Ads 468x60px

Senin, 31 Oktober 2011

Speed Up VPN and RDP Performance Over the Internet with Akamai

Our engineers have been working with customers for years upgrading and improving their wide-area networks in order to deliver the best application performance to the remote sites possible. We are very familiar with how this is done when using a leased circuit service such as MPLS, both with QoS at the routers, and Wide Area Application Acceleration. This has been much more difficult to do with applications delivered over the Internet, and in most cases we haven’t even tried. This has all changed now with Akamai’s enterprise services that are designed to speed up application delivery for remote users over the Internet.

Most people who are familiar with Akamai know that they started out by caching large files on their distributed servers in order to speed up static web content delivery, and they still excel at doing this. A couple of years ago they rolled out an entirely new service dedicated to accelerating dynamic content over to Internet. This service can make a huge performance improvement for any organization that delivers dynamic content over the Internet on a national or international scale to remote workers, customers, or business partners.

Now Akamai has taken this huge network of servers, which is 61,000 separate servers in 70 countries worldwide, and applied it to dynamic content delivered over the Internet. Examples of this include:
  • Improve VDI (virtual desktop infrastructure) performance.
  • Speed up any end-user applications delivered by HTML or IP.
  • Remote office and end-user VPN acceleration.
  • Speed up large file transfers.
  • WAN supplementation or replacement.
Benefits of the Akamai Service


So if a company uses the Akamai service to improve the delivery of this dynamic content over the Internet what benefits does that provide to the organizations that use their service?
  • Speed up remote user application performance.
  • Reduce server load.
  • Improve application delivery reliability.
  • Reduce bandwidth usage at main server datacenter.
There are two services from Akamai that are used to accomplish this. The first is the IP Application Accelerator (IPA), and the other is the Web Application Accelerator (WAA). Both of these products accelerate dynamic application content for end-users, dramatically speeding up remote user application performance. The difference between the two is the Web application accelerator is used primarily for the delivery of HTML content and is optimized for that, whereas the IP application accelerator will accelerate the delivery of any TCP content.

Who Can Use this Service?


There are a few things that should be noted about these services. The first is that they are all delivered as a managed service; there is no hardware to buy or install. The second note is that this only applies to content delivered over the Internet. Akamai does no acceleration on a company’s internal LAN or WAN. Finally, the larger that the geographic distance between the servers and the client, the more of an improvement there will be. If all your users are within a regional area, this is probably not a service for you. Whereas if you have end-users distributed nationally or internationally, especially in countries where IP delivery can be unreliable at times, this will make a huge difference.

How Dynamic Application Acceleration Works


There are specific technologies that Akamai uses to accomplish this dynamic application acceleration. Some of these are common to all acceleration techniques, and include compression, caching, and token passing to substitute for dynamically cached content. Then there are other technologies used that only an organization like Akamai that has tens of thousands of servers worldwide are able to accomplish.

Since Akamai has one of their edge platform servers in just about every data center in the world, as well as in most cities, any time a request is made for accelerated service, Akamai’s Intelligent DNS points the user to a local server. When a user opens a connection with that local server, there is very low latency, TCP window size is maximized, and any local content that is already cached is delivered right away. The same thing occurs at the head end where the application server resides — it also communicates with the local Akamai server, getting the same benefits. Any dynamic content that has to be delivered from the application server to the end-user is transmitted first to the local Akamai server, then between the two Akamai servers, then from the Akamai server local to the end-user to the end-user. The Akamai two Akamai server communication is done in a special way to maximize speed, reliability, and security of the traffic; basically three copies of each TCP packet is sent over different Internet routes, as soon as the first packet gets there the other two are ignored.

Network Security of Application Acceleration


There are significant benefits to application security that area last through the use of the Akamai services. First off, the connections are made directly to that Akamai servers as opposed to the customer’s head end application servers. This means that any potential attacks that are made against the servers are actually made against Akamai servers and not the customers. Since the application delivery is distributed to the network of Akamai servers, it also provides built-in defense against denial of service and distributed denial of service attacks.

Furthermore, for customers that want to take network security to the next level on their Internet facing servers, there is a third product called Web Application Firewall (WAF) that Akamai offers. The W. AF module is integrated into the acceleration service and provides for additional protection like:
  • Limiting HTTP Request methods.
  • Stopping requests by robots crawlers and security scanners.
  • Prevent command injection attacks for use of data validation.
  • Stop Trojan activity.
  • Check for SQL information leakage.
How is the Service Delivered?


The WAA and IPA services are more complex than the traditional Akamai static caching service, so Akamai has decided to deliver these services through channel partners that are expert in network optimization, application acceleration, and network security. Since in many cases the customer may want to look at supplementing or replacing their WAN with Akamai accelerated VPN service over the Internet, these channel partners all have a deep understanding of routers, network protocols, and information delivery optimization.

The acceleration can be done on how basis by setting up a test DNS entry that Akamai manages, and remote users can test the difference between regular and accelerated Internet application performance through the use of the test DNS entry. It is straightforward to set up and test the Akamai service.

Where It Can Make the Most Difference


Most organizations typically do a test run with whatever application is causing the most issues and problems at the time. This can be a VDI deployment to remote users that is experiencing unacceptably slow performance, slow remote desktop protocol sessions, slow enterprise application performance, or other similar issues that users or customers are complaining about.

To find out more contact one of Akamai’s channel partners that specializes in dynamic application acceleration over the Internet, like Adcap Network Systems.

Sources


Akamai’s Document Briefcase

____________________________________
Author: Rolf Versluis
Adcap Network Systems – Atlanta and Miami
Great Local Engineers Creating Systems that Work!
Posted at Adcap Tech Tips

0 komentar:

Posting Komentar