If there's one thing branch offices linked back into a data center don't need, it's another box taking up space and generating heat in the local data closet. That's one of the reasons why Blue Coat Systems - a provider of WAN optimization hardware appliances, along with Cisco Systems, Riverbed, Citrix Systems, and a few others …
The wonder is why Microsoft hasn't jumped into this market yet
MS provides a partial solution for these issues with their BranchCache functionality. But, in fairness, it doesn't cover that many types of traffic and requires Windows7 clients and 2008R2 server.
If you already have the servers needed to support the virtualised WAN optimisation in the branch office, why not instead just move whatever the branch office users are connecting with to a local server instead of have them connecting around the world? They then get low latency LAN connections to a local server and the WAN can be used for replication back to head office. The added bonus is that users can then continue working even if the WAN is down.
replication replication replication
I'm eyeing this one up for our place, 2 offices of 30 users each all sharing single Exchange, CRM and SQL servers. We dropped a Blue Coat on either end of our 4Mb VPN and saw a 40% improvement immediately, when we took them back out we considered running more local servers on the branch site but the replication traffic would've been just as bad as the user traffic was.
Needless to say, I may well wave this article at the PHB later and see if the price point any more appealling now!
Let's see: ISA Server is well documented, there are stacks of books on it, it does stateful packet inspection and is rock solid.
BlueSmurf Proxy SG has a clunky interface, abysmal reporting and the only training available is from them. It can't spot P2P, IM or other stuff being tunnelled through http. It doesn't scale well. It can't do proper clustering. I happen to know this, because I've got half a dozen Proxy SGs.