Optimizing WAN Performance in a Cloud-based Environment

As networks rush into a cloud-based environment, there's a major question to be answered: "How do you ensure performance in this brave new world?"

Of course, the simplest form of ensuring network performance was always to use dedicated transmission services - from T1/E1 to SONET/SDH links - between sites.  Each link (so long as it's in service) has a guaranteed number of bits per second that get transmitted between sites.

But the problem (of course) with dedicated services is that most of the bandwidth is idle most of the time, so the services were/are relatively quite expensive.

The next stage of evolution and and the first of virtualization was the introduction of packet-based services - including frame relay, ATM, MPLS, and IP-based networks, both "private IP" and Internet-based.  These nets provide excellent economy, but with that economy comes a lack of guarantees.  But, in general, you can get as much of a guarantee as you're willing to pay for.  So there is still an expected level of service.

Moving other services into "the cloud" now provides yet another excellent opportunity for a great performance per price increase.  However, you are now faced with a combination of two "unknowns."  There's the the access network and its performance coupled with the cloud-based service and its performance in a virtualized environment.

So while the opportunities are great, they are met with an equally high level of uncertainty.

Please join my fellow analyst and Co-founder of the Webtorials Analyst Division, Jim Metzler, as we discuss these issue with Thierry Grenot, Chief Technology Officer of Ipanema Networks.


Thank to both of you for joining me for this discussion.

In order to make sure that we are speaking from a common perspective, which is always an issue with hot new technology/terminology such as "clouds," I'll point out the clouds are usually divided into three classes, for lack of a better word. There are "Public Clouds," "Private Clouds," and "Hybrid Public-Private Clouds."

Jim, can you please give us a succinct overview of the difference between these?

Thanks, Steve. Indeed, this is a key distinction. The simplest way to differentiate between the "types" of clouds is:

A "Public Cloud" is provided by a 3rd party such as salesforce.com or rackspace.

A "Private Cloud" is provided by an internal IT organization.

A "Hybrid Cloud" is some combination of the above - used in a variety of ways.

Jim, you mention that the "Private Cloud" is provided by an internal IT organization. How is that fundamentally different from a traditional corporate internal IT infrastructure?

A private cloud differs from a traditional internal IT organization in that it uses the same techniques that public cloud providers do to gain efficiencies and become more agile; e.g., virtualiztion, automation, centralization.

Thierry, I mentioned in my opening remarks that with a cloud-based network, now both the access network and the services itself are out of the direct control of the IT managers.

Can you address this loss of control with access to a public cloud service a) simply for virtualized servers and storage and b) for use with applications?

How does Ipanema help bring return some of this control?

Hi Steve. Actually the main difference between public IaaS/PaaS (where the enterprise deploys its applications over rented servers) and SaaS (where it 'just' uses an highly standardized application) is the ability for the IT department to combine its application servers with additional visibility, control and optimization technologies, which is reasonably easy in the former case and practically impossible in the latter (at least for the moment). Otherwise, the control needs are the same in both case: understand the application flows and their performance, guarantee the allocated resources, select the best access network and in some case, provide acceleration.
Ipanema's ANS (Autonomic Networking System) combines all these features in a user-centric approach that fits with a mix of private and public cloud deployment. Technically speaking, this implies a mix of physical, tele and virtual devices tightly coupled by an Autonomic Control plane and enabling a new generation of "objective-based" control.

Thanks Thierry! But you know me. Always looking to dig a little deeper.

If I understand your response to the first part of the question, there are some significant advantages that you can bring to IaaS/PaaS and similarly, there's very little that anyone can do to help with a standardized SaaS (e.g. Salesforce) because the application performance is at the mercy of the Internet. Or at least that's the case until SaaS providers offer enhanced connectivity (maybe via MPLS?) and/or they happen to implement an instance of ANS as a part of the SaaS. ;-)

I understand that ANS offers enhancements for IaaS/PaaS. But can you say more about how you do this?

For instance, does one load a software image of the ANS suite on a server at the cloud site - especially since deploying hardware appliances and "cloud" are pretty much contrary ideas?

Ok Steve, let's dig together, then :-) Actually there are several aspects to consider to improve the performance of cloud based applications. First, the control of the branch office is key and in this respect ANS applies to any modes (IaaS, PaaS, SaaS) as it classifies and controls invidually any user flow. Second, the control of the network (MPLS or Internet) where ANS can dynamically select the best access among a list of network (remember our discussions about hybrid network unification a.k.a. HNU?). Finally, the control of the datacenter: in IaaS/PaaS mode, deployment of a virtual applicance belonging to the customer's ANS infrastructure is an option of choice. For SaaS, the deployment model will be different as only the application is accessible (not the - virtual - infrastructure), and will require other solution. While this is a bit early to discuss this point, I can only say that this will come in the near future.

One of the most recent developments in cloud-based services is that in addition to services like SalesForce that require good performance but do not need to meet precise delay guidelines, there are now companies offering cloud-based realtime services (such as VoIP and UC).

How realistic is this considering that the most probable access is via an Internet connection? Can Ipanema help with these services, or do you have a recommendation?

Unified Communications implies an healthy decoupling between control and data/voice/image. You may quite easily imagine to deploy in a cloud environment a pbx controler: the call control is not "that" real-time, and finally cloud pbx is quite similar to the good old centrex - nothing really new. Sending voice-read email, written voicemails or time-differed video is not real-time.
It comes really tricky when you implement real real-time features like voice and video conferencing for example, with a cloud-based bridge. Two elements are key here: of course the performance of the network and also the control of the access line: you probably expect your phone call to work even when your Outlook client suddenly decides to sync with the - cloud based, why not - Exchange server, aren't you?
Ipanema implements a very complete suite of technics providing the full control of the access line which is tightly combined with a unique, performance-based dynamic WAN selection to always use the best possible network.

You make an excellent point that many VoIP/UC applications are "near-real-time" (NRT) rather than "real time." For instance, all control functions are NRT and only the media stream itself needs to be real time.

Again, as will not surprise you, can you say more on what some of the techniques are that help provide, as you put it, "full control of the access line"?

This means that any user flow must be understood, classified and controlled according to:
- its importance to the business (YouTube 'might' be less critical than the CEO video commenting the last quarter results);
- its technical requirements: real time, near real time, transactional, data transfer, etc...
- and of course the user behavior (she/he needs to read, think and do a lot of other things before initiating the next transaction over the very same connection).
All of this is at the core of the ANS datapath capabilities.

So, Thierry, what do you see as some of the most important options that are available for a company to ensure good performance - or at least to make sure that performance is not horrible?

My take is that enterprises must think global and refrain to deploy specialized stuff each time a new issue occurs. I plead for an holistic approach where all applications and all delivery modes are taken into account simultaneously: after all, we no more think of deploying one network per application while virtualization allows to use the very same hardware server for many different applications - Only an all-in-one approach can associate efficiency, easy operations and low TCO.

I totally agree with the holistic approach. In fact, we are closer than ever to the point where we have a truly converged network where the communications infrastructure and the applications are inextricably linked.

What do you see as the most important two or three steps to reaching this ultimate goal?

In my opinion, this is a matter of perspective. As long as we think bottom-up, the problem is too complicated: it's just like petting your cat in the wrong way - beware the claws! In a top-down approach, you start from the objectives and you infer the means. To come to your point, I would say:
- start from the result you want to reach (KPIs, guarantee of critical apps performance...)
- use a tool that is intelligent enough to take in charge the real-time part of the job and let it do the dirty job
- concentrate on what matters: stop troubleshooting your WAN, govern it!

Return to
Thought Leadership Series

Recent Comments