How is virtualization being used in the enterprise wide area network? Can application delivery controllers support virtualization? Read this Q&A to learn the answers to these questions and more.
At last year's Interop, you held a session called "A Comparison of WAN Optimization Controllers." This year, you are holding a session called "A Comparison of Application Delivery Controllers." What's the main difference between WAN optimization controllers and application delivery controllers?
Jim Metzler: There is a tremendous difference between WAN optimization controllers—or WOCs—and application delivery controllers. The most obvious difference is that an application delivery controller—or ADC—is regarded as being asymmetric. You might have multiple ADCs, but they all reside in your data center, whereas a WAN optimization controller comes in pairs, and one goes in the data center and the other goes in the branch office. From that perspective, they are very different. The main job of WAN optimization … is to make whatever file transfer transaction process faster over the WAN. ADCs don't do very much of that because there's nothing on the other end to talk to. The ADC has less to do with optimizing and more to do with taking processing off of the servers. Things like processing TCP and SSL that bog down the servers can be done more efficiently in the ADC, leaving servers to process the transactions that you bought them for. It's a financial tradeoff in many ways.
You're moderating another session at this year's Interop: Emergence of Virtualized Application Delivery Appliances. What has made virtual application delivery controllers more popular and promising today than in years prior?
Metzler: Part of it is just this on-going interest to virtualize everything. You have to be careful because some people say, "Oh, I have a virtualization project." And 99% of the time they mean server virtualization. But you're hard-pressed to find any component of IT that cannot be and is not being virtualized.
People will need to ask where they will want an ADC in hardware and where they will want an ADC in software. I think we're not at the point yet where we've laid those options out.
Jim Metzler, Interop Track Chair
In this case, I'm focusing primarily on virtual WAN optimization controllers and virtual application delivery controllers. We could talk about virtual switches, virtual routers, probes, firewalls, etc. For the most part, what I'm talking about in this session is taking the same software that vendors, like Riverbed and Cisco, would be writing on one of their hardware appliances and running it maybe on a virtual machine (VM) someplace. That's the most common way we think about virtualization. Hopefully, vendors have done more than just take the software out and run it in a VM, because if they did that, it probably wouldn't run very well. Hopefully, they also tweak and redesign the software to be efficient in its new environment.
What are the reasons why we're using virtual application delivery controllers and WAN optimization controllers? One of the reasons is the fact that these VMs exist. We have these platforms, certainly in the data center and an increasing number in branch offices. They provide a lower-cost alternative, if you already have the platform. Now the question comes down to how much will the vendor charge for their software—how aggressive will they get with their pricing?
Another reason [why we're talking more about virtualization] is that it's an awful lot easier to move around a virtual anything. You don't have to ship appliances across a region or ocean. So it typically lowers costs and makes it faster and easier to deploy.
Are virtual application delivery controllers as robust or effective as their hardware counterparts? Are there WAN optimization techniques that cannot be performed by a virtual ADC?
Metzler: It's an interesting debate there around performance. The convention of wisdom in our industry has always been, if you want to go really fast, you should do some of it in hardware. The people that have just a hardware-based solution claim that theirs is the best and the faster way to go. And people who have just a software solution will point out that sometimes these hardware-based solutions really are running on sort of a general purpose computer that has not been tweaked very much.
Now, having said that, let's assume that there are some cases in which the performance of the hardware ADC is better than the software ADC. What this might mean is that you have a hardware-based application delivery controller at the entry way of the data center, where you have high-speed pipes, all this processing, TCP sessions, etc., but in front of some database servers inside the data center where the traffic isn't as demanding, maybe you can use a software-based one. People will need to ask where they will want an ADC in hardware and where they will want an ADC in software. I think we're not at the point yet where we've laid those options out. Part of deciding this will be based on the vendor. It's going to come down to how close in performance the vendor's software product is compared to the hardware product and how close in price are they. Obviously, if there's not much of a difference in price, then you'll probably want the hardware-based one to get the extra performance, if there is any. If it's a big difference in price, then you'll probably want the software one.
The difference between a hardware and software-based ADC is somewhat technology-based. But the other part is licensing and how the vendor is approaching the market. These will influence the architectures we'll have for [ADCs and WOCs] ...
Hardware will always be there, because the virtual ADCs will have to run on something. The question is will it be an appliance that's just intended for the WOC or the ADC? Every year, the servers we get have more and more cores and they're screaming fast. So if you have an entire core on a server to a WOC over to the branch office, does it really need to have more than that? Will there be hardware that's dedicated for that function? The answer is yes, there will be some of all of that, based on what the office needs. If you've got a 10-person office and they're not doing really demanding stuff, then probably running the WOC software on the VM on the server will be fine. If you've got a 200-person office and they're doing 3D graphics, then that might not be the way to go.
So is the decision between a hardware and software application delivery controller based on the size of a company? What business criteria would facilitate a need for a virtual ADC over a hardware ADC?
Metzler: Size is one thing, but you need to look at what type of data is running over the WAN. It's tough. If you've got 150-200 people doing some simple transactions back and forth, well, there may be a lot of people, but they're not doing much. If you've got 3D graphics, or some really intense stuff, then maybe even 20 people could generate a lot of traffic. So you have to look at the volume of the traffic, the nature of it, and those sorts of things. It may also come down to the hardware version versus the software costs. That could be vendor-dependent and even sometimes deal-dependent. When your contract runs up with your current vendor, they'll say, "Boy, do I have a deal for you."
What types of branch office network hardware will need to remain in order to support virtual appliances? Are different vendors recommending different things?
Metzler: For the past few years, we've been talking about taking more and more out of the branch offices, but I don't know very many companies that don't have something left in the branch office. In many cases, they still have a fair number of things. But if you look at having a branch office box, or BOB—think of it as a platform—what would it be?
I've done a little bit of market research by giving companies three options:
- A server that has virtual machines in it
- A router, like Cisco's ISR, where you can put all sorts of stuff [like VMs] running on the router
- A WAN optimization controller that will allow you to put five VMs on it, and you can run applications like DNS, DHCP, etc., on it.
Some people said they might go with the servers; others said they might go for the router approach. I think we're still trying to figure out what it's going to be as we're getting more and more virtualization into the branch office. Again, in the data center, it's already there in most cases, but we're seeing more of it getting into the branch offices.
Will we really be looking at serverless next-generation branch offices? Should they be serverless?
Metzler: I really don't think so. You could say, "Gee, I've got this Cisco ISR and I'm running VMs inside of it—see? It's serverless!" But you're running a compute device, because that router or WAN optimization controller is still doing things like IO, compute and storage; it's processing applications, which makes it a compute device. I don't think taking everything out and getting all services provided externally will be terribly common at all.
Where can WAN managers with no experience with virtualization learn more?
Metzler: In the case of the WAN, virtualization encompasses a couple things: On the demand side, you would be concerned about virtual desktops, because once you start to virtualize the desktop, that's even more delay-sensitive in the wide area network. Then I would be concerned about the use of WOCs. So around virtualization, WAN managers need to be concerned about virtual desktops, but you might have a solution in these WOCs. My article on the impact of virtualization on application delivery would be useful. You could also learn how to use virtual WOCs in my application delivery guide on SearchEnterpriseWAN.com, [the table of contents of which you can find here]:
- Introduction to application delivery
- Improving virtualized applications
- Cloud computing adoption's effects on application traffic
- Optimizing mobile application delivery
- Optimizing virtualized servers
This was first published in October 2010