Tunneling Technologies in WAN Optimizers, SD-WAN

10 Aug 2015

Tunneling technologies for WAN Opt, SD-WAN technologies:

  • Citrix Cloudbridge: SD-WAN:(GRE(ESP))||(UDP), WAN-Opt:(TCP(SSL))
  • Cisco WAAS: No tunneling
  • Viptela: (ESPv3)
  • Silver Peak Unity: (UDP)||(GRE)||(ESP)
  • Fortinet: (ESP)||(TCP(SSL)
  • Riverbed: (TCP(SSL))
  • Exinda: (TCP)
  • Sangfor: (ESP)

So here is my problem: Two mobile units are getting built, they need to talk back to the Data Centers, and upload up to 2GB of data a day. These units will go so far north that there is no HSPA/LTE service there.

So I have been investigating satellite technology to do this. Turns out that TDMA technologies, high latencies, potentially a lot of loss and IPSEC don't go particularly well together (surprise, surprise.) This does not remove the requirement of me encrypting these flows. Apparently satellite gear do "Optimizes" TCP (or at least cache and keep track of TCP connections so if there is loss, it re-transmits without TCP's involvement)

So my first idea, DMVPN/FlexVPN, is out. I have been looking into all those nice WAN Optimization appliances and SD-WAN solutions that tunnel traffic to their peers to see who is using TCP to do that. So far, three candidates have emerged: Citrix WAN-Opt, Riverbed and Exinda....

Just wondering if I missed something or any other solution might be out there I might have missed?

Published on 10 Aug 2015 Find me on Twitter!