Window on WANs

Jul 9 2009   6:02PM GMT

From the WAN Mailbag: Encryption, MPLS, optimization and more

Tim Scannell Profile: TScannell


One of the benefits of online publishing, as opposed to traditional paper and ink methods, is the Internet provides a more capable (and sometimes culpable) two-way street in terms of getting readers involved in the information purveyance process.

Social computing networks like Twitter, LinkedIn and Plaxo add to the interaction by channeling bits of information to specific user communities, or providing a faster and more effective route to important and useful articles. Over the past few weeks, we have received a number of comments from readers on various topics related to WANs and networking. The following is a quick taste and excerpts of what some of our readers are saying.


On the subject of WAN-based encryption technologies:

Wouldn’t it be more prudent to encrypt data when it is written, so no data integrity is compromised? This way data can traverse the WAN, public or private, without compromise.

It is about centralized control and management. WAN throughput might be impacted, since most WAN optimizers need to cache or manipulate data for some type of acceleration. If the data has already been compressed or encrypted or de-duped, how do you optimize it? That is where technology, or software around the data transport acceleration, comes into play.

— Steve Thompson,Director of Strategic Accounts, NetEx Software, Inc.

Encryption has traditionally been a bad word for WAN optimization. Data obviously needs to be in the clear or else WAN optimization products that perform data de-duplication cannot pattern match and reduce the redundant traffic.

There are really two areas where encryption can impact how a WAN optimization device is deployed and/or the effectiveness of the device. When traffic is encrypted in the network, the WAN optimization device is best placed before the encryption takes place.

When application traffic is encrypted or at least obfuscated, you can’t simply place the WAN optimization device before the application. Most WAN optimization vendors suggest disabling encryption within the application environment, forcing the trade-off between optimization and security. WAN optimization vendors have addressed many of these popular encrypted application environments by safely decrypting or unscrambling the traffic so that optimization can be applied. Riverbed , for example, has special acceleration support for popular obfuscated/encrypted application environments like SMB-signed windows file sharing traffic, SSL, encrypted Exchange (MAPI), and Oracle Forms.

— Bob Gilbert, Director of Marketing, Riverbed Technology


On the topic of the rising importance of MPLS and Ethernet services as employee work habits on the network change dramatically.

The demand for performance has grown as availability and bandwidth have expanded. Now, users want their applications performing well, and need some applications more than others. Users are also getting farther away from where their applications are hosted, but still need the same or even better performance from the application. Data center consolidation and user mobilization are two factors promoting this trend.

MPLS helps to ensure applications are performing, if they are delivered in a higher priority. But, there is one thing to consider: More and more business-critical critical applications become Web applications. This means that means the router cannot distinguish between them and normal Web surfing anymore and thus cannot assign them separately to an individual class in MPLS. For this, MPLS in the future will require other tools that can take individual applications and put them into dedicated MPLS classes, while other applications at the same port can go into other classes.

— Morris Becker, Territory Manager, Blue Coat Systems

Related Article:
Choosing WAN connectivity and services wisely


On the topic of WAN performance and the proactive use of WAN network measurement tools.

Before focusing on to how to improve performance, the first question is “what is the performance?” Performance measurement tools, and particularly WAN emulation tools are the key to understanding how applications will perform with different bandwidth, latency, and loss rates, so users know if they have a problem and need acceleration. Assuming they do, WAN emulation tools then make it easy to benchmark the various WAN acceleration and optimization solutions.

I spent ten years in TCP optimization and WAN acceleration, and realized that nobody had a good way to see how their network conditions were affecting application performance. We eventually decided that what the world needed (or at least the enterprise IT world needed) was not another WAN acceleration product (there are many good ones), but better network simulation and application performance test tools.

— DC Palter, President and co-founder, Apposite Technologies

WAN performance is not only one of the key issues in enterprise networking, it is also becoming very critical and strategic in achieving IT initiatives like consolidation, virtualization, disaster recovery, and application delivery.

Organizations have traditionally looked at the WAN as an obviously necessary infrastructure for connecting their global business, whether its branch offices, data centers, or mobile workers. However, limited bandwidth and more importantly high latency conspire together to make a WAN perform up to 100 times or more slower than a LAN. The result is that the WAN has traditionally been a barrier to achieving many of these critical IT initiatives.

WAN optimization can have a profound impact on both your WAN and the initiatives that rely on the WAN. Benefits include:

Bandwidth savings

The potential elimination of between 60% to 95% of traffic for all links where you have WAN optimization devices deployed results in the ability to do more with your existing bandwidth and if the timing is right you can defer WAN upgrades or in some cases, even decommission bandwidth. This is arguably the most obvious and hardest ROI for WAN optimization.

Site consolidation

Consolidating branch office file servers, mail servers, and associated backup systems from far-flung branch offices to central data centers is nothing new. The value is real clear as you want to move these systems to a central location where it is less costly to manage, more secure, and where you have more control. The big challenge is that once you move these servers hundreds or thousands of miles away from the users, performance is horrible.


The growing popularity of virtualization has resulted in an arguably more efficient IT infrastructure that impacts the data center, branch office, and in some cases, mobile worker environment. One of the inherent architectural challenges with virtualization is the fact that virtual machine images are large in size, often having a footprint of between 4GB to 20GB. If your platforms where you are moving virtual machine images between are on a LAN, not a big issue, but as soon as you interject a WAN environment with smaller bandwidth and high latency, moving these images can take hours and in some cases, days. WAN optimization can improve the performance very dramatically.

Other areas that WAN optimization can have a profound impact include disaster recovery and application delivery. For DR, data backup and replication can be improved more than 50 times faster using your existing bandwidth. For app delivery, imagine SharePoint, AutoCAD, or your critical corporate application performing 10 times, 50 times, or up to 100 times faster.

— Bob Gilbert, Director of Marketing, Riverbed Technology

Related Articles:

WAN optimization paired with proactive tools improves app availability

What’s killing WAN bandwidth? Monitoring tools can nab the culprit

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: