How to win the latency race with DPI-driven WAN optimization

Magnus Bartsch portrait

By Magnus Bartsch
Published on: 16.11.2023

Reading time: ( words)

A wide area network (WAN) connects data centers, branch offices, remote workers and IoT nodes. In a WAN, application stacks delivering services such as email, CRM and ERP are centralized in the data center and delivered to concurrent users across the network. WAN connectivity relies primarily on expensive private leased lines. This can be a challenge to enterprises with growing bandwidth needs. For example, the addition of new branches, applications and users, the deployment of latency-critical services and the use of chatty protocols can quickly deplete network capacity, leading to congestion and latency. To address these issues, enterprises turned to WAN optimization solutions. WAN optimization involves the use of controllers at branch nodes to execute a number of packet/flow handling and forwarding techniques. These help to alleviate congestion, save bandwidth and improve network latencies and performance.

Relevancy of WAN optimization in the era of SD-WAN

Software-defined wide area networks (SD-WANs) merge bandwidth across multiple private and public connectivity channels, such as Multiprotocol Label Switching (MPLS), Internet and cellular, flexibly and cost effectively. This addresses many of WAN’s limitations relating to bandwidth. With SD-WAN, enterprises can simply invoke intelligent policies that route applications based on priorities and needs. Bandwidth becomes fluid and enterprises can easily draw more capacity and use pay-as-you-go models when needed.

Does this render WAN optimization obsolete? According to Future Market Insights, the WAN optimization market is expected to reach USD 2.1 billion by 2033. This is propelled largely by the continuous growth in WAN deployments. Interestingly, SD-WAN providers are also packaging WAN optimization services as part of their solutions. As branch offices expand to every corner of the globe, as workers become more dispersed and as connected assets sprawl out across distant territories, latencies reappear, impairing network and application performance. Similar effects are observed as enterprise users access various SaaS and Cloud applications hosted on remote, third-party infrastructure by means of fixed network, wireless, mobile (and nowadays satellite) connectivity. Applying WAN optimization techniques to SD-WAN delivers enhancements at the packet- and flow-level. It thereby improves the overall user experience across various applications, especially for enterprises with extensive networks.

WAN optimization requires network traffic visibility

A fundamental capability that binds most WAN optimization techniques is network visibility. Optimization involves selective execution of policies such as prioritization, re-routing and data reduction (e.g. deduplication, caching and compression) to manage QoS and QoE, ensure regulatory compliance and enhance cybersecurity. To be selective, it is necessary that networks are aware of the traffic they are dealing with. For example, to meet the SLA of an application in terms of speed, jitter or packet loss, it is important to firstly, identify the packets related to that application as these packets navigate the LAN gateway. Secondly, the metrics that relate to all the sessions involving the application need to be established accurately.

In this context, our deep packet inspection (DPI) engines R&S®PACE 2 and R&S®vPACE are core to WAN optimization. Both engines fit perfectly in any WAN architecture, be it traditional WAN or SD-WAN. They offer real-time classification of protocols, applications and services and combine these with packet metadata to deliver fine-grained performance and security information at the packet- and flow-level, even for traffic that is encrypted, obfuscated or anonymized. How does this enhance WAN optimization?

The right amount of load

The most important part of any WAN optimization is QoS management via techniques such as prioritization and load balancing. Real-time network intelligence from ipoque, which includes first packet classification, enables applications to be detected instantaneously. From CRM records to online meetings, from corporate file sharing to automatic backups – R&S®PACE 2 and R&S®vPACE support intelligent traffic management where priority applications are accorded premium routes while regular web traffic is re-routed outside of the WAN. Where multiple applications are accessed concurrently, a hierarchy can be enforced using DPI data to allocate more bandwidth for applications in the top tiers.

The right amount of trimming

The bigger the corporation, the more likely data and files do not only exist once, but are stored, accessed and edited in multiple locations. Data deduplication at the branch level removes these redundant copies, saving storage and freeing up bandwidth during backups and archiving. DPI tunes deduplication to the actual needs of an enterprise. For a hospital for example, it is essential that up-to-date data is available in local servers for immediate retrieval. DPI identifies the respective applications, allowing exclusion rules to be implemented during deduplication, enabling certain data to be retrieved instantly whenever required.

The right amount of compressing

Data compression, a common WAN optimization technique, in itself can introduce new latencies as it involves various rounds of compression and decompression before content reaches the user. ipoque’s DPI technology can swiftly identify the applications and services earmarked for compression. It fills in the checklist of metrics used to qualify each content and determines the required degree of compression. DPI is also extremely efficient in establishing the bandwidth consumption by new content on the network. This allows such content to be prioritized or enlisted faster in the compression listing before bandwidth is exhausted.

The right amount of distribution

The use of content delivery networks (CDN) in WAN optimization can be brought a notch higher by using DPI insights. This is due to its ability to quickly identify not only the applications that are frequently retrieved by users, but also the exact services, files and pages that should be lodged into a CDN service such as Akamai CDN. DPI also helps in identifying usage patterns across regions and different localities. The aim is to optimize and curate the subscription of third-party CDN services according to user locations and needs.

The right amount of caching

DPI’s inputs can be used to determine not only frequently accessed applications but allows caching policies to be tweaked to the load of such content and to existing network conditions, so that caching is invoked only when necessary. Where this content is refreshed continuously (for example, a webpage reporting a disaster), exclusion policies enable users to receive the latest updates in real-time.

The same principle applies to another technique used for WAN optimization, i.e., protocol acceleration. Here, ipoque’s DPI technology can help network administrators identify chatty protocols such as TCP so that these can be packaged into a single protocol with fewer network handshakes. The result is a reduced bandwidth consumption.

Optimization done right with deep packet inspection

The beauty of using advanced DPI tools such as R&S®PACE 2 or R&S®vPACE is that a single tool can support various WAN optimization techniques. This ensures cohesiveness and consistency in how WAN traffic is optimized. Regardless of whether it is a private WAN or a public WAN, or whether it is single-site or multi-site optimization, DPI ensures WAN networks remain optimized under all circumstances.

To learn more about how ipoque’s DPI technology enables WAN optimization, check out our case study with SD-WAN/SASE solution provider



Magnus Bartsch portrait

Magnus Bartsch

Contact me on LinkedIn

Magnus has always had a keen interest in computer science. From the start, he has had a particular fascination for deep packet inspection and the broader technologies utilizing this powerful software. Based on this interest, Magnus joined ipoque, a market leader in the DPI field.
During his 13 years at ipoque, he has worked in development, pre-sales and consulting. Throughout this time, he has not only been able to motivate, coach and advise people from around the globe, but also to expand his personal experience by providing full-stack support from rapid prototyping over integration support up to application architecture design. When he is not out promoting ipoque, he has a passion for seeing the world from his motorbike.

ipoque blog - discover the latest news and trends in IP network analytics

Sign up for the ipoque newsletter

Stay informed about the latest advances and trends in
deep packet inspection and network traffic visibility