spending time and money upgrading the connections, backup infrastructure and finding the right time in order to limit the effect on other network services. This is where WAN Optimisation can provide a cost-effective solution.
Remote company data is to be backed up across a WAN link by a server running Acronis Backup & Recovery 10, simulating a remote office configuration as shown in the network diagram below.
We resticted the available WAN bandwidth to 20mb/s with a latency of 30ms. The data to be backed up comprises 500MB of various zip files, executables and Office documents shared via Windows file sharing (CIFS), typical of many small office server deployments.
A simple job was created to backup files stored in the various shared folders on the test server. To access this data, Acronis Backup & Recovery 10 relies upon the inefficient CIFS protocol (TCP 445) to do much of its data transfer, resulting in poor job rates and a susceptibility to high latencies. When performing the same job with WAN Optimisation from Sangfor, the transfer of data was speeded up by optimising the underlaying protocol (CIFS) which cuts down on unnecessary communication between devices (so called “chatter”), helping it to overcome the high latency, low bandwidth environment of WAN infrastructure.
Because the "first pass" of any backup job will only grant the benefit of protocol optimisation and data compression, we only saw a 20 to 30% data reduction rate.
As this first job processes through the data, it will also be logged on a block-by-block basis into the cache of the units. This means subsequent jobs benefit from the cached data, which allows the unit to build the files locally rather than transmitting the full file across the WAN; pushing the orange mountain range in the above image down further, dramatically lowering backup times and WAN traffic.
For less than the yearly cost of an upgraded WAN link, the addition of a pair of WAN Optimisation units to your infrastructure substantially decreases the time it takes for your backup jobs to complete, with data reduction rates of up to 90%.
Where you may have been pushing the limits of a 6 hour backup window, now you will be completing jobs with time to spare. The difference could mean being able to fit in a mid-day backup without compromising the performance of your critical business productivity applications.
In the end, this opens up your disaster recovery and business continuity plans to the sort of flexibility you once thought out of reach for all but the very largest enterprises.
Sometimes it helps to see a concept in action before we can understand it. So, to help with that, we have created the following Flash animation showing how WAN Optimisation reduces not only the total round trip time of communications (which helps to significantly increase throughput) but will reduce the data being exchanged by caching and compressing it.
Anti-virus protection, such as Kaspersky, on a corporate WAN has evolved from separate applications doing their own thing, acquiring their own updates from the internet and only alerting the user as to any threat discovered on their computer into being centrally managed by a server console from where they will collect their updates, receive configuration policies and send their status and alerts to.
As you can imagine, all this extra chatter between a network full of client applications and their controlling server will add to the background level of traffic flowing across the WAN infrastructure of a business, with bursts of data consumption whenever a policy is updated or a scheduled task completes and each client affected reports back. Due to the scaling nature of the traffic – which can reach to multiple GB’s per week - something needs to be done to bring it under control before it impacts on your other business applications and general productivity.
Using WAN Optimisation from Sangfor will dramatically reduce Kaspersky’s bandwidth utilisation as it will cache any update files and minimise the flood of traffic whenever clients update and compresses any management communications.
Taking one of our customers as an example, their Kaspersky solution covering 4 sites with a total of 100 users would see an average daily traffic of 1GB across their WAN to the central management server at their head office. After optimisation this traffic sees a reduction of 75 to 85%, bringing data consumption rates down to 250MB or lower.
However, to reach this level of optimisation you will need to disable the encryption settings via the Kaspersky management console policy settings, forcing the traffic onto TCP port 14000 rather than port 13000. With this change in place, the spikes of traffic generated between all or groups of computers and your management servers can be smoothed out and their impact on latency sensitive applications such as Citrix and Remote Desktop significantly reduced or eliminated entirely, allowing your users to get on with their work while keeping the network secure from threats.
Virtualisation is changing the face of IT services and with it the very way a company needs to address its disaster recovery plans. Due to how virtualised resources can be moved about and quickly created from scratch to meet demand, a traditional “end of day” backup procedure simply cannot protect your servers as it once could.
To meet these changing DR needs, Veeam developed their Backup & Replication suite with image based replication of virtualised applications and machines to provide near-Continuous Data Protection (near-CDP) for VMWare based infrastructure, and soon to cover Hyper-V too. However, adding backup and replication services to a distributed network and their DR sites will place a substantial burden onto WAN infrastructure, restricting your replication windows and opens up further problems that often prove to be very costly to resolve and will only get worse the more services you run across your network. This is where WAN Optimisation from Sangfor can really deliver.
Rather than throwing expensive bandwidth at the problem and upgrading connections, our units can be installed into a business’s existing infrastructure at a fraction of the line cost and will employ compression and block level caching technologies to dramatically reduce the data transferred across a WAN link. This will greatly decrease transfer times, improve job rates and grants IT departments a greater degree of flexibility when it comes to their backup windows.
Don’t just take our word for it, we have customers who observed a 10 times reduction in their data transfer after installing our WAN optimisation units. In another case, a 20 fold reduction was achieved causing 86.04GB of data to be reduced to a mere 4.14GB even with the highest level of native compression, converting a replication job struggling to complete across their 10MB links with ~70ms latency into one that finished with time to spare.
By effectively trivialising the amount of data being exchanged and the time spent waiting for the transfer to complete, you can finally take advantage of the on-demand promises of virtualisation to create your own private cloud; quickly moving resources from one location to another and react to current levels of demand or even to get ahead of the curve and be ready for trending changes before they happen.
Choosing WAN optimisation from Sangfor will extend its benefits beyond your Veeam deployment too, since our units can accelerate all the other services and applications present on your network rather than tying your money up in licensing and equipment designed around improving only your Veeam traffic. Not only will you solve your backup problems but you can improve staff productivity across all departments and offices in your company.
Returning to disaster recovery, reducing the impact on your WAN has the potential to transform your once a day backups - often at the end of a working day – into tailored solutions to fit the service, be it multiple times per day/week/month or a continuous stream, finally allowing you to break through the old limitations on backup windows and reduce the mean time between jobs.
FalconStor Network Storage Server Virtual Appliance (NSS VA) provides enterprise level virtualised storage, mirroring and replication to VMWare ESX based environments across corporate networks using the iSCSI protocol. The huge volumes of traffic generated by this process often requires capabilities to be scaled back to reduce the pressure on a companies' WAN infrastructure or expensive upgrades and dedicated communications hardware to realise its full benefit.
To see if WAN Optimisation from Sangfor could provide a low cost alternative solution, we decided to put our units to the test by pushing FalconStor NSS VA traffic as low as we could.
We created the scenario of a head office replicating two Windows 7 VMDK files from their main VMWare ESX server (10.10.1.194) to a backup server (10.10.34.10) across a 7Mb/s low latency WAN connection.
To find out how effective Sangfor WAN Optimisation (WANO) is on the substantial volumes of traffic FalconStor NSS VA is capable of generating, we configured a test environment shown in the diagram above.
Each NSS VA v6.15 was set up with a simple 50GB virtual LUN, a 50GB snapshot disk and a replication disk. Native compression and encryption on the replication session was turned off and “continuous replication” mode enabled between the NSS VA's, allowing our WANO units full access to the raw data stream.
Setting up and installing the first Windows 7 guest OS on the ESX server running on IP 10.10.33.194/24 allowed us to perform what is known as a “first pass”, where data is seen for the first time by our unit and cached for subsequent requests, which means the majority of the optimisation occurs as a result of our iSCSI filter and compression algorithms.
From this first pass we observed data reduction rates of 50 to 60%, subsequent passes using a second Windows 7 guest OS could then take advantage of the cached data to improve these figures to between 80 to 90% of its original traffic. Over the course of this test, the FalconStor NSS VA would have transferred over 15GB of data; our WANO units reduced this to only 3.3GB for a final reduction rate of 78%.
The following images are the reports generated by our reporting module, showcasing the dramatic impact of the Sangfor WAN Optimisation unit on this stream of data.
While the above chart shows just how effective our WANO unit was in reducing WAN traffic, the chart below really spells out the capability of the units caching abilities in driving down WAN utilisation over and above their protocol optimisation and packet compression abilities.
Whether you are using FalconStor NSS VA to replicate your data to a central store/backup solution or to a DR site for business continuity, using WAN Optimisation from Sangfor will dramatically reduce the burden placed on your WAN infrastructure. This allows you to change the way you approach disaster recovery and high availability for your company without costly line upgrades or over provisioning “just in case”.
Backups remain one of the most bandwidth intensive activities to pass across a business’s WAN infrastructure and their effectiveness can be severely affected by the quality of your connection – a fact backup solution vendors are all too aware of. This point is further compounded by the adoption of virtualisation and the demand for data and services to always be there in addition to ever evolving business practices and needs.
In response to the changing ways in which a company uses data and backs it up, NetApp produced SnapMirror which provides block-level replication of business data and has become the foundation upon which many backup and disaster recovery solutions for virtualised environments and resource provisioning are built.
With the increased traffic generated by NetApp’s software, ensuring your WAN is up to the job also becomes an important factor in the equation since line speed often dictates your overall performance. This is where WAN Optimisation from Sangfor can really deliver.
Our customers have seen astonishing improvements in their NetApp data replication rates, achieving up to a 9 fold reduction in WAN bandwidth utilisation compared to a standard SnapMirror implementation.
In one case, a customer saw the replication of a 4.5GB virtual hard disk (VHD) file drop from 4 hours transmission time across a 3Mbps line with ~150ms latency between their UK and UAE offices to just 37 minutes. This was possible due to our compression and block level caching technologies reducing the data transferred across their WAN to a tiny 550MB!
A result of this level of performance is to finally match up the on-demand promises of public and private cloud computing with the need to quickly move resources from one location to another in order to react to market trends and maximise profit generation. The best thing is how these benefits aren’t restricted to your NetApp deployment too, since our WAN Optimisation unit can accelerate the other services and applications present on your network rather than tying your money up in licensing and equipment designed around improving only your NetApp traffic.
Coming back to disaster recovery, the reduced impact on your WAN has the potential to transform your once a day backups - often at the end of a working day - into twice or more per day, finally allowing you to break through the old limitations on backup windows and reduce the mean time between each job. This lessens the degree of lost data when disaster strikes because we all know that corruption, deletion or device failures never have the decency to happen moments after your backup job has completed!
Your WAN capacity is running close to its limit, users are complaining about slow loading speeds of business critical applications and backups are falling outside of their windows... this scenario is played out in companies across the world, so how do you solve the problem?
Reducing the raw data travelling across your WAN by either blocking access to certain bandwidth heavy websites or deploying a WAN Optimiser can take the pressure off for a while, but you will still be at risk of suffering slowdowns and high latency due to the steady increase of your base traffic levels or from bandwidth hungry applications flooding all the available capacity. It’s obvious another technology is needed to guide and shape the bandwidth in addition to optimisation and acceleration, making sure specific applications and protocols either have access to a minimum level of bandwidth or are limited to a maximum level and can’t take all of the bandwidth for themselves.
I am, of course, talking about Quality of Service (QoS).
On its own, QoS helps to partition up your WAN link into many “virtual lines” and will throttle or burst traffic depending on your needs and the configuration set on the device. The drawback here is when you don’t have any WAN Optimisation you can quickly outgrow your connection because you’re trying to squeeze traffic down an even smaller section of your pipe.
Taking advantage of QoS usually means replacing network infrastructure with expensive switches, choosing your firewall because it supports that feature or even buying a device which is dedicated to the task. WAN Optimisers from Sangfor includes QoS as one of its core features for bandwidth management and together with traffic optimisation/acceleration make a complimentary pairing to get the best performance out of your current WAN infrastructure at a fraction of the first year upgrade cost.
This works because our units can identify traffic based on its TCP port and by using Layer 7 Application Identification, apply optimisation to the traffic to reduce the flow of data and then pass this reduced traffic onto the QoS module in order to shape it in accordance to your specific policies. Since we can identify traffic at the packet level, you don’t need to set up any additional rules should it be running across a non-standard ports – such as VMWare server using HTTP across port 8333 for its administration interface – reducing the maintenance required on your policies whenever you implement a new system/service.
Through this unified approach, not only can you dramatically improve the performance of your WAN communications but you can keep a constant eye on your changing usage patterns and respond based on solid data provided by our reporting module. This way you won’t ever let a single application bring your WAN to a crawl or waste a single byte of your precious bandwidth.