WAN-optimization appliances from such companies as Packeteer, Riverbed Technology and Silver Peak Systems have been instant industry darlings, surging to the top of enterprise priority lists with their speedy, performance-improving results and quantifiable ROI. By combining such technologies as compression, caching, wide-area file services, TCP optimization and SSL acceleration, these devices have made doing business over the WAN not only tolerable but in many cases preferable.
Now vendors are hoping for follow-on hits with product improvements in client-side acceleration, network security and performance management.
Performance-management technologies are becoming the add-on of choice for many optimization vendors looking to maximize the functions of their appliances. Coupling management capabilities and optimization lets network administrators use the reams of traffic and application data collected by acceleration tools to troubleshoot problems and identify areas in need of a performance overhaul.
For instance, when the network team at Rawlings Sporting Goods in St. Louis needed to figure out why the performance of a Web-based customer-order application was suffering, it turned to a WAN-optimization appliance from Packeteer rather than rely on traditional network-monitoring software. Packeteer's PacketShaper used a variety of techniques to speed traffic across the WAN and provided insight into performance problems, say Jack Matthews, director of MIS, and Richard Truex, manager of network operations.
PacketShaper technology analyzed traffic, found bandwidth hogs and helped the Rawlings network team manage bandwidth consumption. With Packeteer the team determined what type of traffic could traverse the net, and created policies to throttle down application packets that weren't mission-critical in favor of those deemed essential to the business.
"Rather than buying network taps and sniffer probes, and having to take all that data and do the analysis ourselves, we bought PacketShaper," Truex says. Using WAN optimization "immediately puts you in a proactive mode, because once the issue is identified, you can go into the appliance and create a policy to prevent the problem from happening again," he adds.
Rawlings also uses PacketShaper to make sure it doesn't exceed its allocated share of its service provider's DS-3 line and to QoS on VoIP calls. "PacketShaper is a management tool, a network analyzer tool and an optimization tool. It allows us to improve the quality of our network applications without spending more money than we had planned," Matthews says.
Industry watchers say companies should expect other vendors to provide systems management capabilities in concert with optimization tools. For instance, Citrix Systems acquired application-acceleration vendor NetScaler and Reflectent Software, a maker of client-side performance-management software. Combined, the products could provide performance improvements and real-time measurement, analysts say. Citrix already has integrated Reflectent with its Presentation Server product and plans to continue working toward delivering optimized applications to user machines.
Examples of vendors planning to pin together management and optimization include Radware, through its acquisition of Covelight Systems. Covelight's Inflight product captures transactional data related to business events in real time, including user identity and session information. Radware says the merging of its technology with Covelight's could help network managers respond to performance and security issues more quickly. For instance, if a Web transaction deviated from normal in a way that indicated fraud was taking place, the network could be instructed to sever that transaction.
F5 Networks is planning to license Microsoft System Operation center in its F5 ControlPoint Management appliance. The F5 product, the two vendors say, will collect, analyze and report data from F5's portfolio of application optimization, availability and security devices using Microsoft management technology.
"Once you distribute the [WAN optimization] technology, there is no reason why you shouldn't be able to use it as probes to report back to you in real time about end-to-end application performance," says Robert Whiteley, a senior analyst with Forrester Research.
Considering the client
Next up for companies whose appliances already sit in data centers and branch offices will be optimization software for installation on client machines. These include Blue Coat Systems, Expand Networks, Packeteer and Stampede Technologies. "We are going to see a lot of activity around client-based code in the second half of this year," says Joe Skorupa, a research director at Gartner. "Nomadic employees need the acceleration just as much as those in a remote office, so they need that code on their machines."
This client software would be a peer to a branch-office appliance and communicate with the data-center appliance serving as the central management device. A client machine in a branch office would rely on the appliance there to perform optimization tasks. If the client machine is in a home or at a hotel kiosk, the optimization software would kick in and apply the technologies needed to ramp up performance for the remote user.
WAN optimization turf war
In some cases, customers can choose to add the software only to certain client machines -- those of the traveling sales staff, for example -- and not use an optimization appliance at a remote sales office. This option could appeal to IT administrators who are overseeing small offices with a handful of staff and can't always justify the $3,000 to $5,000 for an appliance.
In other cases, the optimization software would not need to be preloaded on client machines. For instance, Blue Coat plans to offer acceleration software on demand, via a small code download, to remote users when they log on to the corporate network through a VPN. And Citrix announced a software-based acceleration client expected to be available this summer. The company claims it will deliver the first interoperable WAN-optimization and SSL VPN product set with its Citrix Access Gateway integration.
Zeus Kerravala, a research vice president at Yankee Group, says he likes the idea of client-side optimization. "For mobile employees, the big unknown is bandwidth. This client software will deliver performance without employees having to figure out the best way to work with their applications while on the road," he says.
Protecting secure packets
Looking ahead, security also will be a big focus of WAN-optimization vendors. As encrypted traffic increasingly becomes the norm, enterprises will need to apply optimization technologies to that traffic or the purpose of their WAN-optimization appliances will be lost. If the appliance can optimize only a small percentage of the traffic, companies won't continue to see the remarkable performance gains they have seen so far.
"A company today might only have 10% to 15% of its traffic encrypted, but in some industries, such as financial, it is as high as 60%, and overall that number is just going to keep growing," Forrester's Whiteley says. "It will be imperative for vendors to be able to optimize this traffic."
In the past, WAN-optimization vendors maintained that accelerating encrypted traffic was not feasible, because their tools would have to decrypt the packets to get at the content to determine whether compression was possible -- thus defeating the purpose of encryption.
Some vendors have begun to figure out workarounds. Riverbed, for example, has upgraded the operating-system software used on its Steelhead appliances to be able to terminate SSL sessions, optimize the traffic, then re-encrypt it as SSL.
To avoid putting encrypted data at risk, SSL keys and certificates that reside within servers don't leave the data center, Riverbed says. Instead, the keys and certificates get transferred to a Steelhead appliance, which intercepts SSL requests headed for the servers. Then it establishes SSL sessions with another Steelhead appliance across the WAN using temporary session keys. These two devices talk to each other while the Steelhead device on the data center side talks to the servers, and the remote appliance talks to client machines trying to access the servers.
Besides Riverbed, Blue Coat (which has roots in security) and Certeon have begun to offer acceleration of SSL traffic across the WAN.
Keeping applications in mind
Although WAN-optimization vendors are broadening their product lines to include client operations, security and performance management, some also are ramping up optimization for one or more particular application types. By gaining deeper insight into these, vendors can learn -- then apply -- the best ways to improve performance over the WAN.
F5, for example, recently unveiled an application-delivery network specifically for Microsoft applications. This is part of the company's newly announced Application Ready Network program, intended to simplify the design, deployment and management of an integrated network from a single vendor. And Certeon, with its S-Series appliances, uses application blueprints to understand the user requests that will require specific application-data objects to pass over the WAN. It has S-Series Application Acceleration Blueprints for Oracle and SAP applications, as well as for the 2007 Microsoft Office, SharePoint and Exchange platforms.
"More vendors are looking to go beyond generic acceleration. They are being very specific in how they add optimization value," Whiteley says. "Customers with big investments in certain applications will find the targeted knowledge appealing."
Indeed, network managers interested in WAN optimization need to discuss application road maps with their prospective vendors, says Yankee Group's Kerravala. They need to ask vendors about the applications they plan on supporting, as well as whether they'll handle optimization at the client and on mobile devices, he says.
In addition, network managers shouldn't overlook optimization for homegrown applications.
At Userplane, an AOL company that offers a communications platform for online communities, for example, WAN optimization of a custom application made a key function possible, says Michael Jones, founder and CEO of the Santa Monica, Calif., company. One of its mission-critical applications drops a small script on Web pages and calls back to Userplane servers every few seconds to report on visitors to the site. "It's a very low-transfer, high-volume application, transferring small bits of data every 5 seconds for millions of connections," Jones explains. "We could not take it live without having load-balancing technology in place."
That capability comes from Citrix's NetScaler load balancing and TCP offloading technology.The TCP offloading removed the overhead of establishing and closing connections to the Web server. NetScaler made more Web servers unnecessary by optimizing the application traffic coming into the data center, and made it possible to roll out the application in line with business plans.
Today's WAN optimization tools won't be around for long in their current incarnations. The products that worked their way into enterprise networks promising to speed applications will deliver those capabilities and then some. Enterprise network managers can be certain their investments in WAN optimization today will pay off in more advanced capabilities tomorrow.
"Customers can go to these vendors now and get a clear picture of what their products will look like in a couple of years, and really make the case for getting the features they want in their WAN optimization gear," Yankee Group's Kerravala says. "It's definitely a buyer's market."
This story, "The next three big WAN optimization targets" was originally published by Network World.