Ten Things to Consider When Choosing a Bandwidth Shaper


This article is intended as an objective guide for anyone trying to narrow down their options in the bandwidth controller market. Organizations today have a plethora of product options to choose from. To further complicate your choices, not only are there  specialized bandwidth controllers, you’ll also find that most Firewall and Router products today contain some form of  bandwidth shaping and QoS  features .

What follows is an  all-encompassing  list of questions that will help you to quickly organize your  priorities with regards to choosing a bandwidth shaper.

1) What is the Cost of Increasing your Bandwidth?

Although this question may be a bit obvious, it must be asked. We assume that anybody in the market for a bandwidth controller also has the option of increasing their bandwidth. The costs of purchasing  and operating a bandwidth controller should ultimately be compared with the cost of increasing bandwidth on your network.

2) How much Savings should you expect from your Bandwidth Controller?

A good bandwidth controller in many situations can increase your carrying capacity by up to 50 percent.  However, beware, some technologies designed to optimize your network can create labor overhead in maintenance hours. Labor costs with some solutions can far exceed the cost of adding bandwidth.

3) Can you out-run your Organization’s Appetite for Increased Bandwidth  with a One-Time Bandwidth Upgrade?

The answer is yes, it is possible to buy enough bandwidth such that all your users cannot possibly exhaust the supply.  The bad news is that this solution is usually cost-prohibitive.  Many organizations that come to us have previously doubled their bandwidth, sometimes more than once, only to be back to overwhelming congestion within  a few months after their upgrade.  The appetite for bandwidth is insatiable, and in our opinion, at some point a bandwidth control device becomes your only rational option. Outrunning your user base usually is only possible where  Internet infrastructure is subsidized by a government entity, hiding the true costs.  For example, a small University with 1000 students will likely not be able to consume a true 5 Gigabit pipe, but purchasing a pipe of that size would be out of reach for most US-based Universities.

4) How Valuable is Your Time? Are you a Candidate for a Freeware-type Solution?

What we have seen in the market place is that small shops with high technical expertise, or small ISPs on a budget, can often make use of a freeware do-it-yourself bandwidth control solution.  If you are cash-strapped, this may be a viable solution for you.  However, please go into this with your eyes open.  The general pitfalls and risks are as follows:

a) Staff can easily run up 80 or more hours trying to  save a few thousand dollars fiddling with an unsupported solution.  And this is only for the initial installation & set-up.  Over the useful life of the solution, this can continue at a high-level, due to the unsupported nature of these technologies.

b) Investors  do not like to invest in businesses with homegrown technology, for many reasons, including finding personnel to sustain the solution, upgrading and adding features, as well as overall risk of keeping it in working order, unless it gives them a very large competitive advantage. You can easily shoot yourself in the foot with prospective buyers by becoming too dependent on homegrown, freeware solutions, in order to save costs. When you rely on something homegrown, it generally means an employee or two holds the keys to the operational knowledge, hence potential buyers can become uncomfortable (you would be too!).

5) Are you Looking to Enforce Bandwidth Limits as part of a Rate Plan that you Resell to Clients?

For example , let’s say that you have a good-sized backbone of bandwidth at a reasonable cost per megabit, and you just want to enforce class of service speeds to sell your bandwidth in incremental revenue chunks.

If this is truely your only requirement, and not optimization to support high contention ratios, then you should be careful not to overspend on your solution. A basic NetEqualizer or Allot system may be all that you need. You can also most likely leverage the bandwidth control features bundled into your Router or Firewall.  The thing to be careful of if using your Router/Firewall is that these devices can become overwhelmed due to lack of horsepower.

6) Are you just Trying to Optimize the Bandwidth that you have, based on Well-Known Priorities?

Some context:

If you have a very static network load, with a finite well-defined set of  applications running through your enterprise, there are application shaping (Layer-7 shaping) products out there such as the Blue Coat PacketShaper,which uses deep packet inspection, that can be set up once to allocate different amounts bandwidth based on application.  If the PacketShaper is a bit too pricey, the Cymphonics product can also detect most common applications.

If  you are trying to optimize your bandwidth on a variable, wide-open plethora of applications, then you may find yourself with extremely high maintenance costs by using a Layer-7 application shaper. A generic behavior-based product such as the NetEqualizer will do the trick.

Update 2015

Note : We are seeing quite a bit of Encryption on  common applications. We strongly recommend avoiding layer 7 type devices for public Internet traffic as the accuracy is diminishing due to the fact that encrypted traffic is UN-classifieble , a heuristics based behavior based approach is advised

7) Make sure  what looks elegant on the cover does not have hidden costs by doing a little research on the Internet.

Yes this is an obvious one too, but lest you forget your due diligence!

Before purchasing any traffic shaping solution  you should try a simple internet search with well placed keywords to uncover objective opinions. Current testimonials supplied by the vendor are a good source of information, but only tell half the story. Current customers are always biased toward their decision sometimes in the face of ignoring a better solution.

If you are not familiar with this technology, nor have the in-house expertise to work with a traffic shaper, you may want to consider buying additional bandwidth as your solution.  In order to assess if this is a viable solution for you, we recommend you think about the following: How much bandwidth do you need ? What is the appropriate amount for your ISP or organization?  We actually dedicated a complete article to this question.

8) Are you a Windows Shop?  Do you expect a Microsoft-based solution due to your internal expertise?

With all respect to Microsoft and the strides they have made toward reliability in their server solutions, we believe that you should avoid a Windows-based product for any network routing or bandwidth control mission.

To be effective, a bandwidth control device must be placed such that all traffic is forced to pass through the device. For this reason, all manufacturers that we are aware of develop their network devices using a derivative of  Linux. Linux-based is based on Open Source, which means that an OEM can strip down the operating system to its simplest components.  The simpler operating system in your network device, the less that can go wrong.  However, with Windows the core OS source code is not available to third-party developers, hence an OEM may not always be able to track down serious bugs. This is not to say that bugs do not occur in Linux, they do, however the OEM can often get a patch out quickly.

For the Windows IT person trained on Windows, a well-designed networking device presents its interface via a standard web page.  Hence, a technician likely needs no specific Linux background.

9) Are you a CIO (or C level Executive) Looking to Automate and Reduce Costs ?

Bandwidth controllers can become a means to do cool things with a network.  Network Administrators can get caught up reading fancy reports, making daily changes, and interpreting results, which can become  extremely labor-intensive.  There is a price/benefit crossover point where a device can create more work (labor cost)  than bandwidth saved.  We have addressed this paradox in detail in a previous article.

10) Do you have  any Legal or Political Requirement to Maintain Logs or Show Detailed Reports to a Third-Party (i.e. management ,oversight committee, etc.)?

For example…

A government requirement to provide data wire taps dictated by CALEA?

Or a monthly report on employee Internet behavior?

Related article how to choose the right bandwidth management solution

Links to other bandwidth control products on the market.

Packet Shaper by Blue Coat

NetEqualizer ( my favorite)

Exinda

Riverbed

Exinda  Packet Shaper  and Riverbed tend to focus on the enterprise WAN optimization market.

Cymphonix

Cymphonix comes  from a background of detailed reporting.

Emerging Technologies

Very solid  product for bandwidth shaping.

Exinda

Exinda from Australia has really made a good run in the US market offering a good alternative to the incumbants.

Netlimiter

For those of you who are wed to Windows NetLimiter is your answer

Antamediabandwidth

Equalizing Compared to Application Shaping (Traditional Layer-7 “Deep Packet Inspection” Products)


Editor’s Note: (Updated with new material March 2012)  Since we first wrote this article, many customers have implemented the NetEqualizer not only to shape their Internet traffic, but also to shape their company WAN.  Additionally, concerns about DPI and loss of privacy have bubbled up. (Updated with new material September 2010)  Since we first published this article, “deep packet inspection”, also known as Application Shaping, has taken some serious industry hits with respect to US-based ISPs.   

==============================================================================================
Author’s Note: We often get asked how NetEqualizer compares to Packeteer (Bluecoat), NetEnforcer (Allot), Network Composer (Cymphonix), Exinda, and a plethora of other well-known companies that do Application Shaping (aka “packet shaping”, “deep packet inspection”, or “Layer-7” shaping).   After several years of these questions, and discussing different aspects with former and current application shaping with IT administrators, we’ve developed a response that should clarify the differences between NetEqualizer’s behavior- based approach and the rest of the pack.
We thought of putting our response into a short, bullet-by-bullet table format, but then decided that since this decision often involves tens of thousands of dollars, 15 minutes of education on the subject with content to support the bullet chart was in order.  If you want to skip the details, see our Summary Table at the end of this article

However, if you’re looking to really understand the differences, and to have the question answered as objectively as possible, please take a few minutes to read on…
==============================================================================================

How NetEqualizer compares to Bluecoat, Allot, Cymphonix, & Exinda

In the following sections, we will cover specifically when and where Application Shaping is used, how it can be used to your advantage, and also when it may not be a good option for what you are trying to accomplish.  We will also discuss how Equalizing, NetEqualizer’s behavior-based shaping, fits into the landscape of application shaping, and how in many cases Equalizing is a much better alternative.

Download the full article (PDF)  Equalizing Compared To Application Shaping White Paper

Read the rest of this entry »

Network World Blog missing the boat on Packeteer’s decline in revenue


The one thing bad about being a publicly traded company is that you cannot hide from your declining sales, in the following network world blog post and related comments ,the authors make some good points as to where and why they would choose Cisco Wan Optimization over Blue Coat and vice-versa. They also comment on all sorts of reasons why Blue Coat’s revenue in this area is declining , although they neglect one obvious reason.

Prices of bandwidth have fallen quite rapidly over the last 10 years. In some larger metro areas  Internet access runs for as little as $300 per month for 10 megabits. The same link 10 years ago would have run close to $5000 per month or more. Despite falling bandwdith prices,  WAN optimization solutions from the likes Blue Coat, Cisco and Riverbed, remain relatively high.  Many ptential WAN optimization customers will  simply upgrade  their bandwidth rather than invest in new optimization equipment.  You would think that vendors would lower their prices to compete, and they are to some degree; however the complexity of their core solutions requires a mimumum price floor.   The factors that create the price floor on equipment are related to, methodology  of the internal technology, and sales channel costs,  and unfortunately these fixed cost factors cannot keep pace with falling bandwidth prices .

Our prediction is that WAN optimization devices will  slowly become a commodity with automated reduced complexity. One measure of the current complexity is   all the acronyms being tossed around describing WAN optimization. The sales pitches filled with accronyms clearly corrolate that perhaps these devices are just too complicated for the market to continue to use. They will become turn key simple and lower cost or die. No player is bigger than the Market force of cheaper bandwith.

Related articles:

ROI calculation for packet shaping equipment

Does lower cost bandwidth foretell a decline in bandwidth shaper sales?

http://www.networkworld.com/community/comment/reply/46590

Why is NetEqualizer the low price leader in Bandwidth Control


Recently we have gotten feed back from customers that stating they almost did not consider the NetEqualizer because the price was so much less than solutions  from the likes of: Packeteer (Blue Coat), Allot NetEnforcer and Exinda.

Sometimes low price will raise a red flag on a purchase decision, especially when the price is an order of magnitude less than the competition.

Given this feed back we thought it would be a good idea to go over some of the major cost structure differences betwen APconnections maker of the NetEqualizer and some of the competition.

1) NetEqualizer’s are sold mostly direct by word of mouth. We do not have a traditional indirect sales channel.

– The down side for us as a company is that this does limit our reach a bit.  Many IT departments do not have the resources to seek out new products on their own, and are limited to only what is presented to them.

– The good news for all involved is selling direct takes quite a bit of cost out of delivering the product. Indirect  sales channels need to be incented to sell,  Often times they will steer the customer toward the highest commission product in their arsenal.  Our  direct channel eliminates this overhead.

-The other good thing about not using a sales channel is that when you talk to one of our direct (non commissioned) sales reps you can be sure that they are experts on the NetEqualizer. With a sales channel a sales rep often sells many different kinds of products and they can get rusty on some of the specifics.

2) We have bundled our Manufacturing with a company that also produces a popular fire wall. We also have a back source to manufacture our products at all times thus insuring a steady flow of product without the liability of a Manufacturing facility

3) We have never borrowed money to run Apconnections,

– this keeps us very stable and able to withstand market fluctuations

– there are no greedy investors calling the shots looking for a return and demanding higher prices

4) The NetEqualizer is simple and elegant

– Many products keep adding features to grow their market share we have a solution that works well but does not require constant current engineering

$1000 Discount Offered Through NetEqualizer Cash For Conversion Program


After witnessing the overwhelming popularity of the government’s Cash for Clunkers new car program, we’ve decided to offer a similar deal to potential NetEqualizer customers. Therefore, this week, we’re announcing the launch of our Cash for Conversion program.The program offers owners of select brands (see below) of network optimization technology a $1000 credit toward the list-price purchase of NetEqualizer NE2000-10 or higher models (click here for a full price list). All owners have to do is send us your old (working or not) or out of license bandwidth control technology. Products from the following manufacturers will be accepted:

  • Exinda
  • Packeteer/Blue Coat
  • Allot
  • Cymphonics
  • Procera

In addition to receiving the $1000 credit toward a NetEqualizer, program participants will also have the peace of mind of knowing that their old technology will be handled responsibly through refurbishment or electronics recycling programs.

Only the listed manufacturers’ products will qualify. Offer good through the Labor Day weekend (September 7, 2009). For more information, contact us at 303-997-1300 or admin@apconnections.net.

APconnections Announces 50-Percent-Off Sale of New NetEqualizer-Lite


Beginning May 26, all customers purchasing a full size NetEqualizer 2000/3000 model will qualify for a 50-percent discount on the NetEqualizer-Lite. In addition, the offer will be extended to all existing NetEqualizer users who will also be entitled to the 50-percent discount on their first NetEqualizer-Lite purchase. This offer is valid until June 30, 2009. Limit two per customer.

As well as offering users the same services available through previously released NetEqualizer models, the NetEqualizer-Lite is Power-over-Ethernet (PoE), handling up to 10 megabits of traffic and 200 users. Furthermore, the NetEqualizer-Lite also serves to solve hidden node issues without customers having to change their existing access points.*

Although the core technology behind the NetEqualizer has not changed, with the latest release price point, many ISPs and businesses are deploying the NetEqualizer-Lite closer to end users, often directly behind congested access points.

After just over a month in the field, NetEqualizer-Lite users are reporting they can now easily increase Internet subscribers by 30 to 50 percent at once congested towers and AP sites. For example, a customer with an 802.11b radio now has 100 subscribers on his network and is still running smoothly. In the past, this customer’s norm for saturation stood at roughly 20 users, but he is now enjoying a 500-percent increase after installing the NetEqualizer-Lite. This is translating into both higher revenues and a more satisfied customer base.

The NetEqualizer-Lite lists at $1499. In addition to the 50-percent discount, we are also currently offering volume discounts. Pricing information on all other NetEqualizer models is available online at http://www.netequalizer.com. For more information, please contact APconnections at 1-800-918-2763 or admin@apconnections.net.

*Hidden nodes are a problem frequently encountered by commercial wireless operators that has previously been solved using APconnections’ AirEqualizer technology. The NetEqualizer-Lite’s capability to offer similar solutions is simply one of the multiple benefits of the technology for administrators of networks of many different types and sizes.

NetEqualizer White Paper Comparison with Traditional Layer-7 (Deep Packet Inspection Products)


Updated with new reference material May 4th 2009

How NetEqualizer compares to Packeteer, Allot, Cymphonics, Exinda

We often get asked how NetEqualizer compares to Packeteer, Allot, Cymphonics, Exinda and a plethora of other well-known companies that do layer 7 application shaping (packet shaping). After several years of these questions, and discussing different aspects with former and current application shaping IT administrators, we’ve developed a response that should clarify the differences between NetEqualizers behavior based approach and the rest of the pack.

We thought of putting our response into a short, bullet-by-bullet table format, but then decided that since this decision often involves tens of thousands of dollars, 15 minutes of education on the subject with content to support the bullet chart was in order. If you want to see just the bullet chart, you can skip to the end now, but if you’re looking to have the question answered as objectively as possible, please take a few minutes to read on

In the following sections, we will cover specifically when and where application shaping (deep packet inspection) is used, how it can be used to your advantage, and also when it may not be a good option for what you are trying to accomplish. We will also discuss how the NetEqualizer and its behavior-based shaping fits into the landscape of application shaping, and how in some cases the NetEqualizer is a much better alternative.

First off, let’s discuss the accuracy of application shaping. To do this, we need to review the basic mechanics of how it works.

Application shaping is defined as the ability to identify traffic on your network by type and then set customized policies to control the flow rates for each particular type. For example, Citrix, AIM, Youtube, and BearShare are all applications that can be uniquely identified.

As you are likely aware, all traffic on the Internet travels around in what is called an IP packet. An IP packet can very simply be thought of as a string of characters moving from computer A to computer B. The string of characters is called the “payload,” much like the freight inside a railroad car. On the outside of this payload is the address where it is being sent. On the inside is the data/payload that is being transmitted. These two elements, the address and the payload, comprise the complete IP packet. In the case of different applications on the Internet, we would expect to see different kinds of payloads.

At the heart of all current application shaping products is special software that examines the content of Internet packets as they pass through the packet shaper. Through various pattern matching techniques, the packet shaper determines in real time what type of application a particular flow is. It then proceeds to take action to possibly restrict or allow the data based on a rule set designed by the system administrator.

For example, the popular peer-to-peer application Kazaa actually has the ASCII characters “Kazaa” appear in the payload, and hence a packet shaper can use this keyword to identify a Kazaa application. Seems simple enough, but suppose that somebody was downloading a Word document discussing the virtues of peer-to-peer and the title had the character string “Kazaa” in it. Well, it is very likely that this download would be identified as Kazaa and hence misclassified. After all, downloading a Word document from a Web server is not the same thing as the file sharing application Kazaa.

The other issue that constantly brings the accuracy of application shaping under fire is that some application writers find it in their best interest not be classified. In a mini arms race that plays out everyday across the world, some application developers are constantly changing their signature and some have gone as far as to encrypt their data entirely.

Yes, it is possible for the makers of application shapers to counter each move, and that is exactly what the top companies do, but it can take a heroic effort to keep pace. The constant engineering and upgrading required has an escalating cost factor. In the case of encrypted applications, the amount of CPU power required for decryption is quite intensive and impractical and other methods will be needed to identify encrypted p2p.

But, this is not to say that application shaping doesn’t work in all cases or provide some value. So, let’s break down where it has potential and where it may bring false promises. First off, the realities of what really happens when you deploy and depend on this technology need to be discussed.

Accuracy and False Positives

As of early 2003, we had a top engineer and executive join APConnections direct from a company that offered application shaping as one of their many value-added technologies. He had first hand knowledge from working with hundreds of customers who were big supporters of application shaping:

The application shaper his company offered could identify 90 percent of the spectrum of applications, which means they left 10 percent as unclassified. So, right off the bat, 10 percent of the traffic is unknown by the traffic shaper. Is this traffic important? Is it garbage that you can ignore? Well, there is no way to know with out any intelligence, so you are forced to let it go by without any restriction. Or, you could put one general rule over all of the traffic – perhaps limiting it to 1 megabit per second max, for example. Essentially, if your intention was 100-percent understanding and control of your network traffic, right out the gate you must compromise this standard.

In fairness, this 90-percent identification actually is an amazing number with regard to accuracy when you understand how daunting application shaping is. Regardless, there is still room for improvement.

So, that covers the admitted problem of unclassifiable traffic, but how accurate can a packet shaper be with the traffic it does claim to classify? Does it make mistakes? There really isn’t any reliable data on how often an application shaper will misidentify an application. To our knowledge, there is no independent consumer reporting company that has ever created a lab capable of generating several thousand different applications types with a mix of random traffic, and then took this mix and identified how often traffic was misclassified. Yes, there are trivial tests done one application at a time, but misclassification becomes more likely with real-world complex and diverse application mixes.

From our own testing of application technology freely available on the Internet, we discovered false positives can occur up to 25 percent of the time. A random FTP file download can be classified as something more specific. Obviously commercial packet shapers do not rely on the free technology in open source and they actually may improve on it. So, if we had to estimate based on our experience, perhaps 5 percent of Internet traffic will likely get misclassified. This brings our overall accuracy down to 85 percent (combining the traffic they don’t claim to classify with an estimated error rate for the traffic they do classify).

Constantly Evolving Traffic

Our sources say (mentioned above) that 70 percent of their customers that purchased application shaping equipment were using the equipment primarily as a reporting tool after one year. This means that they had stopped keeping up with shaping policies altogether and were just looking at the reports to understand their network (nothing proactive to change the traffic).

This is an interesting fact. From what we have seen, many people are just unable, or unwilling, to put in the time necessary to continuously update and change their application rules to keep up with the evolving traffic. The reason for the constant changing of rules is that with traditional application shaping you are dealing with a cunning and wise foe. For example, if you notice that there is a large contingent of users using Bittorrent and you put a rule in to quash that traffic, within perhaps days, those users will have moved on to something new: perhaps a new application or encrypted p2p. If you do not go back and reanalyze and reprogram your rule set, your packet shaper slowly becomes ineffective.

And finally lest we not forget that application shaping is considered by some to be a a violation of Net Neutrality.

When is application shaping the right solution?

There is a large set of businesses that use application shaping quite successfully along with other technologies. This area is WAN optimization. Thus far, we have discussed the issues with using an application shaper on the wide open Internet where the types and variations of traffic are unbounded. However, in a corporate environment with a finite set and type of traffic between offices, an application shaper can be set up and used with fantastic results.

There is also the political side to application shaping. It is human nature to want to see and control what takes place in your environment. Finding the best tool available to actually show what is on your network, and the ability to contain it, plays well with just about any CIO or IT director on the planet. An industry leading packet shaper brings visibility to your network and a pie chart showing 300 different kinds of traffic. Whether or not the tool is practical or accurate over time isn’t often brought into the buying decision. The decision to buy can usually be “intuitively” justified. By intuitively, we mean that it is easier to get approval for a tool that is simple to conceptually understand by a busy executive looking for a quick-fix solution.

As the cost of bandwidth continues to fall, the question becomes how much a CIO should spend to analyze a network. This is especially true when you consider that as the Internet expands, the complexity of shaping applications grows. As bandwidth prices drop, the cost of implementing such a product is either flat or increasing. In cases such as this, it often does not make sense to purchase a $15,000 bandwidth shaper to stave off a bandwidth upgrade that might cost an additional $200 a month.

What about the reporting aspects of an application shaper? Even if it can only accurately report 90 percent of the actual traffic, isn’t this useful data in itself?

Yes and no. Obviously analyzing 90 percent of the data on your network might be useful, but if you really look at what is going on, it is hard to feel like you have control or understanding of something that is so dynamic and changing. By the time you get a handle on what is happening, the system has likely changed. Unless you can take action in real time, the network usage trends (on a wide open Internet trunk) will vary from day to day.1 It turns out that the most useful information you can determine regarding your network is an overall usage patter for each individual. The goof-off employee/user will stick out like a sore thumb when you look at a simple usage report since the amount of data transferred can be 10-times the average for everybody else. The behavior is the indicator here, but the specific data types and applications will change from day to day and week to week

How does the NetEqualizer differ and what are its advantages and weaknesses?

First, we’ll summarize equalizing and behavior-based shaping. Overall, it is a simple concept. Equalizing is the art form of looking at the usage patterns on the network, and then when things get congested, robbing from the rich to give to the poor. Rather than writing hundreds of rules to specify allocations to specific traffic as in traditional application shaping, you can simply assume that large downloads are bad, short quick traffic is good, and be done with it.

This behavior-based approach usually mirrors what you would end up doing if you could see and identify all of the traffic on your network, but doesn’t require the labor and cost of classifying everything. Applications such as Web surfing, IM, short downloads, and voice all naturally receive higher priority while large downloads and p2p receive lower priority. This behavior-based shaping does not need to be updated constantly as applications change.

Trusting a heuristic solution such as NetEqualizer is not always an easy step. Oftentimes, customers are concerned with accidentally throttling important traffic that might not fit the NetEqualizer model, such as video. Although there are exceptions, it is rare for the network operator not to know about these potential issues in advance, and there are generally relatively few to consider. In fact, the only exception that we run into is video, and the NetEqualizer has a low level routine that easily allows you to give overriding priority to a specific server on your network, hence solving the problem.

Another key element in behavior-based shaping is connections. Equalizing takes care of instances of congestion caused by single-source bandwidth hogs. However, the other main cause of Internet gridlock (as well as bringing down routers and access points) is p2p and its propensity to open hundreds or perhaps thousands of connections to different sources on the Internet. Over the years, the NetEqualizer engineers have developed very specific algorithms to spot connection abuse and avert its side effects.

This overview, along with the summary table below, should give you a good idea of where the NetEqualizer stands in relation to packet shaping.

Summary Table

Application based shaping

  • good for static links where traffic patterns are constant

  • good for intuitive presentations makes sense and easy to explain to non technical people
  • detailed reporting by application type
  • not the best fit for wide open Internet trunks
    • costly to maintain in terms of licensing

    • high initial cost

    • constant labor to tune with changing application spectrum

    • expect approximately 15 percent of traffic to be unclassified

  • only a static snapshot of a changing spectrum may not be useful
  • false positives may show data incorrectly no easy way to confirm accuracy
  • violates Net Neutrality

Equalizing

  • not the best for dedicated WAN trunks

  • the most cost effective for shared Internet trunks
  • little or no recurring cost or labor
  • low entry cost
  • conceptual takes some getting used to
  • basic reporting by behavior used to stop abuse
  • handles encrypted p2p without modifications or upgrades
  • Supports Net Neutrality

1 The exception is a corporate WAN link with relatively static usage patterns.

Note: Since we first published this article, deep packet inspection also known as layer 7 shaping has taken some serious industry hits with respect to US based ISPs

Related articles:

Why is NetEqualizer the low price leader in bandwidth control

When is deep packet inspection a good thing?

NetEqualizer offers deep packet inspection comprimise.

Internet users attempt to thwart Deep Packet Inspection using encryption.

Why the controversy over deep Packet inspection?

World wide web founder denounces deep packet inspection

What NetEqualizer Users Are Saying (updated June 2009)


Editor’s Note: As NetEqualizer’s popularity has grown, more and more users have been sharing their experiences on message boards and listservs across the Internet. Just to give you an idea of what they’re saying, here a few of the reviews and discussion excerpts that have been posted online over the past several months…

Wade LeBeau — The Daily Journal Network Operations Manager

NetEqualizer is one of the most cost-effective management units on the market, and we found the unit easy to install—right out of the box. We made three setting changes to match our network using the web (browser) interface, connected the unit, and right away traffic shaping started, about 10minutes total setup time. The unit has two Ethernet ports…one port toward your user network, the other ports toward your broadband connection/server if applicable. A couple of simple clicks and you can see reporting live as it happens. In testing, we ran our unit for 30-days and saw our broadband reports stabilize and our users receiving the same slices of broadband access. With the NetEqualizer, there is no burden of extensive policies to manage….The NetEqualizer is a nice tool to add to any network of any size. Businesses can see how important the Internet is and how hungry users can be for information.

__________________________________________________________________________________________________

DSL Reports, April 2009

The Netequalizer has resulted in dramatically improved service to our customers. Most of the time, our customers are seeing their full bandwidth. The only time they don’t see it now is when they’re downloading big files. And, when they don’t see full performance, its only for the brief period that the AP is approaching saturation. The available bandwidth is re-evaluated every 2 seconds, so the throttling periods are often brief.

Bottom line to this is that we can deliver significantly more data through the same AP. The customers hitting web pages, checking e-mail, etc. virtually always see full bandwidth, and the hogs don’t impact these customers. Even the hogs see better performance (although that wasn’t one of my priorities).

__________________________________________________________________________________________________

Loyola University — Chicago

At Loyola University Chicago, we are on our 2nd iteration of the NetEqualizer. We used the product happily for a number of years when we had a T3. We upgraded our internet pipe to 100MB and after about 6 months we noticed 100% saturation and students complaining of slow internet for various applications. We knew then that we needed another NetEqualizer. Once we plugged the box in it started managing the bandwidth, our pipe has not been saturated since, and more importantly the complaints have ceased.

__________________________________________________________________________________________________

Alan Leech, Orlean Invest West Africa Limited, January 24, 2009

Gentlemen

We purchased 3 of your devices last year and I have to say we are very impressed by them.

They have matched our requirement perfectly and allow us to provide fair usage to our clients whilst reducing our overall OPEX.

You can be sure we will be purchasing in the future.

Alan Leech

__________________________________________________________________________________________________

Illinois Wesleyan Replaces Packeteer with NetEqualizer as Part of Bandwidth Upgrade, January 19, 2009

By tshort

Network Services has completed the Network Upgrade Project.  The Internet bandwidth available to the Campus was doubled from 45MBs (DS3) to 90MBs in December.  Along with the additional bandwidth, a new bandwidth sharing device call a NetEqualizer replaced the existing Packeteer.  The NetEqualizer uses bandwidth sharing fairness rules based on network usage to share bandwidth and balance the available bandwidth between all users.  The project made a dramatic improvement to Internet access for the campus community.

__________________________________________________________________________________________________

Chris Chamberlain, Oakland University in Detroit

Doug,

Because Netequalizer simply makes things fair, i.e. gives everyone on the link the same percentage of the bandwidth “pie” the netequalizer can handle any type of traffic, because it isn’t classifying anything.

Chris Chamberlain

Oakland University

>On Apr 30, 2008, at 4:42 PM, Green, Doug wrote:

>We are considering Netequalizer. They are claiming to be able to manage  encrypted BitTorrent. Can anyone verify this?

>Thank you,

>Doug Green

>Manager, Network Services & Security

>University of New Hampshire

>50 College Rd

__________________________________________________________________________________________________

Charlie Prothero, CIO, Keystone College

I have written on a couple of Educause lists about our experience with the Netequalizer, which has been invariably positive.  It’s a snap to set up and doesn’t require anywhere near the tuning effort that a Packeteer does.  For general Internet circuit coverage, I’m very pleased with it.

__________________________________________________________________________________________________

Ben Schworm, The Independent School Educators’ List, ISED-L

We just re-evaluated our systems after realizing that even with the Packetshaper in place, we’d need to increase the amount of bandwidth that we offer the community. First of all, the new Packetshaper hardware we’d need was going to cost $18,000. Second, over the 5 years that we’ve had the Packetshaper, we’ve seen its effectiveness decrease with the increased availability and academic usage of real-time streaming apps and the increasing amount of traffic that is classified as either pure web browsing traffic (whether it is or not) or “default”, the traffic class that catches all the other traffic that the Packetshaper can’t specifically identify. Furthermore, the Packetshaper can tend to be a pretty admin-intensive system to keep working effectively.

The NetEqualizer really only deals with end-user behavior in that it looks at the bandwidth that a given user is trying to utilize relative to what’s available and throttles “bad” users in order to try to maintain fair access to the bandwidth. It also throttles “bad” applications like P2P that open many connections to and from a given user. The box is nearly configuration and maintenance-free and costs a fraction of what the Packetshaper does.

__________________________________________________________________________________________________

Ed Loebach, UVMRESNET

I was asked to tell our experience with NetEqualizer. We purchased the box about 3 weeks into first semester when our old bandwidth control server died and support was not forthcoming from the company.

We put NetEqualizer in place and fired it up with little to no problem. For the first 5-6 hours it worked as we were told it would with NO configuration. After the first day we noticed problems with students exceeding the connection limits we set. We called the company and within 24 hours we had the configuration modified to the specific needs of our network and our bandwidth was under our control again.

In the last 4 months I have not had to make any additional changes to the configuration. In fact we have not even had the need to restart the box. The NetEqualizer box has some very good algorithms to have controlled our heavy bandwidth users with not adding significant network overhead to the rest of our low bandwidth users. Our students have seen an increase in bandwidth when they need it. The gamers are happy because the latency we used to have under our old bandwidth system has disappeared.

__________________________________________________________________________________________________

Douglas Hedges, EDUCAUSE Small College Constituent Group Listserv

We’ve dumped our Packeteer device about 18 mos. ago for a NetEqualizer. It has worked as advertised and has required virtually no maintenance after initial setup (which took just a few minutes as well). There are some good technical papers on their site (http://www.netequalizer.com) describing its operation and comparing it to other products. I believe they’re worth a read if you want to see if it’s a good fit for your campus. It sure was for ours.

__________________________________________________________________________________________________

Russ Leathe, EDUCAUSE Security Constituent Group Listserv

Gordon College switched from Packeteer to netEQ a while ago. It works flawlessly and our daily management of bandwidth decreased significantly.

They also have a CALEA probe.

__________________________________________________________________________________________________

Superdog, DSLReports.com

When you plug in the Neteq box, it doesn’t care about IP’s or what range it is on. You set the bandwidth maximum limit for whatever your pipe size is and then plug it inline between your core router and your first main switch and you are done…

…I love this unit and I can not say enough about it. With M0n0wall and Packetteer, you have to manually setup all of the rules in order for the units to be effective. After you spend a few hours getting them setup, it only takes the user/program 10 seconds to switch ports on you and that rule is then invalid and you need to go back and redo it.

This type of setup requires you to monitor your box constantly, creating even more work. The Neteq unit doesn’t need to know all of this. It just counts connections per user (A limit you set) and the amount of bandwidth each user consumes. If the bandwidth is there and no one else is using it, that person gets it. If they are running Limewire at full throttle and another user logs in and starts to surf the net?, that user gets full priority and their pages will load quickly while the Limewire download has delay added to their packets.

IMHO, using this unit is a no-brainer for any ISP. It is a hands off setup that really works.

__________________________________________________________________________________________________

Josh Heller, Sr. Network Analyst — Information Technology, Kutztown University

Our University started with PacketShapers, but also made an investment in NetEqualizer when we found the PacketShaper wasn’t completely doing the job. Today we use both products.

We have been pleased with NetEqualizer  as it does what it advertises – it makes a noticeable difference in congested network.

__________________________________________________________________________________________________

Nathan P. Hay, Network Engineer — Computer Services, Cedarville University

We switched from PacketShaper to NetEqualizer this summer.  NetEq is much simpler to manage and much cheaper.

__________________________________________________________________________________________________

George Flowers, Flint River Tech

We currently have the NE2000, and it works great!  No other product can do what the NetEqualizer does at a great price!

Where are the safe tech jobs ?


By Art Reisman, CTO, http://www.netequalizer.com

Art Reisman CTO www.netequalizer.com

Art Reisman

Article Type: Opinion

As the CEO of a small (yet growing) tech company in the current recession I often get calls from former colleagues working at larger corporations. Amidst their companies insincere rhetoric, inaction, and falling revenues, good people wait around wondering who will be next to get the ax.

The underlying problem at most of these companies is that they are continue to push products into a stagnant or declining market. The only way to have any relative security is to get on board with an industry or niche with solid growth potential.

So if your wondering where to turn for potential job security here are some tips that might help

Look for a company that is doing something with real value for society and not just jumping on the latest bandwagon.

1) Renewable energy is hot , and certainly a job in renewable energy is better than selling steam engines running off coal. Renewable energy, although here to stay is being over hyped . Right now the success of renewable energy is dependent on battery technology. Fossil fuels are nothing more than the Suns energy stored up and retrieved at will when needed. For renewable (wind, solar) energy is to compete easily with traditional fossil fuels we must come up with a clean effective battery to store energy. My advice seek out a company that specializes in battery technology and then help them make a difference.

2) Network and Internet Optimization

Internet Infrastructure companies are being forced by their stock holders to turn a profit. The days of free falling bandwidth contracts are slowing down, hence the new hot market will be companies with products that optimize internet bandwidth. Bandwidth control , WAN optimization and compression although not on the front pages, are areas of value and are holding their own in the recession. Some companies to look at , are

APconnection (NetEqualizer)

Packeteer

Allot

RiverBed

Exinda

3) Medical Technology,

From newer and better and MRI machines to prosthetics , Americans will spare no expense for anything that will make their lives more comfortable. So when will this party end and the associated demand for jobs in the Medical Industry flatten out?

Although I do not expect a crash in this field as we might have seen in other boom and bust industries, I do expect a slowdown. Every bubble has its end, and the Medical technology industry is due for a slow down. As consumers push back on medical care pricing, high end technology research will slow down. Still a better prospect than steam engines though.

4) Auto Industry

If you are entering into the field of Mechanical Engineering or electronics controls now would be a good time to focus on the Auto Industry. For the next 5 to 10 years I expect that auto makers will be looking for new innovative ideas in their engineering departments. They will also be looking for new talent. Don’t let the down turn discourage you this is an opportunity.

NetEqualizer Bandwidth Control Tech Seminar Video Highlights


Tech Seminar, Eastern Michigan University, January 27, 2009

This 10-minute clip was professionally produced January 27, 2009. It  gives a nice quick overview of how the NetEqualizer does bandwidth control while providing priority for VoIP and video.

The video specifically covers:

1) Basic traffic shaping technology and NetEqualizer’s behavior-based methods

2) Internet congestion and gridlock avoidance on a network

3) How peer-to-peer file sharing operates

4) How to counter the effects of peer-to-peer file sharing

5) Providing QoS and priority for voice and video on a network

6) A short comparison by a user (a university admin) who prefers NetEqualizer to layer-7 deep packet inspection techniques

Will the New UDP-based Bittorrent Thwart Traffic Shaping?


A customer asked us today how the newer Bittorrent methods using UDP will affect our ability to keep traffic in check. Here is our first take on this subject (See the related article “Bittorrent declares war on VoIP, gamers”).

The change from TCP to UDP transfer will have some effect on our methods to throttle bandwidth, however, at
the IP level there is no difference between the two and we have never based our shaping techniques on whether packets were UDP or TCP. The ISP mentioned in the  article mentioned above likely uses TCP window-size manipulation to slow downloads. You can’t do that with UDP, and I think that is what the author was eluding to.

The only difference for the NetEqualizer will be that UDP streams are harder to knock down, so it may require a tuning change if it is really an issue. By this, I mean we may have to hit them harder with more latency than our standard defaults when throttling packets.

On a side note, we are seeing some interesting trends with regard to Bittorrent.

When looking at our customer networks, we are just not seeing the same levels of Bittorrent that we have seen in the past  (circa 2006).

We believe the drop is due to a couple of factors:

1)  The RIAA’s enforcement — The high school and university crowd has been sufficiently spanked with copyright prosecutions. Most people now think twice about downloading copyrighted material.

2) Legal alternatives — The popularity of online purchase music  sites has replaced some of the illegal transfers (These also take up bandwidth, but they are not distributed by bittorrent).

The recent trends do not mean that bittorrent is going away, but rather that viable alternatives are emerging.  However, while legal distribution of content is here to stay and will likely grow over time, we do not expect an explosion that will completely replace bittorrent.

One Gigabit NetEqualizer Announced Today


Editors Note: We expect to go higher than 1 gigabit and 12,000 users in the near future. This is just a start.

APconnections Announces Fully Equipped One-Gigabit NetEqualizer Traffic Shaper for $8500

LAFAYETTE, Colo., Nov. 7/PRNewswire/ — APconnections, a leading supplier of plug-and-play bandwidth shaping products, today announced a one-gigabit enhancement to their NetEqualizer brand traffic shapers. The initial release will handle 12,000 users and sustained line speeds of one gigabit.

“Prior to this release, our largest model, the NE-3000 was rated for 350 megabits,” said Eli Riles, APconnections vice president of sales. “Many of our current customers liked our technology, but just needed a higher end machine.The other good news is that our current NE-3000 platform will be able to run this new version with just a software upgrade, no forklift required.”

Future releases are in the works for even higher speeds and more users, thus solidifying APConnections as the price-performance leader in the WAN optimization market place.

In its initial release, the one-gigabit model will start at $8,500 USD. For more information, contact APconnections at 1-800-918-2763 or via email at sales@netequalizer.com.

The NetEqualizer is a plug-and-play bandwidth control and WAN/Internet optimization appliance that is flexible and scalable. When the network is congested, NetEqualizer’s unique “behavior shaping” technology
gives priority to latency-sensitive applications, such as VoIP and email. Behavior based shaping is the industry alternative to Deep Packet Inspection (DPI). It does it all dynamically and automatically, improving on other bandwidth shaping technology available.

APconnections is a privately held company founded in 2003 and is based in Lafayette, Colorado.

Contact: APconnections, 1-800-918-2763

NetEqualizer the Safe Bet for Optimizing Internet Link During Economic Downturn


We just announced a record profit for the quarter ending September 2008. I have included a copy of that announcement below.

Although we do not believe (or want to see) our success come at the expense of other players in the market, there is a strong contrast if you compare our performance to the higher-cost publicly-traded players in this market (see charts below).

I suspect these high-end shapers with expensive sales channels  may have trouble in this slowing market as they come under price pressure. IT departments continue to cut costs and the main play  of optimization products, reducing  ROI,  will lose some luster as Internet costs slowly fall. At some point, a high-end piece of equipment will lose out to adding more bandwidth.

NetEqualizer, on the other hand, is priced so much lower than these other products that our window of value will extend out at least another 10 years — perhaps more.

Although we are private company, we would be happy to share financials under NDA with any customer that has concerns going forward.  We have plenty of operating cash on hand and will likely expand as we pull out of this downturn and customers continue to look to reduce costs.

Stock charts for major players in the Internet/WAN optimization market

http://finance.yahoo.com/q/bc?s=RVBD&t=1y

http://finance.yahoo.com/q/bc?s=ALLT&t=2y&l=on&z=m&q=l&c=

http://finance.yahoo.com/q/bc?s=BCSI&t=1y&l=on&z=m&q=l&c=

Now, here’s our latest press release reporting profits…

———————————————————-

APconnections Announces 50-percent Increase in Profits During Current Quarter

LAFAYETTE, Colo., Sept. 22, 2008 — APconnections, a leading supplier of plug-and-play bandwidth shaping products, today announced that sales revenues have increased by 50 percent during the current quarter.

Company officials report that APconnections is finding that a growing number of ISPs, businesses, libraries, and universities are looking to the NetEqualizer to solve their Internet bandwidth congestion issues, oftentimes switching from more expensive traffic shaping solutions.

As companies deal with the ongoing economic struggles that have hit the nation, the NetEqualizer’s rare combination of effectiveness and affordability has been a major factor fueling this growth.

Other factors driving the upturn are:

  1. Comcast has adopted a similar fairness-based strategy to solve Internet congestion issues, thus validating APconnections’ long-held belief that deep packet inspection is on its way out. (See APconnections’ previous announcements on net neutrality: http://www.netequalizer.com)
  2. Direct sales and support for 90 percent of their customers, thus reducing the overall cost of sales.
  3. Simple turnkey set-up allowing new customer installations to require only one hour of support.

The NetEqualizer is a plug-and-play bandwidth control and WAN/Internet optimization appliance that is flexible and scalable. When the network is congested, NetEqualizer’s unique “behavior shaping” technology gives priority to latency sensitive applications, such as VoIP and email. It does it all dynamically and automatically, improving on other bandwidth shaping technology out there. It controls network flow for the best WAN optimization.

APconnections is a privately held company founded in 2003 and is based in Lafayette, Colorado.

QoS on the Internet — Can Class of Service Be Guaranteed?


Most quality of service (QoS) schemes today are implemented to give priority to voice or video data running in common over a data circuit. The trick used to ensure that certain types of data receive priority over others makes use of a type of service (TOS) bit. Simply put, this is just a special flag inside of an Internet packet that can be a 1 or a 0, with a 1 implying priority while a 0 implies normal treatment.

In order for the TOS bit scheme to work correctly, all routers along a path need to be aware of it. In a self-contained corporate network, an organization usually controls all routers along the data path and makes sure that this recognition occurs. For example, a multinational organization with a VoIP system most likely purchases dedicated links through a global provider like ATT. In this scenario, the company can configure all of their routers to give priority to QoS tagged traffic, and this will prevent something like a print server file from degrading an interoffice VoIP call.

However, this can be a very expensive process and may not be available to smaller businesses and organizations that do not have their own dedicated links. In any place where many customers share an Internet link which is not the nailed up point-to-point that you’d find within a corporate network, there is contention for resources. In these cases, guaranteeing class of service is more difficult. So, this begs the question, “How can you set a QoS bit and prioritize traffic on such a link?”

In general, the answer is that you can’t.

The reason is quite simple. Your provider to the Internet cloud — Time Warner, Comcast, Qwest, etc. — most likely does not look at or support TOS bits. You can set them if you want, but they will probably be ignored. There are exceptions to this rule, however, but your voice traffic traveling over the Internet cloud will in all likelihood get the same treatment as all other traffic.

The good news is that most providers have plenty of bandwidth on their backbones and your third party voice service such as Skype will be fine. I personally use a PBX in the sky called Aptela from my home office. It works fine until my son starts watching YouTube videos and then all of a sudden my calls get choppy.

The bottle neck for this type of outage is not your provider’s backbone, but rather the limited link coming into your office or your home. The easiest way to ensure that your Skype call does not crash is to self-regulate the use of other bandwidth intensive Internet services.

Considering all of this, NetEqualizer customers often ask, “How does the NetEqualizer/AirEqualizer do priority QOS?”

It is a very unique technology, but the answer is also very simple. First, you need to clear your head about the way QoS is typically done in the Cisco™ model using bit tagging and such.

In its default mode, the NetEqualizer/AirEqualizer treats all of your standard traffic as one big pool. When your network is busy, it constantly readjusts bandwidth allocation for users automatically. It does this by temporarily limiting the amount of bandwidth a large download (such as that often found with p2p file sharing) might be using in order to ensure greater response times for e-mail, chat, Web browsing, VoIP, and other everyday online activities.

So, essentially, the NetEqualizer/AirEqualizer is already providing one level of QoS in the default setup. However, users have the option of giving certain applications priority over others.

For example, when you tell the NetEqualizer/AirEqualizer to give specific priority to your video server, it automatically squeezes all the other users into a smaller pool and leaves the video server traffic alone. In essence, this reserves bandwidth for the video server at a higher priority than all of the generic users. When the video stream is not active, the generic data users are allowed to utilize more bandwidth, including that which had been preserved for video. Once the settings are in place, all of this is done automatically and in real time. The same could be done with VoIP and other priority applications.

In most cases, the only users that even realize this process is taking place are those who are running the non-prioritized applications that have typically slowed your network. For everyone else, it’s business as usual. So, as mentioned, QoS over the NetEqualizer/AirEqualizer is ultimately a very simple process, but also very effective. And, it’s all done without controversial bit tagging and deep packet inspection!

NetEqualizer Gains Traction against Competition in Australia


In a recent discussion on how and where to deploy a NetEqualizer Stephan Wickham, Product Marketing Manager for KeyTrust (keytrust.com.au), had the following astounding revelation:

“My view is to try NetEqualizer and see how it works – I would then only apply a more expensive solution in instances that require special features or functionality not available with NetEqualizer. I believe this approach is the most practical. I also don’t believe that identifying and reporting on 100s of application types as performed by other products on the market serves much purpose. It would be like trying to manage freeway traffic flow by the identifying vehicle types and then reserving lanes per type. NetEqualizer works more like identifying a gang riding Harleys disrupting traffic and turns them into nice people riding Vespa scooters going with the flow.”

<span>%d</span> bloggers like this: