WANs Take Centerstage: what's making them faster, secure and more reliable?

Book Reviews

Simplify Web Applications with Stripes

An Extra Edge for your Network

Catching Java Bugs with Tiger

There's an increasing need for organizations to communicate more effectively, whether it's within the office between offices across different geographical locations. This calls for a robust communication infrastructure. While local communication isn't so difficult, as you have plenty of bandwidth on the LAN, and voice calls are also pretty cheap, the trouble comes while communicating over long

distance. Using basic email and phone calls is just not sufficient anymore. For instance, you can afford to have a web page not loading from a website, but what if it's your business application? You can't afford to have packet losses on that. Moreover, this communication has to happen over secure links and in encrypted format. This also raises another question. Is your business application optimized to work over WAN links? Can it work over a low bandwidth connection? Several key trends are taking shape in WANs, which can help in answering these questions. For instance, one Web technology making waves in the Internet world is AJAX, which can help enterprise applications run over low-bandwidth connections. IPVPNs are picking up for secure communication over long distances, and there's even an option to outsource your WAN infrastructure management. In this story, we look at all these and more for your consideration.

IP-MPLS is the default choice
Deepak Maheshwari Secretary – ISP Association of India

Being more nimble and closer to the customer as well as operating in a highly competitive market, it should not come as a surprise that ISPs began offering VPN services in India in 1999. Slowly, VPN based on IP-MPLS technology has become the de facto platform of choice for WAN-again, a trend started by the ISPs in India almost five years back.

Large organizations could extend leased line networks only to select sites due to high cost and the skills required to manage the same, even they are choosing VPN to augment more and more sites within their networks. At the same time, for many SMEs who could not ever think of multi-location leased line networks, VPN opens up new opportunities. One needs to connect to the local PoP of the service provider at the respective locations and thereafter, the service provider ensures the transmission across different locations. Moreover, the CIO can add and modify locations, bandwidth, priority and even the physical media and/or routing-all this on-the-fly on a real-time basis using a dashboard on his screen and respond to the mission-critical business support system. In the times to come, security and manageability would become more crucial as well as anything that lets the users manage the priority in an even more dynamic and challenging fashion. There would be a higher mix of physical media; the size of the WANs is also set for massive growth-to thousands of locations as the enterprise connectivity is extended to partners, vendors, suppliers and customers!

Thus, a VPN offers reliability, security and quality on a public network with the added benefit of flexibility. Actually, VPN also bestows us with the benefits of openness and efficiency inherent in the Virtuous Public Network better known as the 'Internet'. Usage has also evolved to beyond just data to include voice and video. For more than one and a half year, the confusion over the licensing pre-requisites for VPN have kept many a prospects to take the plunge for VPN - more than anything else. However, that stage is over. In fact, in the latest amendments to the licenses 'leased line' itself has been defined as VPN!

IP VPNs are emerging as a popular WAN connectivity solution, since it provides both technological and business benefits over traditional VPN technologies. In fact, the world over, they're fast replacing legacy Frame Relay and ATM networks that were used by enterprises. This is largely because of the huge cost advantage that they offer over the legacy technologies.

Currently, there are several different types of deployments available for IP VPNs. If the requirement is to provide remote access to individual users, then that would use SSL or IPSec encryption for the job. As SSL doesn't require any clients, it makes for the cheapest extranet solution.  As a result, SSL VPNs are the obvious choice for remote-access technology as they integrate end-point security and stronger authentication within themselves in the times to come.

If multiple sites are to be connected, then the solution is site to site IP VPN, while if a very large enterprise class IP VPN is required, then there's the Multi-Label Protocol Switching based IP VPN, which uses a large carrier's MPLS solution. MPLS has gained momentum because with this one technology you can converge all means of data transfer that include data, video and audio. Consequently, standardization efforts need to be made for both network-to-network and user-to-network interfaces. While MPLS seems to offer great convergent solutions, quality of service and support for firewalling, spam and content filtering, it lacks on one factor: that it does not offer the required level of encryption. And that's the end where the IPsec picks up from. It provides the necessary encryption to make use of the Internet as the carrier for transferring data across WANs. 

So these technologies have turned out to be serious contenders with the enterprises for both fresh deployments as well as upgrades. And what remains to be seen is which sectors of the enterprise go in for building them themselves and which ones would want to buy them.

WAN optimization
The philosophy deals with removing the latency associated with data transfer over WANs. Current WAN optimization devices claim to provide three to five times the native transfer speeds. For this, the devices use CIFS (Common Internet File Sharing) protocol. This is in line with the increase in the number of vendors offering WAFS (Wide Area File Services)-which is basically, file and print services over WANs. WAFS has a two-fold purpose: one, it helps take over file server facilities at branch office levels as well as provide a common data storage location for compliance purposes. WAFS devices are expected to take over a major share of enterprise WAN based file services in the coming years and a number of products are available from vendors such as Cisco, Juniper Networks and F5. 

However, manageability of WAN optimization devices are still not quite yet on-par with similar devices and systems-so, you would need to seriously sit down with your vendor and look at what features it offers before making the investment since downtimes here can become quite costly to your business.

Cut costs: outsource connectivity

High speed links We're witnessing a shift by corporates towards high capacity bandwidths. This is being driven by reduction in costs of DS-3 links and STM1 links. This enables enterprises to add more users and applications at the same costs.

MPLS based networks MPLS technology is becoming a popular option among organizations managing multiple links. MPLS provides inherent benefits of higher speed, security and cost-effectiveness.

Instead of buying multiple links, enterprises seek the assistance of Service providers using Metro Ethernet networks or MPLS (Multi Protocol Label Switching) based networks to provide secure virtual circuit connection services over Ethernet networks to offer the benefits of traditional frame relay connections, but much higher bandwidth at a lower cost.

Outsourcing The other trend is to outsource wide area connectivity. This usually turns out to be cost-effective and hassle free. The current trend is to use several service providers in order to exploit the best capabilities of each, and have a single-window entity for management, troubleshooting and payment.

An organization can use a single service provider entity for all it's management, monitoring and billing needs, and possibly a third party NOC that will manage and monitor its WAN, and provide services like VPN, video-on-demand and managed security.

Adaptive WANs
How would you like a network that is always available, ultra-reliable and very predictable at all times? Well, if Ciena's offering is not a dream, it does just that. It's called an 'Adaptive WAN' and is being pushed forward for business continuance applications in enterprises. This WAN does not require new deployments and can be used with your existing deployments. Multiple applications can be collated into one 'wire' (so to speak), enabling a high degree of manageability. Applications can be monitored and tuned for reliability. The Adaptive WAN is suited for enterprises that have multi-site assets and operate on time-sensitive applications.

Wireless broadband
Devices that are wireless and online are significantly going mainstream. These include both personal computers like laptops and smart phones. The advent of high-speed mobile communications (although not yet prevalent in India) like 3G are increasing the number and criticality of the enterprise applications that can be used from such devices. 

The TIA (Telecommunications Industry Association, UK) predicts that there would be about 270 million wireless devices in use and online worldwide in the next three years. Already, we are well on the way there, with 25 million wireless devices being deployed in the past one year alone.  This trend could well be helped along by the shot in the arm that wireless services are due to get quite soon with the introduction of UTMS TD-CDMA that offers 40-70 Mbps transfer rates when you're moving at nearly 130 Kmph. UTMS TD-CDMA is an emerging 3G standard (packet switched data and VoIP transmissions with QoS) that is slated to significantly change the way our mobile networks operate.

A high 74% of the IT executives surveyed by a London-based firm earlier in February reported they outsourced their WAN worries, mostly because of lower running costs and manageability. Other major pain points included the ability to troubleshoot quickly, timely restoration of links and billing.

Running costs go on a rise when more workers logon to their workplace from all over the globe as enterprises expand operations and move out of their single-campus presence and seek out the world.

The ability to guarantee connectivity and reliability of that connection to your remote workers needs personnel presence at those remote sites, not a very pocket-friendly prospect for most enterprise, regardless of size and skill. This necessitates off-loading those concerns to a third-party entity, who may do it at a lesser cost.

Higher bandwidth
Bandwidth costs have plummeted and availability has doubled over the past year. ISPs in India have correspondingly passed on those benefits to their customers-by upgrading bandwidth packages at no additional cost twice in the last one year.  However, it appears that this has not come completely free of cost. There is a raging debate going on about how the rising costs of maintaining smooth functioning of the Internet be managed.

Rajesh Shetty, Regional Manager – ITS, Cisco Systems – India and SAARC

There is a move towards the managed services scenario. Though we'll see greater adoption of MPLS in the BFSI segments, largely due to the need to maintain and manage multiple links; private networks will also continue to operate. For instance, in the ITS

segment, we will witness upgradation on the existing networks and infrastructure.

Having said that, choosing solutions providers for one's IT infrastructure requirements can be a tricky business. Several factors need to be looked into before SLAs (Service Level Agreements) are finalized to ensure satisfactory levels of service.

There is also a need for industry representatives, industry associations like Nasscom and IBA and vendors to

partner to understand and address the unique requirements of each vertical. This is essential to ensure optimal     performance and functionality of the networks.

Some say that the costs should be off-loaded onto the home user, which has been subsidized by business accounts for a long time. This would be accomplished by a user-neutral policy, where both sets of customers would be treated on par by the ISP and provided QoS on par with each other. The other camp believes that current parity needs to be maintained for fear of losing the pie completely. A third camp advises an application-fee based regime where the cost of service would be linked to the type of application (meaning high QoS requiring applications like VoIP and video on the Net for instance would attract higher fees). In this system, it would be the application service provider who pays the fee, subsidizing the end-user.

IPv6 comes of age
IPv6 is no longer a protocol that's best implemented in a lab or a network run by geeks. It has come of age and is proving itself on both performance as well as robustness. In response to the Internet2 challenge, the University of Tokyo along with Pacific Northwest Gigapop, JGN2, WIDE Project and Chelsio Communications successfully achieved a data rate of 6.18 Gbps over five different public international networks covering well over 18,600 miles of cabling. In comparison, the IPv4 record stands at 7.99 Gbps for the same distance but over eight networks. This is being seen as proof that IPv6 can now handle high-performance network applications and can take over from IPv4.

On the software front, the new Windows OS (Vista) integrates support for IPv6 protocol in a big way- it is installed by default and wherever you can configure IPv4 settings, you can also provide corresponding IPv6 settings. See our seperate feature on Vista elsewhere in this issue.

Triple play
Triple play is the term used to refer to the simultaneous transmission of data, voice and video over the same wire. Increasingly, this is becoming mainstream in both the business and home segments. For the home user for instance, IPTV is driving the boom forward. With fixed line operators seeking to push broadband Internet and high-bandwidth media applications onto their wires, the cable TV operators themselves are getting into the action by offering Internet as well as IPTV on their network to counter the move by the fixed-line operators.

This war of course is well-watered down in India. However, in the USA, which is seeking to battle with the penetration levels of broadband Internet in the ASEAN, this is an aggressive contest, with companies (telecom and ISP) seeking to consolidate their market positions. The recent takeover of AT&T Wireless by Cingular is perhaps a good example.

The Net Neutrality bill (so to say, 'Internet Non Discrimination Act 2006') introduced in the US Senate by Ron Wyden (and discussed in the 'Higher bandwidth' section earlier in this story) seeks to encourage fair play in triple play services by restricting fat-pipe owners from proffering preferential treatment to particular entities and hand the others a rough deal.

High-speed routing
We are all used to our network speeds not being 'quite there', even if we're using theoretically fat pipes (like 100 Mbps or even gigabit links). This is because of the way standard TCP works. TCP is, when you get down to analyzing it for high-traffic networks, a really really bad and miserly protocol.

What it does is when it detects the slightest hint of sluggishness on the wire, it compensates heavily and ends up sending much smaller packets than it actually can. In the same way, it never makes full use of the pipe when the traffic is low enough either. This is easily fixed if you implement HS-TCP (High Speed TCP, IETF RFC 3649). This is a protocol optimized for high- traffic high-latency networks and responds better to network congestion. The current state of HS-TCP is that it is still classified 'experimental'. However, some researchers consider it stable enough to warrant an inclusion into the standards and implementable class. Using its re-designed algorithms, HS-TCP is able to adjust its packet transfer windows to a more optimum size and recover quickly from high-latency conditions compared to standard TCP. Keeping pace with this requirement, the new Vista OS has a completely re-written TCP stack called the 'Next Generation TCP/IP'.

In India, both ISPs and vendors are talking about MPLS in a big way. Banks have already adopted it. When will other sectors like manufacturing and business services follow? That's worth watching.

Rinku Tyagi and Sujay V Sarma

  • Follow PCQuest on
  • become a fan on
  • Stay updated via
  • RSS


Notify me of follow-up comments via e-mail address

Post Comment


Survey Box

Now that Microsoft has finally discontinued support for Windows XP, which OS are you likely to upgrade to?

Send this article by email