Explain the EdgeConnect Boost add-on and describe its relationship to legacy Silver Peak WAN optimization (the NX and VX appliances).
Describe the core optimization techniques Boost employs: TCP acceleration, protocol acceleration, Network Memory deduplication, and compression.
Determine when Boost and WAN optimization deliver measurable value versus when standard SD-WAN path control and tunnel bonding are sufficient on their own.
Pre-Quiz — What Boost Adds
1. An EdgeConnect appliance without the Boost license is best described as doing what?
2. A branch has Boost enabled, but its data center peer does not. What happens to traffic on that path?
3. Data Center 1 has 300 Mbps of Boost allocated; Branch A has 20 Mbps. The optimized session between them can run WAN optimization up to roughly:
4. Why is Boost capacity described as a "pool allocated in Orchestrator" rather than a per-box on/off switch?
5. Which workload is the strongest candidate for Boost's value, given the physics of TCP over distance?
1. What Boost Adds
Key Points
Boost is a software feature license, not a separate box. It unlocks WAN optimization (TCP acceleration, dedup, compression) on an EdgeConnect that is already doing SD-WAN.
Without Boost an EdgeConnect still routes, applies QoS, and does path conditioning (FEC/POC) — but it does not terminate TCP locally or keep a dedup cache.
Optimization is symmetric: it only happens when both appliances on a path are Boost-capable and enabled.
Boost is a throughput pool (Mbps/Gbps) allocated per appliance in Orchestrator. The optimized rate between two sites is capped by the smaller allocation, and the pool is reassigned in software without touching hardware.
Best value: high-latency, long-haul TCP traffic (intercontinental/satellite links, backup/DR replication, bulk data movement) that bandwidth alone cannot speed up.
EdgeConnect has been described throughout this textbook as the SD-WAN platform that builds overlay tunnels, routes, steers applications across underlay circuits, and applies QoS. Boost is not a different product or a separate box — it is a software feature license you apply to unlock WAN optimization: TCP acceleration, data deduplication, and compression.
Picture the EdgeConnect appliance as a car that already ships with a capable engine (routing, path selection, segmentation). Boost is a performance package you license after the fact: the chassis does not change, but you switch on a higher-output mode that was always latent in the hardware. Without Boost, an EdgeConnect runs SD-WAN only — it routes, applies QoS, and performs path conditioning, but it does not terminate TCP sessions locally or maintain a deduplication cache.
Two characteristics define how Boost is consumed. First, it is a performance tier layered on the same hardware — you do not redesign topology to add it. Second, it is symmetric by requirement: optimization between two sites only happens when both EdgeConnect appliances on that path are Boost-enabled. A branch with Boost talking to a data center without it gets no WAN optimization on that flow — just standard SD-WAN path selection and QoS.
Figure 6.1: EdgeConnect with and without the Boost license
graph TD
Key["Boost License Key (toggle)"]
subgraph Without["SD-WAN Only (no Boost)"]
W1["Routing and forwarding"]
W2["Quality of Service (QoS)"]
W3["Path conditioning (FEC / POC)"]
end
subgraph With["SD-WAN Plus Boost"]
B1["Routing, QoS, path conditioning"]
B2["TCP proxy (split-TCP acceleration)"]
B3["Network Memory dedup cache"]
B4["LZ-style compression"]
end
Key -->|License absent| Without
Key -->|License applied| With
Allocating Boost Bandwidth Across the Fabric
Boost is not licensed per appliance as an on/off switch. It is licensed as a pool of WAN optimization throughput (Mbps or Gbps) that you draw from and allocate across your fabric in Aruba Orchestrator. You buy, say, a 300 Mbps pool, then assign slices to individual appliances based on how much optimized traffic each site needs.
Site
WAN link
Traffic to optimize
Boost allocation
Data Center 1
1 Gbps
~300 Mbps replication
300 Mbps
Data Center 2
500 Mbps
~300 Mbps replication
300 Mbps
Branch A
50 Mbps
Occasional file transfer
20 Mbps
Branch B
50 Mbps
Occasional file transfer
10 Mbps
Two allocation rules routinely trip up new administrators:
The optimized rate between two sites is limited by the smaller of the two allocations. If DC1 has 300 Mbps and Branch A has 20 Mbps, the optimized session runs WAN optimization up to 20 Mbps — the branch is the bottleneck. Boost capacity behaves like the narrowest pipe in a series.
Allocation is dynamic and software-defined. Because Boost is a license pool managed in Orchestrator, you can reallocate capacity between sites without touching hardware.
Within a single appliance, the allocated capacity is shared by all flows matching Boost-enabled policies. If DC1 has 300 Mbps of Boost but 400 Mbps of eligible replication traffic, Boost optimizes up to 300 Mbps and the remainder passes through unoptimized (still routed and protected by SD-WAN).
Figure 6.2: Boost pool allocation across a fabric
graph TD
Pool["Orchestrator Boost Pool (300 Mbps)"]
DC1["Data Center 1 (300 Mbps allocated)"]
DC2["Data Center 2 (300 Mbps allocated)"]
BrA["Branch A (20 Mbps allocated)"]
BrB["Branch B (10 Mbps allocated)"]
Pool -->|allocate slice| DC1
Pool -->|allocate slice| DC2
Pool -->|allocate slice| BrA
Pool -->|allocate slice| BrB
DC1 -.->|"optimized rate capped at smaller end = 20 Mbps"| BrA
Use Cases for Long-Haul and High-Latency Links
Boost earns its keep on TCP traffic limited by latency or protocol inefficiency rather than by raw bandwidth or loss. A single TCP stream's maximum throughput is roughly its window size divided by RTT. On a "long fat" link — high bandwidth, high latency, such as a 120 ms intercontinental circuit — a default TCP stack cannot grow its window fast enough to fill the pipe. You can have a 200 Mbps link with 1% loss and still see a single backup stream plateau at a few Mbps. Adding bandwidth does nothing; the limiter is RTT and conservative window growth.
Intercontinental and satellite links where RTT runs 80–200+ ms and individual TCP flows chronically underutilize capacity.
Backup and disaster-recovery replication (NetApp SnapMirror, Dell EMC SRDF, Veeam, vSphere replication) that runs continuously, carries repetitive data, and must meet strict RPO/RTO.
Bulk data movement — media assets, CAD files, large datasets, initial cloud-seeding migrations.
Key Takeaway
Boost is a licensed software performance tier, not a separate appliance. It is consumed as a throughput pool allocated across the fabric in Orchestrator, requires Boost at both ends (rate capped by the smaller allocation), and delivers its greatest value on high-latency, long-haul TCP traffic that bandwidth alone cannot speed up.
Animation: Network Memory Deduplication — Full Blocks, Then Tiny Tokens
First transfer ships full byte blocks and fills both synchronized dictionaries. The second transfer of the same content sends only small reference tokens — the receiver rebuilds the bytes locally, so the WAN carries a fraction of the data.
Post-Quiz — What Boost Adds
1. An EdgeConnect appliance without the Boost license is best described as doing what?
2. A branch has Boost enabled, but its data center peer does not. What happens to traffic on that path?
3. Data Center 1 has 300 Mbps of Boost allocated; Branch A has 20 Mbps. The optimized session between them can run WAN optimization up to roughly:
4. Why is Boost capacity described as a "pool allocated in Orchestrator" rather than a per-box on/off switch?
5. Which workload is the strongest candidate for Boost's value, given the physics of TCP over distance?
Pre-Quiz — Optimization Techniques
1. In split-TCP acceleration, why do "local acknowledgments (ACK spoofing)" speed up a transfer?
2. What makes Network Memory's byte-level dedup more powerful than file-level or block-level dedup?
3. Boost applies its two data-reduction techniques in a specific order. Which order, and why?
4. Protocol acceleration (CIFS/SMB read-ahead, write-behind) mainly attacks which problem?
5. Traffic is encrypted end to end (HTTPS to SaaS, SMB3 with encryption). Which Boost techniques can still help?
2. Optimization Techniques
Key Points
Two goals: send fewer bytes (dedup + compression) and make the WAN look less lossy and less latent (TCP + protocol acceleration).
TCP acceleration uses a split-TCP proxy: local ACKs (ACK spoofing) let the client grow its window immediately, aggressive window scaling fills the middle leg, and WAN-tuned loss recovery handles retransmits locally.
Protocol acceleration (SMB/CIFS read-ahead and write-behind, MAPI/NFS/HTTP bundling) collapses many serial round-trips into fewer — killer for "N round-trips × RTT" operations.
Network Memory is byte-level, cross-flow, bidirectional dedup — commonly 5×–20× effective throughput on repetitive data.
Order matters: dedup first, then compress. Compression helps text/XML/JSON/logs but little on already-compressed media (JPEG/MP4/ZIP).
Encryption is the key limiter: payload techniques (dedup, compression, protocol accel) need inspectable traffic; TCP accel, FEC, and POC still help on encrypted flows.
Every Boost technique is, at its core, one of two tricks: send fewer bytes, or make the WAN look less lossy and less latent. The first is served by deduplication and compression; the second by TCP and protocol acceleration. EdgeConnect intercepts eligible flows at each end, optimizes them, carries the result across a private optimized transport inside the overlay, and reconstructs the original flow on the far side — transparently to the end hosts.
TCP Acceleration and Protocol Optimization
TCP acceleration is the headline latency-fighting feature. The mechanism is a TCP proxy (split-TCP / local termination). Instead of one end-to-end TCP session stretched across the WAN, there are three segments:
The client's TCP session terminates locally on the branch EdgeConnect.
A separate, WAN-tuned optimized transport runs between the two EdgeConnects.
The server's TCP session terminates locally on the data-center EdgeConnect.
Each host believes it has a normal, direct TCP conversation with the remote host. In reality each talks to a nearby proxy, and the long-haul middle leg is a high-performance transport tuned for the link's bandwidth and RTT. The specific tricks: local acknowledgments (ACK spoofing) so the client grows its window quickly; aggressive window scaling matched to the bandwidth-delay product; and WAN-tuned congestion control and loss recovery handled locally so endpoints rarely see drops.
On top of TCP, Boost adds protocol acceleration for chatty protocols whose problem is the number of round-trips: CIFS/SMB read-ahead, write-behind, and metadata optimization; and MAPI/Exchange, NFS, and HTTP request bundling and pipelining. Removing even a few round-trips per file open over a 100 ms link can turn a multi-second wait into a near-instant one.
Figure 6.3: Split-TCP proxy across the WAN
sequenceDiagram
participant C as Client
participant BE as Branch EdgeConnect
participant DE as Data-Center EdgeConnect
participant S as Server
C->>BE: TCP data segment
BE-->>C: Local ACK (instant, ACK spoofing)
BE->>DE: Optimized WAN transport (large windows, high-latency leg)
DE->>S: TCP data segment
S-->>DE: Local ACK (instant)
Note over BE,DE: Retransmissions handled locally on the middle leg
The middle leg also benefits from EdgeConnect's path-conditioning features: Forward Error Correction (FEC) sends redundant parity so lost packets are reconstructed without retransmission (keeping TCP from misreading loss as congestion), and packet-order correction (POC) re-sequences out-of-order packets in a small jitter buffer so TCP stays calm.
Animation: Split-TCP & the Optimization Pipeline — Local ACK, Then a Shrinking Packet
The branch EdgeConnect fires back an instant local ACK so the client keeps sending, while the data packet crosses the optimized middle leg, shrinking as it passes through TCP acceleration, dedup, compression, and the tunnel. Endpoints never see the WAN round-trip.
Network Memory Deduplication
The most distinctive Boost capability is Network Memory, Silver Peak's byte-level deduplication technology and the direct descendant of the dedup engine in the legacy NX and VX appliances. As traffic flows through, EdgeConnect breaks it into small chunks and fingerprints (hashes) each one. Both appliances maintain a synchronized dictionary. When a chunk's fingerprint already exists, EdgeConnect transmits a tiny reference token instead of the full chunk, and the far end reconstructs the data from its own dictionary. Endpoints receive byte-identical content with no idea most of it never crossed the WAN.
Byte-level, not file/block-level. It still finds repeated patterns when content is shifted, repackaged, or embedded across file types — the same logo in a PDF, PowerPoint, and email is recognized each time.
Cross-flow and cross-application. The dictionary is shared across all connections and protocols. The first open of a 50 MB presentation sends ~50 MB; later opens may send only a few hundred KB of differences.
Bidirectional and symmetric. Both ends keep caches, so dedup works branch-to-DC, DC-to-branch, and branch-to-branch.
On repetitive workloads, Network Memory commonly yields 5× to 20× effective (logical) throughput without any change to the physical link.
Figure 6.4: Network Memory deduplication
sequenceDiagram
participant SE as Sending EdgeConnect
participant RE as Receiving EdgeConnect
Note over SE,RE: First transfer of the content
SE->>RE: Full byte chunks (data not seen before)
Note over SE,RE: Both dictionaries now hold identical fingerprinted chunks
Note over SE,RE: Second transfer of the same content
SE->>RE: Small reference tokens instead of repeated bytes
Note over RE: Reconstructs original data from local dictionary
Compression and Payload Reduction
After deduplication removes repeated content, the remaining unique data is compressed with an LZ-style algorithm before crossing the WAN. The ordering is deliberate: deduplicate first, then compress. Compression is highly effective on text-heavy and structured data (source code, logs, XML, JSON, uncompressed documents, database traffic) but offers little benefit on already-compressed data (JPEG, MP4, ZIP) whose redundancy was already squeezed out at the source.
Technique
What it sends/saves
Best for
Limited on
TCP acceleration
Hides RTT via local ACKs, larger windows
High-latency long-haul TCP flows
UDP, real-time media
Protocol acceleration
Fewer round-trips per operation
Chatty apps: SMB/CIFS, MAPI, NFS
Already-efficient protocols
Network Memory dedup
Reference tokens for repeated bytes
Repetitive data: backups, shared files
Encrypted or unique data
Compression
Compactly encodes remaining unique bytes
Text, XML/JSON, logs, DB traffic
Already-compressed media (JPEG/MP4/ZIP)
FEC / packet-order correction
Parity packets; re-sequencing
Lossy / multi-path internet links
Clean, low-loss links
One caveat threads through all techniques: encryption. Dedup, compression, and protocol acceleration all need to see the payload, so end-to-end-encrypted traffic (HTTPS to SaaS, SMB3 with encryption) is opaque and those gains largely disappear. TCP acceleration, FEC, and packet-order correction can still help because they operate on the transport and packet level, not the payload.
Key Takeaway
Boost's techniques fall into two camps — send fewer bytes (byte-level Network Memory dedup, then LZ-style compression) and hide loss and latency (split-TCP with local ACKs and large windows, protocol acceleration for chatty apps, plus FEC and POC). The order is dedup then compress, and all payload-based techniques require unencrypted, inspectable traffic.
Post-Quiz — Optimization Techniques
1. In split-TCP acceleration, why do "local acknowledgments (ACK spoofing)" speed up a transfer?
2. What makes Network Memory's byte-level dedup more powerful than file-level or block-level dedup?
3. Boost applies its two data-reduction techniques in a specific order. Which order, and why?
4. Protocol acceleration (CIFS/SMB read-ahead, write-behind) mainly attacks which problem?
5. Traffic is encrypted end to end (HTTPS to SaaS, SMB3 with encryption). Which Boost techniques can still help?
Pre-Quiz — Measuring the Benefit
1. You want to quantify the bandwidth benefit of Boost on a flow. Which metric is the right one?
2. A long-lived TCP flow consistently uses below ~30–40% of available bandwidth at an RTT above 50–70 ms, despite tunnel bonding and low loss. What does this signal?
3. A dedup ratio that stays near 1:1 on an important flow most likely means:
4. Which flow is the WEAKEST candidate for Boost, where standard SD-WAN path control and QoS are the better answer?
5. An admin is migrating off legacy WAN-op hardware. What is the warning about "double-optimizing"?
3. Measuring the Benefit
Key Points
Two benefits, two metrics. Bandwidth benefit (dedup + compression) is measured by the dedup ratio / bytes saved; latency benefit (TCP + protocol accel) is measured by time — file-open, transaction, or job-completion seconds.
A low dedup ratio (near 1:1) is a diagnostic: the traffic is usually encrypted or genuinely unique.
Diagnostic baseline: a long-lived flow under ~30–40% of bandwidth at RTT above 50–70 ms (with low loss) is latency-bound — a strong Boost case.
Boost adds little for real-time UDP media, encrypted SaaS over direct breakout, low-latency near-line-rate links, and already-compressed/CDN-cached data.
Do not double-optimize: phase out legacy NX/VX boxes on paths where Boost is active.
Process: classify by behavior, check link characteristics, measure user experience, check for encryption, pilot, then size and license from measured gains.
Optimization features are only worth their license cost and CPU/disk overhead if they move the metrics the business cares about.
Reduction in Bandwidth and Latency
Bandwidth reduction comes from deduplication and compression; the headline metric is the dedup hit ratio — the ratio of pre- to post-optimization bytes on the wire. A 5:1 ratio means the WAN carries one-fifth the bytes the applications generated. A low ratio is itself a diagnostic: usually encrypted or unique traffic. Latency reduction comes from TCP and protocol acceleration; the right metric is time — file-open, transaction, or backup-job duration. A useful baseline: a long-lived flow consistently below ~30–40% of bandwidth at RTT above 50–70 ms (despite bonding and low loss) is latency-bound, and Boost likely helps substantially.
Metric
Driven by
How to read it
Dedup ratio / bytes saved
Network Memory + compression
Higher is better; near 1:1 means unique or encrypted
Effective (logical) throughput
Dedup + TCP acceleration
Can reach 5–20× physical on repetitive workloads
Operation/transaction time
TCP + protocol acceleration
Compare seconds before vs. after for chatty apps
FEC corrections / POC counters
Path conditioning
High counts indicate a lossy or reordering underlay
Appliance CPU and disk I/O
Dedup/compression overhead
High values mean undersized appliance or too much optimized traffic
Application Acceleration Examples
Branch SMB/CIFS to a central DC. Over 80 ms RTT, opening a large file takes 10–20s due to serial round-trips. After Network Memory + TCP/protocol acceleration, the first open is faster (round-trips collapsed) and repeat opens are near-instant from the local dictionary; effective file throughput rises 5–10×.
Database replication over internet VPN. With 2–3% loss and 120 ms RTT, native TCP stalls at a few Mbps on a 100 Mbps link. With FEC + TCP acceleration + POC, loss is masked, spurious retransmits vanish, and throughput climbs to ~40–60 Mbps, protecting RPO/RTO.
Cloud-hosted private apps from branches. With an EdgeConnect in branch and cloud VPC, dedup and protocol acceleration speed repetitive access while FEC/POC stabilize variable routes — the app feels on-premises.
When Optimization Is Unnecessary
The most important practical lesson: Boost is not always the answer. Standard EdgeConnect SD-WAN (business-intent path control, tunnel bonding, QoS, path conditioning) is sufficient or preferable when:
Real-time voice/video. VoIP, WebRTC, Zoom/Teams, softphones, most VDI are UDP-based or already optimized; they want path conditioning, SLA steering, and QoS — not TCP proxying or dedup. (Boost is primarily a TCP technology.)
Modern web/SaaS over HTTPS. M365, Salesforce, etc. are end-to-end encrypted and built to tolerate latency; direct internet breakout, local DNS, and QoS deliver more value — and often there is no second EdgeConnect to optimize against.
Low-latency, near-line-rate links. Under ~40–50 ms with transfers already near throughput, there is little latency to hide.
Already-compressed or CDN-cached data. JPEG/MP4/ZIP and CDN-served content offer minimal dedup/compression headroom.
Cheap, plentiful bandwidth. Sometimes adding capacity plus tunnel bonding is simpler and cheaper than tuning Boost.
A second caution for migrations: do not double-optimize. Running Boost and a legacy NX/VX appliance in series on the same flows adds overhead and can break protocol semantics; phase out the standalone WAN-op boxes as you activate Boost.
Figure 6.5: Decision flow for using Boost versus standard SD-WAN
flowchart TD
Start["Classify the application flow"] --> RT{"Real-time voice/video or UDP?"}
RT -->|Yes| StdWAN["Use standard SD-WAN (path conditioning, QoS)"]
RT -->|No| Enc{"End-to-end encrypted (HTTPS / SaaS)?"}
Enc -->|Yes| StdWAN
Enc -->|No| Link{"High RTT with underutilized bandwidth?"}
Link -->|No| StdWAN
Link -->|Yes| Both{"Boost enabled at both ends?"}
Both -->|No| StdWAN
Both -->|Yes| Boost["Enable Boost (TCP accel, dedup, compression)"]
Key Takeaway
Measure bandwidth benefit via dedup ratio and effective throughput, and latency benefit via operation/job completion time. Boost shines on high-latency, repetitive, chatty, or bulk TCP workloads — but for real-time media, encrypted SaaS over direct breakout, low-latency links, and already-compressed data, standard SD-WAN path control and QoS are the right tools. Pilot, measure, then license to fit.
Post-Quiz — Measuring the Benefit
1. You want to quantify the bandwidth benefit of Boost on a flow. Which metric is the right one?
2. A long-lived TCP flow consistently uses below ~30–40% of available bandwidth at an RTT above 50–70 ms, despite tunnel bonding and low loss. What does this signal?
3. A dedup ratio that stays near 1:1 on an important flow most likely means:
4. Which flow is the WEAKEST candidate for Boost, where standard SD-WAN path control and QoS are the better answer?
5. An admin is migrating off legacy WAN-op hardware. What is the warning about "double-optimizing"?