If an accounting application crashes, its users probably can multi-task while IT troubleshoots the problem. If the server that hosts voice over IP (VoIP), email, instant messaging (IM) and conferencing fails for the entire enterprise, employees are going to pack their bags and go home. To ensure uptime for some of its most prized UC applications, one global enterprise deployed application delivery controllers to intelligently load balance its Microsoft Office Communications Server (OCS) 2007 R2 traffic.
"Most of the applications in OCS … are applications that the firm expects to always be available," said Kevin Rice, global network architect at A.T. Kearney, a global management consulting firm headquartered in Chicago. Without the application delivery controllers, "we would have to go back to a singular architecture and keep our fingers crossed that we didn't have an outage," he added.
The firm's OCS 2007 R2 servers support 3,500 users across 50 sites throughout 33 countries. Before Rice deployed F5's BIG-IP application delivery controllers in his two data centers in May, only one of the data centers actively served users. The other functioned as a cold site for disaster recovery.
"If you're a user in Dubai, all your applications are being served out of a cloud or here in the U.S. So, if that application goes down, it goes down globally … and in a global environment, we really don't have the ability to have any downtime to do any product upgrades or updates," Rice said. "We needed to provide some form of resiliency -- application resiliency and data center resiliency -- and we needed it to be transparent to the user."
Application delivery controllers with Layer 7 visibility
With intelligent load balancing from F5's application delivery controllers, Rice can serve OCS 2007 R2 users from both data centers. Eventually this architecture will provide a path toward building a private cloud for his UC infrastructure and other applications, he said.
BIG-IP's global load balancing feature constantly monitors services at Layers 4 through 7 by sending various test requests to servers via Session Initiation Protocol (SIP) or HTTP, according to James Hendergart, business development manager at F5.
"We're constantly tracking availability of those services at multiple ports and protocols," Hendergart said. "If your request comes in to place a call … we already know where we're going to send it. We don't have to send a network connection request and wait for a response."
Basic load balancers often stop at the transport layer -- checking just the hardware connection -- and don't report on what's happening to users inside Office Communicator's client, for example. Software-based load balancers also aren't able to maintain persistent monitoring, Hendergart said. Both of these differences can cause delays for users while traditional load balancers determine the availability and best route for a request, he said.
"Reliability in a voice connection … is even harder to maintain than it is for email, which is a 'send and forget' kind of protocol," Hendergart said. "There is a need for reliability in individual sessions to a group of user sessions on a server to an aggregate of user sessions across servers in a data to an aggregate of servers across data centers."
Before deploying BIG-IP in his network, Rice had used the load balancing features on his Cisco Systems' routers but was underwhelmed by their lack of application-layer functionality. The Layer 7 visibility of the F5 application delivery controllers has also improved security for his UC applications. The BIG-IPs do double-duty as proxy servers, enabling Rice to securely open OCS applications with an Internet presence and Microsoft SharePoint to external users.
"Being able to do a reverse proxy to strengthen the security of the application going or sitting behind the F5 gave us an additional layer of security and an application-based firewall," Rice said. "It wasn't until we had the F5 [appliance] in place that we had a way to authenticate external users to get into our SharePoint [server]."
The "hodgepodge" command-line interface for reporting and troubleshooting on the Cisco routers was also more difficult for some members of his team to learn than F5's user interface, Rice said. Training has also been easier on his team because BIG-IP enables Rice to isolate configurations they are authorized to touch.
"This way, as they go through testing … they can't break anything that we can't easily fix," Rice said.
Application delivery controllers and load balancing for Lync 2010
In anticipation of the general release of Lync Server 2010 -- the next generation of OCS -- F5 partnered with Microsoft to test and certify F5's Local Traffic Manager feature for Lync 2010. The application delivery controller vendor recently published its deployment guide to configure BIG-IP for Microsoft Lync .
As a Lync beta tester for Microsoft, Rice has been using his application delivery controllers for both generations of the UC platform. After following F5's deployment guide "to the letter," he has seen the same redundancy and reliability benefits in Lync and expects to begin deploying it to his users by the end of the first quarter of 2011.
Rice discovered that Lync had native load balancing capabilities -- unlike his legacy deployment -- which had the potential to conflict with his application delivery controllers. They didn't.
"The new capability adds complexity to Lync [but] doesn't pose any issues for F5. I suspect this is directly related to integration testing done prior to the release of Lync," Rice said. "The partnership that F5 had with Microsoft and other suppliers … was really the catalyst for us to replace the existing [OCS 2007 R2] hardware that we have."
Let us know what you think about the story; email: Jessica Scarpati, News Writer