• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 152
  • Last Modified:

2500 users on a 12/3mbps Satellite Internet Connection... How to Improve speed?

Hi All,

As the Title suggests, we have a lot of Internet issues.
We have 2500 users who are accessing an uncapped 12mbps down / 3 mbps up Satellite connection.
This is a corporate environment

Unsurprisingly, we always max out the connection and have some unhappy users complaining that the Internet doesn't work...

Purchasing more internet is not an option, as the Satellite Links are incredibly expensive.

So we are looking at possible ways to ensure that the Internet link is used the most effectively.
More than happy to buy kit, even expensive kit, as the Return On Investment for anything that reduces the need for more Internet costs would be easy to justify.

Our current environment uses an Cisco ASA 5540 as the Firewall and we have a  Cymphonix Network Composer (now owned by untangle) as the Web Filter and basic traffic shaping.

This works, but im sure there must be something more out there that will allow us to better manage the Internet traffic so that we can ensure the best possible internet experience for our users. And give better reporting than the Cymphonix.

Also, VERY IMPORTANT, is that the level of skillsets with the IT area for maintenance of the devices is low, so we will need something that is reasonably easy to maintain (again, happy to pay for that!) and is easy to work with.

Does anyone have suggestions for:


Traffic Shaping  (with differing rules for different AD Groups, ie Streaming media ok for some, restricted for others, blocked entirely for some, volume based shaping would be good too ie. User gets 200mb of Streaming Media or Internet as a whole unrestricted, as soon as they go over that they are shaped right down to something small)

Prioritising of Traffic (able to prioritise certain traffic, websites or AD users so their internet takes precedence, ie for Video conferencing or Online Exams)
 
Web Filtering (with differing rules for different AD Groups, HTTPS filtering as well)

Block of unwanted traffic (time based, ie P2P blocked always but Online backups, Dropbox etc, available at night)

Comprehensive Monitoring and Reporting. (Be able to identify users and PCs clearly, drill down options on the traffic)


We would probably prefer a commercial option, even up to the ISP quality equipment, to ensure that we can do this right.
We have considered devices like  Procera  Packet Logic http://www.proceranetworks.com
But would like to get an understanding of what else is out there.

Thank you
0
HBS-Mach
Asked:
HBS-Mach
  • 6
  • 3
2 Solutions
 
Joey YungSenior Network EngineerCommented:
You might consider for BlueCoat proxy solution, which can meet your requirement and resolve the bandwidth bottleneck issue.
0
 
HBS-MachAuthor Commented:
Thanks Joey Yung, I will take a look.
Are you using it yourself?
Feedback on its effectiveness would also be helpful
0
 
JohnnyCanuckCommented:
I think you just don't have enough bandwidth for 2500 users.  I have 90 users on 25 down and 7 up and that chugs at times.  Consider what happens as well when everyone's computer wants to update on patch Tuesday or Adobe issues another of their numerous updates.  Is there any way you can get more upload bandwidth?  That might help somewhat as I can only imagine how much data is squirting up that 3mb uplink with 2500 users.  Internet traffic is 2-way.  Each computer has to send a request before it can get a web page and a clogged uplink will really slow everything down.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
HBS-MachAuthor Commented:
Hi Johnny
Unfortunately buying more bandwidth isn't an option. This is a island in the middle of the pacific. Satellite costs are huge.
We use WSUS for patch Tuesday and System Centre for other updates to reduce traffic.
We are looking for something that will hopefully make it a little better... But it will always be slow, we understand that.
A little better is better than nothing :-)
0
 
HBS-MachAuthor Commented:
Does anyone use Procera Packet Logic or a BlueCoat?
0
 
Joey YungSenior Network EngineerCommented:
I'm not the end user, and I was help my customer to deploy before. End up the customer is satisfied with the product, and BlueCoat is the market leading brand.
0
 
Joey YungSenior Network EngineerCommented:
I'm not much memory of this project, but I remember their scope is around 1500 users with 15Mb WAN bandwidth.
0
 
HBS-MachAuthor Commented:
thanks Joey Yung. That scope sounds about right for me.
0
 
HBS-MachAuthor Commented:
I will close this question with points awarded to Joey Yung for suggesting BlueCoat and we will also look at Procera Packet Logic.
0
 
HBS-MachAuthor Commented:
In the end I didn't get as complete an answer as I hoped, but this at least gives me a couple of areas to look at.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now