About SaaS Accelerator
  
About SaaS Accelerator
Riverbed client-side appliances such as SteelHeads and Client Accelerator endpoints can accelerate Software as a Service (SaaS) traffic by working with SaaS Accelerator. SaaS Accelerator Manager (SAM) provides an easy to use interface for setting up and managing the service.
SaaS Accelerator is a cloud-based service that consists of these components:
SaaS application—The accelerated Software as a Service application.
SaaS Accelerator Manager—The graphical user interface (GUI) for managing the acceleration service. Through SAM, service administrators configure, manage, and monitor accelerated applications and the various service components (service clusters, client-side appliances, realms, organizations, certificate authorities, and so on).
Client-side appliances—The client-side appliances located in the customer branch office that work with the SaaS Accelerator service to accelerate application traffic. Client-side appliances communicate with SaaS service clusters.
Client Accelerator endpoint software—Client Accelerator endpoint software enables a direct connection between user endpoint devices and the SaaS service cluster, and application traffic is accelerated between them. Client Accelerator endpoints get their SaaS acceleration configuration through policies defined in, and pushed to them by, the Client Accelerator Controller.
SaaS service instance and SaaS service cluster—The service instance, located in the cloud, is the node dedicated to accelerating a specific application together with client-side appliances and endpoints. Clusters of service instances accelerate multiple applications and provide high availability and scalability. In this document, clusters and instances are sometimes simply referred to as the service.
Realms and Organizations—SAM allows logical separation and segmentation of resources into realms and organizations to support multitenant deployments, so that you can support deployments in different regions and for different teams.
When setting up your SaaS Accelerator environment, you’ll need to perform some light configuration in SAM and in client-side appliances or endpoint software to integrate your network with the service. You might also want to integrate third-party services, such as a security broker. Getting the environment ready takes a little work; but, when complete, it only takes a few clicks to start accelerating your SaaS applications and providing your end users with exceptional application performance.
We strongly recommend that you configure and push SaaS acceleration policies from a controller appliance, such as SteelCentral Controller for SteelHead (SCC) or Client Accelerator Controller, to managed appliances or endpoint devices, particularly in large-scale deployments and production networks with multiple client-side appliances.
When you configure a SaaS application for acceleration, SAM deploys a SaaS service instance in a public cloud to accelerate SaaS traffic. You do not need a cloud account, and Riverbed configures and manages the service. Multiple service instances for multiple applications, and for redundancy and scalability, are grouped into service clusters.
A dedicated service instance accelerates each SaaS application. For best performance, you should deploy the SaaS service instance in the same region as the SaaS application host servers. The service and client-side appliances connect through the service’s IP address and ports 7810 through 7830; if your client-side appliances are behind a firewall, you’ll need to open those ports to allow for this communication.
With SaaS acceleration configured in SAM, the end-user traffic meant for the SaaS application server goes to the client-side appliance. The client-side appliance has in-path rules configured that direct the accelerated traffic to the service, and the service forwards the traffic to the SaaS application server. The service receives return traffic from the application server, accelerates it, and then sends it to the client-side appliance.
As an example of the flow, let’s consider a deployment with Microsoft Office 365 traffic. When you configure SaaS acceleration for this application through the SAM, the SAM deploys a service instance in a cloud at the designated region near the application server. Traffic from the user network enters the network’s client-side appliances, which have been registered with the SAM and configured to interoperate with SaaS Accelerator. The client-side appliances send accelerated traffic to the service, and then the service forwards the accelerated traffic to the Microsoft Office 365 server. The Microsoft Office 365 server sends return traffic to the service, which sends and accelerates it to the client-side appliances. When Client Accelerator is used, the process is even more simple: the instances of Client Accelerator software on user endpoint devices and the service communicate directly, accelerating application traffic between each other.
Before SaaS Accelerator can accelerate your applications, you need to configure SSL/TLS optimization on SAM. For ease of use, SAM provides a Riverbed-managed certificate authority (CA) and automatically manages certificates for proxy and peering. You can, however, use your organization’s certificate authority (CA). See About SSL/TLS optimization.