STEELHEAD HYBRID NETWORKING



Similar documents
Cisco IWAN and Akamai Intelligent Platform : Maximize Your WAN Investment

How To Create A Qos

How Network Transparency Affects Application Acceleration Deployment

The Next Generation of Wide Area Networking

WAN Optimization. Riverbed Steelhead Appliances

Accelerate Private Clouds with an Optimized Network

STEELHEAD PRODUCT FAMILY

Microsoft Exchange 2010 /Outlook 2010 Performance with Riverbed WAN Optimization

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

STEELCENTRAL APPRESPONSE

Cisco and Visual Network Systems: Implement an End-to-End Application Performance Management Solution for Managed Services

Application Visibility and Monitoring >

White. Paper. The Application Deluge and Visibility Imperative: How to ensure network performance for your business-critical applications

Riverbed WAN Acceleration for EMC Isilon Sync IQ Replication

Business Case for Cisco Intelligent WAN

Top Five Considerations for Building a Cloud-Ready Network for Distributed Enterprises

Corporate Network Services of Tomorrow Business-Aware VPNs

Networking and High Availability

Verizon Managed SD WAN with Cisco IWAN. October 28, 2015

A Software-Defined WAN Is a Business Imperative

How To Manage A Network With Ccomtechnique

Networking and High Availability

The Next Generation Network:

Delivering Dedicated Internet Access (DIA) and IP Services with Converged L2 and L3 Access Device

The Ultimate Guide to Gaining Control of the WAN

PREPARED FOR ABC CORPORATION

November Defining the Value of MPLS VPNs

WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO

APPLICATION-AWARE ROUTING IN SOFTWARE-DEFINED NETWORKS

Guarantee Microsoft Office 365 end-user experience

WHITE PAPER: Broadband Bonding for VoIP & UC Applications. In Brief. mushroomnetworks.com. Applications. Challenge. Solution. Benefits.

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

Leveraging SDN and NFV in the WAN

Multi-Link - Firewall Always-on connectivity with significant savings

WAN Failover Scenarios Using Digi Wireless WAN Routers

AppDirector Load balancing IBM Websphere and AppXcel

SDN and NFV in the WAN

Optimizing Performance for Voice over IP and UDP Traffic

Networking Topology For Your System

WAN optimization and acceleration products reduce cost and bandwidth requirements while speeding throughput.

UNIFIED PERFORMANCE MANAGEMENT

Elfiq Networks Vital for Hospitality

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

White Paper. McAfee Multi-Link. Always-on connectivity with significant savings

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

The Hybrid Enterprise. Enhance network performance and build your hybrid WAN

Virtualized Security: The Next Generation of Consolidation

Improving Quality of Service

WAN Performance Analysis A Study on the Impact of Windows 7

Voice, Video and Data Convergence > A best-practice approach for transitioning your network infrastructure. White Paper

Ensure VoIP and Skype for Business Call Quality and Reliability with NetScaler SD-WAN

WHITE PAPER September CA Nimsoft For Network Monitoring

Link Controller ENSURES RELIABLE NETWORK CONNECTIVITY

VMware vcloud Air Networking Guide

WAN Traffic Management with PowerLink Pro100

Configuration Example

How Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper

LOAD BALANCING WHITE PAPER OPTIONS FOR HANDLING MULTIPLE ISP LINES AT HOTELS

Is Your Network Ready for VoIP? > White Paper

PRODUCTS & TECHNOLOGY

Site2Site VPN Optimization Solutions

Preparing Your IP network for High Definition Video Conferencing

Colt IP VPN Services Colt Technology Services Group Limited. All rights reserved.

THE CONVERGENCE OF NETWORK PERFORMANCE MONITORING AND APPLICATION PERFORMANCE MANAGEMENT

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

A Link Load Balancing Solution for Multi-Homed Networks

Application Performance Management

RIVERBED APPRESPONSE

APPLICATION NOTE. Benefits of MPLS in the Enterprise Network

Visualization, Management, and Control for Cisco IWAN

SiteCelerate white paper

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Load Balancing 101: Firewall Sandwiches

Network Services Internet VPN

Saisei and Intel Maximizing WAN Bandwidth

Voice Over IP. MultiFlow IP Phone # 3071 Subnet # Subnet Mask IP address Telephone.

Getting the Most Out of Your Existing Network A Practical Guide to Traffic Shaping

Private Cloud Solutions Virtual Onsite Data Center

AKAMAI AND RIVERBED JOINTLY DEVELOP INNOVATIVE SAAS ACCELERATION SOLUTION

A ZK Research Whitepaper. October Cisco s Branch Infrastructure Powers the HYBRID WAN

WAN Optimization for Microsoft SharePoint BPOS >

Evolution of Wide Area Networking

Cisco IOS Flexible NetFlow Technology

WHITE PAPER. The Business Benefits of Upgrading Legacy IP Communications Systems.

Integration Guide. EMC Data Domain and Silver Peak VXOA Integration Guide

Transcription:

STEELHEAD HYBRID NETWORKING INCREASE NETWORK APPLICATION PERFORMANCE AND AVAILABILITY WHILE REDUCING COSTS WITH RIVERBED PATH SELECTION THE RISE OF THE HYBRID INFRASTRUCTURE Today, businesses are rapidly adopting cloud infrastructure and SaaS applications broadly across the enterprise. Enterprise workforces are using applications, managing data, and conducting research along with other activities on the Internet and in the Cloud. In fact, more than half of all enterprises are using the cloud for storage, ERP, email, collaboration, and more. Yet data, including large files, unified communications, recreational traffic, and more that are destined for the public Internet still travel through the costly MPLS network. That s an inefficient way to access services and applications, such as cloud collaboration or cloud CRM, which can be accessed directly on the Internet without ever touching the corporate MPLS network. And the cost is high, especially when compared to broadband Internet. Typical studies tell us that a MPLS megabyte can cost up to 200 times more than a broadband megabyte, per month. 1 2012 Cisco Global Cloud Networking Survey Until recently, enterprises followed a model where the vast majority of applications where hosted within private datacenters, with standardized WAN on MPLS network services. In a world with public and private resources, however, a hybrid network that combines the strengths of highly reliable MPLS networks with the ubiquity and lower cost of Internet infrastructure can be more economical. Global enterprises are rapidly adopting cloud infrastructure and SaaS applications broadly, and the Internet is now a part of their business critical infrastructure. With combined public and private resources, the network itself needs to go hybrid, combining the strengths of the highly reliable MPLS with the ubiquity, price, and speed of the Internet. The hybrid networking model from Riverbed Technology enables organizations to adopt hybrid networks to maximize the performance of applications, increase network availability, and reduce costs while retaining IT control and minimizing complexity. This paper explains how Riverbed path selection technology is a superior approach for designing hybrid networks. 2 http://www.networkworld.com/community/blog/why-does-mpls-cost-so-much-more-internet-connectivity

CREATING A NETWORK THAT MAKES MORE SENSE Enterprises have three new compelling options involving an hybrid of MPLS and Internet: Move from MPLS to MPLS + Internet backhaul and triple the available bandwidth For enterprises struggling with demand for bandwidth, moving from a pure MPLS to a hybrid network truly combining MPLS and Internet-based links to backhaul traffic to the datacenter is a cost effective option. It can yield a dramatic 300% growth of the available bandwidth on branches, without increasing overall networking budget. Leverage local-internet breakouts for SaaS traffic Hybrid networks can be used to easily direct a selected part of the Internet traffic to local Internet gateways. Let s consider a user in San Francisco, who is forced to go through MPLS to a default central Internet breakout in New York to access a SaaS application, which is actually hosted in a datacenter based in Seattle. This situation creates a tromboning effect marked by added latency and unnecessary usage of expensive MPLS bandwidth. If a local Internet connection is present in the San Francisco branch, hybrid networks can selectively direct the user s SaaS traffic to be forwarded directly to the Seattle-based datacenter, while other Internet traffic could continue to flow through the New York secured gateway. The result is faster performance and a smarter utilization of network resources. Turn unused backup-lines into business lines Many enterprises use a primary MPLS network backed up by an IPSec-based Internet line that is reserved only for MPLS failover. In other words, that backup line typically sits unused and lonely for traffic. Hybrid networks let you convert that rarely used Internet link into an active business line by routing certain types of traffic over it, such as non-businesscritical traffic. RIVERBED PATH SELECTION TECHNOLOGY MAKES HYBRID NETWORKS EASY Until now, creating seamless hybrid networking architecture has been obstructed by the complexity of defining which traffic goes on which network. Hard-coded router configurations and policy-based routing are an intrusive burden on network administration, and ultimately neither are reliable nor granular enough to provide value. Without a simple way to define rules and configure the hybrid network, implementation of hybrid networking has remained difficult. With Riverbed, organizations can embrace hybrid networks to maximize the performance of business-critical applications, boost network availability, and reduce costs while retaining IT control and minimizing complexity. With Riverbed Optimization System (RiOS ) 8.5 path selection technology, IT organizations can deploy and manage complex hybrid networks to deliver greater application reliability and performance for less cost. (RiOS is the software that runs inside Riverbed Steelhead WAN optimization solutions). Unlike legacy policy-based routing technologies, Riverbed path selection technology: Is application-aware and able to precisely distinguish business-critical applications from less important applications Constantly senses path availability in real time using active probes for dynamic path failover Is simple to manage with centralized user interfaces Works with application visibility and WAN optimization for complete management of business critical applications over the WAN APPLICATION-AWARE Legacy solutions classify traffic using port numbers and IP addresses. Business applications based on HTTP are by default classified in the same bucket as non-critical YouTube traffic. This can only be resolved using classification based on IP addresses, leading to configuration complexity and increased operational risks. With Riverbed path selection technology, flows are classified using deep packet inspection (DPI)-based application awareness allowing to precisely steer traffic on different paths according to their true nature and criticality. For example, it even offers the ability to clearly distinguish between SSL-encrypted applications. Or instead of looking at Facebook as a consumer app, it can allow Facebook news feeds and updates but block non-business applications such as Farmville.

ACTIVELY SENSING PATHS AVAILABILITY In legacy solutions, path availability is determined using routing-based metrics that are slow to converge and unable to report brownout situations (when the network link is still up but quality of the path is below the usability threshold). As a result, organizations are not compelled to offload more than low importance applications over less reliable paths like Internet. With Riverbed path selection, path availability is constantly monitored; active probes rapidly detect both blackout and brownout situations where the path quality is degraded to the point that sensitive applications can no longer be delivered with a good quality of experience. Path selection rapidly and dynamically adapts the paths before end users are impacted, thus allowing even business-critical applications to utilize paths like the Internet if needed. TRANSPARENCY AND SIMPLICITY Unlike other approaches, Riverbed path selection technology utilizes a transparent overlay service versus changing the packetforwarding plane. This approach results in a clean abstraction between network layers and obviates the need to reconfigure routers with complex rules. Thus, the technology is transparent to the existing network and is easy to configure through an intuitive graphical interface. WORKS WITH APPLICATION VISIBILITY AND WAN OPTIMIZATION Path selection technology is an integrated element of an application performance suite. The suite provides integrated application visibility that simplifies policy construction and troubleshooting. Deployed across the network, the suite allows for network configuration and monitoring with application-level Quality of Service (QoS). It also provides a range of application optimizations to ensure peak performance of critical applications. BUSINESS IMPERATIVES This shift to a hybrid network satisfies the core imperatives for any enterprise network: Lower costs Growing a network with commercialgrade Internet to complement premium-priced MPLS bandwidth lets you scale the network to match growth and usage patterns, with a flat or even reduced impact on IT spend. Increased performance When a hybrid network is managed with path selection, the bandwidth available to applications is dramatically improved. Internet links can be fully utilized, freeing precious MPLS bandwidth. Bottlenecks and latency are minimized. That translates into optimal performance and high levels of user satisfaction. Increased reliability A hybrid network driven by Riverbed path selection technology offers a rapid failover capability. When the primary network becomes unavailable, the other becomes an instant backup, leading to an overall increase of network reliability.

CASE IN POINT Zero Dollars and 3x the Bandwidth A large engineering firm with 180 offices in 31 countries needed to support the traffic from their traditional enterprise applications and their everincreasing web traffic. Buying more WAN bandwidth was an unsustainable approach. Their goal was to increase aggregate bandwidth across the WAN (from 3 Gbps to 9 Gbps) with a flat budget impact. They deployed Steelhead appliances to continue to backhaul all Internetdestined traffic to headquarters for a simplified Internet security design, while augmenting their bandwidth with commodity Internet links and IPSecbased Virtual Private Networks (VPNs) for greater aggregate bandwidth. DESIGNING HYBRID NETWORKS WITH RIVERBED PATH SELECTION TECHNOLOGY Path selection technology in Steelhead solutions empowers IT organizations with greater controls to maximize multiple WAN services based on business needs, service quality, and costs. It redirects specific traffic or applications through one of three alternate paths Control: determined by destination availability What s NEW with Path Selection Classification Application Flow Engine classification Packet rule classification Branch Office Forward Next Hop MAC address Upstream policy based routing Internet MPLS Figure 1. The four functions of RiOS 8.5 Path Selection Technology in cascading order. The path selection technology deterministically redirects select traffic and application flows through alternate networks based on service metrics, such as path availability, application priority, and the rules you create. Monitor Cloud End-to-end path availability monitoring Active probing Data Center Path Failover Apps configured with prioritized list of paths Dynamic path selection in case of performance degradation At its broadest level, path selection technology performs four critical functions: Classifies traffic Steelhead solutions use information from the Riverbed Application Flow Engine about more than 600 individual applications and processes to understand where data is coming from, which application sent it, and what function that application is trying to accomplish. The Riverbed Application Flow Engine utilizes a variety of techniques, often in combination, like portbased classification, application signature matching, protocol dissection, behavioral classification and others. Traffic can also be classified using the full assortment of packet rules, including IP addresses, 5-tuple, DCSP, TCP and UDP port numbers, and so on. In this way, operators can instruct Steelhead solutions to precisely associate applications to networks based on their nature, performance requirements, and business criticality. Forwards packets Once the Steelhead solution has selected the right path, the preferred next step is for it to steer traffic to the newly selected path. This operation is transparent to the client, server, and any networking devices such as routers or switches. It can either be performed directly using distinct Steelhead physical interfaces or indirectly using MAC address rewriting. When that s not possible, for instance with virtual in-path deployments or where the Steelhead solution is not in the same Layer 2 domain, the Steelhead appliance uses DSCP marking with upstream policybased routing. Monitors availability Steelhead solutions monitor path availability and quality end-to-end. You define the endpoint IP address for every path, and the Steelhead solution will send an ICMP ping every two seconds. To validate availability, each path can have a different remote host. Manages failover If three consecutive pings are missed, the path is considered to be unavailable, and the backup path is selected. Every application has a list of paths: a default and a prioritized set of backup paths. Should the default path be unavailable, the higher-priority backup is instantly used (and then the lower one if needed). Operators can even decide to block certain type of applications when the primary path becomes unavailable with a goal of reserving the remaining available bandwidth for more critical applications. As soon as the default path becomes available, traffic is routed back to it.

CASE IN POINT Hybrid Networks To Increase Performance and Reduce Costs A global consumer goods company was approaching a major MPLS WAN refresh cycle and contract renewal. But growing the existing infrastructure to meet projected bandwidth needs would be very costly. The company wanted to control MPLS circuit upgrades, and, at the same time, expand network capacity significantly. The company deployed Steelhead solutions to fully leverage a hybrid network combining MPLS, Internet backhauling, and local Internet breakouts. Riverbed path selection ensures the right traffic travels the right path. That means directing highbandwidth internal applications (such as internal videos, email, anti-virus updates, Microsoft SCCM and SharePoint, and backup and replication) to Internet VPN links. Internet and SaaS traffic is sent to the public Internet in regional hubs. BRANCH DEPLOYMENT EXAMPLES The examples that follow illustrate a network with a single Steelhead appliance connected to multiple upstream routers, and a network with a second Steelhead appliance for redundancy. Each router is the gateway to a particular path. Both examples show MPLS and Internet/VPN. 1 Figure 2. Single Steelhead Appliance (with multiple upstream routers) in a Layer-Two Connected Branch 1. Traffic from the clients arrives at the active Steelhead appliance and is classified by path selection rules. That traffic s source and destination MAC address updated appropriately. 2 2. Traffic is then forwarded from the Steelhead WAN interface and sent to that updated MAC address. 3. The appropriate upstream router receives the traffic (based on the destination MAC address) and forwards it down the appropriate path. In this configuration, failure is best handled through a Steelhead appliance s fail to wire setting, which directly connects LAN and WAN as if the Steelhead appliance was not part of the network flow. This causes all traffic to flow down the default, routed path in the event of an appliance failure. 3 3 2 3 1 2 3 Figure 3. Dual Steelhead Appliances in Redundant Branch 1. Traffic from the clients arrives at the active Steelhead appliance and is classified by path selection rules. 2. Traffic is then forwarded out the appropriate Steelhead appliance s WAN interface according to the rules. 3. The appropriate upstream router receives the traffic and forwards it down the appropriate path. In this configuration, failure is best handled through a Steelhead appliance s fail to block setting, which sends the traffic to the redundant Steelhead appliance.

DESIGN CONSIDERATIONS Return traffic flows in the Datacenter As a transparent overlay solution, path selection technology does not interfere with the routing layer. Accordingly, to ensure both directions of a given flow use the same path, customers should place Steelhead appliances with the same path selection policy configuration on both sides of the path. Firewalls and application flow engine detection The Riverbed Application Flow Engine (all Deep Packet Inspection DPI technologies for that matter) can require multiple packets to appropriately classify an application. Stateful inspection firewalls generally need to see all traffic on a flow, starting with the initial SYN packet. Because of that, firewalls merit special consideration if using AFE-based rules for traffic selection. If path selection using AFE-based rules classifies an application after the initial SYN packet, and then switches that path to a path with a firewall running stateful inspection, that firewall will most likely drop that flow, as the firewall has no connection entry for that session. You can resolve this by making the firewall path the default path for unclassified traffic. (See the Path Selection Design Guide for the Steelhead Product Family for full details.) Client default gateways for single-subnet branches If path selection technology is deployed in a branch with clients on the same subnet as the routers terminating the different paths, care must be taken to ensure the clients default gateway IP address remains highly available. Riverbed recommends using Virtual Router Redundancy Protocol (VRRP), or a similar mechanism, to ensure responses to client Address Resolution Protocol (ARP) requests in the event of router failure. LEARN MORE ABOUT HYBRID NETWORKING A hybrid network when controlled by Riverbed path selection technology for Steelhead solutions combines the WAN and private and public Internet to increase available bandwidth and increase application performance and network reliability at the lowest cost possible. It allows enterprises to get the benefits of a hybrid network without the underlying complexity of managing multiple links in a branch. Steelhead appliances with path selection technology can help you maximize return on your application and infrastructure investments. To learn all the details, contact us today at http://www.riverbed.com/hybridnetwork ABOUT RIVERBED Riverbed Technology is the leader in Application Performance Infrastructure, delivering the most complete platform for locationindependent computing. Location-independent computing turns location and distance into a competitive advantage by allowing IT to have the flexibility to host applications and data in the most optimal locations while ensuring applications perform as expected, data is always available when needed, and performance issues are detected and fixed before end users notice. Riverbed s 24,000+ customers include 97% of the Fortune 100 and 95% of the Forbes Global 100. Learn more at www.riverbed.com. 2014 Riverbed Technology. All rights reserved. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed Technology. All other trademarks used herein belong to their respective owners. The trademarks and logos displayed herein may not be used without the prior written consent of Riverbed Technology or their respective owners.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information