All-in-one products such as Lightspeed Systems Inc.s Total Traffic Control 3.0 have to clear a high hurdle of skepticism in eWeek Labs. However, Total Traffic Control managed to do just that in tests.
This combination firewall, bandwidth limiter, traffic shaper, load balancer and content-filtering package worked effectively in a wide variety of traffic management tests while also being easy to manage, and it provided more than 75 new reports that gave us a better sense of how our network was performing.
Total Traffic Control, which started shipping last month, is not for everyone. Organizations that have large-capacity connections to the Internet—for example, T-3 or greater—should skip this product and go right to more specialized, higher-capacity offerings from Cisco Systems Inc., F5 Networks Inc. and Nortel Networks Ltd., among others.
Total Traffic Control is available in a variety of formats at reasonable upfront costs that should fit neatly into organizations budgets. We worked with the Total Traffic Control appliance, which came on a Dell Computer Corp. PowerEdge 500SV minitower equipped with three NICs, at a list price of $6,495. The product is also available as software for a dual-processor, rack-mountable system ranging from $5,495 to $8,495.
Between the excellent sample configurations that Lightspeed provides and the companys competent support staff, which we worked with, organizations likely wont have to pay much more for expert consulting to get the product fine-tuned.
The only drawback that we found with Total Traffic Control 3.0 is that some of the reports that showed Internet access and URL visits contained so much detail that it was easy to get swamped by information, thereby making it hard for us to find interesting details. We could overcome this problem by running our own queries on the information stored in the Microsoft Corp. SQL Server database.
A lesser concern was that quite a few of the configuration changes require that the service be stopped and started. To be clear, we never had to reboot the appliance, which runs only on Windows 2000 and Windows XP. IT managers should just keep in mind that configuration changes should be done outside of production hours.
Aside from these concerns, Total Traffic Control 3.0 worked well, and we learned a great deal about network usage habits from running the product in our test lab. The appliance was very easy to install on the network; the GUI is intuitive, and we had the interfaces correctly configured after just a couple of hints from the manual.
We recommend that novice users simply monitor the network first before applying filters or traffic-limiting policies. The new “classification and reporting” module is the first thing that we added to the test configuration after we got the interfaces working correctly. In our tests, the Total Traffic Control appliance sat between an internal test network with a private address scheme and the outside Internet.
Although we tested only one device, it would be a straightforward process to install a second Total Traffic Control system to act either in hot standby or load balancer mode. This is practically a necessity to keep the Total Traffic Control machine from becoming a single point of failure in the network.
The Total Traffic Control device can also work in monitor-only mode, looking at data from a mirror port on a switch, but we didnt test the product this way, because, when used in this configuration, it loses all its bandwidth and traffic control functions.
After getting an idea of the traffic types, amounts, heaviest users, most visited sites and other network-usage patterns based on prepackaged reports we got from Total Traffic Control, we started to add policies that significantly altered the who, what and when of the Internet connection.
Configuring policies was a snap once we were told how to expertly use the policy objects. Because all policies are developed by dragging objects from a tool tree onto a graphical network, it took very little time for us to apply our policies that, for example, restricted the amount of music files that could be shared over the network.
Although most of the products traffic control policies arent new in this version, it is worth noting the wide range of controls that managers can implement. We could restrict usage based on user ID, media access control address, IP address, URL, time of date, type of traffic—and the list goes on.
We could save traffic control configurations and apply them to other Total Traffic Control systems in other parts of the company, thereby enabling us to centrally manage our policies.
At first, we were a little nervous about using the Total Traffic Control firewall running on Windows 2000 Server—this isnt the first platform that comes to mind when considering a security product. However, Total Traffic Control doesnt use the Microsoft TCP/IP stack but instead uses one that Lightspeed customized: All network traffic is handled by the stack and bypasses the operating system, thereby greatly reducing exposure to bad actors or misbehaving code.
Senior Analyst Cameron Sturdevant is at [email protected]
Executive Summary
: Total Traffic Control 3.0″>
Executive Summary: Total Traffic Control 3.0
Lightspeed Systems all-in-one firewall/bandwidth limiter/traffic shaper/ content filter/load balancer is worth careful consideration for use in small and medium-size enterprises or in branch offices. The product is simple to set up and configure and can be managed from a central console.
Cost Analysis
Total Traffic Control 3.0 is easy on the budget in terms of upfront costs and ongoing maintenance. Aside from some minimal consulting that will likely be needed to fine-tune policies, the product shouldnt require much more attention aside from looking at reports.
(+) Combines related traffic control products; many new reports.
(-) Report details can make finding problem traffic difficult.
Evaluation Short List
- Ciscos 7600 Series routers
- Nortels Alteon Web Switchin
- F5s Big IP
- www.lightspeedsystems.com