First Command, a financial services firm with US$18.6 billion in managed assets and nearly 300,000 clients across the United States, saw the promise of the Internet as early as 1998. It quickly Web-enabled its core applications to support not only its own employees and individual customers, but also its far-flung network of financial advisors and their staffers.
But 10 years of providing highly available, resilient Internet access to its corporate Web applications in Fort Worth, Texas, had taken its toll.
"We had our link load balancer appliances, Web load balancer appliances, SSL offload appliances and DNS management appliances," explains Kevin Dunn, director of network operations at the company, who spoke at a Network World IT Roadmap event. "We had devices talking to devices talking to devices, and then we had redundancy on all those devices. The congestion at our gateway was like the expressway on a bad day."
Dunn and his team decided to tackle the problem using WAN acceleration technology. The idea was to simplify the environment by minimizing the number of appliances, while boosting Web application performance by offloading productivity-sapping tasks from the Web servers.
Security was also a key factor. "We're a financial institution and we take the security of our client's data extremely seriously," Dunn says. "We use very high-grade encryption and SSL types of techniques. We wanted to make sure that those security measures didn't get in the way of customers accessing their data."
(Read about Dunn's must-have features for WAN acceleration products here.)
The short list
Dunn and his team took its list of requirements and whittled potential solutions down to four offerings: Juniper's DX, Nortel's Alteon ACEdirector, Citrix's NetScaler and F5 Networks's BigIP 6400 series.
"Our selection criteria was based on a total package approach," Dunn says. "We were looking for the ability to handle global load balancing, link load balancing, server load balancing, SSL and the ability to do inline content rewrites on the fly. Plus, it had to provide a Web application security layer."
In addition, First Command needed something that was quick to master and easy to support. "We're a midsize company, and we do not have unlimited resources," he says, noting that 22 IT staffers support more than 500 internal employees and 2,200 financial advisors. "We wanted something that was easy to maintain, easy to learn, and would help us simplify the environment, rather than making it more complex."
In all, First Command tested each device for at least two weeks in production-level scenarios. "Because we use server load balancing, we were able to create alternate IP addresses, and then run parallel tests against the same servers at the same time to evaluate the various devices," he explains.
Like many other organizations, First Command's Web environment is complex, including not only Microsoft SharePoint applications and Outlook Web Access for Exchange e-mail, but also several BEA Weblogic and ASP.NET-based applications. "Each of those has their own unique set of challenges, so we tested against all of them," he says.
The first box, the Juniper DX, tested well and got high marks for ease of use. Unfortunately, not long into the test, Juniper announced it was dropping the entire DX line. "That was a surprise," Dunn says. (See story here.) "So right away, we were down to three."