Being conservative is safe. That’s why some IT departments don’t use the full capacity of their WAN in case there’s network congestion.
But a company called Saisei launched a new network monitoring solution today its says can let organizations and service providers use up to 98 per cent of their links’ capacity with a Linux-based appliance that reads network flows and applies policies faster than other solutions.
FlowCommand eliminates the requirement for queuing and scheduling of packets by routers, the company says. Instead it scans only the first 40 to 50 frames of each packet, then makes a decision on applying policies.
And administrators can apply about 40 policies including giving priority to specified applications, denying access to sites in certain geographies and blocking applications.
Jeff Paine, the company’s vice-president of marketing and business development, said FlowCommand (for enterprises and service providers), FlowEnforcer (for SMBs) are what he called network performance management applications.
They are the “first real advancement in the way TCP/IP networks can behave since DARPA in the early 1980s.”
Some enterprises only run a link at 30 to 70 per cent of utilization to avoid what happens when the TCP/IP stack gets congested, he said – so organizations are using less of what they pay for. “Because when things get congested the best of the QoS (quality of service) mechanism were invented in 1999-2001 and they all drop packets randomly when they get jammed up.” The result is applications time out and crash, and many online users are, to say the least, unhappy.
FlowCommand and Flow Enforcer let organizations use more of the bandwidth they’re paying for, he said. “You don’t have to worry about unexpected traffic; you can handle anything that gets thrown at you. Every single authenticated session will get through. Mission critical apps aren’t even aware there’s congestion going on.”
Security is also improved because of the control over traffic that passes through the appliance.
Industry analyst Jim Frey, vice-president of research at Enterprise Management Associates, called what the Saisei solutions do “closed-loop feedback automated optimization” because as traffic passes through the appliance analytics can change prioritization and management policies on the fly.
Vendors that make competing network optimization solutions like Cisco Systems, Riverbed and Silver Peak have been trying to do something similar but haven’t put the pieces together yet the way Saisei has, he said.
While Frey has seen a demo of the appliance and is impressed at the visibility it has into flows. However, he hasn’t yet talked to a customer.
The other advantage is that Sansei analytics and control can sale, Paine said. The initial version of FlowCommand can handle up to 5 million concurrent flows across a 10 GB link — adjusting each flow’s bandwidth and applying policies 20 times a second. It can also track 1 billion hosts.
It only adds 5 to 6 microseconds of latency,” he said, less than a next generation firewall.
Pricing is based on the amount of capacity the appliance handles, starting at 50MB and going up to 10 GB. FlowCommand costs US$8,000 a year for 50 Mb on a three year licence. FlowEnforcer for SMBs costs US$5,000 for 50 Mb. FlowVisibility, which just does analytics, costs US$2,500 for 50 Mb.