Keeping Corporate Applications Available
Addressing Network Scalability Requirements
Bandwidth Limit Becomes History
Unbreakable Business Continuity

FAQ

We've collected answers to frequently asked questions and categorized them as follows:

General
> Who is Q-BALANCER Company?
Q-BALANCER Company is a software company that provides enterprises and service providers the flexibility to securely connect users to applications via the cost-effective connectivity. The Q-Balancer SD-WAN solution increases productivity, reduces connectivity costs, and optimizes access for hybrid-WAN networks and next-generation applications. Since inception our solution has been successfully deployed across thousands of sites in over 20 countries through cooperation with the channel partners.

> What is the Q-Balancer solution?
The Q-Balancer solution is designed to provide a reliable and scalable WAN solution for branch offices, corporate headquarters, large organizations, and data centers. All its features such as WAN load balancing, VPN bonding, and traffic shaping are located on the appliance with policies and configurations being managed through an intuitive web interface. The Q-Balancer solution reduces WAN cost through leveraging lower-cost WAN transports, and enhances productivity derived from increased WAN bandwidth and resiliency. Businesses quickly realize the technical and economic benefits when taking on the Q-Balancer solutions. Whether the appliances work at branch offices or large organizations, they offer unprecedented reliability and performance.

> What are the main benefits of the Q-Balancer solution to enterprises?

  • Protecting business continuity against WAN outages

  • Increasing WAN bandwidth and performance with multiple transport services

  • Ensuring connectivity to corporate applications for incoming requests

  • Augmenting or replacing MPLS networks with broadband

  • Prioritizing delivery for business-critical applications

  • Optimizing public and private cloud applications in hybrid networks

  • Consolidating network infrastructure and potentially eliminating routers and various devices at branch office

  • Lowering WAN OpEx and CapEx

  • Mitigating potential threats

  • Analyzing and reporting network usage

  • Staying ahead of the growing IT demands

> How long will it take to deploy a single remote site with the Q-Balancer Edge appliance?
The time to deploy a Q-Balancer Edge appliance at a single remote location can be measured in minutes. Installing a Q-Balancer Edge appliance does not require special training or skill set. Through the zero touch provisioning (ZTP) you simply power on the appliance and have it connected to the network. The Edge appliances will then automatically connect to the Q-Balancer Controller to complete the configuration for the overlay network and relevant policies. 

> How does the Q-Balancer SD-WAN solution save customers money?
The following ways customers can realize savings with the Q-Balancer solution.

  • Bandwidth savings that are achieved by leveraging inexpensive broadband connectivity instead of costly MPLS services. This reduces the monthly recurring costs for bandwidth.

  • OpEX saving is achieved through the Q-Balancer, which allows a single WAN administrator to centrally deploy connectivity at the branch and enforce business intent policies for hundreds of sites. It also eliminates the costs associated with networking engineers that require special training or skill set to Install the Q-Balancer Edge appliance.

  • CapEX saving is achieved as branch network can be simplified by eliminating the need for dedicated branch routers, firewalls, and other network devices. This lets companies choose the best model for their budget and objectives. Thanks to its competitive pricing, choosing the Q-Balancer as your SD-WAN solution mitigates the upfront investment on branch network.

  • The performance gains afforded by utilizing the Q-Balancer SD-WAN technology can help prevent costs associated with lost productivity.

How to select the suitable model of Q-Balancer?
The Q-Balancer solution is designed for branch offices, corporate headquarters, large organizations, and data centers. The solution can be delivered as either a physical or virtual appliance.

  • Physical Appliances

The Q-Balancer 2000 is designed for educations, large enterprises and data centers, and supports up to 52 WAN links and up to 20 Gbps throughput. Large organization can employ the Q-Balancer 2000 to work as a link load balancer to ensure network connectivity, while in a distributed network the Q-Balancer 2000 can function as a network controller.

The Q-Balancer 500 is designed to bring high network reliability and performance to medium and large-sized enterprise and regional data centers. This 1U rack-mountable appliance supports up to 52 WAN links and up to 3 Gbps throughput. The Q-Balancer 500 protects business from any potential network failure and disruption.

The Q-Balancer 300 is designed for small and medium-sized enterprises and supports up to 25 WAN links and up to 1.5 Gbps throughput. This 1U rack mountable appliance ensures connectivity while providing key features for enterprises including routing, firewall and bandwidth management.

The Q-Balancer 150 is a compact design appliance for small and branch offices with higher bandwidth demand. The appliance supports up to 10 WAN links and up to 300 Mbps throughput. The Q-Balancer 150 comes with all-in-one features, and brings the benefits of low costs and high reliability.

The Q-Balancer Mesh is designed to provide secure WAN access for pop-up stores and branch offices wherever they are, particularly for the locations where wired solutions are not available or costly. With its intelligent algorithms and industry-grade 4G LTE connectivity, the Q-Balancer Mesh enables branch networks to stay connected as needed.

  • Virtual Appliance

The Q-Balancer V2000 is a virtual appliance running on VMware vSphere virtual server, and provides same functionality as the physical appliance of the Q-Balancer 2000. The Q-Balancer V2000 is designed for educations, large enterprises and data centers, and supports up to 52 WAN links and up to 20 Gbps throughput. For model selection, kindly find the information here.

SD-WAN
Software-Defined Wide Area Network (SD-WAN) is an application of Software-Defined Networking (SDN). SD-WAN is a suite of feature designed to maximize network resiliency and bandwidth efficiency for multi-site enterprises. It improves bandwidth usage and lower operational costs, and achieves the highest possible level of performance for critical applications without sacrificing security or data privacy. SD-WAN can be a scalable and often much cheaper alternative to traditional WAN circuits like MPLS lines. Many businesses are using SD-WAN technology to augment or even replace their expensive MPLS connections with lower-cost, high-bandwidth Internet links. The Q-Balancer SD-WAN consists of four main components, Network Controller, Edge Appliances, Overlay Network, and Reporting.

> Network Controller
In the Q-Balancer SD-WAN network, the Network Controller maintains connections to all branch edge appliances and monitor the operational state of overlay tunnels across different WANs, helping enterprise networks become dynamic and intelligent from end to end.

> Edge Appliance
In  the Q-Balancer SD-WAN network, the branch Edge appliance creates and terminates SD-WAN overlay tunnels. It decides which link is the best path back to the data center, delivers cost-effective services, and address application needs.

> Overlay Network
The overlay networking is a method of using software virtualization to create additional layers of network abstraction (or software-based network overlays) that can be run on top of the physical network, often providing new applications or security benefits. In the Q-Balancer SD-WAN, the overlay network securely links all appliances and controller.

> Reporting
The Q-Balancer Reporting is to provide insight into real-time and historical view for fault finding, troubleshooting, and network planning.

> MPLS
Multiprotocol Label Switching (MPLS) is a network protocol for speeding up wide area network (WAN) traffic flows. It is a reliable connection for real-time applications, and yet its bandwidth is extremely expensive. Therefore, some enterprises can only afford limited bandwidth at certain locations, and have been trying to find out how to optimize usage on MPLS or less expensive alternative connections like broadband technology to bring down the cost of connectivity.

> Hybrid WAN
Hybrid WAN connects two geographically separate sites by combining different types of connections. One type of connection is a private MPLS circuit, and the other types might be broadband Internet link (e.g. DSL, 4G LTE, etc.). The traditional MPLS connects to the data center, while the broadband lines connect to the Internet or as a VPN connection to the data center. 

> WAN Virtualization
WAN Virtualization enables business to use multiple WAN connections, which can be existing private MPLS link and any kind of Internet WAN links such as DSL, cable, fiber, Metro Ethernet, etc., to augment or replace individual private WAN connections.

> Overlay Routing 
The Q-Balancer SD-WAN route tables can fully replace or coexist with the existing routing infrastructure. The SD-WAN configuration allows static route entries for specific sites, and route entries learned from the underlay network through supported routing protocols such as OSPF and BGP. This helps provide resilient and robust connectivity between branch offices and head office.

> Dynamic Path Selection
The Q-Balancer Dynamic Path Selection (DPS) works in conjunction with path-monitoring and allows a network administrator to configure performance criteria for different types of traffic. It pushes packets to an optimal route or across multiple paths based on the real-time measuring result from path-monitoring. 

> Application-Aware Routing 
Application Aware Routing measures and monitors performance of multiple services in a hybrid network, and then offers more granular control of where and when an application uses a specific path. It is designed for enterprise network to choose the most optimal network path in hybrid multi-cloud network, in terms of bandwidth and quality of service that best suits an application requirement. 

> Zero Touch Provisioning 
The site-to-site overlay connectivity was traditionally established in a multiple step process, and yet it is established with a few simple clicks on the Q-Balancer user interface now. The configuration for overlay network including encryption, authentication, and policies are all handled with little manual intervention. The Q-Balancer auto-provision overlay enables branch deployments without on-site IT. This makes a new site to be added within a few minutes.

> Granular Internet Breakout
By introducing other Internet transports into MPLS WAN, the Q-Balancer Edge appliance can help business reserve backhaul bandwidth for critical applications by granularly offloading Internet-bound traffic from the MPLS backhaul. For branch sites that are required to backhaul specific web-bound applications for additional security monitoring in accordance with security policy, the Q-Balancer Edge appliance is able to help business optimally direct traffic to the best-performance path based on business intent policy.

WAN Load Balancing
> Hybrid Multi-Path Load Balancing
Whether the WAN is all MPLS, a hybrid WAN of MPLS and broadband, all broadband links, the Q-Balancer's Hybrid Multi-Path load balancing solution will ensure continuous availability and predictable application performance to keep productivity moving at optimal speed.

> WAN Failover
In case the primary line failed, then new traffic would be transparently routed down the remaining active links
; when the primary line recovers from the outage, the Q-Balancer again sends out new traffic via the primary line.

> WAN Brownout
For WAN links, a Brownout is an unpredictable duration where increases in packet loss, latency, and jitter cause poor application performance. The Q-Balancer is able to identify the issue and divert the traffic to the remaining paths.

> WAN Aggregation
By combining the bandwidth of Internet circuits, the Q-Balancer enables enterprises to get increased bandwidth. Greater Internet speed can be achieved as best performing and least-loaded links are always selected when new requests arise.

> WAN Transport Agnostic
The Q-Balancer WAN load balancing is transport agnostic, so it does not care about whether the transport is MPLS, broadband or a 4G LTE connection.

> Application-Aware Routing 
Application Aware Routing measures and monitors performance of multiple services in a hybrid network, and then offers more granular control of where and when an application uses a specific path. It is designed for enterprise network to choose the most optimal network path in hybrid multi-cloud network, in terms of bandwidth and quality of service that best suits an application requirement.

> DNS-Based Routing 
Traditionally, link load balancer or firewall decides the outbound path for a destined domain with the IP address from its first DNS lookup. Unless every domain has only one single IP address respectively, managing policy routing based on domain names is nearly impossible.

With the advanced mechanism of DNS routing, the Q-Balancer is able to precisely route traffic to the Internet via a particular gateway based on domain name. Whenever a request arises, the solution will dynamically check its updated DNS database and then decides the path. This is especially useful to deal with the domains that have multiple IP addresses and randomly change it time to time. 

> Policy-Based Routing (PbR) 
Policy-Based Routing can be set to configure preferred paths (WAN & VPN) for different traffic flows based on MAC, IP, Port, FQDN, applications, and schedule.  

> Session Persistence
Some application servers require the server requests to come from a consistent IP address in order to process them properly. The Q-Balancer has the ability of session-level persistence to keep the requests to particular server(s) persistent on the same path.

Inbound Load Balancing
> Inbound Load Balancing & Failover
The Q-Balancer is incorporated with the ability of inbound failover & load balancing. It constantly gauges the status of all WAN links, and so has the intelligence to direct the incoming requests to reach the corporate-hosted servers via an accessible or least-loaded WAN line accordingly, rather than an inactive WAN line. The inbound load balancing increases bandwidth utilization and accelerates the delivery to the incoming requests by dynamically making DNS adjustments to the DNS queries when new requests arise.
 

> Global Site Failover & Load Balancing
With the Global Site Load Balancing (GSLB), each location tracks the status of the other location and provides the information for DNS load balancing between all sites; in case one of the sites fails, e.g. power outage, the Global Site Load Balancing redirects all traffic to the other one, which is up and reachable from the internet. This provides business continuity and buys time for the Infrastructure team to bring up the other site
.

Traffic Shaping
The QoS feature enables organizations to proactively manage bandwidth based on business intent policies for IP, ports, protocols and applications, to ensure that key applications such as email and VoIP have the required bandwidth and that less desirable traffic does not consume critical bandwidth. The Q-Balancer QoS enables admins to control the maximum and/or guaranteed throughput for any load balancing policies specified. For the Q-Balancer, there are three types of traffic shaping configurations, each of which has a specific function, and all can be used together in varying configurations.
 

> Shared Traffic Shaping
Shared (Per-policy) Traffic Shaping enables admins to control the maximum and/or guaranteed throughput for any load balancing policies specified. If a shaper is set to shared with a maximum bandwidth of, saying, 10 Mb/s, then the entire policy has the maximum bandwidth of 10 Mb/s.

> Individual Traffic Shaping
Individual (Per-IP) Traffic Shaping enables admins to control the maximum and/or guaranteed throughput for every member in a QoS rule. Per-IP traffic shaping enables admins to limit the behavior of every member of a policy to avoid one user from using all the available bandwidth. Using a per-IP shaper avoids having to create multiple policies for every user you want to apply a shaper.

> Application Traffic Shaping
Application Traffic Shaping is possible for specific applications in conjunction with the application-aware load balancing policy specified, which can be either shared or individual.

> Policy-Based QoS
QoS policy can be set to manage traffic based on MAC, IP, Port, DNS routing, applications, and schedule.

VPN Bonding
VPN and leased line networks are traditionally established based on a single Internet circuit. Should the circuit fails, there is no way to keep the continuity for the VPN. In addition, if more bandwidth is required to accommodate growing demand, this is possibly difficult to achieve, even through traditional WAN load balancing technology.

> Automated Site-to-Site VPN Failover
Once the Q-Balancer solution is in place at both ends, the devices will keep VPN connectivity up and running by monitoring the VPN connectivity and diverting VPN traffic down to the remaining active paths in the event of an Internet circuit fails. 

> VPN Bonding
The Q-Balancer's VPN Bonding is able to increase the speed of site-to-site VPN through combining bandwidth for multiple VPN connections. The Q-Balancer's VPN bonding can be applied to the network on static IP, dynamic IP, and even private IP.

> Auto-Provision VPN
Auto-Provision VPN allows VPN bonding to be configured and provisioned automatically in an effort to reduce operational and overhead costs.

Military-Grade VPN
> Site-to-site IPSec VPN
With third-party VPN solutions, multiple site-to-site IPSec VPN tunnels can be terminated on a combination of different WAN links to connect multiple VPN sites.

> QB-to-QB IPSec VPN
Multiple QB-to-QB IPSec VPN tunnels can be terminated on the Q-Balancer appliances between multiple VPN sites. The QB-to-QB IPSec VPN can be applied to outbound policies to route traffic across multiple VPN sites and Internet traffic to another VPN site. The site-to-site traffic can be splitted over 2 or more QB-to-QB VPN tunnels based on load balancing policies specified to provide primarily two desired outcomes:

  • VPN Load Balancing
  • VPN Failover

> Dynamic Routing over site-to-site VPN tunnels
Popular OSPF and BGP routing protocols over QB-to-QB IPSec tunnels are supported. With the ability to understand (and participate in) popular dynamic routing protocols, the Q-Balancer solution is able to establish and maintain existing routing tables, and deliver a simplified deployment experience for enterprise customers.

> Client-to-Site VPN
Client-to-site VPN for PPTP, L2TP, IPSec are supported for remote and mobile devices to make them behave as though they were on the office LAN.

Network Security
Q-Balancer is incorporated with the mechanisms of network security to protect a network against unauthorized access. The Network Security includes various elements for protection including application security, access control, firewalls, DoS prevention, and more.

> Stateful Firewall
The Q-Balancer's
 firewall is constantly analyzing the complete context of traffic and data packets. Once a certain kind of traffic has been approved by a stateful firewall, it is added to a state table and can travel more freely into the protected network. Traffic and data packets that don’t successfully complete the required handshake will be blocked. 

> DNS Firewall
Q-Balancer is incorporated with a DNS Firewall which prevents network users and systems from connecting to known malicious Internet locations. DNS Firewall is similar to traditional firewalls as it blocks/redirects end-users from accessing malicious sites at a different layer and phase.

> Distributed Denial of Service Prevention
Distributed Denial of Service (DDoS) attacks are the most common type of online attacks as they are an attempt to exhaust network, server or application resources so that they are no longer available to intended users. The Q-Balancer DDoS Protection detects DDoS traffic and mitigates it rapidly, providing your network infrastructure with the most robust security against such attacks.
  

> Connection Limit
Connection limit is configured to allow a maximum number of TCP connections for a single IP host or subnet to protect a network. When the number of connections exceeds the maximum, the new connections is dropped and logged.

In case you have questions beyond them, kindly contact your resellers or contact us.