01-14-2011 01:27 PM
I am trying to set up WAAS acceleration for a Secure FTP connection between two locations. I only have a NME-WAE-522 available to be the central manager.However, it appears that the 522 is not supported as a central manager.
So my questions are:
Bruce Clough
Network Engineer
NSTec
01-15-2011 06:34 PM
Hi,
Answers inline...
Is there any software version that will let the WAE 522 module function as a central manager?
No, the smallest WAAS device that can be configured as a CM is the WAVE-274
Is it possible to perform the acceleration using just two WAE devices without the CM?
Technically it is possible, but this is an unsupported/ not recommended configuration. Without a CM you won't be able to have accurate reporting, centralized management of the policy engine on all devices, you won't be able to use features like the SSL AO, or CIFS prepositioning, etc.
Can such a configuration support SFTP acceleration?
SFTP uses the SSH protocol to transfer data, which is encrypted. Thus, the best level of optimization you can get is TFO only.
By default SFTP will match against the default SSH policy, which applies TFO only. If you want to specifically identify SFTP separately from SSH, you would need to create a new application & classifier that would match on the source and/or destination IP address (this would best be accomplished via the CM GUI).
If you were to force the policy to full optimization, since SFTP relies on SSH to secure the transmission, the benefit from DRE+LZ would be minimal/ could cause more overhead since you won't likely find redundant bit patterns within encrypted data.
If you have the ability to transfer this data via HTTPS, then you could utilize the SSL AO by creating an SSL accelerated service, and you would receive full L4 optimization (TFO, DRE, LZ) and L7 optimization (HTTP and HTTPS AO if using WAAS 4.3.1; HTTPS AO only if prior to 4.3.1). However, as mentioned above you will need a Central Manager in order to configure/ use SSL AO since you need to use the cms secure store to manage the keys.
For more information on the SSL AO you can review the following configuration guide section:
Hope this helps,
Mike Korenbaum
Cisco WAAS PDI Help Desk
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide