Network Security Illustrated buy the book at Amazon now!


search site
Table of Contents

Book
Introduction

Managing
Security

Outsourcing
Options

Reserving
Rights

Determining
Identity

Preserving
Privacy

Connecting
Networks

Hardening
Networks

Storing
Information

Hiding
Information

Accessing
Information

Ensuring
Availability

Detecting
Intrusions

Page Tools
print this pagePrint this Page
Traffic
Shaping
Chapter List
Firewalls
NAT
VPNs
Traffic Shaping
More Information
Resources (links)
Discussions
FAQs
Errata
Sample Pages
Buy The Book
at amazon.com
Picture this: you’re going to the beach and you want to pack all your beach toys into your beach pail. If you just throw your oddly shaped toys into the pail, you’ll only be able to fit a few of them in before the pail is full. Actually, the pail is still mostly empty; you’ve just wasted space between the toys. But if you take your time, you can carefully pack the pail and everything will fit. You can even put the lid on, and then your friends won’t be able to guess what you have in the pail.

What people think: We need more bandwidth; our connection to the Internet does not feel fast enough.

What we think:
Traffic shaping can help maintain a tight control over network bandwidth. You may not be using your bandwidth efficiently.

Traffic shaping is a way to use bandwidth more efficiently, packing a greater amount of data into a fixed amount of space. Ever notice that your network clogs up during certain
points of the day? Adding a traffic-shaping device to your network can eliminate those clogs. It can also provide security by making it harder for hackers to analyze encrypted
traffic.

Network applications tend to be greedy. This isn’t a statement of prejudice; it’s a statement of fact. Due to inherent design, most applications will use as much bandwidth as possible at any given moment. Often, this ends up being more than the application needs to reasonably function. For example, when downloading large email attachments or files from the Web, software will try to download the data as fast as possible. This will result in a poor balance of network resources, as there may not be enough bandwidth left over for other users during the download. Ideally, an application’s download should only use bandwidth if it is available. By using less bandwidth at any given time, other users will notice less degradation in performance. This way, any application can still have good bandwidth access and others can use the network effectively during that time.

One solution is to separate traffic based on the type of application and user. Some applications are more important, and should always get priority. With traffic shaping, mission critical communications (Virtual Private Network [VPN], email, database) can be given guaranteed access to bandwidth. Likewise, some users are more important. For example, it is possible to make sure that the CEO always has a lightning fast connection (although it might be more advantageous to do the opposite).


More Information

The above information is the start of a chapter in "Network Security Illustrated," published by McGraw-Hill and available from amazon.com, as well as your local bookstore. The book goes into much greater depth on this topic. To learn more about the book and what it covers, click here.

Below, you'll find links to online resources that supplement this portion of the book.


Resources

(websites, books, etc.)

Discussions

FAQs

Errata

Sample Pages