• No results found

OPTIMIZING THE NETWORK FOR APPLICATIONS

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "OPTIMIZING THE NETWORK FOR APPLICATIONS"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

Intelligent WAN and network optimization technology allow organizations to

more effectively use enterprise networks as demands on bandwidth grow.

E

nterprises use networks today in entirely

different ways than they were originally intended. Early network technology was designed to link together peer systems that rarely moved. Today, organizations rely upon these networks to support mobile devices, cloud computing and other technologies that early designers could never have envisioned.

New networking technologies offer enterprises the opportunity to transform their networks

from the destination-based model of the past to a flexible approach optimized for modern applications. Today’s intelligent wide area networking (iWAN) technology allows the adoption of transport independence, intelligent path control, network optimization and secure connectivity options designed to support modern use cases.

READ ABOUT

• The benefits of intelligent wide area networking

• Utilizing intelligent path control for more flexible routing

• Optimizing traffic on existing networks to meet demand

OPTIMIZING

THE NETWORK

FOR APPLICATIONS

(2)

MOVING AWAY FROM

DESTINATION-BASED

NETWORKING

Until recently, the state of the art in networking technology used the same destination-based routing approach that existed at the birth of modern networking.

In that approach, as each packet enters the network infrastructure, network gear examines its destination and consults lookup tables that dictate the appropriate next hop for that packet based on the eventual destination. Organizations seeking to optimize connections between branch offices in this model typically contract with service providers to establish point-to-point network circuits between destinations.

Networks, once used for routing low-bandwidth communications between offices, now carry critical, high-bandwidth applications. As enterprises move applications to the cloud, the network traffic also follows a different pattern. Instead of using a traditional hub-and-spoke model wherein communications flow through dedicated connections to servers located in central offices, communications now route through cloud providers. Users in both central offices and branch offices

connect to cloud providers over the Internet. They work collaboratively on documents, presentations and other data, but the network traffic supporting that collaboration looks much different.

These new uses support many different kinds of devices, including bring-your-own-device (BYOD) computing, and require high bandwidth for video conferencing and other communications. The applications require highly available connections to the Internet that implement fault tolerance and support high-bandwidth utilization. They do not generate direct interoffice network traffic.

As the use of cloud computing increases demand for Internet

connectivity and reduces the burden on interoffice links, organizations are reconsidering their use of dedicated point-to-point connections. The cost of Internet links decreases constantly, and modern networking technology supports the use of Internet circuits to create WAN

connections in an affordable, secure, fast and highly available manner.

»

(3)

1. Transport independence:

Users of

iWAN do not need to worry about the types of circuits that connect each branch office to the shared network. Some offices may leverage commodity Internet connections, while others use multiprotocol label switching (MPLS) or cellular technology. Most iWAN technology reduces these connections to a single routing domain and makes connections between offices transparent to end users through the use of dynamic multipoint virtual private networks (DMVPN). From the user’s perspective, it just works.

2. Intelligent path control:

With traditional networks, organizations typically waited until they had an outage and then manually switched from their primary circuits to alternate connection options that either offered lower performance or were more expensive.

Performance-based routing technology is often used with iWAN to implement intelligent path control, leveraging multiple connections and selecting the best connectivity option

for each.

3. Application visibility and control (AVC):

These technologies (often bundled together) provide application-level classification,

monitoring and traffic control to improve critical app performance, support capacity management and planning, and reduce network operating costs.

4. Application optimization:

Applications have varying network requirements and business priorities. The iWAN allows administrators to optimize the network for specific applications, prioritizing those that are critical for business.

5. Secure connectivity:

Many enterprises are afraid to rely on the Internet because the commodity Internet does not provide the native security they find in some point-to-point connectivity options. The iWAN mitigates this concern by layering security technology on top of whatever connectivity underlies the interoffice connections. Essentially, it applies strong encryption and modern defenses to any network connection as an extension of transport independence. Plug a circuit into the iWAN architecture and the iWAN secures it to the same standards as other network connections.

Implementing these four features allows enterprises to depend on their iWAN-enabled Internet connections as they would a traditional point-to-point circuit. As a bonus, Internet

connections bring two added advantages to interoffice networking: They are cheaper to implement than costly dedicated circuits, and they are easily provisioned at almost any location.

TOWARD THE INTELLIGENT WAN

The intelligent WAN model uses inexpensive commodity Internet connections as the

foundation for the robust, secure interoffice connectivity that enterprises with multiple

sites require. It uses technology to overcome the traditional limitations of Internet-based

connectivity by implementing four key features:

EXPERTS WHO GET IT BLOG

Read about the current state of WAN optimization and how it is evolving in the blog post from Nacho Vega, Network Solution Architect for CDW.

C L I C K H E R E

(4)

TRANSPORT INDEPENDENCE

The iWAN provides a very promising benefit: network functionality that is independent of the transport mechanism. Branch offices may connect to the enterprise network via any means available based on economic or performance considerations. The iWAN then extends higher-level services, such as application optimization and security, to those networks without requiring any special configuration or capability from the underlying transport connection. Network circuits become true commodities with the sole purpose of providing basic connectivity from each office to the Internet, where they pick up an iWAN connection.

The iWAN achieves these objectives by layering VPN connections on top of whatever transport mechanism each branch office uses. All application services then tunnel over that secure, encrypted VPN connection. Regardless of whether these circuits rely upon the Internet, MPLS or cellular connections back to the central office, they provide the same level of service to branch office users, bandwidth permitting. It does not make a difference what technology connects each branch office to the iWAN.

The use of DMVPN technology helps iWAN achieve transport independence. In the DMVPN approach, branch offices establish an encrypted tunnel back to the central office, and the VPN takes care of the rest of the network configuration, providing higher-level network services. The

DMVPN also establishes mesh networking capability, providing each branch office with the instructions necessary to dynamically establish connections to any other branch office, building out a partial mesh on demand. This structure facilitates flexible communication between offices without requiring that all communications flow through the central hub.

WAN OPTIMIZATION SOLUTIONS

In addition to intelligent WAN technology, many vendors offer dedicated WAN

optimization products that seek to further improve network performance. Organizations may choose to implement one or more of these technologies to further optimize network utilization. They include WAN accelerators, WAN optimization controllers and application delivery controllers.

WAN accelerators are either physical or virtual appliances that serve a network connection and perform compression, deduplication and data caching to improve performance. This approach reduces the

amount of information traveling over WAN links and frees up capacity for other uses.

WAN optimization controllers (WOCs) sit at both ends of a WAN circuit and coordinate with each other to improve the performance of the applications traveling over the network. WOCs reach into the protocols used over the network and use caching, compression and other

optimization techniques at the application layer. Application delivery controllers (ADCs) sit in front of servers in a data center and moderate access to those servers. They routinely provide load balancing among multiple servers and also can perform compression, minimization and caching services for the applications served by the ADC.

While any given enterprise is not likely to implement all three of these technologies, using one or more of them provides valuable performance benefits that reduce the

burden on WAN links and improve network performance without requiring an increase in capacity and cost.

(5)

INTELLIGENT PATH CONTROL

1. Profile Phase: The iWAN monitors traffic flowing over the network and automatically develops profiles of network flows that include information about network performance. Administrators may also supplement these automatically generated profiles with manually configured rules.

2. Measure Phase: Once the iWAN develops

network profiles, it then measures network activity by monitoring NetFlow protocol

information and injecting synthetic flows into the production network to measure performance.

3. Apply Policy Phase: Next, the iWAN uses policy-based thresholds to evaluate network performance, detecting any applications or links that exhibit performance that falls outside of established norms.

4. Enforce Phase: The iWAN now has all of the information it needs to dynamically modify

network performance. In the enforce phase, the network reconfigures itself to optimally achieve policy compliance by rerouting traffic as needed.

5. Verify Phase: Once the iWAN modifies traffic flows, it enters the verify phase where it monitors traffic to ensure that it returns to a

policy-compliant state. If the network still does not comply with policy requirements, performance-based routing repeats the five-phase process to achieve compliance.

By continually applying the five phases of this process, the iWAN constantly reconfigures itself to maintain optimal performance while complying with defined business objectives. This intelligent path control goes far beyond the performance and capabilities of yesterday’s destination-based network.

Achieving transport independence opens up a new world of networking

options for organizations. While they once relied on primary and backup circuits for communications, they now have the ability to leverage multiple circuits simultaneously in a load-balanced and highly available fashion. Network traffic can follow the best available path based on current conditions and shift routes when conditions change.

The iWAN uses performance-based

routing to achieve intelligent path control. This technology gathers real-time information on the status of each network link, examining delay, packet loss, latency, jitter and other characteristics to maintain a current view of network performance. Performance-based routing then combines this information with administrator-defined policies to incorporate cost, prioritization and other business

decisions to make dynamic path selection considerations in an intelligent fashion.

Performance-based routing implementations follow a five-phase process that includes a feedback loop that continuously evaluates the quality of network link performance. The parts of this loop are:

Source: CDW, “Tech Bulletin 2014: WAN and Application Optimization,” November 2014

THE PERCENTAGE OF I.T.

DECISION-MAKERS WHO PLAN TO SPEND

AS MUCH OR MORE IN 2015 ON

WAN AND APPLICATION DELIVERY

CONTROLLERS AS THEY DID IN 2014

53%

(6)

»

In the past, organizations with multiple network connections often used redundant links as failover

options in case the primary link failed. This left the backup connection

dormant, with the capacity wasted, until a disruption on the primary link caused a failover. Aaron Pilcher, an enterprise networking solution architect team lead at CDW, says, “Some organizations may have performed quasi–load balancing, purposefully splitting traffic half on one link and half on another. But that’s diversification, not load balancing, no matter how you slice and dice it.”

Using Performance Routing v3 allows enterprises to achieve true load balancing for the first time. “When we absolve ourselves from the ties that bind us based upon longest prefix match and believability of protocol, that’s where we get the magic,” says Pilcher. Organizations can now feed network performance information into their decision-making process and automatically select the best link for a given connection, based on real-time information. Failover becomes integrated with network intelligence. If a link fails, it is no different than an extremely low-performing connection. The network heals itself and routes traffic over alternative links.

APPLICATION AND NETWORK OPTIMIZATION

The first set of technologies allows the network to tune itself for the applications that it carries. Four key methods form the core of this approach:

Data deduplication:

This technology removes redundancy from network communications. Many applications send the same data repeatedly over network links in a very inefficient manner. Data deduplication places copies of frequently sent information at each

remote location and accesses it as needed, reducing the quantity of data traversing expensive WAN links.

Compression:

Mathematical algorithms are applied to reduce the size of data that must transit those links. Controllers at each end of the connection compress data before placing it on the WAN and then decompress information they receive over the WAN before placing it on the LAN.

Traffic prioritization:

This technology allows network administrators to define policies dictating the network traffic with the

greatest degree of business criticality. The iWAN then prioritizes that traffic over less important data, increasing the efficiency of the most

important business processes.

TCP optimization:

Network configuration

characteristics, such as the Transport Control Protocol (TCP) window, are altered to reduce congestion and achieve optimal performance on each network link based on the unique characteristics of that link.

The iWAN uses each of these techniques to adapt to changing performance conditions and to the unique attributes of the applications it supports. At the same time, enterprises may also optimize applications to improve the efficiency of their network utilization. These techniques include caching commonly requested information on a device that sits in front of the application server, performing data compression at the

application layer and using minimization technology to strip unnecessary content prior to transmission.

FROM FAILOVER TO

LOAD BALANCING

Transport independence and intelligent path control allow organizations to

achieve optimal network configurations using whatever technology lies at their disposal. The next component of the iWAN, optimization, then steps in to make possible the most efficient use of that network. It works by both optimizing the network for applications and optimizing applications for the network.

(7)

SECURE

CONNECTIVITY

Every enterprise relies on the network to not only

transport data between locations

but also to do so in a secure manner that preserves the confidentiality and integrity of sensitive information. Data breaches result in countless losses to organizations every day, and protecting data transported by networks is of the utmost importance.

The iWAN is secure by design. The ability to control traffic through the network offers an opportunity to apply a unified security access policy everywhere — or the option to customize it to a specific need. Another security facet of iWAN is that the DMVPN technology used to achieve transport independence relies on Internet Protocol Security (IPSec) as a fundamental building block.

When properly configured to use strong encryption algorithms, such as the Advanced Encryption Standard (AES), IPSec also provides bulletproof confidentiality over otherwise insecure communications links. This secure technology helps assure enterprises that they may confidently use the Internet as the primary transport

mechanism for moving sensitive information between office locations.

In addition to providing foundational security, the iWAN allows organizations to rely on Security as a Service — security offerings provided by cloud vendors that enhance existing security controls. For example, Cisco Systems’ Cloud Web Security (CWS) provides network-delivered web use policies, threat intelligence, advanced threat protection and centralized reporting and management functionality. Leveraging these cloud-based services provides enterprises with the features of cutting-edge security technology

without requiring expensive capital investments or

dedicated staff to maintain and upgrade the underlying technology. Security administrators may focus their efforts on configuring the security policies that implement their organization’s unique business requirements and leave the platform management to specialists.

CONCLUSION

Enterprises place new demands on networks every day as they adopt cloud computing

solutions, implement BYOD policies and increase their use of high-bandwidth applications. Intelligent WAN technology allows organizations to build robust, fault-tolerant and high-performance networks capable of meeting demand as users place new burdens on the network.

In addition, this new technology renders circuit-based capabilities a concern of the past. The iWAN enables efficient and cost-effective use of whatever WAN circuits are available to build a reliable network that provides a consistent level of service in every remote location, regardless of the transport mechanism used for each connection. That is the power of optimizing networks to improve application performance.

References

Download now ( PDF - 7 Page - 275.67 KB )

Related documents

Perception of student's satisfaction towards online learning: A study among SBMS' students in UUM

In order to test the hypotheses, SmartPLS version 2.0 was used and the findings of this study showed that the user interface design, online course design, perceived ease of use

Manual VSM94

The 5 x 4 content questions were selected because, when matched samples from different countries are compared, the mean scores for the countries on the four questions belonging to

Integrating findings from surveys and case studies: examples from a study of standards-based educational reform

Our efforts to combine survey and case study methods in the study of standards-based school reform began in 1996 with studies of the impact of the Kentucky Education R eform Act (KER

Biodegradable Municipal Solid Waste in Santo Domingo de Heredia

This project, prepared for the Centro Nacional de Producción más Limpia, explores the feasibility of using composting and/or biogas technology in the municipality of Santo Domingo

White Paper. Optimize Every SaaS Application with an Intelligent WAN

Silver Peak Unity is an intelligent wide area network (WAN) fabric that enables IT to achieve something that’s never been possible: the ability to monitor and control connectivity

Cisco and Akamai Elevate the Customer Digital Experience

Cisco Intelligent WAN (IWAN) with Akamai Connect is an integrated solution that provides best-in-class caching and optimization for rich content and web applications at the

A Simple Idea: Multiple Carriers, One Point of Contact

Agenda: CONVERGANCE OVERVIEW NETWORK: MPLS intelligent, flexible, and secure wide area network solution with dynamic prioritization ACCESS: Ethernet reliable and scalable access

Global System for Mobile Communication (GSM)

The message center (MXE) is the node that provides intelligent network services. The PLMN service area is an area served by one