Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WAAS conflict with oracle (with G initiator) and citrix)

Dear all,

I am in Proof of Concept "WAAS" in one of the big Companies ,

I have a problem with implementing WAAS , there are:

1. There is Oracle data base with G initiator that encrypted traffic before send to another client or server. At first time, I force the all of acceleration of WAAS (DRE,TFO, LZ).

ex:167.103.72.46:1598 167.103.48.5:9000 10445 00:14:5e:85:77:87 F,F,F,F

after that, the traffic performance slower than before, as I know the oracle encrypted packet so the WAAS is not optimized.so how to solve this case?

(l try to set the optimizations to just TFO not DRE but it is still slow)

2.The Application citrix have same problem with oracle, the packet after accelerated by WAAS (more bigger than before).Maybe, because double header after encrypted (in WAAS and application)

3.is a Packeteer influence WAAS performance? so how to put Packeteer in WAAS POC scheme ?

l think there is better to put packeteer after WAAS (switch-WAAS-packeteer-router) ?because bandwidth influence the traffic performance between WAAS and client if there is packeteer.or are there another opinions?

I need your suggestion, problem solving, or anything that can help me.

(POC WAAS versus River bed versus Expand in this company,please give me tricks to win the competition)

Best Regards

HSN

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: WAAS conflict with oracle (with G initiator) and citrix)

Muhammad,

Responses to your questions:

1 & 2 - WAAS needs to see the unencrypted stream in order to apply full optimization. Otherwise, the compression processes will not be effective and will add overhead in terms of processing time and bytes. The WAAS 4.1 release will add support for byte-0 SSL/TLS encrypted traffic later this year.

3 - I agree with your suggestion that the Packeteer devices are placed after WAAS.

Zach

Cisco Employee

Re: WAAS conflict with oracle (with G initiator) and citrix)

WAAS 4.1 provides the capability to apply full optimization to SSL-encrypted traffic. This is done by exposing the encrypted stream unencrypted within the WAE only -- traffic is still encrypted over the network.

Zach

3 REPLIES
Cisco Employee

Re: WAAS conflict with oracle (with G initiator) and citrix)

Muhammad,

Responses to your questions:

1 & 2 - WAAS needs to see the unencrypted stream in order to apply full optimization. Otherwise, the compression processes will not be effective and will add overhead in terms of processing time and bytes. The WAAS 4.1 release will add support for byte-0 SSL/TLS encrypted traffic later this year.

3 - I agree with your suggestion that the Packeteer devices are placed after WAAS.

Zach

New Member

Re: WAAS conflict with oracle (with G initiator) and citrix)

Seils,

thanks for your suggestion,

the WAAS 4.1 has been released. After reading the data sheet,

there are the sentences:

"Data-in-flight security is maintained during acceleration of Secure Sockets Layer (SSL) encrypted traffic while helping ensure that the server private keys never leave the data center.

• Data-at-rest security is provided by disk encryption based on the Federal Information Processing Standards (FIPS) 256-bit Advanced Encryption Standard (AES) to secure data even in the event of physical compromise."

source:

http://www.cisco.com/en/US/partner/prod/collateral/contnetw/ps5680/ps6870/data_sheet_c78-445372.html

maybe, I think WAAS is not accelerate the encrypted files/data but waas will encrypted the data with SSL and AES.

any suggestion?

(update my case:

maybe l can open the encrypted setting in oracle but the company say it will not become secure that passing traffic without encryption(maybe between client - waas can be tapped)

Thanks

Best Regards

Muhammad

Cisco Employee

Re: WAAS conflict with oracle (with G initiator) and citrix)

WAAS 4.1 provides the capability to apply full optimization to SSL-encrypted traffic. This is done by exposing the encrypted stream unencrypted within the WAE only -- traffic is still encrypted over the network.

Zach

244
Views
5
Helpful
3
Replies
CreatePlease to create content