1. PacketShaper® Product Overview

2. Agenda Bridging the WAN-Application Gap
PacketShaper and integrated modules
A close look inline at each module in terms of:
Why is it important?
What problems does it solve?
How does it help?
How does it work?
Why is it different?
What are the benefits?

3. About the PacketShaper System: PacketShaper Appliances
Appliance deployed
All-in one single box
LAN side of WAN router
128kbps – 1Gbps range
Centrally managed
Hardware platform
1- and 2-U rack-mountable models
Transparent
No changes to applications or network
Scalable, available, reliable
Fail-safe
Hardware bypass on power down or failure
Supports redundancy
Direct standby failover configurations
PacketShaper is an all-in-one scalable range of appliances that provide all the functions necessary to optimize application performance to branch offices across the WAN.

4. PacketShaper Range
Branch Office
Enterprise Core

5. The Packeteer PacketShaper: Bridging the WAN-Application Gap
Unique, deep visibility into all traffic on the WAN
Shaping Module
Compression Module
Acceleration Module
Control and optimize WAN traffic; match your business
See what the problems are and set about solving them
Centralized management implemented at any stage
Monitoring Module
PacketShaper
PacketShaper is an integrated appliance that helps to bridge the gap between the network and applications. Available with several different modules that integrate together on the simple system, PacketShaper solutions are unique and flexible.
PacketShaper is delivered to customers in modular form, reflecting the customer’s business requirements and providing them with visibility into their network so they can see what the problems are and then set about solving them.
The Monitoring Module gives you the visibility that you need to manage issues by discovering all the applications on the network, tracking utilization and the response times of your critical applications and allowing you to establish service levels within the organization. This also helps you diagnose problems and issues as they emerge on the network so that you can employ the right tools to figure out how to fix them.
The Shaping Module gives you control over bandwidth allocation. QoS provisioning helps you ensure performance of your critical applications, like voice, for your customer-critical ERP application or any application on the network. It helps you protect the availability of the network and applications from emerging threats (i.e. distributed denial service attacks (DDoS), worms, viruses and things like that). And basically, it allows you to align the network cost with the business.
The Compression Module is there to help you create bandwidth by decreasing the traffic on the network and increasing capacity to relieve congestion.
And lastly, the new Acceleration Module helps to overcome protocol design limitations and accelerate performance of applications of the network.
To minimize Total Cost of Ownership (TCO), centralized management tools called ReportCenter and PolicyCenter can be added to the deployed PacketShapers.
Let’s look at a typical deployment progression and how the modules and management tools become part of the all-in-one PacketShaper solution.
PolicyCenter
ReportCenter
Monitoring Module for Visibility
Standard on all PacketShaper models
Discover applications on the network
Track application response and SLAs
Diagnose problems and issues
Shaping Module for Control
QoS provisioning to ensure performance of critical applications
Align network costs with the business
Compression Module to Reduce WAN Data
Decrease traffic by compressing data
Increase capacity of network services
Acceleration Module Increases Performance
Overcome protocol design limits and latency
Accelerate performance
Centralized Management Software
ReportCenter and PolicyCenter
Reduce TCO

6. Example Deployment Progression
Gain Visibility Core PacketShaper Monitoring Module 1
Enhance Performance Software Key Upgrade Acceleration Modules 4
WAN Core
Increase Capacity Add PacketShaper to edge Compression Modules 3
Get Control Software Key Upgrade Shaping Module 2
PacketShaper deployments typically begin with an appliance at a main site where the LAN meets the WAN. The core Monitoring Module present in all PacketShapers gives IT organizations absolute visibility into the traffic, applications and user behavior between the Main site and branch offices. As well as providing deep visibility for IS personnel, this lays the foundation for application-intelligent shaping, compression and acceleration of traffic as the deployment progresses. This visibility into all the applications on the network reveals many things: How well the applications are performing, how much bandwidth they’re using, how critical applications are responding. In fact, you may find that upwards of 60% of your bandwidth is going to recreational traffic or there’s a lot of congestion and your voice keeps getting stepped on.
Next, you can introduce the PacketShaper Shaping Module via a simple software key upgrade, giving you QoS provisioning capability. Now you can provision bandwidth to cap those recreational applications, and with our patented TCP rate control technologies, you can manage the flow rate of all the applications on the network that use TCP (which is 80 to 90% of the applications on the network), even from that single point in the network. It’s a very powerful capability from just a single implementation in your WAN core, and that’s very unique to Packeteer.
Next, by deploying PacketShapers equipped with a Compression Module at the WAN edge, customers can apply application-intelligent compression across the WAN to create new capacity without buying more bandwidth. Unlike probes which are replaced by this stage, PacketShapers deployed in your branch offices mean you don’t just see what is going on in the WAN, but that you can actually control WAN traffic and increase capacity for customer-critical apps, and in general solve problems in an application-intelligent way.
Next, using the new Acceleration Module you can overcome fundamental latency problems and IP protocol behavior to enhance performance for customer-critical apps and processes.
And finally, to lower the costs associated with management of remote systems, customers typically implement the PacketShaper centralized management systems. Once you get into a larger deployment, ReportCenter and PolicyCenter are there to help you lower the cost of ownership and make it much easier to manage those applications from a single console.
Lower TCO Centralized Management PolicyCenter and ReportCenter 5
WAN Edge

7. Benefits of Integrating WAN Application Optimization
Manage the entire process
Assessing the issues
Choosing the tools
Resolving emergent problems
Key feedback relationships between optimization tools
QoS provisions the pipe to applications
Compression changes the size of the pipe
Acceleration needs to know how much pipe there is to fill
Need to work together
Manage all types of applications
Customer critical, latency sensitive applications
Collaborative documents & files
Real time communications
IT Infrastructure
Recreational and malicious
Monitoring Issue Analysis
Acceleration
Enhanced Performance
Integrated Application
Optimization
Shaping
QOS Provisioning
Before we launch into the detail of the individual modules and tools, let’s stop for a moment to talk about why it’s important to integrate all these different technologies in a WAN application optimization solution. First of all, you know Packeteer combines monitoring, shaping, compression and acceleration in a single appliance. This allows customers to manage the entire process. You can assess what the issues are on the network. You can then intelligently choose the right tools in order to fix a problem. You don’t need to employ acceleration unless you have applications that need it and network environments that benefit from it. It also allows you to resolve emerging problems that you may not have anticipated. You can really manage the entire process, from assessment and choosing the tools, to solving the problems and proactively avoiding problems you’ve never even thought of.
The next reason is a very key qualifier between different optimization tools. QoS provisions the pipe to different application users. Compression changes the size of the pipe. So those two have to work together to understand what is QoS provisioning. And by the way, acceleration needs to know how much pipe there is to fill; otherwise how is it going to know how fast to go? So all of those are key technologies that work together seamlessly in a PacketShaper. They need to work together to optimize the applications in your customer’s environment.
And lastly, Packeteer aims to manage all types of applications, including customer-critical, latency-sensitive applications, collaborative documents and files, voice and video, IT infrastructure like DNS, DHCP, the authentication technologies and also recreational and malicious traffic. There are upwards of a 1,000 applications on enterprise networks today. And you need all these tools to manage all those different types of traffic effectively. Packeteer does it very effectively with a proven, integrated solution that helps you manage not only the entire process but all types of applications.
Compression
Increased Capacity

8. About Monitoring: Identify Issues and Select the Right Tools
Monitoring provides visibility:
Identify applications
Monitor utilization and performance
Identify network issues such as:
Recreational apps
Latency
Measure user experience
Monitor Service-Level Agreements
Benchmark app response times
Access performance diagnostics
The Monitoring Module is present in all PacketShaper products.
PacketShaper Monitoring allows you to:
Automatically identify and classify applications on your network
Audit utilization and performance by links, users or applications—such as business-critical, recreational and unsanctioned traffic types and WAN latency problems
Track application response times, isolate performance issues and identify server- or network-related issues
Monitor service-level agreements (SLAs) for critical applications or links that impact network performance and user experience
Access performance diagnostics including connection profiling and server responses (TCP Health), traffic captures, traffic forensic history and more

9. Why is PacketShaper Monitoring Important?
Before you can deal with application performance issues, you need to know what’s using the bandwidth!
A survey we did with Network World revealed that more than 75 percent of IT managers don’t know what’s running on the network. Half of those surveyed have a general idea and are not happy about what they think might be competing with their multi-million dollar ERP application suite.
The typical large U.S. enterprise allots 53 percent of its bandwidth to recreational applications and only 14 percent to business-critical applications such as Oracle and Citrix, according to a 2003 IDC report.
Do you know how much bandwidth HTTP traffic is using? Do you know how much bandwidth is using? What about music downloads?
Ask the audience, show of hands “What Do You Know About Your WAN?”
• Do applications meet your users’ expectations? Do they meet committed service levels?
• Which applications are running on your WAN? Which use the most resources?
• How much of your bandwidth budget is consumed by critical versus recreational traffic?
• Which users and which branch offices are the top consumers of a particular application?
• How does each MPLS class of service perform? Does performance match service
class and cost?
• Do remote locations get all the bandwidth they pay for? Do they need all of it?
Are they using it efficiently?
Sources: *Network World / Packeteer Application Performance Survey

10. Problems Caused by Lack of Visibility
No information to match WAN usage to business objectives
No proper idea of return on bandwidth investment
Difficulty in ensuring SLA for projects such as convergence and MPLS
No grasp on network performance:
Utilization
Efficiency
Response times
No ability to perform diagnostics
To run the business effectively, you need to know what’s happening on your network.
Projects that are currently front-of-mind for you maybe focused on VoIP and MPLS visibility. These represent two very important projects in many enterprise customers today. Both require major changes to physical network layout and operational network management. They also both typically require additional hardware and training.
We’ll see how PacketShaper’s solution for monitoring and automatic traffic discovery offers unparalleled visibility into what’s running on the network.

11. PacketShaper Visibility Solution
Layer 7 Plus
Goes beyond simple address and port-based analysis
Unique to PacketShaper
Provides application-intelligence for:
Performance monitoring
Flow forensics
PacketShaper Shaping and Compression functions
Automatic Traffic Discovery
Analyze and automatically classify all WAN traffic
PacketShaper analyzes traffic running across the WAN, inspecting at all layers of the protocol stack and using unique industry-leading techniques we call Layer 7 Plus to identify network applications. PacketShaper can identify and classify over 500 applications. This deep knowledge of applications is unique to PacketShaper and provides “application-intelligence” to customers to monitor performance and investigate problems, while providing the other PacketShaper modules with the information they need to do their jobs in a more intelligent way.

12. Monitoring Technology: Industry-Leading Layer 7 Plus Classification
Unique to Packeteer
Empowers IT organizations to:
Identify applications on the network
Measure utilization by application
Benchmark response times & SLA’s for key applications
Diagnose & isolate causes of performance problems
This diagram shows how Layer 7 eclipses other flavors of methods available on other products.
Layer 7 Plus enables PacketShaper to auto-classify over 500 applications. It provides the deepest insight into application sub-classifications, validation methods, and behavioral characteristics, and uses unique multi-packet flow analysis and profiling intelligence for encrypted, tunneled and evasive applications.
Layer 7 Plus goes way beyond traditional Layer 7 products, which can identify only well-known, well-behaved applications and HTTP and FTP transactions that use unique and published port numbers.
To be truly useful, traffic analysis needs to be more “application-intelligent” than simple address- and port-based analysis because:
1) Many applications share the same ports – web-enabled business applications, casual Web browsing, and music sharing can all communicate over port 80. If you only had port-based analysis, you wouldn’t be able to tell the difference between unimportant Web browsing and business-critical Web traffic.
2) Many applications dynamically negotiate port assignments as they establish connections. Many evasive applications (and business applications) utilize encryption and tunneling techniques either to protect or obscure the underlying application type. If you only used port-based analysis, you would have no visibility into traffic from such applications.
Think about music and media downloads. Music sharing applications like KaZaA can be configured to run over port 80 masquerading as Web traffic. With the increase in Web-enabled applications, it’s important to distinguish between music downloads with an MPEG content-type and more important e-Commerce traffic with an XML content-type.
PacketShaper is the only solution that provides the intelligence and flexibility needed to manage traffic according to business priorities.

13. Monitoring Technology: Automatic Traffic Discovery
Place PacketShaper at WAN/LAN threshold
Turn on traffic discovery
PacketShaper maps traffic to its classification library
Automatically builds a list of the applications running on your network
Starts collecting performance data
Utilization
Efficiency
Response times
The PacketShaper solution for visibility uses something called automatic traffic discovery, which enables you to simply deploy the product, turn on traffic discovery and it automatically inspects the traffic, mapping it to its classification library and building a list of the applications running on your network. This is extremely valuable… if you don’t have this, all the rich classification would not help you - you wouldn’t know where to start classifying because you don’t know what you don’t know!
And the solution is very easy to implement. Just deploy it, answer a few basic questions like the IP address, DNS server, turn on automatic traffic discovery and walk away. Come back the next day and you’ll see a list, like on this slide, of the applications that are running on your network. Even better, we also start collecting performance data, so you’ll get information like: “How much bandwidth is that application using?” “Is it running efficiently?” “Are there a lot of retransmissions?” “What is the response time of that application?” and “Who are the top users of the application?”

14. Monitoring: Alternatives
Increasing app intelligence
Layer 7 Plus goes beyond to reveal:
Sophisticated app behavior profiling
Benefit from 10 years of Packeteer technology and industry leadership
“Layer 7”
Can identify application-level protocols
“Stateful Inspection”
Can spot applications that “port hop”
Port level analysis
Probes, network devices
Limited to static port visibility
As we’ve seen, traditional networking products only operate up through the port level of the TCP stack, providing extremely limited visibility of network applications.
Things like typical network devices and routers and probes provide low-level network information about protocol underpinnings. They don’t help diagnose problems on a per-application or per-database basis… only things like packet rates on a particular interface or per-device. You won’t get the level of detail needed to differentiate SAP traffic usage rates, for example, or the ability to actually fix the problem. They are designed for a bottom-up, fault-driven architecture. Then network and IT managers map support processes to that architecture. The demands to optimize application performance will force network managers to rethink their existing tools and processes to be more performance-based. This isn’t useful when your users experience things at the application level – you have no insight into how they see their experience. Casual Web browsing, Web-enabled business applications and music sharing can all communicate over port 80. If you only use port-based analysis, any policy you set would treat unimportant Web browsing and business-critical Web traffic identically. More granularity is needed to manage bandwidth according to business priorities. Additionally, many applications do not use a static, well defined port, but dynamically negotiate port assignments as they establish connections.
Some more sophisticated devices can classify at the next step with stateful inspection – the ability to track applications as they port hop. An example of dynamic port is a file transfer that happens within a Web browser using something called passive FTP where it sets up on port 20 like traditional FTP does but then it dynamically negotiates ports to 8000 and “something” – that’s how the application works.
Moving up the food chain, next is Layer 7 – many vendors make the marketing claim that they do analysis at Layer 7. They may do classification by HTTP based on URL – since the application header is fixed, it’s easy to identify the traffic as HTTP traffic. They may see application protocol and port behavior, but miss behavioral signatures and profiling of encrypted or tunneled apps that make it impossible to effectively classify and control at that level.
So unless you go deeper like Packeteer does, what you miss is music downloads over HTTP, applications tunneled within HTTP, Oracle running over HTTP or SAP running over HTTP. If you cannot distinguish one type of HTTP traffic over another, how can you make sure Oracle or SAP are performing to support the business? How can you effectively monitor the traffic and then ultimately control it? Packeteer has the most comprehensive capabilities in the industry to allow you to do this.

15. Value Summary Monitoring
Identify issues and select the right tools
Identify and classify applications
Monitor utilization and performance
Identify network issues such as recreational apps and latency
Measure user experience
Monitor Service Level Agreements
Benchmark app response times
Access performance diagnostics

16. About Shaping Apply Business Rules to WAN Traffic
Shaping provides control to:
Fix critical application performance issues by allocating bandwidth
Contain recreational and malicious traffic
Minimize network congestion and latency
The Shaping Module allows you to control WAN applications to fix customer-critical application performance issues by appropriately allocating bandwidth. Stop the cycle of bandwidth upgrades and streamline the network by controlling recreational and malicious traffic. And finally to minimize network congestion, queuing latency and inefficiencies that hurt application response times between remote locations.

17. Why is PacketShaper Shaping Important?
To ensure Quality of Service for customer-critical apps:
Smooth unpredictable QOS for customer critical apps
Prevent recreational and bandwidth hungry apps competing for limited bandwidth
To avoid network congestion
Cure congestion, queuing latency and inefficiencies hurt application response times
Eliminate Branch office delays between remote locations.
To protect WAN from DoS
Stop uncontrolled recreational traffic and malicious traffic
Shaping is important because it can bring predictability to ensure Quality of Service (QoS) for customer-critical apps, so your users get a consistently great experience at that branch office. They are not waiting for hours for their Oracle client to load while recreational- and bandwidth-hungry apps and downloads are competing for limited bandwidth.
Shaping is also what allows you to protect from Denial of Service and other malicious floods (we’ll see how you can respond to that as soon as it happens), in addition to helping you to avoid network congestion and cure the congestion that has an effect to slow response times at remote office.
There’s a lot of things competing for a finite amount of bandwidth; shaping is what lets you apply business rules to that.

18. Problems Caused by Lack of Control
Branch Offices
Recreational apps: Surfing the Internet, iTunes, VOD, P2P, Skype, Virus & Worm propagation
All apps compete for less bandwidth
Bandwidth-hungry apps: , File Transfers, Backup, Database Sync, Distributed Storage
So let’s look at the challenges we face on the WAN – this graphic really illustrates the fundamental challenge, which is the fact that we have a LAN with much greater capacity connecting to a WAN with much less capacity. 10 Mb or 100Mb switched or gigabit - very common in the enterprise. On the other side of that is the WAN with common connection speeds of 128K, 256K, or if you’re lucky a T1/E1 – between large datacenters maybe you’ll have a T3/E3. A T1 is 1.54 Mb per second – a much smaller connection than the local area network feeding it.
As part of a distributed network or as a result of server consolidation, you have a whole new dynamic. Latency sensitive business applications like voice and SAP, your bandwidth intensive business applications like or file transfers between two engineering groups for document check-in – important but not terribly delay sensitive - and then you have non-business traffic – casual Web surfing, P2P downloads, worm and virus propagation - all of these applications will compete for that small amount of bandwidth on the WAN.
With “limited” WAN bandwidth and challenges due to latency and congestion, control over which applications use that bandwidth becomes even more critical.
Router
64k to T1/E1
WAN
Latency Sensitive Business apps:
SAP, Oracle, Siebel PeopleSoft, VoIP, IP Video, Mainframe
10Meg to 1Gig

19. PacketShaper Control Solution
Branch Offices
Recreational apps: Surfing the Internet, iTunes, VOD, P2P, Skype, Virus & Worm propagation
Apps’ bandwidth matches business requirements
Bandwidth-hungry apps: , File Transfers, Backup, Database Sync, Distributed Storage
This is the “after” view of the previous slide. What you see here is that the traffic has been “smoothed out” – the bandwidth intensive applications and non-business applications are no longer taking up all the bandwidth. No matter what happens, your business-critical applications are getting the bandwidth they need.
Packeteer invented the bandwidth management market in 1996, we used to call it “crowd control for the network”. PacketShaper now contains the most sophisticated, and patented, methods of controlling how traffic flows over the network.
Partitions and policies can be used to protect the critical application and contain or block malicious and recreational traffic.
Bandwidth management also has the effect of smoothing bursty traffic to reduce congestion from end-to-end and improve overall network performance and efficiency.
Packeteer is the only vendor that offers per session guarantees, which are critical to the performance of applications like Citrix, video and voice traffic.
Packeteer is also the only vendor that offers bi-directional control that keeps congestion free on both ends. This is counter to other solutions that just use queuing, which only works in the outbound direction and is a reactive solution that only comes into play after there is congestion.
Router
64k to T1/E1
WAN
Latency Sensitive Business apps:
SAP, Oracle, Siebel PeopleSoft, VoIP, IP Video, Mainframe
10Meg to 1Gig

20. Shaping Technology: Policies and Partitions
Policy-based control definitions and partitions by:
Site or server
Application
User or user group
Beyond Standard QoS
Apply policies to protect critical traffic
Smooth disruptive, bandwidth-intensive traffic
Contain recreational traffic
Block malicious traffic
Set priorities to protect business-critical apps
Packeteer offers a complete suite of sophisticated, patented technologies to ensure availability for the most important applications.
You can protect SAP, Oracle, VoIP and other business-critical applications and prioritize them over other applications.
As we can see in the illustrations, you can contain or even block traffic – you probably want to block malicious traffic, but maybe you also want to block P2P applications, - you can do this with our solution. Or maybe you just need to smooth your business applications that are “bursty” like large file transfers.
Standard QoS technologies—RED, WRED and dual leaky bucket—are passive queuing techniques that only react to congestion conditions. If there's too much traffic for a given link, they either hold (queue) or drop packets, resulting in poor application performance because data is stuck or the connection has throttled back. Also, retransmission sends the same data twice, wasting bandwidth.
An elegant component of Packeteer’s policy framework is the use of dynamic partitions, per-user partitions that automatically manage each user's—or groups of users'—bandwidth allocation across one or more applications. Very useful for equitable bandwidth allocation, dynamic partitions provide the ability to easily scale bandwidth fairness, simplifying administrative overhead and allow over-subscription
Non-critical apps can use remaining bandwidth

21. Shaping Technology: Rate Control and Predictive Scheduler
Manages congestion proactively
Latency reduced
Packets drops minimized
Fewer retransmissions
Improved application performance.
Improve efficiency to increase throughput
Without Shaping
With Shaping
Packeteer's Rate Control engines work at the flow level to calculate aggregate network resource supply and application demand conditions, moment-to-moment. With real-time flow speed detection, the engine calculates a demand vector for each application flow; the Predictive Scheduler is able to forecast packet-arrival times that affect the supply and demand equations.
The predictive scheduler anticipates congestion. TCP Rate Control manages datastream to less important applications to slow down transmission speed—as it travels from a server in Dallas to a branch office in Boston. The impact of our patented technology is huge—latency reduced, packets drops minimized, fewer retransmissions and improved application performance.
Traditionally we’ve seen queues in routers - priority queuing, weighted fair queuing, class-based queuing, class-based weighted fair queuing. All of this is about making some traffic wait while other traffic goes through. But what happens is that while you make that traffic wait, it could be retransmitted by the sending system because of a timer, and if it does not receive an acknowledgement of receipt in a certain amount of time, it will consider the data lost, and retransmit it. Often what the router will do is hold the traffic so long that the end system retransmits it.
This slide really illustrates the dramatic impact that shaping can have on a network. Just by enabling shaping and setting the link speed, this customer was able to both smooth out the bursty traffic, and nearly eliminate the drops caused by congestion. The network went from consistently losing around 25% of packets that had to be re-transmitted, to only losing 1-2%.
This has the impact of improving overall throughput and in this case was equivalent to adding 35% additional bandwidth, and dramatically improving application performance considering the applications no longer had to wait for all of those retransmissions.

22. Shaping Technology: Application-specific Control
Application Session Provisioning provides:
Hierarchical subclassifications of apps
Per call or per session differentiation
Far richer classification than routers
Layer 7 Plus differentiation
Customer-critical over recreational apps
Latency-sensitive over bandwidth-hungry apps
TCP and UDP Rate Control
Managed on a flow- by flow basis at application level
Guaranteed delay bounds for IP telephony on converged networks
Leverage Packeteer QoS technologies to provision bandwidth for specific application sessions. With our Layer 7 Plus technology providing application-intelligence, you can differentiate business-critical traffic from recreational and less important applications and use rate policies to ensure a minimum rate per individual application session. Allow that session prioritized access to excess bandwidth. Then set a limit on the total bandwidth it can use. A policy can keep greedy traffic in line or protect latency-sensitive sessions. Unused bandwidth is automatically lent to other applications.
Consider non-TCP traffic—via UDP-based applications that represent about 10 to 20 percent of network traffic, including Voice and Video over IP (VoIP). Our UDP Rate Control technology leverages the same aggregate view of the network supply/application demand equation and the Predictive Scheduler to provide UDP applications effective QoS.
PacketShaper manages UDP packets on a flow-by-flow basis—at the application level—providing much more intelligent management than aggregate queuing schemes. UDP delay bounds allow you to specify how long packets can remain buffered during times of congestion. For example, a delay bound of 200 ms is appropriate for a streaming audio flow.
Select priority policy—for transaction-oriented traffic—or rate policy classes for persistent UDP traffic like VoIP. Use a minimum rate for each UDP flow guaranteed in bits-per-second—24 kbps to each VoIP stream, for example.

23. Shaping Technology: Behavioral Threat Suppression
Auto-detection of suspect servers and traffic
Spoofing hosts
Virus infected hosts
Tell-tale behavior
Too many connections
Too many failed connections
Syn attacks
Implement network-level availability for business continuity
Automatic, immediate response to attacks
Automatic quarantine of suspect hosts
Intelligent throttling of malicious traffic during DoS floods
Forensic information recorded
Zero Day Gap
Cost
Outbreak
Time
Business continuity
Worm, virus and other Distributed Denial of Service (DDoS) problems can bring down a network immediately. As malicious code attempts to spread, they create floods of connections to probe for vulnerable computers. PacketShaper’s Behavioral Threat Suppression technologies track flows per application and per host—providing the tools to finding and stopping infected hosts.
Packeteer identifies hosts that are initiating large numbers of flows—using Flow Limit policies to immediately curtail impact of infected hosts, by dropping excess flows and containing the infection. Network security is enhanced and network availability is assured during times of attack.
Flow Detail Records (FDR) provide a detailed repository for forensic and compliance purposes.

24. Shaping Technology: Enhanced QoS
Bi-directional control - outbound and inbound from a single device
Complements router based QoS in VPNs
Complements MPLS
Packeteer's unique bi-directional QoS services truly cover in-bound traffic, while other queuing technologies usually only address dropped traffic after its crossed the WAN, resulting in wasted bandwidth and added congestion.
TCP Rate Control manages the rate at which data is put onto the network, enabling you to allocate bandwidth among several remote sites and servers.
This is important especially in IP VPNs (via Internet or MPLS), in which a single PVC delivers connectivity to many different sites without the benefit of site-to-site PVCs to control allocations of bandwidth. What happens when there's too much traffic from five different sites to a branch location? Don't look to an MPLS network with marked service classes. And what about too much Class A traffic for a given link? Congestion in the carrier's network goes through the queue/hold/drop problems. Not an issue with Packeteer.
Let’s look at how Shaping complements MPLS.

25. Shaping: Intelligent Marking for MPLS Networks
more
Shaping: Intelligent Marking for MPLS Networks
Layer 7 Plus intelligence and Application Session Provisioning enable accurate marking of application traffic
WAN Core–Main Site
DiffServ, MPLS, TOS
VoIP
Bandwidth allocation
Classes of Service
SAP
256 Kbps
Packet marking standards have evolved over time. First, CoS/ToS (Class and Type of Service bits) were incorporated into IP. Then, Diffserv became the newer marking protocol for uniform quality of service (QoS), essentially the same as ToS bits, just more of them. And more recently, MPLS emerged as the newest standard, integrating the ability to specify a network path with class of service for consistent QoS.
MPLS has been adopted by organizations hoping to take advantage of different classes of service and ensure appropriate application performance. However, they often discover that placing key applications into premium service classes does not reap the expected benefits. The right traffic does not get placed in the right MPLS service class. Premium classes deliver sub-premium performance as they drown in copious non-urgent traffic; important applications are improperly assigned to only best-effort classes. Also, traffic gets hung up in a congested bottleneck just before each entry point to the provider’s MPLS network with unmanaged traffic heading into a LAN (inbound) at an inappropriately high flow rate.
Think of it terms of an airline, where they offer first class, business class and economy class across their WAN. You’ll pay more for first class, but you’ll get better performance across the carrier’s network – that’s the claim. And that’s great – that will help you more effectively deliver better performance for your applications. But there are challenges. The first challenge is that this only applies to the carrier’s network. So you are still left with congestion and with the contention for bandwidth going from the LAN to the WAN – that problem is not solved with MPLS – Packeteer solves it. The other challenge is this: how do you make sure SAP running over port 80 on HTTP goes into the “first class” service level and other HTTP applications running over port 80 do not? MPLS does not solve this problem. Why would you want to pay for “first class service” for casual Web-browsing?
768 Kbps
Best effort
Branch Offices
MPLS Backbone
PacketShaper

26. Shaping: PacketShaper and MPLS Working Together
PacketShaper Automatic service classification
MPLS Limited classes
MPLS leverages multiple service classes—assigning different ones to different applications with different performance characteristics. There are hundreds of different traffic and application types running across the WAN—business applications, recreational applications, "invisible" services—and only a handful of service classes. Using our advanced Layer 7 Plus technology, Packeteer automatically classifies applications—identifying and then marking them with the proper DiffServ Code Point (or VLAN tag) to get them into the proper service class.
So you can see here that the real-time video and H.323 IP Telephony traffic which needs immediate and priority bandwidth is allocated over apps that are less real-time critical, apps that are purely recreational which fall into the best effort service class.
PacketShaper can apply its rich classification features and differentiate between those traffic types, mark it and make sure it goes into the right class of service.

27. Shaping: Alternatives – Router-based QoS
Manage bandwidth passively and react to congestion and packet loss
Use port-based application traffic classification
Use various packet-based queuing methods that:
Are not bi-directional
Cannot control inbound traffic at the other edge
Add delay to transaction time and latency
Cannot provide per-flow guarantees
Are only truly effective as part of a comprehensive control strategy
Are managed on a per-router basis
Big management overhead in distributed deployments
Routers provide queuing technology that buffers waiting packets on a congested network. A variety of queuing schemes - including weighted fair queuing, priority output queuing and custom queuing - attempt to prioritize and distribute bandwidth to individual data flows so that low-volume applications don’t get overtaken by large transfers. Router-based, queuing-only solutions have improved. For example, they can now enforce per traffic type aggregate bandwidth rates for any traffic type they can differentiate. But a variety of router and queuing limitations remain, for example:
Routers manage bandwidth passively, discarding packets and providing no direct feedback to end systems.
Traffic classification is too coarse and overly dependent on port matching and IP addresses. Routers can’t automatically detect and identify many applications as they pass. They can’t identify non-IP traffic, much VoIP traffic, peer-to-peer traffic, games, HTTP on non-standard ports, non-HTTP traffic on port 80 and other types of traffic. Their inability to distinguish traffic severely limits their ability to control it appropriately.
Routers use queuing (buffering and waiting) or packet tossing to try to control traffic sources and their rates. Queues, by their definition, oblige traffic to wait in lines and add delay to transaction time. Dropping packets is even worse for TCP applications since it forces the application to wait for a timeout and then retransmit. Queues do not proactively control the rate at which traffic enters the wide-area network at the other edge of a connection. Queuing-based solutions are not bi-directional and do not control the rate at which traffic travels into a LAN from a WAN, where there is no queue. Queuing addresses a problem only after congestion occurs. It’s an after-the-fact approach to a real-time problem. Queuing is a good tactic, and one that should be incorporated into any reasonable performance solution. But it doesn’t stand alone as an effective solution.

28. Shaping: Alternatives – Packet Marking and MPLS
Applies only to carriers core
Provisioned WAN service, not the entire link
No way of assigning preference at the last mile
Biggest bottleneck is typically last mile
Aggregate shaping only
Treats all connection requests the same
Lacks ability to assign limit to number of call requests
Needs complementary technology to overcome deficiencies
Application classification for accurate marking
Packet rate, bandwidth and flow control
The advantages of packet marking are clear. It is proactive and does not wait until a problem occurs before taking action. It is an industry-standard system that different equipment from different vendors all incorporate, ensuring consistent treatment. But, as with queuing, it doesn’t stand alone as an effective solution.
MPLS provides for aggregate shaping only and treats all connection requests the same. It lacks the ability to assign a limit to the number of call requests, so unlike PacketShaper which can deny say the 12th call to avoid congestion, MPLS will assign the same priority to the 12th, 13th and all subsequent call requests regardless of how much congestion that may cause.
MPLS also applies to the provisioned WAN service – it does not offer any control over assigning preference at the last mile.
Finally, as we’ve seen, PacketShaper complements MPLS. It overcomes marking’s fundamental deficiencies by providing very granular differentiation between types of traffic/applications so that the proper distinguishing markers can be applied and control enforced over the rate at which packets enter and exit the WAN and apply explicit bandwidth minimums and maximums and control the number of allowed flows for a given type of traffic or a given sender.

29. Router-based QoS Compared to PacketShaper Inbound Rate Control
Configured in all the branches and Data Center, router-based Queuing relies on the bulk transfers being throttled down after packet loss…
Branch Offices A
Bulk Data
512Kbps
Let’s look at an example that shows the difference.
With router-based QoS, you can apply priorities between port-based differentiated apps in the outbound direction, in this example on Citrix and bulk data from the Branch offices. As we’ve seen, PacketShaper has a much more intelligent differentiation between apps, but in this simple example, let’s say you have applied a higher priority for Citrix and a lower priority for the bulk data. All outbound queues on the routers work independently of each other and will correctly apply the policies set. If Branches A and C only have bulk data to send then that traffic will interfere with Citrix traffic from B before entering the router at the Core. Packeteer's Rate Control mechanism not only has a complete overview why there is congestion in the core, it is also capable of preventing the QoS offending flows from exceeding their available bandwidth before congestion occurs. This is done end-to-end without needing dual-sided devices that must intercommunicate and through mechanisms readily available in the TCP/IP standard.
Note that some QoS solution offer inbound Queuing (not routers) but, again since they are queueing-based, that will only resolve the congestion caused by the Bulk data after loosing both Citrix and Bulk data packets.
1Mbps
Data Center B
512Kbps
Citrix C
Packeteer’s Patented Rate Control applied only in the Data Center slows down the Bulk traffic without packet loss and before queues can build
512Kbps
Bulk Data

30. Value Summary Shaping Apply business rules to WAN traffic
Allocate bandwidth
Apply application-intelligent QoS for customer-critical apps
Fix application performance issues at any location
Secure the WAN from DoS
Pre-empt malicious events
Control recreational or malicious traffic
Deal smartly with congestion
Minimize latencies and inefficiencies for particular apps
Shaping lets you:
Protect the performance of important applications, such as SAP and Oracle, provision steady streams for voice or video traffic to ensure smooth performance and stop applications or users from monopolizing the link by capping bandwidth using an explicit rate, percentage of capacity or priority and provision bandwidth equitably between multiple locations, groups or users
Contain unsanctioned and recreational traffic, such as P2P and music downloads, and detect attacks and limit their impact, monitor conditions of interest; then, when thresholds are crossed, automatically take immediate action to correct, document and/or notify someone of the problem.
Deal with congestion issues from an application perspective by applying application-intelligent use of marking technologies and packet flow technology to minimize latency and other inefficiencies for apps that are important to your business.

31. About Compression Reduce the Volume of WAN Traffic
Compression creates bandwidth
Increase WAN capacity over the same physical links
Application-specific compression
Improve application performance
Apply best-suited compression algorithm for each application
Eliminate configuration overhead
Application-Intelligent Symmetric Compression
Compression works between two PacketShapers—symmetrically—to engage specialized, low-latency compression algorithms. Using multiple traffic compression techniques—including multiple algorithms, fragment caching, header compression and packet bundling—our Layer 7 Plus application intelligence helps identify different application types and apply the optimal compression techniques to each—or not at all.
Application-Specific Selective Compression
To optimize compression, set up separate dictionary caches or different applications—avoiding the dilution effect where large amounts of other traffic weaken compression effectiveness. PacketShaper also chooses a different compression approach for packet payload—instead of for packet headers—applying "two pass" compression to less latency-sensitive applications.
Sometimes choosing not to compress an application is as important as compressing it. Applications—like SSL, jpeg files, VoIP data payloads and already-compressed Citrix traffic—don't generally benefit from compression and are not worth injecting even latency minimal amounts. When it makes sense, PacketShaper’s application intelligence opts not to compress, saving resources and getting better overall compression results.
Compression results vary, depending on application mix. Beware of promised 5:1 or even 10:1 compression ratios—which are based on best-case tests. A more realistic range is 2:1 to 3:1; however, 4:1 to 5:1 can be achieved if you have more compressible traffic types.
Plug-In Architecture
Packeteer's plug-in architecture enables Packeteer to add new, application-specific compression algorithms over time. We continue to update our compression technologies—releasing four new algorithms since 2003 and improving effectiveness by about 40 percent. As plug-ins, new classifications can be easily downloaded as they become available—without waiting for a major software release.
Minimize Latency: MTU Management, Packing and Rate Control
To minimize latency and further accelerate traffic, PacketShaper's MTU (maximum transmission unit) management automatically adjusts MTU size to eliminate excess delays from link serialization delay or increase MTU to eliminate overhead from headers and acknowledgements.
Selectively bundling or concatenating packets, PacketShaper evaluates packet and MTU size as well as network timing to determine if, and when, combining multiple compressed packets into a single larger packet makes sense. Packing reduces overhead and improves compression gains.
ActiveTunnel: Automatic Setup and Overload Protection
Packeteer's ActiveTunnel feature automatically detects Xpress-enabled PacketShapers on the network and builds acceleration tunnels between them. Beyond enabling Xpress—a simple matter of toggling "on"—no configuration is required to set up or maintain the tunnels.
Since high traffic volume overloads compression efforts—actually increasing latency—PacketShaper automatically detects overloaded situations and backs off or steps up, as appropriate. Traffic shaping still takes precedence over compression in situations like these.

32. Why is PacketShaper Compression Important?
Increase WAN capacity over the same physical links with application-specific compression
Improve application performance
Improve application performance and responsiveness
Apply best-suited compression algorithm for each application
Prioritize critical applications
Prioritize business-critical applications by giving them increased network capacity
Compression reduces the amount of data and therefore increases WAN capacity without paying for more bandwidth over the same physical links.
It is important to note that this is called “application-specific compression” for two reasons:
To improve application performance and responsiveness—applying the best-suited compression algorithm for each application, which is important because some apps compress, other’s don’t and some do something in between. It is important to not try to compress the uncompressible or the already compressed because there is a latency tax for compression – taking the time to try to compress that content does add latency.
Most importantly, you need to prioritize critical applications. Business-critical applications are more important and deserve increased network capacity.

33. PacketShaper Solution to Increase Capacity
Application-Intelligence applied for selective compression
Low Latency maximizes performance
ActiveTunnel eliminates configuration
Algorithm plug-ins to maximize compression
How do you know there is a device on the other end, enabling compression to take place? Today’s compression technologies, like that from Packeteer, are two-sided, which means a device is required on both ends. Packeteer has a technology called “active tunnel” that will automatically detect the device on the other end. With other compression products, you have to do things like create a static route table to tell the device whether to compress that traffic or not based upon where it’s going. With Packeteer you don’t have to do that – we have automated all of that.
And then we have compression algorithm plug-ins. Different algorithms produce different gains depending on the application. So we can easily add algorithms to apply to specific applications to get the best performance.

34. Increased Capacity with Control
Makes sense only if application specific
Control allocation before adding resources
Ensure your customer-critical applications reap benefits
Contain “bursty” non-critical traffic
Manage end-to-latency and jitter
Actively throttles traffic before congestion occurs
Compression must be tightly integrated with control. What you need to remember is that compressing traffic is no different than picking up the phone and saying to your carrier “I want to double my bandwidth.” Unless you have control in place, you are wasting your money on a compression product, because you have not done nothing to make sure that the additional capacity is going to support your business applications. Instead, maybe it will go toward allowing more music downloads… not exactly a priority for the business. You could end up without a return on the investment in bandwidth or in compression. So Packeteer’s advanced Xpress compression integrates compression with control, and you get the best of both worlds.
We also keep a close eye on things like latency and jitter – I mentioned earlier that there is a latency tax with compression, so if we’re starting to slow things down, we may back off a little bit, because it’s all about the performance of your business applications.
Compression without Control
Compression with Control

35. PacketShaper Compression Module
Compression Solution
Most customers experience between 2:1 and 3:1 gains
PacketShaper Compression Module
Web Apps
General Internet
Blended Average
Oracle
NetBIOS
100
There are many claims in the industry about compression gains. You’ll hear “we get 10:1 compression gains.” If you hear those claims, don’t start planning a downgrade from your T1 to a fractional T1 thinking “I’ll get 10X gains, therefore I can move from a T1 (1.54 Mb) per second to a 256K link”, because the 10X gains are corner cases…we get them on certain applications too. Some applications are highly compressible – text, Web forms that contain things like cascading style sheets – these contain highly compressible content. This chart will show you the gains that can typically be expected by application type. Look at Web applications – 5:1 – we’ve seen much higher compression ratios on Web applications than this. These are business Web applications with common Web forms, not necessarily general Internet. General Internet to the right of this, is more like 2:1. We’re talking about things like jpegs and gifs, and mpeg content that is already compressed, so you’re not going to experience dramatic gains. But with applications like Oracle and SAP you should see 3:1 or 4:1 compression gains. When the dust settles, our customers are seeing is 2:1 or 3:1 – this is a pretty good return on your investment. Your doubling or tripling the capacity of your network. It’s very important when you hear the claims of 10:1 to look deeper into these vendors and really understand what these numbers are. 75
% Increase in capacity 50 25
3:1
5:1
2:1
2.5:1
4:1
2.5:1
* Mix of traffic determines actual gains

36. Value Summary Compression
Reduce the Volume of WAN Traffic
Compression creates bandwidth
Increase WAN capacity over the same physical links
Application-specific compression
Improve application performance
Apply best-suited compression algorithm for each application
Eliminate configuration overhead

37. About Centralized Management
Manage PacketShaper deployments in branch offices from a central site
Reduce Total Cost of Ownership (TCO)
ReportCenter
PolicyCenter
Enable automation management tasks
Reporting and alerts
Configuration management

38. Why is Management Important?
Appliances
Management
Performance Data
Monitoring
Shaping
Compression
Acceleration
Configurations
Exceptions Reports
Service Levels Applied
Let’s talk about managing the enterprise-wide system. There are a number of reasons management is important to improve the total Cost of Ownership (TCO) of distributed, geographically remote implementations.
There are the appliances that sit on the network at each location and provide all the benefits we have looked at - the visibility, control, compression and acceleration for the traffic traversing that link. To reap the maximum benefit, however, appliances need to be managed effectively so that TCO doesn’t become a problem. Ideally, they will send the performance data to a central site so you can have a consolidated view of network and application performance delivered live to where the IS staff is.
In the other direction, configurations and new policies are pushed to the appliances from a centralized management application at the central site. “What policies do I want to configure?” “How do I want to configure the service levels I want to monitor?” Then exception reports are sent back to the management system from each of the appliances. In order to scale this solution and reduce TCO, we made the appliances as intelligent as they can possibly be. Ultimately you want the appliances to tell the operator when there is a problem, and better yet, to take the next step and tell the operator that there was a problem and the problem was fixed automatically.
Diagnostic Access

39. Enterprise-class Requirements for Centralized Management
Centralized analysis and reporting: collection, storage, analysis, report distribution
Centralized policy management and device administration
Rich APIs and alerts, leading vendor integration
Automation tools
The next requirement is managing all of this at the lowest possible cost of ownership. How can you reduce the cost of managing hundreds of devices across the enterprise? Packeteer offers advanced central management applications. ReportCenter collects all that rich data and make it actionable – to answer questions like: “How is SAP performing across the organization?” “How much bandwidth is each site using and what applications are consuming it?” And then there’s PolicyCenter, which enables you to set a policy for SAP, for Oracle, for Citrix, for voice, and deploy it to all 500 devices. The goal here is to make it as easy and inexpensive to manage 500 devices as it is to manage one or two.
ReportCenter provides deep insight to many PacketShapers
PolicyCenter simplifies deployment, configuration and response
Adaptive Response can identify and respond automatically
PolicyCenter
ReportCenter

40. Management Workflow 1 2 3 4 5 6 Start
…with PolicyCenter at overview level of hierarchy Focus from application or network perspective
Scan
…for abnormalities Problems may be highlighted by exception thresholds, load, or utilization 2
Analyze
…the detail Identify groups trending toward problems or triggering exception thresholds 3
Workflow is really important. It’s not just about aggregating data and providing reports. It’s about building a workflow that makes sense for all the users. In this graph you see the workflow that we follow in our report design – all of these reports are available out of the box – you don’t have to build your own reports. Start with an overview – at the high level you see an overview and all the levels of hierarchy. You can quickly scan for abnormalities – for anything unusual, then click on that and get progressively more detail necessary to investigate it. Find the source of the issue, and then act – by going to PolicyCenter and setting a policy to correct it. Maybe an Oracle application was running slowly at one of my sites– I look into this and find that a new application was consuming too much bandwidth, so I set a policy to limit how much bandwidth this application can use, solving the problem so it does not come back at any location.
Identify
…the source of the issue or problem Detailed metrics at all levels help isolate the source. 4
Act! 5
…with PolicyCenter to resolve the problem
Automate? 6
…consider using Adaptive Response to automate

41. ReportCenter: Centralized Reporting for all PacketShaper Appliances
Comprehensive – real time and historic
Network-wide performance analysis and management
Easy report distribution and access, per user
Fast flexible hierarchy – workflow-based
Let’s look more closely at ReportCenter. Report Center gives you central reporting for all Packeteer appliances. All that rich visibility data that is resident at each device is aggregated into a central repository.
ReportCenter can do trending, comparisons, provide high-level views and also drill down into the details. I can look at SAP performance, bandwidth utilization for SAP and who is using it – and what other applications are those users running? All this is available with ReportCenter. It’s very comprehensive, with infrastructure-wide views, it’s easy to access and create tailored reports – one for the operator, one for the IT Director, one for the CIO – all configurable. The CIO may log in once a day for a quick look at the key applications, whereas the operator may look at it it all day long. We’ve built tailored workflows focused on fast, flexible drill downs – look at the summary information and the high-level details, and then quickly and easily move down the hierarchy to get to the specifics you need.

42. ReportCenter Reports: Top Talkers/Listeners
Reports on hosts that sent the most data
Drilling down on the host link reveals “listeners” for these conversations
Here are some of the views in ReportCenter. Top talkers and listeners. We’ve seen this on the market for a long time – countless other reporting products provide this view. Who are the top talkers and listeners – if a specific user is using 30 percent of the bandwidth – that’s good to know. What we have done that is unique is that we allow you to select that user and see exactly what applications make up the 30 percent. No one lese provides that. What is that user doing? Is it appropriate? Does it represent a security risk? You can answer a lot of questions.

43. PolicyCenter: Cost-effective Management of PacketShaper Appliances
Flexibly organize managed devices into hierarchical groups
Distribute configurations and software upgrades to multiple devices
View a summary of the status of all managed devices
Policy Center is a software management system that maintains multiple PacketShaper configurations on a single Windows 2000 or Windows 2003 server. Because the configurations of all the units on the network are stored in a single place, they can be managed very efficiently.
Multiple PacketShapers can be assigned to a single PolicyCenter configuration, allowing those units to operate with nearly identical configurations. When you change a configuration, either through PolicyCenter or through the browser or command-line interface of an individual unit, the change immediately affects all units assigned to that configuration. It is this capability of PolicyCenter that truly provides the economy of scale: one single change to a PolicyCenter configuration can result in an instant configuration update on up to 200 different Packeteer units.
PolicyCenter also allows you to:
Deploy policies and partitions across multiple PacketShaper units
Distribute PacketWise software upgrades, plug-ins, customer portal files and adaptive response action files
View a status summary of all managed Packeteer units
Monitor and manage the status of your unit and network with the adaptive response feature
Here you see a PolicyCenter view that includes the device, serial number, the IP address and the image version it’s running – and also the status reported by the Adaptive Response agents running on the device. You can easily select a group, add a policy, and deploy that policy across the group. So it’s very easy to configure something and deploy it across a domain or across the network.

44. Auto-deploy PacketShaper Configurations
Distribute configurations & software upgrades to multiple devices
Install multiple units at remote sites
Quickly and easily deploy and configure them from a central location.

45. Adaptive Response Identify, Respond to and Resolve Problems
Leverages PacketShaper visibility, control, compression and acceleration to automatically:
Identify and respond to network events
Resolve problems
Document background to problems
Provide IT with the information required for manual intervention
Advanced 2nd Level Diagnostics
Restore WAN and application performance to its desired state
Behavior-based management
Performance-based management
The Adaptive Response feature makes it easier to monitor your network by enabling an individual Packeteer unit to monitor unit, application and network health, hosts, traffic classes, links and partitions. When this feature is enabled, the unit displays color-coded status indicators that let you identify potential problems at a glance. You can configure action files to customize and automate responses to problems, and view top-down incident reports to see exactly what happened when a problem occurred.
Adaptive Response is architected in such a way that you can employ as much or as little as you want. It allows you to automatically respond to network events that could seriously impact the performance of the applications running across your network. There are a couple of different levels of this functionality. Perhaps you just want to automatically collect more information. Because what I have heard from many of you is that because many performance problems are transient, you may receive a problem report, go to investigate and the problem is already gone. Then you think “if only I’d had a sniffer” on that link!” or “If only I would have had my Netflow collector turned on.” You spend lots of time and money trying to troubleshoot and pinpoint the problem, but the issue has passed, the problem ticket is closed “no problem found,” and time and money is wasted. But with Packeteer’s Adaptive Response technology that data could automatically be collected as soon as a certain event on that link occurs. You can automatically collect that second-level diagnostic information and when the engineer goes to look at the problem, the event may have passed but the data is available. The problem can now be resolved and the problem ticket successfully closed – problem “found” AND resolved.
Secondly, let’s automatically restore WAN and application performance. Let’s look at a couple of examples.

46. Automation – 2nd Level Diagnostics
Suspicious host or application
Send alert on abnormal activity
Identify top sources (hosts) of abnormal activity
Profile and store characteristics of traffic flow
Capture traffic for in-depth protocol analysis
Let’s talk about an example for behavior-based management. This is a visualization of what’s running on your network. Everything is fine until there is a spike in SQL traffic; in this case, representing the worm/virus SQL slammer. With Adaptive Response, you can configure the product to send an alert when it encounters abnormal behavior. An alert can automatically be sent as soon as that spike occurs, and then “top talkers” and “top listeners” can automatically turn on so you can immediately identify the source of the problem. And perhaps you want to profile the connection – how many connections failed? You can also take a capture of that traffic to do in-depth analysis- all this can be configured to happen automatically, and when the engineer arrives all of this information is waiting on the device.
Other Traffic
VoIP
Oracle
SQL
Alert: Spike in application traffic
Identify: Where is the problem?
Document: Profile and store for analysis

47. Management Value Summary
PacketShaper Centralized management lets you:
Minimize administrative overhead and total cost of ownership
Respond quickly on an enterprise-scale to network or application performance changes
Define partitions and policies
Manage remote sites
Distribute software images and upgrades
Disseminate new categories of applications or traffic
Configure multiple appliances simultaneously
Automate intelligent responses to changes
Integrate with leading management tools
Analyze and report
View a summary of the status of all locations
Publish definitions of events of interest

48. PacketShaper Summary: Bridging the WAN-Application Gap
Great User Experience for Every Application at Every Location
Monitoring for Visibility
Discover applications on the network
Track critical application SLAs
Diagnose problems and issues
Shaping for Control
QOS provisioning to ensure performance of critical applications
Protect availability from new threats
Align network costs with the business
Compression to Create Bandwidth
Decrease traffic by compressing and packing data
Increase capacity of network services
Acceleration to Increase Performance
Overcome protocol design limits
Accelerate performance
■ Centralized Management
– PolicyCenter and ReportCenter

49. Thank you.