"The network is increasingly seen as a strategic asset to the business, and anything you can do to improve that has tangible value to the business." So says Steve Wastie, formerly Peribit's international marketing director and now a European VP at Juniper Networks, which bought Peribit last year.
He adds that as the network gets more complex it needs security embedded within it, but it also needs to be application-aware - in particular, applications need to run over WANs as well as LANs.
That's why having already built a beachhead in the security business, Juniper Networks last year spent $470 million buying its way into the WAN application acceleration market as well. The assets of the two companies it acquired, Peribit and Redline, now form the core of its application acceleration group - Juniper's third business group after routing and security.
No merger plans - yet
Wastie says that for now at least, there is no plan to merge all those technologies, and the three groups will continue to produce separate technology, but that there are important opportunities to make it all work together better.
"At Juniper the synergy is the opportunity to relate that to security and protecting applications as well," he says. "If you think about routing, security and application performance, those are like separate businesses and there's clearly an opportunity to bring them together. The reality though is how much can you consolidate and at what pace?
"Immediate synergies can be had though - we have a mechanism now to configure security and application performance in conjunction, so they work together.
"For example, if you have an IPSec VPN with encrypted traffic, by definition you can't optimise that, so you need to be able to co-ordinate it so you optimise the traffic first, then encrypt. A lot of that is deployment - we could have done it as separate companies, but because we have the people in the same room it's safer."
There are synergies too between application acceleration and basic networking, he says. In particular, it can make the network application-aware, allowing network managers to respond to problems that they wouldn't otherwise even be aware of.
"Our management tools give very granular reports on network activity so the amount of information we get back is a real eye-opener to administrators - they're used to looking at availability, but we can go in at Layer 7," Wastie says. "For example, one client saw a remote office acting as an email server, due to a Trojan, and was immediately able to apply a throttle using QoS to protect the network."
Could it all that acceleration, security and routing technology go into a single box? It's technically feasible, of course, but Wastie queries the idea on both commercial and practical grounds: "The jury is out. Maybe you want an all-in-one box in a branch, but in the core? Maybe not.
"There's a lot of religious differences - some people want to keep security separate from the optimisation infrastructure, say. It comes down to personal preferences. There's clearly a trend to consolidate, but what do you consolidate and when? We're still seeing consolidation in the optimisation space, never mind anywhere else."
Juniper's application acceleration group now has two main product families - WX and DX. Wastie says they are clearly differentiated: "They sit in different places in the network," he explains. The ex-Peribit WX line is symmetric, requiring a box at each end of the WAN link, while the ex-Redline DX is asymmetric, working on the server side only.
"It's incredibly complementary - as Peribit we never competed against Redline," Wastie adds. "Both solutions can do compression, but the reality is they're different boxes which give different benefits for different groups of users."
The WX line does compression, acceleration at the TCP layer to minimise the round trips, and application acceleration for CIFS, HTTP and MAPI. "That gives enough benefits - it's an 80/20 case," Wastie argues. It doesn't do NFS, but he says NFS traffic already benefits sufficiently from the TCP acceleration.
To WAFS or not to WAFS?
Unlike some of the WAFS-type accelerators, the WX has a hard disk in the box but it's not a file system proxy, meaning that it cannot continue to serve files locally if the WAN is down.
"The limitations of the WAFS approach are you're pointing your clients to a proxy, although at least then you can work when the WAN link is down," Wastie says. "There are pluses and minuses on both sides, but we thought the network-centric approach was the right one to go for, it's more transparent for a start."
Where the WX optimises WAN links between offices, the DX family aims to accelerate remote access to server-based applications. Wastie points out that that the trend towards server consolidation puts much higher loads on the infrastructure around the remaining servers, as well as on the servers themselves.
"Consolidation puts more users into fewer places - now you have one data centre instead of 10, and it has 10,000 users instead of 1000," he says. "So then you have to look at the bandwidth needs, plus load balancing, proxy caching and tiered back-end servers."
That's where systems such as the DX score, he adds: "Typically we see you can double the capacity of a server farm by offloading onto a DX. Microsoft uses a Redline box to provide its partners with access to its Siebel system, for example."
Will the need for application-specific programming interfaces (APIs) or acceleration modules go away? Wastie thinks not: "The question is how fast are people moving to an all web-based way of operating," he says.
"We are seeing that trend, but within the WAN environment you've still got an awful lot of protocols that aren't HTTP for a lot of reasons - legacy, security - and you won't be able to move those over quickly."