W

AN Optimisation

Application Accelera

tion

Traffic ShapingReporting

Routing

Diagnostics

Ana

lysi

s

ApplicationsBusiness

Intranet

Dat

abas

e

E-mail

File

Sharing

INTM Intelligent Network Traffic

Management

Key features of WAN Optimisation in DBAM Exbander Precision Devices

www.dbamsystems.com

CASE STUDY

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

www.dbamsystems.com

OVERVIEWCASE STUDY

In response to these demands the market for WAN acceleration has developed into a $3.8Bn since 2004. These products have addressed the inefficiencies of poor application performance over the WAN by improving protocol efficiency, compressing data and de-duplicating data flows. Whilst this has a discernible effect the results are unpredictable and unsustainable in the medium term as recreational traffic fills the bandwidth freed up by WAN Acceleration devices. What is missing from the current WAN acceleration devices is the capability to control of mix of traffic over the WAN, a technology called Traffic Shaping in use by every service provider and ISP today.

Benefits for ApplicationInfrastructure

Application Architects Network Architects

Impacts on NetworkInfrastructure

Higher equipment costs

User productivity decrease

Support complexity

Security complexity

Litigation exposure

Reduced equipment costs

Resource efficiencies

Reduced support

Increased app security

Compliance resolution

Needsout ofsync

IntroductionThe trend to greater centralisation of server and application resources in large enterprises is well documented and increasingly this trend is seen in multi-site SMBs and mid-sized enterprises across the globe. The business benefits of lowering support costs, finer control, increased security and more efficient use of resources are discernible at every level of business. Running applications designed for LANs, however, impacts the performance and usability for users in remote locations. In parallel a rise in bandwidth hungry applications, often non-business related has had the effect of flooding available bandwidth to branch offices further impacting performance of business-critical applications. Social Networking sites (Facebook, Bebo, etc.), Video sites (YouTube, BBC iPlayer, etc.) and P2P Multimedia file sharing sites (BitTorrent) have significant effect on the performance of networked applications in addition to the obvious business issues of legality, security and appropriateness. In the past adding additional bandwidth for remote locations has been the main response to the reduction in productivity of remote users impacted by this poor application performance. It has become clear that additional bandwidth can only improve performance up to a point because of the effects of latency that cannot be improved.

01

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

New functionality is now emerging for business customers to provide Traffic Shaping on private WAN links and Internet based VPN connections using the same devices that provide application acceleration. WAN Optimisation and Traffic Shaping prioritises traffic flows across the WAN, controlling how much bandwidth they can consume based on application type, source and destination addresses and time of day. Together with diagnostic and monitoring tools, network managers are now able to maximise business critical flows and have control over how bandwidth is being utilised and can reduce ongoing support costs, increase security and control misuse.

The combination of accelerating applications over a continually optimised WAN creates predictable, sustained and incredible application performance improvement with measurable ROI, a reduced cost of support and finer control of how this valuable business asset is utilised.

DBAM’s Intelligent Network Traffic Management (INTM) offers a unique approach for optimising networked application environments using a single device.

INTM enhances the performance of applications by a combination of these two discrete elements:

>> Optimisation of network traffic in underlying WAN infrastructure. This fundamental first step provides the visibility and control of network traffic into organised and prioritised flows generating a step change in performance of networked applications. This process maximises investments in bandwidth and resource and reduces overall cost of supporting the networked infrastructure allowing for growth in capacity and functionality whilst controlling misuse and abuse.

>> Specific application acceleration techniques targeted at identified traffic flows generate predictable and sustained improvement in response and performance, enhancing productivity and efficiency of network users.

02

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

Optimising the WAN will deliver new functionality that include:

>> Significant improvement in all networked application performance

>> Identification and prioritisation of business-critical network traffic

>> Management and control of rogue traffic

>> Management and control of disparate network traffic flows to prioritise time-sensitive flows (Voice, Video, etc.) over non time-sensitive flows (e-mail, etc.)

>> Diagnosis of network error conditions with automatic notification

>> Unique monitoring of end user service and application latency and threshold exceptions

>> Real justification of WAN bandwidth costs measured against business traffic flows

>> Measurable ROI in efficiency and productivity

>> Provide a platform for securing networked applications

>> Resilient networked application traffic flows for Business Continuity.

The WAN optimisation process provides a predictable and optimised platform as the foundation to apply application acceleration. DBAM Application acceleration uses this optimised networked environment and applies specific enhancements relevant to the individual businesses including:

>> Microsoft file sharing environments with WFS and Active Directory integration

>> Specific well known business applications such as Oracle, SAP

>> Applications specific to the business identified with unique signatures

>> General Internet and Intranet traffic optimisations and control using a combination of compression, caching and de-duplication

>> E-mail Exchange integration providing instantaneous response for remote clients

>> Specific bandwidth allocation for time-sensitive flows including Database, Remote Desktop, voice and video streams.

5 Stages of WAN Optimisation with DBAM EP Devices:>> Gain visibility into network traffic flows. Use the inbuilt traffic discovery and analysis tools to

identify critical business traffic>> Diagnose any underlying error conditions and bottlenecks impacting network performance

and provide information to resolve those problems >> Use Load Balancing and Routing to enhance performance and resilience >> Apply Traffic Shaping policies to optimise WAN traffic flows for business critical applications>> Use inbuilt reporting tools to analyse trends to aid intelligent network design and traffic flow.

03

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

WAN Optimisation Key Features

Analysis, Discovery & MonitoringThe key element in creating an optimising environment is an awareness of real-time traffic flows in terms of the local and remote users and the applications being used throughout the day. Without a thorough understanding of the application flows there is little chance that the bandwidth is utilised optimally.

DBAM’s EP devices are designed to give visibility into application traffic flows in the form of snapshots and trends through days and weeks. Once the network manager has this visibility it is possible to make informed decisions on how to coordinate the application flows throughout the day to optimise bandwidth and control abuse or misuse.

W

AN Optimisation

Application Accelera

tion

Traffic ShapingReporting

Routing

Diagnostics

Ana

lysi

s

ApplicationsBusiness

Intranet

Dat

abas

e

E-mail

File S

haring

ApplicationsBusiness

Intranet

Dat

abas

e

E-mail

File

Sharing

04

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Intuitive visualisation of active flowsThe Active Flow module presents all traffic flows upstream and downstream in a tree-like hierarchy and represents a snapshot of network usage displaying packet and volume displays for individual flows and a set of summary statistics for all flows.

>> Pattern & trend discoveryIn most network analysis applications a comprehensive set of tools allow for particular events to be picked up as long as the network operator knows what to look for. Precision Start, DBAM’s management console, is designed to analyse flows and flag exceptions in a visual manner. Operators can ‘see’ regular use, network exceptions, misuse and overuse in the graphical displays.

>> Real-time displays of network usage

Traffic flows can be displayed in a number of formats in real time (Pie Chart, Bar Chart for snapshots, Line graph for time series) giving a high level overview of all network traffic with the ability to drill down into specific flows to get more information about anomalies or exceptions.

>> Identifying common application flows

A wide range of traffic flows are predefined allowing for easy identification of traffic types ranging from business critical flows through normal priority application traffic, e-mail, intranet/internet, Interactive flows (VoIP and Video). In particular specific flows for rogue traffic can be recognised and marked for control. This list includes common P2P applications and Internet Messenger flows (Hotmail, Yahoo, etc.). Traffic flows between users and external regulated sites (Facebook, BBC iPlayer, Hotmail, etc.) can be easily identified and regulated using pre-configured identification parameters.

>> Intuitive visualisation of active flows >> Pattern & trend discovery

05

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Specific application monitoring

A specific module, Inspector7, allows the creation of user-defined signatures to recognise flows and mark them for specific control whether that be optimisation or restriction of bandwidth providing highly granular control over new services or services which attempt disguise themselves.

>> Network rules modellingThe EP range of devices allow modelling of service definitions designed to prioritise traffic to be controlled in a live environment before any traffic shaping is implemented. This allows the rules generated to be checked for accuracy before being committed to live traffic. The analysis module will collate statistics on the numbers of flows that would be shaped when the rules are applied allowing for validation of the rule base.

>> Specific protocol monitoringSpecific traffic types can be filtered and analysed; for example GRE traffic allows for stateless VPN tunnels to be created and is a useful mechanism for transporting VPNs across internet connections. However a GRE tunnel from a client on the enterprise network to an end point on the internet is a potential security breach and should never be allowed. The analysis module would recognise and report on those flows indicating the source and destination.

>> Internet Messenger visualisation – IMView moduleIn addition to monitoring high level Internet Messenger flows a specific module allows for the monitoring of conversations in those flows and automatically detect inappropriate content that could potentially be a target for litigation. Flows can also be monitored to ensure no sensitive or confidential information is transmitted. This is an adjunct to e-mail security policies that are now commonplace.

>> Specific application monitoring >> Network rules modelling

06

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

DiagnosticsIn addition to analysis of the state of traffic flows across the WAN, a series of features allow the network manager to get a health assessment of the WAN from basic but critical configuration errors to sophisticated application level health checks. In essence, diagnosing network errors is actually the first step in analysing and monitoring network performance but is frequently overlooked with few analysis tools available. DBAM’s EP device range track a range of error notifications which together with an extensible knowledge base lead network managers to identify, isolate and resolve network application issues.

>> Duplex error notificationDuplex configuration errors are rarely notified to the network manager and yet can create a bottleneck for traffic flow. Instead of 100Mbps full duplex only half the available bandwidth is available but because this is a ‘soft’ error not affecting connectivity it goes unreported. EP devices will notify those configuration errors to maximise bandwidth available.

>> Automatic management and notificationThe DBAM Diagnostics Module requires no setting up, simply turning on. The reporting interface presents reports of live or historical data in PDF or HTML formats. A step through process is used to highlight the errors according to severity. Using the interface more in depth analysis may be carried out to investigate errors.

>> Incorrect configuration in workstation DNS settings.

>> Incorrect configuration of VPNs or connection failure. one of the most prevalent causes of poor performance in wide area networks.

>> Hidden behaviour of management software. For example probing routers which are no longer available or do not support SNMP.

>> Incorrect configuration of Firewalls. It is very easy to overlook a configuration in a firewall when the network is growing. The Diagnostics Module can tell you if it is rejecting traffic inappropriately.

>> Request to non-existent web servers. Often web servers contain hidden links to other web servers which may be off line or no longer available.

07

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> SiteSeer health monitoring >> Host and Route availability

>> SiteSeer health monitoring

The SiteSeer module provides a mechanism for network administrators to monitor the latency and bandwidth to different sites. Sites can be configured with certain thresholds which, when passed, will cause alerts to be raised, enabling the administrator to manage a large number of critical systems from an easy to use GUI.

>> Host and Route availabilityThe network manager is able to define a set of criteria that determines route and application availability beyond a simple ping test. Thresholds can be set against a number of parameters which indicate either total failure or a service operating outside of predetermined service levels. The threshold exceptions are immediately reported to relevant personnel.

>> Reliable honest broker error reportingThe EP device is positioned at a strategic point in the flow between clients and applications servers and has visibility into all components that impact those flows from security devices, gateways and load balancers. In this position it collects data on the effectiveness of the client-server communication and is able to report clearly if any other device is either configured or operating incorrectly.

>> Notifier moduleAs an aid to network management and support the EP device range can report exceptions and events via e-mail notification. The exceptions are triggered by user-defined thresholds being exceeded. Automatically e-mails are generated to individuals or groups. An audit trail of the exceptions is retained for analysis. In essence a network manager can determine if a particular application flow is getting close to bandwidth limits so that appropriate action can be taken.

08

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

Traffic Shaping>> Real-time dynamic traffic shapingUnlike QoS systems which are buffers than can overflow, Traffic Shaping on the EP device is a dynamic scheduler system with a graphical interface so that basic traffic control is an intuitive visual process.

>> QoS ComplianceAny QoS or ToS settings are honoured in the upstream or downstream flow. Under certain circumstances network managers may wish to modify these settings, this is possible in the rules based management.

>> Unique bandwidth borrowingIndividually identified traffic can be assigned a base level bandwidth based on % or absolute packets or bytes as a committed flow rate. Other identified flows can then be allowed to ‘borrow’ bandwidth from parents or children based on the scheduler recognising available unused bandwidth. The target is to maximise bandwidth utilisation to as close to 100% as is practical whilst ensuring critical flows always have priority access.

>> Prioritised borrowingMultiple traffic types are assigned a priority from 0 (highest) to 10 (lowest) which controls access to spare bandwidth. This ensures balance between maximising the bandwidth utilisation whilst prioritising the business critical traffic first. Any instance of bandwidth ceilings being reached are alerted to the network manager automatically.

>> Real-time dynamic traffic shaping >> Prioritised borrowing

09

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Easy traffic flow controlTraffic flows can be identified by a wide range of criteria basic source and destination addresses (IP and Mac), URLs, TCP Port numbers, protocol type as well as specific signatures to identify unusual flows. These are then grouped before applying shaping criteria.

>> Volume and packet based flowsSeparate queues are definable for flows that are bulky in nature (e-mail, File Transfers) and others which are more packet oriented (VoIP). This ability to allow traffic to be identified is a refinement that assists the EP device in implementing the most appropriate scheduling.

>> Protocol burst supportMost protocols have different peak and average traffic rates especially on initiation of a session. There is often a significant difference in traffic volume during session initiation and then maintaining that session. If the WAN optimisation device only supports a single rate there can be issues about session setup or alternatively require that too much bandwidth associated with the flow just to support the burst. The EP range supports committed traffic flows with a prioritised borrowing rate and additionally an allowance for protocol bursts configurable by length and volumes which elegantly produces efficient bandwidth utilisation. Beyond ensuring maximised bandwidth utilisation this feature makes the EP devices network and application aware rather than simply bandwidth aware.

>> Intuitive interfaceAs with the rest of the management screens traffic shaping is configured using a graphical interface to allow visualisation of changes. In combination with the Flow monitor fine tuning of the overall traffic flow is made possible. Using an EP device,

>> Out of band management softwareImplementing the analysis, shaping and reporting functions is done on a Java based workstation rather than on the appliance itself. This ensures that the maximum amount of processing power is applied to shaping traffic rather than providing a GUI for network manager.

10

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Offline from appliance >> Usage reports by group

Reporting

As important as the initial analysis of traffic flows is the ongoing monitoring of application performance at the remote offices. Due to the nature of application development there is a continual development of bandwidth hungry applications. It would have been difficult to predict the impact of P2P programs 5 years ago and the surge in Video based applications has risen ahead of expectations. The bulk of these social applications are recreational and not business critical and yet create contention for network bandwidth.

Ongoing, scheduled reports on usage can highlight trends and indicate potential contention ahead of time allowing for remedial action to be implemented before any business impact is felt. Reports will also indicate where and when additional bandwidth will be required together with providing the justification for expenditure based on business critical application flows. Historical information can be used to give projections on productivity at remote locations providing ROI (return on investment) information.

>> Offline from applianceA rich set of reporting tools that analyse traffic in discrete periods, captured by the EP device but stored and processed on any Java enabled machine. This ensures that extensive reporting can be run in real-time or scheduled without impacting the performance of the appliance itself as in other devices.

>> Usage reports by groupThe reporting module allows simple definition of groups from IP addresses, Protocol types, etc.; to generate highly customised reports. This powerful module can be the basis of a value added service generating continual information on application traffic flows together with analysis on possible enhancements and cost savings.

11

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Report templatesReports are created using the intuitive user interface with a drill down option similar to that in the monitoring module. Once the query is generated it can be saved as an XML file and applied to other EP devices to create synchronised reports across multiple devices and sites. The reports can be scheduled to run over specified time intervals to give regular reports sent by e-mail or stored on a server.

>> HTML/PDF report outputOnce the report is created the output of the data can be output in PDF or HTML formats for easy storage and viewing from any authorised device. For specific network events reports can be annotated in real-time and the resulting report quickly sent by e-mail to individuals or groups for further analysis or actioning.

>> Export data into multiple formats

Statistics by default are kept on the EP devices for 30 days and indefinitely on specified PCs. The data can also be output in a number of standard database formats to allow for even greater analysis over an extended time series. Supported formats include MySQL, SQLServer, H2, HSQLDB and Derby. This function is particularly useful for studying long term trends and for storing data for compliance reasons.

>> Managed service options – SLA monitoringAmongst other features of the EP devices the reporting functionality can be used to monitor and report on Service Level Agreements as part of a Managed Service offering. Multiple links can be analysed with results automatically sent to interested parties. Service Providers might use this function to report on compliance with SLAs; Enterprises might use it to highlight usage between particular sites.

Routing & Load Balancing>> Intuitive configuration and management Using Precision Start interface a graphical representation of traffic flows from source to destination addresses is discovered and displayed automatically. Flows from or to specific destinations can be highlighted and directed to use specific routes based on customer specifications. The action is a drag and drop procedure with a commit and rollback option.

>> Real-time cache visualisation Automatic graphical representation of all source and destination flows with ability to drill down to specific flows and filter groups of users or destinations.

12

OVERVIEW

©DBAM Systems Limited | July 2008 Suite 1, Belle Vue Business Centre, Elm Tree Street, Wakefield, UK. WF1 5EP

>> Load balancing and failoverMultiple gateways can be configured for load balancing and failover with comprehensive criteria for route selection. Routes can be grouped for load balancing and given relative weight to control usage. Source addresses and traffic types can be defined as groups and assigned to particular routes or route groups. Failover to backup routes are handled automatically within the EP device.

>> Extensible routing policiesIn addition to the industry standard of providing routing policies based on source and destination addresses, the EP range allow policy definitions based additional parameters such as TCP port numbers, transmission protocol and many other criteria based on packet header fields. Flows matching the criteria can be either routed via specified gateways, load balanced or prohibited. Packets can be prevented from reaching a destination and report destination as Prohibited, Unreachable; a third option, Blackhole drops the flow with no report, useful in virus handling for instance.

>> Real-time cache visualisation >> Load balancing and failover

13

OVERVIEW

Contact informationDBAM Systems Ltd

Suite 1,Belle Vue Business Centre,

Wakefield,WF1 5EP

www.dbamsystems.com

DBAM EP DevicesINTM is the philosophy behind DBAM range of Exbander Precision (EP) devices designed to meet requirements for enterprises of any size. The EP60 range are designed for small branch offices, EP600 & 6000 add support for higher bandwidth and more users whilst the EP60000 represents the highest performing device.

Configuration and reporting for the EP range of devices is through Precision Start management interface that can run on any PC or Java enabled workstation.