> Search:

> Sign up for our newsletters
Subscribe to the magazine



Beware the WAN Bottleneck
Workers are mobile, but the network seems to be standing still.

By Johnathon Cervelli

There's a perfect storm brewing for mobile users. The rising popularity of mobile devices, the evolution of enterprise applications, and latent limitations of most Wide Area Network (WAN) architectures are bringing the "mobile revolution" at many companies to its knees. The laptops and PDAs are turned on, the access points are deployed, but application performance is abysmal. Here's why.

In most organizations, the number of mobile users is fast on the rise. Mobility is no longer a privilege reserved for "road warriors." A recent survey by Forrester Research noted that 35% of enterprise employees are now considered mobile workers at least some of the time. Laptop sales are outpacing desktop sales, hot spots continue to multiply, and wireless connectivity is now taken for granted, especially by younger workers. In addition, more workers are carrying PDAs and smart phones and accessing company networks from locations such as WiFi hotspots, hotels, airports and 3G coverage areas.

But in branch offices and other remote locations, mobile workers are finding that application performance is slow and getting slower. There are two bottlenecks contributing to this performance problem. The first, confined to the branch office itself, is the wireless LAN connection between a user's laptop, PDA or smartphone and the local network. The second bottleneck, affecting all mobile users accessing company resources, is the WAN, the network connection to corporate headquarters and the company data centers.

The WLAN bottleneck has received lots of attention over the past few years. I.T. departments are addressing the problem by deploying more access points and optimizing network configuration.

The WAN bottleneck problem hasn't received the attention it deserves. WANs have been struggling to keep up with the recent proliferation of network services and the ever-rising volume of network traffic. Now the popularity of mobile services is stretching inferior WAN solutions beyond their limits. The result is slow application performance in remote offices. Mobile users discover that, despite the promise of wireless computing, their productivity is suffering, because the mission-critical applications they depend on run too slowly.

What's Causing the WAN Bottleneck

The source of the WAN problem isn't hard to discover, but I.T. organizations have to know where to look. Many WAN optimization products do a poor job of addressing the following challenges.


A major challenge for today's WAN implementations is "convergence," the migration of voice and video services to IP networks. VoIP has become the default technology for new telephone systems, and more companies are using video for everything from training to sales promotion to lunchtime entertainment (e.g., YouTube). Voice and video require low latency and reliable network service. Worse, video consumes a lot of bandwidth. WAN optimization implementations designed to handle the basic client-server data connections of five years ago often do a poor job addressing these types of applications because the data is already highly compressed. Trying to pile on additional compression only leads to client-side delays as the appliance burns cycles on inevitably futile data reduction.

Verbose Web Applications

Running in parallel to the mobile revolution is the Web services and Service-Oriented Architecture (SOA) revolution, promising greater business agility and operational efficiency. Web services based on XML are notoriously verbose. When a Web services application replaces an older-client server application, it's not uncommon for the application's bandwidth usage to increase substantially---even as much as ten- or a hundred-fold, because of the data bloat caused by XML. As I.T. departments extend or replace legacy applications with Web services, network traffic will increase, thereby exacerbating the performance problem at remote offices.

Another factor increasing the number of network sessions is the rising popularity of enterprise mashups. Mashups are browser-based applications that connect to disparate resources---for example, the Google Maps API, the FedEx.com Web site, and the internal shipping and receiving department's report server---to integrate data in the browser and provide highly useful views of information. Each connection to a data resource must be optimized. The mashup's overall performance is determined by the worst-performing sub-application. Imagine a smartphone user accessing a mashup that runs on a server at headquarters and that accesses data from Google and FedEx. Every leg of the data journey should be optimized in order to deliver satisfactory service to the end user.

Oracle on a Treo: Mission-Critical Applications and Mobile Workers

A few years ago, a significant portion of mobile computing was confined to employees accessing email and calendaring applications from locations such as conference rooms. But usage patterns are changing. Now, says Forrester Research, a growing number of workers are using mobile devices to access mission-critical applications, such as ERP applications.

This raises the stakes for I.T. departments offering mobile services. Users of mission-critical applications expect high performance---the same performance they received from applications running over wired connections. If I.T. cannot meet their requirements when roaming, users will be forced back to laptop and/or wired access solutions for line of business applications, and the business will lose a critical opportunity for enhanced productivity and faster customer response times.


If WAN optimization products aren't integrated with security solutions, I.T. organizations are often left with a choice: accelerate the traffic or secure it. Necessarily, they choose the latter, and application performance suffers.

But enterprises don't have to sacrifice performance if they deploy WAN solutions that integrate security features. In fact, building security into a WAN solution makes perfect sense. To accelerate traffic, a WAN appliance is already performing the traffic analysis and packet inspection required for making intelligent, policy-based decisions about threats and inappropriate traffic. In line between a user and the corporate network, a WAN appliance is perfectly situated for enforcing security controls. When integrated into the WAN, security controls create little overhead and, by eliminating illicit traffic, can improve application performance.

Selecting WAN Architecture that Beats the Bottleneck

The advantages of mobile computing---including increased productivity and lower network infrastructure costs---are too compelling to ignore. The rising popularity of laptops, smartphones, and PDAs ensures that the mobile revolution will only gain speed in the next few years. To come out ahead, enterprises should examine their WAN architectures today and begin implementing a flexible, scalable solution that addresses the needs of mobile users.

What should enterprises look for? After reviewing the problems contributing to the WAN/mobile bottleneck, it isn't difficult to identify the features and characteristics of a winning WAN solution.

First, enterprises should look for a WAN solution that provides advanced protocol optimization, caching and application acceleration features for the Web-based applications key to mobility's future. Accelerating and caching can make a tremendous difference in application response time---for example, enabling screens to refresh in 2 seconds instead of 20 can make the difference between users accepting or rejecting new business applications.

Second, enterprises should look for solutions that are easy for I.T. to deploy and for end users to adopt. Client software, for example, should be easy to install and configure. It shouldn't require complicated login procedures. Developing easy-to-use client software takes practice. It pays for enterprises to find out about a vendor's experience with client software. And it's worth trying the software out with a test group to ensure it really is as easy to use as the vendor promises.

A related issue to ease-of-use is support for VPNs. Again, the goal is to provide end users with a common experience, regardless of whether they're local or remote, on an internal LAN or connecting over a VPN. Look for a WAN solution designed with the end user's convenience in mind.

Third, enterprises should make sure their WAN infrastructure supports VoIP and video. This means that accelerating and caching algorithms must support not only transactional applications, such as database applications and Web applications, but also streaming applications, such as video.

Finally, security remains a paramount concern for every I.T. organization. No enterprise can afford to sacrifice security for WAN performance.

Enterprises should look for a WAN solution that offers a broad set of security controls. The WAN solution should be able to block users from accessing Web sites whose content violates corporate HR policies or whose content is known to include malware. The WAN should also be able to enforce highly granular access policies. For example, it should be able to limit access to content based on a user's role. It should also be able to enforce time-based policies---for example, blocking access to news sites except at lunch hour. In addition, it should support the use of PKI and SSL to secure and authenticate network connections, especially for new Web-based applications that could be collecting data from a variety of sources over the Internet.

Incidentally, blocking inappropriate network traffic, in addition to improving security, can also improve network performance. If a WAN solution enforces a network access policy that forbids users from watching video sportscasts during business hours, overall bandwidth usage will be reduced, and mission-critical applications will be less likely to encounter network congestion.

Enterprises should find out what security options the WAN solution provides, such as integrated authentication, role-awareness and application protocol awareness. It makes sense to involve a security officer, such as the company's Chief Information Security Officer (CISO), in the evaluation of a WAN solution, to ensure that the WAN solution doesn't expose internal networks to external threats.

Fortunately, some of the leading WAN vendors recognize the importance of mobility for enterprises today. By shopping carefully and assessing WAN optimization products for mobile support, enterprises can avoid a storm of end user complaints about wireless application performance. By focusing on mobile requirements, enterprises can keep all remote users---wireless and wired---sailing smoothly with fast, secure applications.

Johnathon Cervelli is senior product marketing manager for Blue Coat Systems, a provider of appliances for corporate networks.