Академический Документы
Профессиональный Документы
Культура Документы
Application Services
(WAAS) v4.1
Technical Overview
David Fernandez
Systems Engineer
Cisco
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 2
I/Ts Application Delivery Problem
Increasingly
Increasinglydistributed
distributed Data
Dataprotection,
protection,availability,
availability,
workforce
workforcedrives
drivesneed
needfor
for compliance,
compliance,andandmanagement
management
distribution
distributionof
ofI/T
I/Tresources
resourcesto
to drives
drivesneed
needfor
forconsolidation
consolidation
remote
remotelocations
locations Fewer
Fewerdevices
devicestotomanage
manage
Enable
Enableproductivity
productivity Fewer
Fewerpoints
pointsto
toprotect
protect
Drive
Driverevenue
revenueand
andprofits
profits
Remote
RemoteOffices
Offices
Distribution
Primary
Primary
Distribution of
of
Data Center
Resources
Resources Data Center
Regional
RegionalOffices
Offices
Data Secondary
Data center
center Secondary
consolidation
consolidation
Data
DataCenter
Center
Home Offices
Home Offices
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 3
The WAN Is A Barrier To Consolidation
Low latency
Reliability
Client
LAN Switch Server
Latency WAN
Packet Loss
LAN Switch
Client Server
LAN Switch
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Cisco WAAS
Comprehensive WAN Optimization Solution
Accelerates applications over the WAN
Delivers video to the branch
Provides local hosting of branch IT services
Mobile Data Center
Internet
O
Opptitim
miz
izeeddCCon
Remote Office onnneecctio
tionnss
VPN
O
Oppttiim
miizzeed
dCCoonnn
neeccttio
Remote Office WAN ionnss
Optimized
Optimized Connections
Connections
edd nss
Remote Office s izize tioion
eccttiioonns m cct
ittm
p i nee
nnne OOponnn
e d
d Coon
C CCo
VV V
BB B
ze
miiz
ttiim
Backup Data Center
12 3 O
Opp
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Application Performance Improvements
Category Applications 2X 5X 10X 25X 50X 100X+
CIFS
File Sharing NFS
2-20X Avg >100X Peak
EMC SRDF/A
Data Replication EMC IP Replicator 2-10X Avg 50X Peak
NetApp SnapMirror
Data Domain
Double-Take
Veritas Vol Replicator
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 8
New
Virtual Virtual
CIFS MAPI HTTP SSL Video NFS
WoW Blade Blade Configuration
AO AO AO AO AO AO
#2 #3 Management
System
(CMS)
TCP Proxy with Scheduler Optimizer (SO) Embedded
DRE, LZ, TFO virtualization
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 9
TCP Connection Establishment
Attempt Connection
Src port, Dst port
Sequence Number TCP SYN
Window Size, Checksum
Options (MSS, SACK, etc.) Acknowledge Connection
Attempt Connection
Src port, Dst port
TCP SYN, ACK Sequence Number
Acknowledgement Number
Window Size, Checksum
Options (MSS, SACK, etc.)
Acknowledge Connection
Sequence Number
Acknowledgement Number TCP ACK
Window Size, Checksum
Options (MSS, SACK, etc.)
2007 Cisco Systems, Inc. All rights reserved. WAAS v4.09 (in latest Cisco template)1-10
TCP Flow Optimization (TFO)
Improves application throughput
Improves existing WAN bandwidth utilization
Shield end-nodes from unruly WAN conditions
Bandwidth scalability - help certain applications fill-the-pipe
Connection fairness - ensure bandwidth is allocated fairly amongst flows
Loss mitigation - selective acknowledgement and retransmission
Slow-start mitigation - improve connection setup time
TCP Proxy architecture provides LAN-like TCP behavior and provides higher levels of
compression than per-packet compression
TFO provides adaptive buffering to help ensure that connections requiring additional
memory can achieve higher throughput automatically without compromising on
fairness
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Selective Acknowledgement
Transmit Receive
3 2 1 2 1
ACK
Retransmit
3 2 1 3 2 1
ACK 3 2 1
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Selective Acknowledgement (Cont.)
WAN
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 13
TCP Performance Challenges
cwnd
TCP
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 14
WAAS TFO
Cisco TFO Provides Significant Throughput
Improvements over Standard TCP Implementations
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Comparing TCP and TFO
TFO
cwnd
TCP
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Advanced Compression
LZ
WAN LZ
DRE DRE
Synchronized
Compression
History
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Data Transfer With Compression
WAN
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 18
DRE : A Fully Chunked Message
ORIGINAL DATA
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 19
DRE Pattern Matching
DRE Database
NO MATCH
NO MATCH
NO MATCH
NO MATCH
Original
Original Encoded
Encoded
Message
Message Message
Message
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Simple Transparent In-path Deployment
Simple Plug-and-Play Deployment Remote
Office
Physical in-path deployment between switch
and router or firewall requires no network
changes
Mechanical fail-to-wire upon hardware,
software, or power failure
Scalability and High Availability
Two two-port fail-to-wire groups provides
support for redundant network paths and
asymmetric routing
Serial in-path clustering with load-sharing and
fail-over
Seamless Transparent Integration
Transparency and automatic discovery WAN
BRKAPP-1004
Supported on all WAE appliance models
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Network-Integrated Off-path Interception
Transparent integration and automatic Remote
discovery regardless of interception Office
method
WCCPv2 Interception
WAE
WAE
Active/active clustering supports up to 32 Cluster
Cluster
Original
Original
WAEs and 32 routers with automatic Flow
Flow
load-balancing, load redistribution, fail-
over, and fail-through operation
Near-linear scalability and performance
improvement when adding devices
Interception
Interception
Policy-Based Routing Interception Redirection
Redirection
Monitoring
Monitoring
Optimized
Optimized
Routing of flows to be optimized through a Flow
Flow
Cisco WAE as a next-hop router
WAN
Active/passive clustering provides high
availability and failover using IP SLAs as
a tracking mechanism
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Cisco WAAS Auto-Discovery
WCCPv2
WCCPv2 WCCPv2
WCCPv2
A
A or
B
B
or PBR
PBR or
or PBR
PBR
WAN
A:B
A:B TCP
TCP SYN
SYN B:A
B:A TCP
TCP SYN/ACK
SYN/ACK A:B
A:B TCPB:A
TCP SYN
TCP
SYN
B:A TCP SYN/ACK
SYN/ACK A:B
A:BB:A
TCP
TCP
B:A TCP
SYN
SYN
TCP SYN/ACK
SYN/ACK
(marked)
(marked) (marked)
(marked) (marked)
(marked)
ACCELERATION
II would
would like
ACCELERATION like II know
Acknowledge
know WAE1
WAE1 is
Acknowledge is
WAE1 CONFIRMED!
to
to accelerate
CONFIRMED!
accelerate WAE2 in
in the
Acceleration!
the path,
path, lets
Acceleration!
lets
this
this connection!
connection! Hereaccelerate!
Here are
are my
my details
accelerate! details
Here
Here are
are my
my details
details
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Cisco WAE Disk Encryption
Cisco WAE Disk Encryption Standards-Based Strong Encryption
Optional feature applied against data Follows FIPS 140-2 level 2 specification
partitions within the WAE to mitigate with certification to follow
concern of data theft due to stolen drives
or physically compromised WAE devices 256-bit Advanced Encryption Standard
(AES) cipher, which is the standard for US
Keys fetched from CM upon boot and Government data protection and the
stored in memory only, WAE will pass- strongest commercially-available
through if keys are unavailable encryption
Keys synchronized amongst Central Cisco WAAS is In Evaluation with
Managers to ensure high availability Common Criteria certification
Cisco WAAS
Central Manager
WAN
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 25
CIFS Application Optimizer
Click for More Details
Problem
CIFS is a "chatty" protocols and when used in an environment with high latency,
packet loss, and bandwidth constraints such as a WAN, file server access over the
WAN is significantly diminished.
Solution
File and Metadata caching Benefits
Read-ahead Enable consolidation of distributed file
and print resources into the data
Message pipelining center without compromising
Scheduled preposition to pre-populate performance.
Offload of Data Center Servers
Transparent integration
Dedicated CIFS cache (SMS
distribution point, user home area)
WAN
Files
FILE.DOC
Cache
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 26
New
SSL Handshake
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Available in WAAS 4.1.3
Transparent
Secure Channel
WAN
Original
Original Data
Data -- Encrypted
Encrypted Optimized
Optimized &
& Encrypted
Encrypted Original
Original Data
Data -- Encrypted
Encrypted
SSL Session Client to Core WAE (WAAS) SSL Session Core WAE to Server
- Core WAE: Server Private Key
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 30
Virtualized App Delivery for Branch Office New
Local
Backup Storage
Users WAN
Business and
Servers Communication Apps
Cisco
WAAS
Remote Office
VV V
BB B Data Center
12 3 ISR
WAASAppliance WAN
WAASAppliance
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 32
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 33
Cisco WAAS Mobile Network Layout
WAAS
Branch Office WAN
Large Campus
WAAS OR
WAAS Data Center
Regional
WAAS
Office WAAS Mobile
Mobile Server
Server VPN
VPN Internet
International Domestic
Mobile User Mobile User
WAAS Mobile SW
WAAS Mobile SW over VPN
over VPN
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 34
Cisco Wide Area Engine (WAE)
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 35
Cisco WAAS Router Modules
The Cisco Wide Area Application
Services (WAAS) network
modules provide integrated WAN
optimization with Cisco Integrated
Services Routers (ISR), enabling
you to implement full feature WAN
NME-WAE optimization while minimizing total
Router-Integrated Network Module
for the Cisco Integrated Services Router
cost of ownership
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 36
WAAS Virtual Blades-Capable Branch New
Appliances
Cisco Wide Area
Virtualization Engine
WAVE-274 Appliance (WAVE) appliances extend
the Cisco WAN optimization
appliance portfolio to provide
WAVE-474 Appliance
the industry's only branch-
office appliance family that
incorporates comprehensive
WAN optimization,
WAVE-574 Appliance embedded virtualization for
local hosting, and branch-
office video delivery.
WAE-674 Appliance
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 37
Cisco WAAS Branch Platforms
Max Opt Number
Hardware Drive Memory WAN Capacity
TCP Inline cards of Virtual RAID
Configuration (GB) (GB) (Mbps)
Conn Blades
* Final recommendations requires a detailed sizing exercise that include application traffic mix, traffic characteristics, application load and other factors
mentioned in the sizing guidelines.
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 38
Cisco WAE Family
Data Center Platforms
Hardware Max Opt Fan- Memory WAN Capacity
Inline cards Drive (GB) RAID
Configuration TCP Conn Out (GB) (Mbps)
Replicator Mode
* Final recommendations requires a detailed sizing exercise that include application traffic mix, traffic characteristics, application load and other factors
mentioned in the sizing guidelines.
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 39
Agenda
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 40
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 41