Introduction
• Reduces branch office infrastructure costs by enabling server, backup, application, and storage resources to be centralized into the data center
• Improves employee productivity and business agility by accelerating applications as well as data backup and replication across the WAN
• Reduces WAN bandwidth expenses
1. Advanced and Comprehensive Optimization Technology
IT organizations can gain the full benefits of WAN optimization through the most advanced optimization technology:
• Advanced Compression: Minimizes bidirectional bandwidth consumption by replacing large chunks of redundant data patterns with fixed-sized signatures.
• Caching: Minimizes bandwidth consumption and accelerates applications by storing copies of any application data (not just HTTP objects) that may be requested by other users in the future, so that the same data does not have to be sent again.
• TCP Flow Optimization: Overcomes the performance and efficiency limitations of commonly used transport protocols such as TCP.
• Application-Specific Acceleration: Reduces application-specific latency so that application transactions can be streamlined and accelerated. Examples are CIFS, NFS, MAPI, HTTP, and Windows Print services.
• Integrated High-Quality Video Delivery: Most solutions optimize data traffic well but rarely have the integrated capabilities to also deliver high-quality video while eliminating redundant WAN bandwidth consumption and complex configurations.
2. Ease of Initial Deployment
A properly designed solution enables you to deploy WAN optimization in 30 minutes or less and start receiving the benefits very quickly. An easy-to-deploy solution should have two main sets of capabilities: intelligent setup wizard and automation, and dynamic autodiscovery.
Intelligent setup wizard and automation allows you to very quickly enable network connectivity for the WAN optimization devices, without going through a lengthy configuration process.
Autodiscovery allows WAN optimization devices in the branch and data center to automatically discover each other and start optimizing applications. The term "dynamic" signifies that no WAN optimization devices need to be specified and configured manually to enable autodiscovery. Most solutions do not support dynamic autodiscovery to the fullest extent. A fully dynamic solution offers a number of advantages:
• In-Path or Off-Path Flexibility: Most vendors' autodiscovery support only in-path but not off-path deployment. For the best integration flexibility, invest in a solution that gives you dynamic autodiscovery for either in-path or off-path deployment.
• Ease of Scalability: Autodiscovery is not as easy to scale in an in-path deployment. Shop for a solution that offers both dynamic autodiscovery and ease of scalability.
• Automated Intersite Routing: When off-path deployment is required to eliminate single points of failure, a truly dynamic autodiscovery technique uses your existing network to automatically make intersite IP routing decisions for you, rather than requiring your administrators to manually specify and maintain IP routing decisions among WAN optimization devices that are deployed across multiple branches and data centers.
• Automated Optimization Without Single Points of Failure: Most solutions support automated optimization through in-path deployment but not off-path deployment. But if off-path deployment is required to eliminate single points of failure, these solutions require manual and static configurations of target TCP ports for optimizations. Not only is that time-consuming, but many applications such as Oracle and SAP use dynamically generated TCP ports, which renders static port mapping useless. Shop for a solution that allows you to automate optimization without introducing single points of failure into the data path.
3. Ease of Ongoing Operations and Management: True Network Transparency
WAN optimization is deployed and managed as a networking device. Therefore it should not only make your operations and management easier, but also be transparent, that is, avoid making your existing investments and best practices in network and security policies obsolete. Most solutions only support transparency partially. A transparent solution not only integrates with your existing services to make them better and easier, it also saves you ongoing management overhead over the long run.
A truly transparent solution should offer the following capabilities:
• Application Transparency: Deployment is fast and easy because no initial and ongoing changes are needed for end-user PCs and applications. Most vendors support this feature.
• Interception Transparency: Deployment is fast and easy because both clients and servers continue to send traffic to each other's IP addresses without seeing the WAN optimization devices in the path. LAN traffic is transparently redirected to the proper optimization devices. Some vendors support this feature.
• Preserving Industry-standard NetFlow Policy: WAN optimization without supporting IP header transparency no longer show user PCs and applications that are communicating or the TCP port that is being used. Instead, the collector receives information about flows between accelerators. Administrators examining NetFlow data from the edge routers see only flows between accelerators and can no longer see which users are working with which servers on which application ports.
• Preserving Router Access Control Lists (ACLs) and Firewall Policy: Without IP header transparency, ACLs deployed on router and firewall using IP and TCP header information may not function correctly because they no longer see the end nodes that are communicating or the TCP ports that are being used. Instead of the actual flows between users and servers, the router or firewall sees the tunnels between accelerators.
• Preserving Quality of Service (QoS): Without IP header transparency, QoS and associated features may need to be reconfigured if the packet header information is overwritten. QoS functions that are easily affected by accelerators include traffic shaping, policing, rate limiting, and queuing.
• Preserving Network Based Application Recognition (NBAR): This protocol discovery and classification technique relies on visibility to application data. Any accelerator that overwrites the packet header and payload information prevents functions such as NBAR from correctly identifying and classifying data.
4. Secure WAN Optimization
Application acceleration must not compromise data privacy and existing security policy. A truly secure WAN optimization solution should offer the following capabilities:
Protection of accelerated data at rest:
• 256-bit AES disk encryption based on FIPS level 2 specifications
• Centralized key management including automated backup and recovery, and robust failover support
• No key left on disks
• Role-based Access Control (RBAC) interoperable with Microsoft Active Directory, RADIUS, and TACACS+
Protection of accelerated data in transit:
• Secure WAN acceleration with stateful protection of accelerated traffic
• PCI 1.1 compliance
• Ongoing common criteria evaluation
Critical security interoperability features:
• No overhaul of firewall ACLs and security policy
• End-to-end security monitoring visibility
• No additional static ports open
• Compliant with most major firewalls
• Interoperate with Intrusion Prevention Systems (IPS)
• Inline and out-of-path virus scanning
5. Robust High Availability, Scalability, and Load Balancing
Shop for a solution that offers mature implementation in these areas:
• Simplicity: For example, Cisco Wide Area Application Services (WAAS) supports 50,000 optimized sessions on a single appliance, with 1-Gbps optimized WAN throughput, without the need for load balancing.
• Reliability: For example, Cisco WAAS supports 1.6 million optimized sessions, with 32Gbps optimized WAN throughput using your existing LAN switch WCCP for load balancing and with no single point of failure, without the need to buy an external load balancer.
• Performance: For example, Cisco WAAS can scale to 2 million sessions, 64Gbps optimized WAN throughput using an external load balancer such as a single Cisco Application Control Engine (ACE) module available on the Cisco Catalyst® 6500 Series switch.
6. Router Integration for Lower Operational Expense
Research consistently shows that equipment operational expenses are the great majority of total cost of ownership. Router-integrated WAN optimization allows you to install and manage single pieces of equipment at each branch office embedded with voice, data, security, and WAN optimization. WAN optimization technology integrated with the router gives you the following features and benefits:
• Integrated WAN Optimization Modules Lower Deployment Cost: A single piece of equipment embedded with data (routing and switching), voice, security, and WAN optimization can be preconfigured and shipped to branch offices to reduce shipping, IT staff travel, and installation costs.
• Familiar Management Interface Lowers Training and Support Cost: An integrated WAN optimization and routing solution reduces the amount of training need for staff that is already familiar with the router management interface. It also simplifies IT management by standardizing on the same support contract and ensuring transparency of services.
• Dedicated Computing Resources Improve Performance with Lower Expense and Complexity: The solution should use dedicated hardware and software for high-performance WAN optimization, without impacting voice, data, and security tasks and without creating another overlay device just for WAN optimization.
7. End-to-End Application Delivery Capability
While WAN optimization is critical for delivering applications to the branch office, it should become an integral part of the overall application delivery infrastructure. To meet this requirement, a good WAN optimization should offer:
• Integration with Data Center Load Balancing: A solution that requires one set of load balancing for itself and another one for the server farm costs more for design, installation, and management. Look for a solution that works with commercially proven load balancers that are already deployed in front of the server farm.
• Acceleration for Mobile Employees: A solution should also offer application acceleration for mobile employees who are not stationed in the branch office. Look for a client-server solution that has been proven for mass PC deployment with stability, performance, and interoperability with the Windows PC environment.
• Asymmetric Acceleration for Web Application Users: A solution should be able to be integrated with an Application Delivery Controller (ADC) system that does not require any branch office device and can accelerate web-based applications delivered from the data center.
8. Flexible Branch IT Services Delivery
IT complexity and control of costs in branch offices are what drive organizations toward server and storage centralization initiatives. But companies then face trade-offs between application performance, providing required local IT services, and controlling branch office infrastructure costs. Centralizing servers and accelerating applications allows organizations to simplify and reduce server management costs. Unfortunately, they also lose the ability to deploy services such as printing, DNS/DHCP, Microsoft Active Directory, or line of business applications locally. On the other hand, decentralizing servers improves local service performance and application availability but increases infrastructure complexity, making it more difficult to integrate and protect data.
The right WAN optimization solution should provide flexible and virtualized selection of centralized and local services in order to optimize application performance, service agility, and cost. Cisco and Microsoft have jointly developed the Windows Server® on WAAS solution that combines comprehensive WAN optimization and high quality video streaming with Windows Server 2008 core. This combined solution allows organizations to locally host Windows Print, Active Directory, DNS and DHCP, while centralizing business applications with optimized performance.
Use the following checklist to compare the Cisco® Wide Area Application Services (WAAS) solution to those of other vendors.
Table 1. Comparison Chart for WAN Optimization Solutions