Many employees are distributed across various branch offices and are typically connected via the corporate WAN, while remote access for mobile and off-site employees is also fast becoming a necessity.
While the WAN is a sort of lifeline between the branch offices and the headquarters or data centre, most organisations are finding that it is not sufficient to provide the access and interactivity needed for critical centralised applications.
Organisations are finding that this problem has led to significant productivity issues, a reduced capacity to effectively serve customers, a lessening of competitiveness and decline in employee morale.
Solving the distributed application problem usually involves a combined approach of stopping bad or malicious traffic, minimising the impact of non-business critical but acceptable traffic and accelerating business-critical applications using techniques that overcome the effect of latency due to distance and “chatty” application communication.
One issue that organisations are struggling to handle is the unauthorised use of the certain applications by employees during work hours. Such activities include employees downloading large files, such as movies or music or watching streaming video during office hours.
Even small applications can take up expensive bandwidth due to incessant chatter across the network, causing a significant breakdown in communications and enterprise systems. For instance, a computer with quite a bit of spyware will generate “phone home requests” as the application tries to connect with its origin server. Tens or hundreds of these can amount to significant traffic across the WAN.
Companies also have increasing concerns about employees accessing online gambling sites, pornographic material or other inappropriate content while at work. Besides introducing spyware and malware to company servers, this has also exposed companies to liability as customer information is stolen or leaked.
A WAN optimisation solution that cannot discriminate between various applications will end up accelerating malware, viruses and unauthorised applications or content along with everything else. Such a solution should ideally stop this kind of traffic rathe than pass it along or accelerate it.
Applications and content that are acceptable to the organisation but not business-critical need to be prioritised intelligently. This should be done on the basis of who the user is and what privileges they have.
It should also be done with full understanding of the application and the specific interaction the user is requesting to have with it. In addition, it must be done using fine-grained policy control to avoid inflexible, “draconian” decisions that unnecessarily hamper the employee or organisation.
For example, certain employees might need access to streaming media from external sites for business purposes. Others may be allowed access only during certain hours or to a certain amount of bandwidth.
Another important part of a WAN optimisation solution is having the ability to mitigate the effect of allowed applications. For instance, if the organisation does not want to restrict an employee’s ability to watch on-demand video from a site such as YouTube.com, it should try to minimise the effect on the organisation’s Internet connection and WAN.
Caching the content at the firm’s Internet gateway or locally at the branch office will enable popular video to be served without impacting the WAN or Internet gateway. All sorts of content, including software updates, can be locally cached to reduce traffic across the WAN or Internet gateway.
Many branch offices have found that trying to run large applications simultaneously across a network is a difficult and almost impossible task. When these applications start competing, everyone in the organisation suffers. Branch office employees are the biggest victims as they are furthest away from the data centre.
Traditionally, companies have sought to overcome the problem of poor throughput by adding more bandwidth. With network latency often the real culprit, many managers find that buying more bandwidth is only a short-term fix, if it helps at all.
Fully solving the issue requires a combination of application acceleration and security or policy control.
In the past, security and acceleration were once fierce opposites. Organisations had previously sacrificed performance at the gain of having security. Similarly, performance gains have come at the expense of security.
Today it is possible not to have to make such sacrifices. In addition, organisations are finding that branch offices—located well beyond the corporate network –need both security and acceleration.
Many organisations still have a centralised Internet gateway and backhaul Internet traffic to and from the branch offices for security reasons. But that means that all Internet traffic is backhauled over costly WAN links to remote users. This model is quickly changing.
According to Gartner, many organisations will shift away from backhauling Internet traffic over the next several years. Enterprises will increasingly deploy Internet gateways in remote offices and use the Internet as a cost-effective WAN substitution to access internal and external WAN applications. Once this happens, the security and control issues at the branch intensify.
With escalating reliance on accessing data remotely, the problem no longer revolves around the network. It’s about the infrastructure being built out and providing control for every business’ needs. The focus has moved to the users and applications and the way they communicate with each other.
The alternative to a WAN bandwidth upgrade is WAN optimisation for all kinds of business traffic and with security and policy control. It is vital to implement a unified architecture that extends application performance and security measures to all points in the organisation.
Recently, there has been an increasing demand by enterprises for WAN optimisation appliances that, through combinations of smart caching, protocol optimisation, load balancing and other tweaks, promise to vastly improve network and application performance without the need for fatter pipes, while keeping data secure.
A WAN optimisation solution accelerates a full range of business-critical application traffic and provides appropriate levels of security and control.
Such a solution must be able to manage SSL encrypted traffic from externally hosted SaaS applications as well as well as on-demand or live streaming video.
The solution should also enforce corporate policies by controlling content and applications and protecting against spyware, viruses and other malicious or unauthorised software.
According to IDC, the area of application acceleration is a forefront concern, with WAN optimisation a chief priority for IT managers with existing networks. IDC sees the importance of acceleration, policy control and security in an integrated platform. It calls this WAN Application Delivery to distinguish it from older WAN optimisation solutions.
The next wave for WAN optimisation
It seems technology developments are unending, with enterprise video, VoIP and Voice on Demand (VoD) expected to pave the next wave of business communications in the future. Due to the high demands these applications place on bandwidth, there will be a trend by enterprises to consolidate techniques, including caching, compression and data reduction.
A key development that enterprises can expect this year is in remote user WAN optimisation. With more emphasis on productivity, workers will be accessing applications from in the field.
While packet-delivery devices are a key part of the enterprise Internet gateway, application delivery devices must make decisions where knowledge of the user, application and session is required.
However, before these trends eventuate, it is vital to educate the market properly about WAN optimisation and how it benefits businesses today, as the market is still fairly immature.
Blue Coat Systems
Wayne Neich is Regional Sales Manager A/NZ for Blue Coat Systems
Accelerating the path to WAN optimisation
By Wayne Neich on Feb 26, 2007 2:58PM