Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Warding off WAN Gridlock: Page 5 of 21

One of the PacketShaper's coolest features is dynamic subpartitions. You can create a separate partition for every IP address or subnet encountered, from the inside or outside, automatically. We created a subpartition on the inbound class and said all inbound traffic could get only 1 Mbps. When we ran an FTP transfer and Web traffic on the same machine, combined we got only 1 Mbps. Allot's device has a similar feature but requires that you first create a list of IP addresses; Packeteer's capability is completely automated. You also can create dynamic partitions per protocol.

Report creation is straightforward but has room for improvement. Reports on classes and protocols are created from one part of the GUI, and network reports (such as throughput or retransmits) are created from another location. We would like to see these combined. In addition, we could not create graphs of live data, something Allot's product offers, but instead we looked at 1-minute historical charts. This requires you to refresh each graph manually. It's not a big functionality loss, but it is inconvenient.

PacketShaper 4500, $16,000. Packeteer, (408) 873-4400. www.packeteer.com

Allot Communications NetEnforcer AC-302 4.2.2 | Sitara Networks QoSWorks QWX-10000 | Lightspeed Systems Total Traffic Control 3.0 | Radware FireProof SynApps 2.51

Allot Communications NetEnforcer AC-302 4.2.2

The 1U rackmount Allot box didn't wow us as much as the Packeteer device did, but it did finish a respectable second place. Configurable from the command line or through a Web browser via a Java applet, the management interface is the best of the rest but not nearly as simple as Packeteer's. This box comes with two 10/100 Ethernet ports and an extra Ethernet port that can be used for management only. This lets you manage from a separate management network instead of the LAN side. There are no expansion modules available for this unit.

Setting policies in NetEnforcer is easy, but seeing the relationships between policies can be difficult. This is because the QoS controls, such as maximum and minimum bandwidth, are not shown in the same window as the policy editor. On the other hand, it is easy to create policies that apply to multiple rules. For example, we created a policy called "2Mb max," which set a limit of 2 Mbps per connection. We were then able to apply that policy to HTTP, FTP and any other protocol. If we later changed the limit to 3 Mbps, it would be updated for all these protocols automatically and at once.

NetEnforcer also features an automated host-list generator, in case you want a host created for every IP address in your network. Hosts can be grouped, and policies can be applied to the groups. This capability can work for networks that have dynamic IP addresses so long as you include the entire DHCP pool in a group.