Networks Can Now Work Harder Than Ever Before

It’s Your Bandwidth.  Why Aren’t You Selling It?

Be honest now. You’ve been holding back.  In fact, you’ve been keeping about half your bandwidth as reserve to handle peak traffic loads, rogue users, peer-to-peer data flows and more. Why? You’ve had no option.  The best-effort, random nature of how TCP/IP behaves under load has been baked into routed IP links since the dawn of the Internet.

Saisei has changed those rules

Whole technology segments, including WAN optimizers, packet shapers, application development controllers, APM/NPM solutions, load balancers, next-gen firewalls and more, have been developed simply to compensate for the inherently chaotic behavior of routed TCP/IP packet transmission. But packets are the past. Flows are the future.

With the volume of mobile, cloud and Internet of Things traffic mounting daily, Saisei decided the time for band-aids and patchwork solutions had passed. We developed a set of patents that allows routed IP links under Saisei FlowCommand™ control to behave in an orderly and predictable fashion for the first time in history. No more queuing. No more scheduling. No more random packet drops. No more brute-force QoS mechanisms that drop user sessions even at 50% link utilization.  There’s no reason they shouldn’t run at over 95% utilization if need be.  And with our No-Flow-Left-Behind™ guarantee, no user sessions will ever be dropped again. Not at 50%. Not at 95%. Not at 98%. Service complaints related to network congestion and stalled applications will simply stop. We call this Network Performance Enforcement (NPE).

And FlowCommand does all of this on commodity x86-based servers and/or on VMs under hypervisor control without adding to network overhead.

Net Neutrality — on your terms — and integrated flow security offer true service differentiation

The patented flow-engine algorithms in our FlowCommand Linux-based software ingest and process millions of concurrent flows 20 times per second on a routed IP link. Each of these flows is examined individually and combinations of 40 business, bandwidth and security metrics are applied to all the flows and executed in less than one second.

In doing so, we can offer service provider customers our unique Net Neutrality feature. With Net Neutrality, FlowCommand guarantees that all flows receive fair and equal treatment and bandwidth allocation regardless of the traffic load or types of applications attempting to use the link. No rogue users, no P2P sessions and no flood of traffic can negatively impact this fair-usage enforcement or break a link under FlowCommand control. Session integrity is fully maintained for data, VoIP and video services. Net Neutrality can be implemented differently across multiple groupings of applications and/or users on a link, meaning multiple service levels can be offered for specific types of traffic or users.  You’re not limited to just Premium, Standard and Best Effort.

Since the FlowCommand software knows literally everything there is to know about an actual data flow, it offers unique and powerful integrated security capabilities as well. For example, with FlowCommand, data exfiltration threats can be permanently removed as an issue.  Additionally, response to and root-cause analysis of DDoS attacks is significantly improved.  A Network Performance Enforcement system, such as FlowCommand, adds next-generation capabilities to what basic next-gen firewalls do, only it operates far faster and with about 1/3 the impact on network overhead (about 5-6 microseconds).

Your MPLS network benefits as well

The entire Saisei value proposition applies equally to MPLS networks (and IPv6 is also fully supported). So, fine-grained control and reporting of individual flows, real-time management of per-host bandwidth and so on are available for service provider MPLS links. FlowCommand can also operate in a mode that takes individual MPLS tunnels (Label Switched Paths, or LSPs) into account. In this scenario, FlowCommand can aggregate bandwidth to each tunnel and manage to that while offering the full palette of FlowCommand functions within those tunnels. Layering this mode on top of existing MPLS traffic engineering gives all the benefits of FlowCommand to individual users and sessions, while also providing the bulk traffic management inherent to MPLS-TE.

Designed for the scale of carrier networks; accelerates NFV deployments

Architected for the traffic demands of mobile, cloud and the Internet of Things, in its initial release, FlowCommand already supports up to 1 billion external hosts per instance.  It can apply its NPE capabilities to more 10,000 applications. Whenever FlowCommand sees a new application, it is automatically added to the list of supported applications, so that number grows daily.

Virtual networks, legacy networks, SDN networks and NFV networks – FlowCommand works on them all. Typically, FlowCommand is either configured as a VM with two network interfaces that is monitoring and controlling flows coming in and out of a vSwitch or will be placed as an edge appliance running on commodity hardware on the LAN/data center side of an edge router.

Don’t let your customers know more about your SLAs than you do

With FlowCommand’s ability to drill into a flow based on 40 application, geolocation, group, user and host metrics – not just the standard 5-tuple or 12-tuples of SDN/NFV – Saisei’s enterprise customers will typically deploy FlowCommand at the enterprise edge. This gives them incredibly granular control and visibility of their traffic over leased lines provided by service providers. Because FlowCommand also maintains a comprehensive visual history of flow behavior over these links, they have far more detailed records of SLA compliance – or non-compliance – than are available today from standard SLA and QoS tools.

And it’s all standards-based

FlowCommand is standard, Linux-based virtual appliance software that exclusively runs on commodity x86 processors and memory and is built to operate in both bare metal and virtualized environments. There is no requirement for dedicated storage. Data entering FlowCommand is standard TCP/IP traffic and data exiting FlowCommand is also standard TCP/IP traffic. All the control, visibility and manipulation of the flows are applied in-system.

All Saisei NPE solutions come with a powerful and flexible RESTful API for easy integration with third-party systems as well as GUI and CLI interfaces. The Saisei GUI is ideal for fast policy creation. Want to prioritize certain application traffic over others?  Block or limit traffic to a foreign country or a questionable web site?  Set up complex subscriber policies for multiple service tiers?  Achieving all of this is just a few clicks away.

FlowCommand’s extensive flow data set can also be exported to an external flow collector or analytics platform via an open IPFIX interface.

FlowCommand provides a single system of real-time insight paired with unprecedented security, bandwidth and business policy enforcement that can scale to the largest networks.

The companies, schools and county government facilities we serve all want more control of their environment; they freely admit they don’t have a good handle on everything that is going on within their networks. But with the Saisei solution in place, they can understand at a much deeper level exactly what’s going on with their users and applications. For the schools, that means a complete picture of the health of the student via the online activity of that student.

Our infrastructure serves 1M students, administrators and faculty members in the greater Houston area. With all the new technologies coming into schools, this gives them user-level awareness via a dashboard and historical reporting that can be accessed not just by the IT department but by teachers, administrators or the students themselves.

Our customers also want to be able to respond to attacks and see things coming in seconds – because seconds matter. With the Saisei solution, they can mitigate this liability. I think FlowCommand will help revitalize the Internet itself – there’s no value in just selling commodity Internet services if I can deliver a superior user experience with a much better product, the opportunity for our business is tremendous.

Michael Mason Head of New Technologies Phonoscope LightWave