Voices from the Field: Using Traffic Intelligence to Improve Switch Performance

In this interview, we are talking to Amit, a developer and software architect for a range of LAN access switches. These high-performance switches offer enhanced quality of service (QoS), user authentication, deep packet inspection (DPI) and security features for the network edge. The latest release of the switch gives IT visibility and control of over 3,000 applications, on both wired and wireless networks.

Enea Qosmos: What is your role in the organization?
Amit: I am a software developer and architect working on a family of switches for enterprise and campus environments. Together with two other engineers in my team, we started to design the first version of the system in Q4 2014. We are part of the R&D organization and work with Product Line management (PLM) and an independent Quality Assurance function, which has the last word on the software release.

EQ: What is your general impression as a user of ixEngine?
Amit: Working with Qosmos has been very positive. We previously tried other vendors and other technical approaches such as regexp engines, but we were unable to satisfy the requirements of PLM and QA. ixEngine was the only product to live up to expectations. Our contact at Qosmos is Belgacem, who came to visit us at our development center in India. The collaboration is excellent: he helped us design our software application, integrating ixEngine and it feels great to have such an expert as part of our extended team!

EQ: How does ixEngine fit technically into your switches?
Amit: Based on the traffic intelligence from Qosmos, IT admins using our switches can define policies, enforce QoS, limit bandwidth consumption, or block specific applications.

Technically, Qosmos ixEngine classifies the traffic and our software uses the resulting application ID to send instructions to an ASIC, which in turn controls the traffic.

Our challenges were 1) managing high traffic volume and 2) ensuring fast reaction time for QoS.

We are able to handle high traffic volumes thanks to ixEngine’s ability to classify accurately using only the first few packets of each IP flow. And we minimized latency by running ixEngine on a CPU directly on the switch. In short, we managed to achieve a nice balance between classification and reaction time.

EQ: Which version of Qosmos ixEngine are you using?
Amit: We started with ixEngine 4.x and now we are using 5.x inside our latest products. The upgrade to 5.x went smoothly: a few APIs changed, but the packet feeding mechanism and the output collection remain the same.

EQ: Does the protocol coverage fit your needs?
Amit: When we first tested our new switch on the Chinese market, we noticed that 7 – 10 applications were not classified by ixEngine. We took traffic traces and sent them to Qosmos support who developed all the new signatures within a couple of weeks. Since then, protocol coverage has been fine.

EQ: How is your product portfolio going to evolve?
Amit: We are developing a new system, which will use ixEngine embedded in a next generation device, located in malls and sports stadiums; this means that our customers will be able to implement value-added services such as targeted ads and promotions.

EQ: Thank you, Amit!