Solution Centre Ltd

Site menu:

Welcome | Services | Solutions | Products | About us     | 01256 818600 |

Crescendo Multi-tier Application Acceleration

 

Overview

Using specialised HARDWARE, Crescendo's Maestro Application Acceleration Delivery Platform provides stunning performance whether a single function is enabled or all functions enabled concurrently.

Whether external web sites, or webified applications, such as Oracle, PeopleSoft, Siebel, Outlook Web Access, iNotes, etc. Maestro delivers screaming performance.

Features

• TCP Termination and Offload
• Data Compression
• Server Load Balancing
• SSL Offload and Acceleration

TCP Termination and Offload

As the demand for web application delivery grows, servers are forced to deal with a growing user community. Along with this comes the burden of having to deal with the overhead caused by the increasing users. Performing tasks such as SSL or compression are often seen as application overhead that can be offloaded with specialised appliances such as Crescendo's Maestro Platform. However, we cannot ignore the burden that TCP, the underlying transport protocol of all web traffic, places on servers.

TCP is not the most efficient protocols for web delivery. Server stacks were never intended to be exposed to a large volume of relatively short-lived TCP connections. As a result, servers have significant problems dealing with WAN-facing TCP connections in volume. Traditionally, when it comes to handling TCP connections, standard server TCP stacks have 3 major pain points:

• Handling a large number of TCP connection setups and teardowns
• Handling a large number of simultaneous TCP connections
• Dealing with WAN-based connections that are subject to delays, drops, retransmission, and congestion

Maestro's purpose-built hardware architecture has been built from the ground up to deal with these pain points and relieve the servers from the TCP overhead. Maestro terminates and owns all TCP connections from the clients. By being the termination point of all client connections, Maestro has full application visibility and inherently operates at L7, internally. Additionally, since Maestro has dedicated hardware components built from the ground up to deal with client connections, its very nature allows it to optimise client-side TCP handling. Maestro also initiates and owns a smaller number of long lasting TCP connections with the servers. All user requests are, therefore, received through the large number of client connections and then sent to the servers over a small number of server-side connections (a process called TCP multiplexing, or TCP pooling, or Connection Consolidation, among others). This process releases the servers from the TCP overhead fully:

• Since the server-side connections are very long-lasting, there is no longer an issue with a large number of connection setups and teardowns
• Since there are only a few optimised back-end connections, there is no longer an issue with the server maintaining a large number of connections
• Servers are no longer exposed to client-side connections and no longer have to deal with the inefficiencies of WAN-based TCP connections

The core of Maestro's TCP offload functionality is Crescendo's Short-Lived Transaction (SLT^(TM)) technology. SLT^(TM) has three main components that work together to provide the relevant services for the network:

• Connection Management Algorithm: Server-side connections are managed through a set of advanced algorithms that provide an optimal approach to Connection Consolidation. These optimised connections operate at maximum LAN speeds and take into account factors such request type to facilitate transaction processing.
• Request Processing Algorithm: As a session terminating intermediary, Maestro is responsible for terminating client connections, processing the requests that these connections carry, and then delivering them to the server over existing, or new, server-side connections. SLT^(TM) optimises this process by providing the appropriate buffering for both requests and responses.
• Response Optimisation: By completely shielding the server from network and client issues, Maestro creates a highly optimised environment for servers. Servers deal with fewer connections and can transmit responses to the network at maximum throughput, essentially believing that all clients are on the same LAN. Objects are served as quickly as possible, allowing the server to quickly move on to the next request to be processed.

Maestro's purpose-built hardware-based platform uses SLT^(TM) and its TCP offloading functionality as one of the fundamental elements in delivering and optimising/accelerating applications at multi-gigabit speeds. All Maestro functionality (such as load balancing, SSL offload, and compression) are tightly integrated with these core TCP functionalities, allowing its benefits to reach across any application need. The distributed design of the architecture allows it to deliver all functionality concurrently with no performance degradation, providing maximum benefit to the application.

Data Compression

Today's web applications employ a number of different types of content. When a client (i.e. browser) connects to a web application, it can request various types of objects from the server; ranging from simple text-based files to images and even application executables. Depending on the richness of the application and its user interface, a variety of these file types can be used. The problem with some of these file types is that they're often unnecessarily large. For example, some of the text-based files commonly used in many web applications can grow to a large size depending on the embedded code. HTML, for instance, is a rich language often requiring multiple arguments for displaying a single piece of text.

Using these files in web applications causes two problems for its users. First, larger objects take longer to transmit. Clients, especially those with limited bandwidth (e.g. dialup) will suffer in their application experience because these files take time to traverse the network. These longer download times will make the application appear unresponsive and unusable to these clients. Second, larger objects take more bandwidth. As the number of users of an application increases, transmitting the large objects will cause an increase in overall bandwidth consumption for the application. This may lead to higher bandwidth costs for an application that tries to keep up with increasing user demands.

Content compression is an effective way of addressing these problems. Today, all popular browsers support compression and give the application the option to serve content compressed. The problem is that the process causes extra burden for the server(s) responsible for this task. In today's highly dynamic web applications, with ever changing content, objects would have to be compressed as they're about to be served. Even if pre-compressing files was an option, the server would still have to allocate resources for the task; not to mention the extra storage necessary to hold both compressed and non-compressed versions of all objects in order to support clients that cannot handle compressed content.

Maestro's server offloading and acceleration functionality includes a completely hardware-based and extremely powerful compression module. When fronting a web application, Maestro can compress content in transit from the application to its clients. This is a vital service because it offloads the server optimises the application, and dramatically improve the user experience. By offering content compression Maestro helps that application in three ways:

• Compression reduces the size of the web objects as they traverse the network towards the clients. This significantly reduces the client response time and, as a result, improves the quality of the user experience.
• The overall bandwidth consumption for the application is reduced; a byproduct that is vital for applications with limited outbound bandwidth. This will lead to lower bandwidth costs for the application, as well as higher amounts of available bandwidth to accommodate spikes in user traffic.
• The servers are relieved of performing this important task on their own. This way, the servers can focus their processing power on the application itself and not the associated overhead. The end result is significant optimisation for both the application and its users.

Maestro's powerful, hardware-based compression functionality is enabled by a dedicated module that performs all compression tasks inline, as objects traverse through the system. Compression is performed at speeds up to 1Gbps, in real time, and with zero latency. Gzip and Deflate compression algorithms are supported for full compliance with standard browsers. Compression is also fully integrated with all other functionality in the system, capable of operating alongside features such as load balancing and SSL offload. All acceleration and optimisation functions can function concurrently with no function hampering the performance of another. The compression module is an important part of Maestro's hardware-based distributed architecture that allows it to optimise and accelerate applications at multi-gigabit speeds, with all features concurrently enabled.

Server Load Balancing

Today's web applications are consistently deployed in multi-server environments for two primary reasons: scalability and fault tolerance. Having multiple servers allows an application to grow with user demand while protecting itself from the failure of any single element. However, users still need only a single target address (e.g. URL or IP address) for an application, which is a complication when the application is made up of multiple physical machines. Load balancing technology in network hardware is the most optimal way to address these needs. As a technology, load balancing has come a long way. What used to be simply directing TCP connections to servers has evolved into logic that can make decisions based on Layer 7 information, account for client persistency, employ advanced algorithms for picking a server, and recognise server failure at the application layers. Crescendo's Maestro Platform is a natural point in the network for deploying server load balancing logic. Maestro front-ends servers and has full visibility into the request/response chain, thus controlling the delivery of all user requests and the subsequent server responses. Since it maintains optimised TCP connections with each of the servers, load balancing logic is a natural extension of its capabilities. Actually, the fact that Maestro inherently operates at the HTTP level, makes it a better candidate for load balancing than a switch or router that intrinsically operates at Layers 3 or 4. Maestro's inherent Layer 7 functionality allows it to perform all essential load balancing tasks, including:

• Checking server health at the application layer and providing fault tolerance
• Load balancing and cluster selection based on L7 information, such as URL, file type, or various headers
• Server selection can be made by simple round robin or by choosing the server with the least number of pending requests. Maestro is capable of doing this because it has full control and knowledge of each request and the subsequent server response, fully aware of actual request load on each server – something that traditional load balancers are incapable of doing
• Stronger servers can receive more client requests than weaker ones
• Client persistency is supported by either IP address or HTTP cookie

Maestro's comprehensive load balancing feature set is fully integrated with all of its application optimisation and server offload functionality. Load balancing can be used together with SSL offload or content compression, for example, while still being able to use all the TCP optimisation functionality of the device, such as connection consolidation and request/response buffering. Load balancing rules can also be applied to secure requests, whether they're sent to the server via plain HTTP or SSL. Additionally, because all services are handled in dedicated, task-specific hardware modules, multiple services can be enabled at once with no effect on Maestro's performance or functionality. This allows Maestro to perform all functions concurrently and optimise and accelerate applications at multi-gigabit speeds.

SSL Offload and Acceleration

Security is a vital component in today's web applications as more and more sensitive information is transmitted between clients and servers. Today's web applications primarily use the Secure Sockets Layer (SSL) protocol, which can ensure privacy by encrypting traffic between clients and servers. SSL uses a process-intensive symmetric cryptography algorithm for session setup, using private/public key pairs. After the session is established, symmetric cryptography algorithms are used for actual bulk data transmission. The problem with SSL communications is its extreme use of a server's processing resources. Public key cryptography is a major burden on a server's CPU, especially when it has to deal with a large number of clients trying to negotiate security schemes. This is compounded by the fact that relatively large cryptographic keys must be used when dealing with a public network, such as the Internet, to prevent information hijacking by malicious users. Typical servers can deal with SSL connections only at a small fraction of what they can handle in non-secure traffic. Although the asymmetric phase of an SSL session presents the major burden to a server, the symmetric encryption used in actual bulk data transfer is also a pain point. Encryption/decryption must be performed by the server for every object carried over a secure session. This presents an additional amount of overhead for the server when dealing with secure connections. Maestro's server offloading functionality includes an SSL acceleration and offload module. When fronting a server farm, Maestro is capable of handing all secure transaction processing, significantly reducing the server overhead while still maintaining an application's security and privacy policies. The server no longer has to deal with the large number of secure connection setups or the bulk encryption/decryption performed on the data traversing those connections, allowing it to focus its resources on the application itself. Maestro's SSL functionality is enabled by a dedicated module that performs all phases of secure communications purely in hardware, including secure session setup and bulk data transfer. The module operates independently from the rest of the system, through dedicated hardware and memory, allowing Maestro to scale significantly in both phases of SSL communications. SSL acceleration and offload is supported in two modes:

• Client-side only: Maestro terminates all SSL connections and communicates with the clients securely, receiving requests and delivering responses to them over the secure sessions. On the server side, Maestro communicates with the server via clear-text HTTP. The servers are not exposed to any of the SSL sessions and are thus totally shielded from any SSL overhead.
• Client-side and server-side: Certain sensitive applications require end-to-end security. In addition to communicating with the clients via SSL, Maestro also has the option of communicating with the servers over back-end SSL sessions. The back-end sessions will use longer lasting sessions and lighter cryptographic keys. This minimises the impact of secure session processing for the server content deliver from the client all the way to the server, and vice versa.

Maestro's SSL acceleration and offload capabilities are fully integrated with all other features on the platform, such as load balancing, TCP offload, and content compression. All functions can operate together (for example, content-based load balancing can occur over SSL sessions, while the responses are compressed before being sent to the client). The SSL module is also part of the fully distributed architecture of the Maestro Platform, allowing it to function concurrently with all other features without any impact to the performance of other features or the platform as a whole. This design and feature concurrency is a crucial enabler in Maestro's ability for multi-gigabit application delivery, optimisation, and acceleration.

Other architecture highlights:

• All functions, including TCP termination/offload/acceleration, load balancing, compression, and SSL offload are performed by dedicated hardware
• Dedicated memory is allocated to each component so there is no memory shared between tasks
• A totally hardware-based compression engine performs compression up to 1Gbps, inline, with zero latency The Use of programmable components allows new features to be added via software upgrades, rather than component replacement
• The platform is designed to provide maximum scale, while remaining flexible. This creates a robust, hardware-based platform with hardware performance and software flexibility.

Maestro's distributed, hardware-based platform not only delivers maximum speed but provides an architecture that allows features to be enabled concurrently without any performance penalties. This Feature Concurrency is unattainable with standard appliance designs that use a central processing/memory pool for all functions.

...Application Layer Processing

...Flash Overview (opens in new window)

...Maestro Datasheet

 
Other Products in this category:
|
 

Top
 

Our Products:

Storage | Acceleration | Compliance & ITIL | Virtualisation | Network | Communications | Management | All Products

Copyright © 2001-2008 Solution Centre Ltd. All rights reserved.
www.solutioncentre.co.uk | Tel: 01256 818600
Policies & Terms