Wednesday, March 24, 2021

SilverPeak First-packet iQ - substance or marchitecture

Hello

In short, I am getting into the details with regards to how vendors do application identification in conjunction with SAAS optimisation. Initially focusing on Cisco Meraki and Silverpeak

The full back story is I am currently in the early stages of exploring SD-WAN for my organisation, and I am starting to get my head around some of the products and new features on the market.

One area that seems to be getting a lot of focus is SAAS optimisation/ SD-internet/ Smart SaaS QoE as I have heard it called. Essentially looking at how vendors can optimise the traffic delivery from branches to a SAAS applications. I understand how different vendors achieve this at a high level. What I want to understand further is how an application is identified, how different vendors approach identification and what makes some engines more superior than others.

I am familiar with Meraki and I currently have a Cisco Meraki MX67 with a SD-WAN plus license. I have started my initial testing with this product as I used it for SD-WAN at a previous company and I see the value of its simplicity. I am aware that its Smart SAAS QoE is not available yet however I have been able to test the L7 VPN exclusion feature which is a stepping stone to achieving there Smart SAAS QoE. Just to state this post is more about understanding the application recognition element over comparing the full SAAS optimisation element of both vendors.

Meraki have 10 major applications to select from with the option of defining other custom applications via IP or URL. Im testing this at the moment and it works as you would expect. I am running a packet capture and I can see the relevant traffic break out onto the internet rather than take the default route over the VPN to my test datacenter MX.

More information on the feature.

https://documentation.meraki.com/MX/Site-to-site_VPN/VPN_Full-Tunnel_Exclusion_(Application_and_IP%2F%2FURL_Based_Local_Internet_Breakout))

I have started to explore the literature on Silverpeaks First Packet IQ and it sounds very impressive. What I am struggling with is trying to distil from the Silverpeak marketing message what the real benefits are of this innovative and industry first feature over and above what I am seeing the Meraki box. Is this just marchitecture or is there real substance to this Silvepeak feature.

I admit my understanding of application recognition is relatively elementary so any guidance is massively appreciated. If you can shed any light on this specific feature and potential advantages and pitfalls that would be great.

What is the limitation with defining applications by IP and URL only?

What common SAAS applications would I fail to identify on the MX?

Silverpeak Feature in more details

https://www.silver-peak.com/products/unity-edge-connect/first-packet-iq

‘Silver Peak’s innovative First-packet iQ identifies applications on the first packet. Using multiple techniques, First-packet iQ identifies more than 10,000 applications and more than 300 million web domains. First-packet iQ goes beyond typical Deep Packet Inspection (DPI) and port-level approaches used today and it adds a cloud-hosted internet map and geolocation database in addition to real-time machine learning to provide the highest levels of application intelligence.’

Thank you in advance for your input



No comments:

Post a Comment