Click on the categories below
to learn more about proxy caching technology within ProxySG.
Introduction
Blue Coat Systems products are proxy appliances designed specifically
to secure, control, and accelerate the Web. Each product in the ProxySG
family contains SGOS, a patent-pending embedded operating system architected
entirely by Blue Coat Systems.
The SGOS contains no general-purpose code, and does
not re-use code from other systems. The OS has been built
from the ground up specifically to improve proxy caching
and Web applications. As a result, Blue Coat products
have emerged as the preferred foundation of enterprise
proxy caching applications. The following sections focus
on providing a high-level overview of core SGOS technologies
- specifically those designed to improve the Internet
user experience.
Object Pipelining: Fast Content
Retrieval, The First Time
When a browser requests content, dozens of round trips must take place
between the browser and the distant Web server. This is because a Web
page is typically composed of dozens of objects, and for each object
there typically must first be a TCP session setup followed by an HTTP "get" request
(Figure 1).
Figure 1: How Browsers Retrieve
Web Pages
This serial retrieval of objects presents a major delay
for the end user. With a Blue Coat ProxySG deployed,
a large portion of this delay is eliminated. The client
connection terminates at the ProxySG, which leverages
the latency-attacking algorithms provided by the SGOS.
One of these algorithms is called Object Pipelining.
Instead of retrieving objects serially, this patent-pending
algorithm opens as many simultaneous TCP connections
as the origin server will allow and retrieves objects
in parallel. The objects are then delivered from the
appliance straight to the user's desktop as fast as the
browser can request them.
Figure 2: Blue Coat Object Pipelining 
Figure 3: Accelerating First-Time
Page Requests The NSS Group, in a published technical evaluation of
Blue Coat products, has confirmed the effects of Object
Pipelining:
"The most surprising figures are
the second set, taken during proxy cache initialization.
At this point, the proxy cache was completely empty and
you would thus expect to see no improvement over the "non-cached'
set of figures. However, the fact that there is a clear
performance gain (retrieval times with the cache are
less than half of those where no cache is used) proves
that the object pipelining technique employed by Blue
Coat provides significant benefits."
Adaptive Refresh: Accurate
Data, Fast Response Times
Because content on Web servers change, a proxy appliance must keep its
temporary store of content up to date. Traditionally, for a proxy to
deliver content to the end user with the confidence that the data is
fresh, it must send a "refresh check" to the origin server.
However, to serve the content quickly, it must not wait until a user
requests the content before it performs this refreshing activity. If
the refresh checks are performed only at the moment the user requests
the content, the user will endure the round-trip delays that cause the
Internet to be slow in the first place and Web page response time will
not be substantially improved.
The only method for delivering Web pages quickly and
accurately is for the refreshing activity to be uncoupled
from the actual end user requests. The SGOS performs
this activity with another latency-attacking algorithm
called Adaptive Refresh. This patent-pending algorithm
selectively refreshes Web objects based upon their need
to be refreshed. This refreshing activity occurs asynchronous
to actual user requests, so as to not impact response
times.
Selecting what objects to refresh and when requires
an understanding of object behaviors. Web objects change
at different rates. Some change frequently, some rarely,
and many have change rates in between. The histogram
in Figure 4 is derived from data extracted from Blue
Coat proxy appliances in use around the world. (The histogram
does not represent an absolute model of how frequently
objects change; it simply highlights the change rates
that were observed during the time of the analysis.)
Figure 4: Objects Change At Different
Rates
The Adaptive Refresh algorithm integral to SGOS is
the only technology in the industry that develops a "model
of change" for every Web object in its store. It
also develops a "model of use" based upon that
object's history of being requested by users. It then
combines these two pieces of information to determine
the refresh pattern appropriate to that object. (The
values derived by the algorithms also adapt to changes
produced by these models over time.)
Using the Adaptive Refresh algorithm, the ProxySG automatically
performs "freshness checks" with the origin
server to ensure that old content is expunged and replaced
with fresh content. For example, if the objects within
the www.nbcnews.com home page are popular among the population
of users that are accessing the proxy, the OS will update
the objects that change frequently (e.g., "top story" object)
but will not refresh those objects that do not change
(e.g., "NBC logo" object). This ensures that
current content will be delivered to end-users quickly.
While Object Pipelining improves response times for
first-time Web page requests, Adaptive Refresh significantly
speeds subsequent requests by removing the latency involved
in refreshing the objects. Figure 5 illustrates the performance
improvements Blue Coat appliances deliver.
Figure 5: Combined Effect of Object
Pipelining and Adaptive Refresh
(source: customer data) Adaptive Refresh: Impact on
Bandwidth Consumption
The selective, adaptive refresh technique is key to how the SGOS keeps
popular Web content near users and up to date without inducing unnecessary
network traffic. An effective method for measuring the proxy caching
appliance's impact on WAN or Internet connection bandwidth is to plot
the traffic served to end users against the traffic consumed by the proxy
cache. The positive difference between the two is termed "bandwidth
gain." Bandwidth gain occurs when a proxy cache delivers more traffic
to users than it pulls from the backbone. Figure 6 illustrates the bandwidth
gain from a Blue Coat deployment.
Figure 6: Bandwidth Gain from Actual
Deployment
This site had 3000 kilobits per second (kb/s) of available
bandwidth on the outgoing link. The total bandwidth delivered
to end-users was almost 4000 kilobits per second with a
ProxySG deployed. This effectively increased the network's
trunk capacity by 33%.
Because the Adaptive Refresh algorithms are highly selective regarding
which objects to refresh and when, the SGOS makes extremely effective use
of existing bandwidth.
Freshness Measuring and Reporting
The SGOS automatically measures and reports on the freshness of content
it delivers to end-users. This reporting functionality is based on the
Web object properties that are tracked by the Adaptive Refresh algorithms.
The measurement function begins by tracking the number of times an object
in the proxy appliance’s store is delivered to an end user since
the last time its freshness was checked. These facts are then contrasted
with the results of the Adaptive Refresh activity. When a refresh check
occurs for that object, various outcomes can be calculated:
- If the object has not changed on the server, the previous deliveries
of that object are recorded as having been "fresh."
- If the object has changed on the server, the OS calculates the percentage
of previous deliveries of the object that were fresh and whether or
not any were delivered "stale" with respect to the time the
object changed on the origin server.
This information is then reported (Figure 7) on the GUI management
console that is native to every Blue Coat proxy appliance.
Figure 7: Content Freshness Reporting Through this reporting mechanism, network administrators can be confident
that the content their users are receiving is in fact the content that
existed on the Web at the time of the request.
Storage Subsystem
The method of storing objects on disk is critical for achieving both
high performance and high scalability. It determines (1) how quickly
a cached object can be accessed when a client requests it, (2) how
rapidly new objects can be acquired and stored on disk, and (3) the
rate at which client requests can be serviced per disk drive.
The SGOS object storage system is not a file system. It is an object
cache. There is no directory in the OS. Object access is through a hash
table in RAM, ensuring that any object can be obtained in a single disk
read. File systems run poorly when they are full, while a cache achieves
its highest performance when it is full.
The disk stores objects from a portion of the URL name space. Accesses
are automatically balanced among the available disks. The proxy appliance
normally runs with its disks full of objects. Old seldom-used objects
are continually removed to make room for new incoming objects. The disk
layout and replacement algorithms in the OS facilitate this process to
optimize the speed of writing new objects to disk.
In the unlikely event that a disk fails, the objects in its portion of
the URL name space are automatically remapped to the remaining disks. New
disks can be "hot-added" to an existing proxy to increase its
storage capacity. RAID is not used because it provides no real benefit
for a Web cache, and it wastes disk resources that the OS uses to improve
the hit rate by storing more objects. |
