Wide Area File Services

With wide area file services, your remote users can access a central data center as if it were local. We tested three applications that speed data to wherever your users

April 20, 2006

15 Min Read
Network Computing logo

Wide area file services let your remote users access centralized data as if it were local, while accelerating the speed at which those drives--and the data on them--can be accessed. Remote users can get at that data even over low-bandwidth, high-latency lines, letting your team pull file servers out of branch offices and letting remote offices share data with corporate headquarters more easily. Most important, WAFS provide lightening-fast file access.

We tested three WAFS devices--from Expand Networks, Juniper Networks and Tacit Networks--in our NWC Inc. business applications lab in Green Bay, Wis., and evaluated how well they hastened our access to critical files in the data center (see "How We Tested Wide Area File Services" ). We also spent time in the lab with Signiant Software's product, only to determine it was not a good fit for this review.

Test Setup

All WAFS products require two appliances: one on the client side and one on the server side. In addition to performing decompression and caching, the client side box compresses data on its way to the data center. The products we tested use two different architectures (see diagram below for a comparison of setups). Juniper and Expand support an inline implementation that lets you set up a route through the two boxes to get to data. This way all traffic between the sites is cached, routed and accelerated automatically. The appliances typically come in two sizes: The smaller units emphasize low cost and is intended for remote offices, while the larger is built for performance and is intended for a data center installation.

With the second architecture, supported by all three vendors, you can put the appliances on the respective networks (one remote, one local), but not directly in the data path. The devices are configured to act as proxies for remote shares, and drive mappings are changed to point to the local appliance instead of the remote servers. When a user accesses a file from the share, the two appliances work together to make certain the user is getting the newest version of the file--and the cache is updated as needed.

Working with the Expand and Juniper staffs, we tested their appliances using the inline implementation. Some users may prefer to avoid an inline solution because of performance concerns. However, the products from Juniper and Expand easily perforrm well enough to use in an inline configuration.

These products work by caching file data blocks. When files are accessed, only changed blocks are sent over the WAN--the rest of the file is fetched from the local cache. Pinning vendors down on the details of chunk size and mutability was difficult. In the end, we realized this kind of information is part of their secret sauce and they weren't going to reveal the details.

Finally, we focused our tests on file services, but it makes sense to take advantage of all the functionality these products have to offer, including application acceleration and WAN acceleration (for more on these topics see "More Than Just Files").

In our tests, Juniper's WXC WAN Acceleration Appliance came out on top. It wasn't always the fastest accelerator, but when you add in-depth reporting, reliability and ease of use on the user end, it stands out as the clear winner. At some point, milliseconds are not relevant to user experience--in fact,in most cases where Juniper was not the fastest, the difference was negligible--so small that we suspect users wouldn't even notice.

Juniper Networks WXC WAN Acceleration Appliance
Juniper acquired this solid product with its Peribit purchase. Its outstanding feature is its invisibility to end users.

Because the product works inline and all network traffic streams through it, you don't need to remap drives or set up separate accelerated folders. The user experience doesn't change, except that it is much, much faster. Juniper also won the reporting category hands-down--its reports range from raw transfer volumes to a CIO dashboard.

During our tests, we discovered that the inline architecture does make configuration and administration difficult if the two boxes aren't communicating, causing several problems for users. Changing the IP address of one of the Juniper boxes is a bit painful, but not impossible. If you're planning to change IP addresses, schedule some downtime with a technically savvy IT person at the remote site to support your efforts.

Click to enlarge in another window

With compression, duplicate elimination and acceleration, the WXC appliance crunches your data into small tasty chunks through several layers of software. Quality of service is what you'd expect. During our tests, the device provided acceleration ratios as high as 15 times the baseline, and the difference in time saved transferring files between "warm" cache hits and "cold" uncached data access is astounding--an 11x multiplier for our monster 1-GB TIFF file.

Expand Networks Accelerator 6940
Although this device's QoS is standard and the system performs well enough, it left us with the impression that it isn't as mature as Juniper's product. For instance, the appliance requires that some data be "prefetched"--transferred before users attempt to access that data the first time.

When our 1-GB test file failed our tests, we discovered (with a little help from Expand) that large files--large being relative, based upon size of pipe and size of file--must be prefetched. Expand told us that this is only a problem with test labs, but we find that rather hard to believe. Our file, while large, is no larger than photo-processing, GIS and engineering companies generate on a regular basis.

In addition, the version we tested could only "prefetch" entire volumes through the Web user interface, though the underlying system could prefetch individual directories. Expand assured us this would be fixed in a future release.

Unfortunately, even after the prefetch indicated that our 1-GB file transfer was finished, we still received errors testing against that particular file. Expand says this isn't normal behavior, and we're working with the company to determine the problem. We will blog the results when we discover the root cause of the problem. If you don't generate large files, this probably won't be a problem for you. But we would sleep a little better if Expand could tell us exactly how big is "too big," since many marketing slide presentations can grow this large. We saw this problem with files as small as 500 KB, but in a slightly different context--the OS reported "file not found" on first access, but then present the file on subsequent accesses.

There were a few other glitches with Expand's implementation. Inaccuracies in its reporting caused us to question the device's throughput. Of course, for this review we counted on our own timing and throughput mechanisms. However, in daily use, those reports would start to grate on responsible managers. One report, for instance, showed that accelerated throughput was less than base throughput--though our independent timing clearly indicated that this wasn't true.

Tacit Networks iShared Server
Tacit's WAFS device runs out-of-line: Users map to a proxy of created individual servers and their shares. This has some appeal. You can always bypass the appliance by going directly to the source--if you're willing to put up with the performance hit that entails--but it also causes problems for end users who may confuse the appliance with the source server. Since users will adjust, and the ability to bypass the appliance should something go wrong is a benefit, this system works well overall.

Tacit's Windows-based product has some advantages over the others. (Tacit also offers a Linux version, but we tested only the Windows product). It is easier to configure the Tacit appliances because you can hook a console up to them and modify them like any other Windows system. Howerver, there is always the question of who updates the Windows OS when a virus or worm breaks out. Tacit guarantees it will release a patch within 72 hours of a Microsoft patch release.

Click to enlarge in another window

Compared to the other two products, it was easier to change the IP address on the Tacit system simply because it is Windows-based and out-of-line, rather than inline. There is no routing path to update, just the IP address of the other appliance and the IP information on this appliance. Quick and easy!

Tacit's drive mapping comes up short, though, as we exchanged a map that looked like \Test3temp for \tacit-branchCacheRootDCtest3temp. It would be nice if Tacit could shorten that path somewhat.

We did have some problems related to caching with this product. The cache is not synchronous in certain cases--if you try to access an uncached file from the server through a command prompt at the remote site, you may get a "File not found" error. If you use Windows Explorer, however, to access this same file, you won't have this problem. When the directory in question is opened (with Explorer or a file open dialog), the cache is updated. However, if you do a lot of background batch processing, your batch programs may fail because they're treated the same way a command prompt is treated.

We used gigabytes of files in our testing, so one interesting note is that the first file access before the cache was updated appeared to be very slow (much slower than the baseline tests were). We discovered that all the files used in the test had been read into the cache while we were accessing the first one--effectively slowing down our first file accessed in a given share, but making the remaining "cold cache" tests look like "warm cache" tests. This single architectural choice dragged down an otherwise stellar performance rating for Tacit. Watch that going into your deployment, and arrange for prefetching of the cache during nonpeak hours. Actually, that's something you should do anyway, but it's more important with Tacit than with the other devices we tested. In a high-volume environment generating new data every day, you may need to prefetch on a regular basis. However, for most installations, pre-fetching on initial install will suffice.Since Tacit is out-of-line only, the product doesn't have any built-in QoS capabilities. Also missing are redundant power supplies. In a machine that will quickly become critical, a single point of failure is not acceptable.

Don MacVittie is a Network Computing senior technology editor. Previously, he worked as an application engineer with WPS Resources, a Green Bay, Wis., utility holding company. Write to him at [email protected]. .

More Than Just Files

Although WAFS is truly important, there is more to the remote-office problem than just the speed at which a user can open the football pool spreadsheet. We consider wide-area files service support to include MAPI, CIFS, NFS and FTP at a minimum and all the other protocols that are used by your remote office staff could benefit from things like TCP compression. Use the following list as cross-reference when choosing your solution.

Expand Networks
Expand's Accelerator series is a generic WAN acceleration device with additional support for WAFS protocols. In other words, the products accelerate the WAN link through IP compression before even applying WAFS protocol support. Any application that runs over IP should see some benefit from Expand's offering.

Juniper Networks
Juniper's WCX product line also supports TCP compression, which means it accelerates anything that travels over TCP. You should see benefits in communications ranging from iSCSI to IMAP. In addition, Juniper has specific MAPI add-ons to accelerate Microsoft Exchange.Tacit Networks
Tacit is a Microsoft Windows ISA System OEM partner. Essentially, each Tacit box has the same capabilities as any other Windows Server. It can act as a Print Server, DNS Server, domain controller, Web caching, DHCP, print and SMS services. Tacit also accelerates Microsoft Exchange.How We Tested

We created a test configuration using our resources in NWC Inc. as the data center and a separate lab network as the remote office. NWC Inc. uses a Cisco Systems' Catalyst 6500 as its core router and the subnet is mostly hosted on a Cisco Catalyst 4500. The remote office uses an Extreme Networks' Summit 7i core router, with most of the network running off of a Hewlett-Packard ProCurve 3400CL.

We connected the two networks with two Cisco 7200 modems running off of T1 cards. To emulate real-world traffic, we added a Shunra VE to the mix, introducing 65 milliseconds of round-trip latency and 4 percent packet loss. The packet loss is high for a dedicated line, but average for all T1s in the United States according to the Internet Traffic Report. Each machine was set up between the core router and the T1 modem (for inline implementations) or on the same network as the clients and servers (for sidearm implementations).

Our tests attempted to draw out areas that may be weak in some products, and to test the extremes. They included:

» Copy a 1-GB file from the data center to a remote desktop» Copy several different document types including BMPs, TIFs, and Word documents from the data center to the remote office.

» Copy duplicate files with different names from the remote office to the data center. The purpose of this test was to verify vendor claims that they cached and transferred at the subfile level.

» Copy several similar files from the data center to the remote office, modify them and copy back.

» For those devices that support FTP acceleration, we tested an FTP upload from the remote office to the data center.

For each test, we ran both cold and warm cache, giving more weight to warm-cache results. We measured time to the millisecond and used that as the scored value.All Network Computing product reviews are conducted by current or former IT professionals in our own Real-World Labs®, according to our own test criteria. Vendor involvement is limited to assistance in configuration and troubleshooting. Network Computing schedules reviews based solely on our editorial judgment of reader needs, and we conduct tests and publish results without vendor influence.

Executive Summary

No wonder some IT admins feel unappreciated: It's not like they ever get e-mail from users thanking them because the user could instantly access a file on the remote server. It's a no-win proposition--either install a local server in each remote office and deal with the administrative overhead, or force your remote-office workers to rely on access to a central server through a sluggish WAN connection. Enter wide area file services (WAFS), which lets users access files as easily as if they were stored on the users' own desktops.

We tested WAFS offerings from Juniper Networks, Expand Networks and Tacit Networks in NWC Inc, our Green Bay, Wis., business applications lab. We looked evaluated performance, ease of use, quality of service capabilities, price, reporting and configuration. After the dust settled, we were pleased to award Juniper our Editor's Choice award for solid reporting and performance.


Application Accelerators

your browser
is not Java

Welcome to NETWORK COMPUTING's Interactive Report Card, v2. To launch it, click on the Interactive Report Card ® icon above. The program components take a few moments to load.

Once launched, enter your own product feature weights and click the Recalc button. The Interactive Report Card ® will re-sort (and re-grade!) the products based on the new category weights

you entered.

Click here for more information about our Interactive Report Card ®.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights