Baseline connectivity VPNs are becoming commodity products. Many carriers have leveraged their network assets and introduced service-aware VPNs. Application assurance is the next evolutionary step. This development addresses the application requirements of enterprises for better, consistent, visible, end-to-end performance.

 

Enterprises employ a wide range of applications and services: e-mail, VoIP, IM, file transfer, video conferencing, business IPTV (News - Alert) services, storage backup and recovery, etc. Each application has unique requirements for bandwidth as well as timing or delay sensitivity. VoIP can suffer from poor quality and dropped calls. Streaming video may break up or take a long time to start playing.

 

There is a popular perception that a high QoS equates to a high QoE (Quality of Experience) and that any quality problems can be accommodated by adding more bandwidth. That perception is wrong but it persists.

 

In order to optimize the QoE, which is the quality parameter that matters the most, service providers need to manage the quality of the various applications – the QoA (Quality of Application) – all the way to the end-user. This means that the optimum QoE can only come from a combination of QoS and QoA.

 

Many service providers have progressed from the basic VPN model, which was connectivity centric, to today’s service-aware model that supports the convergence of IP voice, data and video and that has the performance and resiliency necessary to run latency-sensitive applications.

This model has enjoyed considerable success. But — and it is a very big but — it’s a QoS centric approach. A high QoS assures the performance of the network, but it does not recognize the applications. What’s needed is a model that builds on the success of service-aware VPNs and goes on to assure the performance of the applications, i.e. a model that is QoA centric. Add this parameter and you can realize the requisite QoE for all application types.

 

 

Enterprises rely on their business applications for day-to-day operations, but the majority have little or no visibility on how they are performing over the wide area network services they employ. It’s a serious issue and its impact is growing for a number of interrelated reasons:

 

 

 

The primary responsibility of service-aware VPNs is to ensure that the operator’s network and service performance objectives are met. There is limited focus on applications: it is assumed the application performance is acceptable if the service performance objectives are met. But QoS does not equate to QoE.

 

This model assigns different classes of service (CoS). The CoS defines the service pipe into which applications will be classified by trusted CPE devices. Thus, the CoS determines the priority rating of the applications. However, this does not help address the enterprise’s key performance issue, which is to have per-application visibility and control, without having to implement a costly CPE appliance.

 

 

Application-aware VPN services offer a new way for service providers to approach their customers. Application awareness goes to the heart of what matters most to an enterprise: the predictable performance of its voice and data applications. That’s a deliverable that will allow service providers to become a strategic partner ahead of the time when commoditization of the QoS model starts and prices erode.

 

 

An Ovum study conducted in Europe and the US indicated that 30 percent of the enterprises would pay extra for an improved QoS that guaranteed the performance of mission-critical applications. And 20 percent said they would be prepared to pay for consultancy services that helped them with application performance monitoring and reporting. A similar study conducted by IDC (News - Alert) showed that 51 percent of 368 enterprises would use a managed WAN optimization service from an operator.

 

 

An application-assured VPN ensures per-application performance objectives are met through application recognition and optimization. This is enabled through a network-based approach that provides per-application classification and end-to-end assurance from both trusted and untrusted CPE devices. So, how is it done?

 

Alcatel-Lucent (News - Alert) has designed a solution that enables service providers to deliver application assurance as well as performance monitoring and reporting. And while the functionality is very advanced, implementing the solution is relatively simple.

 

In a nutshell, the operator simply hot-inserts a hardware module into the chassis of an existing 7450 ESS (Ethernet Service Switch) or a 7750 SR Service Router). This can be done without disrupting the services that are running at that time.

 

The module is known as the Application Assurance Integrated Services Adapter (AA-ISA). The baseline function is to identify the various applications in order to enable dynamic per-service, per-site and per-application QoS policy control. The term per-application QoS equates to QoA, which was introduced at the beginning of this article.

 

The applications that enterprises run over their wide area network are numerous and varied. When traffic is directed to the AA-ISA traffic flows are identified and subjected to Application QoS Policy rules that determine the requisite treatment.

 

Each AA-ISA module provides up to 10 Gbps of deep packet analysis, a figure that enables up to 3M (News - Alert) traffic flows. Up to seven active AA-ISA modules can be deployed per chassis. In this case the analysis capacity can scale up to 70 Gbps: this figure enables up to 21M simultaneous flows. Application assurance solutions that are CPE-based only scale to 1 Gbps.

 

 

Application assurance enables per-application refinements that can either optimize the performance over the WAN or prioritize one application over another. In Alcatel-Lucent parlance it enables an application-level QoS, which is arguably a more meaningful term than my QoA.

 

In addition, the AA-ISA provides the data that enables visibility of applications and their performance behavior over the VPN. This data is subsequently processed by the reporting and analysis manager that provides application identification plus application monitoring and reporting.

Alcatel-Lucent’s solution enables operators to provide enterprise customers with a Web-based service portal that is used to monitor applications on a per-VPN or per-site basis. IT management can view near-real-time reports as well as archived reports and also request or change application treatment.

 

These reports are critically important for enterprises as they are faced with operational challenges due to limited resources as well as increasing cost constraints. Without an application reporting capability, they are effectively running blind.

 

 

Scalable application assurance has the look of a compelling business proposition, one that meets the market need for enhanced application performance over the VPN. The concept is also a logical evolutionary step for service providers. An application assured VPN is a differentiated service offer that heads off commoditization and by delivering predictable performance that can be monitored the business relationship becomes that of an ICT partner instead of a connectivity supplier.