Fast track to file access

Agencies struggling to provide a geographically dispersed workforce with quick and secure access to files might want to consider deploying wide-area file services (WAFS) appliances to help them consolidate remote office files at a single, centrally managed location.

By using caching and protocol-optimization techniques, WAFS speed file access across wide-area network links while helping organizations maintain security and control over applications.

Files that use bandwidth-hungry protocols, such as Common Internet File System (CIFS) for Microsoft Windows-based servers and Network File System (NFS) for Unix- and Linux-based servers, are geared to operate efficiently on local-area networks rather than WANs.

When you open a file on a LAN-based server, your client machine on that network exchanges hundreds of messages with the server. When you use the LAN, you hardly notice the time it takes to open the file because of the available bandwidth.

But open that same file from a remote or branch office that has a decent connection to the central data center and you’ll likely have time to refill your coffee cup. If connectivity speeds are low, that file-opening operation will give you time to grab a sandwich, too. Network connectivity speeds affect office productivity.

To solve that issue, many agencies have installed servers at remote and branch offices, creating a distributed group of mini-LANs. Although that approach solves the file-access issue, it increases costs and the potential for security risks. Agency budgets must absorb the cost of the additional servers to support the remote locations. In many cases, technical employees must also be added to the payroll to manage the remote configurations.

Click here to enlarge "WAFS at work" chart (.pdf).

Maintaining security controls and accurate and timely backups of critical data is challenging in a distributed environment. Managers are often left wondering if nontechnical employees at remote offices will remember to back up the server each evening.

The drive to WAFS
There are two trends driving agencies toward WAFS and its related technologies. “Branch-office server-centralization projects and the move to Web browser-based applications continue to drive this market,” said Joe Skorupa, a research director at Gartner.

WAFS improve remote file-access speeds while eliminating the need for equipment and technical employees at remote locations. Centralizing equipment also allows information technology managers to more easily implement policies that will ensure compliance. In addition, deploying other strategies, such as data backups, also becomes easier in a centralized environment.

Centralization, consolidation, control and lower costs aren’t the only reasons to look at WAFS technology. In a recent report, IDC analysts said, “As WAN-optimization appliances are deployed across borders (continents, extranets, remote offices, etc.), these dedicated appliances are also becoming critical to detecting and preventing denial-of-service attacks, worms, intrusions, and other traffic and access irregularities.”

Using WAFS appliances for WAN optimization is worth considering, Skorupa said. Packeteer and Riverbed Technology, two leaders in the WAN-optimization area, offer WAFS support. However, the market for WAN optimization, which includes WAFS and other related technologies, is still emerging. It is likely that additional mergers and acquisitions will occur as the market matures.

In the meantime, it is a good idea to execute one or more WAFS-related proof-of-concept projects or conduct a small test with a limited number of remote offices.

How WAFS work
WAFS solutions come in pairs of appliances — one for the central data center and the other for the remote or branch office — and they are often used with virtual private networks. A centralized data-center WAFS appliance might serve one or more remote locations depending on its size and configuration.

Click here to enlarge "WAFS solutions" chart (.pdf).

Once in place, the central and remote WAFS appliances work together to speed WAN performance by using technologies such as compression, caching or acceleration. Some providers use all three methods and other proprietary tools.

The remote appliance decompresses and caches the traffic and, given a large enough cache, can make file access downright peppy at the remote office. On the return trip to the agency’s centralized data center, the remote appliance also compresses the outbound traffic.

Here are some necessary steps to properly deploy WAFS appliances.

Step 1: Determine your topology
One of the first things to consider is what type of topology you want to have. Providers of WAFS appliances might support an inline or non-inline topology, although several providers support both. In an inline topology, you route traffic through the WAFS appliances directly. That type of configuration allows you to speed all the traffic between the two locations.

Conversely, in a non-inline topology, the appliances sit on either end of the network, but all traffic does not flow between them. Instead, the appliance at the remote office is configured to act as a proxy for remote network shares, which give computer users on the same network a centralized place to share files. Staffers at the remote office map drives to shares on their local WAFS appliance.

Then, as remote office staffers access files, the local and remote appliances work together to ensure that the user works with the most recent version of a file. In this scenario, the most frequently used files are stored on the local cache and the two appliances work to keep files in sync while using techniques such as compression or acceleration to sustain LAN-like performance.

Step 2: Examine protocol support
Aside from considering topologies, examine what protocols the WAFS appliance supports. Some appliances are limited to CIFS while others support CIFS, NFS, and other file or message-related protocols, such as FTP and the Messaging Application Programming Interface. Your users may be running Windows-based desktop PCs, but if they share file across Windows, Unix and Linux servers, you’ll want CIFS and NFS protocol support.

As the WAN-optimization market matures, the lines between WAFS and wide-area data services (WDS) will begin to blur. WDS devices typically support protocols such as TCP/IP, HTTP and those supported by WAFS appliances.

WAFS providers are beginning to add support for nonfile-related protocols to their appliances. If your remote employees work with central files and access applications such as an agency Web portal, you’ll want WAFS and WDS protocols. Support varies among providers so check to make sure the protocols you need are included.

Step 3: Compare performance
Compare the performance of the WAFS appliances you are examining. All will use some combination of compression, caching, and acceleration, and each will usually state that they are the fastest or can deliver the best performance.

During your proof-of-concept or test project, execute the same tasks, such as opening large files. Record the performance statistics for all of your test appliances, your general impressions about the performances and any glitches you encountered along the way.

Step 4: Check security, reporting functions
Compare the security-related functions of each appliance. Can it be centrally secured? Can you comply with your agency’s security policy by using the appliance? What type of security alerting does it support? Can it send alerts to a centralized monitoring framework or an administrator’s e-mail account or pager?

If the budget permits, consider appliances that include proactive security measures, such as traffic analysis and intrusion prevention.

Good reporting is also essential. The appliance you select should include summary reports that are meaningful to agency managers. Detailed statistical reports on bandwidth usage and throughput are also critical. However, reporting on trends that affect cache usage is probably the most important. By monitoring cache usage you can accurately forecast when a given set of appliances may need to be upgraded or replaced.

Appliances deal with cache usage in different ways. Some feature cache storage but no other storage capability. Others include storage, but the amount varies widely among vendors — from 80G to 512G. A key portion of your WAFS evaluation will include accurately determining the amount of cache and disk storage needed at your remote locations.

WAFS and WDS appliances can enable agencies to cut costs through centralization and consolidation. Centrally controlled data-access methods and simplified backup strategies can further increase efficiency. For those reasons, agencies should evaluate WAFS and WDS devices.

Biggs, a regular Federal Computer Week contributor, is a senior engineer and freelance writer.