SANGFOR WAN-O , solusi management bandwidth Anda.
Enterprise WANs face two main areas of concern: connectivity and applications. With linkage, key issues include limited bandwidth, long network delays and severe packet loss. With applications, complications arise from transmission of large volumes of data and low transmission efficiency of the applications themselves (which were most likely designed for LANs) when operating across a WAN.
SANGFOR WAN optimization delivers multi-layer WAN optimization, improving the data transmission efficiency over physical links and significantly improving application responsiveness, especially in environments of high packet loss and high latency. Improvements are especially noticeable with applications that work very inefficiently over the WAN (such as Microsoft Exchange).
>SANGFOR WAN optimization uses signature-based stream caching, which can reduce redundant WAN data by as much as 30 to 90 percent. Its multi-layer optimization results in much speedier data transmission, avoiding or delaying expensive bandwidth upgrades, accelerating user traffic and ultimately delivering excellent ROI.
>After deploying SANGFOR WAN optimization solutions, enterprise headquarters, branch locations and partners can experience accelerated network performance of important applications and data, anywhere in the world. SANGFOR WAN optimization delivers a LAN-like experience over the enterprise WAN.
>For a more scalable, complete infrastructure acceleration solution, look no further than SANGFOR WAN optimization. The products can also leverage built-in VPN to provision an accelerated VPN service to support remote users with flexible and diversified virtual enterprise connectivity.
>SANGFOR is the first vendor in Asia to conceive of its innovative WAN optimization concept and offer real world solutions. The company has customers from a wide variety of industry segments who are enjoying the speed, security, reliability and cost-effectiveness ROI of WAN optimization.
|Transmission protocol optimization||Adaptive TCP proxy and HTP transmission protocol in high-latency, high-packet-loss network environments|
|Byte-caching technology||Supports multi-disk, bi-directional and fragment-packet acceleration|
|Application proxy||Supports proxy for TCP, CIFS, HTTP, HTTPS, FTP, POP3/SMTP and MAPI protocols; supports acceleration of Web, HTTPS, FTP, Network Neighborhood, Lotus Notes, Exchange, SAP(B/S), SharePoint, Oracle Database and other applications|
|compression algorithm||Provides hardware-based GZIP and LZO high-speed stream compression algorithm|
|WebPush technologies||Via WebPush function, conducts intelligent analysis of HTML request pages, to self-define settings for pre-fetching cache elements, and to improve Web application's accessing speed|
|Flash-link||Flash link technology (improve data transmission speed) and addresses effects of high-packet-loss|
|Intelligent QoS function||Sets QoS policy based on application, direction, source address, destination address and effective time, and supports QoS allocation based on lines|
|Bandwidth management||Integrated with SANGFOR IAM bandwidth management feature: application identification, traffic shaping, etc.|
|Tunnel encryption||Built-in AES 128-bit encryption algorithm; enhance other encryption algorithms, guaranteeing data security|
|Data integrity||Uses MD5 and SHA algorithms to guarantee data integrity|
|Enterprise level firewall||Built-in Stateful Packet Inspection enterprise-level firewall provides packet filtering, URL filtering, access monitoring, DHCP services and other security functions|
|External and internal DOS attack resistance||Effectively prevents internal and external and internal DOS attack|
|Configuration||Supports SNMP, the standard network administration protocol; Configuration wizards speed up user deployment; Auto identification of protocols based on contents, simplifying application acceleration configuration|
|Management authorization||Functionality managed via various levels of access privileges, including Administrators and Users|
|Logging and reporting||Provides visibility into a wide range of system information, including logs for alarms, errors and debugging. Allows use of stand-alone log servers, examination of real-time and historical traffic, analysis of accelerated and non-accelerated traffic and sessions, and report generation and export|
|Backup function||Data resilience via local and remote backup and recovery; Logs are backed up as files|
|Transparent acceleration||Restoring the original connection information after acceleration|
|Easy deployment||Supports import of WCCP V2 traffic, supports import of strategy routing PBR traffics, support CDP, and supports import of four-layer switch traffic; Default two directions acceleration on the whole network segment|
|VPN module||Built-in IPSec VPN module|
|Portable Accelerator||Supports acceleration effects via installation of PACC software on client PCs|
|Bypass||Supports hardware Bypass (Optional for low-end equipment)|
|SANGFOR WAN optimization greatly benefits the
performance of Web, HTTPS, FTP, Network Neighborhood, Lotus Notes,
Exchange, MS SQL, ERP, CRM and other business applications. Regardless
of the physical location of branches and business partners, WAN
optimization accelerates their important data and applications for a
LAN-like experience across even a worldwide WAN.
|Low quality communications environments are accelerated the most|
|Poor quality environments benefit the most with
SANGFOR WAN optimization. Such environments are typically poor quality
physical links, with high packet loss and high latency. They include
satellite links, transnational links, and inter-operator connections.
Certain applications (such as MS Exchange) will also greatly benefit
from WAN optimization, which compensates for the applications’ original
design to be used on LANs and not WANs.
|SANGFOR WAN optimization provides more scalable
whole-network acceleration solutions with reasonable price. In addition
to acceleration of existing lines, SANGFOR WAN optimization delivers an
accelerated VPN infrastructure to connect remote users and sites with
flexible and diversified accelerated connectivity by virtue of its
built-in VPN service. For small branch sites, its software client can
help reduce costs by providing accelerated connectivity via low-cost
broadband solutions (instead of expensive leased lines).|
|WAN Optimization||TCP Proxy||Byte cache|
|SNAT & DNAT||GZIP||LZO|
|Web Push||Dynamic IP addressing||Multiplexing|
|WAN Optimization technologies address
optimisation solution which turns out WAN experience into LAN. By
optimising data layer, transport layer and application layer, provides
customer whole new wide area network experience: avoid redundant data
transmitting; adopt more stable, faster transmission protocol; improve
application system work efficiency. Apart from this, WAN Optimization
technologies offer whole new wide area network construction solutions to
IT manager by reducing huge investment to lease lines, avoiding large
scale network infrastructure implementation to help enterprises
achieving the green IT.
SANGFOR Technologies adopted following technologies to help you achieving WAN Optimization
|By deploying SANGFOR WAN Optimization
appliance at each end through the wide area network, in the process of
TCP connection, WAN Optimization appliance ‘monitoring’ the message of
‘ACK’ in traditional TCP handshake process and capture it. It turns the
originally one segment TCP connection between client and server out into
three segments of TCP connections. WAN Optimization appliance at client
end acts as a server at client end while at the same time the other WAN
Optimization appliance at server end acts as a client at server end, by
means of this, the former three times TCP handshakes through wide area
network turns out to be finished in local area network, highly improved
TCP connection succeed ratio.
TCP Proxy cuts delay overlying during TCP transmission which is caused by RTT with the method of local response; it is suitable for high delay environment. Especially during the first time transmission, user will experienced an obvious speed up. TCP proxy supports much more towards Application Proxy. Although WAN Optimization does not support Application Proxy to some of the applications, but due to the effect of TCP Proxy, WAN Optimization still can improve the performance of these applications.
| SANGFOR originally designed ‘byte
cache’ is able to cut redundant data at maximum extent during data
transferring to improve bandwidth quality.
When data pass through WAN Optimization appliance, it will be cut into data segments at 100-200B at the same time be allocated with a unique label (10B) to send to the peer end WAN Optimization appliance(storage data bases at both end of the WAN Optimization device are precisely matched ). In following transferring process, any data or file will be cut into data segments by WAN Optimization appliance and matched one by one with the current data segments. If match successfully, only the corresponding labels will be transferred the peer end WAN Optimization appliance and at the same time restore the labels into data segments. If match unsuccessful, both the data segment and label will be sent to the peer end WAN Optimization appliance to ensure the equality at each end of WAN Optimization appliance.
WAN Optimization appliance designates each segment a unique label, this label not only include corresponding data information but partial information of the neighbour data packet, in this caste, when a data packet loses, WAN Optimization appliance will restore the lost packet according to the label of neighbour data packet without re-transferring to improve transmission efficiency.
Byte cache has an ability to reduce data amount during transmission, such as: origin file is 10M at both sending end and receiving end, data amount may probably reduce to 100K after optimisation procedure by WAN Optimization appliance. It means user has extend his bandwidth logically by using WAN Optimization appliance while the actual bandwidth remains the same, but simultaneously the data amount has reduced to 1/10 even 1/100 compares to the original size which leads to the conclusion that the logical bandwidth has expand by 10-100 times. Not all the data can be optimised by byte cache in real network environment; data which can be optimised gets different effect as well. But user will experience bigger bandwidth throughput and much higher speed.
|SNAT & DNAT||↑TOP|
SNATDue to special properties of certain protocols, server need to judge source address of data packet, if source address in received packet header different from source address encapsulated, the server will reject the corresponding request from this data packet. In this caste, we need WANO-S to restore source address into IP address (192.168.0.1) at client end. When data packet arrives at WANO-S, destination address will be restored to the original server address (172.16.0.1) but source address restore into original client end address (192.168.0.1) is optional. The benefit is: when it happens to unsymmetrical route, shut SNAT down, no matter data packet choose line A or line B, to server it’s WANO who forwarded it to server, in this caste we avoid the influence that unsymmetrical might cause.
DNATOnly if the data packets pass the DNAT process, it will be conducted to acceleration module of WANO-C by data packet detecting module in WANO-C, it will transmit through acceleration tunnel between two WANO appliances.
|LZO is a compression algorithm which
dedicated on speeding up decompression. It’s short for
Lempel-Ziv-Oberhumer with following benefits: easy decompressing with
high speed; no memory is needed; high speed compression; 64KB memory is
needed during compression; adaptable of increasing compression rate in
the cost of reducing compression speed while maintaining the
decompression speed; generate compression level beforehand to secure a
competitive compression ratio; another 8KB memory compression level is
also available; the algorithm is thread-safe; the algorithm is lossless.
LZO compresses data block into matched data (sliding dictionary) and unmatched literal serials. LZO treats long matched data and long unmatched literal serials in a bespoke technology which has a distinctive effect on these kind of high redundant data and fair effect on incompressible data, LZO expands the input data block by 16 bytes per 1024 bytes in caste of processing the incompressible data to ensure the effect.
|Web Push is a specialized acceleration technology by pre-fetching the web objects in the branch end so that they can be fetched locally when client end needs to fetch these certain objects to speed up the http web accessing.|
|Dynamic IP addressing||↑TOP|
|When dynamic IP address at both end of VPN tunnel, traditional method will not work because of both ends cannot secure the IP address of each other. By using this technology, WAN Optimization devices will find the IP address at each other end dynamically and then set up VPN tunnel.|
|Set up multiplex VPN tunnel with multiplex bandwidth and failover, for example: there are two internet lines at each end of the VPN device that established the tunnel, thus this tunnel can generate 2*2=4 VPN tunnels and guarantee the reliability and stability of VPN by certain algorithm.|
|When VPN tunnel disconnected due to outages, the system will automatically discover the fail and reorganized the new VPN tunnel before network connection recovered to ensure the fluency of VPN tunnel.|
| Quality of Service (QoS) is a
technology solution that overcomes the limitations of standard routing
and enables you to tailor traffic routing according to your
requirements. SANGFOR QoS provides the following benefits:
Bandwidth guarantee: guarantee mission-critical applications minimum bandwidth which will support them, even in the event of encountering application like P2P, the bandwidth will remain at a certain level. If mission-critical applications were not in use or we didn’t guarantee the 100% occupation of the bandwidth, the rest bandwidth will be grabbed fairly by other applications, is this caste not only we guarantee the bandwidth requirement of mission-critical applications, but improve the whole bandwidth utilization ratio as well.
Bandwidth restraint: restrain non-mission-critical applications to spare more bandwidth to ensure the quality of mission-critical applications.
Priority setting: due to different application critical level, we set different priorities, when bandwidth congestion happens, the priorities valid. Bandwidth meets the application with the highest priority, same with the rest.
Bandwidth reservation: we reserve fixed bandwidth for certain special application and special IP, no matter reserved bandwidth in use or not, the other applications and IP cannot grab it.