Solved

WAN acceleration with Blue Coat v.s. Riverbed

Posted on 2012-04-11
3
1,276 Views
Last Modified: 2012-04-24
Hello EE,

We have an environment as such that we have 5 branch offices that connect via MPLS to each other and corporate.  All internet traffic comes through corporate.  Each site has a local file server, domain and exchange server.  We are looking to improve on Internet caching, sharepoint will be HUGE and file shares, etc.  We have tested BlueCoat and I'm wondering if we have to pilot Riverbed as well or if somebody can tell me the difference in technology used and pros/cons of either.  I hear BlueCoat used Object Caching which is supposed to be better for Sharepoint and internet, Rivebed for CIFS, but which would be optimal for our environment without waiting another 2 months to pilot as we really need to get something in last week.

Can anyone shed some light on the technology differences and where each excels or lags?
Even if we did pilot I would like to understand the differences and know others are using both vendors products and would like to get some feedback from those who already use it.
0
Comment
Question by:bergquistcompany
3 Comments
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
Comment Utility
I haven't tested Blue Coat. I tested Riverbed and Silver Peak about 3 years ago. I was weary of Blue Coat because their technology roots was is proxy and security, not WAN optimization. I can tell you that Riverbed works really, really well.

Riverbed is pretty easy to install and configure. It takes just a few minutes to configure, and I have literally shipped them out to a branch and talked someone over the phone how to plug it in with an in-line configuration. Riverbed will work on L4-7, and I don't think that any company understands how to optimize at L5-7 better than Riverbed. They really understand how to make the protocols more efficient. They can even optimize signed SMB, SSL, encrypted MAPI, and Citrix, and there are SharePoint specific optimizations as well. I believe that it does some object prefetching and stuff.   Tech support is really quick to answer the phone with an engineer.

That said, I don't know if one approach vs. another really matters that much. As long as Blue Coat can proxy SMB 1.0 connections to take out the latency penalty, both should do well for SMB connections. With SMB 2.0, latency isn't as much of an issue, in which case you only need bandwidth reduction by deduping and compressing the data. IMHO, as long as you optimize the top 3 or 4 apps on your WAN, you should be in good shape.

With a local file and Exchange server at each site, how much data are you pulling across the WAN? With WAN optimization (and possibly without), you can centralize all of your Exchange to a single active site, which should save you some money. You can have a second site for DR, but there generally isn't any need for a server at each site. My company has 1 active mailbox server for 650 employees, and most of them are off site without WAN optimization.

The downside to Riverbed is their tiered TCP flow licensing. A relatively small number of users can easily keep 120+ flows open, pushing you to a larger license, even if you don't need more bandwidth.
0
 

Author Closing Comment

by:bergquistcompany
Comment Utility
excellent feedback thanks
0
 

Expert Comment

by:netmagdave
Comment Utility
Blue Coat and Riverbed are both proxy-based architectures, which means that while they might be able extract every bit of performance out of protocols they’re also protocol dependent.  New protocol updates, for example, risk breaking the application. There was chatter around RIOS 7.0 and MAPI on this very point and Blue Coat has had a number of problems in this area in the past. They also can’t optimize non-TCP apps, such as UDP and proprietary apps. (Riverbed did announce UDP-support, but it’s still rudimentary.)

You might also watch your deployment of real-time protocols. Neither architecture corrects for packet loss in real time, which is important if you want to run, say, VoIP over MPLS. If what you’ve said about  your current protocol mix represents all of the current and future  applications on network, though, then this shouldn’t be an immediate concern.

You might consider deploying virtualized WAN optimizers to the remote sites. They’re easier to deploy than physical appliances (if you have the host already in place) and often much less expensive. There are a number of  virtual appliances on the market that are free --  check out the open source Trafficsqueezer  or the  VX-X.  Trafficsqueezer has no inherent limitations, that I know of, but I’ve heard has some rough edges around the GUI etc. as you would find in any open source project. The VX-X is the full, commercial software from Silver Peak , but limited to 4M of optimized throughput.

In the end, I think you’ll want to focus less on extracting every ounce of speed from your optimizers as vendors tend to flip/flop on the performance lead and are often pretty much within +/- 10% difference anyway.  Worry more about issues like ease of deployment, scalability, application/protocol support, forced upgrades, company stability, and – of course – pricing.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now