Technique: A wasteland no more

Nevada corrections department's WAN upgrade lets inmate tracking system reach across the desert

Lessons Learned: Do your homework before optimizing

The benefits of installing wide-area network optimization appliances from Blue Coat Systems on its network have been great, said Dan O'Barr, systems administrator for the Nevada Department of Corrections. But that does not mean the process is easy. Here are a few lessons he learned to help minimize the headaches and maximize the return.

Do a trial first. This not only helps ensure that you are getting the right product, but it also helps sell it. 'When I was able to show that the appliances would do the job, the issue was over,' O'Barr said. 'Purchasing signed off on it right away.'

Do lots of planning. With a short window from the time of purchase to the operational deadline, advance planning was needed to get the appliances installed and running without disrupting operations.

Call references. 'I'm surprised how few people have called me, even though the company has offered me as a reference,' O'Barr said. 'That's one of the first things I do when I'm planning an extensive installation.'

Chris King, Blue Coat's director of strategic marketing, offered one more piece of advice to organizations wanting to get more performance out of their WANs: Know your network. 'A common problem is that administrators don't know what's on their network,' King said. 'They don't know what the problem is' when performance is inadequate.

William Jackson

"THE BENEFITS ARE SO GREAT THAT IT WAS WORTH THE HEADACHES." ' NEVADA'S DAN O'BARR JR.

WPN photo by Max Whittaker

The Nevada Department of Corrections has some of the most remote facilities in the country, some of them as far as eight hours from department headquarters in Tahoe.
'You can't get more remote in the lower 48,' said systems administrator Dan O'Barr Jr. 'There's a reason Area 51 is here.'

The mysterious Area 51 ' officially Air Force Flight Test Center, Detachment 3 ' is about 100 miles from Las Vegas in the desert of southern Nevada.

'It's a rough piece of desert,' O'Barr said. 'At the prison out there at the edge of it, we can leave the gates open. They aren't going anywhere.'

One inmate who did walk away from the prison showed up 24 hours later at an Indian reservation, begging for water.

That remoteness was a hurdle that nearly blocked an upgrade of the department's key application. Administrators had relied on a 20-year-old, homegrown program to track its inmates. It was a batch-updated system that did not provide real-time data, and the developer who created it is long gone, making updates next to impossible.

Critical need

'It had a tremendous number of deficiencies,' said O'Barr. Planning began about 18 months ago to replace the program with a centralized real-time management system with a Web interface from Syscon Justice Systems. 'This manages all the basic operations with regard to inmates,' including calculating sentences, keeping track of money in trust accounts and knowing who is where at any given time. 'It's the minimum critical application that any prison system uses.'

But by early last year, it became apparent that the new software was not going to work on the department's network. Because of the latency in narrowband links to remote locations, some pages took 50 seconds to load, if they loaded at all.
'It was essentially unusable in the network's current configuration,' O'Barr said. 'A lot of people don't understand why we can't just run a T1 line, but I have seven locations at which the only connectivity is a satellite, and the application did not perform.'

In some of those locations, T1 lines were not an option, and others with T1 connections were going to need additional lines at costs of $800 to $1,300 a month.
When the state changed the way sentences were calculated in order to get nonviolent offenders out of the crowded system more quickly, the situation became critical. The old program could not be modified to handle the new calculations.

'The calculations are so complicated most people can't do it by hand,' O'Barr said.
So an upgrade to the new Syscon system was needed by the time the new rules take effect on July 1, 2007, and that meant that wide-area network performance had to be improved.

'The challenges they faced from an infrastructure perspective were extreme,' said Chris King, director of strategic marketing for Blue Coat Systems. But the company's WAN optimization appliances have been able to boost performance enough for the new application to work throughout the Corrections Department.

Blue Coat's SG Appliance is a box that sits near the WAN gateway of each location, managing traffic on each link to improve throughput and create other efficiencies. The appliance was developed from proxy cache technology for the Internet, applied to WAN optimization.

It was one of two products ' along with an application accelerator from F5 Networks ' that were brought into the Corrections Department for testing. The F5 product sped up the Web application traffic just fine, but that was all it was able to do, O'Barr said. Blue Coat was able to manage all Internet traffic and control Internet access, in addition to speeding the application.

'It's not enough to just make things go faster,' King said. Some traffic does not belong on the network at all. So the goal is to stop the bad traffic and accelerate the good traffic, reducing bandwidth demands.

Blue Coat uses a variety of techniques to achieve this ' what King calls a standard bag of tricks used by most players in the market ' from bandwidth management and caching to compression.

The Corrections Department has installed 20 of the appliances at its headquarters and remote locations. Implementation was not entirely painless, however.

Because the boxes handle all traffic, each customer must develop policies, and the appliances must be tuned to use the optimal mix of functions to meet a user's needs. An environment heavy in video and Web caching might not use byte caching, for instance.

Once implemented, the benefits were immediate.

Some database applications on the network have shown a sixfold increase in performance. Pages that took 50 seconds to load now load in five seconds. Security and policy enforcement also have been improved. 'The benefits are so great that it was worth the headaches,' O'Barr said.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above