In this series of posts, we’ve looked at a number of solutions that apply to most companies today, including WAN optimization, SD WAN, and Riverbed’s acquisition of Ocedo bringing LAN switching, wireless networking and the ability to create multiple AWS VPC mesh VPN overlays to interconnect VPCs and physical sites. It seems like Riverbed have everything covered with this product suite, but there’s still one area that is becoming a problem for more and more companies and isn’t solved by any of the solutions we have discussed so far: Software As A Service (SaaS).
The SaaS Problem
SaaS products like Microsoft’s Office365 have proven to be a huge hit with enterprises of all sizes, and many have chosen to decommission their data center Exchange infrastructure and rely instead on Microsoft’s managed service. From a business perspective the decision may have been clear cut, but the network engineers may well have been somewhat more concerned about the change.
Here’s a typical network, using internet VPNs to connect branch offices around the world to a corporate headquarters where in addition to other applications, the corporate Exchange server (labeled MX) is located:
A Typical WAN
The company has chosen to install a Riverbed SteelHead or SteelFusion WAN optimization appliance at each location, so when Ellen in IT emails an 8MB PDF to all of the employees, the caching and optimization minimizes the network impact of hundreds of users downloading the 8MB attachment from the mail servers in the USA, and equally importantly, they are not left waiting while a slow download completes.
Moving to Office365
The CIO decides to move to Office365 for email, and the next time Ellen uses email as a file sharing mechanism, complaints pour in from the remote offices. Why? It’s simple: Office 365 resides on the Internet and exists outside the optimized WAN that was so carefully designed to enhance internal network performance. The worst case scenario would be if the HQ site was used as an Internet hub so as to enforce corporate security policies centrally:
The problem here should be obvious; while the WAN itself is optimized within the company, the attachments are being downloaded from the USA, regardless of the site’s geographical location. Once the attachment hits the internal WAN, at least it’s optimized from there, but traffic between the HQ and Office365 is not optimized.
Office365, or at least the email component of it, is served from locations around the world, so ideally each site would connect to the nearest O365 data center rather than going through the headquarters site:
For day to day use, the users outside the US are likely to be significantly happier just because they don’t have international latency impacting every email transaction they make. However, the connection from each site to O365 is not optimized, so downloading large attachments can be a real pain.
Riverbed SteelHead SaaS
Naturally, Riverbed has been down this path and has a solution: SteelHead SaaS. The SteelHead’s ability to dig deep into every application flow, even encrypted flows, means it can identify a large number of SaaS flows, find the fastest path to the hosted application and then – and this is the clever bit – spin up a virtual SteelHead instance in the cloud so that flows can be optimized from the remote branch all the way to the SaaS data center. Even within the USA, the remote branch will likely get better response times initiating a connection locally and still benefitting from the WAN acceleration and caching capabilities of the SteelHead appliances.
Riverbed claims that this solution provides “up to 33x faster application performance for cloud-based services/SaaS applications” and “a reduction in bandwidth up to 97%“. The SteelHead SaaS feature is licensed per user, regardless of which applications are being optimized and is enabled by simply checking a box in the configuration. Riverbed has an agreement in place with Akamai, and specific support for O365, Box, Salesforce.com, ServiceNow, SuccessFactors and Microsoft Dynamics CRM Online. The closely-related Virtual SteelHead CX product can also accelerate public cloud deployments in Azure, AWS, VMWare ESX-hosted clouds and vCloud Air.
In particular though for any tool used daily to support the company’s operation, performance is paramount. Users have high performance expectations and get frustrated very quickly with slow-responding applications and saturated network connections. With that in mind, for a company deploying Office365 or one of the other SaaS applications mentioned, perhaps there are two approaches to consider:
- Throw increasingly large amounts of bandwidth at the problem and hope it works;
- Consider SteelHead SaaS as a way to optimize not only the SaaS, but also the corporate WAN.
The Bigger Picture for Riverbed
I confess that I hesitated when I thought to try and draw the diagram below because there is so much to add, I was worried that it would take hours to get it all in place. So let’s look at at least some of the areas where Riverbed can offer solutions, and where they are building their portfolio at the moment:
With so many elements to manage, it could be overwhelming to maintain a large network, and that’s where Riverbed has its work cut out. Developing SteelCentral into an all-encompassing, integrated management platform is critical to the delivery of a smart end to end zero-touch-provisioned architecture. Riverbed seems to be building a future where their product can select optimized paths between the branch offices, cloud-based SaaS, corporate data centers and hybrid cloud as well as to pull AWS VPC instances into the picture as if they were a seamless part of the corporate network. I love my CLI, but I think in this case, I’d like to let the management software take the brunt of the load.
Riverbed clearly have a lot of momentum building, and likely have an exciting roadmap in their mind for the next year or two. Personally I am looking forward to seeing how the products and the management platform develop and hopefully fulfill their potential, because Riverbed is without doubt in a unique position in the marketplace with their technology fingers in a lot of very interesting pies. Watch this space!
- Verify, Or Die Trying: Observations on Change Management - April 12, 2018
- Moving To The Cloud – Network Nightmare or Dream? - February 20, 2018
- Diving Into Design With The Aruba 8400 - September 13, 2017
- SaaS and the Software Defined WAN - April 12, 2016
- Making Your WAN Work For You - March 29, 2016
- SD-WAN: I Can See Clearly Now - March 15, 2016
- Who is Ocedo, and Why did Riverbed Acquire them? - March 1, 2016
- A Look Back at ONUG Spring 2015 - May 27, 2015
- What Is An “ONUG”, and Why Should I Care? - April 15, 2015