Held by:
Leonardo Balliache
QoS SERVICES
Selective Routing
Traffic Control and Classification
Bandwidth Management
Packet Classification and Filtering
Network Remote Access
Load Balance
|
|
Held by:
|
|
|
|
|
QoS SERVICES |
|
|
Selective Routing |
|
|
Traffic Control and Classification |
|
|
Bandwidth Management |
|
|
Packet Classification and Filtering |
|
|
Network Remote Access |
|
|
Load Balance |
|
|
|
|
| GENERAL CHARACTERISTICS | |
| Prioritize and model network traffic in your organization. Traffic prioritization by policies. Make sure that critical applications and resources are receiving a guaranteed quantity of the available bandwidth. |
 |
 |
Establish priorities. The network traffic can be prioritized
in order to fit into the organization's objectives. For example, make sure
that the personal surfing the net are not reducing resources for other
critical applications like ERP, e-commerce, strategic applications and
classified information servers. This is specially critic in organization's
outdoor offices where the bandwidth is an expensive and limited resource.
The service prioritization is fundamental. The critical applications
access can be minimized or even completely deactivated by non - critical
applications; personal down/up loading heavy files using www or ftp, or
watching multimedia application through Internet. |
| Some regular use services, but of less priority or hierarchy, like e-mails with heavy attachments, long printing spools, backup traffic, and file copy, movement and transfer, substrate the available bandwidth and may cause delay and network congestion. In consequence critical applications like organization's SQL Database may collapse. |
| Traffic can be marked by the use of different criteria (network, sub-network, service port, department, etc.). Once marked it's prioritized and assigned to path routes with bandwidth resources for each kind of service. By prioritizing critical applications traffic we guarantee their access to a minimal bandwidth, without affecting the other less priority services. |
 |
 |
When the Internet traffic is prioritized, the limited resources can be used in a way that guarantee the accomplishment of the organization's objectives and satisfies its requirements. The Internet access bandwidth, an expensive and limited resource, can be correctly managed in order to guarantee the right hierarchy in the using of it by the services. |
| For example, users making purchases or consults in the organization's portal could and should receive an special treatment and a bigger bandwidth than other people that are downloading a song from Kazaa or just simply surfing the net for adult sites. The representing, senior executives and strategic mobile personal in remote locations, should have guaranteed a minimal required bandwidth in order to execute transactions without troubles and unnecessary waste of time. |
| In small/medium size organizations that count with an unique Internet access service of 256, 512 or 1024kbps through phone line modem to Ethernet, outdoors antenna modem to Ethernet or CATV cable modem to Ethernet, show serious performance problems in the interactive services when making up/down loads of heavy files (demos, napster, etc.) through www o ftp. It happens because it creates long IP packet spools in the modem's up/down loading buffers. |
 |
| Using QoS services spools are eliminated from modems and send to a bandwidth management router; once in here, the spools are hierarchysized and correctly managed, putting in first place the random small interactive service packets, without make them wait turn behind packets that are generated by file up/down loading traffic. At the same time we define the maximum bandwidth from the total available that each service should use. |
 |
In bigger organizations with remote offices, the WAN
traffic prioritization is critic. The WAN links are very expensive and
very limited in bandwidth. Many critical applications like ERP, voice over
IP, remote application servers, critic information consults, etc., require
defined and guaranteed bandwidth. Without a service prioritization and a
right bandwidth distribution, this services collapse and the out of order
times are more frequently and endless. Using QoS services, the network bandwidth can be guaranteed for the essential services during high congestion periods. Using traffic prioritization schemes we can achieve a better management and use of the limited bandwidth resources. |
| When there are excessive traffic and congestion, the
essential services are prioritized and receive a higher bandwidth quantity;
later on, when the load is reduced or when the essential services are not in
use, the bandwidth returns automatically to the rest of the resource
requesters. With QoS services the organizations that offer hosting services or server application services could limit the bandwidth of the offered services using different selection criteria, like source or destination address, kind of application, transmission port or type of protocol, having additionaly the possibility to determine absolute and relative bandwidth levels that fit according to the availability. Through access control by the use of identification based firewalls, packet filtering and selective dropping, we can guarantee the network and remote access services safety and protect them against wrong or malicious intrusions. |
| Each single day the organizations are more Internet dependent for the management of their business; but Internet is an uncontrolled jungle where anything could happen. One of the most important objectives is the safety and confidentiality of the organization's data that are exposed to the public. Keeping well-designed firewalls that protect data and organizations resources is very important in order to guarantee the good operations. Protecting the network resources from not desirable access is fundamental for any organization. |
 |
 |
The traffic security policies can be defined for users,
workgroups, time of the day, service type, source address, destination
address, source port, destination port, comunication protocol, etc. Using network address translation it is possible to isolate the network from the external world represented by Internet, without losing the advantage that each workstation can be in the network, but keeping the guarantee safety required. |
| In those cases that due to the increasing traffic volume or
number of connections appears to be necessary to upgrade links or servers,
it could be possible without the need of getting more powerful equipment,
instead through the adding of new elements in parallel (cluster), without
losing the initial investment and permitting the infrastructure scalability,
redundancy and availability.
Frequently a portal collapse due to the gradual increasing traffic, but always the best solution is not to get a new powerful server or getting very expensive balancing switches. The QoS services allow amplifying the installations capacity by getting new equipments, but keeping the old ones, using link and server load balancing schemes. |
| Additionally, by establishing traffic routing policies using
static rules based on human criteria, the load balancing is improved in the
rush hours, allowing a rationalization and a better use of the network
resources. By using tunnels (ip, ipsec, gre, cipe or mpls) the critical traffic can be tunneled directly from clients to servers and viceversa. Encripted tunnels also allow that two or more internal networks in remote locations can see each other and work as if they were the same network (VPN), using Internet as the tunnel site or using dead communications lines between locations. |
 |
| QoS services are implemented using Cisco or Linux routers... |
| More information at http://opalsoft.net/qos |
| Any question should be sent to Leonardo Balliache. He lends QoS Consulting Services available on request. |
|
|
 |
