Recently, Exinda, a private vendor of WAN optimization products focusing primarily on delivering network visibility and quality of service (QoS), announced that it has won Red Herring's 2012 Top 100 Global award. The honor underscores that the category is growing and big enough to sustain an ecosystem of diverse players.


Red Herring’s assessment puts criteria, such as financial performance, technology innovation, management quality, strategy, and market penetration into their equation. We can’t really chime in on anything apart from Exinda’s “technology innovation,” so why not take a look under the hood: besides, if an online magazine can do it, so can we.


First, a quick primer on WAN performance.


Poor WAN performance is not only a result of network congestion and insufficient bandwidth, but is also caused by the combination of high network latency and chatty protocol behavior exhibited by many applications. When taking place over a LAN, these chatty conversations have no noticeable impact on performance because the transmission latency in a LAN is near zero. However, over a wide-area link with latency in the dozens of milliseconds, these multiple round-trips potentially become the primary barrier to achieving adequate performance.


To accelerate WAN environments, WAN optimization devices must have layer-7 application-specific optimization capabilities. Without it, applications that exhibit chatty protocol behavior will experience very slow performance when accessing data over the WAN, regardless of the amount of compression and data elimination achieved by the WAN optimization device. Layer-7 capabilities are also important to address encryption or special data encoding that many applications perform on their data. Without this capability, compression and data deduplication mechanisms designed to eliminate redundant data are ineffective.


Exinda’s ability to address latency, protocol chattiness, and data encoding issues is limited to just to a few protocols and some specific use cases.


To address chatty application protocol behavior, Steelhead appliances provide protocol-specific optimizations for CIFS, NFS, Microsoft Exchange, Lotus Notes, MS-SQL, HTTP, and HTTPS. By using knowledge of inefficient behavior in each of these protocols, Steelhead is able to reduce the number of round-trips in client-server operations. Customers get the ability to address protocol inefficiencies for the widest range of different application protocols, thereby delivering LAN-like performance over the WAN for the greatest number of different applications.


Exinda has added the ability to decrypt SSL traffic; nevertheless they have not added any accompanying ability to address latency and protocol chattiness-related performance issues that commonly occur when HTTP is carried over SSL. In contrast, Steelhead appliances can not only “look inside” HTTPS encrypted traffic and deliver disk-based data reduction, but also provide relief from latency and protocol chattiness issues through sophisticated HTTP-specific layer-7 acceleration mechanisms.


Furthermore, many applications such as Citrix ICA, Exchange, Lotus Notes, and Oracle 11i and 12 (including both Sun JRE and Oracle Jinitiator clients) perform an application-specific encoding and/or compression of the data. Here again, Exinda’s compression technology delivers poor results because the data is either already compressed or scrambled through the application’s proprietary data encoding format. But this is not an issue for Steelhead appliances, which are able to address the encoding and/or compression of data performed by the application. For each of these applications (Citrix ICA, Exchange, Lotus Notes, and Oracle E-Business Suite), Steelhead is able to undo the compression and/or encoding mechanism so that SDR deduplication algorithms can be applied directly on the original clear-text format of the data.


Exinda claims they will handle MAPI based on generic compression and TCP improvement. But without any MAPI-specific latency optimization, improvments will be extremely limited. Worse, because Exchange uses a proprietary encryption scheme that is not understood by Exinda, Exinda must ask customers to explicitly turn off both native compression and encryption on their Microsoft servers if they want to achieve meaningful optimization.


A realistic assessment is that Exinda does not support optimizing Exchange as deployed according to Microsoft recommended best practices. In contrast, Steelhead can support the optimization of encrypted Exchange traffic, even with end-to-end Kerberos authentication. Steelhead is also the only solution that offers true protocol-specific latency optimization of Outlook Anywhere (RPC over SSL).


Similarly, Exinda claims that it supports CIFS acceleration. However, the company is unable to support full acceleration of CIFS traffic when it is signed. Unlike Exinda, Riverbed’s CIFS optimization works even when the client has signing set to ‘Required’ – a setting that is mandated by US Federal specifications and other security-focused customers.


The following table provides a comparison of available application-specific optimization capabilities:

Screen Shot 2012-12-10 at 5.09.32 PM.png

Exinda faces continued challenges in the future in keeping up with Riverbed and other large competitors, and it appears to lack the engineering resources needed to introduce and update layer-7 application-specific features and capabilities. Unlike what Exinda claims, end-user quality of experience is either good or bad. It can't be "good enough." Riverbed is committed to excellent end-user experience by fully mitigating all the constraints of the WAN.

(Technical analysis by Frank Lyonnet, Technical Leader, Office of the CTO)