IP Virtual Private Networks (VPN’s) tunnel secure, encrypted traffic over the public Internet as a cost effective way to interconnect distributed enterprise locations. While easy and cost effective to deploy, this mode of WAN interconnectivity can create unique performance, security and quality of service challenges, particularly for TCP applications and real-time applications like VoIP and Citrix®.
As is the case with private networks, each switching device from the network edge through the Internet cloud represent congestion points that can result in packet loss during traffic bursts and periods of peak usage day. “Typical” packet loss is much higher on the Internet than on private Frame and MPLS networks. Average ISP packet loss, for example, ranges between 0.2% to 1.0% across the Internet. Peak losses can easily reach 8% in many ISP networks - a common daily occurrence in the late morning and late afternoon.
TCP reacts poorly to packet loss, interpreting it as indication of congestion and causing applications to repeatedly back-off and re-transmit, thus drastically lowering throughput. This can severely degrade the performance of many applications.In addition, high packet loss leads to latency and jitter, which has historically made IP VPNs ill suited for voice and real-time applications.
As IP VPNs use the Internet, security concerns also exist with this type of WAN technology.In addition, it can be a challenge to guarantee service delivery over this network as it is shared by millions of other users.
Silver Peak Solution
The following relevant Silver Peak features mitigate the impact of impairments that are unique to IP VPN:
- Network Memory is used in conjunction with advanced compression techniques to reduce the amount of data traversing the WAN. This increase WAN efficiency, which helps to avoid congestion when possible.
- Network Integrity protects traffic protects traffic from the effects of congestion, including dropped and out-of-order packets. This reduces or eliminates the likelihood of ‘service brownouts’ throughout the day when running IP VPNs over the public Internet.
- QoS is used to prioritizes traffic types, and allocate bandwidth accordingly. This improves jitter and latency by enforcing specific policies that govern how to route traffic. Silver Peak can both honor and set DSCP/MPLS markings on a per-application basis for added QoS granularity.
- Network Acceleration overcomes WAN latency by reducing the chattiness of TCP. This is achieved using standard TCP acceleration schemes, such as adjustable window sizing and selective acknowledgements.
- Silver Peak uses 128 bit AES encrypted IPSec tunnels to secure all traffic that traverses the public Internet
With Silver Peak, enterprises get the costs savings of Internet VPNs with performance equal to dedicated private lines
|
