WANaccel_Overview
This chapter provides an overview of the SonicWALL WXA series appliance, basic and advanced deployment scenarios, and configuration and verification examples. This chapter contains the following sections:
The following sections provide an introduction to the Wide Area Network (WAN) Acceleration service:
The SonicWALL WXA series appliances deployed in one-arm mode with SonicWALL NSA/TZ series appliances allow network administrators to accelerate WAN traffic using Transmission Control Protocol (TCP) and Windows File Sharing (WFS) between a data center and a remote site. In this type of deployment, the SonicWALL NSA/TZ series appliance provides dynamic security services, such as attack prevention, Virtual Private Network (VPN), routing, and Web Content Filtering. Without WAN Acceleration, WAN connections like T1/E1 or xDSL typically have a round trip time of between 25ms and 100 ms, causing some applications to perform poorly. The WAN Acceleration service can increase application performance more effectively.
Figure 85:27 illustrates the basic network topology for the SonicWALL WXA series appliances and the SonicWALL NSA/TZ series appliances.
Figure 85:27 NSA/TZ and WXA
Transmission Control Protocol Acceleration Overview
Most modern networks are sending an increasing number of files and data sets over the WAN, reducing the amount of available bandwidth.TCP Acceleration is a process that decreases the amount of data passing through the WAN by sending a reference index instead of the actual data and breaking long end-to-end TCP connections into several smaller TCP connections. These TCP Acceleration features work together to increase network throughput.
The SonicWALL WXA series appliances utilize TCP Acceleration by accelerating selected traffic passing between a local data center and a remote site. The selected traffic is replaced in the SonicWALL WXA series appliances’ shared databases as blocks of data with reference indexes. A complete data set needs to be sent the first time before TCP Acceleration can take place; each SonicWALL WXA series appliance needs to have matching data stored.
The three separate TCP connections are created between network devices that work together to accelerate traffic using TCP Acceleration. This reduces response time to packet losses and increases throughput. The three TCP connections are created independently, with the remote site’s PC to the remote site’s SonicWALL WXA series appliance connection being the initiator. If one of the sessions is not established, then the remaining connections are closed immediately. Traffic is still passed from the remote site to the data center, but it is not accelerated.
The following list details the three separate TCP connections and the transfer of data using shared databases:
The Web Server sends data to the SonicWALL WXA series appliance on the data center through the SonicWALL NSA/TZ series appliance. The data is stored in a data block and given a reference index.
The SonicWALL WXA series appliance on the data center sends the reference index (instead of the actual data) to the SonicWALL WXA series appliance on the remote site through their respective SonicWALL NSA/TZ series appliances.
The SonicWALL WXA series appliance on the remote site finds the matching data block, reassembles the data, and sends it through the SonicWALL NSA/TZ series appliance to the PC.
Windows File Sharing Acceleration Overview
WAN Acceleration has a wide range of technologies that are aimed at accelerating applications, improving throughput, and enabling bandwidth scalability. WFS Acceleration is a subset of WAN Acceleration.
SonicWALL WFS Acceleration allows remote users to access and share files at near-LAN speeds over the WAN. Distributed enterprises that deploy WFS Acceleration solutions are often to consolidate storage to corporate data centers, eliminating the need to back up and manageable data that previously resided in their remote offices. Basically, the use of WFS Acceleration within your network reduces the impact of high-latency and low-bandwidth links by approximating streaming behavior through the use of read-ahead and write-behind functionality and caching with automatic cache validation.
Benefits
The WFS Acceleration service provides the following benefits:
Increased data transfer speeds
Low latency
Advanced data security
How Does Windows File Sharing Acceleration Work?
WFS Acceleration reduces overall network congestion with techniques such as data compression and storing recurrent data patterns in a local cache. When a SonicWALL WXA series appliance is connected to a SonicWALL NSA or TZ security appliance and WFS Acceleration is enabled, traffic passing through the WAN travels between points with speeds similar to a LAN connection. Refer to Configuring WAN Acceleration for details on how to configure WFS Acceleration on SonicWALL security appliances.
The Pre-Requisites for deploying the WAN Acceleration service are as follows:
A SonicWALL NSA/TZ series appliance is required to deploy the SonicWALL WXA series appliance.
The remote sites use services in the data center for example, a central file or SharePoint repository.
Traffic passing through the SonicWALL WXA series appliance requires IPv4.
Consider the following when deploying the SonicWALL WXA series appliance:
The SonicWALL WXA series appliances require deployment with SonicWALL NSA/TZ series appliances running SonicOS 5.8.1 or higher.
Typically the SonicWALL WXA series appliances are deployed in a site-to-site VPN configuration through their respective SonicWALL NSA/TZ series appliances. However, you can also use routing or L2 Bridge Mode, refer to the SonicOS 5.8 Administrators Guide for details.
If a SonicWALL WXA series appliance is used in a high availability configuration, a switched connection to both SonicWALL high availability pairs is required.
Encrypted pass-thru traffic is highly randomized and does not materially benefit from the SonicWALL WXA series appliance’s WAN Acceleration service. Therefore, the IPSEC, SSL, or TLS pass-thru traffic types are not accelerated.
The WAN Acceleration service is compatible with IPv4 only.
WFS Acceleration supports Windows file services using Active Directory/Kerberos for authentication and authorization.
WFS Acceleration does not currently support NTLM or other non-Kerberos authentication mechanisms.
Configuration Task List Overview
This section provides an overview of the SonicOS user interface for the SonicWALL WXA series appliance. This section contains the following subsections: