Telecom infrastructure failures can lead to a loss of communication with regional branches and difficulties in the operation of business applications and customer services. All this threatens with financial losses - direct and indirect - and reputational risks in the eyes of clients, partners, and investors.

CROC solutions include a number of systems that are aimed at identifying and eliminating all possible reasons failures, such as: configuration errors, incompatibility of systems and software, performance problems, excessive traffic consumption. These software and hardware products allow you to optimize the operation of applications, increase the efficiency of using communication channels, optimize the backup of important data, and quickly conduct an inventory of elements of an extensive IT infrastructure.

A separate class of solutions is responsible for the security of telecom infrastructure. Tools such as next generation firewalls (NGFW), systems for searching for vulnerabilities in applications and filtering web traffic block attempts by attackers to penetrate the information security perimeter and repel cyber attacks, including DDoS. Integrated solutions based on these products protect CROC customers from the most sophisticated attacks, including those designed specifically for their company and using “zero-day vulnerabilities” for which official fixes have not yet been released.

Optimizing network performance relieves communication channels, reducing the number of failures and equipment downtime due to overload. By reducing bandwidth requirements and increasing data transfer speeds, recovery of backups in remote branches is accelerated without the need for additional investment in communications.

Traffic prioritization technologies make it possible to highlight useful data in the general flow and ensure its delivery regardless of network congestion. The types of important traffic can be flexibly configured and changed depending on the situation - for example, during the closing of the reporting period, priority should be given to information from ERP systems, etc.

By increasing the efficiency of using network infrastructure, the company is able to process large amounts of information faster, including using Big Data technologies. This gives businesses a deeper understanding of the market situation, allows them to model and test various development scenarios, optimize business processes, strengthening their competitive positions.

Projects

Main partners

58613 60877

Riverbed Technology - a world leader in the optimization of global data networks. Riverbed provides end-to-end solutions that enable enterprises to reduce network modernization costs and improve the efficiency of running enterprise applications and data.

Status:

• Elite partner since 2014
• The first and only Platinum partner in Russia since 2012.
• Gold partner since 2011
• Service partner since 2010

58613 60876

Palo Alto Networks™ is a market leader in network security and the creator of a comprehensive next-generation information security platform that consists of an innovative firewall, an intelligent threat protection service called WildFire, and a unique host-level protection system called Traps. Palo Alto Networks' next-generation firewalls, based on patented App-ID™ technology, accurately identify and control applications—regardless of port, protocol, behavior, or encryption—and scan content to prevent threats and data leaks while allowing traffic to be inspected from binding to specific users, and not IP addresses, which gives unprecedented opportunities for effective management and reducing administrative costs.

• Tutorial

The “efficiency” of a standard WAN is only about 10%

If you look into almost any communication channel between a company branch and a data center, you can see a rather suboptimal picture:

• Firstly, a lot is transmitted (up to 60–70% of the channel) redundant information, which has already been requested one way or another.
• Secondly, the channel is busy chatty apps, designed to work in a local network, they exchange short messages, which negatively affects their performance in the communication channel.
• Thirdly, myself TCP protocol originally created for local networks and is perfect for low RTT delays and no packet loss in the network. In real channels, when packets are lost, the speed degrades greatly and is slowly restored due to large RTTs.

I work as the head of the engineering team of the telecommunications department of CROC and regularly optimize communication channels of data centers of both ours and energy companies, banks and other organizations. Below I will tell you the basics and give the most interesting, in my opinion, solution.

Compression and deduplication

The first problem has already been described: a lot of redundant, duplicate data is transmitted in the channel. The most striking example is a Citrix farm in which branches of a bank operate: in a single office, 20–30 people can request the same data different cars. Accordingly, the channel could easily be unloaded by 60–70% due to deduplication.

On Citrix itself, of course, you can enable data compression, but the efficiency (compression) is several times lower than on specialized traffic optimizers. Mainly due to the fact that optimizers not only compress data, but also deduplicate. The traffic of the entire branch passes through the optimizer. And the more users in the branch, the more repeated user requests and the greater the effect of deduplication. For a single user, standard compression, such as Limpel-Ziv, may be even higher than deduplication, but if you have more devices, deduplication will come first.

As a rule, optimizers are software packages, but they can also be implemented in the form of virtual machines. To optimize traffic on a communication channel, optimizers must be installed on both sites. Optimizers are installed before VPN gateways, since deduplication of encrypted traffic is useless.

The deduplication algorithm is as follows:

It remains to add that the dictionary is constantly updated and, thanks to a special algorithm, the most popular data blocks remain in the dictionary.

We see a fundamental difference from traditional caching devices. Caching devices operate at the file level. If the file has undergone any changes, even minor ones, then it must be transferred again. Optimizers work at the level of data blocks, and when a previously transferred file changes, only the changes will be sent to the communication channel, and the rest will be replaced by links.

Another problem is that TCP speed is limited by the window size (TCP Windows Size). Window size is the amount of data transmitted by the sender before receiving confirmation from the recipient. At the same time, to transmit compressed traffic, it is necessary to transmit TCP Windows Size fewer times, which leads to an increase in transmission speed.

So again, it works like this:

• Device A deduplicates traffic.
• Device B collects the “big picture” from its local storage.
• Both of these devices work symmetrically.
• Both of these devices do not in any way affect the infrastructure and configuration of everything that lies behind them, that is, they are simply included in the channel break, for example, at the exit from the data center and the entrance to the regional office of the company.
• The devices do not in any way restrict communication with nodes where there are no such devices.

Deduplication for encrypted channels

An encrypted channel is clearly less suitable for compression and deduplication, that is, there is almost no practical benefit from working with already encrypted traffic. Therefore, optimizers are included in the gap to the encryption device: the data center sends the data to the optimizer, the optimizer sends it for encryption (for example, in a secure VPN channel), on the other side the traffic is decrypted and sent to the optimizer on the spot, and it sends it to the network. This is a standard function of “optimizer boxes”, and all this happens without reducing the risks of traffic compromise.

Deduplication for mobile workers

In recent years, quite often people with laptops and tablets work directly with data centers, who also need a lot of data (the same images of virtual machines or samples from the database). They do not use “optimizer boxes”, but special software that simply consumes part of the processor resources and part of the hard drive for the same purposes. In fact, we are trading some reduction in laptop performance and cache space on the hard drive for a faster channel. Users usually do not notice anything other than faster network services.

Who makes these optimizers?

We use Riverbed solutions. This company was founded in 2002, and in 2004 introduced its first model of optimizers for communication channels. Riverbed products and solutions, including WAN optimization, performance management, application delivery, and warehouse acceleration, enable IT professionals to increase and manage performance. Optimizers are very easy to integrate into the network. The easiest way is to install “in the gap” from the LAN side to the router or VPN gateway.

Competitive solutions. The Riverbed company in 2013 occupied 50% of the market of the WAN optimization segment.

From the point of view of the customer’s commercial director, these are several boxes that, after simply being connected to the network, speed up slow channels by 2–3 times and reduce channel load by 2 times. Almost everyone loves them for this!

Connecting the optimizer

The simplest and reliable way- “into the gap” between the edge router and the LAN switch. If the optimizer fails, it shorts the contacts of the LAN and WAN interfaces - and traffic simply passes through it, like through a regular crossover cable. Accordingly, seeing unoptimized traffic, the optimizer on the other side also simply passes it through itself without processing.

Respectively:

• Connection between the branch and the optimizer and the data center with the optimizer - traffic is optimized.
• Communication between a branch without an optimizer and a data center with an optimizer - the data center optimizer simply transparently passes traffic without changes.
• Communication between a branch and an optimizer and a data center with an optimizer when any of the optimizers fails - the traffic simply is not compressed and flows “as is”.

Naturally, in data centers, optimizers are clustered for fault tolerance or capacity expansion, plus they are equipped with Interceptor balancers. But more on that below, when we get to specific equipment.

TCP acceleration

TCP speed is limited by the window size. The window is the amount of information that the server can send to the client before receiving confirmation of receipt.

Standard TCP behavior looks like this:

• slow acceleration of connections, the size of the TCP window increases;
• in case of packet loss - a sharp drop in speed (window reduction by 2 times);
• and again slowly increasing it (increasing the window);
• again packet loss and bandwidth sagging and so on.

The orange “saw” on the graph is standard TCP behavior

On links with large bandwidth but some level of loss and high RTT delays, the available bandwidth is used inefficiently, meaning the link is never fully loaded.

Riverbed was thinking along similar lines. And since we already have optimizer boxes at the input and output, it would be stupid not to use them to modify the TCP protocol to avoid standard problems. Therefore, optimizers can not only optimize traffic at the data level (deduplication/compression), but also speed up the transport layer.

Here are a number of modes available for TCP acceleration:

• HighSpeed ​​TCP mode - here the speed reaches its maximum much faster than when working normally with TCP. In case of losses, it does not sag as low or as much as standard TCP;
• MaxTCP mode - uses 100% of the bandwidth without slowdowns. The packet is lost - no slowdown occurs. However, this mode requires configuring QoS rules to define limits on the available bandwidth that MX-TCP traffic can occupy;
• SCPS mode - designed specifically for satellite communication channels. Here the bands are not limited, as in MaxTCP. SCPS adapts perfectly to the floating characteristics of satellite channels.

Application optimization

Many applications are “chatty”, that is, they can send up to 50 packets when one is enough. As I already said, this is a consequence of designing for local networks, and not for working through long-distance communication channels. Using optimizers, the number of round trips is reduced by more than 50 times.

This is what it looks like:

Optimizers act as transparent proxies at layer seven for a number of the most common application protocols.

The Data Center Optimizer acts as a client in relation to the server. The branch office optimizer acts as a server in relation to clients. Thus, ineffective, chatty application communication remains on the local network. Application messages are exchanged between optimizers in a form more suitable for communication channels - the number of messages is reduced.

Riverbed optimization devices can accelerate the following application protocols at layer seven:

Interestingly, there are also encrypted applications, including encrypted Citrix and MAPI. When optimizing encrypted traffic, there is no reduction in the level of security.

Examples of application acceleration. In a real network, the speedup will depend on the communication channel. The worse the communication channel, the greater the acceleration rates can be achieved.

Typical connection diagram

Steelhead optimizers are placed before the data link, but before the encryption devices. For data centers with special requirements, clustering is also used to improve reliability, plus Interceptor load balancers.

Result (example)

Green – WAN traffic. Blue – LAN traffic. Without the Riverbed optimizer they would be the same.

The highlighted column shows the compression percentage by TCP ports.

Iron rulers

Capacity can be expanded by license. To improve performance, in some cases a hardware upgrade is required. Upgrade options within the platform are shown with green arrows.

The younger model is suitable even for a small online store: it starts from 1 megabit per second and 20 channels. And the flagship supports up to 150,000 simultaneous open connections on 1.5 gigabit per second channels. If this is not enough, the Inteceptor balancer is used. Clusters of balancers and optimizers allow you to work with a channel of up to 40 gigabits per second with 1 million connections open simultaneously.

How much is the price list?

The junior model starts from about 100 thousand rubles, the device for medium-sized data centers costs 1.1 million rubles, and for large data centers starts from 5.5 million rubles. At the same time, the price varies quite a lot depending on specific usage patterns, plus there may be discounts, so the numbers mentioned are purely approximate, it is better to check by mail (it is at the end of the topic). The payback of such solutions for medium and big business It’s quite easy to calculate, just estimating that you will have 30 to 60% of the channel freed up (again, I can give you a specific figure with an accuracy of 10% by mail, depending on the type of channel utilization), and users will not complain about application slowdowns.

More Riverbed elements:

After the channel is optimized in the described way, we most often monitor and resolve problems with specific services and equipment. In practice, these are whole detective stories. I'll tell you about them a little later. If interested, subscribe to CROC's corporate blog on Habré.

For whom did I implement it specifically:

I don't have the right to name all customers, but I can say that Riverbed's traffic optimization solution has been used for:

• five largest representatives of the banking sector;
• large gold mining company;
• large logistics company;
• a number of smaller companies.

Questions

If you are interested in something specific, ask in the comments or by email [email protected] . By the same email I can send a price calculation, implementation schemes and an assessment of channel optimization after discussing your specific situation. It is clear that an accurate assessment is only possible after the test, but on average the error after discussion is about 10%.

Tags: Add tags

Comments 39

The “efficiency” of a standard WAN is only about 10%

If you look into almost any communication channel between a company branch and a data center, you can see a rather suboptimal picture:

• Firstly, a lot is transmitted (up to 60–70% of the channel) redundant information, which has already been requested one way or another.
• Secondly, the channel is busy chatty apps, designed to work in a local network, they exchange short messages, which negatively affects their performance in the communication channel.
• Thirdly, myself TCP protocol originally created for local networks and is perfect for low RTT delays and no packet loss in the network. In real channels, when packets are lost, the speed degrades greatly and is slowly restored due to large RTTs.

I work as the head of the engineering team of the telecommunications department of CROC and regularly optimize communication channels of data centers of both ours and energy companies, banks and other organizations. Below I will tell you the basics and give the most interesting, in my opinion, solution.

Compression and deduplication

The first problem has already been described: a lot of redundant, duplicate data is transmitted in the channel. The most striking example is a Citrix farm in which branches of a bank operate: in a single office, 20–30 different machines can request the same data. Accordingly, the channel could easily be unloaded by 60–70% due to deduplication.

On Citrix itself, of course, you can enable data compression, but the efficiency (compression) is several times lower than on specialized traffic optimizers. Mainly due to the fact that optimizers not only compress data, but also deduplicate. The traffic of the entire branch passes through the optimizer. And the more users in the branch, the more repeated user requests and the greater the effect of deduplication. For a single user, standard compression, such as Limpel-Ziv, may be even higher than deduplication, but if you have more devices, deduplication will come first.

As a rule, optimizers are software packages, but they can also be implemented in the form of virtual machines. To optimize traffic on a communication channel, optimizers must be installed on both sites. Optimizers are installed before VPN gateways, since deduplication of encrypted traffic is useless.

The deduplication algorithm is as follows:

It remains to add that the dictionary is constantly updated and, thanks to a special algorithm, the most popular data blocks remain in the dictionary.

We see a fundamental difference from traditional caching devices. Caching devices operate at the file level. If the file has undergone any changes, even minor ones, then it must be transferred again. Optimizers work at the level of data blocks, and when a previously transferred file changes, only the changes will be sent to the communication channel, and the rest will be replaced by links.

Another problem is that TCP speed is limited by the window size (TCP Windows Size). Window size is the amount of data transmitted by the sender before receiving confirmation from the recipient. At the same time, to transmit compressed traffic, it is necessary to transmit TCP Windows Size fewer times, which leads to an increase in transmission speed.

So again, it works like this:

• Device A deduplicates traffic.
• Device B collects the “big picture” from its local storage.
• Both of these devices work symmetrically.
• Both of these devices do not in any way affect the infrastructure and configuration of everything that lies behind them, that is, they are simply included in the channel break, for example, at the exit from the data center and the entrance to the regional office of the company.
• The devices do not in any way restrict communication with nodes where there are no such devices.

Deduplication for encrypted channels

An encrypted channel is clearly less suitable for compression and deduplication, that is, there is almost no practical benefit from working with already encrypted traffic. Therefore, optimizers are included in the gap to the encryption device: the data center sends the data to the optimizer, the optimizer sends it for encryption (for example, in a secure VPN channel), on the other side the traffic is decrypted and sent to the optimizer on the spot, and it sends it to the network. This is a standard function of “optimizer boxes”, and all this happens without reducing the risks of traffic compromise.

Deduplication for mobile workers

In recent years, quite often people with laptops and tablets work directly with data centers, who also need a lot of data (the same images of virtual machines or samples from the database). They do not use “optimizer boxes”, but special software that simply consumes part of the processor resources and part of the hard drive for the same purposes. In fact, we are trading some reduction in laptop performance and cache space on the hard drive for a faster channel. Users usually do not notice anything other than faster network services.

Who makes these optimizers?

We use Riverbed solutions. This company was founded in 2002, and in 2004 introduced its first model of optimizers for communication channels. Riverbed products and solutions, including WAN optimization, performance management, application delivery, and warehouse acceleration, enable IT professionals to increase and manage performance. Optimizers are very easy to integrate into the network. The easiest way is to install “in the gap” from the LAN side to the router or VPN gateway.

Competitive solutions. The Riverbed company in 2013 occupied 50% of the market of the WAN optimization segment.

From the point of view of the customer’s commercial director, these are several boxes that, after simply being connected to the network, speed up slow channels by 2–3 times and reduce channel load by 2 times. Almost everyone loves them for this!

Connecting the optimizer

The simplest and most reliable way is “in the gap” between the edge router and the LAN switch. If the optimizer fails, it shorts the contacts of the LAN and WAN interfaces - and traffic simply passes through it, like through a regular crossover cable. Accordingly, seeing unoptimized traffic, the optimizer on the other side also simply passes it through itself without processing.

Respectively:

• Connection between the branch and the optimizer and the data center with the optimizer - traffic is optimized.
• Communication between a branch without an optimizer and a data center with an optimizer - the data center optimizer simply transparently passes traffic without changes.
• Communication between a branch and an optimizer and a data center with an optimizer when any of the optimizers fails - the traffic simply is not compressed and flows “as is”.

Naturally, in data centers, optimizers are clustered for fault tolerance or capacity expansion, plus they are equipped with Interceptor balancers. But more on that below, when we get to specific equipment.

TCP acceleration

TCP speed is limited by the window size. The window is the amount of information that the server can send to the client before receiving confirmation of receipt.

Standard TCP behavior looks like this:

• slow acceleration of connections, the size of the TCP window increases;
• in case of packet loss - a sharp drop in speed (window reduction by 2 times);
• and again slowly increasing it (increasing the window);
• again packet loss and bandwidth sagging and so on.

The orange “saw” on the graph is standard TCP behavior

On links with large bandwidth but some level of loss and high RTT delays, the available bandwidth is used inefficiently, meaning the link is never fully loaded.

Riverbed was thinking along similar lines. And since we already have optimizer boxes at the input and output, it would be stupid not to use them to modify the TCP protocol to avoid standard problems. Therefore, optimizers can not only optimize traffic at the data level (deduplication/compression), but also speed up the transport layer.

Here are a number of modes available for TCP acceleration:

• HighSpeed ​​TCP mode - here the speed reaches its maximum much faster than when working normally with TCP. In case of losses, it does not sag as low or as much as standard TCP;
• MaxTCP mode - uses 100% of the bandwidth without slowdowns. The packet is lost - no slowdown occurs. However, this mode requires configuring QoS rules to define limits on the available bandwidth that MX-TCP traffic can occupy;
• SCPS mode - designed specifically for satellite communication channels. Here the bands are not limited, as in MaxTCP. SCPS adapts perfectly to the floating characteristics of satellite channels.

Application optimization

Many applications are “chatty”, that is, they can send up to 50 packets when one is enough. As I already said, this is a consequence of designing for local networks, and not for working through long-distance communication channels. Using optimizers, the number of round trips is reduced by more than 50 times.

This is what it looks like:

Optimizers act as transparent proxies at layer seven for a number of the most common application protocols.

The Data Center Optimizer acts as a client in relation to the server. The branch office optimizer acts as a server in relation to clients. Thus, ineffective, chatty application communication remains on the local network. Application messages are exchanged between optimizers in a form more suitable for communication channels - the number of messages is reduced.

Riverbed optimization devices can accelerate the following application protocols at layer seven:

Interestingly, there are also encrypted applications, including encrypted Citrix and MAPI. When optimizing encrypted traffic, there is no reduction in the level of security.

Examples of application acceleration. In a real network, the speedup will depend on the communication channel. The worse the communication channel, the greater the acceleration rates can be achieved.

Typical connection diagram

Steelhead optimizers are placed before the data link, but before the encryption devices. For data centers with special requirements, clustering is also used to improve reliability, plus Interceptor load balancers.

Result (example)

Green – WAN traffic. Blue – LAN traffic. Without the Riverbed optimizer they would be the same.

The highlighted column shows the compression percentage by TCP ports.

Iron rulers

Capacity can be expanded by license. To improve performance, in some cases a hardware upgrade is required. Upgrade options within the platform are shown with green arrows.

The younger model is suitable even for a small online store: it starts from 1 megabit per second and 20 channels. And the flagship supports up to 150,000 simultaneous open connections on 1.5 gigabit per second channels. If this is not enough, the Inteceptor balancer is used. Clusters of balancers and optimizers allow you to work with a channel of up to 40 gigabits per second with 1 million connections open simultaneously.

How much is the price list?

The junior model starts from about 100 thousand rubles, the device for medium-sized data centers costs 1.1 million rubles, and for large data centers starts from 5.5 million rubles. At the same time, the price varies quite a lot depending on specific usage patterns, plus there may be discounts, so the numbers mentioned are purely approximate, it is better to check by mail (it is at the end of the topic). It is quite easy to calculate the payback of such solutions for medium and large businesses, simply estimating that you will free up from 30 to 60% of the channel (again, I can give you a specific indicator with an accuracy of 10% by mail, depending on the type of channel utilization), and users will not complain about application lags.

More Riverbed elements:

After the channel is optimized in the described way, we most often monitor and resolve problems with specific services and equipment. In practice, these are whole detective stories. I'll tell you about them a little later. If interested, subscribe to CROC's corporate blog on Habré.

For whom did I implement it specifically:

I don't have the right to name all customers, but I can say that Riverbed's traffic optimization solution has been used for:

• five largest representatives of the banking sector;
• large gold mining company;
• large logistics company;
• a number of smaller companies.

Questions

If you are interested in something specific, ask in the comments or by email [email protected] . By the same email I can send a price calculation, implementation schemes and an assessment of channel optimization after discussing your specific situation. It is clear that an accurate assessment is only possible after the test, but on average the error after discussion is about 10%.

Currently there are quite a few on the Russian market wide range equipment that falls under the definition of “WAN traffic optimizers”. This article discusses questions about the purpose of this equipment, the principles of its operation, the features of implementation in the network and the expected effectiveness of use.

First of all, let's look at the latest trends in the development of corporate networks. A modern distributed corporate data network (DCDN) usually contains LANs of the Central Office and a number of remote offices that have connections via WAN channels to the resources of the Central Office (a typical structure is shown in Fig. 1). Many companies consolidate information and computing resources in Data Processing Centers (DPCs), which are also accessed through dedicated communication channels. Internet access is provided directly from offices or centrally (i.e., a remote office is connected via a WAN channel to the Central office or data center, and through it access to the Internet is provided).

The company's information resources are also accessed by mobile users who work while traveling, from the company's customer networks, or from home; they usually use an Internet connection.

This KSPD structure is typical, for example, for the banking sector, insurance and retail companies. It is these companies that primarily benefit from the use of WAN traffic optimization solutions.

Currently, there are the following development trends or changes in KSPD:

1. Increasing centralization of information and computing resources. Applications are deployed on servers located in dedicated data centers; only application clients are used at workstations. Application servers are moved from branches to data centers.
2. Mobility. The number of accesses to information resources from mobile users is increasing.
3. Widespread use of the Internet. To organize communication between offices, the Internet is used instead of dedicated WAN channels.

Inevitably, as a consequence of these trends, additional requirements appear on the organization’s IT infrastructure.

With centralized services, the loss of communication between the data center and the office can lead to a shutdown of the office, and failure of the data center can lead to the company as a whole. To prevent this threat, companies resort to building backup data centers with data synchronization between the main and backup centers; several channels are organized between the data center and the office through independent telecom operators.

Rice. 1. Typical structure of KSPD

Application centralization requires increased bandwidth and reduced latency on communication channels to maintain acceptable application speeds. Instead of expanding channel bandwidth, terminal servers (such as Citrix or MS Remote Desktop) are often installed in the data center and access to applications is provided through them. The effect is achieved due to the fact that remote access to terminal servers requires relatively little bandwidth, and communication with applications from the terminal server occurs at LAN speed.

Access to a corporate network via the Internet requires the use of protection against unauthorized access in the data center, especially in the case of mobile users.

When using the Internet for remote access to corporate applications, it is subject to requirements similar to those for WAN channels, namely: high reliability, throughput and low latency. Currently, the Internet often does not meet these expectations.

WAN traffic optimization equipment must first of all solve the problem of increasing requirements for the bandwidth of WAN channels and increasing the efficiency of their use. The use of these solutions can reduce the requirements for the Internet as an alternative to dedicated channels. In addition, installing optimization equipment on WAN links connecting the primary and backup data centers can significantly speed up data synchronization between data centers and reduce bandwidth requirements.

To understand the areas of application of WAN traffic optimization equipment, let’s consider its capabilities.

Tasks and methods of operation of WAN traffic optimizers

As the name of the equipment class suggests, it is designed to increase the efficiency of using WAN channels in corporate data networks. This means:

• reducing the amount of data transmitted over WAN channels required for application operation;
• increasing the utilization of available bandwidth of WAN channels, efficient distribution of bandwidth between traffic of various applications;
• bringing the speed of network applications over WAN channels closer to the speed of their work on the LAN.

Reducing the amount of data transferred

To reduce the volume of transmitted traffic, a data compression mechanism is used. Typically, stream compression algorithms of the LZ family are used. In addition, duplicate data blocks are excluded from transmission. The effectiveness of such compression depends on the types of traffic being transmitted. HTML page data or XML requests are compressed quite well, while already compressed or encrypted data is almost impossible to compress.

The second method of reducing the amount of transmitted traffic is caching. Since traffic passes through two optimization devices, it is possible to cache data that has already been transmitted once and in the future, instead of retransmitting the data itself, transmit only links to it.

Equipment optimization in in this case functions as a TCP proxy, breaking one TCP session into three parts - between the client and the nearest WAN optimizer, between two WAN optimizers and between the WAN optimizer and the server. In this case, both the client and the server believe that they are exchanging traffic directly; the optimization equipment is “transparent” to them.

Working in combination with compression and caching, the reduction in data transfer volume for certain types of traffic can reach 100 times or more (usually when sending identical or only edited files, downloading updates, etc.).

In practical implementations, it was possible to achieve a general reduction in actually transmitted traffic by 5-6 times on working channels.

Table 1. Dependence of utilization of communication channels on delays and TCP window sizes

TcpWindo wSize (Kbytes)	Round trip delay, ms	Maximum speed one TCP session (Mbit/s)	Channel capacity utilization, %
			10 Mbit/s	100 Mbit/s	1000 Mbit/s
8	15	4,27	42,67	4,27	0,43
8	100	0,64	6,40	0,64	0,06
64	15	34,13	100,00	34,13	3,41
64	100	5,12	51,20	5,12	0,51

Increasing channel bandwidth utilization

Not in all cases, simply increasing the channel bandwidth can lead to faster application and data transfer speeds. The data transfer rate for one TCP session depends on the size of the TCP window and the delay in the channel. With high latency, even a wide channel may remain underutilized. The maximum speed of a TCP session for channels of various bandwidths and data loading through the channel, depending on the delay, is shown in the table.

In addition, the standard reaction of a TCP session to packet loss is to reduce the window size by almost half, and then linearly increase its size. As a result, after a packet drops, the transmission speed for a TCP session decreases sharply and then gradually recovers.

To avoid such situations, there are modifications of the TCP protocol, for example, such as HS TCP (RFC 3649, 3742). This modification differs from the standard one in that the reduction in transmission speed when a packet is lost decreases slightly, and then increases exponentially. A comparison of the behavior of the standard and modified TCP protocols is presented.

In addition, hardware manufacturers often add their own modifications to the behavior of TCP sessions that allow efficient loading of large channels.
delays (for example, satellite channels).

Rice. 2. Dividing the session into three parts

Rice. 3. Reaction to loss of “standard” and HS TCP packets

Bandwidth Allocation

By passing user data through themselves, optimizers are able to allocate bandwidth for specific application traffic. In addition, by reducing the volume of traffic transmitted to the WAN, bandwidth is freed up for the remaining traffic that is not optimized.

Speeding up applications

Acceleration can be achieved by increasing the data transfer rate for one session and reducing the amount of transmitted traffic. However, such tools are not suitable for accelerating applications that require constant communication with the server and receiving confirmations from it.

For example, many applications use a large number of requests and confirmations to establish a connection between a client and a server, which are of the same type and are not used further. In a local network, these transactions occur quickly; in the case of a WAN network, delays at the connection establishment stage can become noticeable.
To reduce delays, WAN optimization equipment can intervene in the establishment of such connections and eliminate the transmission of “unnecessary” requests over the WAN channel. In this case, the connection establishment procedure will look standard for the client and server.

For such intervention, the equipment must “understand” the running application and know how to optimize traffic at the application level. Each manufacturer supports its own set of optimized applications. Almost all manufacturers support HTTP, CIFS, MAPI, NFS traffic optimization. The presence of a wider range is a competitive advantage of this or that equipment.

To “understand” the protocols, the transmitted data must not be encrypted. The exception is SSL traffic, optimization of which is also supported by almost all manufacturers. However, to optimize SSL, you must share your server SSL keys with the appropriate people.

In addition, manufacturers offer additional features aimed at facilitating the centralization of services and reducing the amount of equipment needed in remote offices. The list of these functions differs for each manufacturer. Such “bonuses”, for example, include:

• the ability to run virtual servers in a remote office on the hardware of WAN optimization equipment (domain controllers, print servers, etc.);
• organizing local caches of dedicated directories from file servers located in the Data Processing Center1;
• using the WAN optimizer as an Internet proxy server for the branch2.

Riverbed's Steelhead line currently offers the widest range of applications that can be optimized at the application level. This is the following set of protocols:

• CIFS Print
• Lotus Notes
• Sharepoint
• SRDF/A
• Citrix ICA
• Oracle Forms
• SMB Signing
• Encrypted MAPI
• MS&SQL
• CIFS Mac
• Outlook Anywhere

Application options for WAN optimization equipment

Now that it is clear what and how WAN traffic optimization equipment can do, let’s consider how and when it should be used. The use of this equipment is advisable in distributed corporate networks in which there is a need to transfer data over WAN channels between remote branches, offices and data centers.

Practical experience in implementing WAN traffic optimizers shows its high efficiency in corporate distributed networks.

Installing equipment in data centers and remote offices allows you to reduce the volume of traffic transmitted over WAN channels by 3-5 times. At the same time, at certain moments the data transfer speed increases 100 times or more.

The implementation of WAN optimization solutions on satellite channels, which are characterized by large delays, shows good efficiency. In this case, application acceleration is ensured not only by caching tools, but also by more efficient use of channel bandwidth. In a number of cases, before the introduction of equipment, the maximum utilization of a satellite channel did not exceed 30-40%, while the implementation of WAN optimization solutions made it possible to increase the peak load of satellite channels to 100% (while reducing the total volume of traffic transmitted over the channel).

Implementation of WAN optimization equipment

For WAN traffic optimizers to work, it is necessary for it to pass through two optimization devices - on the client side before entering the WAN network and on the server side after leaving the WAN network.

Rice. 4. Installation points for WAN traffic optimization equipment

Principles of building a WAN traffic optimization system

1. As already mentioned, traffic must pass through two optimization devices - before the traffic enters the WAN network and after it leaves it. Optimization equipment should be located as close as possible to traffic sources and consumers.
2. When installing equipment, it is necessary to ensure that the connection between the client and the server is maintained in the event of its failure.
3. The traffic must not be encrypted, otherwise the optimization hardware will not be able to process it at the application level.
4. It is required to ensure interaction between optimization equipment for sending service information and optimized traffic.

Organizing the passage of traffic through optimization equipment is possible in the following ways:

• installation of equipment “in the gap”. This is often the easiest option to install. With this connection, the equipment is placed on the traffic channel, physically breaking it into two parts: one section of the channel is included in the first physical interface of the optimizer, the other in the second;
• redirecting traffic to optimizers using routing policies (PBR - Policy Based Routing). In this case, only the necessary traffic can be redirected to optimizers, and data that is not subject to optimization can be passed through without changes;
• Using the WCCP v.23 protocol allows optimizers to dynamically interact with routers. Maintaining the connection between the client and the server in the event of equipment failure (disconnection) is possible in all of the following connection options:
• If equipment is installed “in a gap,” the connection interfaces are equipped with physical bypasses, which allow traffic to pass through in the event of equipment failure or shutdown.
• When applying routing policies to redirect traffic to equipment, it is possible to check the availability of its IP addresses and redirect traffic only when it occurs.
• When using the WCCP v.2 protocol, traffic is redirected only to optimizers that announce their readiness to receive data. Otherwise, the traffic is transmitted further without changes.

Optimizers analyze the transmitted data down to the application layer, and traffic must reach them before passing through encryption equipment. Typically, equipment is installed inside the corporate network before traffic exits the firewalls.

When installing traffic optimizers behind firewalls, you must ensure that they communicate with each other to forward service information and optimized traffic. Typically, this requires firewalls to allow traffic between optimizer interface addresses on certain TCP ports.

Installing equipment leads to changes in traffic transmitted over WAN channels. Therefore, you need to pay attention to ensuring that the company’s security policies and configured rules for prioritizing traffic in WAN channels are not violated.

Major equipment manufacturers

Gartner's annual surveys of WAN optimization solutions highlight the major players in the WAN traffic optimizer market. The position of manufacturers from Gartner's point of view as of December 2010 is presented at.

Rice. 5. “Magic square” of WAN traffic optimizer manufacturers

Riverbed Technology is a Gartner Leader with its Steelhead line of hardware. Currently, this company represents
provides the most flexible, functional and highly scalable traffic optimization solutions. Riverbed-based solutions should be considered if you need to organize an optimization system on a network with a complex topology or a large number of remote offices.

The advantages of Riverbed Technology solutions primarily include:

• the widest range of applications for which traffic optimization is supported at level seven;
• simplicity and the ability to automatically detect equipment on the network allow you to minimize the time it takes to launch the solution;
• data caching algorithms allow you to optimally use the cache volume and build highly scalable solutions;
• Traffic optimization solutions for mobile users use the same equipment as for fixed offices, this makes it possible to increase the efficiency of solutions and avoid building two parallel WAN traffic optimization systems.

Among other companies present on the Russian market, the following should be highlighted:

• Blue Coat Systems with the ProxySG line of equipment. This equipment is the most advanced in terms of integration with the security system. ProxySGs can also act as proxy servers to provide access to the Internet. It is recommended to consider solutions based on Blue Coat if you need to organize direct access to the Internet from remote offices.
• Cisco Systems - WAAS equipment. WAAS functionality is currently implemented in both individual devices and modules for the Cisco Integrated Services Router and IOS features. Achieves the best integration with comprehensive solutions building networks based on Cisco equipment. It is recommended, if necessary, to optimize the delivery of video content from the data center to remote offices.
• Citrix Systems with its Branch Repeater (formerly WANScaler) line of hardware. It makes sense to consider it if it is necessary to optimize Citrix ICA traffic and Windows application traffic.
• Juniper Networks with a line of WXC optimizers, available both as standalone devices and as modules for J-series routers. Close integration with the Juniper equipment line makes it advisable to consider this product for networks built on the equipment of this manufacturer.

Solutions for mobile users

For mobile users, it is proposed to use software WAN traffic optimizers, which are installed on mobile computers and connected to central optimizers. The operation of such software WAN optimizers is practically no different from hardware optimizers installed in remote offices. For some manufacturers, mobile and “stationary” solutions may use the same central optimization devices (which is usually more efficient) or require the construction of two independent systems optimization.

Traffic on WAN channels

After passing through the optimization equipment, the following traffic enters the WAN:

• Unoptimized (traffic that cannot be optimized or is excluded from optimization for certain reasons). This is usually the original client and server traffic. It is processed by firewalls according to existing rules.
• Service traffic between traffic optimizers. It serves to organize interaction between traffic optimizers. This usually requires additional rules for the ME.
• Optimized traffic that can be transmitted between WAN&optimizers in different modes:
• transmission of data in packets with the addresses of traffic optimizers over dedicated ports, while it is possible to establish a secure connection between traffic optimizers. The packets send both the previously untransmitted data itself and links to data in the optimizer cache. Intermediate network devices “see” the transmitted traffic and “do not understand” its real purpose;
• transferring data in packets using IP addresses of optimizers, but preserving the original TCP ports. For intermediate network devices, traffic looks the same as in the previous paragraph, but based on TCP ports, you can maintain priorities for certain types of data, prohibit or allow the passage of certain types of traffic;
• data about TCP ports and IP addresses in the packet headers is saved, the contents of the packets are changed to links and other service information necessary for WAN optimizers to optimize sessions. In this case, the intermediate equipment “sees” the session between the original client and server. The ME can allow or deny a session based on existing rules. However, if the network contains application-level traffic analysis equipment, then traffic may be blocked because its content does not comply with the “standard” protocol

Conclusion

Solutions based on WAN traffic optimizers are presented by a number of manufacturers, which indicates that this market is already fully formed. The range of equipment offered allows you to implement almost any option for building WAN networks: both for remote offices and for mobile users.

The solutions should be considered as an effective alternative to expanding WAN communication channels and as a means of accelerating distributed applications and reducing WAN channel costs.

The implementation of WAN optimization solutions makes it easier to centralize services in a single data center and eliminate the need to host local servers in remote offices. In this regard, equipment manufacturers often expand the functionality of WAN traffic optimizers.

The effectiveness of using WAN optimizers depends on the types of traffic being transmitted; assessing the “general case” for a specific implementation may not be correct. Therefore, in order to make an informed decision on the implementation of such systems, it is necessary to first test the optimization equipment in a specific network of a specific customer.

The Internet access speed announced by the provider often does not correspond to reality. The problem often lies not only in the quality of the services provided, but also in the configuration of the devices used by the end user. This article is intended to answer the question of how to increase Internet speed to the one promised when concluding an agreement with a telecom operator.

First of all, you need to pay attention to the settings of the operating system installed on the PC, and also exclude the possibility of malware influencing the speed of data transfer on the Internet.

Checking traffic eaters

First, you should check the running applications: a torrent client turned on at system startup, a gaming service, or other programs that require constant access to the Internet. These are possible “provocateurs” of inappropriate speed.

Detailed information about traffic consumption in the Task Manager is available only to users of Windows 8 and higher systems. For Windows 7 there is a different method.

In the “Processes” tab there is a column with the heading “Network”, here you can find out which application and to what extent affects the speed and consumed Internet traffic. Disabling programs that are currently unnecessary is done by highlighting the corresponding application and clicking the “End task” button.

In editions of Windows 7, 8 there is a similar utility called “Resource Monitor”. To access it, you need to enter the phrase “Resource Monitor” in the search bar “Menu” - “Start” and launch the program that will be displayed upon request. Next, select the “Network” tab: by default, the processes in it are sorted by the number of bytes consumed per second. It is impossible to close processes that affect the speed of Internet access through this program, therefore, having identified the consumer, you need to return to the “Task Manager” and remove the task corresponding to the exe file:

Internet speed may temporarily decrease due to the activity of the Update Center, which is also noted in the Task Manager under the corresponding item. You must wait until the download from the Internet is completed and the operating system updates are installed on your PC, and then continue as usual.

Configuring the Package Scheduler

Further actions will be aimed at reducing capacity restrictions. The Windows system reserves 1/5 of the total passing traffic and this can negatively affect Internet speed. This limit needs to be reduced to zero.

Launching the “Local Group Policy Editor”, where the scheduler will be configured, is carried out by pressing the Win+R key combination at once and entering the gpedit.msc command in the window that opens:

In the “Editor”, go to the following folder: “Computer Configuration” – “Administrative Templates” – “Network” – “QoS Packet Scheduler”. Several items will appear on the right side of the window, the desired one is “Limit reserved Internet bandwidth”:

In the window that opens, you need to click “Enable”, and in the lower field called “Options” set the “Bandwidth Limit” value to 0%. When you finish working with the window, click the “Apply” and “OK” buttons. Now the system will not limit the Internet speed:

The default scheduler is sometimes disabled in the adapter settings. To check, select “Control Panel” from the “Start” menu, then “Network and Sharing Center.” The connection appears as active. To go to the “Connection Status” window, click on the name. In the window that opens, click on the “Properties” button and activate the “QoS Packet Scheduler” item, confirm your choice by clicking the “OK” button. After completing this procedure, it is recommended that you restart your computer. The question of how to remove the default Internet speed limit in Microsoft has been resolved!

Setting up a network card

For better energy efficiency of the system, some device parameters are configured for saving mode. This also applies to a network card installed in a personal computer.

From the Start menu, go to Control Panel. In the “System and Security” section you need to find a utility called “Device Manager”:

In the “Manager” window, double-click on the “Network adapters” item to get a list of available devices. The adapter is selected by double clicking on it.

In the “Power Management” tab there are two items: “Allow the device to turn off” and “Allow the device to wake the computer from standby (sleep) mode.” We remove modes by unchecking them. Confirmation of the settings is carried out by pressing the “OK” button. After restarting the computer, it is recommended to check the Internet speed:

On laptops, this setting is quite critical: the battery life of the computer risks decreasing. If you notice an increase in the rate of battery discharge after performing this action, it is recommended to return the checkmarks to their places.

Change your power plan

Changing the power plan to a more efficient one will have a positive effect on the speed of the network adapter. In the “Control Panel” you need to find the “System and Security” section, then “Power Options”. The required “High Performance” item is activated by clicking on it:

This setting will increase the supply of electricity to the elements personal computer, which will increase the speed of Internet access. As in the case of deactivating the disconnection of the network adapter, the rate of discharge of the laptop battery may increase, then you should use this power plan only while the portable device is running from the adapter if you need to solve the issue of how to speed up the Internet on a laptop.

COM port extension

To configure the serial COM port, go to the Device Manager utility through the Start menu. Double-click to the “Ports (COM and LPT)” section. Going to the properties of the device called “Serial port (the abbreviation COM with a number should be indicated in brackets, in our case – COM3)” is also done by double-clicking on the name:

In the “Port Parameters” tab, find the “Bits per second” indicator and select “128000” in the drop-down list. To confirm - “OK”:

By increasing the maximum throughput of the port, the likelihood that the speed of access to the Internet will increase to the required values ​​increases.

Installing additional programs

To help standard solutions from Microsoft come developments from third-party manufacturers that allow you to expand the capabilities of the Internet on your computer.

TCP Optimizer (https://www.speedguide.net/files/TCPOptimizer.exe) is free software distributed through the SpeedGuide resource. The program is positioned as speeding up access to the Internet by changing TCP/IP parameters, allowing you to remove Internet speed limits:

After downloading and launching, no installation is required; TCP Optimizer immediately offers the user an interface. On the main General Settings tab at the top there is a slider that must be set to the position corresponding to the Internet connection speed declared by the provider. In the Network Adapter selection drop-down menu, select the network adapter, and at the very bottom of the window, in the Choose settings item, check the Optimal box. The choice is confirmed by clicking the Apply changes button and restarting the PC.

Second assistant in solving the question of how to speed up Internet operation, — a free utility from Softonic – NameBench (https://en.softonic.com/download/namebench/windows/post-download?sl=1). It selects the best DNS server from the list, allowing you to access website domains through the fastest intermediary:

Installation of the program is carried out by unpacking it into a user-friendly directory. After starting the maximum that is required, click the Start Benchmark button. The search takes some time: the resource has a large number of sources.

At the end of the search, the default browser displays the result for the current DNS setting and the recommended configuration - Recommended configuration (fastest).

Checking and setting up DNS

Through the “Control Panel”, select the sub-item “View network status and tasks”, located in the “Network and Internet” section. Here you will need to select the active network, clicking on which takes you to the connection status window, and from there to “Properties”. When using the IPv4 protocol, you need to highlight this item by clicking and go to “Properties”:

The main “General” tab contains the default DNS server addresses provided by the provider:

In the “Preferred” and “Alternative” DNS server sections, you need to enter data from the NameBench program, then check the “Confirm settings on exit” checkbox and close the window by clicking the “OK” button.

Virus check

The first thing to do, if you are used to it, is to check your PC with antivirus software. An effective utility that does not require installation or constant work in the background - Dr.Web CureIt! (https://free.drweb.ru/download+cureit+free/):

Before starting, you need to close all programs, including those using the Internet. After launching the anti-virus package, click on the “Start scanning” button and wait for the scanning process and treatment to complete.

Tidy up your router

If your devices are connected to the Internet through a router, it needs to be serviced to ensure maximum speed.

Features of DSL connection

In ADSL connection technology, an important role is played by a splitter - a small “double” device, on one side of which a landline telephone is connected, on the other - a modem and a telephone line. It is important to check the connections and sockets of the splitter and, if necessary, replace it with an improved version.

Firmware update

With the release of new software, router hardware problems that affect the speed of Internet access are often corrected. You should always keep your device software up to date.

The packaging or back of the router will indicate your login information. Personal Area. As a rule, access to the interface occurs at the addresses: 192.168.0.1 and 192.168.1.1, the login-password combination is admin-admin.

Among the menu items you need to find “Firmware Update”. For the process to be successful, the router must be connected to the computer on which the update is being searched via an Ethernet cable.

Determining the correct location of the router

It is necessary to install the router in the center of the apartment or room at a height of 1.5-2 meters. It is not recommended to place other signal sources of wireless interfaces - Bluetooth, other Wi-Fi points - in the immediate vicinity of the router. Compliance with all these requirements will increase the Internet speed several times.

Changing the Wi-Fi channel

If Wi-Fi access points are installed everywhere, there is a high chance that they will interrupt each other's signal. It is important to remember that Wi-Fi hotspots operate on certain channels. An easy way to determine whether a channel is busy is to download the Wi-Fi Analyzer application from the Google Play Store or App Store to your smartphone. The free utility shows the signal strength in the form of a graph, which clearly shows empty zones - free channels:

Having determined best option, in the router interface, Wi-Fi settings section, you need to find an item called “Channel”. After setting the desired value, you should save the setting and reboot the router, and then check the data transfer speed.

Checking unauthorized connection to the router

One of possible options Speed ​​"leak" is a connection to a third party router. This happens when there is no password on the access point, or the password for the access point is easily guessed.

It is very easy to detect “illegals”: ​​through the router interface. The “Wi-Fi Status” tab contains a list of connected devices. If there is an unfamiliar device among the listed devices, it is recommended to immediately set or change the Wi-Fi hotspot password to protect your Internet traffic from external use.

Choosing a fast browser

Additional functionality in popular browsers, for example, “Turbo” mode, can speed up the loading of pages on the Internet:

Opera and Yandex Browser have a built-in “accelerator”. By enabling this mode, the user does not download the site directly to the computer, but sends it to secure servers on the Internet, where media compression occurs, then the processed page is sent to the computer, and the loading speed increases significantly.

Google's browser - Chrome - does not have this mode, but the Google store has an official add-on called “Traffic Saver”, after installing it you can reduce the size of media files downloaded from the Internet by up to 70%.

The 2ip service conducted its own research, during which browsers with “Turbo” and similar modes enabled were tested. The test showed that in Yandex.Browser the speed of loading pages from the Internet on a 3G modem is almost instantaneous. This fact allows us to designate this browser as optimal for slow connections, and the problem of how to remove the limitation on Internet connection speed has been solved again.

In order to increase Internet speed, it is recommended to use the following useful tips, making it possible to correct the situation at home, namely:

1. Selecting the most effective tariff. The subscriber's existing plan may simply not meet the requirements. Upgrading to a package with high speed ratings is one of the preferred actions.
2. Modernization of a personal computer. The network card installed in the PC may be outdated or faulty, which negatively affects the speed of your Internet connection. A new generation external network adapter will solve the problem of slow access.
3. Purchasing a new router. Modern technologies, including the 5GHz frequency standard, which replaced the outdated 2.4GHz, will save you from “brakes” and freezes during loading.
4. Connect to another server. Remote hosting may be located too far from the current location of the computer, which affects the speed of the connection to the server on the Internet. The same applies to overloaded servers; you should wait until the peak load decreases.
5. Establishing a connection via an Ethernet cable. Wireless internet is convenient, but less reliable than the cable option. If you notice a drop in speed when working with wireless interfaces, you should try an Ethernet connection.

Users on the global network will find a lot of other recommendations on how to speed up the Internet speed, but some tips are already outdated, and some are unsafe for PCs. The main thing, perhaps, is that you can speed up, but maintain a reasonable balance between comfort on the Internet and the security of data on your computer. The second, I think, is more important than the first.