Monday, June 13, 2016

Securely and Efficiently Crossing the Great Firewall

China boasts nearly one-fifth of the worlds population and has had incredible GDP growth ever since the 1960's.  China is an incredibly attractive market to target, but many organizations are struggling with "The Great Firewall".  The Great Firewall is formally referred to as the Golden Shield Project.  This project was implemented by the Ministry of Public Security, a Chinese government organization, in order to allow China to put a screen on the open door policy of the internet.  Regardless of what your political views are, the Great Firewall is a giant filter for internet traffic entering and leaving China and is a known hinderance on performance.

Playing by the Rules

Having a local contractor or subsidiary will always make doing business in a foreign country much easier.  In order to sell cars inside of China, General Motors set up another company uniquely called General Motors China.  What if your organization is not as big as GM?  In today's connected world, sometimes spinning up another application instance inside of a geography is not possible due to costs, security, workforce bandwidth, or simply politics.  How can your company serve China without investing in China based infrastructure?  The choices are simple; do not do business in China, work with a reseller, or work with a carrier.  Unless you want to miss out on marketing to twenty percent of the worlds population and are not interested in putting your intellectual property in the hands of another entity, there is only one true option; go down the carrier route.

Connecting the Dots

The idea for this article came from reading about "The Unsexiest Trillion-dollar Startup" called Flexport.  Flexport is a freight shipping analytics company.  Meaning, they own no infrastructure, just mine data.  Flexport then connects organizations with the data required to ship cargo based on the most efficient route.  Flexport does not have relationships personally with organizations hosted in countries like China, but they know what partners do.  In a way Felxport is a broker managing relationships with those who have something to transfer and those who can accept packages at the required destination.

Can't Ship Packets in Cargo Crates

Although Flexport helps organizations transfer hard goods, what about soft(ware) goods?  Teridion follows a similar playbook to that of Flexport.  Teridion is not going to add any additional infrastructure to what you manage since the platform is SaaS but the platform offers end users access to data as if the application server was hosted locally.  The Teridion network leverages Teridion Cloud Routers (TCRs) as shipping ports on either side of the journey.  You just tell us where you want data to go, and the platform will make sure the traffic gets there.

Partnership with Cloud Providers to Reach China Market

Teridion is a proud partner of the cloud provider Alibaba Cloud to reach China users.  Teridion leverages multiple global and regional cloud providers to provide the "ship from" ports and then drops off traffic at one of the many inner-China locations.  What have users of the Teridion network been experiencing?  Well for starters, applications that were previously timing out to China based users are not only accessible, but are boasting some pretty impressive speeds.  To put it in perspective, last week I was working with a company that had intermittent availability issues from an end user located in China.  The application was hosted in Europe due to data privacy reasons.  When the application was not timing out due to network issues, tests ran using the public internet were getting blazing speeds of 20kb/s-100kb/s.  Switching on Teridion upped the transfer rate to 2Mb/s consistently.  This is opening up a whole new territory to a company who thought their only choice was to shard their application closer to China.

You Pack It, We Ship It

Getting a package faster is great, but it is worthless if the contents are damaged before the cargo reaches the requestor.  Teridion simply routes traffic faster.  This means if you encrypt your traffic, Teridion will deliver it with the same encryption to the end user.  Some other sources will require access to the content for acceleration, but that has cause for concern for private information.  Teridion has no such requirement so you can rest assured the only person viewing your data is the intended recipient.

Too good to be true?  Give us an jingle and prove us wrong.

Monday, April 25, 2016

How to Compete with Teridion

So you want to beat Teridion to the software defined networking space?  Are you interested in building a solution to improve performance on content, like file uploads, that a traditional Content Delivery Network (CDN) cannot address? Too late. Teridion launched late last year.  However, if you are interested in understanding the main concepts of Teridion, this article should help.
As I have heard my team state multiple times, the solution is elegantly simple.  Teridion is comprised of three components.  They are the Teridion Measurement Agents (TMA), Teridion Management System (TMS), and Teridion Cloud Routers (TCR).  Trademarked names aside, the platform can be referred to as the data collection, data analytics and virtual backbone network.

The Internet Heat Map

Agent technology has been around longer than the internet.  Teridion Measurement Agents are specifically designed to gather latency, bandwidth, congestion, and other network health indicators.  These agents live and die in cloud data centers where Teridion can currently create VBNs.  As opposed to other agents technology like Thousand Eyes or Gomez, TA's are only looking at network statistics and not application centric metrics.  This is because Teridion is a layer 3 technology and only cares about route optimization and not application acceleration in the general sense.

The Brains of the Operation

Like all properly designed systems, Teridion Measurement Agents send data to the Teridion Management System for analysis.  This TMS leverages elasticsearch to make as-quick-as-possible determinations on where the optimum path is for a virtual backbone network.  The algorithm used by the system is proprietary.  I could say it is too secret to share, but honestly I have not asked what the formula is.  Once an optimum path is discovered, the TMS will either spin up a new TCR or update current TCRs routing tables accordingly.

The (Virtual) Backbone of the Solution

If you think of the other two components as setting the table, the Teridion Cloud Routers are the main course.  These are Linux VMs turned routers that create HOV lanes of communication for a majority of the packets life on the internet.  Simply put, a TCR is the on and off ramp locations to the virtual backbone network (VBN).  The VBN is set up very similarly to a highway.  An optimum highway would have an on ramp close to all drivers and an off ramp close to the destination.

Does it Work?

Yes. 'Nuff said? Well for those of you who need "proof" give message at and get a trial started.  For those of you looking for current data points on real life customers gains, here is a nice chart:
For those of you joining in from a mobile device or just cannot read the axis, the chart is depicting times to download a 5MB file using the public internet and using the Teridion network.  Teridion makes the internet ~20x faster and content delivery is much less susceptible to degradation in performance.  When congestion happens on the internet, Teridion pivots to a new routing path.

Wednesday, March 30, 2016

I Don't Believe You: The Story of Teridion

I have nearly five years of experience in the APM space.  I have lost count how many times I have drawn this picture:

Although this is vastly simplifying the world of today, it is a (although terribly drawn) depiction of how applications work in theory.  There is an end user that communicates over some network to some data center.  APM strategies in general focus around understanding this transaction through data collection points at critical components and deliver a picture of this flow.
Over my years in this space, I have come to realize there are many great ways to get visibility into the transaction.  In each area I always had the confidence to make suggestions in improving performance at any point in this diagram except one; the public internet.  Do not get me wrong.  There are a ton of tools like Thousand Eyes or Outage Analyzer to determine WHERE a problem exists, but I have never seen a great strategy that SOLVES this problem.

I was extremely happy at Dynatrace.  I was 26 years old, working in the Bay Area and regularly meeting with the logos that are associated with Silicon Valley.  In the past two years I lost less than 10% of opportunities to competition.  I was becoming the new technology SME and had opportunities like presenting at Docker Meetups.  I was having meetings with Site Reliability and Application Performance Engineers who are well known in the development and deployment world.  I was not the only one feeling the success of the product.  Dynatrace as a company is wrapping up another stellar year with the announcement of the unification of Ruxit and Dynatrace.  The organizations market share is still number one and growing.  The future looks extremely bright for Dynatrace and I was looking forward to enjoying the ride.  Then, in steps Teridion.

Optimizing the Pipe and Not Building Water Towers

As my experience with Dynatrace grew, so did my understanding of just how complex applications could be.  A good APM solution will be able to tell if the problem is on the end user device, inside the data center (the cloud is just someone else's data center) or in the network between the two (most often the public internet).  I could have significant performance improvement conversations with customers who were interested in fixing problems on the end user device, or inside their data center.  However, the public internet only had one solution that I knew of; use the internet less.  The only way I knew how to improve the performance of the internet was to enable caching, pushing content out to CDNs, adding more data centers closer to end users, or build out a private fiber network.  Most large sites utilize a CDN to address this concern since it is the easiest "fix."

Content Delivery Networks (CDN) are a way to help reduce this problem.  They are great for storing cacheable content near end users.  However, the internet is moving more and more towards individual experiences.  Pages are comprised of more dynamic content and less static content.  For example; when I look at a news feed, I click on titles that interest me, read a few sentences and immediately go to the comments section.  Any item revolving around the personal experience will be a challenge for a CDN to deliver on.  A better theory for delivery is needed for the modern web.  This issue I was very aware of, but never had an answer.  I did not know there was a better way.

Holding the Internet Accountable

What do Comcast, Dish, and Sprint all have in common?  If you answered they all represent last mile content delivery, you would be correct.  If you also answered they were voted into the Top 10 Most Hated Companies in the US according to 24/7 Wall St, you would ALSO be correct.  There is personally nothing worse (exaggeration) then coming home from a hard day, firing up Netflix and... the stream is not working.  Who gets blamed? ISPs! Who's at fault? I DO NOT CARE I JUST WANT TO WATCH BOB'S BURGERS!  ISPs are the face of the end users frustration.  They are just the last leg of a long journey of content delivery that spans multiple handlers over many literal miles.  They get blamed because the path is complicated and they are the face of that complication.  Just how complicated can this path be?  Here is a traceroute output from my terminal to

Eleven hops.  Double digit points of failure that are mostly set statically and are comprised of multiple players.  Teridion asked me a very simple question to start off the conversation; "Who controls the internet?"  Unless you subscribe to conspiracy theories, you probably know that no one controls the internet.  There are big players, but even when you go to Google there are at least half a dozen touch points that the traffic is routed through.  Coming from the APM space, I knew the user to datacenter bandwidth was inconsistent, I just did not realize how much of a performance drag it was!  Teridion showed me an elegantly simple demo:

"I don't believe you."  This was my response to the demo.  This also the exact response I wanted any potential lead to have when I was showcasing a product.  The logic behind the solution makes sense as well.  I had to get involved.  I saw an answer for a problem that all the IT organizations worried about, but only had a band aid for the solution.  How do you control the public internet?  If you are Facebook or Google, you lay your own fiber.  If you are not those guys, Teridion is the solution to provide reliability and performance.

Modern Routing for the Modern Web

Whenever I have a customer who says those four words stated in the title, I have to follow it up with a simple explanation of how it works.  Whelp, Teridion is the Waze of the internet (the "Uber of ..." line died in 2015).  The main protocol used to route traffic across the internet is BGP.  Think of BGP like a paper map of the United States.  If you need to take a trip from Washington D.C to San Francisco, you would plot out a course using the main highways most likely.  The map cannot tell you about construction, congestion, weather or anything else that will impact your journey.  BGP is older than me.  I have never used a paper map to plan a road trip.  Waze is a GPS application that also takes in current road conditions to plot out a course that will be the fastest.  Similarly Teridion is proactively determining what is the fastest way to get from user to location of content by taking in multiple metrics from agents constantly testing the internet.  This data is fed into a singular analytics engine which can then create HOV lanes for internet traffic.  It is "elegantly simple."

Want to learn more? Can't believe it is true?  Check out Teridion for more information