Application Delivery Network (ADN) solutions address this need by providing an application-focused layer of infrastructure that significantly reduces a business' vulnerability to performance and security problems.
When enterprises consolidate data centers, branch office employees must traverse WAN links to reach applications and data. These links are prone to congestion and latency, making application performance unpredictable. At the same time, the proliferation of Web-based applications — and the fact they're often implemented by users within business units — has created a tremendous burden on IT to ensure their performance and security.
When a user complains that an application is sluggish, IT has a difficult time verifying the problem or pinpointing the cause because traditional network devices and tools operate at the packet level, with no visibility into application flows. IT can't distinguish between business-critical applications, malware and recreational traffic such as iTunes, let alone tell if SAP is being starved of bandwidth in the Qatar office by users watching YouTube over the WAN link.
“All applications, whether large ERP solutions or custom web apps, email or e-commerce, client-server applications or SOA, your success in IT today depends on ensuring that these applications meet their business goals. Unfortunately, trends such as mobility, globalization, off-shoring, and e-commerce are moving users further away from headquarters; while issues like datacenter consolidation, security, and regulatory compliance are making applications less accessible to users,” says Nick Black, Manager Systems Engineering, Citrix Systems ME.
The rapid changes in the application world are pushing the topic of application delivery to the forefront, forcing IT executives to spend more time focusing on how their network enables them to get mission-critical business applications from their source in the corporate datacenter out to users in a way that lowers cost, reduces risk, and increases the agility of IT to keep pace with business requirements in an increasingly dynamic world. And hence enterprises need to look at AND, he adds.
ADN is an application-focused layer of infrastructure that enables IT to see all applications on the network, accelerate performance, optimize bandwidth, and secure the distributed enterprise against malware and misuse. ADN solutions combine three technologies to make the network application-aware:
Visibility technologies classify and monitor network traffic at Layers 4-7+, giving IT a complete picture of what applications are running, along with a real-time view of network and application utilization and performance. Leading ADN solutions can analyze more than 600 applications, giving IT insight into URLs and external sites within HTTP traffic, for example, as well as SSL-encrypted applications.
Visibility data includes traffic per application and site, bandwidth consumption per application, user response times, and jitter, delay and loss for voice and video applications. Once IT knows how applications are actually behaving, ADN gives them the tools to define and enforce policies that govern that behavior.
Acceleration technologies enable IT to optimize everything from internal databases and file access to SaaS applications and IP telephony calls.
Acceleration mechanisms include QoS controls such as bandwidth allocation, bandwidth limiting and traffic priority for VoIP, video and other real-time applications; application-specific compression techniques; and protocol optimization. Object- and media-level caching, as well as byte caching, also ensure that rich media, Web 2.0 and other business traffic is optimized while recreational traffic is constrained.
Security technologies are crucial in today's Webified world, where even trusted sites can be infested with malware. ADN solutions, with their focus on WAN and Internet communications, provide security capabilities that include filtering Web requests and content, Web virus scanning, malware detection and containment, content validation, certificate validation, data-leak prevention, SSL traffic inspection and control of instant messaging, peer-to-peer and streaming traffic.
Working together, these technologies enable IT to assess what's happening at the application level and determine how best to mitigate problems. For example, in Acme's Boston branch office, users have complained that they can't access files over the network. With ADN, IT observes that Microsoft file transfers account for 40% of the traffic between the Boston branch and the Dallas data center, but that recreational traffic (iTunes, YouTube and so on) dominates that link, which has a latency of 85 ms.
IT now knows it has two separate performance issues to address — bandwidth misuse and excessive latency. With ADN, IT can limit (or eliminate) non-business traffic on the link, and accelerate the Microsoft file transfers to offset the high latency.
Implementing ADN
Vendors deliver ADN solutions via a set of devices that complement the existing network infrastructure by providing intelligent points of control at Internet gateways, branch offices, data centers and individual end points. ADN's visibility, acceleration and security technologies are typically packaged into two or more platforms that encompass an application-level probe, application acceleration, WAN optimization and secure Web gateway functionality.
By combining multiple functions in one box, ADN vendors limit the number of new devices needed. For example, ADN probes may include QoS and other acceleration mechanisms in addition to visibility technologies.
Most WAN optimization controllers (WOCs) are symmetric, meaning that a WOC is required at both ends of the connection — say, the branch office and the data center. Some ADN vendors combine WOC and Web gateway capabilities into the same box. This lets users in a branch office access Internet-based sites directly rather than having their traffic backhauled over the WAN to a central gateway at the data center for security screening and policy control.
By providing the same protection and acceleration capabilities at the branch as at the data center, these ADN solutions ensure that SaaS and other Web-based applications and services are delivered securely to branch users at performance levels that meet service-level agreements. In addition, such operation ensures that branch users' recreational traffic doesn't traverse the WAN.
By giving enterprises application-level visibility and control over their distributed network, ADN solutions boost application performance and security. As a result, enterprises can move ahead with data and server consolidation, confident that SLAs will be met. With ADN's ability to secure and accelerate any application for any user, anywhere, user productivity also increases.
In addition, ADN solutions help enterprises maximize their network investments by cutting bandwidth costs or eliminating the need for expensive bandwidth upgrades. When problems do arise, the ADN's application-level visibility lets IT quickly identify and resolve issues, shortening mean time to repair.
With ADN, enterprises can readily align application security and performance with business goals.