Squeezing more capacity out of WANs

hen it comes to network bandwidth, users are like kids in a candy store: No matter how many gumdrops they squeeze into their pockets, they want more. Network managers must play the frustrating role of parents and put limits on users' bandwidth desires.

However, a handful of small start-up vendors are trying to help network managers satisfy users without wreaking havoc on agency information technology budgets. Engineers at these companies have designed bandwidth compression or optimization products that network managers can use to pump more information through wide-area network (WAN) connections.

The companies include ActivNetworks, Expand Networks Inc., ITWorx Inc., Packeteer Inc., Peribit Networks Inc. and Riverbed Technologies Inc.

Although the vendors have taken different approaches to boost throughput, these bandwidth optimization products are basically network appliances that examine data flows and then strip out redundant information.

Because some of these products are fairly new, many of the devices lack robust monitoring and management functions. However, addressing these limitations is a high priority for vendors.

Despite these shortcomings, the use of bandwidth optimization products is expected to increase during the next few years. "Recently, pricing for WAN links has stabilized — it has even been going up in certain cases — so a growing number of agencies need to maximize throughput on their existing communications lines," said Michael Banic, vice president of corporate marketing at Peribit.

Delivering adequate bandwidth to support Web-based enterprise applications is an ongoing challenge for network managers. For desktop computers, meeting that requirement is possible because 100 megabits/sec — and even 1 gigabit/sec — links are inexpensive and incur no recurring charges.

That is not the case with WAN links, which represent significant investments, often the second-highest IT expense after personnel costs. A T1 or frame relay line between two domestic locations can cost a few hundred dollars per month, and an international line can be priced at several thousand dollars. Because medium and large agencies often have handfuls, or even scores, of branch offices, these charges quickly add up.

With network managers under intense pressure to cap expenses, agency officials struggle to provide users with sufficient WAN bandwidth and are turning to optimization products for help.

Defense Department officials have seen bandwidth requirements increase recently. "More and more of our users are

working with sophisticated applications like video and

complex graphics, so we have been struggling to support the

applications without breaking our budget," said Vincent

Cerrilli, DOD's communications adviser.

Six months ago, DOD officials installed Expand's optimization devices to boost performance on the DOD satellite WAN. Since then, the agency has seen a fourfold performance improvement, Cerrilli said.

Expand's Accelerator appliances combine caching, packet header reduction and packet compression with application-specific acceleration to improve application response times. The company also makes a traffic management system called ExpandView, which discovers and classifies more than 100 enterprise applications while detecting and fixing WAN performance problems.

Application requirements are also driving use of bandwidth optimization products at the National Radio Astronomy Observatory, where officials are putting more voice and video traffic on their data lines. In 1999, officials at the observatory decided to let employees at their Charlottesville, Va.; Green Bank, W.Va.; Sequoia, N.M.; and Tucson, Ariz., sites conduct videoconferences via an IP network.

"To be successful, we needed a tool that would identify video traffic and give it the highest priority on the network," said Gene Runion, manager of communications at the observatory. Observatory officials use Packeteer's bandwidth management product to monitor video traffic and ensure adequate response time for e-mail transmissions and file transfers.

Meanwhile, a data center reconfiguration resulted in the deployment of a WAN optimization product by Environment Canada, which is located in Saskatoon, Saskatchewan. At the end of 2003, agency officials decided to move their data center from an older building, where most of the employees were stationed, to a newer building located next door. To make the move work, agency officials needed to ensure adequate response time for users and opted for Riverbed's product.

"Since Riverbed's Steelhead stores data locally and only sends new or changed information over the WAN, the new network comes close to delivering the response time seen when the data center and users were located in the same building," said John Botari, senior systems analyst at Environment Canada.

The new products can be helpful, but they have limitations, starting with the type of applications they can support. In certain cases, they will not be able to compress data from Adobe Systems Inc.'s Acrobat, Microsoft Corp.'s SQL Server or Zip software, which also compresses information.

"Encrypted data running over [virtual private network] tunnels is difficult to compress, because the data does not conform to expected patterns," said Jim Metzler, an analyst with Ashton Metzler and Associates in Sanibel, Fla.

Because encrypted packets no longer contain recognizable bit patterns or protocol formats, the products cannot pinpoint

redundant data. A workaround is designed to apply bandwidth optimization before encrypting data, an approach that requires stationing WAN optimization gear on the local-area network, rather than on the WAN side, of each connection. This technique works with IPSec encryption, which is typically used for site-to-site VPNs, but may not function as well with Secure Sockets Layer encryption, in which encryption is implemented at endpoint devices.

Because the products focus on application traffic flows, they can require a fair amount of customization. Network managers need to consider application requirements, network traffic patterns and device configurations.

However, the bandwidth optimization tools' management

and monitoring functions are immature — some do not even support commonly used protocols, such as Remote Monitoring 2.

Expand's product line is an exception, however, providing

full RMON/RMON2 support. As a result, many tools have a limited ability to sift through the

often complicated set of applications running on agency networks and then illustrate how well data is flowing on each link.

However, as more employees in the private and public sectors work in branch offices and remotely, the demand for these products will continue to grow.

"Organizations are becoming flatter —

87 percent of employees [surveyed] now work in remote offices — and that means more

information is flowing over WAN links," said Robin Gareiss, principal research officer at market research firm Nemertes Research LLC.

Korzeniowski is a freelance writer in Sudbury, Mass., who specializes in technology issues. He can be reached at paulkorzen@aol.com.


Bandwidth optimization products can deliver much-needed performance boosts but sometimes at a significant cost. Low-end systems — two are required on each wide-area network link — are priced at a few thousand dollars, and sophisticated systems can quickly pass the $25,000 mark.

However, network managers have a few options to justify such expenditures. The most obvious method is to examine the cost

of adding more communication lines. A $500-a-month T1 line represents a $6,000 annual investment. If agency officials can double

their existing bandwidth with an optimization tool, a $15,000 investment pays for itself within three years.

Application requirements also drive deployment. More agency employees are using Web-based applications, which increases WAN traffic. In such cases, additional WAN bandwidth might not be available, so the only solution is an optimization system.

— Paul Korzeniowski

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group