Chasing the big one

A distance-learning institution banks on application-aware networking.

Gregg Chottiner is truly in the trenches of the application-aware networking fight. As CIO of the University of Maryland University College (UMUC), he must make sure that students and professors accessing the largest public distance-learning university in the world can do their coursework 24/7, from anywhere.

The Adelphi, Md., university runs two critical Web-enabled applications: PeopleSoft, for human resources and finance administration, and WebTycho, a proprietary learning-management system. As the university grew, controlling performance of these applications became difficult, he recalls.

“We were continually having to buy new networking hardware just to keep things static,” Chottiner says, noting that his core network is composed of Cisco gear. “And we kept buying more network bandwidth, but we realized we weren’t solving the problem that way – we were just spending more money.”

The answer came in a pair of Juniper Networks’ DX3250 application-acceleration appliances. Based on technology Juniper acquired in April from Redline Networks, the gear not only improves performance of critical Web applications, but also handles security via an integrated intrusion-prevention system.

“Anybody who has a Web app [for] customers or clients needs to look at [application-aware networking], because people don’t have much patience anymore,” Chottiner says. “If it’s an underperforming Web site, or it’s difficult to navigate, they don’t come back.”

UMUC’s case is becoming the norm, especially as more organizations consolidate and centralize their servers and applications for better security and accountability, analysts say. The bulk of these newly centralized applications weren’t designed to run across the wide area. They use protocols, such as MAPI, designed for an environment in which the client is no more than 100 meters from the server. “The protocols are very chatty, and with applications being hosted in Chicago and serving people in Bangalore and China, performance gets bad fast,” says Joe Skorupa, a research director at Gartner.

Application performance will get worse as organizations begin moving to Web services and service-oriented architectures (SOA), he says, adding that with the expected upturn in SOA applications, the market for application acceleration and application-aware networking is poised to reach $1.5 billion this year.

Enter Cisco and Juniper and their push to make the network more application-aware. The idea, they say, is to offload low-level communications and protocol-manipulation tasks from overtasked servers to high-performance network gear. In many cases, removing those tasks can free up as much as 80% server utilization, while resulting in more efficient applications with faster response times and lower bandwidth needs – all without having to invest in a lengthy, complex and expensive application rewrite. The sweet spot, they say, occurs when application-aware networks do all that, plus security functions such as SSL VPN and intrusion prevention and detection and key tasks such as load balancing.

To that end, Cisco recently launched its Application-Oriented Network (AON) initiative, and Juniper announced its intention to deploy enterprise infranets – both of which are code words for this multifaceted, application-aware networking gear. Although Cisco AON gear will be fully integrated with its signature routers and switches, Juniper’s offerings are designed to coexist with the underlying network, because in many cases, Juniper doesn’t own the infrastructure – Cisco does.

The prospects look good for Cisco, with its large installed base, and for Juniper, with its feature-rich offerings, analysts say. Still, they’re late on the scene – which has forced each into acquisition mode. Cisco acquired FineGround Networks, and Juniper grabbed Redline and Perabit Networks. Others that have staked out territory are F5 Networks, Citrix Systems (which recently acquired NetScaler) and Radware, on the front-end application-processor side, and Riverbed (which recently entered into an OEM partnership with HP), Expand Networks and others, on the WAN-optimization side.

Cisco and Juniper have additional competition from IBM, Microsoft, SAP and Oracle on the applications side, especially when it comes to building efficient SOA-based applications. “The application vendors all have proactive strategies for SOA . . . that CIOs are just now beginning to adopt. Cisco and Juniper . . . have to be able to introduce their concepts to that same CIO,” says Tom Nolle, principal of CIMI. “The challenge is that the CIO isn’t going to think he has a network problem but an application problem. And IBM and Microsoft are not going to tell him otherwise. So if Cisco and Juniper don’t tell him otherwise, they become marginalized.”

IBM in particular is formidable, especially with its recent acquisition of SOA appliance maker DataPower, Nolle says. “The giant killer in this space is a giant – IBM. Its acquisition of DataPower raises the risk level for all of the network vendors, because IBM could begin to sell the DataPower appliances with its own SOA applications and have those appliances just gradually draw away all of the feature value out of the lower-level networks. If IBM does that and is successful, it would make it extremely difficult for the network vendors to respond,” he adds.

In addition, Cisco and Juniper are battling their own reputations as strict bits-and-bytes vendors. At Thomson Financial, for example, Cisco gear powers the network, but F5’s BigIP application-acceleration appliances ensure optimal performance of Web applications to financial clients worldwide, says Mark Maroclo, manager for system support and engineering at the Rockville, Md., company. Thomson Financial selected F5 because of the vendor’s sole focus on application-level performance, he says.

“It’s the degree they understand my problem,” he says. “Cisco understands my problem as far as switching and routing and those real low-level aspects of the network that need to be stable. But F5 lets me capture, manipulate, track and inject things in the application stream. You have no idea how powerful that is.”

BigIP has saved his company extensive time. “To make this application understand HTTPS would have taken a month’s worth of development time,” he says. “With BigIP, when you call that piece of data from a server, we can add a rule that says I’m going to exclude that from the URL direction rule and then anything else is going to get processed in sequence and secure. It’s a huge savings.”

Cummings is a freelance writer in North Andover, Mass. She can be reached at jocummings@comcast.net.

Previous Power story: Carriers struggle over IPNext Power story: Cisco vs. OpenView and Tivoli?

>