You Can\'t Manage and Shouldn\'t Optimize, What You Can\'t See
- 1. You Can’t Manage and Shouldn’t Optimize,
What You Can’t See
By John E. Burke
Principal Research Analyst, Nemertes Research
- 2. You Can’t Manage – and Shouldn’t Optimize –
What You Can’t See
Optimization and Visibility
By John E. Burke
Principal Research Analyst, Nemertes Research
Executive Summary
Massive transformations in the enterprise and in IT are pushing steadily
more application delivery optimization to the WAN. IT can use optimization
technologies to mitigate problems on the WAN arising from latency, loss, and
jitter. However, for good long-term planning and effectiveness, use of
optimization should follow—not precede—IT gaining a deeper understanding of
the true state of WAN use through development of deep application-level
visibility on the network.
The Issue
The enterprise is virtualizing, and the traditional WAN is in trouble in the
face of the accompanying changes percolating through IT and the enterprise.
Enterprises are shifting to a virtual, distribute workforce in order to be
more agile in pursuit of opportunities and more flexible in finding and retaining
talented staff. They are spreading further across space to support that distributed
workforce and to be more cost effective in where and how they situate branches.
They are deploying unified communications and other collaboration tools to
empower workgroups spread across regional, national, or global distances more
effectively.
More Branches, More Teleworkers. From 2004 through 2008, the
number of branches in an enterprise grew by about 9% on average. With the
recession, 2009 saw decreases of 3% on average. Branch number growth
modestly rebounded in 2010, with growth of 1.75%. In 2011 the majority of
participants (57.7%) expect the number of branches in their organizations to
remain flat, 33% expect it to rise. 9.3% expect it to fall. Some have effected a
major shift in their branch philosophy: “We’ll have branches only for those that
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 1
- 3. use fixed, depreciable assets,” said the IT manager at a healthcare company,
“Everything else will be telework.” Even so, among those expecting a change, the
average change is an increase of 4.7%. Said one CIO from a large healthcare
company, adding neighborhood and regional facilities rapidly during and after
the slump: “We’re doing a lot of acquisitions. We’re growing by another 100%.”
And of course, the shift to telework also increases the number of locations IT
supports. 46% of organizations now have formal telework policies, and with or
without a policy 56% expect more telecommuters in the coming year.
Interestingly, 37% of telecommuters now have no office in any company location.
More technologically aggressive organizations utilize more teleworkers, with
27.2% of staff able to telecommute, compared to only 16.2% among more
conservative organizations.
Smaller Branches, Demanding Apps. Technologically aggressive IT
organizations are generally ahead on adoption of all “virtual enterprise”
technologies, including:
! Soft phones. Soft phones decrease dependence on the physical office
environment by bringing full office phone function to laptop, PC or even
mobile device. Ninety four percent of aggressive/bleeding-edge
organizations deploy or plan to deploy soft phones, vs. 76.9% of
conservative/moderate organizations.
Figure 1: Expected 2011 Change in Typical Branch Size
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 2
- 4. ! Virtual desktops. Virtual desktops decrease dependence on both offices
and specific computers by bringing enterprise desktop application access to
just about any endpoint device, whether personal desktop, company laptop,
thin client, or mobile device. Seventy-five percent of bleeding edge
organizations are using virtual desktops, or deploying them in 2010, vs.
55.2% of moderate organizations and only 26% of conservative ones.
Moreover, bleeding-edge organizations using virtual desktops have
virtualized a quarter of their desktops, compared to 15.6% among moderate
organizations and 5% among conservative ones.
Empowered by these and other technologies, aggressive organizations are
spreading further but more thinly, by slowing growth in the size of branches and
increasing emphasis on “branch of one” teleworkers. Conservative organizations
are more than twice as likely as bleeding-edge organizations to expect their
number of branches to grow in the coming year. Conversely, bleeding edge
organizations are more than twice as likely to expect the number of branches to
decrease than conservative organizations.
More aggressive companies are also beginning to reduce the size of their
branches. Conservative and moderate organizations expect the size of their
branches to be flat or increasing in the next year, where the more aggressive,
virtualizing organizations see them flat or declining. According to Nemertes’
research, 37.5% of more conservative organizations see branches growing; 0%
shrinking. Zero percent of more aggressive organizations see branches growing;
15.4% see them shrinking. Shrink in average branch size comes as large branches
are shut down and replaced by multiple smaller offices, or by smaller offices,
hoteling facilities, and telecommuters.
Internet increasingly seen as alternative to WAN. Overall, we see
increasing use of the Internet as either a backup to or replacement for a dedicated
private WAN connection. About 26.1% of branches are connected to both WAN
and Internet and support direct branch-to-Internet access. However, 45% of
branches support Internet VPN. Internet VPN branches don’t always enjoy direct
Internet access. In many cases the branch is using the Internet exclusively for
VPN access back to the organization’s WAN. Sometimes the Internet VPN carries
specific traffic types (e.g. backups), but in many organizations it is only a backup
to the primary WAN link, unused except when that link fails. Internet VPNs for
WAN backup typically use consumer-grade, best-effort Internet services.
Like collaboration tools, telecommuting, and softphones, Internet VPN
helps an enterprise virtualize by reducing branch costs and enabling more,
smaller branches in more, and more remote, locations. However, Internet VPN
shifts significant responsibility for security and performance management to the
branch. Direct-to-Internet connectivity requires Internet-facing security similar
to that deployed in data centers (firewall, intrusion detection and prevention,
content filtering and anti-malware). Likewise, it decreases the efficacy of QoS as
a performance management strategy because carrier-to-carrier consistency in
handling QOS-tagged packets is not standardized, consistent, or reliable. Using
the Internet as a WAN increases variability in performance across those links.
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 3
- 5. Combine the shift to more and smaller branches against a backdrop of IT
consolidating into fewer data centers, the slow growth in WAN bandwidth, shifts
to the Internet as the WAN, and the use of steadily more, and more demanding,
applications on the WAN, and the result is a network performance problem for
IT. When WAN performance becomes a problem, IT’s first instinct is usually
still to throw bandwidth at the problem. However, bandwidth isn’t free, and
widespread or significant increases can be very expensive. Especially when
consumer connectivity is part of the mix, carriers often oversubscribe edge
connectivity, which is OK for consumer recreational use but a handicap to branch
use. Also, and more importantly, adding bandwidth may not resolve important
performance problems, especially for demanding communications and
collaboration applications, because it doesn’t fix latency, jitter, and only partially
fixes packet loss problems. As a result, IT architects increasingly turn to
optimization to better manage available bandwidth, prioritize applications, and
ensure acceptable end-user performance regardless of the underlying WAN.
Optimization to Speed and Strengthen: ADO
We define Application Delivery Optimization (ADO) as the design of
networks and systems to guarantee appropriate, effective application delivery in
the distributed and mobile world. That is, ADO is the art of tuning the
infrastructure to guarantee proper performance on all IT services.
Figure 2: Application Delivery Optimization Architecture
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 4
- 6. ADO comprises many techniques, including caching and compression,
application acceleration, traffic shaping, loss mitigation, latency mitigation,
server offload, local and global load balancing, link aggregation, and route
optimization. So, the WAN is not the only place IT optimizes to improve
application delivery. IT deploys technologies in the data center and at the
endpoint as well. ADO encompasses areas and devices variously referred to as
application delivery controllers (ADCs), WAN optimization controllers (WOC),
application accelerators, and application delivery networking (ADN).
Different pieces don’t always play nicely with each other, and adding any
will at least increase the complexity of the environment, always something to be
approached with caution. Use of multi-function devices providing visibility and
one or more flavors of optimization and acceleration is one way to try to avoid the
problem of complexity, but it requires careful attention to cost, throughput
capacity, and in-box latency with all desired functions enabled; simplicity is
preferable only if it can be accomplished without sacrificing function and
affordability.
Since each ADO component or service can advance one or more key IT
strategies, ADO architects must approach each choice with an eye on their
broader goals and initiatives, whether in security, business continuance,
virtualization, sourcing, or elsewhere.
WAN Optimization
On the WAN, the most typical ADO models place appliances at one
(asymmetric) or both (symmetric) ends of the connection to improve traffic flow
through some combination of compression and caching, acceleration, traffic
conditioning (to mitigate packet loss, for example), and traffic shaping
(prioritization). About 50% of companies use WAN optimization now, and the
vast majority do it via deployment of physical appliances. In addition, an
increasing number of vendors are delivering virtual appliances that can share a
host server with other branch-office services, or follow enterprise workloads into
a cloud infrastructure.
Another delivery model for ADO is carrier/cloud services, either as
managed enterprise appliance deployments or as layered optimization services in
their service clouds centered on traffic shaping, protocol acceleration, latency
mitigation, and finer-grain traffic shaping than QoS allows. These manipulations
of traffic require no customer premise equipment and can be offered strictly as
cloud services. Adding virtualized optimization appliances to the mix opens the
further possibility of full, symmetric appliance-based optimization without
additional equipment on site—a zero-capital, cloud-delivered model with many of
the same benefits (for compression, for example) of traditional box-per-site
deployments. Already all the major carriers offer a managed WAN optimization
service, but nearly all still focus on managed appliance solutions. Cloud services,
with or without virtualized CPE, represent the next evolutionary stage and are
fewer and newer.
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 5
- 7. Figure 3: Adoption of WAN Optimization
If IT wants to move delivery problems entirely off their own WAN (and
sometimes out of their data centers), an organization can employ an overlay
provider. IT can hand off some kinds of application traffic (and even portions of
applications or types of content) to specialty network service houses, taking its
own WAN out of the delivery equation for the most part. Akamai and Limelight
are examples of overlay providers.
Optimize to See? See, then Optimize
One thing driving many optimization efforts, unfortunately, is ignorance,
or, more politely, a lack of information. IT knows there is a problem (because
users are not shy about communicating that fact) but doesn’t know exactly why
there is a problem or what it is. Their management tools can speak to some
problems (overall packet loss, overall latency) but not to others (latency hurting
connections of one application, packet loss hitting key sessions of another).
IT deploys optimization to resolve the performance problem, with or
without reasonable detail on what is causing it, but in so doing begins to get the
kind of data it needs to make better decisions about what to do next.
Expressing a common sentiment, the VP/Managing Director at a large
distribution company told Nemertes that as a driver for deploying optimization,
on a 1 to 5 scale where 5 is critical and 1 is irrelevant, “at first, visibility was a 2
out of 5. After we could see things, visibility became a 4, and being able to make
things work better made visibility so much more useful. It’s now a key criterion.”
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 6
- 8. WAN optimizers can provide key kinds of information to IT, including
detailed data on actual usage and performance for specific applications across the
WAN. Like VoIP monitoring systems that can provide objective measures of call
quality, ADO devices can monitor factors including packet loss, network latency,
jitter (variation in latency), and server response time to provide objective
measures of end-user experience of applications. Unlike pure monitoring
solutions, an ADO device can also affect such factors, by mitigating packet loss
for example.
The rise of both virtual appliances and carrier/cloud optimization create a
new and powerful option for gathering detailed performance data before
optimizing: low-overhead “pay by the drink” cloud-style deployments. Getting a
brief proof of concept deployment using virtual appliances, or a short turn-up of
carrier services, can get IT the detailed performance information it needs to plan
a production deployment (in-house or carrier), and to establish baseline
performance data for future comparison.
Recommendations: Key Considerations in Deploying Optimization
! First and foremost, understand your actual performance issues! If you
don’t have the tools in-house to get real application performance data,
consider virtual optimization appliances or ADO service offerings as a way
of gathering information. Look for granularity of visibility and control to
aid both pre-deployment analysis and to benchmark post-deployment
performance.
! Approach ADO as a build vs. buy decision.
! To MSP or not to MSP? Look at your organization’s current appetite
for outsourcing functions and using layered network services.
! Balance capital cost vs. capacity and control. Putting in appliances
gives the highest performance and the greatest control over the
network, but increase capital cost and IT management load.
! Consider multiple solutions. You may want an appliance-based
strategy for big branches and data centers, a carrier solution for small
locations. Solutions can be mixed and matched to diverse use cases.
! Collecting data to build a business case beyond WAN costs: Performance =
Time = Money. By getting together with business lines to understand how
performance problems affect their ability to work and the efficiency and
effectiveness of their staff, IT can target solutions on problems that matter
most, and as it deploys optimization technologies IT can make SLAs that
make sense to and matter to the business lines. Monitoring data that can
speak to actual performance as experienced by end users is helpful with
this.
Conclusion
Massive transformations in the enterprise and in IT are pushing steadily
more application delivery optimization to the WAN. Optimization technologies
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 7
- 9. give IT the ability to mitigate problems that can be introduced on the WAN due to
latency, loss and jitter, but use of optimization should ideally follow—not
precede—IT gaining a deeper understanding of the true state of WAN use
through development of deep application-level visibility on the network.
It is important that IT direct its attention to the actual problems of end
users, and acquire optimization that solves those problems well: performance
problems are not all the same, ADO solutions have differing strengths. It is also
important that IT be able to measure performance before and after addition of
optimization in order to make and track performance against meaningful SLAs.
Because ADO touches on so many aspects of IT operations, it is important that IT
consider all the organization’s key strategies and architectures—server, security,
data center, WAN, desktop, UC— in selecting an ADO solution.
About Nemertes Research: Nemertes Research is a research-advisory firm that
specializes in analyzing and quantifying the business value of emerging technologies.
You can learn more about Nemertes Research at our Website, www.nemertes.com, or
contact us directly at research@nemertes.com.
©Nemertes Research 2011 ! www.nemertes.com ! 888-241-2685 !DN1357 8