|
Riverbed RiOS 4.0: Raising the Bar in Wide Area Data Services
March 14, 2007 -- Riverbed released RiOS 4.0, a major enhancement to its flagship
operating system behind the Riverbed Steelhead WDS (wide-area data services)
appliance. With RiOS 4.0, Riverbed has addressed several crucial areas in terms
of accelerating encrypted, secure traffic and improving the performance of
chatty web-based applications that previously had been unaddressed by WDS
products. RiOS will help to satisfy Riverbed’s enterprise customers who need to balance both
speed and security and will help to keep Riverbed out in front of its WDS competition.
Riverbed has not rested on its laurels and continues to push the boundaries of the WDS
product category.
SSL-encrypted data and object-heavy HTTP applications suffer unacceptable lag times over the
WAN and force expensive bandwidth upgrades. The question then becomes: how do businesses
balance the demands of data security and web-based processing with the need to accelerate
vast amounts of data flowing over the WAN?
RiOS is positioned at the nexus of these two trends – heightened need for secure encrypted
communications and increased deployment and use of web-based applications. First,
enterprises are increasingly turning to SSL as the workhorse protocol for ensuring secure,
encrypted communication between ROBOs (Remote Office/Branch Office) and the main data
centers. Prior to the advent of RiOS 4.0, enterprises were forced to trade off security for
performance if they wanted to deploy a WDS solution. No WDS solution on the market offered
accelerated SSL communication that could keep all sensitive SSL certificates and private keys
within the data center. RiOS 4.0 becomes the first WDS product to offer true symmetric
accelerated SSL without breaking the trust relationships.
Second, web-based applications are increasingly replacing older client server applications as
packaged application vendors “webify” their applications. Furthermore, web-based
applications have become the defacto application architecture for most new internally
developed or custom applications. As a result, a growing amount of traffic makes use of the
HTTP and HTTPS protocols. RiOS 4.0 adds new capabilities to accelerate and improve
performance of HTTP and HTTPS protocols.
The Importance of WDS
WDS combines acceleration, optimization, and WAFS (Wide Area File Services) to speed WAN
traffic to near-LAN speeds. This technology is of utmost importance to the enterprise as it rearchitects
ROBO infrastructure. To that end, Taneja Group predicts in a recent report entitled
“Next Generation Data Protection Market Forecast 2006-2010” that the high growth, strategic
WDS category will top $l.418B by 2010.
WDS works by 1) integrating WAN optimization, application acceleration, and WAFS to
consolidate branch office servers, storage, and backup infrastructure into the data centers; and
2) delivering close to LAN speeds to users in the branch offices across the WAN. Common WDS
tasks include centralizing distributed infrastructure, sharing large files among distributed
offices without delays or lags, performing efficient backup and replication over long distances,
and delivering robust WAN services without expensive bandwidth upgrades.
The Steelhead appliances form a system of distributed network devices in remote offices that
communicate with a Steelhead appliance server at the main data center. Riverbed concentrates
on accelerating application performance over the WAN using TCP acceleration, application
protocol acceleration, and dynamic compression on an application’s first pass, followed by
dictionary compression and transparent turn reduction.
Key Product Features in RiOS 4.0
- SSL Acceleration. Riverbed is the first WDS vendor to accelerate SSL without reducing
data security. Prior to RiOS 4.0, Riverbed supported SSL as a pass-through model but
offered no performance gains. Its new ability to accelerate SSL is a welcome move for its
performance and security-conscious clientele. RiOS 4.0 copies SSL certificates and private
keys to the server-side Steelhead, not to the client side. (Steelhead appliances use their own
identity certificates to establish a secure connection among client and server-side
appliances.) The advantage of keeping certificates on the server-side is that the enterprise
can certify SSL security protocols at the consolidated data center level without involving
branch offices, and certificates cannot be faked at the client-side Steelhead. Another
advantage is not having to place certificates on every client, which can easily turn into an
administrative and security hell.
On data request, the client begins the SSL session with the server-side Steelhead and the
temporary session key is delivered to the client. If desired, the SSL session between the
server-side Steelhead and the origin server may use an optional null encryption key – not a
security risk because both devices are located in the data center. This process ensures that
the data flowing between the Steelheads is using secure SSL minus the added layer of
encryption/decryption between the client and server appliances. Steelhead accelerates SSL
session transfers via data, transport, and application streamlining mechanisms.
Riverbed also allows for IT’s reluctance to change working trust models. It offers a patented
technology called split termination to preserve existing trust models within the Riverbed
Steelheads. Split termination allows customers to maintain the preferred trust model while
still providing end-to-end secure traffic acceleration.
- HTTP/HTTPS Streamlining. SSL encryption is not the only culprit in slowing down
WAN transmissions. Riverbed also has enhanced its HTTP Application Streamlining Module
with Layer-7 acceleration for chatty web applications like SAP, Siebel, PeopleSoft, IBM
Websphere, and MS Sharepoint. This functionality is also available for HTTPS now as well.
RiOS 4.0 offers HTTP/HTTPS application streamlining by first seeing the request by the
client-side Steelhead. The Steelhead learns all objects that are to be downloaded within the
page/URL including objects embedded within cascading style sheets (CSS) or scripts. The
appliance records objects and actions in a knowledge base and then forwards requests of all
page objects in parallel. Parallel processing and RiOS streamlining optimizes the WAN
transfer. The process is faster than a parse and prefetch mode because the appliance can
reference its knowledge base of objects and actions, and has no need to recheck every web
page request. Steelhead appliances can also request all the objects at once rather then
opening multiple TCP connections for object requests, providing a much faster response
time.
- TCP acceleration. TCP transfers can ramp up slowly and ramp back down at the first sign
of packet loss. Riverbed RiOS optimizes WAN bandwidth with HS-TCP and MX-TCP
protocols based on TCP. HS-TCP is designed for shared bandwidth connections with no
packet loss, enabling high utilization of large links with single TCP connections. For
scenarios experiencing packet loss, MX-TCP allows the administrator to configure a
throughput limit and allows the Steelhead to use 100% of the limit. The Steelhead prioritizes
lost packets to be sent again.
- Simplified configuration. Riverbed has also added simplified configuration, a welcome
step in remote offices that might not have dedicated IT staff. Upgrades include enhanced
auto-discovery for easier deployments in complex environments, additional failover
capabilities, central management console enhancements, and a local print option.
Taneja Group Opinion
The market for WDS is exploding and Riverbed is a primary beneficiary of this growth.
Riverbed jumped out to a strong leadership position by offering a single platform that
efficiently combined application acceleration, WAN optimization and wide area file sharing. In
contrast, many of Riverbed’s competitors initially attacked the problem from either the WAFS
angle or from the WAN optimization angle. In an attempt to broaden their offerings they have
acquired point solutions, but are now struggling to merge and rationalize the technologies into
unified architectures. One of Riverbed’s core enduring differentiators in the market remains
the fact that with RiOS it has a single, unified platform that can efficiently accelerate
application, WAN, and WAFS traffic.
Riverbed’s claim to fame has always been its broad protocol support within the Steelhead
appliances, which are well suited for large enterprise WANs. With the addition of SSL and
HTTP/HTTPS acceleration, as well as simplified deployment and management capabilities,
Riverbed is successfully defending its leadership position from oncoming competitors.
The enterprise must continually weigh its needs for data security and speed against the
ongoing cost of expensive additional bandwidth. WDS is a fundamental technology for
optimizing the enterprise WAN without incurring huge capital costs, and Riverbed is
deservedly in the thick of it. Taneja Group applauds Riverbed for developing and expanding its
core acceleration technology to serve today’s demanding business applications. Riverbed
continues to push the technology envelope of the WDS category and deliver innovative new
optimization technologies for the evolving requirements of ROBO. As a result, Taneja Group
believes that Riverbed has yet again raised the bar for the entire category and will continue to
defend its leadership position vigorously in the increasingly crowded WDS space.
return
|
