Cisco Wide Area Application Services (WAAS) Wide Area Application Services (WAAS) Odd-Rune Moltu...

© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialSession IDPresentation_ID 1

Cisco Wide Area Application Services (WAAS)

Odd-Rune MoltuConsulting Systems [email protected]


Agenda

Enterprise Application Delivery Challenges

Introducing Cisco Wide Area Application Services

Cisco WAAS Product Architecture

Management and WAE Platforms

Summary

Q&A


I/T’s Application Delivery Problem

Distribution ofResources

Distribution ofResources

Data center consolidationData center consolidation

Increasingly distributed workforce drives need for distribution of I/T resources to remote locations

Enable productivity

Drive revenue and profits

Increasingly distributed workforce drives need for distribution of I/T resources to remote locations

Enable productivity

Drive revenue and profits

Data protection, availability, compliance, and management drives need for consolidation

Fewer devices to manage

Fewer points to protect

Data protection, availability, compliance, and management drives need for consolidation

Fewer devices to manage

Fewer points to protect

PrimaryData CenterPrimary

Data CenterRemote OfficesRemote Offices

Regional OfficesRegional Offices

Home OfficesHome Offices

SecondaryData CenterSecondaryData Center


The WAN Is A Barrier To Consolidation

Applications generally performwell in LAN environments as few barriers exist to application performanceHigh bandwidth

Low latency

Reliability

WAN characteristicshinder performance andconsolidation effortsAlready congested

Low bandwidth

Latency

Packet Loss

Round Trip Time (RTT) ~ 0mS

Client LAN Switch Server

Round Trip Time (RTT) ~ many many milliseconds

ServerClient LAN SwitchLAN Switch

WAN


The Impact of Latency and Loss

1.544Mbps

500Kbps

Coefficient of Latency and Loss

Thro

ughp

ut

ActualActual

ExpectedExpected

Low

5.02.1

pRTTMSSR =

R : Average Throughput

MSS: Packet Size

RTT: Round-Trip Time

P : Packet Loss

High


Agenda





Summary

Q&A


Cisco WAAS - Overcomes the WANCisco WAAS is a solution that leverages a hardware footprint (WAE) in the remote office and in the data center to overcome application performance problems in WAN environments and enable infrastructure consolidation

Data Center

Remote Office

Remote Office

Remote Office

WAN

Optimized Connections


Optimized ConnectionsOptimized Connections




Cisco WAAS - Accelerates Applications

* Performance improvement varies based on user workload, compressibility of data, and WAN characteristics and utilization. Actual numbers are case-specific and results may vary. Cisco WAAS can employ optimization on almost any TCP-based application.

Category Applications 2X 5X 10X 25X 50X 100X+

File Sharing CIFSNFS

Email Microsoft ExchangeLotus NotesInternet Mail

Web andCollaboration

HTTPWebDAVFTPMicrosoft Sharepoint

SoftwareDistribution

Microsoft SMSAltirisHP Radia

EnterpriseApplications

Microsoft SQLOracle, SAPLotus Notes

BackupApplications

Microsoft NTBackupLegato NetworkerVeritas NetbackupCommVault Galaxy

Data Replication EMC SRDF/AEMC IP ReplicatorNetApp SnapMirrorData DomainDouble-TakeVeritas Vol Replicator

2-20X Avg >100X Peak

2-5X Avg 20X Peak

2-10X Avg 100X Peak

2-20X Avg >100X Peak

2-5X Avg 20X Peak

2-10X Avg 50X Peak

2-10X Avg 50X Peak


Cisco WAAS - Seamless Integration

Transparency ensures compliance with critical network features to provide the industry’s only holistic and secure optimization, visibility, and control solutionQuality of Service (QoS)

Classification, NBAR, markingPolicing, shaping, queuing, WREDLFI, header compression

Network ManagementNAM, PVM, NetFlowNetQoS, IP SLA

SecurityIOS Firewall, IDS, IPS, ACL, VPN

Optimized RoutingNetwork Path Affinity (NPA)Optimized Edge Routing, PBR

SrcIP 1.1.1.1DstIP 2.2.2.2

SrcPrt 1434DstPort 80 APP DATA

WAN

SrcIP 1.1.1.1DstIP 2.2.2.2

SrcPrt 1434DstPort 80 optimized

Cisco Integrated Services Router

Cisco Wide Area Application Services

Quality of Service (QoS)Network Analysis/NetFlowIOS FirewallIntrusion Prevention

Optimized Edge RoutingPolicy Based RoutingIP Service Level AgreementsVPN

Application AccelerationAdvanced Compression

Transport OptimizationWide Area File Services


Cisco WAAS, QoS, and Enterprise VoIPCisco WAAS enables enterprise VoIP deployments by easing the contention for available bandwidth resources and complying with network-based end-to-end QoS

WAN

Without WAAS(QoS only)

WAN

VoIP

Scavenger

Email

ERPVoIP

Scavenger Email ERP

AdditionalAvailableCapacity!

With WAASand QoS


Agenda





Summary

Q&A



Cisco WAAS Operating System

Local CMS Process

Disk Encryption

Network Interception CLI, Device GUI

Bypass SNMP, Syslog

Application Traffic Policy (ATP) Manager

PrintServices

ApplicationAccelerators

Layer-7Transport Flow Optimization (TFO)

Persistent LZ Compression (PLZ)

Data Redundancy Elimination (DRE)

Enterprise-class x86 Hardware Platform

Network InterfacesDisk Storage


Application-Specific Acceleration

Application and Protocol AwarenessMinimize chatter through protocol proxy-caching, read-ahead, write-behind, and other optimizationSafe caching preserves coherency, integrity while improving performance and saving WAN bandwidthScheduled preposition enables intelligent distribution of large objects to improve performance

Intelligent Server OffloadCaching and optimizations minimize workload on accelerated servers enabling consolidation along with centralizationConsolidation enables the ‘green data center’ and power/cooling/space savings

WAASv4 Application AcceleratorsCIFS (Windows File Services)Windows printing

Remote Office Data Center

WAN

Object Cache VerificationSecurity and ControlWAN Optimization

Server Safely OffloadedFewer Servers NeededPower/Cooling SavingsLAN-like Performance

WAN Bandwidth Savings


Advanced Compression

Cisco WAAS advanced compression nearly eliminates the transmission of redundant data patterns and compresses data thatmust traverse the WAN to improve application performance and save bandwidth

Data Redundancy Elimination (DRE): application-agnostic compression eliminates redundant data from TCP streams providing up to 100:1 compression

Persistent LZ Compression: session-based compression provides up to an additional 10:1 compression even for messages that have been optimized by DRE

DRE DRE

LZ LZ

SynchronizedCompression

History

WAN


TCP Optimization

Cisco WAAS employs TCP optimization to improve application throughput and better leverage existing WAN bandwidth capacity and shield end-nodes from unruly WAN conditions

Bandwidth scalability - help certain applications ‘fill-the-pipe’Connection fairness - ensure bandwidth is allocated fairly amongst flowsLoss mitigation - selective acknowledgement and retransmissionSlow-start mitigation - improve connection setup time

TCP Proxy architecture provides LAN-like TCP behavior andprovides higher levels of compression than per-packet compression

LAN-like TCP Behavior

WAN DREPLZ

DREPLZ

TCP TCPTCP TCPLAN-like TCP BehaviorOptimized TCP Connections


Combined Power of TCP Optimization and Advanced Compression

WAN

LAN-LikeThroughput

Bandwidth SavingsFewer Roundtrips

Thro

ughp

ut

Throughput

60Mbps

10 Mbps

20 Mbps30 Mbps40 Mbps

50 Mbps

01:20 01:21 01:22 01:23 01:24 01:25 01:26

Thro

ughp

ut

Throughput

3 Mbps

.5 Mbps

1 Mbps1.5 Mbps2 Mbps

2.5 Mbps

01:20 01:21 01:22 01:23 01:24 01:25 01:26

LAN Throughput WAN Throughput

Optimization Enabled


Simple Transparent In-path DeploymentRemoteOffice

WAN

Simple Plug-and-Play DeploymentPhysical in-path deployment between switch and router or firewall requires no network changesMechanical fail-to-wire upon hardware, software, or power failure

Scalability and High AvailabilityTwo two-port fail-to-wire groups provides support for redundant network paths and asymmetric routingSerial in-path clustering with load-sharing and fail-over

Seamless Transparent IntegrationTransparency and automatic discovery802.1q VLAN trunking supportSupported on all WAE appliance models


Network-Integrated Off-path Interception

WAN

Optimized Flow

Optimized Flow

OriginalFlow

OriginalFlow

InterceptionRedirectionMonitoring

InterceptionRedirectionMonitoring

WAEClusterWAE

Cluster

RemoteOffice

Transparent integration and automatic discovery regardless of interception methodWCCPv2 Interception

Active/active clustering supports up to 32 WAEs and 32 routers with automatic load-balancing, load redistribution, fail-over, and fail-through operationNear-linear scalability and performance improvement when adding devices

Policy-Based Routing InterceptionRouting of flows to be optimized through a Cisco WAE as a next-hop routerActive/passive clustering provides high availability and failover using IP SLAs as a tracking mechanism


Scalable Data Center Integration

Catalyst6509 w/

ACEModule

Catalyst6509 w/

ACEModule

OriginalFlow

OriginalFlow

OptimizedFlow

OptimizedFlow

Data Center

WAEClusterWAE

Cluster

WANApplication Control Engine (ACE)

Appliance and Catalyst 6500 series module provide industry-leading scalability and performance for the most demanding data center networksSupports from 1Gbps to 64Gbps of aggregate throughput and up to 4M concurrent TCP connectionsCluster management for hundreds of WAE devices provides industry’s most scalable and high-performance WAN optimization solution

Asymmetric OptimizationHost of asymmetric optimizations that complement WAAS and provide single-ended performance and scalability improvementsIncludes intelligent compression, latency reduction for HTTP applications, SSL offload, and TCP connection re-use


Cisco WAAS Auto-Discovery

Cisco WAAS devices automatically discover one another and negotiate optimization capabilities

Eliminates the need for complex overlay networks with tunnels that could double management effort and break control, security, and monitoring systems

WAN

WAE1 WAE2

WCCPv2or PBR

WCCPv2or PBR

WCCPv2or PBR

WCCPv2or PBR

A:B TCP SYNA:B TCP SYN A:B TCP SYN(marked)

A:B TCP SYN(marked)

A:B TCP SYN(marked)

A:B TCP SYN(marked)

I know WAE1 isin the path, let’s

accelerate!

I know WAE1 isin the path, let’s

accelerate!

I would liketo accelerate

this connection!Here are my details

I would liketo accelerate

this connection!Here are my details

B:A TCP SYN/ACKB:A TCP SYN/ACK

AcknowledgeAcceleration!

Here are my details

AcknowledgeAcceleration!

Here are my details

ACCELERATIONCONFIRMED!

ACCELERATIONCONFIRMED!

B:A TCP SYN/ACK(marked)

B:A TCP SYN/ACK(marked)

B:A TCP SYN/ACKB:A TCP SYN/ACK

AA BB


Cisco WAE Disk Encryption

Cisco WAE Disk EncryptionOptional feature applied against data partitions within the WAE to mitigate concern of data theft due to stolen drives or physically compromised WAE devicesKeys fetched from CM upon boot and stored in memory only, WAE will pass-through if keys are unavailableKeys synchronized amongst Central Managers to ensure high availability

Data CenterRemote Office

WAN

Fetch Disk EncryptionKey and Store in RAM

Cisco WAASCentral Manager

Disk Disk

Disk

Standards-Based Strong EncryptionFollows FIPS 140-2 level 2 specification with certification to follow256-bit Advanced Encryption Standard (AES) cipher, which is the standard for US Government data protection and the strongest commercially-available encryptionCisco WAAS is ‘In Evaluation’ with Common Criteria certification


Secure WAN Optimization from Cisco

Security- Stateful Inspection- Firewall Policies- Signature Matching

Control- Classification- Drop or Mark- Policing

Visibility- NetFlow

Intercept- WCCP

Optimize- L7 Acceleration- Compression- Flow Optimization

Secure- Disk Encryption- Firewall Compliance

Routing- Static- Dynamic- Optimized

Security- Stateful Inspection- Firewall Policies- Link Encryption

Control- Shaping

Visibility- NetFlow

WAN

Cisco Integrated Services Router (ISR) - Integrated Security and WAN Optimization

Egress Security,

Control, and Visibility

RouteSelection

Intercept and

Optimize

Ingress Security,

Control, and Visibility

LAN

Cisco WAAS integrates seamlessly and transparentlyinto network security, visibility, and control functions

Cisco WAAS integrates seamlessly and transparentlyinto network security, visibility, and control functions


Agenda





Summary

Q&A


Scalable, Secure Central ManagementCentralized Management

Robust management, monitoring, and reporting for up to 2500 nodes

Device grouping for simplified rollout of configuration changes

Device and system alarms, as well as integration with SNMP and syslog

Secure Management PlatformSSL-encrypted HTTP GUI and intra-device communication

Roles-based Access Control (RBAC) to isolate users to specific capabilities and domains of management

Integrated IOS-like CLI accessible via SSH (also telnet, serial)

High Availability ConfigurationsActive/standby deployments with automatic failover, replication of Central Manager database, and encryption keys


Configurable Comprehensive ReportingDevice Dashboard

Configurable list of reports to display on a device or device-group homepage

Traffic StatisticsOptimized vs pass-through traffic mix including pass-through reasonApplication traffic mix over period of time (hr/day/wk/mo/custom)

Per-Connection StatisticsConnection monitoring shows near real-time view of optimized connections and details

Compression StatisticsBandwidth savings per application over time (hr/day/wk/mo/custom)

Acceleration StatisticsExamine accelerated connections, open files, cached resources, cache hit ratio, and average throughput


Enterprise Performance Monitoring Integration

No optimizationWithout Flow Export Agent (Inaccurate)

Flow Export Agent Enabled (Accurate)

Optimization Enabled

Transparent IntegrationPacket header preservation ensures compliance with enterprise performance monitoring systemsEnables visibility to end-nodes involved in performance data collectionFull compatibility with NetQoS Super Agent and infrastructure to support Cisco PVM and others

Flow Export AgentTransmit connection data to monitoring systems to ensure correct response time analysisEliminates WOC distortion of TCP RTT analysis caused by TCP proxy architectures

Data CenterRemote Office

WAN

TCP Flow Export Agent

Super Agent


Cisco WAAS Router Modules

NME-WAERouter-Integrated Network Module

for the Cisco Integrated Services Router

Provides the lowest CapEx and OpEx; integrates within the ISR; addresses 80 percent of remote branch officesSingle processor system, can be clustered with WCCPv2, PBR, and is supported in ISR models 2811, 2821, 2851, 3825, and 3845

Model NME-WAE-302512MB of RAM, 80GB of diskUp to 4Mbps WAN connections and up to 250 optimized TCP connections

Model NME-WAE-5021GB of RAM, 120GB of diskUp to 4Mbps WAN connections and up to 500 optimized TCP connections

Model NME-WAE-5222GB of RAM, 160GB of diskUp to 8Mbps WAN connections and up to 800 optimized TCP connections

Cisco Integrated ServicesRouter (ISR) Series


Cisco WAAS Appliance FamilyWAE-512 Appliance

Single processor system with 250GB of RAID-1 protected SATA2 disk capacity and optional disk encryption

1GB memory configuration supports 8Mbps WAN connections and 750 optimized TCP connections


WAE-612 ApplianceDual-core processor system with 300GB of RAID-1 protected and hot-swappable SATA2 disk capacity and optional disk encryption



WAE-512 Appliance

WAE-612 Appliance


Cisco WAAS Data Center AppliancesWAE-7326 Appliance:

Dual-core processor w/ 4GB of RAM

Up to 155Mbps WAN connections and 7500 optimized TCP connections

900GB RAID-1 protected and hot-swappable SCSI disk capacity with optional disk encryption

WAE-7341 Appliance:Quad-core processor, 8GB of RAM

Up to 310Mbps WAN connections and 12000 optimized TCP connections

Up to 900GB RAID-5 protected and hot-swappable SAS disk capacity with optional disk encryption

WAE-7371 Appliance:Dual Quad-core processors, 24GB of RAM

Up to 1Gbps WAN connections and 50000 optimized TCP connections

Up to 1.5TB RAID-5 protected and hot-swappable SAS disk capacity with optional disk encryption

WAE-7326Enterprise Data Center Appliance




Data Center Integration with Cisco ACEApplication Control Engine (ACE)

Provides transparent integration of Cisco WAAS into the datacenter, server load-balancing, andasymmetric application optimization

Scales from 1Gbps to 64Gbps, up to 16 million TCP connections

ACE Features and BenefitsCatalyst 6500 series module or standalone appliance form factor

Solution for scaling servers, appliances, and network devices

Virtual partitions, flexible resource assignment, security, and control

Asymmetric application optimization complementing WAAS

Cisco Application Control Engine4710 Appliance Series

Cisco Application Control EngineLinecard for the Catalyst 6500 Family


Cisco’s End-to-End Application Networking Services

Branch Office

Data Center

Branch Office

WAN

Application object cachingApplication latency optimizationProtocol accelerationObject prepositioning

Advanced compression

Data redundancy elimination

Transport optimization

Quality of Service (QoS)

OER, PBR, IP SLA

Application latency optimization

TCP re-use and SSL offload

Server scalability

Virtualization

Optimization in the Branch Optimization in the WAN Optimization in the Data Center

Cisco ANS accelerates application performance by employingthe right optimization at the right location within the network

Cisco ANS accelerates application performance by employingthe right optimization at the right location within the network


Agenda





Summary

Q&A


Why Choose Cisco WAAS?

Industry-leading infrastructure integration including compliance with security architecture, compatibility with existing network control and visibility platforms Most scalable WAN optimization solution with lowest environmental impact - high density appliances with tremendous performance yields less rack space, cooling, and powerServer offload acceleration architecture enables not only centralization but also consolidation of costly servers, therebyenabling capital and operational efficiency and cost savingsHigh performance WAN optimization to reduce bandwidth consumption and maximize throughput, efficiency to significantlyimprove application delivery over the WANRobust and proven secure central management platform scales to meet the needs of the largest organizations while providing visibility to the performance and health data you demandCisco’s world-class 24x7x365 technical assistance center


Q and A


Please Complete Your Session Evaluation!


Date post:	30-Mar-2018
Category:	Documents
Upload:	phamthien
View:	229 times
Download:	3 times

Cisco Wide Area Application Services (WAAS) Wide Area Application Services (WAAS) Odd-Rune Moltu...

Documents