Enterprise WANs face two main areas of concern:
connectivity and applications. With linkage, key issues include limited
bandwidth, long network delays and severe packet loss. With
applications, complications arise from transmission of large volumes of
data and low transmission efficiency of the applications themselves
(which were most likely designed for LANs) when operating across a WAN.
SANGFOR
WAN optimization delivers multi-layer WAN optimization, improving the
data transmission efficiency over physical links and significantly
improving application responsiveness, especially in environments of high
packet loss and high latency. Improvements are especially noticeable
with applications that work very inefficiently over the WAN (such as
Microsoft Exchange).
>SANGFOR WAN optimization uses
signature-based stream caching, which can reduce redundant WAN data by
as much as 30 to 90 percent. Its multi-layer optimization results in
much speedier data transmission, avoiding or delaying expensive
bandwidth upgrades, accelerating user traffic and ultimately delivering
excellent ROI.
>After deploying SANGFOR WAN optimization
solutions, enterprise headquarters, branch locations and partners can
experience accelerated network performance of important applications and
data, anywhere in the world. SANGFOR WAN optimization delivers a
LAN-like experience over the enterprise WAN.
>For a more
scalable, complete infrastructure acceleration solution, look no further
than SANGFOR WAN optimization. The products can also leverage built-in
VPN to provision an accelerated VPN service to support remote users with
flexible and diversified virtual enterprise connectivity.
>SANGFOR
is the first vendor in Asia to conceive of its innovative WAN
optimization concept and offer real world solutions. The company has
customers from a wide variety of industry segments who are enjoying the
speed, security, reliability and cost-effectiveness ROI of WAN
optimization.
| High speed |
| Function |
Description |
 Transmission protocol optimization |
Adaptive TCP proxy and HTP transmission protocol in high-latency, high-packet-loss network environments |
 Byte-caching technology |
Supports multi-disk, bi-directional and fragment-packet acceleration |
| Application proxy |
Supports proxy for TCP, CIFS, HTTP, HTTPS, FTP,
POP3/SMTP and MAPI protocols; supports acceleration of Web, HTTPS, FTP,
Network Neighborhood, Lotus Notes, Exchange, SAP(B/S), SharePoint,
Oracle Database and other applications |
 compression algorithm |
Provides hardware-based GZIP and LZO high-speed stream compression algorithm |
 WebPush technologies |
Via WebPush function, conducts intelligent analysis
of HTML request pages, to self-define settings for pre-fetching cache
elements, and to improve Web application's accessing speed |
| Flash-link |
Flash link technology (improve data transmission speed) and addresses effects of high-packet-loss |
 Intelligent QoS function |
Sets QoS policy based on application, direction,
source address, destination address and effective time, and supports QoS
allocation based on lines |
 Bandwidth management |
Integrated with SANGFOR IAM bandwidth management feature: application identification, traffic shaping, etc. |
| Security |
| Function |
Description |
 Tunnel encryption |
Built-in AES 128-bit encryption algorithm; enhance other encryption algorithms, guaranteeing data security |
 Data integrity |
Uses MD5 and SHA algorithms to guarantee data integrity |
| Enterprise level firewall |
Built-in Stateful Packet Inspection
enterprise-level firewall provides packet filtering, URL filtering,
access monitoring, DHCP services and other security functions |
| External and internal DOS attack resistance |
Effectively prevents internal and external and internal DOS attack |
| Usability |
| Function |
Description |
 Configuration |
Supports SNMP, the standard network administration
protocol; Configuration wizards speed up user deployment; Auto
identification of protocols based on contents, simplifying application
acceleration configuration |
 Management authorization |
Functionality managed via various levels of access privileges, including Administrators and Users |
 Logging and reporting |
Provides visibility into a wide range of system information,
including logs for alarms, errors and debugging. Allows use of
stand-alone log servers, examination of real-time and historical
traffic, analysis of accelerated and non-accelerated traffic and
sessions, and report generation and export |
| Backup function |
Data resilience via local and remote backup and recovery; Logs are backed up as files |
 Transparent acceleration |
Restoring the original connection information after acceleration |
 Easy deployment |
Supports import of WCCP V2 traffic, supports
import of strategy routing PBR traffics, support CDP, and supports
import of four-layer switch traffic; Default two directions acceleration
on the whole network segment |
| Scalability |
| Function |
Description |
| VPN module |
Built-in IPSec VPN module |
 Portable Accelerator |
Supports acceleration effects via installation of PACC software on client PCs |
 Bypass |
Supports hardware Bypass (Optional for low-end equipment) |
| Leading technology |
SANGFOR WAN optimization greatly benefits the
performance of Web, HTTPS, FTP, Network Neighborhood, Lotus Notes,
Exchange, MS SQL, ERP, CRM and other business applications. Regardless
of the physical location of branches and business partners, WAN
optimization accelerates their important data and applications for a
LAN-like experience across even a worldwide WAN.
|
| Low quality communications environments are accelerated the most |
Poor quality environments benefit the most with
SANGFOR WAN optimization. Such environments are typically poor quality
physical links, with high packet loss and high latency. They include
satellite links, transnational links, and inter-operator connections.
Certain applications (such as MS Exchange) will also greatly benefit
from WAN optimization, which compensates for the applications’ original
design to be used on LANs and not WANs.
|
| High ROI |
SANGFOR WAN optimization provides more scalable
whole-network acceleration solutions with reasonable price. In addition
to acceleration of existing lines, SANGFOR WAN optimization delivers an
accelerated VPN infrastructure to connect remote users and sites with
flexible and diversified accelerated connectivity by virtue of its
built-in VPN service. For small branch sites, its software client can
help reduce costs by providing accelerated connectivity via low-cost
broadband solutions (instead of expensive leased lines).
|
| WAN Optimization |
↑TOP |
WAN Optimization technologies address
optimisation solution which turns out WAN experience into LAN. By
optimising data layer, transport layer and application layer, provides
customer whole new wide area network experience: avoid redundant data
transmitting; adopt more stable, faster transmission protocol; improve
application system work efficiency. Apart from this, WAN Optimization
technologies offer whole new wide area network construction solutions to
IT manager by reducing huge investment to lease lines, avoiding large
scale network infrastructure implementation to help enterprises
achieving the green IT.
SANGFOR Technologies adopted following technologies to help you achieving WAN Optimization |
| TCP Proxy |
↑TOP |
By deploying SANGFOR WAN Optimization
appliance at each end through the wide area network, in the process of
TCP connection, WAN Optimization appliance ‘monitoring’ the message of
‘ACK’ in traditional TCP handshake process and capture it. It turns the
originally one segment TCP connection between client and server out into
three segments of TCP connections. WAN Optimization appliance at client
end acts as a server at client end while at the same time the other WAN
Optimization appliance at server end acts as a client at server end, by
means of this, the former three times TCP handshakes through wide area
network turns out to be finished in local area network, highly improved
TCP connection succeed ratio.
TCP Proxy cuts delay overlying during TCP
transmission which is caused by RTT with the method of local response;
it is suitable for high delay environment. Especially during the first
time transmission, user will experienced an obvious speed up. TCP proxy
supports much more towards Application Proxy. Although WAN Optimization
does not support Application Proxy to some of the applications, but due
to the effect of TCP Proxy, WAN Optimization still can improve the
performance of these applications.
|
| Byte cache |
↑TOP |
SANGFOR originally designed ‘byte
cache’ is able to cut redundant data at maximum extent during data
transferring to improve bandwidth quality.
When data pass through WAN Optimization
appliance, it will be cut into data segments at 100-200B at the same
time be allocated with a unique label (10B) to send to the peer end WAN
Optimization appliance(storage data bases at both end of the WAN
Optimization device are precisely matched ). In following transferring
process, any data or file will be cut into data segments by WAN
Optimization appliance and matched one by one with the current data
segments. If match successfully, only the corresponding labels will be
transferred the peer end WAN Optimization appliance and at the same time
restore the labels into data segments. If match unsuccessful, both the
data segment and label will be sent to the peer end WAN Optimization
appliance to ensure the equality at each end of WAN Optimization
appliance.
WAN Optimization appliance designates each
segment a unique label, this label not only include corresponding data
information but partial information of the neighbour data packet, in
this caste, when a data packet loses, WAN Optimization appliance will
restore the lost packet according to the label of neighbour data packet
without re-transferring to improve transmission efficiency.
Byte cache has an ability to reduce data amount
during transmission, such as: origin file is 10M at both sending end and
receiving end, data amount may probably reduce to 100K after
optimisation procedure by WAN Optimization appliance. It means user has
extend his bandwidth logically by using WAN Optimization appliance while
the actual bandwidth remains the same, but simultaneously the data
amount has reduced to 1/10 even 1/100 compares to the original size
which leads to the conclusion that the logical bandwidth has expand by
10-100 times. Not all the data can be optimised by byte cache in real
network environment; data which can be optimised gets different effect
as well. But user will experience bigger bandwidth throughput and much
higher speed.
|
| SNAT & DNAT |
↑TOP |
SNAT
Due to special properties of certain protocols,
server need to judge source address of data packet, if source address in
received packet header different from source address encapsulated, the
server will reject the corresponding request from this data packet. In
this caste, we need WANO-S to restore source address into IP address
(192.168.0.1) at client end. When data packet arrives at WANO-S,
destination address will be restored to the original server address
(172.16.0.1) but source address restore into original client end address
(192.168.0.1) is optional. The benefit is: when it happens to
unsymmetrical route, shut SNAT down, no matter data packet choose line A
or line B, to server it’s WANO who forwarded it to server, in this
caste we avoid the influence that unsymmetrical might cause.
DNAT
Only if the data packets pass the DNAT process, it
will be conducted to acceleration module of WANO-C by data packet
detecting module in WANO-C, it will transmit through acceleration tunnel
between two WANO appliances. |
| GZIP |
↑TOP |
| GZIP compresses static files such as
HTML, JavaScript, CSS and dynamic files as asp, aspx, php, jsp, etc. The
biggest advantage of this compression algorithm is to speed up the
access speed of browser at client end by reducing the data flow
transmitted. |
| LZO |
↑TOP |
LZO is a compression algorithm which
dedicated on speeding up decompression. It’s short for
Lempel-Ziv-Oberhumer with following benefits: easy decompressing with
high speed; no memory is needed; high speed compression; 64KB memory is
needed during compression; adaptable of increasing compression rate in
the cost of reducing compression speed while maintaining the
decompression speed; generate compression level beforehand to secure a
competitive compression ratio; another 8KB memory compression level is
also available; the algorithm is thread-safe; the algorithm is lossless.
LZO compresses data block into matched data
(sliding dictionary) and unmatched literal serials. LZO treats long
matched data and long unmatched literal serials in a bespoke technology
which has a distinctive effect on these kind of high redundant data and
fair effect on incompressible data, LZO expands the input data block by
16 bytes per 1024 bytes in caste of processing the incompressible data
to ensure the effect. |
| Web Push |
↑TOP |
| Web Push is a specialized
acceleration technology by pre-fetching the web objects in the branch
end so that they can be fetched locally when client end needs to fetch
these certain objects to speed up the http web accessing. |
| Dynamic IP addressing |
↑TOP |
| When dynamic IP address at both end
of VPN tunnel, traditional method will not work because of both ends
cannot secure the IP address of each other. By using this technology,
WAN Optimization devices will find the IP address at each other end
dynamically and then set up VPN tunnel. |
| Multiplexing |
↑TOP |
| Set up multiplex VPN tunnel with
multiplex bandwidth and failover, for example: there are two internet
lines at each end of the VPN device that established the tunnel, thus
this tunnel can generate 2*2=4 VPN tunnels and guarantee the reliability
and stability of VPN by certain algorithm. |
| Tunnel self-recovery |
↑TOP |
| When VPN tunnel disconnected due to
outages, the system will automatically discover the fail and reorganized
the new VPN tunnel before network connection recovered to ensure the
fluency of VPN tunnel. |
| QoS |
↑TOP |
Quality of Service (QoS) is a
technology solution that overcomes the limitations of standard routing
and enables you to tailor traffic routing according to your
requirements. SANGFOR QoS provides the following benefits:
Bandwidth guarantee: guarantee mission-critical
applications minimum bandwidth which will support them, even in the
event of encountering application like P2P, the bandwidth will remain at
a certain level. If mission-critical applications were not in use or we
didn’t guarantee the 100% occupation of the bandwidth, the rest
bandwidth will be grabbed fairly by other applications, is this caste
not only we guarantee the bandwidth requirement of mission-critical
applications, but improve the whole bandwidth utilization ratio as
well.
Bandwidth restraint: restrain
non-mission-critical applications to spare more bandwidth to ensure the
quality of mission-critical applications.
Priority setting: due to different application
critical level, we set different priorities, when bandwidth congestion
happens, the priorities valid. Bandwidth meets the application with the
highest priority, same with the rest.
Bandwidth reservation: we reserve fixed bandwidth
for certain special application and special IP, no matter reserved
bandwidth in use or not, the other applications and IP cannot grab it.
|
WAN Optimization
