Transforming the Enterprise WAN Edge

© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1

Transforming the Enterprise WAN Edge

Stefan Dyckerhoff

Vice President/General Manager Mid-Range Routing Business Unit

Cisco Systems, Inc.

Interop Las Vegas

May 1, 2008


Agenda

The Evolution of the Enterprise WAN Edge

Drivers for Enterprise WAN Edge Transformation

Framework for the Next Generation WAN

Next Generation WAN Solutions and Benefits

Summary


Evolution of the WAN Edge in Eras…Starting at the Beginning

� Performance

� Protocol support (TCP/IP, IPX, XNS, AppleTalk, DECnet, etc)

� Routing protocol support (RIP, EGP, BGP, IGRP, OSPF, etc)

� Interface/media support (IEEE 802.3, Serial lines (1822, T1, T3, Frame Relay), Token Ring (4mbps, 16mbps), FDDI, etc)

� Boot/Configuration (How long to boot? Where does the config live? How easy is it to configure the box?)

Unified WAN Services

Late Integration Application

Middle Integration Appliance

Early Basic Integration

Transport and PerformanceTransport and Performance


Evolution of the WAN Edge in Eras

� Performance

� Protocol support (TCP/IP, IPX, XNS, AppleTalk, DECnet, etc)

� Routing protocol support (RIP, EGP, BGP, IGRP, OSPF, etc)

� Interface/media support (IEEE 802.3, Serial lines (1822, T1, T3, Frame Relay), Token Ring (4mbps, 16mbps), FDDI, etc)

� Boot/Configuration (How long to boot? Where does the config live? How easy is it to configure the box?)

� Additional routing protocols (EIGRP, BGRP, etc.)

� Additional media support (100Base-T, Gigabit Ethernet)








� Additional routing protocols (EIGRP, BGRP, etc.)

� Additional media support (100Base-T, Gigabit Ethernet)


� Security Appliances

VPN

Firewall

� Application Optimization

Compression

Basic QoS

� Voice Gateway





Transport and Performance




� Security Appliances

VPN

Firewall


Compression

Basic QoS

� Voice Gateway










� Security

VPN

Firewall

� Voice

Gateway

Toll by-pass









� Security

VPN

Firewall

� Voice

Gateway

Toll by-pass


� Security

NAC

IDS

IPS

� Voice

Voice Mail

Conferencing

Call Processing

Voice Scalability

Convergence Applications

802.1x

DMVPN


Software Distribution

Caching

Advanced QoS









� Security

NAC

IDS

IPS

� Voice

Voice Mail

Conferencing

Call Processing

Voice Scalability

Convergence Applications

802.1x

DMVPN


Software Distribution

Caching

Advanced QoS


New Business Drivers

Are Increasing the

Pressure on the Head

End Router

VPN

WAN Internet

WAN

Remote Access VPN

QoS

Small Branch

Site-to-Site VPN

Ap

pli

ca

tio

ns

(e.g

. V

oic

e,

Vid

eo

)

Headquarters







Big Branch Telecommuter


Agenda





Summary


New Business Challenges Leading to Infrastructure Challenges

Business Continuityand Compliance

� Operational complexity

� Demand on network

� Infrastructure cost

� Frequent network upgrades

� Time to deploy new services

� Secure and resilient network

Virtual Workspaceand Globalization

Enterprise WAN—A Critical Part of Network Infrastructure

Data Center Virtualization

CollaborativeCommunications


Enterprise WAN Challenges – An IDC Study

Business Objectives + New IT Careabouts � New Enterprise WAN Requirements

Major CIO Objectives

� Service Levels

� Flexibility & Business Relevance

� IT Operational Expenses

� Client Privacy & Regulatory Compliance

� Business Productivity

Top IT WAN Careabouts *

� Higher performance and scalability

� Network Resiliency – Availability and Security

� Service Capabilities and Quality

� Configuration Flexibility and scalability

� Cost and Complexity

*IDC WAN Survey Study, Jan 2008


L2 Box-BoxRedundancy(HSRP)

WAN

Router

RedundantFirewalls

VPNTermination

Campus/Data Center

Branch

Branch

Internet

GW

Mobile

Remote Worker

Partner

Internet Private Line/MPLS VPN

� WAN Services Aggregation

� Secure Internet Gateway

� Branch Concentration

� Bandwidth/Traffic management

� Metro Ethernet Services

Key Functionalities

� Increasing bandwidth requirements

� High upgrade costs for incremental services

� Management synergies between devices

� Configuration and support complexities

� High recurring operational expenses

� Longer time for deployment

Key Challenges

Requirements for WAN Edge Transformation




Advanced Integrated Services

Late Basic Integration (Application)

Middle Basic Integration (Appliance)






Advanced Integrated Services

Unified WAN Services Unified WAN Services

Performance 1995 2008

Forwarding Rate

50k Mpps 8Mpps

Software Upgrades 2008

Network Impact 2–20 Minutes 50 Milliseconds

19991991

1–10 Minutes


Agenda





Summary



Anytime, everywhere access

System Scalability

Embedded Services

Network Foundation Protection

Unified Threat Management

Encryption Services

Bandwidth Management

Application Optimization

Service-level Intelligence

In-Service Upgrade

System Redundancy

Application Availability

Operational Efficiency

Consolidation

Aggregation

High-Performance Services Integrated Security

Non-Stop Communications Application Intelligence


Technology Adoption and Service Integration

Appliance

MIPS

Platform Integration System Integration

Time to Market

Adoption

Cutting Edge

Critical

Low initially

Co-Processor

Deployability

Chasm

Embedded System

Scalability

Multi-service Integration

The Mainstream Market

The Early Market

Geoffrey Moore : Crossing the Chasm, 1999


High-Performance Services

Business Challenges

� Collaborative tools

� Workforce productivity

� Business agility

� Infrastructure costs

Technical Challenges

� Bandwidth requirements

� Accessibility vs. security

� Service provisioning time

� Operational and training expenses


High-Performance Services—Benefits

Business and IT Benefits

� Instant-on services

� Future-proof provisioning

� Wire-speed services

� Powerful price-performance

� Rapid services integration

� Maximized investment

� Reduced deployment time

� Reduced IT OpEx and CapEx

Solution Benefits

Built-in, Instant-on, High Performance Features


Integrated Security and Application Intelligence – Benefits

Business and IT Benefits

� Instant-on highly available advanced services

� Tight integration of routing & advanced services

� Standards based, certified security services

� Business Operation Efficiency

� Safeguards Client Confidentiality

� Lowers Deployment and Upgrade Costs

� Ensures Regulatory Requirements

Solution Benefits

Built-in, Instant-on, Full WAN Protection Features


Agenda





Summary


Next Generation Managed Services

Instant-on Service Delivery

� ‘Pay per use’ service activation

� Adaptive licensing for additional capacity, performance, features

� Instant “turn-on” of new services without hardware upgrades

� Key Services

Managed WAN Connectivity

Managed VPN services

Ethernet Services

Application Optimization Services

Intelligent Service Pairing

Customized service delivery

� Optimized Routing (PfR)

� Application awareness (NBAR)

� Hierarchical QoS

Personalized Managed Services

� Firewall services

� Secure SBC services

� IPv6 multicast services

1 2


WAN

Multi-service, Secure WAN Aggregation Services

Headquarters

Big BranchSmall Branch

Internet

Telecommuter

Ap

pli

ca

tio

ns

(e

.g.

Vo

ice

, V

ide

o)

Solution

Benefits

� Secure, scalable WAN Aggregation router

� Scalable: 10K site-to-site and remote tunnels, multi-gigabit IPsec encryption with services enabled

� Key Attributes: IPsec, VPN services, Application Intelligence

� Need to readily adapt to new business requirements

� Long qualification time for new deployments

� Need proactive and pervasive integrated security services

� Regulations requiring confidential communications

Business Problem

� Scalable solution to meet bandwidth requirements

� Reduced maintenance and lower TCO with one device

� Seamless security with minimal loss in performance

� Flexible architecture for a future proof investment

� Simplified network management and fast deployment

Remote Access VPNSite-to-Site VPN


Hub Site

WAN

WAN Edge Integrated Threat Defense Services

Solution

Benefits

� Integrated security: 10Gb Firewall, multi-gigabit encryption services, hierarchical QoS services

� Management/Monitoring: High-speed Netflow v9 logging, Cisco Security Manager, LAN Mgmt Solution, ERSPAN

� Key features: Firewall, NAT, NAC, NBAR, PfR, MPLS VPN, QoS, ACL

� Need security, bandwidth management services at WAN edge

� Need efficient network monitoring and planning

� High performance router as internet gateway for the enterprise

Business Problem

� Wide range of connectivity options (GE/10GE) to the ISP

� Carrier class availability for consistent reliable services

� Simplified network management and fast deployment

� Seamless security with no loss in performanceBranchBranch

Internet

Service

Provider


High-end CPE for Remote Sites and Ethernet WAN Services

Solution

Benefits

� GE/10GE interfaces and redundancy

� Built-in high-performance firewall, NAT, multigigabitIPSec VPN encryption

� Require full integrated services with higher performance

� Need managed WAN connectivity, security and VPN services

Business Problem

� More bandwidth for applications at a cheaper cost

� Scaleable Services at large branch with high performance

� High performance with features enabled—QoS, NAT, ACLs

� Managed or unmanaged high-end CPE

Hub Site

SP

Network

Branch OfficeRemote Sites

Full Service

Ethernet-Connected

High-End CPE

Internet GW

Site-to-Site VPN

QFP

QFP


Application Optimization Services

Solution

Benefits

� Built-in secure application optimization with flexible packet matching

� Hierarchical, scalable classification of applications—very low latency for high-priority applications

� Application integration to increased performance

� Integrate data, voice and video applications to increase WAN functionality and reduce cost

� Ensure performance of high-priority latency-sensitive applications

� Managing internet use policy

Business Problem

� Prioritize business critical applications

� Improved service delivery and application performance over WAN

� Increased application, resource access—anytime, everywhere

Hub Site

SP

Network or

Private WAN

Branch OfficeBranch Office


Summary

The Enterprise WAN Edge is transforming—

and extending

The head-end router must deliver instant-on,

secure, and reliable services

The head-end router must offer simplified

network operation and solid ROI


Thank you for attending

Please stay for your chance to win a GPS


Date post:	30-Oct-2014
Category:	Business
Upload:	digitallibrary
View:	2,457 times
Download:	3 times