Executive Guide: App Performance Management...tion, VoIP and service-oriented architecture -- which...

EXECUTIVE GUIDEBack to TOC

Sponsored by CA Wilywww.ca.com/apm

EXECUTIVE GUIDE

With mobile, Web 2.0, SOA and other applications becoming more prevalent, IT staffs are busier than ever making sure applications are

performing up to snuff. Here’s a look a look at strategies and tools being

used to meet this challenge.

KEEPING UP WITH NEW APPS

APP PERFORMANCEMANAGEMENT

http://www.ca.com/apm


EXECUTIVE GUIDE

Sponsored by CA Wilywww.ca.com/apm 2

Profile: CA 3

Introduction Application performance management ................................................................................................................................................ 4

Management strategies How to troubleshoot sluggish apps ....................................................................................................................................................... 5Network pros decide application performance management matters ........................................................................................... 7Dear IT: Forget the technology ............................................................................................................................................................... 8How to improve IT and get better application performance ...........................................................................................................10Managing performance: What you don’t know will hurt you ............................................................................................................11Poor application performance translates to lost revenue, research shows ................................................................................12

Handling a new breed off apps Outing blind spots in the virtual realm ................................................................................................................................................13The challenge of virtualization .............................................................................................................................................................14Is it SOA or SOB? ..................................................................................................................................................................................15The application future shock ................................................................................................................................................................16The path forward: Weathering the perfect storm .............................................................................................................................16Mobile app development moves beyond CRM, but slowly ...............................................................................................................17Get what you need from your Web management platform ..............................................................................................................19Aberdeen spotlights Web application performance .........................................................................................................................21

Application acceleration WAN critical to virtualization’s payoff ............................................................................................................................................... 22How one cash-strapped school district improved application performance .............................................................................. 24The changing role of the network engineer ....................................................................................................................................... 25Applications have a need for WAN speed ......................................................................................................................................... 26Pimp your apps ....................................................................................................................................................................................... 30Speed safely: Application acceleration best practices .................................................................................................................. 33A buyer’s checklist for application acceleration ............................................................................................................................. 35Application acceleration: Making sense of a crowded technology market ................................................................................. 37

Table of Contents




Tech update Application performance management: What makes it so hard? ................................................................................................. 40Infrastructure and application performance management: Separate but equal ........................................................................41What’s the difference between centralized and distributed application performance solutions? ........................................ 42What is considered good application performance? ...................................................................................................................... 43

CA Case Study 44

Table of Contents continued • • •




CA (NASDAQ: CA), one of the world’s leading independent, enterprise management software companies, unifies and simplifies complex information technology (IT) management across the enterprise for greater business results. With our Enterprise IT Management vision, solutions and expertise, we help customers effectively govern, manage and secure IT.

CA Wily is a market-leading provider of Enterprise Application Management solutions. By delivering end-to-end visibility into customer transactions in real time, solutions from CA Wily technology enable companies to successfully manage the health and availability of their critical Web applications and infrastructure. CA’s collaborative management approach allows enterprises to rapidly detect and diagnose application slowdowns and failures, and better assess the impact of application performance on business success. This means better customer service, more stable revenue streams, and higher IT productivity.

Profile: CA




Introduction

The trick is to examine the problem end-to-end, taking into account everything from software to hardware, the performance of the network, and the organization of the team charged with meeting performance goals — an often overlooked factor.

“End-to-end optimization requires a real organizational change,” says Tony Bishop, former chief architect at Wachovia in Charlotte, N.C., and now CEO of IT consultancy Adaptivity. If IT is to become a utility, it must be able to deliver its services without being caught up in internal turf wars and finger-pointing. Now, more than ever, IT must reorganize, he says.

Industry watchers Steve Taylor and Jim Metzler say a number of factors are converging to make application performance manage-ment more challenging. They cite the rise of virtualization, which enables companies to make better use of resources, but often involves pieces from many suppliers that can’t be easily managed via a single system. And Web 2.0 applications and Web services might be housed within multiple data centers or even in the cloud, giving IT shops less-than-ideal visibility into performance.

“When you have an application that calls on another application that is designed, controlled and operated by another organization, whether that is Google or someone else, you have given up all visibility and control over that piece of your overall application,” Taylor and Metzler write in a Network World newsletter. “If there is an availability or performance problem you have little recourse other than to wait for the problem to go away. Not exactly proactive.”

Vendors are developing products to address at least some of these problems, but the challenges are daunting. As a result, there is a lot of industry shuffling, with suppliers such as Symantec selling

off businesses in this market and others, such as VMware and Opnet Technologies, buying them up.

And more change is likely. Buyers, for example, would like to see some convergence take place between products such as data center load balancers and general WAN-optimization devices.

One key for IT is to look at applications from the viewpoint of users, says Thomas Powell, founder of Web development firm PINT.

When customers experience a problem with, say, a Web applica-tion, they rarely take the time to alert the host that something is amiss and the performance management tools available today mostly provide only one piece of the picture, Powell says. Depending on the type of Web application and performance management tool in use, the host might have information on how fast packets are traveling end-to-end, or how many page views a user generated while on the site, but these things don’t amount to much because they’re not showing what the user is experiencing, he adds.

Before installing any of this technology, organizations first need to understand the types of traffic and traffic patterns their networks support.

The adage “you can’t manage what you can’t see” definitely applies here. It’s fairly common for enterprises to deploy acceleration devices with the goal of improving the performance of two or three key protocols – only to discover five or six other types of traffic also benefit from acceleration. On the downside, it’s all too common for buyers to find applications they didn’t realize existed on the network.

The bottom line is that as application environments become more complex, IT organizations need to think more strategically about how to best manage them. It’s becoming increasingly clear that this will take a combination of well-chosen management prod-ucts and the willingness of IT organizations to take a hard look at the way they’re set up to manage applications throughout their life cycle.

What follows is a collection of stories that address the special challenges introduced by new applications. This includes technical explanations of application performance management architectures, a look at organizational strategies that companies are deploying and a focus on application acceleration as a way to boost applications performance.

Application performance management

Maintaining application performance is a black art in this day and age of ser-vice-oriented architectures, virtualized

resources and the need to provide access to a range of devices, including smartphones.




T

Management strategies

PERFORMANCESection 1

APPLICATION

How to troubleshoot sluggish apps

By Denise Dubie

IT managers, industry watchers reveal how to prevent poor app performance

There’s more at stake than lost pro-ductivity when application response times slow to a standstill. Company revenue also takes a hit.

Aberdeen Group recently surveyed 200 organizations and found that issues with application performance affect overall corporate revenue by as much as 9%.

“No one is safe today from the negative impact of poor application performance, whether you’re a gamer, a retail outlet or a Salesforce.com user,” says Jasmine Noel, principal analyst at Ptak, Noel & Associates. “The question is how much money do you have to lose if the application starts crawling along at traffic-jam speeds?”

On the one hand, multi-tiered applica-tions help companies do better business, but on the other, the complexity of the environment in which they reside challenges network managers looking to prevent prob-lems before they reach users and customers. Adding to the problem is the growing adoption of such technologies as virtualiza-tion, VoIP and service-oriented architecture -- which require sophisticated environments that could hinder troubleshooting efforts when problems arise.

“In the past, we were managing the infra-structure, which really doesn’t get into how

the application is performing for the end users,” says Jason Norton, director of opera-tions and telecommunications at media and marketing company Scripps Networks in Knoxville, Tenn. “We need to be able to be aware of and see all of the pieces that make up an application and how they affect the end user to understand when performance is going to be impacted, he says.”

Here we analyze three scenarios in which application-performance problems could elude network managers.

Can you hear me now?Symptom: VoIP calls begin to experience

poor quality and latency, some even drop-ping altogether.

When Koie Smith, IT administrator at Jackson, Tenn., law firm Rainey, Kizer, Reviere & Bell, noticed VoIP calls performing incon-sistently across the network, he first tried to trace the problem to a specific port.

“We have had instances in which a performance problem would occur because something had been put on the network, such as a network-interface card or a port, that causes a problem with an application, such as voice,” Smith explains.

But the performance issues with the application couldn’t be traced back to a spe-cific port. Smith began looking further into

the QoS settings he had established when he rolled out voice traffic and discovered why the voice users were suffering: Undefined priority tags on voice packets across multiple switches meant that only some of the traffic was given priority, which resulted in spotty performance.

The solution? Updating the QoS tags and specifically defining the priority tags for voice traffic across all network switches.

“From the network side of it, it is critical to define tagging and assign priorities on the switch for such specific traffic as voice or video,” Smith says. “A lot of switches will identify and acknowledge that QoS tag, but if you don’t also have a priority tag on each switch - even if you have it tagged at the source - the switch just dumps that traffic in with all general traffic, and it doesn’t get the allocated bandwidth it needs to perform well.”

Application, heal thyselfSymptom: E-mail grinds to a halt on a

user workstation, but by the time the help desk attempts to fix the problem, it seemingly has resolved itself. A few weeks later, another user reports a similar concern.

Tracking down the source of transient problems is one of the more challenging tasks for network managers, Noel says.

For one, many troubleshooting tech-




Section 1: Management strategies • • •niques require network managers to capture data about what was happening at the time of the problem. In addition, most minor problems that occur intermittently point to a larger underlying issue that IT must resolve before the application stops acting spotty and fails altogether.

“First, you have to notice this has hap-pened and record it, so that when it happens again, you know it deserves attention,” Noel says. “Then you have to catch it when it happens, so you can dissect it and prevent it from happening again.”

Baselining typical application perfor-mance with monitoring and measurement tools can help network managers under-stand how an application typically behaves and set thresholds to be alerted when it begins to stray. By using probes that capture traffic and packet data, network managers can go back and recreate these incidents as they happen and look for similar traits - a misconfigured server or a poorly designed application, for example.

“You have to check configuration details, memory and utilization; and you have to do it for all of those mini-incidents to see the common thread that connects the instances to a larger problem in the environment,” Noel says.

Scripps Networks’ Norton uses NetQoS SuperAgent technology to collect conversa-tions from across the network to pinpoint the cause of problems that crop up and seem-ingly disappear. The product enables him to do packet capture and perform SNMP polls to gather data about transactions, thresholds passed and application-response times.

“You almost have to have the problem

occur to be able to troubleshoot it. NetQoS will show us different pieces across the network [when] a database was running slow or server processes took a particularly long time,” Norton explains. “It helps us to say with confidence, ‘At this point in time, this is what was happening.’ And that speeds troubleshooting.”

Location, location, locationSymptom: A file-sharing application per-

forms well for some users, but others report problems trying to access and work with the same application.

“We have had problems that come up in one location that don’t happen in the other location,” Norton says. “And when you are dealing with the same application, it can be tough to translate why an application would be slow for one group and not the other.”

The source could be misconfigured devices, which could stall application traffic, even across a LAN. For instance, DNS servers could route application traffic down different paths, causing slowdowns for some users while others experience no change in service.

“If DNS is not set up properly, applications will run pitifully slow because anything talking across the network is talking to it by name. If the name is not accurate, the IP address cannot be resolved and traffic will come to a halt,” says Glenn O’Donnell, a senior analyst at Forrester Research

One solution is to implement a combina-tion of application-dependency-mapping and configuration-management tools. These can help network managers understand

which servers applications to use to fulfill requests, and track how configurations might have changed or may differ among resources, leading to a slowdown.

“The brightest sleuths are often assigned to find these [configuration errors], but even they are now becoming overwhelmed by the complexity. It can take a number of days to hunt the problem down, and that can become time consuming and expensive,” O’Donnell says. “We need to come up with better modeling tools to analyze all of the possible combinations of configuration settings. The needle keeps moving, and the haystack keeps getting bigger.”

Aside from pinpointing the initial cause of a configuration error and correcting it, network managers should be establishing rigid change-and configuration-management policies (such as those detailed in ITIL) to make sure unauthorized changes don’t result in major outages later on.

“If an organization has well-defined problem and incident-management pro-cesses, they can quickly detect a problem they haven’t seen before and work to define how to handle it the next time it occurs,” Ptak, Noel’s Noel says. “Invariably the problem will happen again - maybe not tomorrow, but when everyone has completely forgotten about it. If the proper processes are in place, organizations can use proven methods to resolve such errors and even work to the fixes with tools.”




T

Section 1: Management strategies • • •

The days of finger pointing between network teams and appli-cation groups might be on the way to extinction, according to survey data recently released by BT.

During January 2009, BT in North America conducted a Web-based survey on networked application performance, which was completed by 140 IT profes-sionals worldwide. And the results show that now more of those surveyed are equally concerned about network and application performance. In fact 42% surveyed this year said they are taking a more balanced perspective on the performance of their networks and enterprise applications, while just 28% indicated the same in 2002.

“After years of not talking to one another, application development and networking professionals finally seem to understand that the performance of networked applications

depend on a cooperative approach,” reads the report authored by Rick Blum, director of strategic marketing at BT. “But that hasn’t yet translated into improved performance, either when the application is first deployed, or during its production lifecycle.”

Still, respondents said 40% of networked applications fail to meet expectations when initially deployed. According to BT, the initial and final performance of networked applications had not improved over the last five years. In 2004, 78% of respondents said the final performance of their networked applications met or exceeded expectations, and that number jumped to 83% in 2007 but dipped back down to 71% this year.

While respondents say there are several barriers to superior application perfor-mance, cost ranked the highest among those mentioned. More than half (54%) reported that the cost of tools prevented them from achieving optimal application

performance. Fifty percent said justifying the costs and benefits of appropriate application performance management tools to upper managed continued to be a hurdle. Nearly half (47%) indicated they had a difficult time obtaining cooperation from applica-tion development teams. And 42% said that accurately estimating the time, effort, cost and scope required to achieve optimized application performance challenged them.

Other issues included inadequate manpower and staff turnover for 39%, lack of tools for another 39% and lack of expertise for 32%. Thirty-eight percent said determining application and network compatibility remained a barrier.

“IT organizations need to understand that when application performance fails to meet expectations, the result can be costly, both in monetary terms and loss of reputation in the marketplace,” the report reads.

Network pros decide application performance management mattersBT survey shows network professionals take a bigger stake in delivering optimized application performance, but haven’t achieved the results wanted just yet

By Denise Dubie

Respondents said 40% of networked applications fail to meet expectations when initially deployed.





T

Dear IT: Forget the technology

The scenario is typical: The lights on the network-management consoles are a soothing shade of green, but a top revenue-gen-erating application is crawling. Business users have swamped the help desk with calls and trouble tickets. Everyone there is calling the network team to figure out the problem.

“The network is the lowest common

denominator everyone points to when there’s a problem,” says Michael Morris, a network engineer for a $3 billion high-tech company and a Network World blogger.

“We have one application that as soon as it goes bad, the application team assumes it must be a network problem. [The team] even configured software so that when there’s a problem, a message pops up telling the user that the error that has occurred is probably a network issue and to contact the help desk,” Morris says.

The same phenomenon plagues the

American Heart Association (AHA), says Josh Hinkle, manager of network manage-ment and security at the Camp Hill, Pa., organization. “It always falls back on us. Somebody will say, ‘There’s a big sinkhole in front of the building’ — and everyone will think, ‘Oh, it must be the network,’” he jokes.

Pointing fingers at the network is no laughing matter, however. Application per-formance — especially in today’s world of service-oriented applications and virtualized desktops, servers and storage — is a factor of a company’s technology as a whole. More

By Joanne Cummings

When it comes to optimizing applications end to end, the biggest game-changers are organizational, not technical

“Somebody will Say, ‘there’S a big Sinkhole in front of the building.’ – and everyone will think, ‘oh, it muSt be the network.’”

JoSh hinkle, manager of network management and security, american heart association, describing the perennial blame

the network receives when applications are slow

nic

ho

laS

mc

int

oS

h





often than not, performance degradation can be traced to causes at many different infrastructure layers: server, application, database, desktop, middleware and so on.

“Ninety percent of the problems these days aren’t network problems,” says Tracy Corbo, a senior analyst for network and service manage-ment at IDC. “It’s probably something about the application, maybe how it’s accessing the database, or maybe a piece of the database is down. There might be three or four people who need to be involved in that discussion to figure it out,” she says.

Such complexity puts siloed IT infrastruc-tures at a disadvantage, especially when it comes to ensuring, supporting and trouble-shooting application performance end to end. Rather than relying on the server team to keep the servers up, the database team to handle the databases, and the security and network teams to make sure their pieces work as promised, all the pieces — and staff — need to work together seamlessly.

A different mind-set“End-to-end optimization requires a real

organizational change,” says Tony Bishop, former chief architect at Wachovia in Charlotte, N.C., and now CEO of IT consul-tancy Adaptivity. If IT is to become a utility, it must be able to deliver its services without being caught up in internal turf wars and finger-pointing. Now, more than ever, IT must reorganize, he says.

“People need to become accountable as part of a value chain, instead of being accountable for a specific function,” Bishop says. “It’s not the server; it’s a component of a value chain of delivering services. And that’s a different mind-set,” he says.

Others agree, saying the best way to ensure optimal application performance end to end is to group the IT department into two units: application delivery and application support.

“We’re starting to organize that way,”

network engineer Morris says. “We still have infrastructure and applications, but we now have infrastructure operations and infra-structure delivery within the infrastructure team. And the delivery teams are aligned with the application teams,” he says.

For example, if the sales application team wants a new application, it has its own sales infrastructure team that handles server and network provisioning, and so on. “So, we’ve seen some alignment,” Morris says. “We call them build-teams, but essentially, they align with the business applications. They under-stand the business objectives and say, ‘OK, these are the new applications coming in the business unit, these are the servers, network and all the hardware we’re going to need to make that application work,’” he says.

Upfront inputThings can get pretty hairy in the absence

of such alignment. Morris cites a case of SAP-application performance gone bad at his company. “The apps guys tested it on the LAN, and it was fantastic. Little did they know that each session was chewing up about 400Kbps of bandwidth. On a LAN, that’s nothing, but over a WAN, you can only put about four or five of those in before the circuit fills up,” he says. “That’s the kind of stuff that needs to be seen by us more at the beginning. And we’re starting to evolve that way.”

Hinkle agrees, although he’s not too sure how fast that evolution will be. At the AHA, business users buy the bulk of applications. If they suit the needs of the business, they get deployed, no matter what, he says. “If I were brought in during the evaluation phase, I’d leave the meeting and go buy a lottery ticket!” he says. “I don’t foresee that hap-pening in the near future.”

Until it does, acceleration and the like help mitigate problems, Hinkle says: “If we optimize and accelerate traffic, then it might run like it’s on a slow LAN rather than a slow WAN.”

Ideally, IT departments wouldn’t have to

consider the quick technology fix. Instead, they’d reorganize around service delivery.

“If you spend $500,000 on WAN accelera-tion and make the application respond five seconds faster, what’s the business benefit of that?” Morris asks. “You might get some benefit out of it because it’s good technology, but it’s not going to be a business-changer unless you truly align with the business and understand the goals and objectives. There are a lot of organizational, communications and relationship issues you need to build before you can really exploit the technology.”

Getting the IT department to the point where it can deliver optimized applications end to end is an evolutionary, iterative pro-cess that top IT executives need to drive. “You need to publish the mantra ‘We’re delivering services, and we’re all a part of this value chain,’” Adaptivity’s Bishop says. “And you have to educate and re-educate, measure and re-measure. It’s like a broken record.”

In the end, Bishop envisions IT depart-ments organized like a utility, in which there are generalists in charge of monitoring and management of services, specialists aligned to services for development, and SWAT teams to address problems as they arise. “The way [the IT group] participates in the service delivery, and how everything is moni-tored and managed, cuts across everything,” Bishop says. “There is just one monitoring and management group everyone answers to.”

The payoff will become obvious, experts say. As staff becomes more fully involved in application development, delivery and sup-port, optimization just naturally falls out.

“Management may look at this and say it’s too costly and it takes too long to deliver the application, but you need to look at the long-term benefits,” Morris says. “If you’re talking about applications that run your business, you don’t want people working in silos. You want people understanding and involved in the application and taking ownership.”





1. Take a SWAT team approach Even if an IT organization mostly is set up in silos, it should

be possible to pull together select individuals quickly for trouble-shooting when problems arise. “We can’t just wait for the lights to change color,” says Josh Hinkle, manager of network management and security at the American Heart Association (AHA) in Camp Hill, Pa. “We take more of a SWAT team approach. When we need to troubleshoot, we pull the applications group and anyone else together and get everybody’s buy-in right upfront.”

2. Change the process Hinkle says he gradually is changing critical processes at the

AHA to make IT staff more service-oriented. In the past, for example, business users would request new applications or services via a service-desk ticket. The IT department then would contact the users and try to clarify their goals and objectives. “It got to be like playing 50 questions,” he says. “We’d ask for a lot of information and eventually [users got] confused and overwhelmed. They wondered, ‘Why can’t these network guys just give me what I want?’” Now users request new services via a Web form that lists the information required upfront in a clear manner. “Now they see us as delivering a service vs. being a roadblock,” he says.

3. Start with midtier applications When an IT department begins to transform the way it develops,

delivers and supports services, it’s best to start with an application that’s not too small and not too big. “Decide that this is the new way we want to deliver and support applications, then try it on a new application,” says Michael Morris, a network engineer for a $3 billion high-tech company and a Network World blogger. “You don’t want to use some small app that nobody cares about, but you don’t want to use your corporate finance program either. Find something that people know about and that will be big enough to test out the process,” he says.

4. Implement a CMDBTurning to a change-management database (CMDB) tool, such

as Tideway Systems’ Foundation, helps the transformation process because it yields an objective view of the environment, says Tony Bishop, formerly chief architect at Wachovia in Charlotte, N.C., and now CEO of IT consultancy Adaptivity. This alleviates finger-pointing. Rather than each silo’s staff looking at its own tools, a CMDB looks at everything and generates an objective level of truth. “Not only does it give me my physical inventory, but it actu-ally generates the mapping of my users, applications and all the infrastructure components down to the subnet level of the network. Everyone gets subjective, saying ‘that’s not the way we do it’ or ‘that’s not the way it is’ or whatever. A CMDB stops all that,” he says.

How to improve IT and get better application performanceRemoving silos and creating an IT structure around the goal of optimized-application delivery and support won’t happen overnight. Here are some stepping stones

By Joanne Cummings




T


The old saying “ignorance is bliss” doesn’t apply to the myriad factors that can contribute to poor application and network performance. The less network managers know about the compo-nents in their environment that impact performance, the more likely they suffer unplanned out-ages, application performance degradation and costly network downtime. The problem is rooted in a lack of visibility into network and application performance, according to industry watchers.

Aberdeen Research polled more than 200 organizations between May and June 2008 and found that nearly 60% of the organizations polled reported that they were not satisfied with the performance of business critical applications and survey

respondents said issues with application performance are impacting corporate revenue by up to 9%.

The research firm in September surveyed 167 organizations to learn how they work to overcome the challenges associated with network and application performance. The good news is that 85% of those polled said they increased the amount of performance data collected in the past two years. More than half also reported decreasing the time required to troubleshoot network and appli-cation performance issues, and 41% said they improved their organization’s success rate in preventing performance problems.

But the research also revealed that 44% of organizations that increased the data they collected didn’t experience any improvements in their ability to prevent performance issues. Drilling down, Aberdeen learned that enterprise IT execu-tives face many obstacles in their efforts to gain visibility into performance across their environment.

Forty-three percent of those polled in

September said a primary obstacle involves an inability to identify performance bottle-necks before applications are deployed on the network. More than one-third identified monitoring analyzing network and applica-tion performance while also deploying a WAN optimization solution as a key chal-lenge. More than one-quarter are challenged to find relevant and meaningful data when filtering through performance data. And 23% reported monitoring and analyzing network and application performance after conducting virtualization projects.

“[Organizations] are increasingly realizing the need to start gaining visibility into performance related issues before conducting new technology rollouts,” the Aberdeen Group report The Value of Network and Application Visibility reads. “Organizations are becoming increasingly concerned about the impact that their WAN optimization and virtualization initiatives are having on the ability to achieve full visibility into network and application performance.”

Managing performance: What you don’t know will hurt youVisibility, understanding of network and application data can improve performance.

By Denise Dubie




P


Poor application performance causes more than headaches for end users trying to access resources and network managers hoping to keep workers produc-tive. It impacts a business bottom line and equals lost revenue to many organizations, a recent Aberdeen Research study shows.

Aberdeen Research polled more than 200 organizations between May and June 2008 to learn more about how application performance is managed and what happens when it doesn’t perform as expected by the business. Nearly 60% of the organizations polled reported that they were not satisfied with the performance of business critical applications and survey respondents said issues with application performance are impacting corporate revenue by up to 9%.

The reasons behind the application performance woes are many. Nearly 60% of survey respondents reported the inability to identify issues before end users are impacted as a top challenge when dealing

with applications. More than 50% said the increased complexity of applications chal-lenged them, and 37% said they were unable to measure service-level agreements and application performance. Some 34% reported an inability to test application performance in pre-production stages and close to one-third said an increase in the complexity of network traffic caused problems managing application performance.

The effects the business experiences due to the challenge of managing applica-tion performance are also numerous. For instance, 58% of respondents said they experience declined employee satisfaction. Half of those surveyed said they lost revenue opportunities because of poorly performing applications. Some 47% indicated that they had decreased responsiveness to the needs of external customers and 32% said they experienced damage to their brand reputa-tion. And 31% found that their IT staff also lost effectiveness due to subpar application performance.

Aberdeen also found that organizations are planning to increase the number of business critical applications by 67% over

the next 12 months (from six on average to 10 applications), but concerns over how to manage the additional load might hold them back. For instance, close to 70% are worried that adding new applications will increase the consumption of network capacity. Forty-five percent are concerned about a lack of visibility into application performance, and 41% have issues with rolling out new applica-tions without them being tested. Close to 40% think application acceleration tools won’t be enough to guarantee performance and 38% said that complex Internet applica-tions could negatively impact performance. Some 31% believe virtualization of applica-tions and data storage (Compare Storage Virtualization products) would further challenge application performance manage-ment, Aberdeen’s study found.

“All of the top concerns surrounding application performance could be sum-marized as: lack of network capacity, lack of visibility into network and application performance visibility into quality of end-user experience, and an increase in the complexity of applications,” the Aberdeen report reads.

Poor application performance translates to lost revenue, research showsPoor application performance creates more than headaches for end users and network managers.

By Denise Dubie




V

Handling a new breed off apps


APPLICATION

Outing blind spots in the virtual realm

By Denise Dubie

Vendors provide visibility into network and application performance data in virtual server environments

Virtual servers help data cen-ters provide more resources on demand, but they also create a bit of a blind spot for IT manag-ers responsible for network and application performance across the virtual environment.

The finger-pointing practice in IT may have subsided a bit over the years, but network managers still must prove they -- or rather their networks -- are not to blame when applications perform poorly while traversing both physical and virtual services. Yet now they have to deal with potential blind spots between client and application and application and application commu-nications within the virtual environment, says Charles Thompson, product manager at Network Instruments.

“We hear from network managers all the time about how they have to be very focused on what is running across their network because often they are expected to be able

to point to the cause of the performance problem even if it is not on the network,” he says.

Thompson says network managers are challenged to access data streams with purpose-built devices such as packet analyzers, but by using a virtual component Network Instruments is able to provide vis-ibility into otherwise blind areas while also correlating the data with other network and performance related data.

“Network managers lose perspective within the virtual machine host as well as with communications between applications and clients or between other applications,” Thompson explains. “Basically Network Instruments has created a Virtual TAP tech-

nology to gain visibility into performance data that is internal to the host as well as communications data external to the virtual machine.”

Network Instruments Virtual TAP works with the vendor’s Observer product line and various probes. With this enhanced capa-bility all virtual traffic and communication flowing within the virtual machine host can be copied and sent to the vendor’s GigaStor appliance for back-in-time analysis or the Observer Reporting Server for enterprise-wise performance reports, according to Network Instruments.

Available now, the virtual performance management capabilities will be included as a standard upgrade for existing customers.

“we hear from network managers all the time about how they have to be very focused on what is running across their network because often they are expected to be able to point to the cause of the performance problem even if it is not on the network.” charleS thompSon, product manager at network instruments




Section 2: Handling a new breed of apps • • •

ATThe challenge of virtualization

At the hundred thousand foot level, there are two approaches to virtualization. In one approach, a given resource is made to look like it is multiple resources of the same type. Running multiple virtual LANs (VLAN) over the same LAN infrastructure is an example of this type of virtualization. Running multiple VPNs over a given WAN link is another. The other type of virtualization calls for combining a number of resources of the same type and having them perform as if they were one larger resource. It is a bit of a stretch, but inverse mul-tiplexing is an example of this form of virtualization.

By Steve Taylor and Jim Metzler

The impact of virtualization on application delivery

While we have had network virtualization for a long while, there is growing enthusiasm to virtualize a wide range of other types of IT resources, including desktops, servers and storage. Given this trend, in the not too distant future, the information flow in the n-tier applications that are so common today will be notably different. For starters, the branch office user will be on a virtualized desktop that actually runs on servers in the data center. The user will access the branch office router over a VLAN, which may or may not be a change from the current approach.

The branch office router, however, may well have changed. In addition to routing, the router may also host some applications or Web services. Also, since the deployment of WAN Optimization Controllers (WOC) is increasing, in the near future it will be much more likely that the data flow transits a WOC. However, this will not be the type of WOC that we have all come to know and love. For example, in addition to providing standard WOC functions such as caching, compression and protocol acceleration, this WOC will also provide virtualized network services such as DNS and DHCP. Given the ever-increasing concern about security, in the near future it will be even more likely than it is today that there will also be a firewall in the branch office. This may be a traditional firewall, or firewall software running on a virtualized server.

The data flow next transits a WAN link that today is virtually always a terrestrial link. However, for both backup and performance reasons,

we will see the deployment of 3G links, which will exacerbate the WAN performance issues. Upon entering the data center, the traffic hits a virtualized application front end (AFE) which is often referred to as an application device controller (ADC). It is interesting to note that some vendors such as Cisco are taking a given AFE and turning it into a number of virtualized AFEs. Other vendors, such as A10, are combining individual AFEs into a single more powerful virtualized AFE.

After transiting the AFE, the next step for the traffic is to be fed to an application that is running on one of a number of virtual servers, which may or may not be isolated from each other by virtualized firewalls. The phrases virtual servers and virtual firewalls refers to making a single server or firewall act as if it is multiple servers or firewalls. When the application requires data it gets it from virtual storage that is typically created by combining a number of individual pools of storage into one large pool of storage.

It is interesting to note that the concept of an AFE goes back to the era of IBM’s SNA (System Network Architecture) when there would be a front end processor (FEP) in front of a mainframe computer. The role of the FEP was to offload communications-oriented, computationally intensive tasks from the mainframe computer. Today’s AFEs got started by offloading communications-oriented, computationally intensive tasks from servers. It is also interesting to note that the concept of a virtualized server is not new.




T

Section 2: Handling a new breed of apps • • •Thirty years ago IBM operating systems

made a given mainframe appear to be multiple computers. An obvious conclusion is that IBM pioneered a lot of concepts that are as relevant today as they were thirty years ago. It is very important to note that the communi-cations and computing environment that IBM created thirty years ago was very complex. This environment was manageable in large part because IBM developed a lot of management tools and because virtually all of the piece parts came from the same vendor. In today’s world, the piece parts come from myriad

vendors.We are not saying that there are not tools to

manage all of the added complexity described in the preceding example. In some cases there are. VMware certainly has tools to manage the virtualized desktop environment and Cisco has tools to manage its ADC, which it refers to as ACE (Application Control Engine). In addi-tion, a number of other vendors are paying a lot of attention to this area.

However, what we are saying is that the number of components in the end-to-end data flow is increasing significantly and with

that comes added complexity. For example, today over half of the outages are caused by poor change management. The potential for poor change management increases dramati-cally as we virtualize more and more of the infrastructure. We are also saying that as we virtualize IT there are more components in general, and more components that are likely to have variable performance characteristics. So if you think it is tough to ensure acceptable application performance today, the movement to virtualization will dramatically increase that difficulty.

Is it SOA or SOB? By Steve Taylor and Jim Metzler

There is a compelling value proposition for deploying a service-oriented architecture (SOA) based on the use of Web services. The basic idea behind an SOA is not new. From a technical perspective, the idea is that IT would develop reusable software modules that would easily interact with each other. From a business perspec-tive, a Web service is not reusable software, but reusable compo-nents of a business process that can be plugged together like tin-ker toys to create new business processes quickly.

The movement to an SOA based on the use of Web services represents the next step in the development of distributed computing. To understand why the movement to Web services-based applications will drastically complicate the task of ensuring acceptable application performance, consider the typical 3-tier application architecture that is so common today. In a 3-tier application the application server(s) and the database

server(s) typically reside in the same data center. As a result, the impact of the WAN is constrained to a single traffic flow, that being the flow between the user’s Web browser and the application server.

In a Web services-based application, the Web services that comprise the application typically run on servers that are housed within multiple data centers. In many instances, at least some of these Web services reside in data centers owned by a company’s partners, customers and suppliers. As a result, the IT organization has little insight into, or control over, what is happening in those data centers. In addition, the WAN impacts multiple traffic flows and hence has a greater overall impact on the performance of a Web services-based application than it does on the performance of an n-tier application.

There is another aspect of Web-services based applications that concerns us and that is not discussed very often. By definition, Web services are reusable. At any point in time a given Web service could be part of multiple applications. For the sake of example, assume that a given Web service was part of 10 applications, one of which is both business critical and time sensitive, and the other applications are not. If all of the applications are trying to utilize that Web

service at the same time that will create a performance issue for all of the applications that rely on that Web service.

We are not saying that vendors are not working on the issues we are raising. Sonoa Systems, for example, is developing products that can control the usage of Web services. Referring back to the preceding example, their product would give the business-critical, time sensitive application more access to the identified Web service than would be given to the other nine applications.

Ok, now let’s put things together. It is not as if an IT organization is deploying virtualization or they are deploying an SOA. In most cases, they are heading down both paths simultaneously on their way to the perfect storm that we have been talking about. What that means is that IT organizations will have all of the management issues relative to virtualization. In addition, IT outfits will also have all of the issues associated with the fact that an application is comprised of multiple Web services that communicate numerous times across the WAN. Also, it means that each of the Web services that comprise a given application is likely to be running on a virtualized infrastructure that comes from a variety of different vendors. That is a manage-ment nightmare.




T

ASection 2: Handling a new breed of apps • • •

A lot of IT professionals view the phrase Web 2.0 as either just marketing hype that is devoid of any meaning or they associate it exclusively with social networking sites such as MySpace.

While that reaction is understandable, it tends to make IT professionals unable to grasp the impact of Web 2.0 on the enterprise. From a business perspective the goal of Web 2.0 is to allow for greater flexibility for presenting information to the user. Admittedly, that is vague. A key component of Web 2.0 is that the content is very dynamic and alive,

and that as a result people keep coming back to the Web site. That is a little less vague and should begin to concern you because if the content is truly dynamic, that reduces the ability of IT to use traditional caching techniques to optimize performance.

To us, one of the most concrete aspects of Web 2.0 is not what it does, but the fact that Web 2.0 applications are typically constructed by aggregating other applications together. This has become such a common concept that a new term, mashup, has been coined to describe it. According to Wikipedia, a mashup is a Web application that combines data from more than one source into a single inte-grated tool - a typical example is the use of

cartographic data from Google Maps to add location information to real-estate data from Craigslist, thereby creating a new and distinct service that was not originally envisaged by either source.

Mashups are cool. There is just one small problem. When you have an application that calls on another application that is designed, controlled and operated by another organiza-tion, whether that is Google or someone else, you have given up all visibility and control over that piece of your overall application. If there is an availability or performance problem you have little recourse other than to wait for the problem to go away. Not exactly proactive.

The application future shock By Steve Taylor and Jim Metzler

To summarize the perfect storm, in the near future IT organiza-tions will be able to go to senior management and talk about the cost reductions and added business agility that came as a result of implementing virtualization and moving to new application architec-tures such as SOA and Web 2.0. However, as a result of having deployed these initiatives one of the company’s key applications could be either unavailable or running so poorly that is was unusable for hours at a time, and the IT organization is not likely to know the source of the problem or be in a situation to resolve the issue.

The issue is not that vendors are not developing management prod-ucts to solve at least some of the problems we have been discussing. They are. One of the issues that concern us is that the sheer number of components in the end-to-end data flow is increasing dramatically.

In addition, the number of components that have variable perfor-mance is also increasing dramatically. Hence, even if there were a great tool to manage each of these components and IT had the resources to acquire all of these tools, there would still be a huge burden on the IT organization to stitch all of this management information together into

a coherent view of application performance. In addition, in the case of some Web-services based applications and most Web 2.0 applications, the application is comprised of some components over which the IT organization has neither visibility nor control.

We do not feel that it is hyperbole to say that in the very near term, ensuring successful application delivery will be an order of magnitude more difficult than it is today. However, success is possible. We believe that it is time to develop an end-to-end architecture for how all of the various pieces will fit together. This architecture, of course, has to be closely linked to what the business is attempting to accomplish.

From an infrastructure perspective creating this architecture involves having discussions with your key suppliers about where they are heading and how they see their component of the infra-structure interacting with the other components of the infrastructure. It also requires that the infrastructure organization develop closer relationships with the application development organization in order to better anticipate the demands that applications will make on the infrastructure.

Finally, it means working with the key management vendors to develop a management architecture. One of the key aspects of the architecture is identifying at a granular level the functionality that needs to exist in both the applications and the infrastructure. An equally important aspect of that architecture is identifying how all of that functionality gets integrated into a system that IT organizations can use to avoid drowning in the perfect storm of technological innovation that is brewing all around us.

The path forward: Weathering the perfect storm


Steps that IT organizations can take to minimize the perfect storm’s impact on applications

There is a coming perfect storm in which IT organi-zations deploy a series of initiatives, each of which is beneficial, but ends up with a situation where applications essentially cease to function. What follows are steps that IT organizations can take to minimize the impact of this perfect storm.




E


Mobile CRM tools for salespeople have been on the market for several years, and more recently IBM’s Cognos division has adapted business intelligence tools for handheld devices. The innovative form factor of the iPhone is also spurring vendors to think about how applications can be shrunk down for workers on the go.

But the mobile application market is still being held back by small screen sizes and limitations in storage, memory and computing power, according to analysts and vendors. Some applications are simply too complex for today’s mobile devices.

“A lot of business applications that are done in house have to do with analytics,” notes Saswato Das, a spokesman for SAP’s business applications unit. “If you want to run something fairly sophisticated that requires a lot of memory, that requires a lot of computing power, a handheld today is not the best place to do it.”

SAP, therefore, focuses most of its mobile efforts on providing customer relationship management (CRM) tools to sales and marketing people, he says.

Companies like Oracle and IBM are also optimizing their applications for smartphones to satisfy demand from an increasingly mobile workforce. A product called PCNow made by Cisco’s WebEx division even gives smartphone users remote access to their PCs, allowing them to view files and folders from their hard

drives and search their desktop com-puters, all from a BlackBerry or similar device.

Moving beyond CRMBut how much work do users really

want to do on a BlackBerry? Gartner analyst Ken Dulaney thinks most workers don’t want their smartphones to be like a second computer. Instead, they want just enough functionality to get by when they are out of the office. Dulaney sees GPS systems as a natural fit for mobile phones. But tasks have to be important and time-sensitive to make people accept the inconvenience of a small keyboard and screen, he says.

If you were presented a mobile phone and laptop side by side, and both had the same capabilities, “you would never use the phone,” Dulaney says. “If people can wait until they get home or wait till they get back to their office, they will. The transactions put on the phone have to have some sense of time-criticality.”

Perhaps Apple’s iPhone will do for the business market what it has done for con-sumers, but it hasn’t happened yet. Vendors say they are testing applications on the iPhone, because they want to be ready in case businesses decide to replace their keypad-based devices with the iPhone and its touch screen.

A vendor called Etelos has made its CRM platform available on the iPhone. SAP

Mobile app development moves beyond CRM, but slowlyTiny screens, lack of demand hamper mobile development

Everywhere you go these days, people are using BlackBerries to check e-mail and set up appointments. But the march toward everyday use of more complex business applications on smart-phones is going slowly at best.

Mobile currentsForrester Research identified three key mobile trends to look out for in 2008 and beyond

1. The BlackBerry vs. Microsoft battle for market share will hinge on user experi-ence and cost. BlackBerry is the clear leader today because of a strong user experience, sleek devices and a detailed level of control thatÕs attractive to IT. But many customers view the Windows Mobile operating system as the future because tight integration with Microsoft products makes it more cost-effective.

2. Enterprises and device manufacturers will try to break free from carrier control. Wireless carriers not only control which devices they allow on their networks, but can influence which technology and appli-cations are installed in devices and which service plans subscribers must use. Some enterprises will rebel by buying mobile devices from alternative channels, such as value-added resellers, systems integra-tors and online retailers, and directly from manufacturers.

3. Management of smartphones and other client devices will begin to merge into one holistic approach. “Enterprises want to manage handhelds the same way they manage PCs, as just another endpoint on the network,” Forrester writes in its report, “Key Device Trends that Will Shape Enterprise Mobility in 2008.”

By Jon Brodkin





demonstrated a CRM application on the iPhone in December, but for now Das says the BlackBerry is “the king of the enterprise” and thus SAP’s main focus.

“We would love to do the iPhone,” says IBM Cognos product man-ager Anastasia Valentine. But “we haven’t seen the enterprise demand for the iPhone yet.”

Meanwhile, Cognos is pushing the mobile application market beyond CRM tools with IBM Cognos 8 Go! Mobile, a business intel-ligence tool for BlackBerries and phones based on the Windows Mobile operating system. Cognos Mobile has been available for more than a year.

Making a desktop application useful on a mobile device is chal-lenging, Valentine notes. Some functionality must be stripped away in the mobile version, while new tools must be added to make applications easy to use.

With Cognos for mobile, product developers added interactivity ele-ments, such as the ability to drill down on specific objects, hide and show columns and scroll through rows. The idea is to change the appearance of reports to make them easily readable on a 2-inch screen. Smartphone users can have scheduled analytical reports run automatically and delivered to the mobile device, though they still may prefer to access the reports on their desktops, Valentine notes. PDF-based printing is among the features that aren’t available on the smartphone version of Cognos.

Specialists requiredMore than half of North American

and European enterprises have deployed mobile e-mail, contacts and calendar, according to Forrester Research. In addition to those basic tools, some enterprises are using smartphones for inventory manage-ment, logistics, field services and customer-facing applications, the research firm reports.

At DirecTV of El Segundo, Calif., 130 sales managers access Oracle’s Siebel CRM On Demand on their BlackBerries.

“These guys, they live and die by this thing,” says DirecTV program manager Erik Walters.

Getting to that point required help from a third-party vendor called Antenna Software. DirecTV uses Antenna’s technology to access Siebel CRM On Demand through the BlackBerry. “Antenna is the resident application that sits on the BlackBerry device,” Walters explains. “They

use connectors to the Web services from Oracle.”DirecTV began using Siebel CRM more than three years ago, and

chose Antenna because the CRM tool itself hadn’t been extended to mobile devices. While Oracle made the Siebel CRM platform acces-sible through BlackBerries in 2007, Walters says the functionality is light compared with using Antenna to access the Oracle system.

That’s not uncommon, according to Gartner’s Dulaney. Big vendors in general haven’t spent as much energy on mobile appli-cations as they do on their flagship products, allowing mobile apps to go long periods without any updates. A lot of third parties like

Antenna have cropped up to pick up the slack, he notes.

DirecTV’s sales managers rely on their BlackBerries when visiting resellers, or dealers, whether it’s a big company like Best Buy or a small satellite company, Walters says.

Phone calls to dealers, service requests, and tasks and appointments are automatically associated with the dealer’s account. Sales reps also can place notes into an account that are visible to other DirecTV salespeople.

“The BlackBerry gives us the opportunity to have a complete 360-degree view of a dealer,” Walters says. “Because as other people are working on these accounts . . . everybody’s managing information into the same spot.”

If sales reps meet with dealers they haven’t corresponded with previously, they can use the Black-Berry to get all pertinent information about payments, service requests and activation rates.

Walters hopes the future will bring further integration allowing the BlackBerry to access DirecTV’s proprietary back-end systems. “It would be nice to go through Web services

and have direct links to those,” he says. DirecTV even applied to Apple for a beta program to test out the iPhone for business purposes.

Meanwhile, for other companies interested in expanding their deployments of business applications to mobile devices, there’s good news on the security front, according to Gartner’s Delaney. The ability to perform a remote wipe on a lost device is pretty standard on the BlackBerry and similar devices. Encryption, virus checking, password systems and virtual private networks are readily available as well, Dulaney says.

In terms of security, “we don’t look at these devices as being any different” than a laptop, he says.

“the blackberry giveS uS the opportunity to have a complete 360-degree view of a dealer. becauSe aS other people are working on theSe accountS . . . everybody’S managing information into the Same Spot.”erik walterS, directv program manager

ma

rk

ha

rm

el




T


Get what you need from your Web management platform

By Beth Schultz

1. When you’re monitoring for performance, make sure you’re truly seeing your application from a real user’s perspective.

Unfortunately, most Web site owners today are in a state of “blissful ignorance” when it comes to understanding how their applications are performing, Powell says. This is especially the case at companies with public-facing Web sites.

“On public-facing Web sites, there really is a sense of ‘Oh, we’re doing it right because I see it all right.’ … But they don’t see it through the eyes of the people who are out on the ’Net. They might try, but they’ll have a lot of monitoring systems and a full-blown NOC, so that’s always from their perspective. They’re not seeing it from the user perspective,” he says.

When users experience a problem with a Web application, they rarely take the time to alert a company that something is amiss on its site, and the performance management tools available today mostly only provide one piece of the picture. Depending on the type of Web application and performance management tool in use, a company might have great information on how fast packets are traveling end to end, or how many page views a user generated while on the site. But really, those things don’t amount to much because they’re not telling you what the user is experiencing.

As an example, Powell recounts being called in to help one company figure out why users were experiencing performance problems with a new Flash animation program. The company was monitoring file-transfer speeds across the WAN, and the packets were flying across broadband links. But the company wasn’t accounting for this reality: In some cases, those broadband links attached to older systems with CPUs that got bogged down in processing the animation.

The fix was easy enough, he says. Now when the application installs, it profiles the user system, determines what it can handle, and adjusts itself to deliver just the right amount of “richness.”

“These types of problems are all solvable,” Powell emphasizes. “But first people have to acknowledge that it doesn’t matter what they see – it only matters what the user sees.”

2. Get your network and Web application development teams on the same page, so to speak.

Enterprises need to engender a cross-understanding between the Web application development and network teams in order to address the performance management challenge adequately, Powell says. To get to the root of a problem quickly – or better yet, to identity and fix a problem before it crops up for users – you can’t have the people responsible for network monitoring doing their thing over in one corner and the devel-opers checking application status in another corner. This gets back to understanding the user. “Users don’t see an infrastructure piece and an application piece. They just see it as a whole system.”

Web development expert hands out best practices advice

Thomas Powell, founder of Web development firm PINT and a Network World tester, has been monkeying around with Web applications since the commer-cial ’Net’s formative days. Over the years, he’s accumulated tons of experience building Web appli-cations and making sure their performance stays up to snuff. Here he provides some of his best-practices advice for dealing with Web site application and performance management.

thomas powell





Web application and performance management vendors like Coradiant and Tealeaf Technology are on the track with their efforts to provide a more holistic view through their tools. But they face a big challenge in having to knock down the application developer/network administrator divide, he says. If the application team receives a performance alert, it needs to be able to find out what’s happening on the network or in the servers, and vice versa.

“You have to train your developers to be network- and security-aware. That’s the reality of it,” he says.

3. Figure out exactly what it is you’re trying to determine about your Web site before you select a management tool.

Remember, there are no magic microscopes out there, Powell says. “People are looking for a box or software that’s like a burglar alarm. It’ll give you an alert and do stuff, but it doesn’t tell you the questions you need to be asking …. If you’re not asking the right questions, the technology doesn’t matter.”

So a company needs to figure out what information it needs in order to do the job well. “If you’re a CEO with an e-commerce site or a person who runs an HR site internally, you have a problem, a concern, a worry. ‘Why aren’t they putting more stuff in my cart? Why aren’t they filling out the résumé form? Why do people com-plain about the form?’ These are the questions you want answered;

design or find the technologies and tools to answer them.” And sometimes, what you need might turn out to be a simple

40-line JavaScript, a management appliance, an application monitoring service – or a combination.

4. Make it easy for users to let you know when they’re having problems on your site.

“You’ve seen sites that simply ask, ‘How do you feel about this page?’ and ask you to rate it. That’s great,” Powell says. “Most sites don’t allow people to complain easily enough. Maybe you can click to open an e-mail but you can’t vote instantly.”

Too often, companies use page views as a measure of success, he adds. Just because a site visitor generates a lot of page view doesn’t mean the person is interested. “That person could be frus-trated, spinning around in circles looking at the same thing over and over [but never finding what they need.” And in such a case, “that person does not like you. But how would you know that? You have to provide an easy way for them to tell you.”

5. Always remember, your job is never done.One certainty about Web application and performance

management is that the process is ongoing. Keep asking the right questions, Powell says, and you’ll keep discovering things you otherwise wouldn’t have.

too often, companieS uSe page viewS aS a meaSure of SucceSS, he addS. JuSt becauSe a Site viSitor generateS a lot of page view doeSn’t mean the perSon iS intereSted. “that perSon could be fruStrated, Spinning around in circleS looking at the Same thing over and over [but never finding what they need.”




W


When application performance suf-fers, so does business performance.

Last year Aberdeen Group released research showing that issues with applica-tion performance could impact corporate revenue by up to 9%. Now the research firm has new data that shows just how quickly Web visitors can get turned off by poor Web application performance.

In a study of 160 organizations surveyed in November, Aberdeen found that busi-ness performance begins to suffer after 5.1 seconds of delay in the response times of Web applications. An additional one-second delay in response times can impact cus-tomer satisfaction by up to 16% and impact conversions by up to 7%.

“For each second of delay, your business performance can be significantly impacted,” says Bojan Simic, an Aberdeen analyst and author of the new research report (which is available here for free until Jan. 30).

A key takeaway from the research is that companies need to be able to gauge end users’ application experience, Simic says. But it’s not as simple as monitoring gear, he adds.

“There are still a lot of people who think quality of end-user experience is something

that can be measured internally, that if you have good capabilities for monitoring your internal infrastructure, then you should have a good idea about what end users are experiencing,” Simic says. But it’s not about that. “Many other things can impact the quality of end user experience,” including users’ network connections, browsers and more, he says.

To that end, 48% of survey respondents say they are taking action or planning to take action so they can better measure application performance from the end-users’ perspective.

Other actions companies are considering include: improving application performance in the development stage (cited by 39% of respondents); conducting load testing of Web applications prior to their launch (32%); benchmarking application performance against competitors or industry leaders (24%); and measuring the impact of perfor-mance issues on revenues (18%).

When it comes to best practices for optimizing Web apps, the companies that Aberdeen says are best-in-class share a few capabilities. For example, they are nearly three-times more likely to be able to monitor performance across multiple browsers and

end-user platforms than other companies. They are nearly four-times more likely to have tools for balancing content demands across devices dynamically, and three times more likely to be able to measure end-user experiences via passive monitoring.

For those who want to improve Web application performance, Aberdeen cites a few must-do actions: Develop capabilities for a job-specific view into application perfor-mance; deploy capabilities for monitoring the geographical distribution of content demands; and deploy tools for load testing of Web applications.

One thing that makes it hard to stay on top of Web application performance is getting IT staff members from different areas to work together. Nearly half of respondents (45%) said one of their top challenges is coordinating application developers, server teams and network management.

“Organizations are increasingly realizing that the communication between applica-tion development and the systems and network is important for two reasons: faster troubleshooting of performance issues and eliminating performance issues before applications are rolled out into production,” Simic wrote in the report.

Aberdeen spotlights Web application performanceFirm shares best practices for optimizing Web application performance in the enterprise

By Ann Bednarz




G

Application acceleration


APPLICATION

WAN critical to virtualization’s payoff

By Jim Duffy

Guaranteeing application performance over a WAN is hard enough. Now try doing it in a virtual environment.

Guaranteeing application per-formance over a WAN is hard enough. Now try doing it in a vir-tual environment.

WAN optimization vendors big and small are developing versions of their products specifically for guaranteeing performance of virtualized applications delivered to remote offices from data centers. In so doing, they are looking to address challenges companies face in providing LAN-like performance for application delivery while availing them-selves of the reduced cost and increased flexibility that virtualization provides.

“The biggest issue when you’re looking at virtual traffic is the fact that, much like voice, much like video, it’s live,” says Chris Silva, an analyst at Forrester Research. “If you’re accessing it remotely and there’s a glitch, you may have an application timeout, you may literally lose connectivity. It’s really critical to have real-time interaction speed with that environment when you’re working in it virtually. Think about it like any other live, real-time protocol.”

Desktop virtualization products like VMware’s Virtual Desktop Infrastructure (VDI) are designed to replace traditional

PCs with virtual machines managed from the data center. The potential benefit is a reduc-tion in operating cost, increased control of desktop management, and extension of critical services, such as business continuity and disaster recovery, to enterprise desktops.

But when desktop virtualization is deployed over the WAN, latency and bandwidth constraints limit its effectiveness. According to Cisco, which has an arrange-ment with VMware for optimizing VDI over the WAN, customers face several challenges in deploying virtual desktops:

• Poor performance of Microsoft’s Remote Desktop Protocol (RDP) over the WAN.

• High bandwidth consumption.• Limited scalability, reducing the number

of users that can be supported.• Poor performance of centralized

printing and increased costs of printing at the branch office.

• Considerable time and bandwidth required for transfer of virtual images.

• Continuous availability needed within and across the data center for the VMware VDI.

• High server resource consumption for SSL functions, resulting in a large number of servers.

Cisco says its Wide Area Applications Services (WAAS) product can accelerate the performance of all applications accessed through VMware VDI, including Microsoft Exchange, PowerPoint, Excel and Word, by reducing RDP bandwidth demands by 70%. The company also says WAAS can increase by fourfold the number of VDI users an infrastructure can support, and improve print operations by 70%. The appliance is designed to accelerate virtual image backup by 50 times, thereby reducing bandwidth by 90% for business continuity functions; and providing a 60% to 70% reduction in overall bandwidth requirements.

Crowded marketOther competitors in this market include

Citrix and Riverbed. A host of smaller players also are fighting for their share.

Among them is Dimension Data, an integrator and reseller of Cisco’s WAAS appli-ance integrated with Microsoft Windows Server. Its offerings address the reality that VDI environments force users to deal with different application behavior and band-width requirements than a physical or local hosting infrastructure.

“The impact of virtualizing technology




Section 3: Application acceleration • • •

from many physical infrastructures into one is that you’ll need greater bandwidth,” says Lawrence Van Deusen, national practice manager for network integration at Dimen-sion Data North America.

But greater bandwidth alone is not enough, Van Deusen notes. It must also be optimized for the unique behavior of VDI flows.

“[Users need to assess] new traffic pat-terns, and the impact the traffic has in terms of the capacity to support everything coming back to the data center,” he says.

Another player is the VDI WAN optimiza-tion market is Certeon. It makes virtual appliance software that runs natively within a VM infrastructure and is designed to provide application acceleration and WAN optimiza-tion to remote sites.

The company’s aCelera software runs on standard x86 systems and is supported by Microsoft’s Windows Server 2008 Hyper-V and VMware ESX and ESXi hypervisors.

The software is designed to reduce application response time and enable WAN optimization without requiring the space and expense of separately managed, single-purpose boxes.

“We took a Layer 7 approach where if you could understand the application and the objects of the application, then you could do a better job at acceleration,” says Gareth Taube, vice president of marketing. “We fit right in with the corporate strategy to virtualize applications, to get the savings and

control from data center consolidation.”Still, there are unique considerations

when optimizing bandwidth for virtual rather than physical applications. The application itself has to have a small footprint because it will be sharing a hardware platform with other VM applications, Taube notes.

And the efficiency of the WAN accelerator is critically important, he says, because it has to be well integrated with the entire VM infrastructure - even though the infrastruc-ture is largely virtual in nature.

“The real payload in WAN acceleration is the differencing [between virtual images of an application] that prevents you from sending the same data twice,” Taube says. “And the biggest impact of that is how much memory and disk you have to store this history so you can do the matching. So it’s very important to work tightly with the virtual infrastructure so you have dynamic provisioning of this, and so you can provision your acceleration application to be optimum to the user population you’re servicing.”

Other challenges arise in gaining visibility into and control over optimizing WAN bandwidth and application performance in VDI environments, according to Streamcore, a developer of monitoring systems for WAN optimization and application acceleration appliances.

With visibility, users need to understand how desktop virtualization is used throughout the WAN; they need to be able to follow the user experience; and

they have top be able to detect if specific branch offices suffer from degraded performance.

For control, users have to optimize tasks in the face of voluminous VDI traffic, and protect VDI traffic competing with other types of flows in the network.

“The more you virtualize, the more you need tools to understand what’s going on, measure performance in real time, and act on traffic,” says Christophe Peretou, Stream-core’s vice president of operations. “We see virtualization as a new set [of require-ments] where people cannot forecast the behavior of applications. There are too many variables today to do that. Virtualiza-tion presents a more complex scale. They need tools to report what’s going on and to automate response to guarantee quality.”

Conditioning WAN links for VDI is how users will get the most bang for the buck from virtualization, Certeon’s Taube says.

“The only way our biggest customers have found to be able to get the true ROI of virtualization is by making sure that they have application acceleration across the WAN as part of the project,” he says.

“If I can benefit from VDI, that’s great; if I can benefit from it over the WAN, that’s gravy,” says Jon Oltsik, an analyst at Enterprise Strategy Group.




E


Education demands so much more than a notebook and pen these days.

Students rely on the Internet for research, teachers keep track of grades online, and administrators use internal networks to manage documents and enhance collaboration. Unfortunately, providing these tools requires a hefty investment in bandwidth, and many school districts aren’t flush with cash.

The North Vancouver School District (NVSD) in British Columbia is one such district whose goals threatened to overwhelm its means. About a year ago, with heavy use already straining the district’s WAN, officials wanted to implement such programs as digitally linked scholastic records, podcasting and videoconferencing -- all of which would stress the network further.

“The network coming into schools was intended primarily for student use,” says Stephen Lamb, director of information and com-munication technology at NVSD. “When we start running business applications across the same pipe, it becomes a difficult balancing act of what’s going to take priority,” he says.

NVSD achieved that balance using WAN acceleration devices from Silver Peak Systems. First, however, the district in August explored -- and ruled out -- network expansion, says Bryan Swan, NVSD’s IT infrastructure manager.

The dreaded bandwidth boostThe IT executives had a couple of reasons to consider a boost

in bandwidth. First were the district’s problems with application performance. For example, delays in such programs as BCeSIS -- the provincial government’s Java-based Web application used for student management and grade reporting -- were becoming unacceptable. Second, the district was consolidating its network into a central data center to improve connectivity and data recovery. With 19,000 users on a variety of lines -- seven with a 10Mbps capacity, two with a 100Mbps capacity and 30 DSLs or T1s, the IT department realized that buying more bandwidth for the network would be prohibitively expensive. Upgrading bandwidth at every school would have cost about $400,000 initially, and annual upkeep was projected to cost about $220,000.

The district also had to work with British Columbia’s Provincial Learning Network, which allots a fixed amount of bandwidth to a district. PLNet officials have said they want to provide better connec-tions, but as of last summer, Swan says they had offered no concrete indication as to when or how those improvements would occur.

“We had a need to provide a better WAN experience on a more immediate and definite timeline, so that is why we started investigating WAN optimization products,” Swan says. NVSD officials considered software from three companies besides Silver Peak -- Blue Coat Systems, Cisco and Riverbed Technology -- submitting the products to a variety of tests. Only Riverbed and Silver Peak made it through one key benchmark: that file transfers across the network take no more than 20% longer to accomplish than transfers on a LAN.

The next step was to test the finalists on the FirstClass e-mail program -- an organizational suite popular among educators -- and it was there that Silver Peak stood out, showing a 75% performance improvement.

In all, Silver Peak’s products proved easier to use with a wider range of applications, Swan says. Silver Peak takes an “application-agnostic approach” in its NX Series appliances, meaning that acceleration takes place at the IP layer. So, for example, Silver Peak can provide deduplication for streaming video, even though it runs on User Datagram Protocol rather than TCP, says Jeff Aaron, Silver Peak’s director of product marketing. Considering the NVSD’s strong interest in video, this capability made Silver Peak the way to go, Swan says.

The district plans to use 39 Silver Peak WAN-acceleration devices: two NX-7500s, one at the school-board office and one at the data-replication site; and an NX-3500s at each of the district’s 37 schools.

How one cash-strapped school district improved application performancePodcasting and videoconferencing now possible across saturated links thanks to WAN acceleration.

By Kent Green

Stephen lamb




W

The district can’t disclose the project budget, but notes that the cost was “significantly less” than a bandwidth expansion would have been, Lamb says. Should the district eventually add bandwidth, Silver Peak’s WAN accelerators would further improve performance, he says.

Tested performance improvements

Application performance improved immediately after installation, the IT executives say. The district used a script file to open, save and close documents across a LAN, and

compared those results with the average times of three tests that were run across the accelerated WAN. Tests on a LAN showed that a 2MB DOC file took about 5.33 seconds to save compared with an average time of 2.06 seconds on the WAN. Out of 18 tested files, only five performed slower than LAN speeds across the accelerated WAN.

“Overall, it’s offsetting close to three-quarters of traffic off the network. We’re effectively getting four times the size of the pipes that we have,” Swan says, adding that such services as BCeSIS, which had been expe-

riencing connection saturation, have been running faster.

Though the NVSD is almost finished with the installation, it is too early to say whether the district has seen a return on its financial investment, Lamb says. However, he emphasizes that looking at results from an expense perspective belies the district’s mission. “We see student achievement as our return on investment, not increasing profit,” he says. “We’re really looking at anywhere on campus having access . . . and hopefully that transfers into greater student success.”

We’ve in the past examined some of the conventional wisdom that impacts the networking organi-zation. In particular, we looked at the conventional wisdom that says that if the performance of an application is degrading, that the cause is the network. As was pointed out, that kind of defensive approach to managing application performance has led to a new man-agement metric - the mean time to innocence (MTTI). This newsletter will continue the discussion of the conventional wisdom that impacts the networking organization by looking at the changing role of the network engineer. In particular, we’ll look at the conventional wis-dom that says that the role of the network engineer is limited to just designing the network.

To put the changing role of the network engineer into perspective, it is important to realize how that role started. When IT organizations deployed first generation WANs they were intended to carry e-mail, perform file transfer and support simple inquiry-response applications. One of the characteristics of e-mail and file transfer traffic is that it is not very delay sensitive. When we use the phrase simple inquiry-response applications we are referring to applications that send a small amount of information from a server to the user in order to populate the user’s screen. The user then enters a small amount of information (e.g., name, company, billing address) that is transmitted back to the server.

Another key characteristic of first generation WANs is that they did not have a high degree of availability. As a result, part the network engineer’s role was to design networks that supported traffic that was not terribly demanding. Another part the role was to design high availability into networks that were not inherently highly available.

Over the last several years we have seen

that the mix of traffic that transits the typical enterprise network has expanded dramatically. In addition to e-mail, file transfer and simple inquiry-response applications, networks now need to support delay sensitive applications such as VoIP, video conferencing, video surveillance and telepresence as well as the massive file transfers that are associated with data replication. In addition, while networks still break, they do not break anywhere near as often as they used to break.

There has been a lot of hype recently around phrases such as application aware or application fluent networks. While we try hard to avoid marketing hype, we do believe that there is an import concept here. That concept is that the era of the dumb network is over. As a result, this piece of conventional wisdom is false because contemporary networks must be designed to include the functionality that is required to support the performance and security requirements of a highly diverse set of applications. In addition, we believe that over time the role of the network engineer is evolving to become more of an application delivery design engineer.


The changing role of the network engineerThe role of the network engineer is evolving to become more of an application delivery design engineer.


bryan Swan




A


Jim_Metzler: Hello - welcome everybody!WAN_MAN: Hi Jim: what question should be

asked of vendors when evaluating products that people typically don’t ask?

Jim_Metzler: People should ask their vendors about what has gone wrong in previous deployments. We have all been around long enough to know that things do tend to go wrong at least occasionally. For example, some people have found that once they deploy a WAN optimization controller (WOC) that they lose management visibility. [Editor’s note: compare application optimiza-tion technologies via Network World’s Buyer’s Guides.]

Cognoid: How does the BlueCoat WAFS compete now that they have acquired Packeteer?

Jim_Metzler: This is a fascinating question. Some people look at this acquisition as a sign of industry consolidation. I don’t. I see that the major players in the applica-tion delivery market have very different approaches. Blue Coat traditionally had a focus on security. The acquisition of Packe-teer gives them yet additional information on applications which I believe they will use for both optimization and security. In contrast, you don’t see a vendor like Riverbed talking as much about security. They have, however, recently begun to talk about storage.

Moderator-Julie: While Jim is typing the answers to your questions, I will post the answer to some sent in earlier. Pre-submitted question: We are constantly battling latency across our MPLS network. We have retail stores that connect to the HQ data center. How do we improve WAN performance? Do

we need to implement QoS? Should we use a different WAN protocol for our Cisco routers?

Jim_Metzler: MPLS comes with service classes that promise guaranteed latency limits. For example, a given service class may promise that latency will not exceed 50 ms. If your problem is that you are not getting what you were promised, that is an issue to take up with your vendor or, based on your contract, to possibly change vendors. If the issue is that the latency limits that you are promised is not good enough, I need to know more about what the problem is. For example, if the issue is that you are running chatty protocols over the WAN, then a WAN optimization appliance might be helpful.

enric: Hi, how do WAN optimization technologies fit into a virtual desktop infra-structure (VDI) oriented desktop/branch and/or with XML oriented apps?

Jim_Metzler: The movement to implement virtual desktops is a bit behind the move-ment to deploy virtual servers. As we deploy more virtual desktops, that will mean more traffic from the data center to the branch which will most likely need optimization.

www.tredent.com: Jim, can you explain what you mean when you referred to different approaches by the vendors and that Blue-Coat is using the security angle?

Jim_Metzler: Sure - Blue Coat will focus on security and a deep understanding of appli-cations. Riverbed is moving into applying similar technology to what they currently have in the storage space. Foundry comes from a great knowledge of networking and is moving into applications. One of F5’s strengths is their knowledge of applications,

Applications have a need for WAN speedVendors are loading their gear with new features, but the core need for WAN speed should still guide WOC buying decisions, says one expert in a live Network World chat.

By Julie Bort

Application performance manage-

ment and WAN acceleration are hard

problems to solve and are part of a

market segment loaded with vendor

mythology from players like Cisco,

Riverbed, Blue Coat, Sliver Peak

Systems and others. Recently Dr.

Jim Metzler was the guest for a live

Network World chat. Widely known as

one of the industry’s foremost gurus

of WAN acceleration, Jim is also a

sought-after speaker and consultant.

He has logged over 28 years of expe-

rience with network technology and

its business applications. Jim is vice

president of Ashton, Metzler & Asso-

ciates, co-author of Network World’s

Wide Area Networking newsletter,

and the moderator for the Network

& Application Acceleration track

at Network

World’s trav-

eling event,

IT Roadmap.

What follows

is the full

transcript of

the chat.

Jim metzler





but they do not have a background in networking. Cisco is the networking leader and always focuses on how their WAN opti-mization controllers (WOCs) integrate well with the network. Citrix has a broad range of solutions that focus on application delivery - starting with their core presentation server. It is also worth remembering the Citrix is basically a software company and many of their competitors are basically hardware companies. The bottom line to all of this is that I don’t see this market becoming a commodity any time soon.

Stefan Gasteiger: Jim, I’m not deep into WAN acceleration, but how does it fit into scenarios with heavy ICA traffic or Notes replication traffic?

Jim_Metzler: WAN acceleration is a very broad topic. Some applications (CIFS traffic that results from server consolidation) scream out for optimization. Other traffic (VoIP) requires QoS so that other traffic (bulk file transfers) do not interfere with it. The bottom line is that there are differing traffic types and they often require differing techniques.

enric: Are today’s WOC players fitting the real customers demands? And how are the service providers approaching this?

Jim_Metzler: This is also a multi-faceted question. I believe that the WOC players are filling real needs today. I say that in part because the deployment of these appli-ances is on the upswing. The question about service providers is fascinating. I believe that there is a role for service providers. For example, Akamai offers an Internet overlay service today to make the Internet perform more like a private WAN.

Others services providers (Orange) will basically install and manage WOCs on your premise. I think the service providers who win in this space offer a range of planning and design services and who also develop a deep understanding of the key applications (SharePoint, SAP, Oracle) and understand how to best optimize them.

Pancho: Hi Jim, Is there any company that has the best all around solution?

Jim_Metzler: No. Your question goes to one of the key challenges facing IT organizations today. A given supplier might have a great solution for data replication, but not so great for CIFS. Another vendor may have a great solution for CIFS, but not so much for data replication. This presents IT organizations with a challenge - what problems are they trying to solve today? Next year?

Moderator-Julie: Pre-submitted question: In all the live events you have moderated on this topic, and all the questions you have fielded, what question do you hear most about this product category?

Jim_Metzler: How do I get started with evaluating these products? What new directions are the gear vendors taking these products? With regards to WOCs, here’s my thoughts:

• Adding support for specific applications such as SharePoint or SAP.

• Creating templates to make it easier for IT organizations to configure the device to support key applications

• Embracing virtualization

With regards Application Delivery Controllers (ADCs):

Offering virtualized solutions• Adding security functionality• Adding functionality such as XML

processing• Integrating with Business Intelligence

toolsYou have to decide - do you choose the

best solution to today’s problem knowing that it might be sub-optimal for tomorrow’s? The good news here is that over time the dif-ferences between the suppliers on common functionality (compression, caching, protocol acceleration) will diminish.

jc: Will a WAN optimization appliance improve any VoIP performance?

Jim_Metzler: You do not really want to accelerate VoIP. What you want to do is to implement QoS to make sure that other traffic does not interfere with VoIP. You can do this in a WOC.

WAN_MAN: We currently have 100+ Pack-

etShapers deployed as well as a dozen Steelhead (Riverbed) devices. With the Blue Coat merger, we’re thinking we’re going to leverage the already deployed base of Pack-etShapers, rather than use both products. Riverbed wants to quote an “attractive” deal to completely replace our Shaper environ-ment. Thoughts?

Jim_Metzler: You brought a smile to my face! I believe that contrary to some of the rumors, that Blue Coat will continue to invest in PacketShaper. That being said, I consider both Blue Coat and Riverbed to be good companies. You need to compare the attractive offer that you get from Riverbed to what your future is likely to be with Blue Coat. You might also want to look more broadly at each company because if you use one for WAN optimization, there will be the tendency to use them for more of what they offer.

Tredant: Jim, Will we see WAN optimization vendors addressing UDP for video traffic anytime soon?

Jim_Metzler: I have not heard anybody really discuss focusing on UDP. As you know, it is a pretty light weight protocol. One of Silver Peak’s marketing messages is that since it functions at the IP layer, it optimizes all transport protocols including UDP. That being said, I tend to think of video as I do VoIP - that it mainly requires good QoS.

Gegorge: Regarding your comment on not using WOCs for VoIP, is that because VoIP is not optimizable with current technology?

Jim_Metzler: Not really that. It is just that if you and I were talking and the sound of my voice got to you twice as fast, unless you buffered it to play it back at a normal rate, it would sound strange.

Josh.H: Jim, do you see distinct advantages to implementing QoS in a WOC rather than the router level? Not all my sites will be optimized.

Jim_Metzler: This is a really fundamental question. I believe that one of the reasons that we have not implemented WOCs more broadly is that we have not answered some basic questions such as what functionality




should be done where. This question is fur-ther blurred by the fact that WOCs are being integrated into routers making it tough to say where QoS was implemented. The bottom line is that I think you can make either approach work. It comes down to factors such as how rich is the QoS functionality in the WOC and how easy is it to configure and manage the QoS functionality in the WOC or the router.

Moderator-Julie: Pre-submitted question: Some users claim that acceleration claims made by the vendors are bogus ... that claims of 400% improvements are marketing garbage (as you can’t improve speed faster than the original base speed). What are your thoughts on speed claims by vendors?

Jim_Metzler: The acceleration claims made by the vendors represent a test done in a laboratory. While these might give some insight into how the devices will perform in production networks, they are not definitive. IT organizations must test the devices in their network to understand what type of improve-ments they will realize.

WAN_MAN: To your point on my earlier question about staying with PacketShapers or replacing with Steelhead and looking more broadly at the companies ... I’ve thought for quite some time that Riverbed was primed for acquisition - and yes - I mean by Cisco - yet it hasn’t happened. Thoughts?

Jim_Metzler: Riverbed’s market capitaliza-tion is around 2 or 3 billion. Cisco has certainly made acquisitions of that size before. However, Cisco has gained significant market share with their current products so I doubt that they will spend billions to acquire Riverbed and then have to rationalize their product line.

Gegorge: Early on, you mentioned that Riverbed has begun to talk about storage. What do you mean by this?

Jim_Metzler: Applying technologies such as de-duplication to reduce storage require-ments.

JohhnyB: Jim: are any of these vendors really ready for data center to data center

acceleration? Each has limitations and none can handle gig speeds

Jim_Metzler: Silver Peak focuses on this market segment.

Natick: Hi Jim, for just data replication between branch offices to the HQ site, what vendor would you choose?

Jim_Metzler: Very difficult question. As I mentioned earlier, this is a focus of Silver Peak, but many vendors state that their solution will support data replication. My general advice on choosing a WOC or an ADC is to review the vendor’s collateral and then choose a small set of vendors whose products you trail in your environment. This approach will allow you to choose the “best product.” I put that in quotes because best could be the one that gives the most improvement, the one that gives the best improvement per dollar spent, etc.

In addition, this approach will put you in a position to be able to let management know in advance what the cost of deploy-ment will be and what improvements they can expect. That last point is critical. I think that all of us need to continually build credit-ability. Part of that in this case is knowing in advance what the improvements will be and hence not over promising and under delivering. I wrote a document entitled “The 2008 Application Delivery Handbook.” [Edi-tor’s note: the document is hosted at www.kubernan.com, and registration required.] In it, I list decision criteria for both WOCs and ADCs.

enric: Where is the next big thing with this market, onto security or onto storage or something else?

Jim_Metzler: I think that there will be a lot of next big things. I recently wrote a series of articles for Network World in which I described “The Perfect Storm.” Let me explain. Today over half of the outages occur based on ineffective change or configuration management. Once we move to an environ-ment with a virtualized desktop, routers running VMs running all kinds of things, com-municating with a virtualized application delivery controller (ADC) that front ends a Web server, app server and data base server

( all of which are virtualized and which use virtualized storage), then the situation gets very, very thorny.

So can you imagine how many more outages will occur in a fully virtualized environment? Sticking with this - today when an application is not performing well it is difficult to identify the root cause. That will be much more difficult in a fully virtualized environment. I will come back to the idea of the perfect storm in a few minutes - it only gets more challenging!

gib: Why would virtualization make things easier to manage from the change and con-figuration management standpoint? It seems to me that it will be more complex because we will need more management tools.

Jim_Metzler: Sorry if I implied that. My point is that virtualization will make it much more difficult to manage IT resources.

DavidM: Earlier you commented that a WOC can cause a loss of management visibility. Riverbed and OPNET have recently teamed up to address the management visibility issue. How are other vendors addressing the management issue?

Jim_Metzler: I have just sighed twice before answering. I totally buy into it when vendors integrate their products. For example, Cisco and NetQoS announced product integra-tion a little over a year ago. Riverbed and NetScout recently announced product integration a month or two ago.

I really like these integrations, but the Riverbed and NetScout integration is only great if you have those two vendors. It has no meaning if you have Riverbed and NetQoS. As I see it, application delivery involves a large number of inter-related components that need to be integrated. I think few people would disagree with that statement. However, at least in the near term, these integration efforts will occur one by one - a very slow, albeit important, process.

Moderator-Julie: Pre-submitted question: What are the main/major ways that WAN accelera-tion gear vendors differentiate their gear?

Jim_Metzler: In terms of WOC (WAN Optimi-zation Controllers) vendors differentiate by:





• Performance - this is both overall and for certain key applications such as data replication or server consolidation.

• Price.• Ease of use.• Layer of the protocol stack the func-

tions are performed at - Layer 3 (IP), Layer 4 (TCP) or closer to the actual application such as SharePoint.

• Integration with other vendors, notably management vendors, products.

• Management capabilities.• The availability of a software only

solution.

mlvw: As opposed to playing the feature parity game, what does a vendor do to dif-ferentiate themselves in this market?

Jim_Metzler: That depends on what you mean by the market? Is it WOCs? ADCs? Application delivery more broadly defined? To me, the later (application delivery) is the most interesting. I say that because while optimization is clearly important, it is not enough. IT organizations must also get better at planning, management and control.

WAN_MAN: Earlier you mentioned that you think “contrary to some of the rumors, BlueCoat will continue to invest in the PacketShaper” - what are you hearing?

Jim_Metzler: Whenever there is an acquisi-tion, there are always rumors about what products will be dropped. For example, it is not uncommon for the sales teams from other vendors to introduce FUD. BTW - this is not unique to just this acquisition. It has been a fact of life for decades.

dave: Jim, any thoughts on masking poor

application architectures with WOC or ADC products?

Jim_Metzler: This is a hot button to me! For example, most IT organizations do not spend much attention on how apps will perform over the WAN during development or acqui-sition. A lot of our current problems would go away if apps were designed to run better over the WAN. For example, one company I worked with found out that the browsers in the branch offices were downloading a 3 megabyte file just to open it up and extract a 10 digit ID. Talk about a badly designed application!

Jim_Metzler: We are running out of time and before I leave, I want to get back to my earlier comments about the perfect storm. SOA really worries me. By SOA I mean Services oriented architecture . Now some think SOA is the precursor to an SOB ... and they may be right. With a SOA, an application is comprised of multiple Web services - for the sake of example - say eight. Now these Web services are running in different data centers - say five. Now the WAN impacts the application performance many more times than it does in today’s n-tier applications. This will be a huge challenge.

But it gets worse. These Web services are reusable, which means that multiple apps are using the same Web services at the same time. That drives the need for QoS for Web services. This is all extremely demanding. Then there is Web 2.0 and mashups. With a mashup your app is using apps designed and managed by other entities. You have no control or visibility into those other apps. This will be extremely, extremely, extremely (you get the idea) challenging.





I’D

Pimp your apps

“I’d like to see convergence of traditional data-cen-ter load-balancers and general WAN-optimization devices. It has always confused me that a convergence of those boxes has not occurred,” says Michael Morris, network architect at a $3 billion high-tech company and Network World blogger.

The two product categories tackle different performance-related problems. Companies deploy load-balancers and traffic-management devices in the data center primarily to improve the perfor-mance of Web applications that users access over the Internet. WAN devices, on the other hand, are deployed symmetrically (at both ends of WAN links) and generally use such techniques as caching, compression and protocol acceleration to improve the performance of business applica-tions that internal users access over dedicated WAN links.

Over time, however, the lines have blurred, and users are accessing business-critical applications — Microsoft SharePoint and SAP software, for example — across public and private networks. In addition, data-center gear and WAN appliances have grown to include some common features, such as compres-sion and SSL optimization.

So, should the two categories be merged into a single product? Or if not merged, should they at least be better integrated so IT staff could take advantage of their respective acceleration talents to optimize applications from the data center to the desktop?

Morris makes a case for merging them. “It makes perfect sense that the same device that is essentially handing out the connections from the servers holds the data and then does everything it can to optimize that traffic down to the clients, which are generally around the world,” he says.

At a minimum, if the devices remain separate

edge and data-center boxes, Morris would like to see them share information about application and network conditions. “They could at least have some sort of communication going on, saying ‘this is what I’m seeing, this is what you’re seeing,’ and optimize traffic that way,” he says.

Choose your platformAt a high level, setting application-delivery policies that span

By Ann Bednarz

Watch application performance hit the metal as traditional acceleration technologies merge and end-to-end optimization becomes a reality

Je

d S

ha

re

“unleSS we have faSt – and i mean really faSt – linkS to all of our locationS, uSerS hate uS.”rich debrino, cio, advances in technology





data-center and network devices has merit, as does taking into account where a request is coming from, says Rob Whiteley, principal analyst and research director at Forrester Research.

“It makes sense to be able to control a policy that says, ‘OK, do as much as you can in the load-balancer, especially if the endpoint I’m serving this to is across an extranet or across some kind of public link where I don’t own the endpoint. And if it’s going out across my private network, then turn off whatever feature I would use on the load-balancer and turn on a more robust version at the data-center perimeter in the WAN-optimization box,’” Whiteley says.

Nonetheless, the question of where WAN-optimization features physically belong isn’t easy to answer.

Over the next few years, Whiteley expects to see WAN-optimization technology shift

from being deployed as a dedicated hardware device to being integrated as a feature on a more universal platform. “WAN optimization should not be viewed as a solution unto itself,” he says. “In the long term, it’s going to be built into part of the network infrastructure.”

Three architectural scenarios are pos-sible, Whiteley says. First, WAN optimization could wind up in the router or packet-layer infrastructure, an approach that such vendors as Cisco and Juniper Networks are putting their weight behind. In other cases it could become part of the application-layer infrastructure, along with load-balancers and other application-oriented technology; he expects such vendors as F5 Networks and Citrix Systems to advance this option. Third, enterprises could buy a services platform wherein WAN optimization becomes one of many services (print, file, DHCP, DNS) running on an appliance. Microsoft and Riverbed Technology are going in this direction, he says.

For enterprises, committing to an archi-tectural model is no small decision. “Large companies must think long and hard, from an architectural perspective, about how they want to do this,” says Jim Metzler, a principal at Ashton, Metzler & Associates and co-author of the “Wide Area Networking Alert” newsletter.

Making a case for disaggregationFor Joe Skorupa, a research vice presi-

dent at Gartner, the key issue is less about where optimization features will reside and more about how they can be deployed in a flexible, manageable way to accommodate different enterprise priorities.

Skorupa once thought application-delivery controllers and WAN-optimization devices would merge, “but in fact it hasn’t happened to any significant degree,” he says. What he is seeing instead is a trend toward disaggregation, separating WAN devices into component parts that can be deployed — in the data center, branch offices and the network — and reused as necessary. “You can place a particular function where it happens to make the most sense. And if it makes sense to have the same function, such as QoS, in two different places, then the nice

thing is that you get consistent behavior in both locations,” he says.

F5 is the furthest along this path, Skorupa says, citing as an example the vendor’s WebAccelerator module, which is built to accelerate dynamic Web pages. “It can run on the Big-IP [application-delivery platform], it can run as a stand-alone device, and with an extra lease of software, you’ll actually be able to put it on one of F5’s WANJets in a branch office. It brings different value depending on where it’s placed,” he says.

F5’s TMOS common operating system unites the vendor’s platform elements. Similarly, Blue Coat Systems has engineered a common operating system and platform for its acceleration devices and security-gateway products. A single box runs all Blue Coat functions, so enterprises can turn on or off the features they need, including Web filtering, logging, antivirus software and peer-to-peer blocking.

What’s in demand?Evolutionary predictions aside, there’s

ample demand for WAN-optimization gear as it exists today. Some of today’s most ambi-tious IT projects — including server and storage virtualization, data-center consolida-tion and Web-services deployments — have one big thing in common: They take a toll on application performance.

“We want all our stuff in the data center because we want it where we can keep an eye on it and where it has our best power, our best cooling,” says Rich De Brino, CIO at Advances in Technology (AiT), an Everett, Wash., IT services company that consoli-dated its business-critical applications under one roof. “The problem is, unless we have fast — and I mean really fast — links to all of our locations, users hate us,” he says.

AiT employees are heavy users of unified-communications tools, desktop video applications and other collaboration technologies, De Brino says. For adequate WAN performance, particularly for video applications, AiT invested in network-optimi-zation gear from Talari Networks.

“We want our apps to perform well enough that nobody says they’re not using


“the difference haS been unbelievable.”mark Starry, manager of it infrastructure and security, concord hospital, speaking of application performance since deploying wan-optimization appliances




something because it’s too slow. I don’t ever want to hear that,” De Brino says.

Similarly, Concord Hospital invested in Juniper’s WAN-optimization gear after consolidating a suite of clinical and admin-istrative applications in the data center on its main Concord, N.H., campus. The applications had been running in its many healthcare centers, clinics and physician offices. The consolidation project resulted in delays for users trying to access those applications across the WAN. “People would complain things were slow, but network utilization was not that high,” recalls Mark Starry, manager of IT infrastructure and security at the hospital. “Most of the delay was due to latency,” he says.

The hospital deployed Juniper’s WXC 590 appliance at the data center and installed WX 500s and WX 250s at 10 remote sites. “The difference has been unbelievable,” Starry says.

Stories like these, detailing how an enterprise deployed network-optimization technology to solve a particular problem, are in ready supply. Deployments like these made the market what it is today. “WAN optimization is very popular because it allows me to overcome a particular problem with a relatively small investment,” For-rester’s Whiteley says. “I could have a multimillion [dollar] consolidation initiative under way that isn’t working well because the WAN is too bumpy. With a $50,000 to $100,000 investment, I can make that work really well,” he says.

Complexity aheadMost of the success stories, however,

represent tactical deployments of application-acceleration and WAN-optimization technologies. Now, as application environ-ments and network conditions become more complex, enterprises must begin thinking more strategically about optimiza-tion.

Fast-forward to a time when service-oriented architecture (SOA) deployments are more widespread and applications consist of multiple services supplied by many providers.

“In some cases a small increase in network delay has a very big increase in application delay,” Metzler says. “With SOA, when you have the WAN coming into play three or five or seven times [in a single transaction], you’ve got potential for significant delay,” he says.

Greater use of virtualization technologies also will complicate things: Imagine a branch-office user on a virtualized desktop accessing a branch-office router over a virtual LAN to get to applications running on virtual servers in the data center, consultant Metzler posits. With so many systems and configuration scenarios, how does IT troubleshoot a performance problem?

It comes down to stellar management capa-bilities and fine-grained visibility into network applications and traffic, industry watchers say. These are works in progress for most network-optimization vendors.

To improve monitoring and visibility, some vendors have been working on integrating their technologies tightly. Cisco and NetQoS, for example, in summer of 2007 announced plans to embed the performance-manage-ment vendor’s monitoring and reporting technology in Cisco’s Wide Area Application Services (WAAS) gear.

Another development trend that’s upping the complexity quotient is the addition of third-party products to WAN-acceleration devices. Riverbed customers, for example, can run DNS, DHCP, IP address-management and other network services from Infoblox on their Steelhead appliances thanks to a tech-nology partnership the two vendors struck in April. Cisco, too, plans to let customers run a stripped-down version of Microsoft Windows for DNS, DHCP and print services on its WAAS gear, Gartner’s Skorupa says.

These pairings can help enterprises reduce the number of physical appliances running in branch offices, but they raise more management issues — particularly concerning IT personnel. For example, adding a Web-application firewall to an acceleration device makes it something an IT security team wants to control. Adding

dynamic Web caching to an appliance brings application developers into the mix.

Vendors then have to win over not only network buyers but also, perhaps, storage staff, server teams, security specialists or application developers. “One of the chal-lenges for application-delivery controller vendors, in particular, is that as they develop these more advanced features, they may wind up having to sell the same box to three different people in the company,” Skorupa says.

In addition, roles-based access becomes critical. “When you aggregate functions, you need to make sure that you still can disag-gregate the management functions so that you can have the appropriate separation of management,” Skorupa says.

That’s not unprecedented; Cisco’s Application Control Engine devices can be deployed by a network team and the applications fine-tuned by specialists, Network World blogger Morris points out. “The underlying blade itself and the basic construct of the load-balancer are con-trolled by the network team, but then each application’s load-balancing can be virtual-ized all the way into configuration and given to an application team.”

Morris sees WAN-acceleration boxes also heading in that direction, whereby application and infrastructure teams share configuration responsibilities, with applica-tion specialists making the more detailed, protocol-specific optimization decisions.

For IT departments, the trend provides one more pressing reason to break open the lines of communication among application, data-center and network teams. The sooner the better; plenty is at stake.

Data-center consolidation projects won’t be successful if application performance over the WAN is insufferable. No one will applaud network teams if an SOA deploy-ment intended to conserve development resources falls flat because the Web services run too slow. It’s time to start thinking strategically.





FFive times, 10 times, 20 times or more: The performance benefits from application acceleration are real, provided you under-stand what the technology can and can’t do for your network. What follows are selected best practices for deploying appli-cation acceleration devices in enterprise networks.

Define your goals.Application acceleration takes many

different forms. There’s no one definition for “making an application go faster.”

For some users, reducing WAN bandwidth consumption and cutting monthly circuit costs may be the key goals. For others, it’s speeding bulk data transfer, such as in backup, replication, or disaster recovery scenarios. For yet others, improving response times for interactive applications is most important, especially if those transaction-based applications carry an organization’s revenue.

Deciding where to deploy application acceleration is also a consideration. Dif-ferent types of acceleration devices work in the data center; in pairs with devices deployed on either end of a WAN link; and, increasingly, as client software installed on telecommuters’ or road warriors’ machines. Identifying the biggest bottle-necks in your network will help you decide which parts of your network can benefit most from application acceleration.

It’s also worth considering whether application acceleration can comple-ment other enterprise IT initiatives. For example, many organizations already have server consolidation plans under

way, moving many remote servers into centralized data centers. Symmetrical WAN-link application acceleration devices can help here by reducing response time and WAN bandwidth usage, and giving remote users LAN-like performance. In a similar vein, application acceleration may help enterprise VoIP or video rollouts by prioritizing key flows and keeping latency and jitter low.

Classify before you accelerate.Many acceleration vendors recom-

mend initially deploying their products in “pass-through” mode, meaning devices can see and classify traffic but they don’t accelerate it. This can be an eye-opening experience for network managers.

The adage “you can’t manage what you can’t see” definitely applies here. It’s fairly common for enterprises to deploy accel-eration devices with the goal of improving performance of two to three key protocols

– only to discover your network actually carries five or six other types of traffic that would also benefit from acceleration. On the downside, it’s unfortunately also all too common to find applications you didn’t realize existed on your network.

The reporting tools of acceleration devices can help here. Most devices show which applications are most common in

the LAN and WAN, and many present the data in pie charts or graphs that easily can be understood by non-technical manage-ment. Many devices also report on LAN and WAN bandwidth consumption per application, and in some cases per flow.

Understanding existing traffic patterns is critical before enabling acceleration. Obtaining a baseline is a mandatory first step in measuring performance improve-ments from application acceleration.

For products that do some form of caching, a corollary to classification is understanding the size of the data set. Many acceleration devices have object or byte caches, or both, often with terabytes of storage capacity. Caching can deliver huge performance benefits, provided data actually gets served from a cache. If you regularly move, say, 3 Tbytes of repetitive data between sites and but your accelera-tion devices have only 1 Tbyte of cache capacity, then obviously caching is of only

limited benefit. Here again, measuring traffic before enabling acceleration is key.

Even without acceleration devices deployed, it’s still possible (and highly recommended) to measure application performance. Tools such as Cisco NetFlow or the IETF’s open sFlow standard are widely implemented on routers, switches, and firewalls; many network management

Speed safely: Application acceleration best practices


By David Newman, Network World Lab Alliance

UNdERSTANdING ExISTING TRAFFIC PATTERNS IS CRITICAl bEFORE ENAblING ACCElERATION. ObTAINING A bASElINE IS A MANdATORy FIRST STEP IN MEASURING PERFORMANCE IMPROvEMENTS FROM APPlICATION ACCElERATION.




systems also classify application types.

Choose between in-line or off-path.If forced to choose between high avail-

ability and high performance (even really high performance), network architects inevitably opt for better availability. This is understandable – networks don’t go very fast when they’re down – and it has implications when deciding which acceleration device type to select.

WAN acceleration devices use one of two designs: in-line and off-path. An in-line device forwards traffic between interfaces, same as a switch or router would, optimizing traffic before forwarding it. An off-path device may also forward traffic between interfaces or it may simply receive traffic from some other device like a router, but in either case it sends traffic through a separate module for optimization. Because this module does not sit in the network path, it can be taken in and out of service without disrupting traffic flow.

There’s no one right answer to which design is better. For sites that put a premium on the highest possible uptime, off-path operation is preferable. On the other hand, there may be a higher delay introduced by passing traffic to and from an off-path module. The extra delay may or may not be significant, depending on the application. If minimal delay is a key requirement, in-line opera-tion is preferable.

Some devices combine both modes; for example, Cisco’s WAAS appliances perform off-path optimization of Windows file traffic but use in-line mode to speed up other applications.

Note that “pass-through” operation is different than in-line or off-path mode. In case of power loss, virtually all acceleration devices will go into pass-through mode and simply bridge traffic between interfaces. Devices in pass-through mode won’t optimize traffic, but then again they won’t cause network downtime either.

Choose between transparent and tunneled traffic.

One of the most contentious debates in WAN appli-cation acceleration is whether to set up encrypted tunnels between pairs of devices or whether traffic should remain visible to all other devices along the WAN path. The answer depends upon what other network devices, if any, need to inspect traffic between

pairs of WAN acceleration boxes.Some vendors claim tunneling as a security

benefit because traffic can be authenticated, encrypted, and protected from alteration in flight. That’s true as far as it goes, but encrypted traffic can’t be inspected – and that could be a problem for any firewalls, bandwidth managers, QoS-enabled routers or other devices that sit between pairs of acceleration devices. If traffic transpar-ency is an issue, then acceleration without tunneling is the way to go.

On the other hand, transparency is a require-ment only if traffic actually requires inspection between pairs of WAN acceleration devices. If you don’t have firewalls or other content-inspecting devices sitting in the acceleration path, this is a non issue.

Know your limits.Application acceleration is a worthy addition

to the networking arsenal, but it’s not a silver bullet. It’s important to distinguish between problems that acceleration can and can’t solve.

For example, acceleration won’t help WAN circuits already suffering from high packet loss. While the technology certainly can help in keeping congested WAN circuits from becoming even more overloaded, a far better approach here would be to address the root causes of packet loss before rolling out acceleration devices.

Further, not all protocols are good candidates for acceleration. Some devices don’t accelerate UDP-based traffic such as NFS (network file system) or multimedia. And even devices that do optimize UDP may not handle VoIP based on SIP (session initiation protocol) due to that protocol’s use of ephemeral port numbers (this problem isn’t limited to acceleration devices; some firewalls also don’t deal with SIP). SSL is another protocol with limited support; in one Network World test only two of four vendors’ products sped up SSL traffic.

Despite these limitations, application accel-eration is still a technology very much worth considering. The performance benefits and cost savings can be significant, even taking into account the few caveats given here. Properly implemented, application acceleration can cut big bandwidth bills while simultaneously improving application performance.





F

A buyer’s checklist for application acceleration

By David Newman


1. What are my goals for application acceleration? All accelerators reduce the number of bits on the wire, but they do so with different goals. Most devices focus on WAN bandwidth reduction. That’s a worthy goal when links are

overloaded and the cost of adding more WAN capacity is an issue. But reducing bandwidth isn’t the only thing application-acceleration devices do.

In other situations, enterprises may need to speed bulk data transfers or improve response times for interactive applications. Examples of the former include backups and disaster-recovery processes, both of which require moving a lot of data in a hurry. (Silver Peak, in particular, focuses on speeding high-bandwidth applications.) Examples of the latter include databases and other transaction-processing applications where there’s revenue tied to every transaction.

And organizations may have yet other needs for application acceleration beyond bandwidth reduction or faster transfer times. For example, a company that routinely distributes large videos or databases might want to locate data closer to customers using “prepopulation” or “prepo-sitioning” capabilities, intelligent forms of caching that places frequently requested data on remote-site appliances.

Our advice: Make sure vendors understand your main goal for application acceleration -- bandwidth reduction, faster bulk transfers or response-time improvement – and let them pinpoint which of their systems come closest to achieving that goal.

2. What’s the difference between caching and application acceleration? Caching – getting data close to the user – is the oldest trick in performance tuning, and it’s still a

great idea. Application-acceleration devices use caching, but do so in fundamentally different ways than conventional Web caches and their optimization toolkits extend well beyond caching.

Conventional caches work at the file level. That’s fine for static content, but it’s no help when something changes. Consider a manufacturing company that routinely distributes a 10GB parts database to multiple sites. If just one record changes, caches would need to retrieve the whole database again.

Application-acceleration devices work smarter: They retrieve only the changes. As user data flows through a pair of devices, each one catalogs the blocks of data it sees and makes an index of those blocks. Note that a “block” is not the same as a file; it’s just a fixed amount of data.

The next time users request data, the devices compare their indexes. If nothing changed, the device closest to the user serves up the data. If something’s new, the remote device retrieves the changed data, and both devices put new blocks and new indexes into their data stores. Over time, application-acceleration devices build up “dictionaries” that are hundreds of gigabytes or terabytes in size.

Dictionaries have three advantages over conventional caching. First, they require transmission only of changes to an object, not the entire object. Second, they still save bandwidth if an object is changed and then later changed back, because the original data still exists in the dictionaries. Finally, dictionaries are application-agnostic. In contrast, caches typically work only with a single application. All the devices we tested use dictionaries. Blue Coat’s devices are also Web caches, while the Cisco devices are CIFS caches.

Acceleration devices perform many other optimizations as well. All compress blocks of data flowing between pairs of devices, with big bandwidth savings shown in our tests. But compression won’t help with near-random data patterns, such as video or encrypted data (an exception is when

6 tips on how to pick a WAN-optimization winner

Faced with big bandwidth bills every month, it’s tempting simply to buy the application accelera-tor with the best performance. Tempting, but not necessarily correct.

Performance matters, but it’s far from the only consideration. Numerous other issues should factor into any buying decision, including functionality, network design, security and application support. What follows are six key questions buyers should take into account while considering which application-acceleration system will best suit their own environment.




clients repeatedly request the same near-random data). These devices also tweak TCP and CIFS parameters to speed

data transfer. At the TCP level, these devices make use of many high-performance options missing from Microsoft’s stack. Some devices do inverse multiplexing of client-side connections, reducing connection setup overhead. The devices we tested also optimize CIFS, Microsoft’s infamously chatty file-transfer protocol. For sites looking to optimize Windows traffic, CIFS-optimization efficiency is a top concern.

Our advice: Make certain vendors are not pushing the notion that application-acceleration devices are “just” file caches; they’re smarter about storing data and employ other optimizations to boot.

3. How do application-acceleration devices operate with the rest of my network?

Imagine the effect on the network if an intermediate device were to terminate TCP connections, alter IP addresses and port numbers, and possibly scramble packet payloads. That’s one way of describing exactly what many acceleration devices do. While these effects aren’t always harmful and may be desirable, network transparency may be a concern.

Altering or hiding packet contents can cripple devices that need to see those contents, such as firewalls, bandwidth managers, and QoS-enabled routers. All the devices we tested optionally can be configured to run in a transparent mode, but might lose optimization efficiency in doing so. Of course, if other devices don’t examine traffic contents, this isn’t an issue.

Another design concern is whether devices operate inline or in so-called off-path mode. Cisco and Riverbed devices can be configured for off-path operation, meaning traffic passes up through a separate software module, while the device simply bridges nonoptimized traffic.

All devices tested fall back to passthrough mode if acceleration is disabled, a useful feature in maintaining availability, and all offer failover capabilities. To further enhance availability, the Blue Coat and Cisco devices also support clustering of multiple application-acceleration devices.

Our advice: Grill vendors on whether or not their product will “blind” other devices, such as firewalls or bandwidth managers, that need to see packet contents.

4. What are the security implications for appli-cation acceleration?

On the plus side, acceleration devices can improve data privacy by setting up encrypted tunnels between sites. Because these tunnels carry all data (or some user-defined portion of data that’s sensitive),

there’s no need to set up authentication and encryption on a per-application basis.

But these devices also keep copies of all user data, creating disclosure concerns and possible compliance issues for industries that require end-to-end encryption. Network managers will need to revise security policies to cover data stored on acceleration devices, not only while it’s in use but when it’s retired (to ensure its disks are wiped clean before disposal or recycling). The Cisco and Silver Peak devices have an elegant solution: They encrypt data on disk, rendering it useless to an attacker.

Our advice: Push potential vendors to explain how you could revise security policies as appropriate to deal with use and disposal of sensitive data stored on their application-acceleration devices.

5. What’s my application mix? Acceleration-device vendors differ in terms of the number and

type of applications they can optimize. Not all application-acceleration devices optimize UDP-based

traffic, including the Blue Coat appliances in our tests. Given that voice, video, file sharing and some backup traffic may use UDP, sup-port for UDP-based applications will likely become more important over time.

For many enterprises, the mission-critical, revenue-bearing application is something developed in-house. Even the longest list of supported standard applications won’t help here, but even so the application may still be a good candidate for TCP or other optimiza-tions. Testing support for custom applications is critical in such situations.

Our advice: Force any potential vendor to address how its product will directly address the prospect of speeding up your organization’s application mix.

6. Where are my users? Most acceleration today is done between sites, with a symmetrical

pair of devices at either end of a WAN link. However, some client software is beginning to become available for road warriors and telecommuters.

Blue Coat has released client software that performs most, but not all, the same functions of its hardware appliances. The client code does caching, compression, L4/L7 optimization, but it doesn’t perform WAN-data reduction. Riverbed also has announced an acceleration client, and other vendors are likely to follow.

Our advice: If you need to speed traffic going out to a mobile workforce, press vendors about their plans to provide application-acceleration clients as well as site-to-site appliances.





CApplication acceleration: Making sense of a crowded technology market

Confused about application acceleration? You’ve got company. Dozens of vendors have entered this hot area, using another dozen or so techniques to reduce response time, cut bandwidth consumption, or both. As with any market where multiple sellers all speak at once, it’s easy to get lost amid the claims and coun-terclaims. It’s harder still when the wares for sale are new and unfamiliar to many buyers.

As always, education is key. This article describes the major types of acceleration devices; introduces the players; explains the workings of acceleration mechanisms; and looks into what the future holds for this technology.

Application acceleration products generally fall into one of two groups: Data center devices and symmetrical appliances that sit on either end of a WAN link. A third category, acceleration client software, is emerging, but it is in relatively early stages.

Application acceleration may be a relatively new market niche, but the technology behind it has been around for some time. For close to a decade, companies such as Allot Communications and Packeteer have sold bandwidth optimization appliances that priori-tize key applications and optimize TCP performance (Packeteer also offers a symmetrical WAN device.) Other acceleration technologies such as caches, compression devices, and server load balancers have been around even longer. For the most part, though, the application acceleration market today is split between data-center and WAN-based devices.

The two device types differ not just in their location in the network but also in the problems they address and the mechanisms they use to solve these problems.

Into the data centerData centers have high-speed pipes and numerous servers. Some

also have multi-tiered designs, with Web servers arrayed in front of application and database servers. In this context, improving perfor-mance means reducing WAN bandwidth usage for out going and incoming traffic and offloading TCP overhead and/or SSL overhead or eliminating servers.

Prominent vendors of data-center acceleration devices include

Array Networks, Cisco Systems, Citrix Systems, Coyote Point Systems, Crescendo Networks, F5 Networks, Foundry Networks, and Juniper Networks.

Data-center acceleration devices use a variety of mechanisms to achieve these ends Weapons in their acceleration arsenal include TCP connection multiplexing, HTTP compression, caching, content load balancing, and SSL offload. Though more of a security measure than a performance feature, some data-center accelerators also rewrite content on the fly.

Of these mechanisms, connection multiplexing and HTTP com-pression do the most to reduce WAN bandwidth usage. Connection multiplexing is helpful when server farms field requests from large numbers of users. Even with load balancers in place, TCP connection overhead can be very significant. Acceleration devices lighten the load by multiplexing a large number of client-side connections onto a much smaller number of server-side connections. Previous test results show reductions of 50:1 or higher are possible.

Note that 50:1 multiplexing doesn’t translate into a 50-fold reduction in servers. Other factors such as server CPU and memory utilization come into play. Still, multiplexing can lower overhead and speed content delivery.

As its name suggests, HTTP compression puts the squeeze on Web payloads. Most Web browsers can decompress content; usually the stumbling block is on the server side, where compression is often disabled to reduce delay and save CPU cycles. By offloading this function off the servers and onto the acceleration devices make it feasible to do compression.

Obviously, results vary depending on the compressibility of content. Since most sites serve up a mix of compressible text and uncompressible images, HTTP compression offers at least some bandwidth reduction, and may even be able to reduce the number of Web servers needed. One caveat: Compression won’t help at all with seemingly random data streams, such as encrypted SSL traffic, and could even hurt performance.

The remaining data-center application acceleration mechanisms help lighten the load on servers. Caching is one of the oldest tricks in the book. The acceleration device acts as a “reverse proxy,” caching oft-requested objects and eliminating the need to retrieve them from origin servers every time. Caching can deliver very real performance

By David Newman






gains, but use it with care: Real-time content such as stock quotes must never be cached. Object caching also won’t help when a small part of a large object changes, for example when a single byte in a large document is deleted.

Content load-balancing is conceptually similar to previous generations of layer-4 load balancing, but in this case the decision about where to send each request is based on layer-7 criteria. For example, devices run SQL queries and other “health checks” on back-end databases to decide which server will provide the lowest response time.

SSL offload also helps speed delivery of secure communications. In some cases, acceleration devices act as SSL proxies; the encrypted tunnel ends on the acceleration appliance, with cleartext traffic flowing between it and the origin servers. This frees up the server from computationally expensive SSL encryption, and in many cases it can dramatically reduce server count in the data center. It’s also possible to achieve end-to-end encryption through proxying; the acceleration device terminates a client’s SSL session and then begins a new session with the server. Some performance gain is still possible through TCP multiplexing.

Because data-center acceleration devices are application-aware, they have the added capability of being able to rewrite URLs or even traffic contents on the fly. Citrix has announced the ability to replace credit card numbers in data streams with Xs instead, preventing theft by interception. Similarly, it’s possible to rewrite URLs, either to make them shorter or more recognizable or to hide possible security vulnerabilities. On this latter point, an attacker may be less likely to probe for Microsoft Active Server Page vulnerabilities if a URL ending in “.asp” gets rewritten to end with “.html”.

Going SymmetricalFor many enterprises, the biggest bang for the acceleration buck

comes not in the data center, but on the dozens or hundreds of WAN circuits linking remote sites to data centers. A Nemertes Research survey found that monthly WAN fees alone account, on average, for 31 percent of total enterprise IT spending. In that context, even a small performance improvement can mean big savings.

That’s not to suggest that symmetrical WAN devices provide small improvements. Network World test results show WAN bandwidth reduction of up to 80 times (not 80 percent) and 20- to 40-times improvements in file-transfer rates. Considering the huge bite of the IT budget that WAN circuits take every month, symmetrical WAN acceleration devices are very much worth considering.

The technology certainly has gotten vendors’ attention, with numerous companies offering this type of acceleration device. Players in this crowded field include Blue Coat Systems, Cisco Systems, Citrix Systems, Exinda Networks, Juniper Networks, Riverbed Technology, Silver Peak Systems, and Streamcore.

All these vendors offer appliances and/or acceleration modules large and small, with size depending on WAN link capacity and the number of connected sites and users. Devices generally include disks for caching (though caching may have a different meaning than the caching capability of data-center devices; more on that later). All seek to address the number one bottleneck in enterprise WAN traffic: the sluggish performance of the Microsoft Windows TCP/IP stack across the WAN.

Beyond those common capabilities, these devices may offer at least some of the following mechanisms to reduce WAN bandwidth usage or to speed data transfer: application- and transport-layer optimizations; pre-positioning (a method of storing content closer to users); data compression; read-ahead/write-behind methods; and protocol prioritization.

Application-layer awareness is the most potent WAN accelera-tion technique. All vendors in this area can optimize the two most common application-layer protocols in enterprise networks – CIFS (common Internet file system), used in Windows file transfers, and MAPI (messaging application program interface), used by Exchange email servers and Outlook clients.

Because CIFS is notoriously chatty, it’s a terrible performer in the WAN. Even a simple operation like opening a directory and listing files can involve the transfer of hundreds or even thousands of CIFS messages, each one adding delay. Acceleration devices streamline and reduce CIFS chatter using a variety of proprietary techniques. The results are impressive: CIFS performance in Network World tests of four offerings in this space was 30 to 40 times faster than a baseline test without acceleration.

All vendors can optimize CIFS, MAPI, and other popular applications such as HTTP, but there’s a considerable amount of specsmanship about how many applications are supported beyond the basics. Some vendors’ data sheets claim to optimize more than 100 different applications, but often this means simply classifying traffic by TCP or UDP port number, and not necessarily doing any-thing specific with application-layer headers or payloads. Network managers are well advised to quiz prospective vendors on what specific optimizations acceleration devices offer for their organiza-tion’s particular application mix.

Pre-positioning, another big bandwidth saver, is essentially an automated form of caching. Say a large electronics distributor regularly distributes a 75-Mbyte parts catalog to all 15,000 of its employees. Rather than have employees retrieve the catalog from headquarters over and over again, a better option is to load the presentation locally at each remote site’s acceleration device, and then distribute it locally. Most caches can do that, but pre-positioning goes further by automating the catalog’s distribution to all accelera-tion devices at remote sites. Especially for organizations with many large sites, the bandwidth savings can be very substantial.





Caching can take two forms: object caching, as discussed previously in our data center discussion and byte caching (called “network memory” by some vendors). With byte caching, each appli-ance inspects and caches the stream of data going by, and creates an index for each block of data it sees. The index may contain some form of hash uniquely identifying that block. The first time a device forwards data, the byte cache will be empty. On each successive transfer, the pair of devices won’t transfer the data again; instead, it just sends the indexes, in effect saying “just send block X that you already have stored in your cache.”

Byte caching has two benefits. First, like object caching, it greatly reduces the amount of data traversing the WAN. Second, unlike object caching, it chops the byte stream into relatively small blocks rather than dealing with potentially huge objects. If only a small part of a very large file changes, the acceleration device just sends the updated data, not the whole object. Some devices, such as those from Blue Coat and Cisco, employ both forms of caching (in Cisco’s case, for Windows file traffic only. Others such as those from Riverbed and Silver Peak rely on byte caching alone.

WAN acceleration devices also use data compression to reduce WAN bandwidth usage. This isn’t just the HTTP compression seen in data-center devices; instead, symmetrical WAN devices compress entire payloads of all packets, regardless of application. Compres-sion works best for data streams comprised mainly of text or other repetitive data; for near-random byte patterns (such as images or encrypted data), it’s not much help.

Cisco’s WAAS acceleration devices use “read-ahead/write-behind” techniques to speed up file transfers. While these techniques aren’t new (server and PC designers have employed them for years), they can speed file transfers. Both techniques take advantage of the fact that enterprise data tends to be repetitive. Over time, devices can pre-dict that if a user requests block A of data, then a request for blocks B and C are likely to follow. With that knowledge, the device can line up the next blocks and serve them out of memory instead of a much slower retrieval from disk. And speaking of disk operations, it takes a relatively long time to write data to a disk. Write-behind operation defers write requests until several have accumulated and then does

them all at once. From the user’s perspective, read-ahead and write-behind both translate into faster response times.

Many acceleration devices (with the notable exception of Cisco’s) also use various QoS mechanisms to prioritize key appli-cations or flows during periods of congestion. Cisco also has a prioritization story, but it involves communication with routers, which then perform the actual queuing. For enterprises that already have enabled QoS features on their routers, this is a useful approach; for others just getting started with QoS it may make sense to consider using the acceleration device for queuing. As with application support, there is considerable variation among products as to which types of traffic acceleration devices can prioritize.

Future trendsClient software, security, and device consolidation are likely to

be the next major trends in application acceleration. Acceleration client software already is available from Blue Coat and others have clients in development. These software packages give PC-toting road warriors and telecommuters some if not all the techniques used in acceleration appliances.

Security is another hot-button issue, with acceleration vendors adding support for SSL optimization (supported by Blue Coat and Riverbed in one Network World test, with plans announced by Cisco and Silver Peak). Cisco and Silver Peak devices also encrypt all user data stored on appliances, a key consideration for regulatory compli-ance in some industries.

If past history is any guide, it’s also likely switch and router vendors will fold at least some acceleration features into their devices. However, the market for standalone devices is highly unlikely to disappear anytime soon. Most switches and routers aren’t TCP-aware today, let alone application-aware, and getting there will take time. Moreover, the form factors and component costs of acceleration devices (many have beefy CPUs, memory, and disks) argue against rapid consolidation, especially into low-end branch office switches and routers. For fully featured acceleration, standalone pairs of devices are likely to be the platform of choice for at least a few more years.




A

Tech update


APPLICATION

Application performance management: What makes it so hard?

As part of our coverage of the state of network optimization, I asked Hon Wong, CEO of Symphoniq (and former co-founder of NetIQ), to weigh in on the challenges of Web application performance.

Symphoniq’s software monitors Web applications to provide IT with a picture of what end-users are experiencing and to auto-matically detect, diagnose and pinpoint the root cause of performance problems before they become widespread. (Compare Web site application and performance manage-ment products)

Here’s what Wong had to say about the impact of technologies such as virtualization, service-oriented architecture (SOA) deploy-ments and more.

What are the biggest challenges for enter-prises these days, in terms of Web application performance management?

Traditional enterprise tools focus on mea-suring the availability and performance of various server or network components. With

today’s complex Web applications, especially with the adoption of virtualization, cloud computing, Web 2.0, etc., it is not the perfor-mance of individual technology silos that matters, but how the complex interactions of these technologies or platforms impact the performance as experienced by the end user that is important to the enterprise’s bottom-line. The challenge is not in measuring CPU consumption or number of network connections, but in understanding end user experience and relating that to causes of performance problems. Certainly one cannot manage what one cannot measure, and the only true measure of Web application perfor-mance is at the point where the application comes together at the end user’s browser.

Do application delivery controllers and WAN optimization devices make it harder to monitor application traffic from end to end? How do you get around these obstacles?

Acceleration appliances for both Web and WAN applications offload traditional server functions like load balancing, caching, compression, security and firewall func-

tions to dedicated appliances in order to improve application performance without having to deploy more server or network resources. The side effect is that one can no longer assume that there is a strong, direct correlation between server and end user performance. In other words, one cannot assume that the end user is receiving the desired level of performance even if the server is running well. The way to determine whether the end user is receiving the desired level of performance or that the Web or WAN accelerator is delivering the expected level of performance improvement is to directly measure and analyze end user performance information. The variation in end user performance, before and after the activation of the acceleration appliance, can be used to tune the appliance for improved application performance.

Are SOA applications particularly hard to troubleshoot and manage?

Yes, SOA applications are hard to manage not because it is new, but because it is very complex. SOA applications are orchestrated

By Ann Bednarz

Symphoniq’s CEO talks about the art of Web application performance management.




W

Section 4: Tech update • • •

from existing or third party Web service modules with unknown performance characteristics, and often evoked from across the Web cloud with many uncontrollable bottlenecks. IT can neither fully test the orchestrated application, nor gain full control over the application infrastructure especially if the services are supplied by a third party. Without a systematic, end-to-end approach to managing SOA application performance, expected benefits like quick-turn develop-ment, agility and reusability can easily be

negated by end user performance issues, and operational management challenges.

Does Symphoniq work with the applica-tion acceleration vendors to create tighter integrations between your products and the network devices?

Yes, Symphoniq’s end user performance monitoring solution is tightly integrated with the leading application acceleration vendors’ devices. As a result, customers of these devices can measure the end user experience of Web traffic speeded up by

these devices. Furthermore, Symphoniq’s solution for application acceleration appliances can be extended to pinpoint bottlenecks or causes of performance problems encountered by real users. Inte-grating Symphoniq end-user performance monitoring technology with application acceleration appliances gives IT actionable information needed to tune the appliances as well as identify performance bottlenecks within the infrastructure and application code to optimize application performance.

Infrastructure and application performance management: Separate but equal

By Peter Sevik and Rebecca Wetzel of NetForecast

When we describe Infrastructure Performance Management (IPM) and Application Performance Management (APM), we explain that the same perfor-mance management processes apply to both views. This may lead you to believe that they differ in objec-tives but not in substance. Wrong. Although the same processes apply to both, the information they generate is very different. Let’s compare the types of information that each view provides.

Incident ManagementIPM Information: Router down, circuit failure, server out of service,

group of servers are off-line, etc. These incidents are clearly attributable to infrastructure and affect many users in a wholesale fashion.

APM Information: Loss of service within a geographic region, execu-tion errors (e.g., HTTP 404), slow performance, software incompatibility (client and server versions failing to communicate), missing cookies, users can’t acquire address or credentials, etc. Here the incidents are more focused on one user or a narrow group of users. Often they result from a user path misconfiguration within an otherwise healthy part of the infrastructure.

Availability ManagementIPM Information: Percentage of circuits, routers, switches, servers, etc.,

that are operating. Availability reports are often the inverse of corre-sponding incident reports. If an infrastructure group - like switches - has no incident reports, then it is 100 percent available.

APM Information: Percentage of authorized user access methods (wireline, cell service, WiFi) that are working, number of client-server connections that can be made, all devices on a flow path are operating,

SSL keys are installed and certified, alternate routing is working, etc. This view of availability is more subtle. A device can be operating yet a user of group of users cannot successfully interact with the system.

Capacity ManagementIPM Information: Is there sufficient processing power in each

system element to handle the projected load? This is often defined by the utilization and projected utilization headroom of physical resources like CPU, memory, circuit bandwidth, etc.

APM Information: Are there sufficient server process and TCP connection pools, and are latency and loss low enough to meet application needs? Is bandwidth management per flow, flow-based precedence handling, and traffic policing sufficient to keep critical business traffic flowing, etc. Most of this capacity management makes sure that the resources are not arbitrarily held back (e.g., when users see poor performance because they are contending for a token permitting access to a resource while the resource is sitting idle).

Service Level ManagementIPM Information: Detailed description of services performed like

number of transactions processed, web pages delivered, GBytes of traffic moved, files replicated, etc. These are service levels defined within a service offering description. Some of the IPM availability data may also be part of the service level report. The primary objective of these reports is to justify the cost of the service (internal budget or external vendor payment).

APM Information: What application flow characteristics are known and supported, do user response times support the business function, do voice services meet quality standards, does videoconferencing support business functions, etc. The primary objective of these reports is to justify that the service meets the needs of the business.





FFolks often get confused about the difference between central-ized (a.k.a., asymmetrical or single ended) and distributed (a.k.a., symmetrical or dual-ended) application performance solutions. Centralized ADS solutions employ a device in a data center near a server or server cluster. The device inter-cepts traffic passing to and from the server(s), and directs and/or modifies the intercepted traffic. Modifications to intercepted server traffic must be under-stood on the user’s end, so the data center device must communicate with client software that makes sense of the modifications. The user’s browser serves as the most ubiquitous standard client; therefore, at present Centralized ADS solutions are typically deployed to deliver to Web-based applications.

Some Centralized ADS vendors provide proprietary software cli-ents that can further accelerate Web applications as well as optimize non-Web applications. These clients provide a cost-effective alterna-tive to Distributed ADS solutions in home offices or “micro branches”.

Distributed ADS solutions rely on a device in the data center and companion devices in remote offices. These devices are placed near WAN ingress/egress points where they can see, prioritize, and modify traffic. Because Distributed ADS solutions require access to the remote office, they are limited to private or virtual private networks. In the case of telecommuting or mobile workers, Distributed ADS vendors sometimes supply the “remote device” as software installed on the user’s PC.

A critical difference between these two approaches is where and how they can be applied. Here is a view of the centralized-distributed divide.

Another important aspect of the two approaches is that the centralized approach is inherently open and interoperable, while distributed solutions are closed and vendor

specific. You can buy Centralized ADS solutions from vendors A and B as long as they operate in front of different servers. The users will continue to use the same browser to access all “enhanced” applications.

However, if you buy a Distributed ADS solution from vendors D and E, they will not interoperate. Thus to experience the full benefit of solutions D and E, you must install both in all locations, which can be costly. Furthermore, some features of D may adversely affect the work of E. Operating two different distributed solutions is tricky, and at best they work as “ships in the night” ignoring each other.

The bottom line is that you can be a multi-vendor Centralized ADS shop, but you will typically be forced to adopt a single-vendor Distributed ADS solution.

What’s the difference between centralized and distributed application performance solutions?

By Peter Sevik and Rebecca Wetzel of NetForecast

locations where approach works

Appl

icat

ions

hel

ped

Where enterprise can put box or software Anywhere

Web

+ m

any

ap

plica

tions

Web

-bas

ed

appli

catio

ns o

nly

Centralized ADS

Distributed ADS




L


Like beauty is in the eye of the beholder, optimal application performance is in the experience of the end user. It’s a subjective matter that can bewilder network managers trying to ensure every app performs as its end users expect. And while the process of determining what optimal application performance is can be ambiguous, it is crystal clear when the goal has not been met and end users are complaining about slow service and non-re-sponsive applications.

“There are logical limitations that apply to every application across various orga-nizations. Everyone assumes the faster the better, but it’s good to calculate the end-user expectations in your specific environment so you’re not working to achieve an unreachable goal -- that doesn’t really matter to your end users as much as you think,” says Charles Thompson, manager of systems engineering at Network Instruments, a maker of network troubleshooting and analysis tools.

For instance, a call center location that is all about call processing would place a higher priority on accessing customer data than an end user that doesn’t field such calls in their daily work. According to Thompson, network

managers need to baseline that normal behavior of applications in their environment and determine the response times end users expect from their applications. What end users can live with in terms of application perfor-mance can sometimes be more realistic than what network managers assume.

“There are thresholds that one organiza-tion would consider bad, but that might be perfectly suited for another organization,” Thompson says. “Network managers need to look at the deviations from what is consid-ered normal in their organization and not set expectations that might not apply to every application.”

Another speed bump organizations could run into when looking to optimize applica-tion performance is unexpected usage. While network managers know to expect spikes in e-commerce applications around holiday shopping seasons or streaming video applica-tions following specific sporting events, sometimes applications undergo increased usage that impacts performance and that type of trend can fly under most network managers’ radar.

“The ability to understand the trends in business usage of the application -- such as functions that are being used more than before or resource intensiveness functions -- is key,” says Motti Tal, executive vice president of marketing, product and business develop-ment at OpTier, which makes transaction monitoring software. “Without this visibility,

such a problem would take ages to identify, isolate and repair.”

For instance, a company that employs a self-service portal application might start mar-keting it to different departments over time. Usage of the portal could slowly increase -- not registering a spike in activity across the monitoring systems network managers use to track performance issues. Once usage rates hit a certain level, performance for the applica-tion could become spotty and inconsistent, Tal explains.

“Time outs and unavailability of functions could occur when all the health indicators seem normal and operating at the expected levels,” Tal says. “Because something in the application or the infrastructure might not have changed, it would take some time for network managers to figure out why out of seemingly nowhere performance degraded.”

In this scenario, it would help IT to be in the loop on business initiatives, including the marketing of services that could tax applica-tion resources. This type of business activity monitoring could help IT plan for gradual increases in resource consumption and application usage.

“Organizations must be able to track the invocation of services on an application by business users at a granular level -- and be able to trend this usage -- over time,” Tal explains. “Organization must also be able to associate resource consumption with their IT infrastructure with those business activities.”

What is considered good application performance?Optimal application performance is in the experience of the end user.

By Denise Dubie




CA Case Study


CUSTOMER SUCCESS STORY:UNION BANK OFCALIFORNIA

Business:Founded in 1864, the Union Bank of California is now one of the leading commercial banksin the US. It offers a comprehensive range of financial services to both individuals andbusinesses via a network of 330 branches in California, Washington and Oregon.

Union Bank of Californiaimproves its online banking services by ensuring a consistentcustomer experience.

Business Impact Summary

Solution:The bank deployed CA Wily Customer Experience Manager (CEM), part of the CA WilyApplication Performance Monitoring solution (APM) to monitor more than 35 Web-basedcorporate and customer applications. The solution enables Union Bank to identify andresolve performance issues before they impact its customers, who generate a daily throughput of 1.5 million transactions.

Result:Customers can now access online banking applications much more quickly and easily — forexample, the bank’s single sign-on solution now has a customer-generated transactionsuccess rate of 99 percent. Thanks to this improved performance, Union Bank is able toprovide a consistent online experience, which is key to maintaining customer satisfactionand corporate profitability.

Challenge:Union Bank’s customers need round-the-clock access to their funds and accounts. UnionBank has been increasing access via its online banking facilities, which must be highlyavailable to safeguard customer experience and satisfaction. Without end-to-end visibilityof the online banking experience and the associated transactions, the company was oftenreliant on customer complaints to alert it to transactional issues.

Customer ProfileIndustry: Financial ServicesCompany: Union Bank of CaliforniaEmployees: More than 10,000

2 CUSTOMER SUCCESS STORY: UNION BANK OF CALIFORNIA

Business Providing superior servicesThe Union Bank of California was founded in 1864 in San Francisco and is now one of the 25 largest commercial banks in the US. Partly owned by the Bank of Tokyo-Mitsubishi, UnionBank has 330 branches in California, Washington and Oregon as well as facilities in six otherstates and two international offices.

The bank offers a broad mix of financial services to both business and individuals, includingconsumer, small business and corporate banking, real estate finance, investment and financialmanagement, insurance services and global custody.

Union Bank was the first major Californian bank to open a seven-days-a-week ‘supermarket’branch in 1990, and has 608 automated teller machines throughout the US to provide itscustomers with round-the-clock access to their funds. The bank is committed to providingsuperior service for its customers, employees, shareholders and the communities it serves.

ChallengeSafeguarding customer satisfaction In addition to branches with extended opening hours, Union Bank offers its customersincreased access to their accounts via online and telephone banking facilities. Based on anumber of core Web applications, these facilities must be highly available and highlyperforming to maintain customer satisfaction levels.

The bank has a heterogeneous IT infrastructure, which combines the latest Web technologywith older legacy systems. Although it has extensive existing monitoring solutions, thosesolutions monitor with the other individual elements of the IT infrastructure that areinterconnected with their Web application environment. Without an Application PerformanceManagement solution, it is very difficult to monitor the application and associated transactionsbecause the application flows through individual ‘silos’ of the IT infrastructure.

This siloed approach to monitoring meant that Union Bank was unable to guarantee the speedand quality of its Web applications or its ability to match the service expectations of itsthousands of customers.

As Dominic Koroly, Vice President of the Union Bank of California, explains, “We lacked end-to-end visibility of the customer experience, which meant that we were only made awareof certain issues when an individual contacted us to complain. We estimated that on average100 customers experience a fault before someone complains, so were keen to take a moreproactive stance to minimize disruption and potential dissatisfaction.”

“We lacked end-to-end visibility of the customerexperience, which meant thatwe were only made aware of certain issues when anindividual contacted us tocomplain. We were keen totake a more proactive stanceto minimize disruption andpotential dissatisfaction.”

Dominic KorolyVice President, Union Bank ofCalifornia

CUSTOMER SUCCESS STORY: UNION BANK OF CALIFORNIA 3

The need to improve the online customer experience was reinforced when the bank’s ChiefTechnology Officer laid down the challenge to the IT team to eliminate customer complaintsregarding Web performance and availability for a period of six months.

SolutionContinuous systems availabilityUnion Bank was already using CA’s solutions for Network and Systems Management as well asCA Wily Introscope, also a part of the CA Application Performance Management solution, tomonitor parts of its Web infrastructure, and decided to supplement those existing monitoringcapabilities with CA Wily Customer Experience Manager (CEM). CA Wily CEM is largelyfocused on the monitoring and management of the customer experience as well as the qualityof service levels that are provided to customers.

CA Wily CEM was implemented in just three weeks with the help of CA Services, with minimaldisruption and at no risk to existing online applications. “Wily CEM is used to monitor thebank’s full suite of commercial and home banking applications, including its single sign-onsolution,” adds Koroly.

This equates to more than 35 applications, 350 critical business transaction definitions runningwithin 50 Java Virtual Machines. CA Wily CEM is integrated with IBM Tivoli NetCool and CAWily Introscope, and monitors up to 1.5 million customer transactions a day for Union Bank.

The CA Application Performance Management solution enables Union Bank’s applicationinfrastructure support team to quickly detect problems in real time, and drill down to quicklyidentify the root cause of those problems. The team is then able to prioritize any issues andensure they are resolved before customers are affected. As Peter Duffy, Critical SituationManager for the Union Bank of California, explains, “CA Wily CEM saves a vast amount of timeby instantly isolating where a problem lies. We can then call upon the expertise of the correctteam to fix it as soon as possible.”

This ability to monitor and report on key online Web applications has helped improvealignment between the quality assurance and IT teams at the bank. For example, CA Wily CEM has enabled Union Bank to define more realistic service level agreements, measure itstransactional performance against them and report understandable results back to both IT and the business.

“CA Wily CEM saves a vast amount of time byinstantly isolating where a problem lies.”

Peter DuffyCritical Situation Manager, Union Bankof California

ResultsBoosting the quality of the online customer experience These results include impressive improvements in application performance and customerexperience. For example, transaction success rates for the bank’s single sign-on applicationnow consistently exceed 99 percent. This means customers can now access online applicationsmore quickly and easily.

“‘Severity one’ incidents were defined as issues that were reported by customers; as problemsare now consistently resolved before customers are impacted, the term has had to beredefined,” comments Koroly.

The bank’s proactive approach to application performance management has enabled it to:

• Increase the efficiency of its IT and critical situation teams

• Improve customer satisfaction with online banking services

• Safeguard reputation and profitability.

“Using CA Wily CEM we are able to guarantee the quality of the online customer experience,”comments Koroly. “This helps boost customer satisfaction levels, which is essential to thesuccess of the business in today’s demanding and competitive banking industry.”

To learn more and see how CA software solutions enable other organizations to unify andsimplify IT management for better business results, visit ca.com/customers.

“Using CA Wily CEM we are able to guarantee thequality of the online customer experience. Thishelps boost customer satisfaction levels, which isessential to the success of the business in today’sdemanding and competitivebanking industry.”

Dominic KorolyVice President, Union Bank ofCalifornia

Copyright © 2008 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.

Executive Guide: App Performance Management...tion, VoIP and service-oriented architecture -- which...

Documents

Transcript of Executive Guide: App Performance Management...tion, VoIP and service-oriented architecture -- which...