Transcription
Bringing the Cloud toRemote Offices: ApplicationVisibility and SurvivabilityMatt BolickTechnical Marketing EngineerJuly 25, 2012 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.1
The Impact of Cloud Applications Cisco Cloud Connectors onePK – The Universal Network API Application Visibility and Control 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.2
DM,H323Windowsor MacBRANCHTHENETWORKOld Priorities: Local application performance File & print sharing Voice quality Web security Media processingDATACENTERMost Interactions are Controlled within LAN via Desktop - PC’s and Phones 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.3
CAMPUSCitrix, WindowsVMWare or ntNew Priorities: WAN/Cloud performance VDI support Video quality Cloud security Management and nteractions are Controlled through WAN by Users with Multiple Devices 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.4
Typical WAN can’t handlemore than 20 VDI sessions90% of organizations backhaul Internet traffic over costlyWAN links for SecurityReduced: Opex andHeadcount to manage ITinfrastructureTypical user of cloudapplication prefers 50ms oflatency- most IT Managerscan’t predict behavior1Hybrid Cloud Islands with noAny to Any VPN connectivity tothe EnterpriseInconsistent policy andvisibility to manage DC,Branch and CloudInfrastructurePrivateCloud /VirtualDesktopPerformance41%SaaS /HybridCloudSecurity35%Private/ HybridCloudOperations13%Need for a Major Architectural Shift in the Network 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.5
2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.6
Delivering Optimal Experience, Pervasive Security, and Simplified OperationsIntegrated Management and PolicyUsersCloud ServicesCloud ConnectorsCollaborationSurvivabilityWebSecurity3rd PartyStorageCloud-Ready Network nApp HostingCloud-Ready ranch Office 2012 Cisco and/or its affiliates. All rights reserved.HQ / Data CenterCloudAll specifications subject to change without notice.7
Definition of a Cloud Connector:A cloud connector is a piece ofsoftware within a branch routerthat improves the performance,security or availability for cloudapplications in remote sites. 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.8
Cloud Connectors bring a piece ofthe cloud into the branch to improve: Performance Security AvailabilityAppsISR with CloudConnectorsCloudISR G2 Services ImproveCloud Performance Further HQoS WAAS AVC PfR 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.9
ScanSafe ConnectorDirect LocalInternet AccessInternetScanSafeConnector on ISRA portion of ScanSafeweb filtering intelligenceis brought into thebranch router. 2012 Cisco and/or its affiliates. All rights reserved.Enterprise HQAll specifications subject to change without notice.10
WEBEX Cloud Connector Cisco SolutionWEBEXWebex CCA service over customer WAN to WEBEXCUCM CUBE deployed at customer and WEBEXCloudCUBEAEnterpriseIP WAN(MPLS)CUBEHeadquarters How does it work?A speical configuration is placed on WEBEX Cloudand on customer premise with CUCM CUBECall to WEBEX numers are routed via SIP to CiscoWEBEX Data Center How is this a connectorCUBEBranchOfficeConnector FunctionCUBEBranchOfficeCUBEBranchOfficeConnector function is a dial-peer on the router that sends calls fromCUCM (inside) to WEBEX (outside). Special configuration on CUCM(ie dedicated SIP Trunk) and WEBEX is required. 2012 Cisco and/or its affiliates. All rights reserved.Dial peer connects the on premise CUCM to Cloudbased WEBEX using SIP with special configurationto associate WEBEX Calls with customer IPAddressing. BenefitsFree audio calls covered by WEBEX subscriptionVoice SLA offered by private IP WANAll specifications subject to change without notice.11
Cloud Storage Connector (PoC)MSP Admin PortalEnd-User Virtual Portal Manage end-user accounts,service provisioning and billing Users access their own cloudbackups and folders, restoreand share files.MSP NetworkCisco ISR G2 andUCS E-Serieswith Cloud StorageGatewayCloud storage iscached in the branch.Branch files are backedup to the cloud. 2012 Cisco and/or its affiliates. All rights reserved.Backup Agent forRoaming LaptopAgent-Less SolutionBranch OfficeAll specifications subject to change without notice.12
CloudConnectorVMVMVMBuild-Your-Own Cloud ConnectorUCS-E SeriesISR Host Router 2012 Cisco and/or its affiliates. All rights All specifications subject to change without notice.13
Compact, Multipurpose Blade Housed in ISR G28 GB - 48 GBDRAM OptionsMaximum 130 W Power Draw80% Less Than ServerRemote andSchedulable PowerManagementIntel Xeon E5-2400 quadcore or six-core processoriSCSI InitiatorHardware OffloadLights OutConfiguration& MGMTThroughCIMCFront-panel VGA, 2 USB, and serialconsole connectorsTwo SD cards: one for the CIMC andtemporary storage of OS and one for ablank virtual driveTwo External and Two Internal GE Portswith TCP/IP Acceleration 2012 Cisco and/or its affiliates. All rights reserved.Up to 3 SATA, SAS, SSD harddrives or 2 HDD and a PCIe cardOn board hardware RAID 0, 1 and5 Configuration Options with Hot-SwapCapabilityWire-Free, Plug-and-Play Modularity,Low Shipping Weight (7 lb / 3.2 kg)All specifications subject to change without notice.14
Ensure appropriateservice level for cloudservicesBest-in-Class AppAccelerationVerify the performanceof apps over the WANHosting platform for avariety of services andconnectors 2012 Cisco and/or its affiliates. All rights reserved.PfRQoSWAASIPSLAUCS-EMap services toappropriate WAN linksMedianetAVCTools tailored to theneeds of collaborationapplicationsRevolutionaryapplication recognitionand reporting toolsOnePKPowerful connectivitybetween applicationsand network devicesAll specifications subject to change without notice.15
2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.16
CLIVast Toolkit FamiliarMany knobsControlled AccessSpecial Purpose InterfacesXMLAAACDPNot Vast Enough Gaps Inconsistencies Not programmaticSyslogRouting ProtocolsNetflowSpan 2012 Cisco and/or its affiliates. All rights reserved.Data PlaneAll specifications subject to change without notice.17
ConsistencyAcrossPlatformsRich a PlaneInteractionInterfacesData Plane 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.18
Innovate Leverage and extend the infrastructure in pace withbusiness needs Allow closed rapid in enterprise innovation cyclesQuickly Quickly develop systems and applications thatleverage the deployed base of Cisco switches androutersOne Time Reduce development/deployment times – “writeonce, deploy anywhere”With LessChurn Extend/upgrade/add features without upgradingOS Consolidate services / reduce hardware footprint 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.19
1) Write AnAppApplication2) AppTalks ToDevices3) DevicesDo Stuff 2012 Cisco and/or its affiliates. All rights reserved.IOSIOSd/XEXRNX-OSAll specifications subject to change without notice.20
Application1) Write AnAppCAPIs2) AppTalks ToDevices3) DevicesDo StuffJavaAPIsPythonAPIsThrift / AbstractionNetworkAbstractionIOSIOSd/XEXRNX-OS 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.21
BaseElementUtilitiesDiscoveryDeveloper Element Capabilities Configuration Management Interface/Ports Events Location Information Syslog Events and Queries AAA Interface Netflow Events DHCP Events Network Element Discovery Service Discovery Topology Discovery Debug Capabilities Tracing Interfaces Management ExtensionsData PathPolicyRouting Packet/Flow Classifiers Copy/Punt/Inject Statistics Interface Policy Interface Feature Policy Forwarding Policy Flow Action Policy Protocol Change Events RIB Table QueriesIntegrated ValueExtensionsLISPIdentity Mapping Server Resolver Registration Discovery/Security Authentication Events End point identity Device Type Identity and location 2012 Cisco and/or its affiliates. All rights reserved.DiagnosticAnalysis pathtrace/IAMP Interface Custom collectors Custom collection profilesAnd More!All specifications subject to change without notice.22
2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.23
2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.24
crypted, Day-ZeroBehavioralClassificationP2P, VoIP, Skype, VoIPMPE – Multi-PacketEngineRTP, Skype, BittorrentStatefull (flow based)L7 SignaturesStateless L4Port basedHTTP, NNTP, POP3Telnet, SNMP, SSHNo protocolClassificationYear1990 2012 Cisco and/or its affiliates. All rights reserved.200020102020All specifications subject to change without notice.25
IOS PAFNFISR G2ASR1KISR G2ASR1KApp Visibility &User Experience ReportISR G2AppBWTransaction TimeWebEx3 Mb150 ms Citrix10 Mb500 ms NFv9ASR1KHighMedLowReporting ToolsDeep PacketInspectionDPI engine (NBAR2)identifies applicationsusing L7 signatures 2012 Cisco and/or its affiliates. All rights reserved.Reporting ToolPerf. Collection &ExportingISR G2 & ASR collectapplication bandwidthand response timemetrics, and export tomanagement toolReporting ToolAdvanced reportingtool aggregates andreports applicationperformanceControlUse QoS or PfR tocontrol applicationnetwork usage toimprove applicationperformanceAll specifications subject to change without notice.26
How do Iensure mySLA is metMy email isslow!WANMy queryis takinglong time!Data CenterBranchNFv9 2012 Cisco and/or its affiliates. All rights reserved.Reporting ToolAll specifications subject to change without notice.27
Cisco Prime AssuranceManager (PAM)Cisco Prime NAMNewCisco Insight Support application visibilityreport and response time Support ISR G2, ASR, andWAAS Application visibility report Multi-tenant with role-basedaccessSupportedPlatformASR1K, SCE 2012 Cisco and/or its affiliates. All rights reserved.ISR G2, ASR1K, WAAS,Netflow devices Comprehensive EnterprisePerformance Management withglobal dashboard & drill-down Network infrastructuremonitoring Application visibility report,response time, and medianetperf-mon Configuration through NCSISR G2, ASR1K, WAAS, NAM,Netflow devicesAll specifications subject to change without notice.28
Cloud Connected Solution:http://www.cisco.com/go/cloudconnectedUCS E w.cisco.com/go/onepkApplication Visibility and Control:http://www.cisco.com/go/avc 2012 Cisco and/or its affiliates. All rights reserved.All specifications subject to change without notice.29
Thank you.
WEBEX CUBE Connector Function Connector function is a dial-peer on the router that sends calls from CUCM (inside) to WEBEX (outside). Special configuration on CUCM (ie dedicated SIP Trunk) and WEBEX is required. WEBEX Cloud Connector Cisco Solution Webex CCA service over customer WAN to WEBEX CUCM CUBE deployed at customer and WEBEX Cloud
