Microsoft’s high fibre diet

With fibre-optic cable, bandwidth and security go hand in hand. Microsoft Proxy Server offers a solution as Oceanic Cable...

With fibre-optic cable, bandwidth and security go hand in hand. Microsoft Proxy Server offers a solution as Oceanic Cable discovered with its US to Hawaii fibre-optic cable

When you think of the cost of running fibre optic cable from the United States mainland to Hawaii, it's easy to understand why every bit of bandwidth is so valuable. For Oceanic Cable, a regional division of Time Warner Cable, reserving that bandwidth and providing reliable, high-performance Internet services are high on its priority list. To achieve both of these goals, Oceanic installed Microsoft Proxy Server for its launch of Time Warner's new RoadRunner high-speed, online news and entertainment service, as well as for its own corporate network access to the Internet.

For Oceanic's cable modem service, the Proxy Server array-based caching significantly enhances performance, preserves bandwidth and is scalable enough to accommodate tremendous growth. For the company's corporate intranet of about 400 users, Proxy Server offers those same benefits, as well as unique, multi-layered firewall security for a fraction of the cost of a dedicated firewall. For both operations, Proxy Server provides stability, centralised administration and usage-analysis tools to help reduce support and connection costs even further.

Enhanced performance through caching

When Time Warner decided to launch its RoadRunner online service on its Oceanic Cable division serving Oahu, Hawaii, it faced one big challenge that it had not encountered in other cities. "In Hawaii, bandwidth to the Internet is very expensive," explains Jonathan Christensen, operations manager for Oceanic Cable. "We wanted to reserve as much of that bandwidth as possible, so a caching proxy looked like a good option." Christensen's team discovered Microsoft Proxy Server version 1.0.

Proxy Server version 1.0 is early in the RoadRunner development cycle. "We're primarily a Microsoft Windows environment on the corporate LAN, so it was a logical choice to start looking for a Windows NT-based proxy server." Oceanic is the first cable division of Time Warner to implement RoadRunner on the Windows NT Server network operating system. According to Christensen, the team chose Microsoft Proxy Server because of its easy, centralised administration, security, scalability and reliability.

Active intelligent caching

The caching services in Proxy Server are critical to the success of the high-speed cable modem service. The automatic active caching, intelligent caching and passive caching in Proxy Server reduce network traffic by analysing Internet use and identifying the sites accessed most often and then updating them when there is less network activity.

"One of the advanced features of Proxy Server 2.0 that we want to implement, both on the corporate network and on the cable modem side, is the ability to cache browser plug-ins and software," Christensen reports. "We can cache Microsoft ActiveX controls so that when users want them, they can install them very fast."

Array-based caching

The Proxy Server cache arrays balances the load by spreading cache hits across all the Proxy Server-based computers in the array. "Besides load balancing, array caching provides some failover mechanisms," Christensen explains. "If one of the servers goes down, the array automatically reroutes the traffic, so performance isn't hurt."

This set-up also reduces administration costs because the array of computers can be treated and administered as a single logical entity. Currently, the RoadRunner service is served by an array of four dual-processor Pentium Pro machines.

Christensen has measured a 40 per cent cache hit rate for the corporate network and estimates a 20 to 30 per cent cache hit rate for the RoadRunner service as it becomes established. Because Oceanic has used Proxy Server since the beginning of the RoadRunner project, the company can only estimate how the software has improved performance.

Because the Linux gateway was specific to certain types of traffic and it frequently became congested or went down, it wasn't an adequate solution for the company's growing Internet needs and the variety of protocols being accessed. What's more, it was also extremely labor intensive. An administrator had to add each protocol manually, specifying what ports to allow and from which IP address ranges.

Proxy Server provides static packet filtering, and also provides unique Dynamic Packet Filtering, which dynamically determines at the packet layer which traffic to allow in and out of a corporate network. "Dynamic Packet Filtering looks at all the incoming packets and says, 'Are these logical? Does it make sense that these packets are incoming?'" explains Christensen. "If the packets are clearly oddball, not recognised, or not initiated by some connection on the inside, Dynamic Packet Filtering will reject the packet."

Business-critical Internet connections

As a cable TV company that runs programs 24 hours a day, Oceanic counts on the Internet for critical programming and service information from mainland counterparts and vendors. Program scheduling and updates are downloaded from program vendors and guide services to Oceanic's database and then put up on screen for its viewers. "These vendors provide us with files through a website, from an FTP server, or through email, so access to those Internet resources at the desktop inside the company is critical at this stage," Christensen explains.

Firewall security for the corporate intranet

For its corporate intranet, Oceanic Cable uses Microsoft Proxy Server to provide Internet access to its 400 users through one IP address, delivering caching benefits and providing a firewall between the Internet and its own internal network. Before installing Proxy Server, the company used a Linux public-domain gateway to access the Internet.

According to Christensen, Oceanic looked at a few other proxy solutions, as well as at some high-end firewalls, before deciding on Microsoft Proxy Server. "Thankfully we didn't spend thousands of dollars on a high-end firewall, because Proxy Server was able to meet all of our security and performance needs," Christensen concludes.

Future plans

With the anticipated sixfold growth of its RoadRunner service, as well as increased reliance on the Internet from within the corporation, Christensen expects to implement more of the advanced Proxy Server features in both environments. For example, he anticipates implementing reverse proxying, which enables internal web servers to publish to the Internet from behind a protective Proxy Server firewall. This feature provides secure access to data and eliminates the need to duplicate data creation and management.

Compiled by Craig Hinton

(c) Microsoft Corporation 1999

Read more on Voice networking and VoIP