Improving Global Microsoft Azure Performance with Aryaka
We all know that in the world of the cloud-first digital enterprise, key business processes rely on network performance – if the network doesn’t deliver on the expected SLAs, there is direct impact on business results and employee productivity.
A typical use case involves remote offices in distant geographies accessing application data that is stored in the public cloud from a remote location. In close collaboration with our partner GAB ExactlyIT Solutions GmbH, we ran a real-world test last month involving a typical scenario: the remote user is based in Beijing (China) and must access application data in the Microsoft Azure Region Europe West via an IPSec tunnel. This configuration is often encountered when:
- The remote office is connected to HQ or the enterprise DC via a traditional network configuration that backhauls all traffic to the main site before the traffic breaks out into the public internet in order to reach the public cloud.
- DIY SD-WAN has been deployed with a policy that breaks out public cloud traffic into the internet locally, directly at the branch (as often recommended in SD-WAN design guides) but the application and data that reside only in a certain geography.
- The end user is a mobile user or remote worker that needs to log into a corporate VPN that has a compromised topology when it comes to optimally support the required public cloud application/data (which is sometimes dictated by geo-political considerations).
It is important to point out that, while the problem in some cases could be partially remediated by optimizing the routing policy for that particular cloud application, the fact that the average enterprise deploys over 50 public cloud applications makes that particular per-branch, per-cloud-app optimization extremely work intensive. And the dynamic nature of cloud applications quickly renders any local routing policy obsolete, hence requiring constant, work-intensive and error-prone updates.
Also, when enterprises analyze such cloud application issues, their first stop is to monitor the public cloud performance. Microsoft Azure openly publishes performance degradation and outages, however the fundamental issue is very often due to network latency, jitter and packet loss that severely impact TCP connection setup as well as throughput. What’s worse: over the Internet, and particularly over long distances when multiple ISPs are involved, such issues are very hard to pin down. Furthermore, they are often transitory and often outside any singular ISP’s control.
Let’s investigate the effect this has on a remote user’s experience in our first test case.
Test Case 1: Cloud Application Performance Issues Over Long-Distance IPSec Tunnel
As Figure 1 shows, the office is in Beijing. The application data the user will try to download resides in the Azure Region Europe West.
Figure 1: File Transfer over IPSec Tunnel
The real-world measurement is sobering: It takes the user 8 minutes and 42 seconds to download a 100MB file. This could be a product video that a remote sales representative is trying to download to address a question during a meeting with a customer prospect. Clearly, no one is going to wait nearly 10 minutes in a meeting to get a question answered. The result of this underwhelming cloud application performance is remote worker frustration, complains and overall loss of productivity.
The network behavior is also disruptive for smaller files, as exemplified by the 10MB file transfer example, which is a very usual file size. Not only is the transfer time unnecessarily long, but it’s also highly unpredictable by ranging anywhere from 39 to 102 seconds, thus adding to user frustration as they wonder what is wrong.
Note that local Internet performance in the Beijing region is quite good, so that is not the sole source of the problem we are observing here. The key issue is the fact that TCP/IP traffic performance will always suffer when long delays and jitter as well as packet loss are incurred due to the long geographical distance and the multitude of ISPs involved in handling the IPSec tunnel end-to-end.
Test Case 2: Cloud Application Performance Improvement with Aryaka SmartServices
Aryaka’s SmartConnect and SmartCloud services lets customers connect to their SaaS applications and data over a global connection that delivers on strict, deterministic SLAs. This overcomes the latency, jitter and packet loss issues associated with the internet middle-mile and provides a cost-effective yet superior alternative for accelerating cloud application performance.
Now let’s see how the exact same test scenario performed over the Aryaka solution:
Figure 2: File Transfer with Aryaka SmartCloud
The real-world measurement for the same test case with the Aryaka solution shows that now it only takes 1 minute and 59 seconds to download the same 100MB file. That’s a 400% performance improvement. This is a time that allows the same remote sales representative to bridge the wait time with a short conversation about another topic, allowing them to effectively address the question. Better response times deliver on tangible business benefits.
For the smaller file size, not only is the transfer window much shorter, but it also leads to predictable performance, which establishes users’ trust in system performance by eliminating random system behaviors.
How does Aryaka unlock such a cloud application performance advantage for its customers? Three of Aryaka’s SmartServices are key:
- SmartConnect: Aryaka’s Global Layer 2 Core Network is built on privately held high-performance links that provide strict latency, jitter and packet loss guarantees. SmartConnect also provides traffic optimization and implements proxies and other technologies to dramatically accelerate the performance of TCP/IP globally with its TurboNet and TurboApp technology.
- SmartCloud provides an optimal topology to deliver cloud application performance in any global or regional deployment. By optimally peering with Cloud Providers in different geographies with high performance connections (in Azure’s case, ExpressRoute), enterprises are guaranteed the best cloud application performance without the burden of constantly optimizing routing policies in every branch.
- Secure Remote Access provides mobile, remote users immediate access into the Aryaka Global Layer 2 Core Network, overcoming the performance issues of many corporate VPN solutions in the cloud-first era.
MPLS still represents a foundational technology in most global enterprise WANs. MPLS can deliver high availability and deterministic quality of service within a service provider’s domain, hence network managers have been relying on MPLS for 20 years. On the other hand, MPLS is costly, slow to deploy, and its traditional hub-and-spoke architecture from the branch to HQ and/or the DC does not support the overwhelming need to optimally support cloud deployments. Do-it-yourself SD-WAN solutions allow traffic to be routed directly to the internet at the branch, however they often still rely on costly MPLS links to support traffic that is perceived as business critical.
The Aryaka Difference
As this performance test shows, Aryaka’s Cloud-First WAN provides superior cloud application performance improvements, even -or especially- over very long geographic distances. We were able to improve file download times from Europe to China by 400%.
Aryaka allows network managers to deliver on a global network infrastructure optimally suited to the needs of digital business, delivering on simplicity, agility and reduced operational cost. Aryaka customers can leverage cost-effective internet access technology even for the most business-critical applications given Aryaka’s patented technologies to deliver on hardened performance parameters, as well as Aryaka’s long established global presence and experience in partnering with the best local ISPs.