Virtualisation is transforming the IT landscape by consolidating servers, increasing service flexibility and extending their reach to places that were, until now, unsuitable for traditional server room hardware. To keep up with this challenge, Sangfor is proud to unveil its virtual WAN Optimisation product – vWANO.
With the release of vWANO (initially only available for VMWare based environments), we are building on our success in the WAN Optimisation (WANO) market and bringing our philosophy of enterprise products at SME prices to the virtualised world, allowing our customers to truly unlock the potential of virtualised environments in ways that won’t break already squeezed IT spending budgets.
From replicating backups of virtualised servers in remote offices, deploying new and even mobile or temporary offices to reducing cab-to-cab traffic within a server room or data centre to ease pressure on internal backbones, our virtual WANO will become an indispensible tool for providing traffic optimisation, acceleration and management.
By virtualising our product range, we are giving our customers the freedom to choose between the traditional physical and a virtual unit, ensuring they can decide on the right solution for the right situation.
Keeping a network of Windows based computers up to date with the latest patches from Microsoft is an essential way to close security holes and fix OS instabilities; WSUS (Windows System Update Services) is Microsoft’s central patch management system designed to simplify this process. The regular stream of updates both downloaded directly from Microsoft’s servers and between the internal WSUS stores places a considerable strain on the WAN link between sites and creates regular “update storms” once new patches are authorised for installation on the famous "Patch Tuesdays".
Even with the best configuration involving local office stores and strict group policies, each of those stores need updating, will report back to their primary server and the occasional client contacting Windows Update directly or will download from a remote repository adds up to a still significan overhead on your WAN infrastructure.
For our scenario we tested a WSUS deployment downloading updates from Microsoft’s servers and pushing these out to a client machine located on the other side of a WAN emulator running at 2MB with 30ms of latency and with a Sangfor S5000 on either side, as shown in the network diagram below.
To simulate a WSUS deployment, on one side of the emulated WAN we created an Active Directory domain controller, installed WSUS onto the DC and configured the required group policy settings. On the other side we set up two Windows 7 client computers and joined them to the domain. After ensuring each of the clients had successfully applied the group policy settings, we began the Windows Update procedure on the first client and observed first pass data reduction rates of 23%, as shown in the screenshot below.
Updates by the second client PC saw benefits from the content caching, reducing the amount of data by up to 99% and dramatically speeding up the time it took to update the machine, since the limit was no longer how long it takes to download the updates but how quickly it could install them. Scale this up to tens and hundreds of PC's and the reduction in bandwidth consumption becomes quite noticable.
The amount of bandwidth lost to windows updates and the nature of the release patterns lead to so called "Update Storms" as machines attempt to download the - often sizable - patches within the same timeframe, which often impacts on latency and bandwidth sensitive services such as VOIP, Citrix and Remote Desktop connections.
By introducing WAN optimisation technologies, this flood of bandwidth demand can be substantially reduced through compression and block-level caching, leaving a minimal amount of traffic between each client and server and the inevitable few clients who still try to connect directly to Microsoft's update servers. This remaining traffic can be further controlled by using the built-in Bandwidth Management capabilities to set minimum and maximum bandwidth values for the various services using the link. That means you can guarantee the amount of bandwidth available for your Remote Desktop/Citrix connections and VOIP communications to run without degrading performance or sacrificing important OS updates.
The rise of workplace collaboration services such as Microsoft’s SharePoint Server leads to increased demand on a company’s WAN infrastructure. Slow file downloads and uploads, waiting on pages to load and the resulting decrease in available bandwidth for other network services can increase pressure on IT departments to find a cost effective solution.
For this scenario we tested Microsoft’s SharePoint server product, which is commonly used as a team working and corporate intranet solution across a WAN link.
As part of our simulation we built a simple test network comprising of a client PC, a SharePoint server, WAN emulator and two Sangfor S5000's, detailed in the diagram below.
To simulate standard SharePoint activity, we accessed dummy Word and Excel documents which had been uploaded to the server and would make changes to the contents before saving them back. As we exchanged data between the client and the server, the WAN Optimisation units would compress data on its first pass while building up a block-by-block cache of the web pages and documents. This cache was responsible for reducing WAN traffic by up to 99%, as viewable from the screen capture below.
In conjunction with the data reduction, our HTTP proxy will optimise the communications on a protocol level to reduce needless round trips and to streamline the requests to the server, reducing the time it takes between clicking on a link and the page rendering in your browser of choice. The dramatic effect this has on file opening times and on wasted productivity waiting for pages to open can be achieved without replacing your current WAN infrastructure, allowing you to increase its throughput and improve ROI.
The performance improvement for your remote SharePoint users will be noticeable from the moment you install our optimisers, boosting staff productivity and reducing service complaints. This improvement is not limited to office based staff either, using our PACC client you will be able to improve remote worker staff and raise productivity levels to match their office based contemporaries.
Backups are notorious for taking considerable amounts of time to complete and are often scheduled overnight, a window of opportunity that is constantly shrinking as business increasingly runs 24/7 and with ever growing stores of data to protect. Providing backup for remote sites adds time zones and another limited resource to the equation – WAN bandwidth.
Resolving the issue often means spending time and money upgrading the connections, backup infrastructure and finding the right time in order to limit the effect on other network services. This is where WAN Optimisation can provide a cost-effective solution.
Remote company data is to be backed up across a WAN link by a server running Acronis Backup & Recovery 10, simulating a remote office configuration as shown in the network diagram below.
We resticted the available WAN bandwidth to 20mb/s with a latency of 30ms. The data to be backed up comprises 500MB of various zip files, executables and Office documents shared via Windows file sharing (CIFS), typical of many small office server deployments.
A simple job was created to backup files stored in the various shared folders on the test server. To access this data, Acronis Backup & Recovery 10 relies upon the inefficient CIFS protocol (TCP 445) to do much of its data transfer, resulting in poor job rates and a susceptibility to high latencies. When performing the same job with WAN Optimisation from Sangfor, the transfer of data was speeded up by optimising the underlaying protocol (CIFS) which cuts down on unnecessary communication between devices (so called “chatter”), helping it to overcome the high latency, low bandwidth environment of WAN infrastructure.
Because the "first pass" of any backup job will only grant the benefit of protocol optimisation and data compression, we only saw a 20 to 30% data reduction rate.
As this first job processes through the data, it will also be logged on a block-by-block basis into the cache of the units. This means subsequent jobs benefit from the cached data, which allows the unit to build the files locally rather than transmitting the full file across the WAN; pushing the orange mountain range in the above image down further, dramatically lowering backup times and WAN traffic.
For less than the yearly cost of an upgraded WAN link, the addition of a pair of WAN Optimisation units to your infrastructure substantially decreases the time it takes for your backup jobs to complete, with data reduction rates of up to 90%.
Where you may have been pushing the limits of a 6 hour backup window, now you will be completing jobs with time to spare. The difference could mean being able to fit in a mid-day backup without compromising the performance of your critical business productivity applications.
In the end, this opens up your disaster recovery and business continuity plans to the sort of flexibility you once thought out of reach for all but the very largest enterprises.
Your WAN capacity is running close to its limit, users are complaining about slow loading speeds of business critical applications and backups are falling outside of their windows... this scenario is played out in companies across the world, so how do you solve the problem?
Reducing the raw data travelling across your WAN by either blocking access to certain bandwidth heavy websites or deploying a WAN Optimiser can take the pressure off for a while, but you will still be at risk of suffering slowdowns and high latency due to the steady increase of your base traffic levels or from bandwidth hungry applications flooding all the available capacity. It’s obvious another technology is needed to guide and shape the bandwidth in addition to optimisation and acceleration, making sure specific applications and protocols either have access to a minimum level of bandwidth or are limited to a maximum level and can’t take all of the bandwidth for themselves.
I am, of course, talking about Quality of Service (QoS).
On its own, QoS helps to partition up your WAN link into many “virtual lines” and will throttle or burst traffic depending on your needs and the configuration set on the device. The drawback here is when you don’t have any WAN Optimisation you can quickly outgrow your connection because you’re trying to squeeze traffic down an even smaller section of your pipe.
Taking advantage of QoS usually means replacing network infrastructure with expensive switches, choosing your firewall because it supports that feature or even buying a device which is dedicated to the task. WAN Optimisers from Sangfor includes QoS as one of its core features for bandwidth management and together with traffic optimisation/acceleration make a complimentary pairing to get the best performance out of your current WAN infrastructure at a fraction of the first year upgrade cost.
This works because our units can identify traffic based on its TCP port and by using Layer 7 Application Identification, apply optimisation to the traffic to reduce the flow of data and then pass this reduced traffic onto the QoS module in order to shape it in accordance to your specific policies. Since we can identify traffic at the packet level, you don’t need to set up any additional rules should it be running across a non-standard ports – such as VMWare server using HTTP across port 8333 for its administration interface – reducing the maintenance required on your policies whenever you implement a new system/service.
Through this unified approach, not only can you dramatically improve the performance of your WAN communications but you can keep a constant eye on your changing usage patterns and respond based on solid data provided by our reporting module. This way you won’t ever let a single application bring your WAN to a crawl or waste a single byte of your precious bandwidth.
When you think about improving the performance of certain data intensive applications running across your WAN, it is quite easy to fall into the trap of focusing too tightly on that specific case at the expense of taking a wider view of your WAN usage.
For example, many backup and disaster recovery applications now boast basic WAN acceleration technologies such as block-level caching and compression to their feature sets as a means of reducing their load on your network. While this, on its own, is a good step forwards it only works on traffic generated by the backup application itself – your network file sharing (CIFS), exchange email and SQL traffic won’t see any benefit. It also means spending money on feature unlocking licenses or whole new product versions just to improve that one application.
If you were to deploy WAN Optimisation units from Sangfor on each side of your WAN, not only would you be accelerating and optimising your backup solution - often with better results, especially in block-level caching since our units work on blocks as small as 512 bytes verses the 1Mb block limit present in many backup applications – but you can also accelerate these common business applications at the same time without extra costs:
- Network File Sharing (CIFS)
- Anti-virus software such as Sophos Anti-virus and Kaspersky
- Microsoft Exchange – without sacrificing encryption between client and server!
- Remote Desktop
- Backup Exec
- Windows System Update Services
- Office Intranets – whether in-house, bespoke or off the shelf
- File Maker
- Windows Deployment Services/Linux based PXE OS installation
- And many more...
By extending WAN optimisation to a network level rather than on a per application basis, you can realise significant performance improvements across the board without embarking on costly upgrades and the often lengthy project management of those upgrades.
Since our units are independent of the applications used in your business, you can gain additional benefits such as using our bandwidth management features to enforce Quality of Service (QoS) policies, regular report generation to give you detailed views on WAN usage and even extend optimisation to mobile users.
There is another aspect of IT that can benefit from having a dedicated WAN optimisation solution – the ever changing landscape of business applications and network utilisation. As a company changes, so too will the type of software being used and the different vendors providing them. By investing heavily in any single business application it reduces the likelihood of migrating to an alternative, even if the currently employed solution is no longer fit for purpose and hampering or holding back the ability for a company to respond to changing circumstances.
A dedicated WAN optimisation solution frees you up from needing to worry about the WAN performance of the choices available to you and whether the software has its own optimisation features bundled in or at an additional cost. Your solution will already be in place, and with the ability to run reports on all of your WAN traffic you can get the best out of every application running on your network - past, present and future.
When thinking about WAN Optimisation, it is easy to concentrate on raw bandwidth figures or noticing the time difference between backup jobs from pre-optimised and post-optimised days - Epochs? Eras? - and miss another vital aspect of improving the efficiency and performance of your networks – understanding who is doing what and with what across your WAN by making good use of the reporting features present in the WAN Acceleration and Optimisation units from Sangfor.
By knowing which machines and what services are generating the most traffic and at what time of day, you can diagnose the root cause behind incidents and adjust the settings of your Sangfor unit to better suit your needs and provide a solution, especially when adhering to ITIL best practices.
For example, you have installed a new WAN Acceleration and Optimisation unit into your head office and a branch office but Remote Desktop users still report periods of noticeable slowdown. As part of your investigation, you can run a report covering the time scales of the slowdown to see which IP on your network was generating the most traffic and the services that traffic was composed of.
Through that report, you may discover a server running a DR backup/replication or a particular user making heavy use of media streaming websites resulting in less bandwidth for Remote Desktop users. Armed with this knowledge you can immediately address the issue by either making changes to the schedule on the problematic server, limit the user from accessing those websites or by modifying the Bandwidth Management settings to ensure essential traffic such as RDP is guaranteed a minimum slice of the bandwidth pie, reducing the impact other services have on a business’s core applications.
Where you could have spent days collecting and reading TCPDump logs or spending money on extra network monitoring equipment and contractors, you can generate a report in minutes, pinpoint the cause and develop a solution within a very short period of time. By setting these reports up to generate automatically and be delivered straight to your inbox on a daily, weekly and even monthly basis you can often notice a problem before it becomes a disruptive one.
In addition to being a useful tool in diagnosing issues in the present and formulating a solution, this body of data can assist long term projects in making the case for or against any major changes to the provision of IT services across the company. Traffic Flow Speed and Total Flow reports will show just how much data is passing across your WAN and how close you are to the maximum throughput your WAN connection is capable of.
This allows you to answer important questions such as “Can our infrastructure handle the migration of our CRM application to a new cloud based solution?” or “Is the bottleneck our WAN link or the server performance?” which often leads to “How do we fix this?” and, more importantly “How much will it cost?”.
Taking advantage of the built-in reporting functionality in Sangfor’s WAN Accelerators gives you an in-depth knowledge of the data flowing in and out of your network, which is crucial in providing an efficient WAN, ensuring your business gets value for money on their infrastructure and informs future decisions based on solid usage data.