ELFIQ ENTERPRISE NETWORK

Bandwidth Optimization

NETWORK OPTIMIZATION AND BUSINESS CONTINUITY
SOLUTIONS FOR ENTERPRISES AND SMBS

Why spend more on bandwidth expansion when you can make your existing network more efficient? While bandwidth expansion may seem like the solution to the growing load placed on today’s networks, Martello’s bandwidth optimization solutions make your current network operate more efficiently, at a fraction of the cost. 

MODULAR FEATURES

Elfiq SSL VPN

Martello’s Elfiq VPN engine enables organizations to leverage traditional internet links and use them as site-to-site VPN tunnels. Supplementing or replacing WAN links with Elfiq SSL VPN is key for all organizations wanting to optimize their bandwidth while lowering their costs.

Elfiq’s industry-standard SSL VPN is easy to configure and very secure. Once traffic is sent to the VPN component, it’s encapsulated and transported to the remote site. With dynamic DNS capability, this VPN solution is friendly to DHCP or PPPoE links. Simply configure a remote peer and a common passphrase and you’re done.

Quality of Service

Martello’s Elfiq QoS feature enables organizations to proactively manage bandwidth allocated to services and applications. This ensures key elements such as email, VoIP and VPN have the required bandwidth and that less desirable traffic does not capture critical throughput.

Traffic prioritization and classification is a key element to ensure Quality of Service. The QoS module enables organizations to control available bandwidth based on corporate policies for ports, protocols, and applications. By guaranteeing bandwidth for specific needs such as VoIP, VPN, e-commerce and Web surfing, the services will perform optimally.

Should low-priority activities such as online radio or gaming consume bandwidth which should be used by more critical applications, the QoS module will restrict these activities to a specific amount of allocated bandwidth.

The Quality of Service technology provides the ability to perform QoS activities on multiple links concurrently for multiple services. Should one link fail, the QoS module will apply new user-defined rules to the other links to guarantee bandwidth for all critical services.

Furthermore, the Quality of Service module supports QoS DiffServ marking and is available on all Elfiq Networks products.

Elfiq Operating System (EOS)

The Elfiq Operating System (EOS) is composed of multiple features that provide the ability to deliver high-performance projects and complex solutions.

Elfiq Slice

MARTELLO’S ELFIQ SLICE IS A PRIORITY-FOCUSED QUALITY OF SERVICE ENGINE. Its main goal is to service your traffic and re-order packets to ensure your priority traffic is always serviced first. This is critical for low-bandwidth high-priority applications such as VoIP and teleconferencing.

Elfiq PrioMap

TODAY, THE MAJORITY OF TIERED INTERNET SERVICES ARE BEING CONTROLLED AND DELIVERED BY INCREASING OR DECREASING THE QUALITY OF SERVICE (QOS) LIMITS OF SPECIFIC TIERS. Although this increases the cap of how much bandwidth a type of user can access at a time, it is not going to get any more bandwidth or higher priority if the internet link is already fully saturated. In cases such as hotels, where guests pay for accessing a higher tier, this leaves the guest unhappy with their tiered internet purchase, generating a call to the internet support line and creating a flurry of activity involved to credit a guest for their recent purchase.

PrioMap lets a device with more “internal network” knowledge, such as an Internet Gateway, mark IP packets with Differentiated Services Code Point (DSCP) to instruct the Link LB to override its default configuration and change the way the sessions are processed. The potential for LBX or VLBX configuration override includes: load balancing algorithm, link selection, QoS queue, Slice ID (Load balancing and Link Selection can have an effect only during session establishment).

By working in conjunction with an Internet Gateway which can properly tag the different internet tiers, Martello’s PrioMap feature can continue the prioritization of given tier from the gateway and out through the proper internet link, giving it precedence over other traffic on the network with our built-in QoS according to corporate priorities.

In the below example, based on the hospitality industry, guest traffic is tagged by the internet gateway as A, B & C and are then prioritized over the available links in that same order. Admin traffic is also prioritized accordingly.

Time Based Conditions

MARTELLO’S ELFIQ NETWORKS PRODUCTS CAN AUTOMATICALLY ADJUST THEIR CONFIGURATION BASED ON TIME-BASED CONDITIONS.

Through this feature, bandwidth can be allocated to optimize operations in contexts such as:

  • Allocating bandwidth to subnetworks based on corporate priorities
  • Toggle specific actions or change of configuration
  • Cost-based utilization based on time conditions to reduce costs related to burstable links or links with transfer limits
  • Freeing bandwidth not used in non-peak business schedules for core activities such as site to site data replication and backup
  • Distributing available bandwidth between different networks sharing a common infrastructure

Stateful Firewall

By adding a stateful firewall to its solutions portfolio, Martello makes it even easier for clients to replace multiple edge devices with Elfiq LBX devices or the EDGE Series, either hardware or virtual.

Whereas conventional firewalls offer active-passive failover solutions, which are no substitute for a multi-link bandwidth aggregation architecture, Martello’s Elfiq devices can replace common edge firewalls by offering stateful firewall capabilities of their own. By inspecting incoming and outgoing packets, Martello’s firewall can identify and redirect untrustworthy traffic, keeping your network safe.

Global Geolink

  • Enables geographic balancing and redundancy of traffic for environments requiring multiple sites
  • Ensures traffic goes to available sites when links or servers are unavailable
  • Manages WAN traffic saturation for optimal operations

Martello’s Elfiq Global Geolink feature brings enterprise-class multisite geographic traffic balancing for business continuity and disaster recovery optimization. With Global Geolink, organizations can design and implement infrastructures which will be resilient and will be able to process data even if sites go dark, as long as one is operating. Up to 6 physically separate sites can be made geographically resilient with this technology. This technology can be viewed as an alternative to the BGP protocol and global server load balancing (GSLB).

Should a site’s links become unavailable, key corporate services can be geographically balanced to another site to prevent any downtime and this adjustment can be done in seconds, unlike BGP which can take up to an hour to do the same.

A secure Geolink is created between each site which will be used for the exchange of metrics between sites so each balancer is aware of the next one’s status, including link saturation, link availability, iDNS resources and their related metrics, ISV resources and metrics.

The Geolink must be established on private WAN links such as MPLS or over IPSec VPN tunnels.

To move the clients and application traffic between sites, Martello’s Elfiq research team developed the NATTP protocol. NATTP stands for “Network Address Translation Transfer Protocol” which runs its own protocol number on IP networks. It was created as a very efficient way to encapsulate valid traffic and modify its original path. NATTP is preferable to NAT because it removes any security risks associated with passing public traffic on private links by encapsulating the traffic so that only another Link LB unit can retrieve the data.

Inbound Geolink

  • Ensures that inbound traffic is redirected to an available site
  • Creates a secure tunnel between sites
  • Manages metrics exchange between sites to determine which one is optimal

Martello’s Elfiq innovative Inbound Geolink option enables the management and distribution across sites with mirrored servers, such as websites hosted at two locations. This technology can be viewed as an alternative to the BGP protocol and global server load balancing (GSLB).

With this feature, when a site’s connectivity is compromised or saturated, the second site will handle subsequent transaction through redirection of traffic handled with Elfiq’s Inbound Geolink, ensuring business continuity.

The Inbound Geolink feature creates a secure tunnel between the sites in which metrics are exchanged in real time to determine which site is the optimal choice to process the next session.

Metrics exchanged between sites through the Geolink include link throughput and saturation, counters, iDNS resources, ISV information to load balance and algorithm configuration.

High Availability

Martello’s Elfiq link balancing products can be deployed in high availability and failover mode to ensure maximum uptime to increase business continuity. When used in high availability mode, a first LBX or VLBX device is designated as the “active” or “master” unit, and the secondary is designed as the “passive” or “slave” unit. Both units constantly communicate information and metrics. Should the “active” unit stop responding, the “passive” unit takes over traffic management and continues operating normally while alerting the IT department.

Intelligent Condition Verificator

Martello’s Elfiq Intelligent Condition Verificator (ICV) feature allows organizations to develop advanced and customized configurations based on their corporate needs, bringing a higher level of granularity and control. In many organizations, the “what if” scenario needs to be addressed and the ICV enables to perform these very specific tasks.

Common uses for the Intelligent Condition Verificator include:

  • Taking actions when specific conditions happen such as a link failure or saturation
  • Modify traffic algorithms based on times of day
  • Cost-based utilization based conditions or reduce costs related to burstable links or links with transfer limits
  • Reset statistics and counters on a specific date/time

LAN Failsafe

This feature is another unique to Martello’s Elfiq Networks’ complete LBX product line. By nature, a Link Balancer is a failsafe device, ensuring that bandwidth is available at all times and manage the failover process.

Martello’s unique Layer-2 approach enables the installation of Link Balancers without any modification to the existing network, allowing the Elfiq device to relay traffic between the primary link (a link which was installed prior to the Elfiq unit) and the network perimeter devices (firewall, HSIA gateway, etc.).

All LBX models provide one or multiple pairs of bonded ports to transfer IP packets so normal operations can continue until the unit can be diagnosed and powered on. When the device is in LAN Failsafe mode, the Elfiq native features are unavailable.

This technology enables affordable business continuity and uptime for small businesses and branch offices that require maximum uptime and cannot afford redundant failover units, which remain the best approach for environments in which bandwidth availability and incoming services are critical.

Intelligent Service Verificator

The Intelligent Service Verificator (ISV) service is the perfect complement to the Intelligent DNS (iDNS) module. In a context where multiple servers are performing the same task such as web servers, the ISV will monitor each of these servers to ensure that the traffic passed by the iDNS module is sent to a functioning server.

The ISV can perform two types of tests to verify a server or service’s availability, a Layer-7 (L7) exchange or a Layer-4 (L4) connection. The L4 tests will attempt to connect to the defined service on the specified TCP port and if the connection is successful the service is considered to be available. The L7 test will replicate a real user request for a web page (for example), get the result from a web server and locate a keyword in the returned page to confirm that everything is in order.

iDNS

Martello’s Intelligent DNS (iDNS) feature enables organizations to proactively balance inbound traffic requests coming into their network. iDNS is commonly used to balance key services and ensure 100% availability for roaming client VPNs, web-based applications, transactional sites, web-based email and SMTP traffic.

The iDNS module performs this task by intercepting traffic requests for desired services and returning the guest the link information which is optimal for its request.

By design, iDNS is not a full DNS service. This approach alleviates the need to migrate your DNS domains to support a multi-homed network and greatly reduces installation time and planning.

The iDNS module’s configuration is very granular, enabling customized balancing configurations for each service balanced by iDNS. For example, SMTP and VPN services can be assigned to different links and balancing algorithms based on organizational policies.

Stream VPN

Virtual Private Networks (VPNs) are a staple of modern business communications. The constant back and forth key validations between devices provides additional security but can be tedious and CPU-intensive when managed at the Edge. Martello’s Elfiq Networks provides an alternative through STREAM VPN, which relies on multi-PSK management performed dynamically by Elfiq Central, the company’s orchestrator. STREAM VPN can be encrypted in both AES-128 and AES-256.

Developed as a means to reduce the footprint when compared to conventional VPN methods, STREAM VPN operates at the hardware level and encrypts traffic per flow, effectively neutralizing the intensive requirements put on the processor by other VPN solutions. With STREAM VPN, clients can benefit from unlimited VPN meshing capabilities within the hardware capacity of their Elfiq Networks device.

Virtual Forwarder Interface

Martello’s Elfiq Networks’ products are built on an innovative platform called the Elfiq Operating System (EOS), which is the base of our bandwidth virtualization technology. Elfiq Networks devices can be logically segmented into multiple virtual interfaces. Each virtual interface is invisible to the next, creating the opportunity for multiple infrastructures to be managed securely while reducing costs.

The basic role of the virtual forwarding interface (VFI) is to forward traffic between two or more interfaces while providing a fast packet interception service. A VFI consists of a minimum of 2 physical network interfaces, with at least one of them acting as the inside interface, and the other(s) as the outside interface(s) to handle the different links.

The VFI feature plays a key role for Global Geolink, with one VFI managing external traffic and one to securely redirect it to the other site.

LTE/4G/3G Mobile Carrier Support

LTE, 4G and 3G mobile carrier links can deliver significant value to an organization as they have become fast, mature and reliable. Clients can use one or more LTE/4G/3G carrier links to guarantee uninterrupted network access.

Common usage includes:

  • Failover option when all wired carrier links are unavailable for users and critical services
  • Constant connectivity for vehicle access (car, truck, ship, etc.)
  • Improved download throughput for key projects
  • Additional carrier option when no other is available

SitePathMTPX

SitePathMTPX WAN bandwidth virtualization is an innovative feature enabling point-to-point application acceleration and resilience, creating the opportunity for organizations to maximize multisite communications and services. This feature is commonly used for site-to-site VPN tunnels and VoIP trunks, ensuring impeccable communications at all times.

With SitePathMTPX, users can achieve true Internet link bonding or link aggregation. By integrating a Martello device at each site and increasing Internet link diversity, a web of possible paths becomes available for site-to-site communication, without having to modify the existing network configuration. Information about link state and usage is shared automatically between units and path selection is done on an on-going basis. Additionally, all point-to-point sessions remain persistent and do not terminate during a link failure.

Common uses include bonding multiple ISPs into a single virtual line or replacing/complementing MPLS and leased lines for cost-effective communications, reduced costs, and WAN acceleration.

Traffic segmentation

Our bandwidth optimization products bring a new level of bandwidth management and uptime to any organization looking to improve their overall competitiveness and reduce costs.

At the core of every Martello Elfiq device, the three following functions are included:

  • OUTBOUND LINK BALANCING: Organizations can use multiple (aggregate) ISPs for outbound traffic to the Internet so the load will be distributed. This process can be customized to meet specific needs and requirements or to match the best possible use of existing bandwidth
    with the use of seven algorithms.
  • INBOUND LINK BALANCING: Services available over the Internet can be easily performed with Martello’s Martello’s Elfiq Networks’ Intelligent DNS technology
  • LINK FAILOVER: The Elfiq Link Balancer will continually monitor the health of each ISP and distribute bandwidth as long as it is operating in a normal fashion. When a carrier link fails to respond normally, the Elfiq Link Balancer will remove it from the list of ISPs for bandwidth management and keep on testing it. When it becomes available, it will be used normally with the other carrier links.

When a carrier link fails, the sessions are re-started onto an alternate link, and for granular control over the failover process, the Intelligent Condition Verificator will bring a new level of control. To complement this ability, the Intelligent Condition Verificator can handle complex scenarios and guarantee bandwidth for key services while performing failover tasks.

Zero-Touch Provisioning

Martello’s network products can be configured easily and affordably through Zero-Touch Provisioning, delivering faster deployments and lowering the cost of configuration. This is ideal for deployments in sites which may not be accessible to IT personnel.

Elfiq Central

Elfiq Central allows users to access Martello’s SD-WAN offering by further providing zero-touch provisioning. Thanks to their Layer-2 design, Martello’s Elfiq devices can be integrated seamlessly in any network without any need for reconfiguration; the traffic will continue to flow through the device’s LAN bypass. Once the device is powered on, it will automatically retrieve its configuration from Elfiq Central and start optimizing the client’s network.

USB Configuration

New or updated configurations may be stored on a USB flash drive. Upon device reboot, the inserted USB drive’s configuration (text file) will be used to self-configure without the assistance of IT personnel. The USB flash drive may also be used for updating the device’s firmware. This simple approach is a cost-saving and problem-solving method which can significantly reduce downtime.

ATLAS allows organizations to finally move away from overbearing connectivity contracts and capitalize on carrier diversity.