x
Optical/IP

CacheLogic: Another P-Cube?

The elevation of P-Cube Inc. to the dizzying heights of Light Reading's Top Ten Private Companies has thrown the spotlight on the recent arrival of a competitor, the U.K.'s CacheLogic Ltd. (see P-Cube Tiptoes Into the Top Ten).

CacheLogic announced its Streamsight 510 last week, but the news got swamped by the results of a survey it conducted with the help of some early customers (see CacheLogic Launches P2P Analyzer). The survey showed that a new generation of protocols has exploded onto the P2P scene, headed by BitTorrent (see P2P Gets Serious).

Like P-Cube and a bunch of other vendors, CacheLogic aims to conduct "deep packet inspection" of traffic. Although this can be used to help service providers deal with P2P traffic, it can also be put to use in more constructive ways. For instance, it can help identify low-hanging fruit [ed. note: was that "deep pocket inspection?] in the form of services that might attract particular types of users.

The big difference between CacheLogic and P-Cube is in how they go about conducting the deep packet inspection.

CacheLogic does it all in software, saying that the P2P market is changing so fast that service providers need to be able to upgrade their analysis tools regularly to be able to identify the latest traffic types. BitTorrent, for instance, is only one of a whole new generation of "swarming" P2P protocols that break up files so they can be downloaded from multiple sites at the same time. A raft of other protocols have emerged, including Chord, Peer Distributed Transfer Protocol (PDTP), and The Circle.

P-Cube takes the view that deep packet inspection has to be done in hardware to be able to analyze flows in carrier networks that can run into multiple megabits per second. Milind Gadekar, P-Cube's marketing VP claims to have tests results indicating that other software-based appliances from Allot Communications and Packeteer Inc. (Nasdaq: PKTR) run out of gas at 300 to 400 Mbit/s. "Given megabit speeds, we just don't see how a software solution would work," he says. (Allot and Packeteer, however, primarily target enterprise networks.)

This view is shared by Benoit Legault, marketing VP of Ellacoya Networks Inc., who says that custom-built hardware is "an absolute requirement" for carrier networks. Legault also notes that shaping traffic at such speeds, something that Ellacoya and P-Cube do, is even more challenging.

Andrew Parker, CacheLogic's CTO, says its Streamsight 510 has already proved that it can analyze traffic flows of up to 1 Gbit/s, in the trials with early customers -- Tier 1 and 2 ISPs -- that generated the previously mentioned survey results. It's also worth pointing out CacheLogic's heritage: It was spun out from Zeus Technology, a company that got a reputation for having the highest performance Web server software.

CacheLogic's first products aimed to help service providers manage P2P traffic on their networks by caching it (see Caching In on P2P). As noted, the Streamsight 510 aims to be more constructive, by helping network operators identify potential services they could offer different user types. In order to do this, it can associate applications with subscribers, a feat that both Ellacoya and P-Cube also claim to be able to do.

— Peter Heywood, Founding Editor, Light Reading


For more on this topic, check out:


For further education, visit the archives of related Light Reading Webinars:

Page 1 / 2   >   >>
fiber_r_us 12/5/2012 | 1:26:33 AM
re: CacheLogic: Another P-Cube? It seems almost trivial for the P2P software to defeat schemes where a box in the middle is "snooping" on traffic to make decisions. All the P2P software has to do is encrypt the datastream and use some sort of port selection scheme. No amount "deep inspection" would allow a box in the middle to conclusively decide that something was P2P traffic vs something else.

Seems like a waste of money for an "arms race" that can't be won.
Tony Li 12/5/2012 | 1:26:30 AM
re: CacheLogic: Another P-Cube? Not necessarily. It depends what's encrypted. If it's not the control stream and only the data side, then a snooper could easily track things. For things to be wholly hidden, the client would have to work pretty hard to do something out of band for key exchange, port number synchronization, and service discovery.

Of course, the intelligent ISP might want to *encourage* P2P usage and be a BitTorrent seed themselves. It adds value to the customer and halves the bandwidth expended. Better yet, if there was a way to encourage a multicast version of BitTorrent....

Tony


Tony
Peter Heywood 12/5/2012 | 1:26:23 AM
re: CacheLogic: Another P-Cube? When I've asked about encryption in the past I've been told that the search packets of P2P protocols often are encrypted but the packets carrying the actual content aren't - and it's possible to extract the required data from these packets.
fiber_r_us 12/5/2012 | 1:26:20 AM
re: CacheLogic: Another P-Cube? I am not saying that P2P apps encrypt everything neccessary today. The things Tony pointed out seem relatively easy to encrypt as well. Even if the box in the middle observed the key exchange, wouldn't it have to understand the encryption algorithm to be of any use?

In the end I agree that ISPs should encourage use of their network (whether its P2P or not). And, in the end, if an ISP begins to artificially degrade a service that it sees as "less than important (P2P)" or "threatening (VoIP)", their customers will simply go elsewhere.
mr zippy 12/5/2012 | 1:26:08 AM
re: CacheLogic: Another P-Cube? In the end I agree that ISPs should encourage use of their network (whether its P2P or not). And, in the end, if an ISP begins to artificially degrade a service that it sees as "less than important (P2P)" or "threatening (VoIP)", their customers will simply go elsewhere.

I agree about a ISP trying to increase the usage of their network.

I've understood one way to measure an ISP business is to look at the "inherent" value in the network. Larger networks have more inherent value, as they generally provide better performance (due to larger amounts of bandwidth, commonly lower utilisation and finally, better networking engineers who can build it right), and better reachablility, in other words, a larger foot print.

I'd think the fundamental way to initiate the growing of the network would be to increase the customer base. Correspondingly, that would require increasing bandwidth, which means wholesale buying or deploying new links, and buying new equipment. Both of these purchases will usually increase discounts from upstream suppliers, which will result in reduced costs. That is, the network, for its new size, becomes cheaper to own and run.

If you don't grow your commodity business, because it is a commodity business, your competitors will probably price you out of the market, usually in the medium term.

This is why I struggle to see why these P2P blockers or regulaters provide any value. They are used to enforce a practice that is contrary to what commodity ISPs need to do to increase their business, which is really to say their survivability.

Of course, if an ISP is smart, they will try to identify opportunities to value add to their network, in "decommoditising" ways. Typically, this means adding unique or semi-unique services on top of their commodity network. Customers will be vested in the unique or semi-unique services, which, as a consequence, means being connected to the ISPs network, and also means that the customer will be less inclined to swap ISPs based on bandwidth prices.
Tony Li 12/5/2012 | 1:26:06 AM
re: CacheLogic: Another P-Cube? Of course, if an ISP is smart, they will try to identify opportunities to value add to their network, in "decommoditising" ways. Typically, this means adding unique or semi-unique services on top of their commodity network. Customers will be vested in the unique or semi-unique services, which, as a consequence, means being connected to the ISPs network, and also means that the customer will be less inclined to swap ISPs based on bandwidth prices.

Yup, this is known as adding differentiation. The problem with this theory is that every other ISP is running their network with almost exactly the same set of gear and tools, with an almost identical architecture (at least to the average customer). Therefore, any service that they can add that is based on their gear, tools or architecture is trivially copied by the competition. That is to say that it's very difficult to create a niche with a barrier to entry. Is it in fact better to invest in delivering the commodity services more efficiently?

Tony
Tony Li 12/5/2012 | 1:26:06 AM
re: CacheLogic: Another P-Cube? Even if the box in the middle observed the key exchange, wouldn't it have to understand the encryption algorithm to be of any use?

Not necessarily. First, the key exchange isn't going to give a listener the true key for the conversation, only some intermediate data that the end points will use to mutually compute the correct key. Second, the point isn't to decrypt the user's data stream anyhow.

All that is truly necessary is to obtain enough information to infer that the P2P app is being used. For example, if the middle box sees key exchanges with 30 known BitTorrent trackers and NO other hosts, plus numerous bits o' traffic to strange port numbers, it's a pretty good guess that this system is doing more than just surfing.

Tony
moonflye 12/5/2012 | 1:26:03 AM
re: CacheLogic: Another P-Cube? I would be interested to hear what people think generally about Acterna equipment versus the competition. This company just came out of bankruptcy and i wonder if they're making good stuff and keeping up with new technology, etc. Plus, are they reliable to do business with?
appreciate all feedback.
mr zippy 12/5/2012 | 1:25:59 AM
re: CacheLogic: Another P-Cube? Yup, this is known as adding differentiation. The problem with this theory is that every other ISP is running their network with almost exactly the same set of gear and tools, with an almost identical architecture (at least to the average customer). Therefore, any service that they can add that is based on their gear, tools or architecture is trivially copied by the competition. That is to say that it's very difficult to create a niche with a barrier to entry.

I don't disagree if the value add service or product is "created" by taking COTS devices, plugging them in, switching them on and then selling the new "service".

I have been involved in developing a product which did "decommoditise" the network. In that case though, while we took an COTS IPsec device, the value add, complexity and "lock-in" we created were in the deployment, management and monitoring areas. Due to the security requirements and nature of IPsec VPNs, we were value adding over the top of the COTS product by developing and implementing secure deployment, management and monitoring procedures. Also, due to the size of the network (UUNet), we were able to offer SLAs covering many countries (this is an example of where the "inherent" value of the network's size paid off hansomly).

In other words, the COTS equipment was the simpler part of the product, the complexity was in the value add that we performed.

Sure, competitors would have been able to replicate the product by using the same COTS IPsec VPN products. It would have taken a fair amount of effort, giving us time and opportunity to continue to be in the lead product wise.

Is it in fact better to invest in delivering the commodity services more efficiently?

I realise this is almost a retorical question, obviously it always is. One of the reasons I haven't started up an ISP, as much as I'd like the technical and business challenge, is that I won't be able to beat the big guys when it comes capex discounts from suppliers, and I'd doubt I'd be able to beat them on opex efficiency.

In the context of the product I was developing, we had a "3rd party" connectivity model, were a 3rd party ISPs network could be used. The only difference was that we wouldn't offer SLAs for those nodes.

As this shows, the "value add" product isn't constrained to the underlying network, as long as things such as network performance and availability SLAs are abandoned. If the provider is smart enough, they can leverage this fact, and start selling the "value add" service to customers who aren't or can't be connected to their network.

I find it interesting that a lot of the "old school" telcos are all talking about moving to VoIP for phone calls. When I read these statements, there seems to be an underlying mentalility of "we will be able to constrain our customers to using our VoIP service". I'd suspect this comes from the classical "in-the-network" services view they are used to.

If they are wise, they will not only abandon this "in-the-network" view point, they will also open up their VoIP services to anybody who is willing to pay for them, irrespective of where they are located (being in Australia, I might be interested in VoIP from one of these carriers if it is cheap enough). Admittedly though, they would then be competing with organisations already in this space, eg. Packet8, etc.

Mark Smith a.k.a. Mr Zippy
slickmitzy 12/5/2012 | 1:25:58 AM
re: CacheLogic: Another P-Cube? Hi,

My two cents on this subject as a network engineer for an isp (not in the states).

We have a mixed feeling about p2p.
On one hand it does increase network utilization by at leat 2 folds, and where we are located bandwidth is expensive ( couple of hundreds of dollars per mega per month). another pointis that p2p also changed the statistical behaviour of the network.
two years ago you could design your network to accomodate buisness users during buisness hours and residetials during the night. today everybody leaves their Bittorrent open and downloading when they go to work.

On the other hand we understand that we cannot dictate to our customers what apps they will use and when.

Now comes all the players of p2p optimization, caching and control.
We have few of them installed in the network.
Our opinion is that those products shouldn't impair our users experience.
Those products fall in to two 3 major categories
1. bandwidth limiters - we believe this is not an option. this is only good for enterprises.
2.caches - those products works well, however due to the nature of the traffic it's not proven that they save much bandwidth because if the user downloads a file from the cache it's just moves on to the next file in his list.
3.p2p routing managers. currently p2p routing is not aware to the ip topology and it's very common for a user to download a file from another user outside the network although this file is available from users within the network.
Those products aim at mapping files available in the network and then using all sort of manipulations to send local users to other local users.

From our experience the last two categories combined together works the best.

slick
Page 1 / 2   >   >>
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE