What is protocol spoofing as it relates to WAN optimization and application delivery technology?
Have a WAN optimization question? Email our experts or consult your peers at the IT Knowledge Exchange.
When talking about any kind of "spoofing," most IT professionals assume we're discussing a type of IT security attack -- like content spoofing, where a hacker presents a fake website to an end user as if it were legitimate; IP spoofing, where a hijacker conceals a hosts identity to look like a real one; or Caller ID spoofing, where callers can masquerade as someone else by falsifying the number on a Caller ID screen.
"Protocol spoofing" is actually a homonym, expert Ed Tittel explains: In the information security world, protocol spoofing masks a TCP packet to look like something legitimate. In the world of application delivery optimization, it is not malicious -- but rather helpful in optimizing traffic across a wide area network. Protocol spoofing is a WAN optimization technique that is synonymous with the term "protocol substitution."
To optimize notoriously slow and chatty protocols -- like TCP and Server Message Block -- some WAN optimizers, application delivery controllers and network gateways can respond to protocol messages rather than the endpoint that is farther away. These devices (whether hardware or software) connect a bandwidth-hungry protocol, like TCP, to a lower-bandwidth protocol, like UDP, so that there are fewer packet headers and network handshakes. This type of spoofing makes applications more responsive.
According to Henry Svendblad, protocol spoofing reduces the number of round trips it normally takes for a transaction to take place. In example, the Common Internet File System, or CIFS, file transfer protocol allows only a certain amount of data to be read or written at one time, even if the underlying transport protocol is able to read or write more data at a time. This type of protocol can make a file seem like it is taking forever to transfer. Protocol spoofing can reduce the number of round trips needed to send data, by using predictive algorithms that identify files and subdirectories that may be accessed by the end client.
For more information: