"The
48th fastest growing technology
company in their ranking
of the European Technology
Fast 500."
Maximizing Mission-Critical Application
Performance in the
Multi-Site
Enterprise
The Problem:
Corporate Intranets have become
key repositories of business information
needed by employees across the
enterprise. Companies also rely
on the existence of network-based
services for their businesses,
running mission critical applications
for ERP, CRM, eCommerce, and more.
Poor application response times,
caused by the mix of business-critical
and non-critical traffic on the
same network, quickly translate
into decreased productivity, lost
revenues and increased business
costs. In addition, the penetration
of time-sensitive videoconferencing
and voice over IP (VoIP) offer
low-cost alternatives to expensive
business trips and telephone conference
calls, but these applications
require sustained network performance
and therefore place increased
demands on the network.
The native IP network infrastructure,
with its congested and expensive
WAN links, does not provide the
means for you to fully control
all aspects of your complex enterprise
network. Nor can you analyze network
usage, prioritize the critical
traffic and ensure that time-sensitive
traffic will receive the appropriate
network resources.
The Solution:
Allot Communications NetEnforcer
enables mission-critical applications
to run smoothly over otherwise
unmanaged and congested WAN (IP)
networks. The NetEnforcer ensures
the response time of your mission-critical
applications by prioritizing their
traffic or guaranteeing them a
portion of bandwidth. At the same
time, traffic from less critical
and less time-sensitive applications
receives a limited amount of bandwidth
or a lower priority.
The Environment:
Today's large enterprise is a
multi-tiered structure with a
central headquarters, possibly
multiple regional headquarters,
and numerous branch offices. Corporate
operations may be geographically
dispersed, but they are unified
by a combination of domestic and
international leased lines, frame
relay, VPNs and satellite links.
In these global networks-found
in such industries as finance,
retail, government, utilities,
and health-business success depends
on network performance. eBusiness,
ERP and streaming applications
like videoconferencing and VoIP
require performance guarantees
to ensure that they do not suffer
from bandwidth contention from
less critical applications and
Internet traffic (e.g., non-critical
Web browsing, large FTP file transfers,
and P2P uploading/downloading
of digital music files). A policy-based
quality of service (QoS) solution
can ensure that your mission-critical
applications receive the bandwidth
they require.
Allot
Communications Solution:
The Allot Communications NetEnforcer
allows you to guarantee the performance
of your business-critical applications
by grouping and defining policies
that will classify traffic into
categories such as "Mission-Critical
Accounting Application" or
"Time-Sensitive Videoconference."
During peak traffic periods, the
NetEnforcer maintains application
performance by limiting the bandwidth
available for non-critical applications
and diverting these networking
resources to the more critical
traffic. The NetEnforcer enables
you to control important network
resources such as bandwidth, servers,
applications and users. It will
also monitor and record traffic
usage information based on clients,
servers, application, time and
DiffServ tagging.
Figure
1: Managing mission-critical traffic
with the NetEnforcer
3
Easy Steps to Applying QoS
Allot Communications' NetEnforcer
lets you quickly and easily apply
QoS to your enterprise network
in just three easy steps:
Monitor
network and bandwidth usage
Use the NetEnforcer's NetWizard
setup utility to auto-discover
traffic protocols in your
network. Using this information,
you determine which protocols
affect your network performance
and should be managed.
Define
policies that link business
priorities to computing needs
Use the QOS Policy editor
to further refine the QoS
attributes for the desired
policies. Assign minimum and
maximum percentages of bandwidth,
and enable the QoS by prioritizing
traffic from 1 to 10. For
additional policy definition,
set other conditions such
as addresses, Type of Service
(TOS) value or time-of-day.
Enforce
the rules and monitor
Let NetEnforcer examine all
traffic going to and from
the WAN link and match it
to the conditions you have
defined. Upon matching a traffic
session with a rule, NetEnforcer
forwards the packets per the
specified actions. Continually
monitor network resources
using NetEnforcer's Traffic
Monitor and enforce network
policies. Discern traffic
changes and refine policies
to maintain maximum network
control and application performance.
The
NetEnforcer and ROI: An Example
NetEnforcer is a better investment
than adding WAN services or other
networking hardware. For example,
instead of upgrading your WAN
link from 128 Kbps to 256 Kbps,
you could purchase a NetEnforcer
and allocate 50% of the link for
mission-critical SAP traffic while
limiting AudioGalaxy to no more
than 10%. Not only would you increase
application performance, but the
NetEnforcer would quickly pay
for itself!
NetEnforcer
Features
Traffic
Monitoring
The NetEnforcer's Java-based
Traffic Monitor lets you view
traffic per users, sessions
and applications. Quickly
change between table views,
line graphs, full color bar
graphs and area graphs.
IP
Accounting and Reporting
The NetAccountant™ add-on
product for the NetEnforcer
allows you to collect accounting
data. NetPolicy uses this
data to create advanced traffic
reports that indicate usage
by user, application, time
or policy.
Traffic
Redirection Control
Use the CacheEnforcer add-on
product to reduce WAN link
usage by transparently redirecting
traffic to cache servers.
Cache policies can be defined,
enforced, and optimized according
to network addresses, protocols,
services, applications, and
time-of-day.
The
Policy-Powered Networking Advantage
Traffic
Classification and Content
Inspection
The NetEnforcer offers support
for over 200 leading protocols,
including Oracle, SAP, H.323
and RTSP. Content inspection
for HTTP, Citrix and Oracle
allows you to differentiate
between types of Internet
browsing, Citrix application
types, and traffic flows per
Oracle database or user.
DoS
Protection
The NetEnforcer detects known
types of DoS attacks and offers
a first line of defense that
enhances the performance of
firewalls and internal network
devices. NetEnforcer monitors,
records, and blocks suspicious
traffic flows and alerts network
personnel of attacks.
Manage
Multiple Branch Offices from
a Single NetEnforcer
A single NetEnforcer can be
economically used to manage
traffic to multiple branch
offices. NetEnforcer uses
the rate control feature of
the TCP protocol to ensure
the appropriate flow of traffic,
alleviating the need for NetEnforcer
devices at both the server
and the client.
Figure
2: The NetEnforcer Traffic Monitor
*
Note: WAN costs from British
Telecom. NE cost based on Int'l.
MLP without dealer discounts.
Award wining Blue Coat System
Security Gateway is the
industry's first security
appliance designed to provide
added security for web protocols,
control enterprise security
and usage policies, and
increase the performance
and manageability of enterprise
security infrastructure.
Based on a high-performance,
secure operating system,
the Blue Coat System Security
Gateway is the ideal choice
for optimizing multiple
web security functions including
authorization management,
virus scanning, content
security, web usage monitoring,
content filtering, and network
protection.
