Protecting secure packets

Looking ahead, security also will be a big focus of WAN optimisation vendors. As encrypted traffic increasingly becomes the norm, enterprises will need to apply optimisation technologies to that traffic or the purpose of their WAN optimisation appliances will be lost. If the appliance can optimise only a small percentage of the traffic, companies won't continue to see the remarkable performance gains they have seen so far.

"A company today might only have 10 to 15 percent of its traffic encrypted, but in some industries, such as financial, it is as high as 60 percent, and overall that number is just going to keep growing," Forrester's Whiteley says. "It will be imperative for vendors to be able to optimise this traffic."

In the past, WAN optimisation vendors maintained that accelerating encrypted traffic was not feasible, because their tools would have to decrypt the packets to get at the content to determine whether compression was possible -- thus defeating the purpose of encryption.

Some vendors have begun to figure out workarounds. Riverbed, for example, has upgraded the operating-system software used on its Steelhead appliances to be able to terminate SSL sessions, optimise the traffic, then re-encrypt it as SSL.

To avoid putting encrypted data at risk, SSL keys and certificates that reside within servers don't leave the data centre, Riverbed says. Instead, the keys and certificates get transferred to a Steelhead appliance, which intercepts SSL requests headed for the servers. Then it establishes SSL sessions with another Steelhead appliance across the WAN using temporary session keys. These two devices talk to each other while the Steelhead device on the data centre side talks to the servers, and the remote appliance talks to client machines trying to access the servers.

Besides Riverbed, Blue Coat (which has roots in security) and Certeon have begun to offer acceleration of SSL traffic across the WAN.

Keeping applications in mind

Although WAN optimisation vendors are broadening their product lines to include client operations, security and performance management, some also are ramping up optimisation for one or more particular application types. By gaining deeper insight into these, vendors can learn -- then apply -- the best ways to improve performance over the WAN.

F5, for example, recently unveiled an application delivery network specifically for Microsoft applications. This is part of the company's newly announced Application Ready Network program, intended to simplify the design, deployment and management of an integrated network from a single vendor. And Certeon, with its S-Series appliances, uses application blueprints to understand the user requests that will require specific application-data objects to pass over the WAN. It has S-Series Application Acceleration Blueprints for Oracle and SAP applications, as well as for the 2007 Microsoft Office, SharePoint and Exchange platforms.

"More vendors are looking to go beyond generic acceleration. They are being very specific in how they add optimisation value," Whiteley says. "Customers with big investments in certain applications will find the targeted knowledge appealing."

Indeed, network managers interested in WAN optimisation need to discuss application road maps with their prospective vendors, says Yankee Group's Kerravala. They need to ask vendors about the applications they plan on supporting, as well as whether they'll handle optimisation at the client and on mobile devices, he says.

In addition, network managers shouldn't overlook optimisation for home-grown applications.

Home-grown happiness

At Userplane, an AOL company that offers a communications platform for online communities, for example, WAN optimisation of a custom application made a key function possible, says Michael Jones, founder and CEO of the Santa Monica, California., company. One of its mission-critical applications drops a small script on Web pages and calls back to Userplane servers every few seconds to report on visitors to the site. "It's a very low-transfer, high-volume application, transferring small bits of data every 5 seconds for millions of connections," Jones explains. "We could not take it live without having load balancing technology in place."

That capability comes from Citrix's NetScaler load balancing and TCP offloading technology. The TCP offloading removed the overhead of establishing and closing connections to the Web server. NetScaler made more Web servers unnecessary by optimising the application traffic coming into the data centre, and made it possible to roll out the application in line with business plans.

Today's WAN optimisation tools won't be around for long in their current incarnations. The products that worked their way into enterprise networks promising to speed applications will deliver those capabilities and then some. Enterprise network managers can be certain their investments in WAN optimisation today will pay off in more advanced capabilities tomorrow.

"Customers can go to these vendors now and get a clear picture of what their products will look like in a couple of years, and really make the case for getting the features they want in their WAN optimisation gear," Yankee Group's Kerravala says. "It's definitely a buyer's market."

WAN optimisation partnerships

Blue Coat Systems and Network Appliance

When: March 2007

Deal: Blue Coat SG appliances will be integrated with NetApp enterprise-storage products.

Enterprise benefit: Accelerated data replication and backups over the WAN.

F5 Networks and Microsoft

When: March 2007

Deal: F5's Application Ready Network provides a hosted service that accelerates Microsoft applications. In addition, F5 will license the Microsoft System Operation centre in its F5 ControlPoint Management appliance.

Enterprise benefit: Reduced WAN latency on Microsoft applications coupled with unified access-control and enforcement features.

Packeteer and Tacit Networks

When: May 2006

Deal: Traffic-management company Packeteer acquires WAN-optimisation provider Tacit.

Enterprise benefit: Wide-area file services technology can be coupled with Packeteer's traffic-optimisation capabilities for branch offices.

Citrix Systems (NetScaler-Reflectent Software-Orbital Data)

When: Citrix completes NetScaler acquisition in August 2005, Reflectent acquisition in May 2006, and Orbital Data acquisition in August 2006.

Deal: Citrix acquires load-balancing, client-side performance-management and WAN-optimisation technologies, respectively.

Enterprise benefit: Integrated data-centre acceleration, remote- or branch-office optimisation, and endpoint performance-management products from one vendor.

Huawei Technologies-3Com and Expand Networks

When: March 2007

Deal: Huawei-3Com signs deal to use Compass acceleration software from Expand Networks in its Intelligent Management Centre integrated router platform.

Enterprise benefit: WAN-optimisation and application-acceleration capabilities can be embedded in existing gear with blades or modules, eliminating the need to buy additional appliances.