Applies To:

Show Versions Show Versions

Archived Manual Chapter: Configuring WANJet Appliance Policies
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.

You create policies on the WANJet appliance so that it handles traffic according to your needs. The WANJet appliance has two types of policies:
Optimization policies
You create optimization policies to specify which traffic you want to optimize (move faster through the network), and which traffic you want to pass through the WANJet appliance without being changed.
Application QoS policies
You create Application QoS policies to dedicate a percentage of bandwidth to certain applications to ensure predictable application performance.
This chapter describes how to create, edit, and delete optimization policies that apply to links with all remote WANJet appliances. It also explains how to create exceptions to optimization policies called passthrough destinations. The chapter also describes how to create, edit, and delete Application QoS policies, and how to add, edit, or delete WAN links. You can create traffic classes to gather together specific types of applications with the idea of applying one Application QoS policy on them as a group.
If you are using Enterprise Manager to manage multiple WANJet appliances, you can create optimization policies and Application QoS policies on one WANJet appliance, and use the changeset feature to apply these policies to multiple WANJet appliances. For more information, see the Enterprise Manager Administrator Guide.
You use optimization policies to specify where and how you want the WANJet appliance to optimize traffic. Optimization policies designate the TCP ports on which the WANJet appliance applies Transparent Data Reduction (TDR) optimization algorithms, and other options including encryption and connection intercept.
The decisions whether to optimize traffic and what options to use are made on the WANJet appliance where the traffic was initiated. Traffic coming from another WANJet appliance on the other side of the WAN is optimized according to the optimization policies on the other WANJet appliance.
Create common optimization policies that you want to apply to connections with all remote WANJet appliances.
See the next section, Managing optimization policies.
Figure 7.1 shows the WANJet Protocol Optimization Policy screen.
Before creating optimization policies, you need to have added local subnets from which the WANJet appliance may receive traffic that you want to optimize. Otherwise, traffic from subnets that the WANJet appliance does not recognize is set to passthrough, and it is not optimized. See Configuring multiple subnets, for instructions on how to add local subnets.
Optimization policies apply globally to traffic moving between the local WANJet appliance and remote WANJet appliances. You can create policies for traffic destined for all ports or for specific ports. By default, traffic destined for All ports is set to Passthrough; it is not optimized for TDR-1 or TDR-2, it is not encrypted, and Connection Intercept is not enabled, as shown in Figure 7.2.
You have to edit the default optimization policy or create a new one before you can start optimizing traffic between the local and remote WANJet appliances. When you create new optimization policies, the original optimization policy designated for All ports changes to All other ports, as shown in Figure 7.3.
It is typical to have optimization enabled on commonly used ports such as those used for Active FTP, SMTP, HTTP, POP3, IMAP, and HTTPS. You can also consider enabling TDR-1 compression on these ports, except for port 443 (HTTPS).
Note: It is difficult to optimize Passive FTP sessions because the server port that Passive FTP uses varies from session to session. However, if you need to optimize Passive FTP, enable optimization for all TCP ports and disable optimization for ports that do not require it (typically ports used by real-time applications such, as VoIP telephony).
You can create new optimization policies, edit existing policies, or delete policies. The optimization policies are of primary importance on the client side WANJet appliance, for example, where users are requesting application data from a data center or hub. You can also add exceptions to the optimization policies as described in Managing passthrough destinations.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
Click the Add button located beneath the Common policies table.
The Add Port/Service Name popup screen opens.
3.
From the Service Name list, select the service or application for which you want to customize the optimization policy. The default port used by the service displays in the From Port box.

If you would rather specify the port, in the From Port box, type the port number. To specify a range of ports, type the first port in the range in the From Port box, and the last port in the To box.
Note: Refer to http://www.iana.org/assignments/port-numbers for a list of commonly assigned TCP port numbers and the services and applications that use them. Keep in mind that these may differ on your system.
4.
From the Processing Mode list, select one of the options:
Passthrough
Leave traffic over this port in its raw state and do not optimize it.
Optimized
Apply WANJet appliance optimization to traffic over this port according to the options specified in the next step.
5.
Select one or more WANJet appliance optimization options by checking the check boxes. If you do not select any of the options, traffic is optimized using TCP optimization. TCP optimization adapts the connection to the properties of the WAN link, improving performance and handling congestion control.
TDR-1: Check this box to compress network traffic for the specified port. This is not necessary if the traffic would not benefit from compression, for example if it consists largely of JPEG or ZIP files.
TDR-2: Check this box to apply the WANJet appliances TDR-2 intelligent caching algorithm for communications on the specified port.
Encryption: Check this box if you want to use SSL to encrypt communications for the specified port.
Connection Intercept: Check this box to reset any connection for the specified port that was initiated before you started the WANJet appliance. For more details, see Resetting connections with Connection Intercept.
6.
Click the OK button.
The window closes and the WANJet Protocol Optimization Policy screen displays with a new row in the Common policies table with the details that you entered. You can click the port number (in the Service Name column) to edit these settings.
7.
Click the Save button at the bottom of the WANJet Protocol Optimization Policy screen to apply the new policy.
The new policy takes effect immediately for all new connections.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
In the list of optimization policies, click the Service Name link of the policy you want to edit.
The Edit Port/Service Name popup screen opens.
4.
Click the OK button.
The screen closes.
5.
Click the Save button at the bottom of the WANJet Protocol Optimization Policy screen.
Changes to optimization policies take effect for all new connections.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
In the list of optimization policies, click the Service Name link of the policy you want to delete.
The Edit Port/Service Name popup screen opens.
3.
Click Remove.
The screen closes and the policy is deleted from the common optimization policies list.
4.
Click the Save button at the bottom of the WANJet Protocol Optimization Policy screen.
You can make exceptions to the optimization policies for specific systems or subnets by creating passthrough destinations. Traffic that flows to passthrough destinations is not optimized. So, for example, you could optimize traffic to all ports by creating an optimization policy that applies to most traffic, then specify passthrough destinations for any exceptions, as shown in Figure 7.4.
Figure 7.4 shows exceptions that were added for two subnets. The WANJet appliance does not optimize traffic destined for All Ports on systems in subnet 10.151.99.0/24. It also does not optimize traffic destined for port 139 on systems in subnet 10.151.25.0/24. Traffic for these destinations is set to passthrough.
You can create new passthrough destinations, edit existing passthrough destinations, or delete passthrough destinations.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
Click the Add button located beneath the Passthrough Destinations table.
The Passthrough Destination popup screen opens.
3.
In the Destination Address box, type the IP address of the host or subnet where you do not want the traffic to be optimized. For example, specify the subnet 10.8.0.0/24 as:
4.
In the Destination Netmask box, type the netmask of the host or subnet. For example:
5.
For the Destination Port setting, determine which ports to use:
Check the All Ports box if you want all ports at the destination address to receive passthrough traffic.
Clear the All Ports box and type the port number of the port at the destination address you want to receive passthrough traffic.
6.
Click OK.
The exception is added to the list of passthrough destinations.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
In the list of passthrough destinations, click the Destination link of the exception you want to edit.
The Edit Port/Service Name popup screen opens.
4.
Click OK.
The screen closes.
5.
Click the Save button at the bottom of the WANJet Protocol Optimization Policy screen.
Changes to exceptions take effect for all new connections.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
In the list of passthrough destinations, click the Destination link of the exception you want to delete.
The Edit Port/Service Name popup screen opens.
3.
Click the Remove button.
The screen closes and the policy is deleted from the passthrough destinations list.
4.
Click the Save button at the bottom of the WANJet Protocol Optimization Policy screen.
Connection Intercept is one of the options that the WANJet appliance provides for optimization policies. This option causes the WANJet appliance to reset connections that were initiated before it started up. One of the uses of Connection Intercept is for client systems that use the CIFS (Common Internet File System) protocol to request file services from server systems over a network.
In this example, the administrators are concerned that they may have existing CIFS connections, already in progress, that are not being optimized after starting or restarting the WANJet appliance. The procedure shows how to create an optimization policy that enables the Connection Intercept option on the CIFS ports (typically ports 139 and 445). This causes the WANJet appliance to automatically reset connections that are not being optimized, without having to restart each of the connections manually.
1.
In the navigation pane, expand WAN Optimization and click Optimization Policy.
The WANJet Protocol Optimization Policy screen opens.
2.
Under the Common policies table, click Add.
The Add Port/Service Name popup screen opens.
Note: If the Netbios-ssn service is already listed, click the Service Name so you can edit the settings.
3.
From the Service Name list, select Netbios-ssn.
In the From Port box, port 139 is automatically displayed.
4.
For the Processing Mode, select Optimized.
5.
Check the TDR-1 and TDR-2 boxes.
6.
Check the Connection Intercept box.
7.
Click OK.
The Edit Port/Service Name screen closes, and you see the WANJet Protocol Optimization Policy screen.
8.
Repeat steps 2-6 to add Microsoft-ds (port 445).
9.
Click the Save button to apply the changes.
10.
In the navigation pane, expand WAN Optimization and click Operational Mode.
The Operational Mode screen opens.
11.
Verify that Mode is set to Active.
12.
Click the Save button if you changed the mode.
This implements Connection Intercept on ports 139 and 445. The next time you restart the WANJet appliance, it resets connections that were already initiated on these ports, and then optimizes the traffic.
Application QoS policies help you to obtain better network performance by dedicating bandwidth to specific network traffic that travels between two WANJet appliances or over a WAN link.
When you define an Application QoS policy, you can specify the bandwidth you want to allocate to particular applications, such as:
These individual classes of applications have very different network requirements. So, for example, you might want to limit the amount of bandwidth that FTP or email (SMTP, POP, or IMAP) traffic can use, and provide more bandwidth for VoIP traffic.
At the same time, you need to ensure that providing sufficient bandwidth to one or more data flows does not handicap the transmission of other data. Application QoS is a per endpoint setting that you can use to override the bandwidth setting in a multi-node network.
Services
The basic protocols supported by your network, such as FTP, HTTP, HTTPS, POP3, and so on.
Traffic classes
Tailored services that include different types of traffic. If you want to create an Application QoS policy to handle tailored services, you need to have already created or imported the traffic class. See Defining traffic classes.
Most often you create Application QoS policies for traffic moving between two WANJet appliances. Thus, it is important that you have previously configured remote WANJet appliances (and their local subnets). The Application QoS screen, shown in Figure 7.5, lists all of the remote links so that you can create Application QoS policies to shape the traffic between the local and remote WANJet appliances.
In Figure 7.5, you can see one remote WANJet appliance called wj33 with an IP address of 10.16.79.201 and one WAN link called Paris that was added. You can create Application QoS policies for both of these links.
Before you create Application QoS policies, you need to plan how you want to allocate bandwidth. You need to be familiar both with the major applications that your users work with, and which ones require faster transfer times. You can assign a larger percentage of bandwidth to the highest priority applications.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens and lists the remote WANJet appliances.
2.
In the table, click the IP address of the remote WANJet appliance to which you want to apply an Application QoS policy.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
3.
In the Link Bandwidth box, type the bandwidth of the link between the local and the remote WANJet appliances, and from the Link Bandwidth list, select a unit (kb/s or mb/s).
4.
Click the Add button.
The Application QoS Policy popup screen opens.
5.
In the Alias box, type a name for the policy.
6.
In the Bandwidth box, type the percentage of bandwidth that you want to guarantee that the policy can use. For example, if you specify 50%, the connections associated with the policy are guaranteed 50% of the available bandwidth if needed.
7.
In the Maximum box, type the maximum percentage that the policy can borrow from unused additional bandwidth. For example, if you specify 90%, the connections associated with the policy can use up to 90% of the additional bandwidth that is available.
8.
In the Services box, specify the services or traffic classes to use for the Application QoS policy. For each service that you add, specify these settings:
a)
From the Services list, select one or more services or traffic class to add to the Application QoS policy.
Note: You can configure some ports for both TCP and UDP protocols. To do this, select the service port (for example, FTP) and then select TCP. Then on a new line, select service FTP again, and service type UDP. If you select VoIP, it uses only the UDP protocol. If you choose a defined traffic class from the menu, the adjacent service type menu disappears.
c)
Click the OK button.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
10.
Click the OK button.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen closes.
11.
Click the Save button.
The Application QoS screen refreshes.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens and lists the remote WANJet appliances.
2.
In the Remote column, click the link to the remote WANJet appliance with the Application QoS policy that you want to edit.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
5.
6.
Click the Save button.
The Application QoS screen refreshes.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
2.
Click the IP address of the remote WANJet appliance with the Application QoS policy that you want to disable.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
3.
In the Link Bandwidth box, type 0 for the bandwidth.
4.
5.
Click the Save button.
The Application QoS screen refreshes. The Application QoS policy remains on the WANJet appliance but it is disabled.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
2.
Click the link for the remote WANJet appliance from which you want to remove an Application QoS policy.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
4.
Click the Remove button to delete the policy.
The Application QoS policy is removed from the WANJet appliance.
5.
6.
Click the Save button.
The Application QoS screen refreshes.
When you configure remote WANJet appliances on the local appliance, WAN links are automatically created as connections between the two WANJet appliances. (The section Creating, editing, and deleting Application QoS policies describes how to create QoS policies for links between two WANJet appliances.) You can add WAN links if you want to create an Application QoS policy for traffic that is going from the local WANJet appliance to a location that does not have a WANJet appliance. You then specify the destination subnets or machines for existing WAN links.
Using WAN links, you can add an Application QoS policy to the traffic passing through the local WANJet appliance and going to a remote network, even if the remote network does not have a WANJet appliance installed. In this way, you can manage and manipulate the bandwidth size for all the traffic transferred through the local WANJet appliance, regardless of whether it is being optimized.
Creating an Application QoS policy for a link between a WANJet appliance and another location that does not have a WANJet appliance involves the following tasks:
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
a)
Click the Add WAN Link button.
The Manage the Application QoS Settings of a WAN Link popup screen opens.
b)
In the WAN Link Alias box, type a name.
c)
In the Link Bandwidth box, type the size of the bandwidth between the local WANJet appliance and the WAN network.
d)
From the Link Bandwidth list, select a unit (kb/s or mb/s).
e)
Click OK.
The Manage the Application QoS Settings of a WAN Link screen closes, and the Application QoS screen refreshes with the new WAN link displayed.
a)
Click the Add button beneath the Supported Subnet table.
The Add Subnet popup screen opens.
b)
In the Supported Subnet box, type the IP address of the machine or subnet that the WAN link connects to.
c)
In the Netmask box, type the netmask of the new machine or subnet.
d)
In the Machine(s) Alias box, type a name for the new machine or subnet.
e)
Click OK.
The Application QoS screen opens, and the new subnet appears in the Support Subnet column.
a)
Click the Add button beneath the Application QoS table.
The Application QoS Policy popup screen opens.
b)
In the Alias box, type a name for the policy.
c)
In the Bandwidth box, type the percentage of bandwidth that you want to guarantee that the policy can use. For example, if you specify 50%, the connections associated with the policy are guaranteed 50% of the available bandwidth if needed.
d)
In the Maximum box, type the maximum percentage that the policy can borrow from unused additional bandwidth. For example, if you specify 90%, the connections associated with the policy can use up to 90% of the additional bandwidth that is available.
e)
In the Services box, specify the services or traffic classes to use for the Application QoS policy. For each service that you add:
From the Services list, select the service or traffic class to add to the Application QoS policy.
Note: You can configure some ports for both TCP and UDP protocols. To do this, select the service port (for example, FTP) and then select TCP. Then on a new line, select service FTP again, and service type UDP. If you select VoIP, it uses only the UDP protocol. If you choose a defined traffic class from the menu, the adjacent service type menu disappears.
Click OK.
The Manage the Application QoS Settings of a Remote WANJet appliance popup screen opens.
5.
Click the Save button to save the changes.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
2.
In the Alias column, click the name of the link that corresponds to the WAN Link that you want to edit.
The Manage the Application QoS Settings of a WAN Link popup screen opens.
4.
Click OK.
The Manage the Application QoS Settings of a WAN Link screen closes, and the Application QoS screen refreshes.
5.
Click the Save button.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
2.
In the Alias column, click the name of the link that corresponds to the WAN Link that you want to disable.
The Manage the Application QoS Settings of a WAN Link popup screen opens.
3.
In the Link Bandwidth box, type 0 for the bandwidth.
4.
5.
Click the Save button.
The Application QoS screen refreshes. The Application QoS policy remains on the WANJet appliance but it is disabled.
1.
In the navigation pane, expand WAN Optimization and click Application QoS.
The Application QoS screen opens.
2.
In the Alias column, click the name of the link that corresponds to the WAN Link that you want to remove.
The Manage the Application QoS Settings of a WAN Link popup screen opens.
3.
Click Remove.
4.
Click OK.
The Manage the Application QoS Settings of a WAN Link screen closes, and the Application QoS screen refreshes.
5.
Click the Save button.
With the traffic class feature, you define services that you can use to achieve specific QoS standards. You can group ports, machines, and subnets under the heading of a traffic class. By assigning both a guaranteed and a maximum amount of bandwidth to this service (in an Application QoS policy), you treat this group of ports, machines, and subnets as one entity. This is simpler than creating many different services, each of which handles a single type of traffic.
You can use the WANJet appliance to define traffic classes and Application Quality of Service (QoS) policies for your various applications, and apply them to optimally allocate bandwidth. A traffic class is a named group of ports, machines, and subnets. When creating an Application QoS policy, you can specify the bandwidth for a traffic class (or multiple services grouped together) instead of specifying each specific service.
1.
In the navigation pane, expand Optimization and click Traffic Class.
The WANJet Traffic Classes screen opens.
2.
Click the Add button.
The Add Traffic Class popup screen opens.
3.
In the Traffic Class Name box, type a name for the policy.
4.
In the From box, type the IP address of the subnet that sends the data, for which you want to specify a traffic class.
5.
In the From Netmask box, type the full netmask of the subnet that sends the data, for which you want to specify a traffic class.
6.
In the To box, specify the subnet that receives the data, for which you want to specify a traffic class.
7.
In the To Netmask box, type the full netmask of the subnet that receives the data, for which you want to specify a traffic class.
From the Ports list, select a port.
In the From Port and To boxes, specify a range of ports.
9.
From the Protocol list, select a protocol type for the ports that you specified.
10.
Click OK.
The Add Traffic Class screen closes, and the WANJet Traffic Classes screen refreshes with the new traffic class displayed.
11.
Click the Save button to save the changes.
1.
In the navigation pane, expand Optimization and click traffic class.
The WANJet Traffic Classes screen opens.
2.
Click the name of the traffic class that you want to edit or remove.
The Edit Traffic Class screen displays in a separate browser window.
4.
Click OK.
The Edit Traffic Class screen closes and the WANJet Traffic Classes screen refreshes.
5.
Click the Save button to save the changes.
1.
In the navigation pane, expand Optimization and click traffic class.
The WANJet Traffic Classes screen opens.
2.
Click the name of the traffic class that you want to remove.
The Edit Traffic Class screen displays in a separate browser window.
3.
Click the Remove button.
The Edit Traffic Class screen closes and the WANJet Traffic Classes screen refreshes.
4.
Click the Save button to save the changes.
You can deploy and manage multiple WANJet appliances from the Enterprise Manager, a centralized management solution. You need to have purchased and set up Enterprise Manager, which is a separate product from the WANJet appliance. Refer to the Enterprise Manager Administrator Guide for information about configuring Enterprise Manager and complete instructions on using the features mentioned in this section.
You can create optimization policies and Application QoS policies on the WANJet appliance, and use Enterprise Manager to push the policy templates to multiple WANJet appliances. The policies that you deploy completely replace any existing policies on those WANJet appliances. This section provides information on how to create the policy templates on the WANJet appliance.
1.
Create the optimization policy on one WANJet appliance as described in Managing optimization policies. Saving the policy creates an XML file that includes the policy.
2.
From Enterprise Manager, use the Changesets feature to apply the optimization policy to multiple WANJet appliances. Follow through the screens specifying required information, and note the following tips:
For the Source, select Device and point to the WANJet appliance where you created the optimization policy.
On the Class Selection screen, from the Available path list, move WAN Optimization/Optimization to the Selected list.
3.
Deploy the changeset using the Staged Changesets feature.
Note these tips:
You can create a device group that includes all WANJet appliances where you want to deploy the optimization policy. (You can use the same group for deploying both types of policies.)
You can save the changeset and use the Staged Changeset feature to deploy the optimization policy template.
2.
On the Application QoS screen, on the line where the remote WANJet appliance or WAN link containing the Application QoS policy is listed, click Save As Template.
3.
4.
From Enterprise Manager, use the Changesets feature to apply this Application QoS policy to multiple WANJet appliances. Follow through the screens specifying required information, and note the following tips:
For the Source, select Device and point to the WANJet appliance where you created the Application QoS policy.
On the Class Selection screen, from the Available path list, move WAN Optimization/Quality of Service to the Selected list.
5.
Deploy the changeset using the Staged Changesets feature.
Note these tips:
The changesets completely overwrite any Application QoS policies on the appliances where you deploy them.
You can create a device group that includes all WANJet appliances where you want to deploy the Application QoS policy. (You can use the same group for deploying both types of policies.)
You can save the changeset and use the Staged Changeset feature to deploy the Application QoS policy template.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)