Cisco Wide Area Application Services review
By Keith Schultz | Network World US | Published: 15:40, 23 November 2011
The latest release of Cisco's WAN optimization product line, Wide Area Application Services (WAAS) 4.4, proves that the company famous for routing packets can also shape, optimise and accelerate them.
WAAS provides TCP optimisation, data compression, application specific optimisation and intelligent caching, all controlled from a single browser-based management console. WAAS comes in a variety of form factors and deployment methods, a data centre appliance, branch office box, virtual WAAS for cloud-ready installations and a mobile client for Windows operating systems.
For this test, we deployed a pair of WAVE-294 (Wide Area Virtualisation Engine) branch office appliances and a pair of WAVE-8541 data centre appliances. We used Cisco's default optimisation settings, which include more than 190 pre-defined acceleration rules.
Our first goal was to verify Cisco's claim that the WAVE-8541 can handle up to 150,000 concurrent connections and not drop any packets or sessions. We created a high-speed network in the lab and cranked up the traffic with a pair of Spirent 3100B Avalanche load generators.
A pair of WAVE-8541s was directly connected via 10Gigabit Ethernet through two Cisco Catalyst 6500 routers on the WAN side. The LAN side was also 10G Ethernet to the Spirent device with a 1 Gigabit backbone for the Central Manager and other devices. We monitored the connection levels both from the Spirent console and via command line from each 8541 appliance.
During the 30-minute test run, the connection count stayed solid at 150,000 connections. CPU utilisation on the data centre-side WAAS-8541 peaked at approximately 51%, while the branch unit never exceeded 31%. The 8541 scaled to 150,000 without any issues even while the default set of WAN optimisation policies were enabled.
Next, we tested Cisco's claim that the WAVE-8541 appliance can handle 2Gbps of optimised WAN throughput. Using the same network setup, we created traffic from four Ubuntu clients running iperf connected to our Gigabit LAN. The traffic generated by iperf was a mix of 50/50 compressible and uncompressible data. With all four clients active, the LAN side reported approximately 3.96Gbps of traffic and the WAN side peaked at 1.97Gbps. That represents some of the best performance we've seen based on previous testing of WAN optimisation gear.
New cache features
In the past, Cisco's cache engine on the data centre device was segmented, each branch was assigned a specific portion of the data centre appliance's cache and it could not be shared with other WAAS appliances. This meant that even though a particular block of data had already gone through the data centre to one location, other offices couldn't take advantage of this information.
Cisco's new context-aware DRE (Data Reduction Engine) does away with the segmented cache, opting for a single large unified cache that all appliances can participate in.
Cisco's DRE adapts to changing conditions in traffic and applications. For most everyday traffic, HTTP, CIFS, NFS, MAPI, etc., the cache operates in a bi-directional mode. Signatures and byte segments are located at both ends of the connection and help reduce overall WAN traffic regardless of direction.
What's interesting is that DRE can also function in a uni-directional mode for specific traffic types, like streaming audio and video, and VDI. Because the traffic is one way from the data centre to the remote end, there is no need to cache any of this data at the data centre. Instead, only indexes are created at the data centre and stored at the remote site, so that any subsequent streaming traffic can take advantage of any cached byte segments in the branch appliance without filling up the cache.
To test the bi and uni-direction functionality, we added a pair of WAVE-294s as our branch office appliances simulating two locations. We connected to a SharePoint server and file share located in the data centre through a WAVE-8541, and downloaded and uploaded files into each system.
We were able to monitor the amount of data stored in DRE on both sides of the connection and because of the duplicate nature of the files, there was about 90% reduction in WAN traffic. Caching and compression are common features in WAN optimisation devices, and it is always nice when the systems work as advertised.
No habla UDP
WAAS does not optimise or cache UDP traffic. For some customers, this could be a critical factor when choosing a WAN optimisation solution. While most day to day traffic is TCP, there is a growing amount of UDP traffic that will be ignored by WAAS.
For example, Cisco will optimize and accelerate Citrix's HDX and Microsoft's RDP remote access protocols for VDI, but VMware's PCoIP protocol is UDP and will simply pass through the appliance. Also, some backup solutions stream data to storage devices using UDP.
The software engine for WAAS is the same regardless of platform. Not all features are available on all formats, but overall, Cisco has designed a consistent user interface and feature set across platforms.
In order to manage your WAAS deployment, you will have to install at least one Central Manager, Cisco's WAAS management platform. Available in both virtual and physical versions, it is required for all WAAS installations, and is an additional cost. The virtual installation is only available for VMware ESXi or Cisco Unified Computing System appliances and one Central Manager console can manage up to 2,000 WAAS devices. We found the browser-based management UI is well laid out and very intuitive to use.
Admins assign the various WAAS installations into logical groups and apply optimisation policies at that level. If the situation requires, admins can drill down and override group policy at the single device level, too. An optimisation policy is made up of an application classifier and an action. The application classifier is the component that tells the policy what type of traffic to intercept, for example TCP port 139 and 445 for CIFS. IT can create custom classifiers for specific traffic types.
The action is what determines how the traffic is manipulated, and there are nine different actions available. From passthrough to TFO (TCP Flow Optimisation) to TFO with DRE and LZ data compression, WAAS covers just about all possible scenarios. We were able to create custom policies quickly in just minutes and easily deploy them to specific device groups.
All hands report
A big benefit of managing all of your devices in a single location is the ability to view the status of all locations at a glance and create consolidated usage reports. There are a number of reports included in Central Manager, such as traffic and optimisation summary, HTTP, HTTPS, video, SSL, MAPI and NFS acceleration reports, and also an overall acceleration summary. You can generate reports on a specific device, if needed. Unfortunately, IT cannot create any additional types of reports, such as charts and statistics on a customized policy for one specific traffic type.
We like that Cisco includes Cisco Prime, its Network Analysis Module, as part of Central Manager. Where Central Manager's reporting is unique to WAAS devices, Cisco Prime will collect network statistics from all across the network, including non-WAAS appliances. This allows IT to get a complete picture of network traffic from end to end and not be limited to WAAS-only information.