What's APPening with FASP

A big shortcoming of traditional file transfer protocols such as FTP or HTTP has been the impact on throughput that results from TCP’s aggressive congestion control mechanism; especially when transferring large data files over wide area networks. Aspera's FASP is an application layer protocol that is among the many alternatives that have been designed to address this issue. It uses UDP instead of TCP as the underlying transport layer and leverages the fact that bulk file transfer does not require in-order delivery of byte streams. 

Aspera touts a huge speed advantage over traditional TCP transfers:

An FTP file transfer from LA to New York (90 ms) will achieve 5-6 Mbps when loss is low (0.1%). As congestion on the link increases (1%), FTP dramatically reduces its rate to 1.4 Mbps. In contrast, fasp transfers data at link capacity. On a 155 Mbps link with 90 ms/1%, fasp transfers at 154 Mbps, 100 times faster than FTP.

In both the Fall and Spring 2010 editions of the Application Usage and Risk Report compiled by Palo Alto Networks, FASP is among the Top 20 applications in total bytes transferred and is #1 in average bytes transferred per instance. FASP technology is also being integrated into desktop, network-based, and web-based applications. Amazon Web Services (AWS) users, for instance, can use this technology to transport files to, from, and within the Cloud. Availability of open source implementations for other similar solutions, Tsunami and UDT, and their use in commercial products such as FileCatalyst is likely to cause a widespread use of these high-speed file transfer solutions.

However, these applications can pose a considerable risk to enterprise network bandwidth, potentially impacting business-critical applications. Since their data transfer rate is adapted to the available bandwidth on the end-to-end path, enterprises can protect their critical network segments by using appropriate bandwidth controls. On the Palo Alto Networks Next Generation Firewalls, the App-ID technology identifies all traffic from this application as FASP. Security and QoS policies can then be configured, based on the application, to deny, allow, or rate-limit the traffic according to defined bandwidth limits. Whatever application and bandwidth usage policies businesses come up with, Network and Security administrators will need to equip themselves with the right tools to enforce them.