Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure WAN Acceleration Michael Favinsky Senior Systems Engineer www.sonicwall.com.

Published byJocelin Nicholson Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure WAN Acceleration Michael Favinsky Senior Systems Engineer www.sonicwall.com."— Presentation transcript:

1 Secure WAN Acceleration Michael Favinsky Senior Systems Engineer www.sonicwall.com

2 WAN Acceleration Technology helps…  Improve Performance of Business Applications  Optimize Response Times for Critical Applications  Reduce Bandwidth Consumption  Reduce associated Bandwidth Costs … Make the network faster! 2 CONFIDENTIAL All Rights Reserved

3 Analyst on the Need for WAN Acceleration “ Applications, such as Microsoft SharePoint, that make extensive use of dynamic content can swamp WAN links while delivering poor end-user response times” “ Repeated transmission of the same, or similar, files, objects or data patterns can create opportunities for data compression” “As resources are increasingly centralized, minimizing the effect of latency on application response times is becoming a critical requirement” “Global centralization of branch office servers and data centers can expose latency-sensitive protocols, again leading to slow response times” Peak Performance 2011 3

4 The Need for WAN Acceleration 4 Outpaced by Growing Bandwidth RequirementsTraditional QoS IneffectiveApplication LatencyRedundant Traffic Consuming Bandwidth CONFIDENTIAL All Rights Reserved

5 Do you need WAN Acceleration? 1. Are you using Site-to-site VPN or dedicated WAN Links (MPLS)?  How much bandwidth exists between your offices? 2. Would you like your internal applications to be faster? 3. Are your inter-island or island to mainland communications slow due to limited bandwidth or high latency?  600ms latency between Oahu and Guam  What is your ping round trip time to the mainland? CONFIDENTIAL All Rights Reserved 5

6 Before WAN Acceleration  Problem: Connections from remote offices to home office too slow. Takes forever to transfer files or retrieve email. People can’t work.  Solution #1: Virtually place remote office users in corporate HQ.  Citrix  MS Terminal Server  Costly  Slow and unusable if latency is high  Solution #2: Replicate corporate HQ to remote offices.  Separate file server and mail server in each remote office.  Cost skyrockets as number of offices go up.  Does an office with less than 10 people warrant its own file and email servers?  Sync issues between remote offices and HQ. CONFIDENTIAL All Rights Reserved 6

7 Next Generation Firewalls and WAN Acceleration Traffic Shaping Ensure “Good Traffic” Composition Block Unwanted Traffic Utilize Bandwidth Effectively Traffic Acceleration Traffic De-duplication Windows File Services (WFS) Caching Protocol Optimization/Compression CONFIDENTIAL All Rights Reserved 7

8 Traffic Shaping – Get “Good Traffic” WAN Acceleration Step 1 Bandwidth manage and control applications  Identify non-business related applications  Prioritize important traffic  Block or restrict unimportant traffic  3500+ application signatures 8 Goal: “Allow Good Traffic” at the gateway with Application Intelligence & Control CONFIDENTIAL All Rights Reserved

9 “Good Traffic” Acceleration WAN Acceleration Step 2 Extremely Effective on:  Email, PowerPoint, Excel spreadsheets, Word docs, PDF  Internal Web apps, Database apps  Files between 20Kb-100’s of MB+  Small Localized Changes Benefits (For Good Traffic)  Eliminate redundant traffic  Increase responsiveness  Improve user experience 9 CONFIDENTIAL All Rights Reserved

10 WFS Acceleration Benefit: Improves response times and transfer speeds when copying files between remote locations CONFIDENTIAL All Rights Reserved 10  Acceleration for Windows File Copy protocols  CIFS & SMB: Protocol names for file transfer  File caching/de-duplication  Metadata caching (File directory information)  Active Directory Integration  All machines including the WAN Accelerator are required to become part of the domain

11 WFS Protocol Optimization 11  Optimizes communications of inefficient, chatty WFS. With: WAN AccelerationBefore: WAN Acceleration Benefit: Significantly reduces file transfer / file open / file access times. Often by orders of magnitude. CONFIDENTIAL All Rights Reserved

12 Demonstrating and Quantifying the Benefits of WAN Acceleration Visualize the benefits of using WAN Acceleration CONFIDENTIAL All Rights Reserved 12

13 Bandwidth Savings for Web Apps Results: 90% traffic reduction for Internal Web traffic 13 CONFIDENTIAL All Rights Reserved

14 Bandwidth Savings for Windows File Sharing (WFS) Results: 80+% traffic reduction for Windows File Sharing 14 CONFIDENTIAL All Rights Reserved

15 Results – Another Live Customer CONFIDENTIAL All Rights Reserved 15

16 Multi-Site VPN Deployment Multiple Remote Offices connecting back to a Central Office 16 Results: Traffic between the sites is optimized with minimal configuration CONFIDENTIAL All Rights Reserved

17 Using Dedicated WAN Links Leveraging dedicated WAN links between offices 17 Results: Traffic between the sites is optimized with minimal configuration CONFIDENTIAL All Rights Reserved

18 NGFW with Insecure WAN Optimization CONFIDENTIAL All Rights Reserved 18 Insecure WAN Opt device PC sends virus. WAN Opt encodes virus within de-dupe protocol, which DPI cannot recognize Virus sent to HQ The customer investment in NGFW Has been wasted, and communication between the sites is insecure. Application Visualization Gateway Anti-Virus Firewall DPI

19 Secure NGFW with WAN Acceleration Secure Solution  Sits inside of the security boundary  Provides comprehensive scanning for intrusions and malware  Leverages IPS/AV/AS/App Intelligence  Allows traffic shaping and policy enforcement on WAN. Traditional Solution  Sits behind or outside of the security boundary  Data coming out of the WAN Acceleration device can’t be inspected by the security device  Potential for malware propagation, policy violation. 19 WXA NSA Ingress/Egress traffic Firewall WAN Acceleration Ingress/Egress traffic CONFIDENTIAL All Rights Reserved

20 Active Directory Integration  Secure  Integrates directly with AD.  Becomes a member of the domain.  Uses Kerberos authentication  Insecure  Does not integrate with AD.  Uses NTLM.  Forces you to lower your file server’s security posture. CONFIDENTIAL All Rights Reserved 20

21 Secure WAN Acceleration Benefits  Reduce the amount of data sent between remote and branch offices  Improve user experience at remote offices  Reduce infrastructure cost  Easily block undesirable applications on the network  Bandwidth manage applications such as P2P and streaming audio/video  Increase security through DPI scanning of all traffic  Identify network inefficiencies through real-time traffic visualization  Consolidated management interface  App Intelligence, DPI security, WAN Acceleration, VPN, etc. SonicWALL CONFIDENTIAL All Rights Reserved 21

22 Summary – Secure WAN Acceleration  Leverage the security of your NGFW  AV / IPS / App Intelligence  You don’t have to trade off NGFW features in order to gain the benefits of WAN acceleration.  Maintain authentication best practices with Windows File Servers  No compromise on using Kerberos  NTLM is more convenient, but it’s not secure.  Secure WAN acceleration is particularly applicable to you, the Hawaiian customer. CONFIDENTIAL All Rights Reserved 22

23 Questions?

Download ppt "Secure WAN Acceleration Michael Favinsky Senior Systems Engineer www.sonicwall.com."

Similar presentations

2005 2006 2007 2008 Deloitte Technology Fast 500 Asia Pacific Winners Accelerating Your Network WACC Technology.

Deloitte Technology Fast 500 Asia Pacific Winners Accelerating Your Network WACC Technology.
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
UDgateway WAN Optimization. 1. Why UDgateway? All-in-one solution Value added services – Networking project requirements Optimize IP traffic on constrained.

UDgateway WAN Optimization. 1. Why UDgateway? All-in-one solution Value added services – Networking project requirements Optimize IP traffic on constrained.
True Unified Threat Management

True Unified Threat Management
NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC

NLIT 09 Presentation Page 1 Vision – Service – Partnership Page 1 WAN Acceleration Using Cisco WAAS Robert Morrow National Security Technologies LLC
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
1 Tainet IP PBX solutions Tainet Communication System Corp.

1 Tainet IP PBX solutions Tainet Communication System Corp.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Optimizing the User Experience Throughout the Infrastructure Consolidation Process Dan Smith, Enterprise Solutions Manager, GTSI Chris Theon, Practice.

Optimizing the User Experience Throughout the Infrastructure Consolidation Process Dan Smith, Enterprise Solutions Manager, GTSI Chris Theon, Practice.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Secure Messaging Nick Hall & James Clifford Microsoft.

Secure Messaging Nick Hall & James Clifford Microsoft.
Toolbox Mirror -Overview Effective Distributed Learning.

Toolbox Mirror -Overview Effective Distributed Learning.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Similar presentations

Ads by Google