Mobile User Productivity Undermined By Internet Latency
It’s become almost cliché: MPLS-based wide area networks (WANs) are expensive yet workable solutions when connecting locations, but utterly unsuited for connecting cloud resources and mobile users. All of which creates problems for any modern organization whose internal users can, and often do, work from anywhere. Just ask Stratoscale.
The company had North American users who regularly interacted with the company’s Israeli datacenter. With many developers working remotely, Stratoscale provided datacenter access via SSL VPNs. Remote developers would establish SSL connections across the Internet to a firewall cluster in the datacenter and from there work with the Docker containers housed in the datacenter.
While Stratoscale’s internal users benefited from a 1 Gbits/s Internet connection, remote developers found transferring Dockers files took far too long. The combination of large file sizes and high Internet latency meant that “hours” could be needed to retrieve the Docker images, says Oren Kisler, Director of IT Operations at Stratoscale.
Purchasing an MPLS service or deploying WAN optimization on either end of the connection was not an answer. “The price tag was higher for MPLS, of course, and WAN optimization is a site-to-site solution,” says Kisler. “Neither is suitable for developers working offsite.”
Cato: A Faster, More Secure WAN
Kisler turned to Cato. Cato Cloud is a global, SLA-backed backbone that connects mobile workers and branch offices to corporate resources, such as physical and cloud datacenters.
Kisler connected the firewall in his Israeli datacenter to the Cato Cloud using redundant IPsec tunnels. Mobile users connected to Cato Cloud by running the Cato Client on their devices. Once connected, mobile and office users benefit from Cato’s global backbone.
“We were getting 2 Mbits/s of throughput on our SSL VPNs from North America to Israel,” says Kisler, “With Cato, we saw throughput jump more than eight-fold, reaching 17 Mbits/s.”
Cato Cloud uses a range of network optimizations to improve performance. Packet loss correction minimizes packet retransmissions; TCP optimizations maximize TCP window size and reduce latency. Global route optimization uses the best possible route across select, tier-1 backbones from whom Cato has purchased transit services, further minimizing delay.
With connectivity optimized, Kisler says he’s looking to activate Cato’s security capabilities. Cato Firewall as a Service (FWaaS) is remarkably easy to deploy and protects all mobile users, sites, and cloud resources with a common security policy. He’s looking to use the firewall, in part, to segregate access to his resources. “We’ve been very happy with Cato solution and what it delivers,” says Kisler.