Application Delivery Networks, Simplified!
Internet was never architected to support the levels of performance, reliability, and scalability that today’s commercial web applications demand, creating significant technical obstacles for those who expect consistency and performance fostering their user experience on any device and location across the globe. Moreover, these obstacles are becoming even more challenging as current and future applications and their deployment frameworks are evolving at an unprecedented pace.
As a part of emerging tech, we cannot miss talking about Application Delivery Networks, i.e. ADNs. These are different from traditional CDNs and gets to the next level via focusing on performance optimization apart from application availability, security, visibility, and acceleration as bundled offering. As more and more application content is getting personalized due to event centric approach the static content delivery might not suffice to ensure this Application Delivery Network (ADN) enhances the delivery of applications across the Internet by employing a number of optimization techniques and are increasingly adding advanced traffic management functionality. The deep packet inspection capabilities of some of these products can identify traffic by application type and can be used to analyze, block, shape and prioritize traffic. Simply put an Application Delivery Network helps speed up load times and application delivery.
The global application delivery network market to grow at a CAGR of 11.14% during the period 2017–2021. one of the major drivers for this market is Increased adoption of cloud based applications i.e. SaaS subscriptions.
What is the difference Between CDN and ADN?
Typically, CDN services were positioned as distribution of static content for globally distributed users and uses caching edge servers running in their POPs/Edge locations whereas ADNs goes beyond static content and focuses on dynamic applications via deploying range of tools and techniques to reduce latencies and enhance application performance. The key techniques are ..
· TCP Multiplexing is loosely based on connection pooling techniques utilized by application server platforms to optimize the execution of database queries from within applications over keeping the established connections alive, this helps greatly enhance the user experience since response times are managed and provides consistency in the session for the end user. The ADC Application delivery Controllers called ADCs are the core of the ADN, they sit between firewalls and app/web servers and manage IP Traffic Optimization, Traffic Chaining/Steering, SSL offload, Web Application Firewall, CGNAT, DNS System, and proxy/reverse proxy etc as the key features.
· TCP optimization Many ADN implement many RFCs such as Delayed Acknowledgements, Nagle Algorithm, Selective Acknowledgements, ECN ( Read, Explicit Congestion Notification), Limited and Fast Retransmits to name the few in order to provide enhanced delivery of applications through more efficient use of TCP as an enabler for long haul, global application connections in order to mitigate the limiting effects of latency on application performance. This is however separate from the load balancing and distributing traffic based on AND health checks and optimization process.
· Caching and Compression — A typical http compression and data specific compression algorithms are used for Caching and Compression. A separate class of devices known as WAN Optimization Controllers (WOC) are deployed to front end the application traffic making the entire system application aware by using the techniques for compression, caching, de-duplication, protocol spoofing and latency optimization to improve application performance with additional features for specific applications such as CIFS and SMB
· Security and Filtering — Various techniques are used by ADNs for providing application level security for the such as resource cloaking, use of a virtual IP address (VIP) and position of the ADN in the network provides the means through which certain resources can be cloaked, or hidden, from the client, at times rewriting the URI ( Read universal resource Identifier ) portion of an HTTP request making it transparent to client and isolating source, since each client will send the traffic to modified URI running on the AND as a virtual frontend for the application. Moreover, additional techniques are bundled for ensuring adaptive defense via IP filtering, delayed binding, application firewalls and SSL encryptions for network, application and transport layer security.
When to use ADNs?
Poor application performance can result in inefficiency, low adoption rates and increasingly high costs for operations and might severely impact the outcomes. By nature of Internet, high latency and packet loss occur frequently and definitive SLAs cannot be guaranteed for application performance for global users. Applications that can work acceptably for local or regional users thus might not work well even under relatively benign conditions when separated by multiple geographies / network interconnects.
Although there is no clear and concise selection strategy to guide us when to opt for ADNs but if we analyze few pointers of requirement mining, we would get pretty good clarity on what and why we should get a ADN deployed in our environment. The factors that will help us decide are …
· Application characteristics and platform of choice, redundancies for multipathing and parallizaion etc, this is a core and critical factor for consideration.
· Estimated number of users, and concurrent sessions — typically what’s you due SLA for any user of the application. Peak and off-peak demand profiles, in case of microservices the transaction size will be tiny but in a dynamic range of scale and it worsens as applications grow their userbase, modules and interexchange between various API services scattered across the clusters and even locations.
· Bandwidth/transaction sizes / number of modules / elements that load independently in the user environments (typically on the device user is connecting from or a browser rendering the app front ends)
· Application symmetry, latency and back and forth traffic within a particular session or programmability and faster changes for DevOps Agility on release cycles.
· And to top it all the SSL and Security between modules, cached data and transaction safety. More and more distributed services are broadening the perimeter and weakening he fabric of security since many applications deploy security via WAF thus allowing the intruders well inside the network attempting the sessions.
· Off course, the network (read, Internet) by and large is shared causing the session established via Long, expensive routes with several choke points making it unreliable and unpredictable for round trip times. While TCP by design uses caution to establish the session and progressively improves performance on loosely connected source and targets taking different paths and dynamic routes thus quality of user experience is always variable.
In Summary, Internet is a growth Engine for digital enterprises and connected users, their needs and aspirations are becoming limitless and borderless. The smart enterprise must always remain on the vigil for the user experience from outside their circle of control yet greatly influence the application deliveries for dynamic content as more and more personalized content is becoming a norm. Modern ADNs are providing alternatives via private pathing the expressway for the dynamic content with additional critical value add for security and isolation protecting the user space and further provides a complete answer for accelerated, high performance, predictable access both inside and outside the enterprise firewalls, accessing all IP-based applications based at business locations and SaaS / public cloud-based services running the workloads, the game is changing every day and keeping everyone in the game on their toes for sure, what say?
***
Feb 2020. Compilation from various publicly available internet sources, authors views are personal.
