Taking it slow with WAN acceleration
- 30 July, 2008 09:12
First Command, a financial services firm with US$18.6 billion in managed assets and nearly 300,000 clients across the United States, saw the promise of the Internet as early as 1998. It quickly Web-enabled its core applications to support not only its own employees and individual customers, but also its far-flung network of financial advisors and their staffers.
But 10 years of providing highly available, resilient Internet access to its corporate Web applications in Fort Worth, Texas, had taken its toll.
"We had our link load balancer appliances, Web load balancer appliances, SSL offload appliances and DNS management appliances," explains Kevin Dunn, director of network operations at the company, who spoke at a Network World IT Roadmap event. "We had devices talking to devices talking to devices, and then we had redundancy on all those devices. The congestion at our gateway was like the expressway on a bad day."
Dunn and his team decided to tackle the problem using WAN acceleration technology. The idea was to simplify the environment by minimizing the number of appliances, while boosting Web application performance by offloading productivity-sapping tasks from the Web servers.
Security was also a key factor. "We're a financial institution and we take the security of our client's data extremely seriously," Dunn says. "We use very high-grade encryption and SSL types of techniques. We wanted to make sure that those security measures didn't get in the way of customers accessing their data."
(Read about Dunn's must-have features for WAN acceleration products here.)
The short list
Dunn and his team took its list of requirements and whittled potential solutions down to four offerings: Juniper's DX, Nortel's Alteon ACEdirector, Citrix's NetScaler and F5 Networks's BigIP 6400 series.
"Our selection criteria was based on a total package approach," Dunn says. "We were looking for the ability to handle global load balancing, link load balancing, server load balancing, SSL and the ability to do inline content rewrites on the fly. Plus, it had to provide a Web application security layer."
In addition, First Command needed something that was quick to master and easy to support. "We're a midsize company, and we do not have unlimited resources," he says, noting that 22 IT staffers support more than 500 internal employees and 2,200 financial advisors. "We wanted something that was easy to maintain, easy to learn, and would help us simplify the environment, rather than making it more complex."
In all, First Command tested each device for at least two weeks in production-level scenarios. "Because we use server load balancing, we were able to create alternate IP addresses, and then run parallel tests against the same servers at the same time to evaluate the various devices," he explains.
Like many other organizations, First Command's Web environment is complex, including not only Microsoft SharePoint applications and Outlook Web Access for Exchange e-mail, but also several BEA Weblogic and ASP.NET-based applications. "Each of those has their own unique set of challenges, so we tested against all of them," he says.
The first box, the Juniper DX, tested well and got high marks for ease of use. Unfortunately, not long into the test, Juniper announced it was dropping the entire DX line. "That was a surprise," Dunn says. (See story here.) "So right away, we were down to three."
Shoring up SharePoint
The Citrix NetScaler and Nortel ACEdirector boxes also worked well -- for the most part. "They had issues with specific test cases, where we couldn't get them to perform in our environment," Dunn says, noting that SharePoint was a key stumbling block.
After weeks of testing, the F5 box came out on top. "We were really impressed by the flexibility of the platform to address a wide variety of requirements," Dunn says, noting that F5 has partnered with Microsoft to better support SharePoint. The BigIP box also lets users build customized programs, called iRules, to handle unique load balancing and content management scenarios.
That's a feature most other devices lack, he says. "Usually, you're picking from a drop-down list of things the designers have thought you might want to do. But you always run into a case they haven't thought of. With the F5's iRules interface, you don't have that problem," Dunn says.
With the F5 box in place, First Command has improved page load times by 25%, with minimal tuning. And now that F5 has integrated Symphoniq's TRUE customer experience monitor, tuning the box to garner further improvements should be easier.
In a load balanced environment, Dunn says it's typically difficult for a monitoring application to follow the path of a session through the load balancer to determine where it goes in the back-end server environment. "[Symphoniq lets us get a browser to server view of that performance," he says.
Dunn says First Command is already seeing a return on its investment. "It lets us use our existing infrastructure more effectively, through taking the extra load off our Web infrastructure and moving it up into the application acceleration layer," he says. "So now, we can offer more services and applications, if not for less, then at least for the same amount."
He also says the F5 box lets First Command be more proactive in terms of troubleshooting and capacity planning. "That's a hallmark of the newer devices, having a very well-thought-out and available reporting interface," he says, noting that both F5 and NetScaler offer good reporting. "It lets you understand exactly what's happening and then do appropriate capacity planning. You don't have to just buy bandwidth and buy servers, guessing at what's going to solve the problem. That saves some money in the long run."
But the biggest return is in improved customer satisfaction, especially in today's uncertain economy. "Any time you have a down market like this, you need to make sure you're addressing your customers' needs, giving them the information they need to make good financial decisions and allowing your advisors to present the best, most professional services to their customers," Dunn says. "People have a lot of choices in financial services and we want to make sure we're representing our offering in the absolute best way possible. And this helps."
Cummings is a freelance writer in the US. She can be reached at firstname.lastname@example.org.