Exclusives Riverbed Riverbed SD-WAN Tech Talks

SaaS and the Software Defined WAN

  1. Who is Ocedo, and Why did Riverbed Acquire them?
  2. A First Look at Riverbed’s SD-WAN Solution
  3. SD-WAN: I Can See Clearly Now
  4. SD-WAN And The Hybrid Cloud
  5. Making Your WAN Work For You
  6. Simplifying Branch Network Management With SD-WAN
  7. SaaS and the Software Defined WAN
  8. Riverbed Announces SteelConnect™ Unified Connectivity Fabric

In this series of posts, we’ve looked at a number of solutions that apply to most companies today, including WAN optimization, SD WAN, and Riverbed’s acquisition of Ocedo bringing LAN switching, wireless networking and the ability to create multiple AWS VPC mesh VPN overlays to interconnect VPCs and physical sites. It seems like Riverbed have everything covered with this product suite, but there’s still one area that is becoming a problem for more and more companies and isn’t solved by any of the solutions we have discussed so far: Software As A Service (SaaS).

The SaaS Problem

SaaS products like Microsoft’s Office365 have proven to be a huge hit with enterprises of all sizes, and many have chosen to decommission their data center Exchange infrastructure and rely instead on Microsoft’s managed service. From a business perspective the decision may have been clear cut, but the network engineers may well have been somewhat more concerned about the change.

Here’s a typical network, using internet VPNs to connect branch offices around the world to a corporate headquarters where in addition to other applications, the corporate Exchange server (labeled MX) is located:

A Typical WAN

diag1

The company has chosen to install a Riverbed SteelHead or SteelFusion WAN optimization appliance at each location, so when Ellen in IT emails an 8MB PDF to all of the employees, the caching and optimization minimizes the network impact of hundreds of users downloading the 8MB attachment from the mail servers in the USA, and equally importantly, they are not left waiting while a slow download completes.

Moving to Office365

The CIO decides to move to Office365 for email, and the next time Ellen uses email as a file sharing mechanism, complaints pour in from the remote offices. Why? It’s simple: Office 365 resides on the Internet and exists outside the optimized WAN that was so carefully designed to enhance internal network performance. The worst case scenario would be if the HQ site was used as an Internet hub so as to enforce corporate security policies centrally:

diag2

The problem here should be obvious; while the WAN itself is optimized within the company, the attachments are being downloaded from the USA, regardless of the site’s geographical location. Once the attachment hits the internal WAN, at least it’s optimized from there, but traffic between the HQ and Office365 is not optimized.

Regional Access

Office365, or at least the email component of it, is served from locations around the world, so ideally each site would connect to the nearest O365 data center rather than going through the headquarters site:

diag3

For day to day use, the users outside the US are likely to be significantly happier just because they don’t have international latency impacting every email transaction they make. However, the connection from each site to O365 is not optimized, so downloading large attachments can be a real pain.

Riverbed SteelHead SaaS

Naturally, Riverbed has been down this path and has a solution: SteelHead SaaS. The SteelHead’s ability to dig deep into every application flow, even encrypted flows, means it can identify a large number of SaaS flows, find the fastest path to the hosted application and then – and this is the clever bit – spin up a virtual SteelHead instance in the cloud so that flows can be optimized from the remote branch all the way to the SaaS data center. Even within the USA, the remote branch will likely get better response times initiating a connection locally and still benefitting from the WAN acceleration and caching capabilities of the SteelHead appliances.

diag4

Riverbed claims that this solution provides “up to 33x faster application performance for cloud-based services/SaaS applications” and “a reduction in bandwidth up to 97%“. The SteelHead SaaS feature is licensed per user, regardless of which applications are being optimized and is enabled by simply checking a box in the configuration. Riverbed has an agreement in place with Akamai, and specific support for O365, Box, Salesforce.com, ServiceNow, SuccessFactors and Microsoft Dynamics CRM Online. The closely-related Virtual SteelHead CX product can also accelerate public cloud deployments in Azure, AWS, VMWare ESX-hosted clouds and vCloud Air.

In particular though for any tool used daily to support the company’s operation, performance is paramount. Users have high performance expectations and get frustrated very quickly with slow-responding applications and saturated network connections. With that in mind, for a company deploying Office365 or one of the other SaaS applications mentioned, perhaps there are two approaches to consider:

  1. Throw increasingly large amounts of bandwidth at the problem and hope it works;
  2. Consider SteelHead SaaS as a way to optimize not only the SaaS, but also the corporate WAN.

The Bigger Picture for Riverbed

I confess that I hesitated when I thought to try and draw the diagram below because there is so much to add, I was worried that it would take hours to get it all in place. So let’s look at at least some of the areas where Riverbed can offer solutions, and where they are building their portfolio at the moment:

diag5

With so many elements to manage, it could be overwhelming to maintain a large network, and that’s where Riverbed has its work cut out. Developing SteelCentral into an all-encompassing, integrated management platform is critical to the delivery of a smart end to end zero-touch-provisioned architecture. Riverbed seems to be building a future where their product can select optimized paths between the branch offices, cloud-based SaaS, corporate data centers and hybrid cloud as well as to pull AWS VPC instances into the picture as if they were a seamless part of the corporate network. I love my CLI, but I think in this case, I’d like to let the management software take the brunt of the load.

Riverbed clearly have a lot of momentum building, and likely have an exciting roadmap in their mind for the next year or two. Personally I am looking forward to seeing how the products and the management platform develop and hopefully fulfill their potential, because Riverbed is without doubt in a unique position in the marketplace with their technology fingers in a lot of very interesting pies. Watch this space!


johnherbertAbout The Author

John Herbert is a network consultant designing, supporting, troubleshooting and advising on networks of all sizes. His blog can be found at http://movingpackets.net and followed on Twitter as @MrTugs.

Riverbed_logo-2This post is part of the Riverbed SD-WAN Tech Talk series. For more information on this topic, please see the rest of the series HERE. To learn more about Riverbed’s SD-WAN solutions, please visit  http://Riverbed.com/sdwan.

About the author

John Herbert

John has worked in the networking industry for over 20 years, and obtained his CCIE Routing & Switching in early 2001. A network engineer by day, he has consulted in the UK and USA for Internet and mobile service providers, financial, retail and other enterprise customers, designing, supporting and troubleshooting networks of all sizes and types. He now works in the enterprise space, enjoying knowing where he’ll be located every week and that he’ll be home for dinner.

John blogs at http://movingpackets.net/ where he shares his thoughts and experiences with automation, scripting, best practices, commonly needed solutions, technical challenges and whatever else interests him in the networking and technology arena.

Leave a Comment