WAVE appliances deliver excellent performance, but lack UDP support, and management tools cost extra
The latest release of Cisco's WAN optimization product line -- Wide Area Application Services (WAAS) 4.4 -- proves that the company famous for routing packets can also shape, optimize and accelerate them.
WAAS provides TCP optimization, data compression, application specific optimization and intelligent caching, all controlled from a single browser-based management console. WAAS comes in a variety of form factors and deployment methods -- a data center appliance, branch office box, virtual WAAS for cloud-ready installations, and a mobile client for Windows operating systems.
For this exclusive Clear Choice test, we deployed a pair of WAVE-294 (Wide Area Virtualization Engine) branch office appliances and a pair of WAVE-8541 data center appliances. We used Cisco's default optimization settings, which include more than 190 predefined acceleration rules.
Our first goal was to verify Cisco's claim that the WAVE-8541 can handle up to 150,000 concurrent connections and not drop any packets or sessions. We created a high-speed network in the lab and cranked up the traffic with a pair of Spirent 3100B Avalanche load generators.
A pair of WAVE-8541s was directly connected via 10Gigabit Ethernet through two Cisco Catalyst 6500 routers on the WAN side. The LAN side was also 10G Ethernet to the Spirent device with a 1 Gigabit backbone for the Central Manager and other devices. We monitored the connection levels both from the Spirent console and via command line from each 8541 appliance.
During the 30-minute test run, the connection count stayed solid at 150,000 connections. CPU utilization on the data center-side WAAS-8541 peaked at approximately 51%, while the branch unit never exceeded 31%. The 8541 scaled to 150,000 without any issues even while the default set of WAN optimization policies were enabled.
Next, we tested Cisco's claim that the WAVE-8541 appliance can handle 2Gbps of optimized WAN throughput. Using the same network setup, we created traffic from four Ubuntu clients running iperf connected to our Gigabit LAN. The traffic generated by iperf was a mix of 50/50 compressible and uncompressible data. With all four clients active, the LAN side reported approximately 3.96Gbps of traffic and the WAN side peaked at 1.97Gbps. That represents some of the best performance we've seen based on previous testing of WAN optimization gear.
New cache features
In the past, Cisco's cache engine on the data center device was segmented - each branch was assigned a specific portion of the data center appliance's cache and it could not be shared with other WAAS appliances. This meant that even though a particular block of data had already gone through the data center to one location, other offices couldn't take advantage of this information.
Cisco's new context-aware DRE (Data Reduction Engine) does away with the segmented cache, opting for a single large unified cache that all appliances can participate in.
Cisco's DRE adapts to changing conditions in traffic and applications. For most everyday traffic, HTTP, CIFS, NFS, MAPI, etc., the cache operates in a bi-directional mode. Signatures and byte segments are located at both ends of the connection and help reduce overall WAN traffic regardless of direction.
What's interesting is that DRE can also function in a uni-directional mode for specific traffic types, like streaming audio and video, and VDI. Because the traffic is one-way from the data center to the remote end, there is no need to cache any of this data at the data center. Instead, only indexes are created at the data center and stored at the remote site, so that any subsequent streaming traffic can take advantage of any cached byte segments in the branch appliance without filling up the data center cache.
To test the bi- and uni-direction functionality, we added a pair of WAVE-294s as our branch office appliances simulating two locations. We connected to a SharePoint server and file share located in the data center through a WAVE-8541, and downloaded and uploaded files into each system.
We were able to monitor the amount of data stored in DRE on both sides of the connection and because of the duplicate nature of the files, there was about 90% reduction in WAN traffic. Caching and compression are common features in WAN optimization devices, and it is always nice when the systems work as advertised.
No habla UDP
WAAS does not optimize or cache UDP traffic. For some customers, this could be a critical factor when choosing a WAN optimization solution. While most day to day traffic is TCP, there is a growing amount of UDP traffic that will be ignored by WAAS.
For example, Cisco will optimize and accelerate Citrix's HDX and Microsoft's RDP remote access protocols for VDI, but VMware's PCoIP protocol is UDP and will simply pass through the appliance. Also, some backup solutions stream data to storage devices using UDP.
The software engine for WAAS is the same regardless of platform. Not all features are available on all formats, but overall, Cisco has designed a consistent user interface and feature set across platforms.
In order to manage your WAAS deployment, you will have to install at least one Central Manager - Cisco's WAAS management platform. Available in both virtual and physical versions, it is required for all WAAS installations, and is an additional cost. The virtual installation is only available for VMware ESXi or Cisco Unified Computing System appliances and one Central Manager console can manage up to 2,000 WAAS devices. We found the browser-based management UI is well laid out and very intuitive to use.
Admins assign the various WAAS installations into logical groups and apply optimization policies at that level. If the situation requires, admins can drill down and override group policy at the single device level, too. An optimization policy is made up of an application classifier and an action. The application classifier is the component that tells the policy what type of traffic to intercept, for example TCP port 139 and 445 for CIFS. IT can create custom classifiers for specific traffic types.
The action is what determines how the traffic is manipulated, and there are nine different actions available. From pass-through to TFO (TCP Flow Optimization) to TFO with DRE and LZ data compression, WAAS covers just about all possible scenarios. We were able to create custom policies quickly in just minutes and easily deploy them to specific device groups.
All hands report
A big benefit of managing all of your devices in a single location is the ability to view the status of all locations at a glance and create consolidated usage reports. There are a number of reports included in Central Manager, such as traffic and optimization summary, HTTP, HTTPS, video, SSL, MAPI and NFS acceleration reports, and also an overall acceleration summary. You can generate reports on a specific device, if needed. Unfortunately, IT cannot create any additional types of reports, such as charts and statistics on a customized policy for one specific traffic type.
We like that Cisco includes Cisco Prime, its Network Analysis Module, as part of Central Manager. Where Central Manager's reporting is unique to WAAS devices, Cisco Prime will collect network statistics from all across the network, including non-WAAS appliances. This allows IT to get a complete picture of network traffic from end to end and not be limited to WAAS-only information.
Cisco's latest release of WAAS is a very mature and highly scalable platform for speeding up TCP traffic in the enterprise. Its lack of UDP support is a bit disappointing, but the TCP support covers just about every conceivable situation. We like the Central Manager console, but since it is required to manage a WAAS deployment - and is an additional cost - we'd also like to see a free, if scaled down, version. The reporting and monitoring engine is top notch and overall, we found the system easy to navigate and use. Most of all, the top-end WAVE-8541 is an absolute speed demon and its ability to handle 150,000 connections and pass 2Gbps optimized traffic over the WAN is impressive.
Schultz is head of NetData Consulting Services, and an InfoWorld contributing editor. He can be reached at firstname.lastname@example.org.
In what may be a first for the technology industry, RSA Conference 2015 next month apparently will be...
Website password strength meters, like a spouse asked to assess your haircut or outfit, often tell you...
With all the public cloud storage offerings on the market today, many vendors just want customers to...
Sponsored by AT&T
Sponsored by Brocade
Investors made a crowd around the cloud this week, investing $175 million in companies focused on...
The SDN project now has a security response team to quickly handle new vulnerability reports
Here's how many cybersecurity entry-level job seekers fail to make a great first impression.
As CIOs become overwhelmed by IT demands, chief data officers (CDOs) are stepping in to serve as a...