Manage Learn to apply best practices and optimize your operations.

How to accelerate encrypted traffic using WAN optimization

WAN optimization controllers (WOCs) solve branch office server consolidation problems, but not all those around encrypted traffic. Learn how certain wide area network optimization techniques can handle data and the CIFS protocol, in this section of the 'The Ultimate Guide to Gaining Control of the WAN.'

Many of today’s cost-saving IT projects, like server consolidation, are placing excessive pressure on the wide area network (WAN). Fortunately, dictionary compression can solve server consolidation challenges, but if your WAN is transferring random data like encrypted traffic -- Secure Sockets Layer (SSL) for example -- compression is not the best WAN optimization technique to use.  In part two of the e-Book, The Ultimate Guide to Gaining Control of the WAN, learn how WAN optimization controllers (WOC) and certain acceleration techniques can effectively speed up delivery of encrypted traffic to branch offices. Navigate the table of contents to read other sections of this e-Book or skip down to learn more about how to accelerate encrypted traffic using WAN optimization.

Table of contents
Part 1: Save WAN costs with branch office server consolidation
Part 2: How to accelerate encrypted traffic using WAN optimization
Part 3: Virtual desktop infrastructure problems solved by WAN optimization
Part 4: Using the WAN for telepresence, video conferencing
Part 5: Using WAN optimization for bandwidth management and monitoring
Part 6: Update network security architecture during server consolidation
Part 7: Wide area network optimization: Do it in-house, or use a WAN service provider?

WAN bandwidth optimization technique such as compression. Most WAN optimization appliances get around this problem by first un-encrypting the SSL traffic, compressing it and then re-encrypting it. The two endpoints never know this happens and thus require no changes. How the WAN optimization controllers (WOCs) perform the de- and re-encryption differs from vendor to vendor.WAN managers must carefully understand how appliances handle SSL-encrypted traffic to ensure it is the best fit for their environment and works with their key management system.

Reducing the size of the data generated by server consolidation solves only part of the problem created by server consolidation. Response time is still affected by the inefficiencies of the Common Internet File System (CIFS) protocol. WOCs solve this problem by optimizing CIFS. CIFS works as an end-to-end protocol between the application running on the user’s PC and the Microsoft server. WOCs optimize it by first breaking the end-to-end nature. The WOC in the branch office acts like the server to the user’s PC, and the WOC in the data center acts like the user to the server.

An example best demonstrates how this will improve response time. When a user requests a file, the server sends several blocks of data to the PC. After the PC has received the blocks of data, it sends an acknowledgment back to the server, which tells the server to send the next block of data. The latency of the WAN causes the file to take longer than it did over the local area network (LAN) because the server has to wait a lot longer for the acknowledgment to make its way back. The WOC overcomes this problem by stepping into the middle of the process. When the PC requests the file, the WOC passes the request to the server. The server then sends the blocks to the WOC, which immediately passes them onward to the PC. But at the same time, the WOC immediately sends an acknowledgment back to the server, acting as if the PC has already received the first blocks. This causes the server to immediately send the next blocks of data.

The process continues, with the data center WOC quickly getting the entire file and sending it on to the WOC at the branch office. The WOC at the branch office sends the first block of data to the PC, which sends an acknowledgment. Instead of passing this acknowledgment back to the server in the data center, the branch office WOC sends the next block of data, acting as if it is the server. The key is that the two WOCs are keeping the acknowledgments local and quickly receiving and sending the blocks of data. This improvement can make files appear to be local to the user, solving the response time problem of moving servers to the data center.

The final major hurdles for server consolidation are the services, including Dynamic Host Configuration Protocol (DHCP), domain name system (DNS), active directory and local printing.WAN optimization vendors have either engineered their own versions of these servers or partnered with Microsoft to achieve this functionality. Most WOCs can act as if they are Microsoft servers for these functions, keeping them local. Since each vendor’s implementation is unique to its product, WAN managers need to understand how they fit within their environments.

Continue reading part three of this e-Book to learn how WAN optimization solves virtual desktop infrastructure problems.

About the author:
Robin Layland is President of Layland Consulting. As an industry analyst and consultant, Robin has covered all aspects of networking from both the business and technical side, and has published over 100 articles in leading trade journals including NetworkWorld, Business Communication Review, Network Magazine and Data Communications. Prior to his current role, Robin spent a combined fifteen years at American Express and Travelers Insurance in a wide range of jobs including network architect, technical support, management, programming, performance analysis and capacity planning.

This was last published in November 2010

Dig Deeper on WAN optimization and performance