Академический Документы
Профессиональный Документы
Культура Документы
Application Visibility
IWAN Management
Summary
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
New Requirements for the Branch/WAN
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Emerging Branch Demands
The Application Landscape Is Changing
Cloud
Applications Are Moving to the Data Center and Cloud
EXAMPLE:
San Francisco Single MPLS VPN vs. Dual Business Internet ($ per Month)
$1,014
$885
$830
-75%
10 Mbps
$220
1.5 Mbps $303 $274 $260
$140
Source: Telegeography MPLS VPN pricing for San Francisco as of March 2013; Comcast Web site; Verizon website
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Intelligent WAN Deployment Models
Internet
Public Enterprise Public
MPLS MPLS+
MPLS Internet
Internet
Branch Branch Branch
AVC
Private
Internet
Cloud
Virtual
3G/4G-LTE
Private Cloud
Branch
Public Cloud
Internet
ASR 1000
WAN
ISR-G2
SINGLE Downtime
99.95%* Downtime per Year 99.90%*
ROUTER, per Year
MPLS 8 Hours Internet
SINGLE 46 Minutes
PATH 49 Hours
ISR G2 ISR G2
IWAN Solution
99.995% 99.995% 99.995%
SINGLE
ROUTER, 26 Minutes MPLS MPLS MPLS Internet Internet Internet
DUAL PATHS
ISR G2 ISR G2 ISR G2
* Typical MPLS and Business Grade Broadband Availability SLAs and Downtime per Year, calculated with Cisco AS DAAP tool.
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Intelligent Path Control:
Performance Routing (PfR)
Improving Application
Delivery and WAN
Efficiency
What Is Performance Routing (PfR)?
Data
Center
Performance Routing (PfR) provides
additional intelligence to classic routing MC
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
PfR Enhances Classical Routing
Classical PfR
+ Delay
Path cost
METRICS Jitter
Interface state
Bandwidth
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
What PfR Does
Protecting Critical Applications While Increasing Bandwidth Utilization
Hybrid IWAN Dual Internet iWAN
Detect Loss
Detect
Greater Than 10%
High Jitter
Voice and
Business App Video VDI
Business App and Load-Balancing Policy Multimedia and Critical Data Policy
Protect business SP1 (MPLS) Protect voice and video preferred path SP-A
cloud applications Increase WAN quality VDI preferred path SP-
from brownouts bandwidth efficiency by
Latency < 150 ms;
B
Loss < 5% Jitter < 20 ms
load-sharing traffic Increase utilization
Preferred path for Protect VDI applications
over all WAN paths, by load sharing
business applications: from brownouts
MPLS + Internet Loss < 5%
ISR G2 Traffic
Classes
Performance
ASR1K Learning Measurements
MC MC MC
Active TCs Best
Path
BR BR BR BR BR BR
MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR MC+BR
Define Your Traffic Policy Learn the Traffic Measurement Path Enforcement
Identify Traffic Classes ISR G2 and ASR Learn Measure the traffic flow Master Controller
based on Applications or traffic classes flowing and network performance commands path changes
Transport Classifiers through Border Routers actively or passively and based on your traffic
(BRs) based on your report metrics to the policy definitions
policy definitions Master Controller
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Defining Application Performance Policy
Choose your policy actions for various traffic classes FLEXIBLE CRITERIA
Alternate path selection based on flexible criteria
Application
Example:
Reachability
1. Link-Group: Path-A
Delay
2. Loss
Voice/Video Loss
3. Jitter
MOS
4. Delay
Jitter
Users/
CSR
Machines
Proliferation of Devices
AVC
Enterprise Edge
NetFlow/IPFIX Records
NetFlow v9 Export/IPFIX Export
(Same provisioning, same format)
PARTNER TOOLS ECOSYSTEM
Traffic statistics records ActionPacked CompuWare
Application Response Time records
Exporting Glue CA
Media monitoring records
Provisioning
(Application, Jitter, Loss, etc) Plixer Technologies
2013-2014 Cisco and/or its affiliates. All rights reserved.
Living Objects InfoVista
Cisco Confidential 22
Collecting Collecting Collecting
Application
SCE Innovations
Native IPv6
Classification
Classification
+1000
Open API 3rd Party
Provides Advanced Application Classification and Field Signatures
Integration.
Extraction capabilities
In-service upgradable Protocol Definitions IOS
No IOS upgrade or reboot for new Protocol Packs NBAR
Backward compatibility to preserve existing NBAR +150
investments Signatures
NBAR2
NBAR2 Protocol List
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps653
7/ps6558/ps6616/product_bulletin_c25-627831.html
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Perf. Collection
Integrated performance monitoring and advanced metrics for different type of applications and use cases
Advanced Voice and Video Performance Critical Applications Performance
Monitoring (Media Monitoring) (Application Response Time)
HTTP HTTP
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
App Optimization: Reduce Bandwidth and Latency
Enhancing User Experience and WAN Efficiency
PROBLEM SOLUTION
Application 3 120
optimization
Fewer protocol messages 2 80
Reduction
and metadata caching in latency
1 40
Application bandwidth natively
Application bandwidth with Cisco WAAS
Application latency natively 0 0
Application Application
Application latency with Cisco WAAS Bandwidth Latency
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
WAAS Delivers User Experience at Scale
0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150
Time in Seconds Time in Seconds
Send and receive email over native WAN File drag and drop over native WAN
First optimized with WAAS T1 First optimized with WAAS
Second pass optimized with WAAS
(1.54Mbps) Second pass optimized with WAAS
80 ms
Latency
MS SHAREPOINT 5 MB Document VDI (CITRIX)
0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30
Time in Seconds Time in Seconds
SharePoint file download over native WAN Launch Citrix XenDesktop over native Citrix ICA/SSL
First optimized with WAAS Launch Citrix XenDesktop with WAAS
Second pass optimized with WAAS Site navigation over native Citrix ICA/SSL
2013-2014 Cisco and/or its affiliates. All rights reserved. Site navigation with WAAS Cisco Confidential 26
Extending Akamai to the Branch with Akamai Connect
Akamai Intelligent Caching Inside Cisco ISR-AX
AKAMAI
CACHE
Akamai
ISR-AX Intelligent
Platform
AKAMAI
INSIDE
Optimal Experience Regardless of Device, Connectivity or Cloud
2013-2014 Cisco and/or its affiliates. All rights reserved.
All HTTP Traffic in Private, Public, Akamai Cloud Cisco Confidential 27
Prepositioning | Dynamic HTTP Caching (YouTube) | Any Transport
Secure Internet
Access
Secure Internet Access with Cisco
Cloud Web Security (CWS)
WAN2
(Internet)
Secure Public Cloud and
Branch Internet Access
CWS
Internet
Web Filtering, Access
Policy, Malware Detect
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Cisco ISR CWS Connector
How it Works
HQ
Routes
DSL Private
MPLS (IP-VPN)
Interface Cloud
WAN
Tunnel HQ
Traffic Virtual
Private Cloud
CWS
Branch Connector Default
Route
Internet
Internet
Public Cloud
Authenticate router and client to CWS cloud Redirect to CWS for scanning
Cisco ISR G2 Intercept HTTP/HTTPS traffic based on ACL Act as HTTP proxy to complete requests
with CWS Cloud filters Allow/Block or Warn based on user or
Add user credentials header for identifying group policy
Connector policy to be applied Scan for Malware
FUNCTIONS:
2013-2014 Cisco and/or its affiliates. All rights reserved.
Traffic Relay: replace client Source IP address Cisco Confidential 30
Prime
Simplified Deployment
Infrastructure
WAAS
Application Optimization
Central Manager
Prime
Secure Internet Connectivity
Infrastructure
2013-2014 Cisco and/or its affiliates. All rights reserved. Prime Cisco Confidential 33
Network Health and Status
Infrastructure
Why
Cisco IWAN?
Why Cisco IWAN
Integrated Platform Granular Control Proven Security Unmatched Context- Quick ROI Faster
for IT Simplicity Everywhere at Scale based Routing than Alternatives
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Start with Cisco AX Routers
IWAN Capabilities Embedded in the Router
Intelligent
Path Control
ASR1000-AX
Secure
Connectivity
ISR-AX
Simplify Transport
Application Independent
Delivery Routing
Service-Aware Dataplane
ISR4451 1-2Gbps
Resilient Service Virtualization
Multi-gigabit Fabric 500Mbps/1Gb
ISR4431 NEW!
APPLICATION CENTRIC
ps
App/User policy-driven deployment
APIC_EM Automation: deploy in ISR 4351 NEW! 200/400Mbps
minutes
Pay-as-you-grow
Up-to-75% cost savings
ISR 4331 NEW! 100/300Mbps
INTEGRATED IWAN SERVICES
IOS Firewall, VPN, IPSec, PfRV3,
NBAR2, AVC, AppNav, VRF, MPLS ISR4321 NEW! 50/100Mbps
Scalable on-chip service provisioning
2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Cisco Confidential
IWAN Aggregation Border Routers
ASR1000 - IWAN AX Ready, High Performance Routers
NEW!
COMPACT, POWERFUL ROUTER ASR1001-X
Line-rate performance 2.5G to 200G+
with services enabled
Modular ASR1006
Crypto performance from 2G to 60G+ 2.5G Upgradeable to 5G, 10G, 20G
Flexible I/O: SPAs and Ethernet LCs Up to 8G Crypto Throughput
BUSINESS-CRITICAL RESILIENCY
Cisco Confidential
Intelligent WAN (IWAN)
Private
MPLS (IP-VPN)
Cloud
Virtual
SLAs for Business-Critical Applications Private Cloud
Branch
Internet
Centralized Security Policy for Internet Access Public Cloud
Direct Internet
Access