NetEqualizer Gains Traction against Competition in Australia

April 17, 2008 — netequalizer

In a recent discussion on how and where to deploy a NetEqualizer Stephan Wickham, Product Marketing Manager for KeyTrust (keytrust.com.au), had the following astounding revelation:

“My view is to try NetEqualizer and see how it works – I would then only apply a more expensive solution in instances that require special features or functionality not available with NetEqualizer. I believe this approach is the most practical. I also don’t believe that identifying and reporting on 100s of application types as performed by other products on the market serves much purpose. It would be like trying to manage freeway traffic flow by the identifying vehicle types and then reserving lanes per type. NetEqualizer works more like identifying a gang riding Harleys disrupting traffic and turns them into nice people riding Vespa scooters going with the flow.”

Posted in Testimonials. Tags: , , , , . Leave a Comment »

NetEqualizer Bandwidth Controller Looking Strong During Slowdown

April 5, 2008 — netequalizer

The last several months have been filled with panic and scare by the news media. The world is coming to an end for many reasons. To name a few:

1) Greedy Wall Street firms

2) Greedy oil companies

3) Lack of government oversight on the mortgage industry

4) An unpopular war in IRAQ

5) Child molesters on the Internet

6) Crazed lunatics on college campuses

I suppose you could listen to this and get depressed or you could ignore it and buy a NetEqualizer, which is what many new customers are doing these days.

One factor is obviously our price points. Companies either die or move forward, and part of moving forward involves maintaining a superior communication infrastructure.

During boom years, purchasing a bandwidth controller was an easy sale for our competitors. The Packeteer, Allot, River Bed reps showed up at the door and the typical IT director, opened his pocket, and wrote a check, often dropping 50K without blinking. Now with a slightly uncertain future, the formerly little known NetEqualizer brand, priced too low to be true, is now on par with more expensive traffic shapers.

Our inquires and sales for the first quarter of 2008 are picking up over last year. We have not increased our advertising and we still sell mostly direct, thus keeping our prices down.

In the past week, we had major sales to companies such as Fluor Corporation, Airbus, and some major college accounts.

More to come soon, look for our new release coming out in May 2008.

Eli Riles — For the NetEqalizer

Posted in News, Press Releases. Tags: . Leave a Comment »

A Detailed Case Study of Packet Shaper and NetEqualizer

April 3, 2008 — netequalizer

Editors note:

The quote by the Adams State administrator sums it up.

 "The price is fair, the best value in the product space"

This is a re-post of the Adams state blog, the details are a bit technical which don’t reflect the actual simplicity of a basic setup. From box to Network it is usually under an hour, without little or no recurring maintenance.

http://faculty.adams.edu/~cdmiller/?TrafficShaping

Also note NTOP reporting issues were remedied shortly after this original post back in 2006.

———————————————————————————————————-

In May 2006 we switched bandwidth management products. We moved from traditional layer 7 traffic shaping to bandwidth arbitration. We looked at upgrading our current product and 3 other solutions.

I am convinced protocol and layer 7 based filtering is dead. I expect P2P products to use SSL or TLS bypassing layer 7 filters. Ethically layer 7 filtering smells like content filtering, big brother, evil.

Bandwidth arbitration keeps things simple. When the Internet connection reaches a tuneable level of utilization the arbitrator slows down longer lived higher usage data transfers based on the number of connections and their utilization. Per host connection limiting keeps P2P playing nicely.

The chosen product? Net Equalizer.

Based on the open source Bandwidth Arbitrator, it is easy to configure and highly customizable. Support has been excellent.

  • Initial Tests

With the netequalizer link size at ~20% below our average utilization our pipe remained completely usable. Interactive applications responded well while large transfers continued to function. The connection limits appear to keep bittorrent and gnutella functional and in control.

  • Qualitative Results 2006-06-23

Downloads are faster, latency is at pre layer 7 filtering levels (9ms vs 300ms), P2P protocols are usable again, and we no longer police content, we manage bandwidth. Support has been excellent with technicians responding directly to my emails with all technical levels of questions answered, good, silly, and questions about the inner workings of the appliance. I was instructed on cautions to take withe any attempt at customization, and given the go ahead for some minor custom configuration without voiding the warranty.

  • Update 2006-11-06

We have run the Netequalizer for 6 months. Results are phenomenal compared with our last product. Our Netequalizer box has been up for 116 days with no configuration changes from the start of the semester. I look at my Cacti graphs and the custom CGI reports for solace, as if I’m disappointed the appliance doesn’t need more care and feeding.

  • Our Configuration

For our 21Mb link, we set 3 basic parameters:

 RATIO 75
 BRAIN_SIZE 2500
 CONNECTION LIMIT 40

The ratio is the amount of of our pipe in use before any shaping (arbitration) takes place. The brain_size is the number of connections for the equalizer to track and act upon, I have seen this number reached only once on our system. The connection limit means we allow 20 incoming and 20 outgoing connections maximum for every host on our network. We had to set every one or our servers as an exception to this rule, allowing 50,000 incoming and outgoing connections for those. We also had to specify our link size. That’s it end of configuration.

  • Custom Modifications

We did very simple things to appease ourselves of the performance of the box. First, we placed an SNMP daemon on it. I used a stock snmpd from a Mandriva 2006 server, from net-snmp 5.2.1.2. I was going to static compile one, but it turned out the dynamic libraries were all in place, here is the ldd output:

     ldd /usr/local/snmp/sbin/snmpd
     linux-gate.so.1 =>  (0xffffe000)
     libdl.so.2 => /lib/tls/libdl.so.2 (0x4001b000)
     libz.so.1 => /usr/lib/libz.so.1 (0x4001f000)
     libm.so.6 => /lib/tls/libm.so.6 (0x40031000)
     libc.so.6 => /lib/tls/libc.so.6 (0x40057000)
     /lib/ld-linux.so.2 (0x40000000)

I put the daemon in /usr/local/snmp/sbin/ and the mibs and snmpd.conf in /usr/local/snmp/share/snmp/.

We created 2 custom CGI scripts. One script shows the complete current logfile on demand rather than the last however many lines the web interface shows. The other script shows total current connections, followed by a list of hosts with more than 3 connections, sorted by total outgoing and incoming connections. I modified some of the scripts provided in the /art directory to produce those results. Someone with more familiarity with the Linux bridge utilities could probably do better.

Here is the showlog.cgi script I placed in the /var/www/cgi-bin/arbi directory:

 #!/bin/perl
 print "Content-type: text/html\n\n";
 print "<html><head></head><body><pre>";
 system("cat /tmp/arblog.bak");
 system("cat /tmp/arblog");
 print "</pre></body></html>";

Here are some lines from the showlog output, catching the arbitrator slowing someone down with .05 second delays (the DELAY portion):

 11/06/06 08:39:32 PENALTY  IP : 147.124.8.230 192.156.134.2 POOL: 0  WAVG:  133212 BUFF: 102  DELAY: 5
 11/06/06 08:39:32 INCREASE PENALTY  IP: 147.124.8.230  192.156.134.2 POOL: 0  BUFF: 102  DELAY: 10
 11/06/06 08:39:44 Traffic up: 575430 Traffic  down: 962330  POOL 0
 PENALTY  THRESHOLD pool 0 up 2688000 down 2688000
 11/06/06 08:39:47 PENALTY DECREASE: 147.124.8.230 192.156.134.2 to 5 POOL: 0
 11/06/06 08:39:51 PENALTY REMOVE: 147.124.8.230 192.156.134.2 POOL: 0

Here is some output from our connections script with the top 5 out and in hosts:

 Total Connections: 2074
 More than 3 Outgoing Connections:
 192.156.134.15 76
 192.156.134.2 61
 72.166.201.218 58
 192.156.134.16 36
 72.166.205.159 21
 More than 3  Incoming Connections:
 72.166.205.159 88
 192.156.134.15 76
 72.166.201.110 57
 192.156.134.2 56
 72.166.201.218 51

Notice the hosts with more than 20 connections. Some of these are exempt servers, but others are workstations. Our firewall disallows non related incoming connections campus workstations, Netequalizer is in front of the firewall. I have examined some of these cases and many are P2P connection attempts that never truly connect to transfer data or are very short lived. We typically see about 20 to 30 hosts at or above the connection limit and about 100 hosts with more than 3 incmoing or outgoing connections, including all of our Internet servers.

  • Verification, Tests

We have an out of band PC using Ntop to track what hosts on the network are doing. I have verified the output of the Netequalizer against our Ntop machine many times in the last few months. I have also on occasion initiated a large download from a fast Internet site when I notice one or two folks getting high data rates. At those times I have observed Netequalizer start to arbitrate, creating head room on the pipe to keep bursty interactive traffic responsive.

  • Criticism, Pros, Cons
 The user interface is spartan, strictly functional
 Ntop is not really usable on the appliance

 Editors note: ( NTOP has been updated and supported in later versions since this comment was posted)

 An SNMP daemon should be included
 More logging should be available
 Performance is as advertised, if not better
 Minimal configuration is required
 Maintenance is minimal
 User manual has some typos
 User manual requires a full read
 User manual is only 36 pages, reflects minimal configuration required
 Some level of customization is allowed without voiding the warranty
 Support is excellent
 The price is fair, the best value in the product space

Created by APconnections, the NetEqualizer is a plug-and-play bandwidth control and WAN/Internet optimization appliance that is flexible and scalable. When the network is congested, NetEqualizer’s unique “behavior shaping” technology dynamically and automatically gives priority to latency sensitive applications, such as VoIP and email. Click here for a full price list.

Posted in Testimonials. Tags: , , , . 1 Comment »

NetEqualizer Trivia, Famous Encounters with bandwidth shaping

January 12, 2008 — netequalizer

What do Lance Armstrong, Barack Obama have in common with NetEqualizer? Read on to find out.

The engineers at APconnections, being the geeks that they are, like to play a little game of trying to make a valid case for famous people who may have used a NetEqualizer. Loosely defined this means have they ever logged into the Internet through an ISP provider that uses NetEqualizer for their bandwidth control.

Obviously most of this game based on p racticalspeculation, but there are some compelling cases.  In the case of Barack Obama it is a matter of timing. The diplomatic American Embassy in Kabul runs an unsecured  wireless internet service for employees and visitors. A few months ago they purchased and installed a NetEqualizer , seems there internet link was getting a bit overloaded.  We also know from our sources inside the embassy, that Diplomats, including US Congressmen and Senators, will often stop over, open their laptops and use the wireless network in the Embassy to check personal e-mail. So it is very likely that various US Senators and Congressmen have been logged into our system there, especially over the holidays when they are drumming up support by posing with the troops.  Unfortunately our research shows that Senator Obama’s recent world wide tour had him in Kabul on July 19th. The NetEqualizer did not arrive at the embassy until early October of this year.  A minor disappointment, but things are looking good for the next president.

Note: Sitting presidents do not use public Wi-fi systems when traveling.

Other likely famous users include Lance Armstrong. The Olympic Cycling training center in Colorado springs deploys a NetEqualizer going on two years now certainly Lance has stopped by once or twice over the years?  As for Sarah Palin,  we have quite a few units scattered around  regional ISPs in the state of Alaska.  If Sarah Palin gets out and about with her laptop, there is a good chance she has logged into the Internet through one of our units.

Since we first published this article back in November 2008, we added the Vancouver International Airport as well 100,000 additional users through ISPs throughout the world. We’ll keep searching for celebrity sitings as they come in.

Posted in News, Testimonials. Tags: , , , , , , . 1 Comment »

Frontier Flyaway Contest Winner Announced!

December 8, 2007 — netequalizer

Hopefully it’s no secret to you that we offer a fantastic Netequalizer Demo on our website. We were so confident that users would love the Netequalizer after demoing it that we announced our Flyaway Contest earlier in the year to reward a new user.

To be eligible, all you had to do was register on our demo site within the past four months. The winner was chosen at random and is rewarded a pair of roundtrip domestic discount tickets on Frontier Airlines – a $525 value!

Our last Flyaway Contest Winner of 2007 was DANIEL DUARTE of http://www.homex.com.mx/ who was announced in the Netequalizer December 2007 Newsletter released earlier this month. If you would like to subscribe to our monthly newsletter, please email us at admin@apconnections.net and we’ll get you our January 2008 edition.

If you want a chance to be our next Flyaway Contest Winner chosen in early spring 2008, then go to http://www.Netequalizer.com and register for our cool demo! You will be impressed!

Posted in Contests. Tags: , , . Leave a Comment »

What Can We Do To Improve NetEqualizer?

December 8, 2007 — netequalizer

We are always looking for feedback on how to improve Netequalizer products. What features do you want to see in 2008? Some ideas we have in the works are:

  • CALEA Probe for VOIP
  • Shaping by Domain Name (Input a URL
    Instead of an IP)
  • Quieter Fan (Already Shipping This!)

This is your chance to tell us what you’d like to see in the Netequalizer for 2008!

Please send all ideas to admin@apconnections.net or give us a call at 303-997-1300, extension 102.

Posted in New Features. Tags: , , , , , . 1 Comment »

2008 Pricing Update

December 5, 2007 — netequalizer

Wouldn’t it be nice if Santa would bring us a promise of no manufacturing or logistic cost increases for the new year?

Santa is magical but not quite that magical!

Our Finance guys are crunching the numbers now and will have our new 2008 Product Pricing List available the first week of January. You still have plenty of time, however, to get your order in before those new prices go into effect.

Don’t Delay – Check out our current Netequalizer Price List and get your order in today!

Posted in News. Tags: , , , , . Leave a Comment »

Complimentary NetEqualizer Tech Training Seminar Is Coming to Monterey, CA

November 8, 2007 — netequalizer

On Wednesday, December 19 from 9:30 a.m. to noon, we will be hosting a complimentary seminar on
the NetEqualizer technology at the Portola Plaza Hotel (http://www.portolaplazahotel.com/) in Monterey, CA. The seminar will be divided into two parts, with the first providing an overview of the NetEqualizer and the second focusing on advanced technical training. Since the Portola Plaza runs the NetEqualizer in its conference center and hotel, we’ll be able to examine live hotel traffic as part of the training session.

This will be a great opportunity for existing and potential customers to see the full capabilities of the NetEqualizer. If you’re in the area, be sure to catch it!

For more details, contact us via e-mail at admin@apconnections.net or give us a call at 303-997-1300, extension 102. We look forward to hearing from you & meeting you at the seminar!

Posted in Conferences. Tags: , , , , . Leave a Comment »

Name-Based Shaping Is Now Available!

May 22, 2007 — netequalizer

APconnections is pleased to announce the availability of name-based shaping. Now you can set class of service for your users by domain (user) name. And regardless of where or how they login into your network, the NetEqualizer will enforce subscribed service-level service agreements (i.e., 3 meg, 1 meg etc…).

How does this service work?

It is designed to work with your DHCP server. Your DHCP server is the device on your network which hands out an IP address to clients when they login or become active. Since clients can receive a new and different IP address each time they login, it is normally difficult and perhaps impossible to assign a unique SLA for each customer. But, with NetEqualizer name- based shaping, you assign the SLA to the customer domain name (computer name) and the SLA sticks with them wherever and whenever they login.

I use MAC addresses for shaping, why would I use name-based shaping?

MAC address shaping works well with small networks and is sufficient if you plan to remain under about 300 customers. But, once you grow beyond the amount of MAC addresses a network segment can handle, MAC address shaping breaks down and becomes complex to manage. If you are currently using MAC shaping and plan to increase your number of customers, it’s a good time to think about making the architecture change to domain-based shaping or some other alternative.

Posted in New Features. Tags: , . Leave a Comment »

NetEqualizer Announces Low-Cost CALEA Probe for Mid-Level ISPs

May 18, 2007 — netequalizer

LAFAYETTE, Colo., May 18, 2007 — APconnections, a leading supplier of plug-and-play bandwidth shaping products and creator of the NetEqualizer, today announced an upgrade that will allow operators to perform the necessary data reporting measures mandated by the Communications Assistance for Law Enforcement Act, or CALEA.

“We already had a great bandwidth shaping tool dispersed in networks around the world. It was a natural extension to add CALEA functionality with our equipment already in place,” said Art Reisman, CEO of APconnections. “Rather than watch our customers purchase CALEA specific solutions at what seem to be inflated prices, we have produced a functional CALEA probe that meets the spirit of the law at no extra cost to our existing customers.”

The NetEqualizer CALEA probe will allow an ISP or other system operator to comply with a basic warrant for information about a user on their network by capturing and sending IP communications in real time to a third party. This communication can be captured either by headers alone, or by both headers and content. The NetEqualizer probe will provide basic descriptive tags identifying headers, data, and time stamps, along with HEX or ASCII representation of content data.

Customers with current NetEqualizer Software Subscriptions (NSS) can implement the upgrade at no charge. This will be done with the assurance that the NetEqualizer’s bandwidth-control capabilities will continue to operate effectively and unabated. All future NetEqualizer models will be shipped with the upgrade already installed.

The NetEqualizer is a plug-and-play bandwidth control and WAN/Internet optimization appliance that is flexible and scalable. When the network is congested, NetEqualizer’s unique “behavior shaping” technology gives priority to latency sensitive applications, such as VoIP and email. It does it all dynamically and automatically, improving on other bandwidth shaping technology out there. It controls network flow for the best WAN optimization.

Posted in CALEA, New Features, Press Releases. Tags: , , . Leave a Comment »

NetEqualizer and CALEA: A Short Q&A

March 15, 2007 — netequalizer

What is CALEA?

CALEA, or the Communications Assistance for Law Enforcement Act, is the law that oversees telecommunication security which has now been expanded to Internet security. The FBI has been working to specify what is expected of wired and wireless ISPs, which has yet to be released in final form. There are some fairly harsh federal penalties for noncompliance that become effective in May 2007 (the stick). In the spirit of protecting our nation, the mission is not to make life miserable and expensive for operators and thwart communications, but rather to give the FBI and homeland security tools to wire tap (if I can borrow the term) Internet conversation on a moment’s notice.  I suspect it would be a rare occurrence for a small WISP to receive a warrant to comply, but it would be potentially devastating to security should the means to monitor conversation not be available. In the words of a consultant working for CALEA and the FBI, here is the verbatim minimal requirement as we obtained via e-mail in order to determine our obligations as a Network Tool supplier.

Norm wrote:

“Basically, an interception warrant would need to isolate and capture all communications to or from the subject of the warrant.  The warrant could specify that only header information is to be provided (i.e., a Pen Register/Trap and Tracee) or that header information and communications content should both be provided. “The Packet Technologies and Services Committee (PTSC) has developed standard ATIS-1000013.2007 for CALEA compliance for landline ISPs (including WiFi and WiMAX). Unfortunately, ATIS has not yet posted the standard on its web site (www.atis.org).”

Our promise to our customers will be to provide a minimal compliance utility on our NetEqualizer Platform and support these utilities without adding additional cost to the product, if possible.

Below is a Q&A regarding our plans.

When will the NetEqualizer CALEA compliance module be available?

We will have a “best effort” unit available for trial as of May 1. We caveat this as best effort because there may be some lag time to comply exactly with the requirement once the requirement is finalized and posted. However, there is enough information right now to get close to compliance, which is what we plan to do.

Will there be any additional cost?

At this time all customers with current NSS (software upgrade licenses) will not be charged. The NSS license for one year runs approximately 10 percent of the purchase cost of a new unit. Typically this would be in the $200 to $300 range.

Will the CALEA module ship with newly purchased units?

Yes, in fact any units purchased after March 20 will be eligible to receive the upgrade at no extra cost.

Will the upgrade cost for the CALEA module always remain the same?

We cannot promise a fixed price for future upgrades. If the complexity of this feature gets “out of hand,” we may have to label a “nonstandard” upgrade and charge, essentially making it a new product rather than an upgrade and charge accordingly.At this time our plans are to keep it as a standard upgrade.

Will the standard NetEqualizer feature and the CALEA utility run on the same hardware at the same time?

Due to the sensitive nature of the information should a warrant be requested for a tap, we have decided it would be best to focus on getting the stream to the federal agency. For this reason, the NetEqualizer will fall back to standard bridge mode. Obviously this may slow or degrade service to all customers, however this will be a rare event if ever and we’d rather do it this way than force customers to purchase an all new standalone appliance.

Additional Questions… If you have any questions please, contact us at support@apconnections.net or 1-888-287-2492. For additional information on CALEA, visit www.askcalea.net.

Posted in Bandwidth Monitoring, CALEA, Educational Articles, New Features. Tags: , . Leave a Comment »
Newer posts »