Traffic Management Made Easy With Total Traffic Control

Wednesday Oct 22nd 2003 by Logan Harbaugh

The newest version of Lightspeed's Total Traffic Control goes beyond load balancing and traffic management. Version 4.0 now offers spam filtering, bandwidth management, traffic prioritization, firewall features, and more in a single box.

Lightspeed Total Traffic Control: A complete traffic management solution, available in both software and appliance form

Total Traffic Control (TTC) 4.0 is the latest iteration of Lightspeed Systems' load balancing and traffic management software for Windows. The product started out as a load balancer with limited traffic management capabilities and has evolved into a superb traffic manager that happens to have load balancing capabilities.

In addition to providing sophisticated load balancing and traffic management, TTC version 4.0 features an assortment of other capabilities, including spam filtering, bandwidth management, traffic prioritization, firewall features, inbound and outbound access management based on URL, and intrusion detection.

And if this breadth of functionality isn't enough, TTC v4.0 is also available as both software and an appliance with the software pre-installed.

We received for review the dual-CPU appliance, which consisted of a Dell PowerEdge 1650 with two 1.266 GHz processors, 2 GB of RAM, two integrated Gigabit Ethernet ports, and another NIC for the management port. Priced $3,000 higher than the software alone, the appliance is not a particularly good deal as hardware, but when the Windows Server and MS SQL Server purchase and installation (as well as value of an administrator's time necessary to set up the box) is factored in, it's not unreasonable.

The server can be installed inline between the Internet and the internal network, or it can be installed in a single-leg configuration on the internal network. After the server is booted and the license key entered (the software will run in demo mode for 10 days), the documentation recommends the Total Traffic Server be run initially in passive mode to monitor and report on network traffic. It then produces reports on network traffic. Of course, if the system is to be used solely as a load balancer, this step is not necessary.

The reports detail not only the types of network traffic, but also the applications used, Web sites visited, types of content viewed, keywords used in search engines, instant messaging sessions, the number of e-mails sent and received, file uploads and downloads, file-sharing applications used, and files uploaded or downloaded, as well as e-mails, instant messages, and chat sessions that contain proscribed content.

TTC is an obvious product for schools and libraries, and a less obvious, but equally compelling, offering for most enterprise, given recent legislation rendering enterprises liable for employees' actions taken on their networks.

Once reports have been created, the sys admin must decide whether to create policies or enforce existing ones. Rules can be quite flexible, and administrators should be able to block access to virtually any type of content with few false positives -- i.e., sites blocked that shouldn't be.

TTC supports the Open Content Filtering Database, which is an open standard for blocking sites. It is regularly updated and integratable with other open content filtering databases, such as squidGuard. It can be configured to block all peer-to-peer traffic, or to limit it to the internal network, or to limit use to specific users. It can also make exceptions for other types of filtering so that different content is available to different users (e.g., students, teachers, and administrators).

TTC can also block spam transparently, before it even gets to an internal mail server, using a mix of seven different techniques -- Bayesian statistical analysis of content, feedback from users, a spam-pattern database that is updated daily by Lightspeed, white lists (sites from which e-mail is always accepted), blacklists, real-time blackhole list support (third-party lists of known spammers), and screening of mail by subject line (when looking for "adult" content).

Any or all of these methods can be combined. Together they yield an effective block against spam. In our testing, they caught more than 92 percent of incoming spam, with a small number of initial false positives, mostly from mailing lists. This quickly went down to almost zero once the software was "trained."

Configuring TTC is different from any other traffic management or load balancing product with which we're familiar. Rather than filling in forms with the required information for each function, the first step in configuring TTC is to create a diagram of the network functionality. "IP objects" are placed on the diagram and connected in proper order to create the desired functionality. This can be confusing when starting out, although wizards are available to create basic versions of most of the configurations administrators will want. The payoff to the complexity is a great deal of flexibility.

A complete list of TTC's features is beyond the scope of this review -- the content filtering and anti-spam manual alone is more than 200 pages, as is the user manual and the reference guide. TTC 4.0 provides a complete solution for traffic management. In organizations where flexible and complete control of available content is necessary, it is worth considering TTC for those features alone.

Vendor Home Page: Lightspeed Systems
Product Home Page: Total Traffic Control
Operating Systems Supported: Windows 2000 Professional or Server with Service-Pack 3 or Windows XP Professional
Hardware Requirements: Fully functioning Traffic Control Server; Intel Pentium III Processor running at 1.0 GHZ or greater (Dual Pentium IV recommended for heavy network loads or Gigabit Ethernet); 1.0 GB RAM (2 GB for more than 20 Mbps of traffic); 60 MB hard disk space for software, 2 GB for the database; 2 Ethernet, Token Ring or ATM NICs (3Com or Intel server-class cards recommended)
Software Requirements: Windows 2000 Professional or Server with SP3 or Windows XP Professional; IIS 5 or greater; IIS SMTP Service (optional); SQL Server 2000, or the SQL Server 2000 Desktop Engine included on the software installation CD-ROM and available for download; Microsoft .NET Framework 1.1; Internet Explorer v6.0 or later for viewing the Reports Web site
Price: TTC software only, $6,995; TTC software and mini tower $8,395; TTC software and single processor appliance $8,995; TTC software and dual processor appliance $9,995; support $1,049 to $2,499 per year

Pros: Sophisticated feature set, especially in traffic management and control; Combines firewall, load balancer, and traffic management in a single box and management interface; Open Content Filtering Database support enables the sharing of filtering information among multiple sites and the use of many different open standards for content filtering without requiring expensive subscriptions to commercial lists
Cons: Object-oriented interface, although flexible, is initially very challenging

Mobile Site | Full Site