WAAS Basic PDF

Cisco Wide Area
Application Services
(WAAS) v4.1
Technical Overview
David Fernandez
Systems Engineer
Cisco
BRKAPP-1004
14617_05_2008_c1 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Agenda
Enterprise Application Delivery Challenges

Introducing Cisco Wide Area Application Services
Cisco WAAS Product Architecture
Application Specific Acceleration
Network-embedded virtualization
WAE Platforms
Application Performance Solution Process
BRKAPP-1004
I/Ts Application Delivery Problem
Increasingly
Increasinglydistributed
distributed Data
Dataprotection,
protection,availability,
availability,
workforce
workforcedrives
drivesneed
needfor
for compliance,
compliance,andandmanagement
management
distribution
distributionof
ofI/T
I/Tresources
resourcesto
to drives
drivesneed
needfor
forconsolidation
consolidation
remote
remotelocations
locations Fewer
Fewerdevices
devicestotomanage
manage
Enable
Enableproductivity
productivity Fewer
Fewerpoints
pointsto
toprotect
protect
Drive
Driverevenue
revenueand
andprofits
profits
Remote
RemoteOffices
Offices
Distribution
Primary
Primary
Distribution of
of
Data Center
Resources
Resources Data Center
Regional
RegionalOffices
Offices
Data Secondary
Data center
center Secondary
consolidation
consolidation
Data
DataCenter
Center
Home Offices
Home Offices
BRKAPP-1004
The WAN Is A Barrier To Consolidation
Applications perform well in LAN:

High bandwidth Round Trip Time (RTT) ~ 0mS
Low latency
Reliability
Client
LAN Switch Server
Applications perform poorly in WAN:

Already congested
Low bandwidth Round Trip Time (RTT) ~ many many milliseconds
Latency WAN
Packet Loss
LAN Switch
Client Server
LAN Switch
BRKAPP-1004
Agenda

Data Replication Acceleration
Remote Access Optimization with WAAS Mobile
Management and WAE Platforms
WAAS Installation steps
Summary
Q&A
BRKAPP-1004
Cisco WAAS
Comprehensive WAN Optimization Solution
Accelerates applications over the WAN
Delivers video to the branch
Provides local hosting of branch IT services
Mobile Data Center
Internet
O
Opptitim
miz
izeeddCCon
Remote Office onnneecctio
tionnss
VPN
O
Oppttiim
miizzeed
dCCoonnn
neeccttio
Remote Office WAN ionnss
Optimized
Optimized Connections
Connections
edd nss
Remote Office s izize tioion
eccttiioonns m cct
ittm
p i nee
nnne OOponnn
e d
d Coon
C CCo
VV V
BB B
ze
miiz
ttiim
Backup Data Center
12 3 O
Opp
BRKAPP-1004
Application Performance Improvements
Category Applications 2X 5X 10X 25X 50X 100X+
CIFS
File Sharing NFS
2-20X Avg >100X Peak
Email Microsoft Exchange

Lotus Notes 2-5X Avg 20X Peak
Internet Mail
Web and HTTP

2-10X Avg 100X Peak
WebDAV
Collaboration FTP
Microsoft Sharepoint
Software Microsoft SMS

Altiris 2-20X Avg >100X Peak
Distribution HP Radia
Enterprise Microsoft SQL

Oracle, SAP 2-5X Avg 20X Peak
Applications Lotus Notes
Backup Microsoft NTBackup

Legato Networker 2-10X Avg 50X Peak
Applications Veritas Netbackup
CommVault Galaxy
EMC SRDF/A
Data Replication EMC IP Replicator 2-10X Avg 50X Peak
NetApp SnapMirror
Data Domain
Double-Take
Veritas Vol Replicator
BRKAPP-1004
Agenda

Summary
Q&A
BRKAPP-1004
New
Platform Management and Services
Virtual Virtual
CIFS MAPI HTTP SSL Video NFS
WoW Blade Blade Configuration
AO AO AO AO AO AO
#2 #3 Management
System
(CMS)
TCP Proxy with Scheduler Optimizer (SO) Embedded
DRE, LZ, TFO virtualization
Cisco WAAS Operating System

Policy Engine, Filter-Bypass, Egress Method, Directed Mode, Auto-Discovery
Ethernet
Disk Storage (Cache, VB storage etc.) Network
I/O
BRKAPP-1004
TCP Connection Establishment
Attempt Connection
Src port, Dst port
Sequence Number TCP SYN
Window Size, Checksum
Options (MSS, SACK, etc.) Acknowledge Connection
Attempt Connection
Src port, Dst port
TCP SYN, ACK Sequence Number
Acknowledgement Number
Options (MSS, SACK, etc.)
Acknowledge Connection
Sequence Number
Acknowledgement Number TCP ACK
Options (MSS, SACK, etc.)
GET HTTP/1.1 APPLICATION DATA
2007 Cisco Systems, Inc. All rights reserved. WAAS v4.09 (in latest Cisco template)1-10
TCP Flow Optimization (TFO)
Improves application throughput
Improves existing WAN bandwidth utilization
Shield end-nodes from unruly WAN conditions
Bandwidth scalability - help certain applications fill-the-pipe
Connection fairness - ensure bandwidth is allocated fairly amongst flows
Loss mitigation - selective acknowledgement and retransmission
Slow-start mitigation - improve connection setup time
TCP Proxy architecture provides LAN-like TCP behavior and provides higher levels of
compression than per-packet compression
TFO provides adaptive buffering to help ensure that connections requiring additional
memory can achieve higher throughput automatically without compromising on
fairness
DRE WAN DRE

PLZ PLZ
TCP TCP TCP TCP

LAN-like TCP Behavior Optimized TCP Connections LAN-like TCP Behavior
BRKAPP-1004
Selective Acknowledgement
Standard TCP implementations acknowledge receipt of data by

acknowledging that the entire window has been received.
Loss of a packet causes retransmission of the entire TCP window,
causing performance degradation as the window becomes larger.
Transmit Receive
3 2 1 2 1
ACK
Retransmit
3 2 1 3 2 1
ACK 3 2 1
BRKAPP-1004
Selective Acknowledgement (Cont.)
Cisco WAAS employs Selective Acknowledgement and

extensions to improve acknowledgement of transmitted
data, improve delivery of missing segments, and
minimize unnecessary retransmission.
WAN
Transmit Receive Transmit Receive

3 2 1 3 2 1 3 2 1 2 1
ACK ACK 2 1
Retransmit Transmit Receive
3 3 2 1 3 2 1 3 2 1
ACK 3 2 1 ACK
BRKAPP-1004
TCP Performance Challenges
Bandwidth Starvation for Short-Lived

Connections
Inability to Use Available Bandwidth
cwnd
TCP
Slow Start Congestion Avoidance Time (RTT)
Inefficient Response to Packet

Loss/Congestion
BRKAPP-1004
WAAS TFO
Cisco TFO Provides Significant Throughput
Improvements over Standard TCP Implementations
BRKAPP-1004
Comparing TCP and TFO
Cisco TFO provides significant throughput

improvements over standard TCP implementations
TFO
cwnd
TCP
Slow start Congestion avoidance Time (RTT)
BRKAPP-1004
Advanced Compression
Data Redundancy Elimination (DRE):

Application-agnostic compression
Up to 100:1 compression
Persistent LZ Compression:
Session-based compression
Up to an additional 10:1 compression even after DRE
LZ
WAN LZ
DRE DRE
Synchronized
Compression
History
BRKAPP-1004
Data Transfer With Compression
WAN
BRKAPP-1004
DRE : A Fully Chunked Message
Level-0 Chunk Level-1 Chunk Level-2 Chunk Level-3 Chunk

Basic Chunk ~1024 bytes ~4096 bytes ~16384 bytes
~256 bytes
ORIGINAL DATA
BRKAPP-1004
DRE Pattern Matching
DRE Database
NO MATCH
NO MATCH
NO MATCH
NO MATCH
Original
Original Encoded
Encoded
Message
Message Message
Message
BRKAPP-1004
Simple Transparent In-path Deployment
Simple Plug-and-Play Deployment Remote
Office
Physical in-path deployment between switch
and router or firewall requires no network
changes
Mechanical fail-to-wire upon hardware,
software, or power failure
Scalability and High Availability
Two two-port fail-to-wire groups provides
support for redundant network paths and
asymmetric routing
Serial in-path clustering with load-sharing and
fail-over
Seamless Transparent Integration
Transparency and automatic discovery WAN
802.1q VLAN trunking support
BRKAPP-1004
Supported on all WAE appliance models
Network-Integrated Off-path Interception
Transparent integration and automatic Remote
discovery regardless of interception Office
method
WCCPv2 Interception
WAE
WAE
Active/active clustering supports up to 32 Cluster
Cluster
Original
Original
WAEs and 32 routers with automatic Flow
Flow
load-balancing, load redistribution, fail-
over, and fail-through operation
Near-linear scalability and performance
improvement when adding devices
Interception
Interception
Policy-Based Routing Interception Redirection
Redirection
Monitoring
Monitoring
Optimized
Optimized
Routing of flows to be optimized through a Flow
Flow
Cisco WAE as a next-hop router
WAN
Active/passive clustering provides high
availability and failover using IP SLAs as
a tracking mechanism
BRKAPP-1004
Cisco WAAS Auto-Discovery
Cisco WAAS devices automatically discover one

another and negotiate optimization capabilities
Eliminates the need for complex overlay networks with
tunnels that could double management effort and break
control, security, and monitoring systems
WCCPv2
WCCPv2 WCCPv2
WCCPv2
A
A or
B
B
or PBR
PBR or
or PBR
PBR
WAN
A:B
A:B TCP
TCP SYN
SYN B:A
B:A TCP
TCP SYN/ACK
SYN/ACK A:B
A:B TCPB:A
TCP SYN
TCP
SYN
B:A TCP SYN/ACK
SYN/ACK A:B
A:BB:A
TCP
TCP
B:A TCP
SYN
SYN
TCP SYN/ACK
SYN/ACK
(marked)
(marked) (marked)
(marked) (marked)
(marked)
ACCELERATION
II would
would like
ACCELERATION like II know
Acknowledge
know WAE1
WAE1 is
Acknowledge is
WAE1 CONFIRMED!
to
to accelerate
CONFIRMED!
accelerate WAE2 in
in the
Acceleration!
the path,
path, lets
Acceleration!
lets
this
this connection!
connection! Hereaccelerate!
Here are
are my
my details
accelerate! details
Here
Here are
are my
my details
details
BRKAPP-1004
Cisco WAE Disk Encryption
Cisco WAE Disk Encryption Standards-Based Strong Encryption
Optional feature applied against data Follows FIPS 140-2 level 2 specification
partitions within the WAE to mitigate with certification to follow
concern of data theft due to stolen drives
or physically compromised WAE devices 256-bit Advanced Encryption Standard
(AES) cipher, which is the standard for US
Keys fetched from CM upon boot and Government data protection and the
stored in memory only, WAE will pass- strongest commercially-available
through if keys are unavailable encryption
Keys synchronized amongst Central Cisco WAAS is In Evaluation with
Managers to ensure high availability Common Criteria certification
Cisco WAAS
Central Manager
WAN
Fetch Disk Encryption

Key and Store in RAM
Remote Office Disk
Data Center
Disk Disk
BRKAPP-1004
Agenda

Summary
Q&A
BRKAPP-1004
CIFS Application Optimizer
Click for More Details
Problem
CIFS is a "chatty" protocols and when used in an environment with high latency,
packet loss, and bandwidth constraints such as a WAN, file server access over the
WAN is significantly diminished.
Solution
File and Metadata caching Benefits
Read-ahead Enable consolidation of distributed file
and print resources into the data
Message pipelining center without compromising
Scheduled preposition to pre-populate performance.
Offload of Data Center Servers
Transparent integration
Dedicated CIFS cache (SMS
distribution point, user home area)
WAN
Files
FILE.DOC
Cache
BRKAPP-1004
New
HTTP Application Optimizer Click for More Details

Problem
Slow page load on Interactive Web applications
Browsers serially open and close connections to fetch small objects (e.g graphics)
Latency in a connection open/close could be higher than object transmit time.
Solution
Fast Connection Reuse - Optimized connections on the WAN remain active for a short period of time to be re-
used should additional data between the client-server pair need to be exchanged
Proxy Connect to SSL Servers Each HTTP request is being inspected and forwarded to the HTTP or SSL AO
or general optimization
Benefits
This eliminates the latency caused by establishing multiple connections between clients and servers
Tuned to offset connection bursts
Bounded session and idle timeouts
Transparency is maintained
Only same pair of client and server requests are reused
Compliments and preserves http application pipelining
Connect (SYN, SYN-ACK, ACK)

HTTP Request
HTTP Response
Connect
HTTP Request
HTTP Response
BRKAPP-1004
Available in WAAS 4.1.3
The Need for SSL Acceleration

WAAS optimization benefits are maximized only when applied to
decrypted payload
WAN
SSL Handshake
session key derived
Encrypted Data Exchange
BRKAPP-1004
Available in WAAS 4.1.3
Cisco WAAS SSL Optimization Solution

Core WAE acts as a Trusted Intermediary Node for SSL requests by client
Private Key and Server Certificate are stored on the Core WAE device
Core WAE participates in SSL Handshake to derive session key
Distributes the session key securely in-band to the Edge WAE over the
established connection between the Edge WAE and Core WAE
Edge WAE Send session key

Core WAE
Transparent
Secure Channel
SSL Handshake SSL Handshake
WAN
Original
Original Data
Data -- Encrypted
Encrypted Optimized
Optimized &
& Encrypted
Encrypted Original
Original Data
Data -- Encrypted
Encrypted
SSL Session Client to Core WAE (WAAS) SSL Session Core WAE to Server
- Core WAE: Server Private Key
BRKAPP-1004
Agenda

Summary
Q&A
BRKAPP-1004
Virtualized App Delivery for Branch Office New
Cisco WAAS 4.1 with Virtual Blade Technology

Centralize what you can with WAAS
Locally host services (e.g. Windows Server) on same WAAS device
Flexible, Optimized Branch IT Data Center
Cisco WAAS
Local
Backup Storage
Users WAN
Business and
Servers Communication Apps
Cisco
WAAS
Router Storage Backup
Cisco WAAS Virtual Blade Technology

Providing Best Mix of Distributed and Centralized IT Services
Validated by Microsoft for Windows Services
BRKAPP-1004
Virtual Blade Sample Flow New
Allocate Resources and Deploy Image
Allocate resources and start Virtual-Blade instance

Easy & Simple - from WAAS CM or from CLI
Centrally deploy server image over to WAE

From CLI or WAAS CM, using FTP or HTTP
Remote Office
VV V
BB B Data Center
12 3 ISR
WAASAppliance WAN
Remote Office WAAS

Appliance
VVV
BBB
1 2 3 ISR
WAASAppliance
BRKAPP-1004
Agenda

VPN Optimization with WAAS Mobile
Summary
Q&A
BRKAPP-1004
Cisco WAAS Mobile Network Layout
WAAS
Branch Office WAN
Large Campus
WAAS OR
WAAS Data Center
Regional
WAAS
Office WAAS Mobile
Mobile Server
Server VPN
VPN Internet
International Domestic
Mobile User Mobile User
WAAS Mobile SW
WAAS Mobile SW over VPN
over VPN
BRKAPP-1004
Cisco Wide Area Engine (WAE)
The Cisco WAE Appliances are designed to address

varying customer needs, from very small branch offices
to massive data center deployments, and offer the
highest single-device and clustered-device scalability in
the industry
BRKAPP-1004
Cisco WAAS Router Modules
The Cisco Wide Area Application
Services (WAAS) network
modules provide integrated WAN
optimization with Cisco Integrated
Services Routers (ISR), enabling
you to implement full feature WAN
NME-WAE optimization while minimizing total
Router-Integrated Network Module
for the Cisco Integrated Services Router
cost of ownership
Can be clustered with WCCPv2,

PBR, and is supported in ISR
models 2811, 2821, 2851, 3825,
Cisco Integrated Services and 3845
Router (ISR) Series
Reduce Branch Reduce Cost with Single Box Solution for

Footprint Integrated Support Voice, Security, Wan Opt
BRKAPP-1004
WAAS Virtual Blades-Capable Branch New
Appliances
Cisco Wide Area
Virtualization Engine
WAVE-274 Appliance (WAVE) appliances extend
the Cisco WAN optimization
appliance portfolio to provide
WAVE-474 Appliance
the industry's only branch-
office appliance family that
incorporates comprehensive
WAN optimization,
WAVE-574 Appliance embedded virtualization for
local hosting, and branch-
office video delivery.
WAE-674 Appliance
BRKAPP-1004
Cisco WAAS Branch Platforms
Max Opt Number
Hardware Drive Memory WAN Capacity
TCP Inline cards of Virtual RAID
Configuration (GB) (GB) (Mbps)
Conn Blades
NME-WAE-302 250 N/A N/A 80 N/A .5 4
NME-WAE-502 500 N/A N/A 120 N/A 1 4
NME-WAE-522 800 N/A N/A 160 N/A 2 8
WAVE-274 200 2-port 1 250 N/A 3 2
WAVE-474 400 2-port 1 250 N/A 3 4
WAE-512-1GB 750 4-port N/A 250 RAID-1 1 8
WAE-512-2GB 1,500 4-port N/A 250 RAID-1 2 20
WAVE-574-3GB 750 2-port/4-port 1 500 RAID-1 3 8
WAVE-574-6GB 1,300 2-port/4-port 3 500 RAID-1 6 20
WAE-674-4GB 2,000 4-port 1 600 RAID-5 4 45
WAE-674-8GB 6,000 4-port 3 600 RAID-5 8 90
* Final recommendations requires a detailed sizing exercise that include application traffic mix, traffic characteristics, application load and other factors
mentioned in the sizing guidelines.
BRKAPP-1004
Cisco WAE Family
Data Center Platforms
Hardware Max Opt Fan- Memory WAN Capacity
Inline cards Drive (GB) RAID
Configuration TCP Conn Out (GB) (Mbps)
WAE-674-8GB 6,000 4-port 600 RAID-5 200 8 90
WAE-7341 12,000 4-port 900 RAID-5 1400 8 310
WAE-7371 50,000 4-port 1500 RAID-5 2800 24 1000
Replicator Mode
WAE-7341 2,500 4-port 900 RAID-5 4 8 310
WAE-7371 5,000 4-port 1500 RAID-5 9 24 1000
WAE-7341 WAE-7371 WAE-674

Enterprise Data Center Appliance Enterprise Data Center Appliance Enterprise Appliance
* Final recommendations requires a detailed sizing exercise that include application traffic mix, traffic characteristics, application load and other factors
mentioned in the sizing guidelines.
BRKAPP-1004
Agenda

VPN Optimization with WAAS Mobile
Summary
Q&A
BRKAPP-1004
BRKAPP-1004

WAAS Basic PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

WAAS Basic PDF

Загружено:

Авторское право:

Доступные форматы

Cisco Wide Area

Enterprise Application Delivery Challenges

Applications perform well in LAN:

Applications perform poorly in WAN:

Enterprise Application Delivery Challenges

Email Microsoft Exchange

Web and HTTP

Software Microsoft SMS

Enterprise Microsoft SQL

Backup Microsoft NTBackup

Enterprise Application Delivery Challenges

Cisco WAAS Product Architecture

Platform Management and Services

Cisco WAAS Operating System

GET HTTP/1.1 APPLICATION DATA

DRE WAN DRE

TCP TCP TCP TCP

Standard TCP implementations acknowledge receipt of data by

Cisco WAAS employs Selective Acknowledgement and

Transmit Receive Transmit Receive

Bandwidth Starvation for Short-Lived

Slow Start Congestion Avoidance Time (RTT)

Inefficient Response to Packet

Cisco TFO provides significant throughput

Slow start Congestion avoidance Time (RTT)

Data Redundancy Elimination (DRE):

Level-0 Chunk Level-1 Chunk Level-2 Chunk Level-3 Chunk

802.1q VLAN trunking support

Cisco WAAS devices automatically discover one

Fetch Disk Encryption

Enterprise Application Delivery Challenges

HTTP Application Optimizer Click for More Details

Connect (SYN, SYN-ACK, ACK)

The Need for SSL Acceleration

session key derived

Encrypted Data Exchange

Cisco WAAS SSL Optimization Solution

Edge WAE Send session key

SSL Handshake SSL Handshake

Enterprise Application Delivery Challenges

Cisco WAAS 4.1 with Virtual Blade Technology

Router Storage Backup

Cisco WAAS Virtual Blade Technology

Allocate Resources and Deploy Image

Allocate resources and start Virtual-Blade instance

Centrally deploy server image over to WAE

Remote Office WAAS

Enterprise Application Delivery Challenges

The Cisco WAE Appliances are designed to address

Can be clustered with WCCPv2,

Reduce Branch Reduce Cost with Single Box Solution for

NME-WAE-302 250 N/A N/A 80 N/A .5 4

NME-WAE-502 500 N/A N/A 120 N/A 1 4

NME-WAE-522 800 N/A N/A 160 N/A 2 8

WAVE-274 200 2-port 1 250 N/A 3 2

WAVE-474 400 2-port 1 250 N/A 3 4

WAE-512-1GB 750 4-port N/A 250 RAID-1 1 8

WAE-512-2GB 1,500 4-port N/A 250 RAID-1 2 20

WAVE-574-3GB 750 2-port/4-port 1 500 RAID-1 3 8

WAVE-574-6GB 1,300 2-port/4-port 3 500 RAID-1 6 20

WAE-612-2GB 2,000 4-port N/A 300 RAID-1 2 45

WAE-612-4GB 6,000 4-port N/A 300 RAID-1 4 90

WAE-674-4GB 2,000 4-port 1 600 RAID-5 4 45