Is WANscaler poised to become Citrix's secret weapon?

Citrix bought Orbital Data Systems in August 2006. Like many others, I'd never heard of Orbital Data before Citrix bought them.

Citrix bought Orbital Data Systems in August 2006. Like many others, I’d never heard of Orbital Data before Citrix bought them. Orbital built WAN optimization appliances. In a nutshell, these things are used in pairs—one on each side of a WAN link—to analyze bandwidth, usage, traffic, etc. They then optimize, compress, cache, and do all sorts of things to better utilize the WAN and increase performance of applications.

Other companies in this space that are perhaps more familiar to readers are Expand, Riverbed, and the old favorite Packeteer.

So anyway, last August, Citrix bought Orbital Data and re-released their WAN optimization hardware as WANscaler. (In one of more rarer instances, I actually think that “WANscaler” is a fantastic brand name for these things.)

Even though it’s been almost a year since Citrix made this acquisition, I still haven’t personally ever seen one of these things. They’re expensive, you need at least two of them to do anything, and I didn’t consider this as part of the “core” application delivery area that we cover.

But as I was walking through the TechLab at Citrix iForum in Edinburgh, Scotland, last month, I struck up a conversation with Florian Becker, an architect for Citrix. He gave me the 30,000-foot explanation of how these WANscalers work. (We recorded the conversation and will release it soon as a podcast. But here are some highlights:)

  • The WANscaler appliance has two ports—in and out—and it is physically connected between your network and your edge device. (In the event the WANscaler loses power, a relay closes and physically connects these two ports as if they were a crossover cable.)
  • The WANscaler appliances do NOT build a tunnel between the two devices. They are completely transparent. They work by “tattooing” TCP packets (by putting some bits in an unused portion of the TCP header). When one WANscaler sees an incoming packet that has been tattooed by another WANscaler, it knows that it can start applying optimizations.
  • There are several optimizations that the WANscaler can provide (which we’ll cover in the podcast). Most of them center around caching and compression, along with changing and spoofing certain TCP parameters. (The general idea is that the WANscalers know a lot more about the WAN link than the servers do, so they request data from the servers as fast as possible, and then they can deliver is across the WAN in the best way they know how.)
  • There is only one configuration requirement of a WANscaler—the connection speed to the WAN segment. There’s no need to build a complex topography in the admin console since these things will recognize the tattoos of other WANscalers automatically.

This list is just paraphrasing the new features, but it taught me enough about how these things work to really see how Citrix could benefit from them.

WANscalers + Presentation Server

In the most obvious way, you’ll be able to put a pair of WANscalers in-between your Presentation Servers and your users to optimize ICA traffic. Devices like Packeteer have been doing this for years. However, with WANscaler Citrix would “own” the traffic generation AND the optimization of it, allowing for a level of integration never before seen.

For example, devices like Packeteer mainly work by adjusting the amount of bandwidth that’s available to various protocols, meaning that they can limit “other” traffic on the network to allow more room for ICA. They can also take this one-step farther by prioritizing certain ICA traffic for certain applications or users.

With WANscaler , I would imagine that a future version of Presentation Server could also recognize the tattoos of a WANscaler appliance, indicating that WANscaler functionality exists in-between it and the client. This could cause the Presentation Server to drastically change the way that it builds traffic for that user session, including:

  • Disabling the new “tossing and queuing” mechanism. (Since the sending WANscaler would be on a local network segment, the Presentation Server could send all traffic to the WANscaler, and the WANscaler could figure out what was best for the client given the specific characteristics of the WAN at that moment.)
  • Disabling ICA compression. (Again, let the WANscaler do this since it has a better perspective on things.)
  • “Tagging” the various virtual channels with priorities, allowing the WANscaler to slice and dice individual ICA packets as needed based on WAN conditions.
  • Plus I’m sure many other cool things that I’m not thinking about now..

Again, all of this shows the advantage of Citrix owning the "whole stack" between the application and the user.

WAN Optimizers + SSL-VPNs + Mobile Users = Interesting Complexities

WAN optimization devices like those from Expand Networks can offer compression and caching of ICA data, but of course this only works if your ICA data is not encrypted. (If it’s encrypted, then every packet would be different and the Expand device wouldn’t be able to peer into the packet to figure out what it could cache.) Disabling ICA encryption is no big deal. Typically you have your Presentation Servers send uncompressed, unencrypted ICA traffic to your Expand appliance where the traffic is shaped, cached, compressed, and/or made ready for the network (including their own encryption), and then on the other side the same process happens in reverse.

Of course this whole thing breaks down if you want to use an SSL-VPN like the Citrix Access Gateway, since the CAG client is a piece of software running on a device. Even if you put the Expand appliance on the sending side behind your CAG, there would be no way for the Expand appliance on the receiving side to function since any traffic it would receive would be encrypted by the CAG, not the Expand. The only way to decrypt the CAG content is via the software on the client, and by that point, it’s too late.

Of course in the real world, this scenario doesn’t really come up too often. Appliances like WANscaler and Expand are meant to be used in pairs. This means they're for site-to-site WAN links, not site-to-random-end-user-location links. And SSL-VPN solutions like the CAG are meant to be used for end-users connecting to the main site—you wouldn’t typically use a CAG for several users in a remote office connecting to a primary site over a point-to-point WAN link. Even if that small office had a connection to the Internet as opposed to a point-to-point WAN, there would typically be a VPN appliance in place that would put the entire office on the corporate network, allowing the users in that office to connect as regular LAN users, and allowing either an Expand or a WANscaler device to be used.

Of course Citrix is focusing quite a bit on the CAG, especially with regards to how it works with the Smart Access. And this is starting to catch on. More and more companies are connecting all users to their Citrix application environment via a CAG, and in doing so, they’re architecturally prohibited from using a third-party WAN appliance.

The only way around this would be to build a software client for the WAN accelerator. Then the client could apply the optimizations after the CAG client had decrypted the traffic. I spoke to an Expand employee two weeks ago about this, but he wasn’t too excited about a software client.

“A software client is really complex” he explained. “We would have to figure out how to deal with all the various VPN clients out there and apply our optimizations after them. Plus we’d have to somehow figure out how to deploy, support, and update the client on all those devices.”

He made some really good points. That would be a huge pain—unless of course the WAN accelerator and VPN were made by the same company.

To that end, Citrix recently announced that they would release a software version of the WANscaler client. This would mean that you’d only need a single WANscaler appliance on the datacenter side of your network, and the client devices themselves could read the tattoos and start applying and receiving the optimizations. And since Citrix already makes ICA, CAG, and streaming client software, it doesn’t seem like it’d be too hard to throw the WANscaler client into that mix.

WANscaler beyond Presentation Server

The various WAN optimization products have a bigger impact in the market than just Presentation Server. In fact when I was at PubForum in Lisbon this past May, I talked to a guy who was telling me how cool the Riverbed stuff was. He was saying that in some ways they were actually competing with Citrix Presentation Server! He explained it like this:

Riverbed can do amazing things with files and data in terms of compression, caching, and acceleration. So if you have a small office that needs to access the corporate SharePoint portal, really the only solution over the past few years has been to use server-based computing. But with Riverbed, you can actually have your users run IE locally on their devices at the remote site, and via CIFS and SMB acceleration, the performance is fantastic. The Reverbed appliance almost becomes a completely automatic local cache of your SharePoint content.

So how does this apply to Citrix WANscaler? Sure, you can add a “me too” for them and how they could help with the above scenario. But I think the real value will again be how it more tightly ties into their overall application delivery strategy beyond server-based computing.

One example is in the “user data” department. People like Tim Mangan have been beating the data drum for years. If you haven’t heard Tim explain it, the short version is:

Server-based computing is great because the applications live next to the data, and they’re all delivered via a thin protocol. But now that Citrix is moving beyond server-based computing to deliver apps via streaming that can work locally or offline, what do we do about the data? How useful are these applications if the files, folders, shares, and databases people need are across the WAN or offline?

The workaround so far has been to implement some kind of WAFS (“WAFS” is Wide Area File System, a generic term) or to build complex policies and replication for moving user profiles around and stuff. But with WANscaler, you could conceivably just sprinkle these devices throughout your WAN, and sort of let them take care of everything automatically.

This will provide a great WAN speed increase for any application that accesses files via CIFS over SMB, like, ooohhhh.... Citrix Streaming Server? One of the complaints that people have had about Citrix Streamin Server has been that you can’t put application packages on multiple servers in multiple locations in an easy way. But with WANscaler, you could imagine that you wouldn’t have to do anything at all—just put your packages on one server in your datacenter and let WANscaler optimize the rest.

It’s July 2007. You want one. What do you buy?

Considering everything in this article, what product should you buy today? While it’s easy to imagine how WANscaler could be the best optimizer for Citrix application environments eventually, the reality is that today, WANscaler is not a leading product. Orbital Data was definitely in startup mode when Citrix bought them, and today companies like Expand, Riverbed, Blue Coat, and even Cisco are far ahead of WANscaler on a feature-by-feature basis. The challenge of course is that Citrix will continue to develop WANscaler, and it will be more tightly integrated with their whole platform as future versions come out. So what do buy today? I guess that depends on your specific needs of the moment and how much you’re committed to Citrix as an application delivery platform. But I definitely see WANscaler growing to be a big part of Citrix’s overall strategy in the next few years.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Hi Brian

Interesting article.  I was just wondering if the Citrix WANScaler device needed ICA encryption disabled too, to do it's optimisations?  Or, as it is a Citrix product whether it can optimise any Citrix traffic.



Just a side note in regards to the WANScaler client. In a remote office, when using the WANScaler client you lose some of the  caching that you would normally see if you had the appliance. For example, say you have 10 users in a remote office connected via a slow WAN link. If you had the WANScaler appliance on both ends of that WAN link, and user1 of the users accessed a 75MB powerpoint file, then when user2 goes to access the same file, it will be almost instanenous to access it as long as it is still cached on the appliance and has not been flushed out because of other cached files filling the cache up. In the scenario with the WANScaler client, user2 would need to download the 75MB powerpoint file again as the cache is not on an appliance, but on user2's workstation/laptop. That being said, the WANScaler client definately has its place, but it is worthwhile to mention the above scenario as you do lose some of the caching functionality as you do not have a "shared" cache within the remote office when using the WANScaler client.

Another cool tidbit to mention is that you can "pre stage" the cache on the appliance. For example, lets say you have a remote office with 10 users as in the above scenario. All the users access the same 10GB of information on a shared folder. You can copy the 10GB of information over the appliance before it is ever deployed in the remote office and the data will be already cached on the appliance. That way, you do not have to take the initial hit of caching the 10GB of information the first time each file is accessed once the appliance is deployed to the remote office.

Yes it would, since like the other products, there is no repeatable pattern in SSL traffic, thus nothing to compress / cache.

I just demo'ed the WANscaler and had nothing but problems. In theory it sounds awesome. In real world, it is another device that can fail on the link. Further more, these devices do not term your WAN, but are inside your LAN. If you want to use the device for a remote site it is fine, but what happens when you have to term the other side on your core router. You can do things like virual inline, but still it causes issues. One issue was how it tagged packets that were sent over VPN, basically killed printing from the source.

I think it is a great idea, but for most it will be too hard to isolate and manage in a large scale environment. These should be true WAN devices and actually term the T1, T3 etc....then we could really call them WANScalers....



Having just returned from some wanscaler training I have some severe reservations of the scalability and features of the technology in comparison to a product like Riverbed, specifically:

Wanscalers heritage is derived from optomizing TCP flow control to move typically large amounts of already highly compressed data from A to B (orbitals target market where originally movie and design studios). The compression technology has been added as an after thought and it shows.

 Although the product is pitched as needing minimal config. based on what i saw today this is only true of small simplistic environments any enterprise with multiple asymmetric routes, multiple paths, and complex routing will have a hellish time getting it working.

You only solve WAN problemd by addressing three specific areas:

TCP flow control - all WO products have a solution here

Data compression - again all WO have this element - although some are archtitecturally superior

Application protocol optomisation - Wanscaler is weak here with specific optomisations for CIFS and NFS only

 A product like Riverbed covers lots of application protocols such as specifics for MAPI/NOTES/HTTP/HTTPS (Wanscalers will break SSL in your environment even for clients on unoptimised links)/SQL/NFS/Backup Products/Replication - Doubletake etc

 I dont work for Riverbed but have over 100 deployments in the field and it works 100%. In terms of the software client I would watch the space closely as things are about to change dramatically.

By my estimation Riverbed are about 2 years ahead if Citrix can catch up this technology does hold great promise you only have to see Riverbed now to see whats possible - it redefines the rules of infrastructure design, most definately a ground breaking product.

BTW I was the guy talking to you in Lisbon Pubforum Brian !!


Hi Brian,

I think that so far Citrix has a reasonably good track record in bringing in complimentary products and technologies and integrating them - and this is no different.

Don't forget that when Citrix goes a' huntin' they don't want to buy at the highest price (just like a house) they are going to buy something that is still a work in progress, shows promise, and still needs a little work to finish it off?

In the meantime if you find that your CIFS/SMB traffic is struggling in the VPN can I suggest trying TeraCopy as a free tool that I have found works really well.

TeraCopy - is it possible to resume a file copy across regular drives using standard SMB, CTRL+V, Cut and Paste, etc? - Yes it is!


we attempted to trial one a few months ago, and it was obvious the product was not mature.

 You only had to look from it's presentation/package to see it was a rushed product. It had the following visible tags/marks on it:

 "Citrix Wanscaler + model"

"Orbiter" AND

"Dell Poweregde 2850" (i think was the model)


Hi all,


  • Disabling ICA compression. (Again, let the WANscaler do this since it has a better perspective on things.)
  • I have found a really interesting document, which says that WANSCALER does no good at all to the ICA protocol. Have fun reading that:[1][1].5%20-%20Truths%20and%20Myths%20of%20CPSandWAN%20Opt%20(2007.05).pdf


    I have heard alot of talk about this product "WanScaler". Was curious if anyone has actually posted performance numbers... Yes, plently of variables i'm sure, but what improvement did you see ? I have India users that i support in Colorado, They are about 300ms away, things take X amount of time to occur that happen in seconds to US users.... is this product actually significant ?


    thanks Phil 


    No product other than Expand Networks is capable today of optimizing (i.e. compressing and accelerating) real-time data such as ICA and RDP.  This includes WANScaler as well as RiverBed and others.  Yes, they can compress and cache bulk data (Web pages, files, etc), but definitely not real-time protocols.  We have a couple of Expand Networks units in the lab which we're using in conjunction with RDP.  In short, it's tripling the speed of the simulated link (among other benefits).  

    If you'e serious about WAN optimization and don't care much for all the hype, I strongly recommend evaluating Expand Networks.


    Take a close look at Expand Networks.  As I mentioned earlier, no other product is capable of accelerating real-time data.


    Be careful here with the wording of Adrian's original question.  Compression is not the only optimizing function of the WANScaler.  WANScaler's architecture starts with very strong TCP flow optimizations which will definately benefit ICA traffic whether it is encrypted or not.

    Also, on a saturated link, WANScaler can prioritize different types of ICA traffic in the latest version of firmware.


    The downside of Expand is, that they say it's transparent, however if i do a trace from site a to  a server at site b , i only see the ip addresses of the expand boxes, i can't see anything between the two boxes.

    This creates a new problem, and that's if your using a QOS MPLS network, i will not be able to look into the packets anymore, and will just put all traffic from the two expand units in level 4... :(

    I have done some testing with WAN Scaler in comparison to the Cisco WAAS and the Cisco WAAS is by far the more superior product out there and the price (for the company I work with anyway as we are an ISP) the Cisco left the WAN Scaler in its wake.  This was to do more than faster WAN responce but to do with reporting and packet analysis and tweaking also.
    As we konw,now NetScaler 8.0 has combine the AppFirewall SSL VPN and EdgeSight, In Citrix's roadmap,next step is going to add WanScaler into the NS platform. Think about that: a worldwide GSLB infrastucture with SSL VPN access, Wan optimize,securityand app performance monitoring. BTW,in Array networks's roadmap(they "invented" the first site2site SSL VPN),they will add wan optimize function in the next version of site2site ssl vpn product. I think that's the FF of Citrix.
    I was at a WANScaler seminar last week with Citrix and I was told that currently ICA cannot be optimised by WANScaler. A future release that will have tighter interation with Microsoft protocols may be able to look inside ICA and optimise.  G
    True!  If you are into remodeling that ol' house.  Remember at the end of the day, you get what you pay for.  By the time you're done spending $$ fixing it + add up all the frustration with the contractors not showing up + put some value on lost time to market = the housing market rebounds, you can no longer afford the house you "really" wanted and you're still stuck with a rundown shack :-(

    >  In terms of the software client I would watch the space closely as things are about to change dramatically.

    Can you elaborate on that?  What changes do you forsee? 


    Im actually surprised no one metioned f5 and the WanJET. I have personally done a few Wanjet deployments myself and they work amazingly. If you actually check out the Garner reports, f5 is the leading company out there in this, with riverbed following close second. Cisco is not even considered a real player in this field.

    WanJet, Riverbed, Packeteer, Wanscaler.... None of these can optimize ICA traffic simply because its so optimized already. However if you have having latency and dropped connection issues between your main DC and a remote site, this will help alot. and will improve the usuage of ICA in that respect.

    Also to note, that almost all of these products do nothing for Mapi. So if your looking for email acceleration, you've come to the wrong place. The only product that does anything with mail is riverbed. Riverbed actually acts as a local mail cache server of sorts. You take all your outlook clients out of cached mode... However if your running citrix you probabaly dont have local outlook running.

    Just a side note about the email thing.. Attachments however will be accelerated due to CIFS which is the transfer method.

    One thing I was awaiting was for there to be a software client side to any of these devices, but mainly the Wanscaler as this was talked about during the purchase phase of orbital. If they could make a software remote client and tie it into the ICA installer... then that would be something to seriously look at for all us citrix shops. but untill I see something like that Wanscaler is going to loose to f5, and riverbed everytime.

    I attented a technical introduction of Wanscaller in may. At that introduction i was told that at that moment only one applaince (forgotten the producer) could optimize the ICA protocol. And it wasn't Wanscaler, which is pretty inbarressing for Citrix. So Citrix is putting a lot of effort in trying to further optimze the ICA protocol through the Wanscaler. Citrix is also working on a sofware client for the Wanscaler, which will be available in future versions of the high-end models. As noted before the software client will loose the cashing capeballitys of the Wanscaler.

    The only thing out there that can sorta optimize ICA is a packeteer. And this isnt any kind of Wan Accleration. Its Rate Shaping. You can designate and dedicate a certain amount of your pipe to always be availible to citrix

    - What does one mean when they say "accelerate" or "optimize" ICA?  Guarantee Min BW?....WANScaler can do that and place ICA traffic in 1 of 5 queues based on the Virtual Channel.  Some can do this already but Citrix will be the first to design a protocol specific engine to truly Accel ICA like Riverbed has for MAPI and SQL.  ICA IS ALREADY DESIGNED OPTIMALLY and has little room for improvement.  These WAN devices that can mitigate latency with TCP accel/Window scaling actually will all improve ICA on a 350ms RTT link but, marginally (smooth it out).  Throw 2-5% packet loss in there and WANScaler will come out on top.  Any vendor in this space today is only going to improve ICA on the WAN, outside of BW shaping, by reducing all the OTHER traffic on the WAN via Compression, Caching, Molecular Sequencing, Scalable Data Referencing.....however they want to call's bit-level caching!!!  It all depends on WHY ICA is poor on the WAN in the first place.  Is it Latency from India to Colorado? Is it congestion?  Some solutions can help in these cases but NONE are "OPTIMIZING" ICA....and Citrix wrote the article (link above) confessing this.  They have not had this product for a year yet.  Give them time.  They are in the best position to figure it out.  Meanwhile it does a great job on all other TCP traffic.  Think DR APPS, BACKUPS, CIFS, FTP these are the bulk apps that NEED to be reduced on the pipes.  Fill those pipes TCP Accel and stop trying to fix things with MORE BW.

    - Riverbed? - WANSCALER competes strongly with them and actually has an unfair advantage with regards to big BWs (OC3) and scaling at the Data Center device.  Ask Riverbed how many TCP connections they support on their largest model.  40,000!  Seem like a lot?  They estimate each user avgs no more than 10 TCP connections.  Yeah, if none of them open a browser...maybe.  WANScaler supports up to 100,000 connection on a single appliance and has been optimizing OC3 level links for much longer than Riverbed and any other competitor....Turn on some of RBs protocol optimizations (RiOS) like SQL and watch the TCP connection limits get cut in half.  It is in their white papers.  Same thing if you make them a File proxy (WAFS) with their PFS.  They are inherently designed to terminate the TCP flows and manipulate them, hence they will ALWAYS have a scaling and connection limit.  Sure you can CLUSTER and bunch them to equal one WANScaler.....and the big KNOCK?  They encapsulate the traffic btwn RBs with UDP (tunneling).  Yes, just like Juniper, Cisco (when CIFS accel is ON and who would not want it on), F5.  Why is that important?  If you have a considerable investment in WAN monitoring, like NetScout, or have QoS at the WAN Router of MPLS....well they must be configured to classify inbound traffic, encap it in different UDP or GRE frames and then slap the identical TOS, COS, DSCP Marking on their packets.  Want to see WAN side traffic at the app level?  They must export to netflow and this is typically from the LAN side which, if they are doing things ass advertised, should be much different on the WAN Side..............WANScaler?  TRULY transparent.  Only thing it does is add data to the IP options field for auto-discovery and dynamic adjustments of tcp flow control parameters (link health testing and window size adjustments).  All other packet info is left alone.  Give it to RB....they certainly have more makeup on them.  The reports are nice, stats and graphs are impressive.  They have to be to hide their huge scalability issue.  They are public.  Find out what their average number of un
    Find out what their average number of units per deal are.....relatively low for and enterprise solution.  WANScaler will come along with the fluff and better reports but I like the fact that they are all focused on what is under the hood....the engine.  Besides, the stats can be sent to a central reporting/Logging solution via SNMP.  WS has beaten many, incl RB considerably, with apps like DoubleTake, that RB needs a special proxy for.  TO WS it is just another TCP Bulk data app that it can fill the pipe with and compress the hell out of.Cisco???? - Far superior that NO ONE.  They do not leave anyone in their wake except customers who are smart enough to go with another vendor in a space that the are completely and publicly known as the infantile product, hard to configure, max out at 45Mbps and have a TCP connx limit of 10,000.  Please do not use price to compare Cisco against anyone because they will give it away just to say they have an install base of X at the end of the qtr/Year.  FYI their price is not better per BW against many vendors here once you get the REAL quote and find all the ADD-ons you need and the WAAS, WAE-X appliance plus this and that.  Once you are done picking from the menu of add-ons that come std with the other vendors the price is through the the fin print and do not take the online pricing at it's word.Expand?? - Aren't they dead yet?  Up to 45Mbps but a good TCP scale, claim above 100,000 on a single unit.  Do not even see them around.  I had to see who posted that EXPAND PLUG and found it is Co-Founder and CTO of an integration consulting firm that is strategic partners with Expand.  Peter - there is much better out there....seriously.  Besides, your other partner Cisco is going to eventually make you stop playing around with Expand.F5 - Max connections = 14,000.  Bought a bad product in Swan Labs and is struggling with it.  Just throwing the feature in with BIGIP deals.   It is an after thought product for them and they have not focus or future dev on it as I hear.Packeteer - The best QoS and rate shaping out there but really reaching with the Tacit and SkyX acquisitions.  Packetshaper is unix/linux-based and Tacit and SkyX is windows.  There are porting issue the are having trouble overcoming.  Cannot get these solutions on box.  Tacit is more a WAFS than a WAN Accel traditionally.  Tacit goes up to 45Mbps with 10K TCP connx and SkyX is their Data Center unit (not sure it works with Tacits at the branches?) and max's at 85K connections but CAN do OC3 BWs on one unit BUT with compression turned OFF.

    Evergreen? - Yes, I have heard about Citrix partnering with MS on Evergreen at iForum last year too!  It is a good move.  Many of vendors in the WAN Accel and WAFS Spaces (They are separate you know) are being asked to add capabilities like, DHCP, DNS, Print Services....etc to the device since it is typically a replace the branch office servers type of play.  I hear the Evergreen will be this BRANCH OFFICE in a BOX and I have customers excited about it but bummed they have to wait.  I hear early '08?

    Do the research...see the demos...bring them in for evaluation.....see for yourself.

     Make sure you fully understand your our needs/requirements/network integration issues first.


    In response to Riverbed scaling issues:

    Riverbed is Gartner leader NOT F5 and for good reason, they have over 90% market share of deployments with more than ten sites, the current iteration of Wanscaler just cant handle multiple/assymetric routing it doesnt work in the enterprise unless deployed as a point solution.

     Check out Riverbeds customer list it says it all ..they have customers with several hundred units, can you give me one wanscaler/f5/cisco example at this size ?



    I am happy you brought up this topic but it sounds like you have been reading Citrix marketing. :)

    We are currently using wanscaler in our environment.  You have 2 ways of optimizing compression and acceleration.   Its true you can't compress the ICA protocol any more because its lean like mpeg compression is to video.  We left acceleration turned on, and the difference is noticeable.   By using Wanscaler we eliminated any freezing of the mouse and keyboard, browsing the network and using Citrix over Wan links seem more like the Lan than wan and all of our Citix related slowness problems are gone including disconnects.  The Wanscaler is forgiving about packet loss because of the traffic optimization.  Whether you want to talk about this feature or that feature we are satisfied customers. 
    We just bought some of the new Citrix WANScaller 8820 units, first one fresh off the assembly line and these things are a nightmare. Nothing works like it's supposed to and 3 units have already been replaced by the company. They look good on paper but before you buy, wait a little for them to work out the initial problems.....

    I found this 3rd party report by Miercom with awesome results like 3000% performance improvement


    WANScaler does this now with their QoS feature, basically allocating preferred time on the WAN link for certain protocols, including ICA, in times of link saturation.

    If you have access to Gartner reports, here's one saying Cisco is not ready performance-wise to take on its strongest competitors in L4-7 networking.

    I just talked with somebody who is evaluating both Cisco and WANScaler and they found the Cisco reporting poor and there was a lot of traffic that was unaccelerable.

    RBs don't encapsulate traffic and don't use UDP like you state above.  As far as WANScaler scaling higher -- in the lab, certainly... but try throwing that sucker out on the WAN and see what it does if it hits congestion.  WANScaler uses a proprietary transport and will not behave "nicely" on the WAN with other traffic.  Great in the lab, nightmare on your real network.  Good luck!  As far as connection limits, they are in place because that is what is verifiable with RB and I think customers appreciate the upfront approach rather than vendors lofting out numbers, 100,000 connections!!! woohoo!

    Well, can anyone compress encrypted packets? No. if you don't disable encryption in ICA, you cannot optimize it. This is what the document (pdf) that somebody mentioned earlier stated. NO ONE can optimize ICA, if you don't disable encryption (and compression) for your CPS. That doc stated that doing so is NOT a good practice, for security reasons. But if you do it, you can compress with any of these accelerators.

     Being WANScaler part of Citix, let's allow sometime iafter which maybe without disabling those parameters, WANScaler can interact in a way to optimize the traffic, and no one else will be able obviously.

    Also, what many people call optimize ICA, is not really that, but just congestion control / QoS. In a link with interactive and ulk traffic, the second can make the first starve, so user sensation is of slowness. A WANScaler (even without configuring oS, just by default), can avoid that. Others can do so by configuring QoS. But again, this is not ICA optimization, but "user experience optimization" through QoS usage, exactly the same that would happen with a VoIP connection getting starved by bult traffi, and we don't call it VoIP optimization, do we?

    By the way, about compression, you should have seen 40 MB CAD files being compressed by 1,200 on a second pass, turning my 2 Mb link into a 2,4 Gb one during some seconds...


    What proprietary transport? WanScaler uses transparent TCP flow control management. Have you actually tested it in a real world environment? If there is a data centre with some branches that have WanScalers and some that don't, then you get a mix of accelerated and unaccelerated traffic entering the data centre. The data centre WanScaler will accelerate the WanScaler'ed branches and leave everything else untouched and unimpeded. Same for unaccelerable traffic such as VOIP. As for the connection limits, Citrix actually lowered the max from 300,000 to 100,000 so I'm sure the 100000 is conservative.
    Please tell me more on issues you had...did they step up and solve or ?
    You do work for Riverbed and your names would be either Blanco Lam, Phil Ryzeski, or the other really short guy that works on your technical marketing team. Nice try to spread more Riverbed FUD on public message boards. You guys should be worried about you plummeting market valuation, point-based product and lack of security features. Back to work

    Hi, Can some one please help me finding few differentiation facts between Cisco WAAS and the citrix Wanscaler. cheers,MaX