1 2 3 4 Previous Next

Enterprise Networks

50 posts

The Cisco Integrated Services Router is a routing platform designed to provide connectivity and hosting of network services consumed by branch offices. As the product name implies, this platform can run additional or third party network services without the need of deploying new hardware. This is possible thanks to an integrated virtualization environment based on KVM (Kernel-based Virtual Machine).

 

cisco-kvm.png

A KVM machine running on a Cisco ISR is called virtual service. If you are interested in building a generic virtual service for a Cisco ISR, the process is fairly straightforward and well documented in this service containers tutorial (see page 25).

 

In the past few weeks, I have spent some time building a virtual machine for the NetBeez monitoring agent. Here I would like to highlight some benefits of running a virtual services, like a NetBeez agent, on the Cisco ISR platform.

 

Once upon a time …

Before this option, a network administrator who wanted to install a network monitoring agent at a remote office, but didn’t have an on-site dedicated workstation, or any other type of hosting environment (e.g. hypervisor), was out of luck. At NetBeez, to overcome this problem, we decided from the get-go to include the hardware appliance (e.g. Raspberry Pi), if needed, with the NetBeez subscription at no extra cost. This spared the network administrator from having to procure, configure, and maintain the hardware needed to run the NetBeez monitoring agent.

 

netbeez-deployment-768x576.jpeg

Problem solved

Now, the Cisco ISR platform is making this task even simpler, further facilitating and accelerating deployment and management of remote network monitoring agents.

 

I tested the NetBeez virtual service that I built, and it took me less than ten minutes to have the service up and running (excluding the time needed to download the image from the repository). If you have an Integrated Service Router at a remote branch office, you can easily test it yourself. Just take a look at the documentation for installing a NetBeez agent on a Cisco ISR.

 

High-level ISR configuration

Here is a simplified network diagram of the router configuration that I applied during the installation process.

cisco-isr-netbeez-768x585.png

In the configuration that I applied when I tested the NetBeez virtual service, I configured:

 

  • A virtual port group to provide network connectivity to the interface eth0 of the NetBeez virtual service
  • A DHCP pool to give a dynamic IP to the interface eth0 of the NetBeez virtual service (this can also be assigned statically)
  • A static NAT association to the IP assigned to the interface eth0 of the NetBeez virtual service

 

A few commands later, I was able to activate the virtual service and console in the virtual machine. From there, I just followed the NetBeez installation guide for virtual agents.

 

Takeaways

The Cisco ISR is a great solution for remote office because it enables network administrators to install a variety of network services and applications in a short amount of time. On top of that, network administrators have also a simple and accessible way to build and deploy a custom image, improving performance and security of the overall network. If you want to test the NetBeez virtual-server on your Cisco ISR router, submit your request here.

During the last few years, digital technologies have been woven into every aspect of business - accelerating, streamlining, and automating the way we get work done. As digital transformation continues to top the list of business priorities, the enterprise network, which supports these digital initiatives, has also become a central focus. What are the networking architectures that are needed to support digital transformation today? How can IT teams more effectively deploy cloud and software-defined network (SDN) solutions that power businesses’ digital missions?

 

On January 27th at 10:30am PST (1:30pm EST), we’re hosting a #CiscoChat to discuss these questions and more. During the chat, we’ll be joined by industry experts Nolan Greene (@ngreeneIDC), Enterprise Networking Analyst, IDC, and Matthew Marden (@mmarden_IDCBV) Analyst, IDC, who will help offer insights into enterprise networking and what’s on the horizon for the future.


RSVP and get reminders for the Cisco Chat here

 

To participate in the chat:

  • Make sure you’re logged into your Twitter account.
  • Search for the #CiscoChat hashtag and click on the Live tab.
  • The chat will be moderated by Julie McPherson and Lauren Colson on the Cisco Enterprise Networks handle (@CiscoEnterprises) on Twitter. Be sure to follow the account to participate. They will begin welcoming guests at 10:30am PST (1:30pm EST) and posting questions for discussion.
  • For @ replies to specific participants in the discussion, please use a “.” at the beginning of the tweet, so that your question or comment will appear in your public twitter feed.
  • If you need multiple tweets to answer a question, please preface each tweet with “1A, 2A,” etc. in order to make it easier for others to follow along with the conversation.
  • Be sure to use the #CiscoChat hashtag at the end of each tweet, so that others can find your contributions to the discussion.

Don’t forget to bring your own questions to the discussion as well! See you there!


CSCQ416-1_Q4_CiscoChat-Jan27_Social_R1_LI+FB-1200x627-A.jpg

No matter where we go, we’ve come to expect a seamless wireless internet connection at our fingertips — and this is especially true for hotels, casinos, cruises, convention centers, and the like. What’s more, we don’t want just any Wi-Fi connection: We want the best, fastest Wi-Fi connection possible. Little surprise, then, that excellent Wi-Fi is one of the most visible services those in the competitive hospitality industry can provide.

 

For guests, inconsistent signals, complicated log-in procedures, and a lack of support for new mobile devices are simply frustrating. But for hoteliers and other hospitality operators, these Wi-Fi weaknesses aren’t just an annoyance. They’re positively worrisome: They compromise the guest experience and risk customer loyalty.

 

How can the hospitality industry address these Wi-Fi challenges through innovation, while also ensuring a high level of data security for guests? To find out, tune into our next #CiscoChat, on Thursday, December 15th at 12 p.m. PST. There, we’ll be joined by @BlueprintRF as we’ll talk about improving the guest experience through personalization (think ordering systems, in-room media, and lighting), hospitality mobile apps, guest satisfaction analytics, and issues in cybersecurity. We’ll also provide some practical options for your Wi-Fi deployment model. Don’t miss out!

 

CSCQ416-1_Q4_CiscoChat-Dec15_Social_R2_TW-1024x512-A.jpg

Learn how the Cisco Identity Services Engine (ISE) works with Stealthwatch to rapidly detect and contain threats throughout the network.

 

Watch the full TechWiseTV episode

 

Want more? Register for the follow-up online workshop on December 14, 2016!

 

 

 

Guest post by Vikramjeet Singh

 

For the last 5 years, Cisco has been empowering your branch IT networks with DC-class servers. 3000+ customers and growing. Our UCS E-series servers slim down your branch hardware footprint and boost application deployment flexibility with a converged network, compute, and storage platform.

 

Do Even More with Less

In this fast-paced digital world, the digitization of customer experiences and the Internet of Everything require you to run more mission-critical applications on the branch edge. With our new 3rd generation UCS E-series single wide blade, turbocharge your branch compute by 2x (compared to 2nd generation) without huge, power guzzling rack servers or dedicated appliance.

UCSE.png

Figure 1: 3rd Gen. UCS E-series Single Wide 160S-M3

 

For example, let’s take a retail use case. In a typical deployment, a store may run a WAN optimization service such as Cisco virtual WAAS (vWAAS) and a Point-of-Sale (PoS) application on a UCS E-series within an ISR 4000 router. To accommodate guest Wi-Fi, the same blade can also run a virtual Wireless LAN controller (vWLC) to centralize wireless network visibility. And if physical security is monitored through video surveillance, then MediaSense is deployed to support recording, playback, live streaming, and storage of voice, video for business intelligence. Of course, you cannot omit the Intrusion Detection and Prevention System, e.g. FirePOWER Threat Defense either. However, there are two major concerns when deploying a multitude of applications.

  1. Limited compute resources for high performance threat detection solution such as FirePOWER IDS/IPS
  2. Lack of storage capacity which restricts high data storage applications and forces frequent cloud backups, thus further increasing costs

With the 3rd Gen UCS E-series 160S-M3, you don’t need a separate appliance for MediaSense or FirePOWER IDS/IPS. It can run on the same UCS E-series along with vWAAS and the PoS application. Additionally, you can leverage the extra higher storage capacity, up to 4TB, for print servers in large branches, security camera feeds, or any proprietary data intensive applications. By converging more apps into one blade, you reduce both OpEx and CapEx without compromising performance.

 

With UCS E-Series, you can take on compute-intensive applications and high-storage use-cases. See our model comparison chart below for the right specs that meet your specific IT challenges.

Picture1.png

Now that I got you excited, checkout these resources to learn more about Cisco UCS E-series.

    1. Alaskan Bank Virtualizes Branches for Productivity Benefits
    2. Retailer Maximizes Space, Increases Resiliency with Store-in-a-Box
    3. Insurance Company Virtualizes Data Center and Desktops
    4. Swiss SP Courts Clients with Savvy, Affordable Cloud Services
    5. Navaho Partners with Cisco to Capture Virtual Image Storage Market

 

We are working on pretty amazing stuff. Stay tuned for more exciting updates in 2017!

One is a sport apparel retailer while the other is a software company. “What can they possibly have in common?” you may ask. Both have a common IT goal, and that is to extend their enterprise network to AWS cloud, but for very different business outcomes. And both accomplished their goal using the same solution: Cisco Cloud Services Router 1000V


Did you know? Up to 70% of CIOs stated they need cloud solutions to better respond to business needs (Source: 2015, CIO Insight). For that reason, cloud adoption between 2015 and 2016 grows exponentially with as much as 71% of organizations choosing the hybrid cloud approach. See Chart I below.


Chart I: Respondents Adopting cloud – 2016 vs. 2015

Chart 1.png

What are top 3 cloud adoption challenges?
When it comes to extending the enterprise network to the cloud, there are many factors to consider – see Chart II below.


Chart II: Cloud Challenges 2016 vs. 2015

Chart 2.png

Security, no doubt, is among the top. One out of every three organizations shared ensuring a secure connection between the on-prem enterprise network and public and private cloud environments as a top challenge. There are several reasons why.

  1. Inconsistent VPN and firewall policies between on-prem enterprise network and different cloud environment;
  2. Limited connection reliability, e.g. not all cloud solution can support high scale; and
  3. Non-unified network topologies make management and operations error-prone.

Next on the list is integration. With the LAN, WAN and data center network, each having its own set of internal and external network/IP address, management interface/tools and different quantity and set of network services, operations quickly become onerous due to lack of centralization and standardization. The complexity increases multifold when multiple types of on-prem and cloud infrastructure come into the picture. For example, do I have VMWare ESXi, RHEL KVM, Ubuntu KVM, Citrix Xen, and/or Microsoft Hyper-V? And how do they work with Amazon AWS, Microsoft Azure, or any cloud? Quick answer: it should not matter.

Last but not least is the user experience. When the network is confined within an enterprise WAN perimeter, policy enforcement can be automated based on business priorities. Once connected to the cloud, how would network services that were once innate on-prem such as QoS, WAN and application optimization, and firewall be deployed, managed and scaled?

Learn from Under Armour and Adobe
This December, two enterprise customers, Under Armour and Adobe, will share with us their cloud strategy successes in a webinar. Each will highlight its goal, network environments, desired business outcomes, and the chosen solution. Here’s an overview.

Under Armour, Inc. – a multi-billion American sports clothing and accessories company
Its goal: New IT model – a service broker for Line of Business

  • Enable the Application/Marketing/Financial team’s growth
  • Curve the organic growth of ungoverned Shadow IT resources
  • Provide an agnostic platform that facilitates Standard Operating Procedure
  • Augment application owner’s security controls
  • Have visibility to address issues proactively


Adobe Systems, Inc. – a multinational computer software company
Its goal: Adobe Digital Marketing Cloud

  • Provide a comprehensive marketing solution
  • Enable marketers to measure, personalize and optimize digital experiences
  • Attain agility and workload mobility

SAVE A SPOT
Tue, 6 Dec 2016 10:00 AM – 11:00 AM PT (and on-demand)
Join us and learn

  • How Cisco helped simplify Under Armour’s and Adobe’s security management while keeping connectivity costs under control
  • Best practices for monitoring and analyzing application security and performance in the cloud
  • How to implement consistent network policies across hybrid environments

 

Screen Shot 2016-12-01 at 9.46.06 AM.png

Speakers:
Nick M
atthews, Partner Solutions Architect, Amazon Web Services

Fan Yang, Technical Marketing Engineer, Cisco
Carl Coles, Network Architect, Adobe Systems
Patrick Duroseau, Sr. Director Global Infrastructure, Under Armour

 

 


Try It FREE
Test drive the solution yourself in your own environment with a free trial for 30 days on AWS. Cisco CSR 1000V is a complete multiservice cloud networking platform for all deployment types: physical, virtual, and cloud.

 

Key Benefits:

  1. Consistent operations across on-prem network and multi-cloud environments with familiar Cisco IOS-XE software;
  2. Support VMware ESXi, RHEL KVM, Ubuntu KVM, Citrix Xen, Microsoft Hyper-V;
  3. Infrastructure agnostic operations means freedom of choice, no dependency on any specific server or virtual switch;
  4. Elastic scalability with licensing flexibility: throughput up to 10gbps, up to 1000+ connections, and up to 8 virtual CPUs, pay only for what you need; and
  5. Programmable with NetConf/Yang, RESTConf and SSH/Telnet for automated provisioning, management and monitoring.
Screen Shot 2016-12-01 at 9.46.23 AM.png


 

Screen Shot 2016-11-10 at 10.43.52 AM.png

Cisco is pleased to announce Global LTE Cisco LTE 2.5 release now available with IOS 15.6(2)T1, supporting all segments and verticals, including M2M.

 

Additional new key FDD and TDD LTE bands for Asia, Australia, and LATAM with Cisco LTE 2.5 platforms are now orderable.

 

CUSTOMER BENEFITS

  • Primary LTE Wireless WAN link or WWAN IWAN diversity or seamless WAN Backup, e.g. for remote offices, branches, M2M, and retail
  • Quick branch turn-up for instant connectivity of branch (remote) offices, kiosks & ATMs, construction site, retail, small & medium business, and anywhere with cellular coverage
  • Tightly integrated with modular ISR G2, ISR 4000 (including New DNA-Ready platform: ISR4221), and fixed ISR 800 (including M2M), leveraging rich IOS-based security and many other advanced services
  • Network resiliency through IWAN diversity with or without a wired link

 

USE CASES

Higher LTE scalability (CAT4), expansion to additional geographies, segments, and verticals with full, rich IOS

and advanced LTE features set

  • C819G improvements: +30% M2M improved performance with extended operating temperature range

from -20 to +50 degree Celsius (functional up to 55C)

  • Additional New FDD and TDD LTE bands: FDD band 28, 21, 19, 18, 5 and TDD bands 38, 39, 40, 41

New Antenna: 3:1 elements indoor/outdoor or 2:1 indoor low profile 2X2 MIMO antenna with (3:1) GPS in 4 different colors and ease of installation with single 5/8 inch drill hole

 

PERFORMANCE & FEATURES

  • Key features including SMS, standalone active GPS (except C819GW), 4G MIB (3G MIB with full 4G extension), IMS Bearer QOS, Multi-VRF, Multi-PDN, and Multiple Profiles
  • 15-25x faster than 3G and 8x lower latency than 3G; up to theoretical CAT4 150Mbps download speeds, depending on specific SP carrier real live network LTE provisioning and channel bandwidth)
  • Short installation time and rapid deployment; configurable for fail-over from wired WAN in case of wire line outages
  • Easy firmware image switching provisioning from FLASH for fixed LTE platforms (-LA PIDs) with 15.6(2)T1 Universal IOS for all 800 LTE fixed platforms include Advanced IP Services and Dual SIMs support for all fixed platforms including M2M

 

LTE FeaturesDescriptionOrderability
Common CAT4 LTE bands:

Multimode Cisco LTE 2.5 for carriers that operate FDD LTE 700-MHz (band 28), 800-MHz (band 20), 850-MHz (band 5 CLR), 850-MHz (bands 18 and 19 Low), 900-MHz (band 8), 1500-MHz (band 21), 1800-MHz (band 3), 2100-MHz (band 1), or 2600-MHz (band 7) networks; the multimode Cisco LTE 2.5 routers are backward-compatible with Universal Mobile Telecommunications Service (UMTS) and Dual Carrier High-Speed Packet Access Plus (DC-HSPA)+: 800 MHz (band 19 Japan), 850 MHz (band 5), 850 MHz (band 6 Japan), 900 MHz (band 8), 1800 MHz (band 9), 2100 MHz (band 1), and TD-SCDMA 39.

Multimode LTE 2.5 for carriers that operate TDD LTE 1900-MHz (band 39), 2300-MHz (band 40), 2500-MHz (band 41), or 2600-MHz (band 38) networks.

            Multimode LTE 2.5 for carrier aggregation

            band combinations: 1+(8,18,19,21);

            3+(5,7,19,28); 7+(5,7,28); 19+21, 38+38,

            39+39, 40+40, 41+41

GE WAN, 4 LAN Switch Ports, Cisco 12:1 Smart SerialNow
GE WAN, 4 LAN Switch Ports, Cisco 12:1 Smart Serial, dual 802.11n WiFi radioNow
(-N domain, mid-Jan 2017)
2 GE WANs (SFP option), 8 LAN Switch PortsNow
1 GE WAN (SFP option), 8 LAN Switch Ports, ADSL2+/VDSL or G.SHDSLNow
ISR G2 LTE Enhanced High Speed Interface CardNow
ISR 4000 LTE Network Interface ModuleLate Dec 2016
3:1 indoor/outdoor low profile antenna with GPS (dual SMA to TNC Adapters)Now

 

More Resources:

Ø  LTE 2.5 C819G(W) Datasheet

Ø  ISR G2 Page

Ø  ISR 800 Page

Ø  Ordering Guide

Ø  LTE C800G HW Installation Guide

 

Microsoft Azure Government Cloud is an isolated and dedicated cloud platform, which enables government agencies and government approved contractors to host sensitive data. Connectivity from on-premises locations to Azure Government Cloud must be secure, scalable and dynamic.

 

With Cisco CSR1000v now available on Azure Government Cloud, Government Cloud customers can enjoy the same advanced routing and security benefits delivered on Azure public cloud. Cisco CSR1000v provides best in class routing capabilities that support full path encryption with the strongest cipher suites available in the market, L4-L7 firewall capabilities and L7 visibility and control. Using Cisco CSR1000v in concert with the Azure Government Cloud delivers on the value proposition of ensuring Government data receives the protection of Cisco’s security capabilities in the Azure cloud environment they trust.

 

Because Cisco CSR1000V runs full featured Cisco IOS-XE, management of CSR1000V simply becomes another location inside an already deployed Cisco based network and plugs in easily to existing management tools and operations. See below for some FAQs.

 

To launch the CSR 1000V on Azure Government Cloud there is a pre-built solution available to you.  The solution is based on templates we created to ease the deployment of the CSR 1000V on Azure.  The templates allow the solution to deploy different resources at the same time to fully support a CSR 1000V deployment.  The solution details are as follows:

 

  • 2 or 4 Network-Interface-Cards (NICs)
  • VNet configured with two or four subnets, one private or three private and one public
  • Routing tables on each subnet, with user-defined routes, the private subnet will use private-facing interface as the gateway so the VMs behind the router will not have direct access to the internet
  • Enables IP forwarding for each interface
  • Adds UDP port 500 (ISKAMP) and 4500 (NAT-T) in the security group on the public subnet for VPN connections
  • Azure D2 or D3 instance type compute

 

How to Deploy Cisco CSR in Azure Government

Go to the solution templates for 2-NIC and 4-NIC Cisco CSR1000v in Azure QuickStart Repo on Github, found at the links below. They can be found by searching for Cisco CSR1000v, or clicking below. They can be found by searching for Cisco CSR1000v, or clicking below. For step by step deployment instructions for solution templates from Github in to Azure Government Cloud, see our technical documentation.

 

Cisco-1.png

NOTE: you will need an Azure Government Account valid in order to continue. To experience the power of Azure Government for your organization, sign up for an Azure Government Trial.

 

When deploying the CSR 1000V solution on Azure D2 compute specifications are 2 vCPU and 7GB of RAM. With these specifications the CSR 1000V can achieve a CEF throughput of 500Mbps and an IPSec throughput (AES 256) of 150 Mbps.

 

When deploying the CSR 1000V solution on Azure D3 compute specifications are 4 vCPU and 14GB of RAM. With these specifications the CSR 1000V can achieve a CEF throughput of 500Mbps and an IPSec throughput (AES 256) of 500 Mbps.

 

Both offers support up to 1,000 VPN tunnels.

 

How Does Licensing the CSR 1000V Work on Azure Government Cloud?

If you want to connect your enterprise network to Azure the CSR 1000V supports Bring Your Own License (BYOL).  This means you buy a license from Cisco or a partner and install that license to the CSR 1000V running on Azure Government Cloud.

 

Find your local Cisco partner here: https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/openBasicSearch.do

 

To experience the power of Azure Government for your organization, sign up for an Azure Government Trial.

 

If you want to give the CSR 1000V a try on Azure, Cisco offers 60-day demo licenses to all CCO account holders.  If you don’t have an account, you go to this link, and create a guest account.  Once you have a guest account, follow the instructions here for temporarily licensing you CSR 1000V on Azure.

 

You can access this whitepaper to learn more about the integration of Cisco CSR 1000V with Microsoft Azure.

 

To launch the CSR 1000V for Microsoft Azure, please visit the Azure Government Marketplace and search for Cisco CSR 1000V.

 

We welcome your comments and suggestions to help us continually improve your Azure Government experience. To stay up to date on all things Azure Government, be sure to subscribe to our RSS feed and to receive emails, click "Subscribe by Email!" on the Azure Government Blog. To experience the power of Azure Government for your organization, sign up for an Azure Government Trial.

“The whole is greater than the sum of its parts.” – Aristotle

 

You could be excused for missing the press release from ThousandEyes earlier today. They’re an innovative young company with powerful network monitoring technology, but there are a flurry of announcements this time of year and it’s easy to get lost in the shuffle. What they announced today represents the first of many 3rd parties, partners, customers, students and friendly hackers developing applications to run in a Cisco network.

 

A few weeks ago, I wrote about a new technology we’ve been rolling out quietly on the Integrated Services Routers (ISR 4000 Series) and Aggregation Services Routers (ASR 1000 Series). It is really the worst kept secret ever from Cisco because we never really tried. We first introduced virtual machine hosting on routers in 2013 eventually opening up to non-Cisco developers late last year. Since then, dozens of developers (that we know of) have been writing applications for our routers. ThousandEyes is the first of these to launch an officially supported product using the technology.

 

What Makes ThousandEyes Unique

OpenAppImage1.png


Our goal with hosted virtual machines on Cisco Routers is to create an open environment where all developers and applications are welcome. There’s no doubt ThousandEyes has interesting technology, but honestly that’s not why they’re one of the first non-Cisco applications with support on Cisco routers. To find out why they qualified as a great early adopter, you have to look at their customer list, which includes Cisco IT.

 

Imagine working in IT at Cisco. Of all the large enterprise environments you could possibly work in, Cisco’s has got to be the one with the highest stress level. Not only are you responsible for a global network with hundreds of locations and thousands of partners, but you have to do it with some of the smartest people in the industry as end users. It’s the typical enterprise network with demands such as perfect uptime, infinite bandwidth, and instantly responsive applications. For Cisco IT, those users are also inventors that create the technologies running in the network you support.

To keep that network up and running, Cisco IT uses ThousandEyes to triage and get to the root cause of network outages quickly. In the past, they would use a compact PC at Cisco remote offices to host the ThousandEyes agents. These agents constantly collect information about the health of the network, so Cisco IT could spot problems before they occur. This was ugly. The PC didn’t fit cleanly into a rack and it was another device to manage or fail.

 

The Development Process

Cisco IT proactively suggested that ThousandEyes look into running their agent directly on a Cisco router. With the ability to host the ThousandEyes agent directly on the ISR 4K or ASR 1K in remote offices, Cisco IT was able to reduce the footprint of devices they have to support remotely while eliminating one more thing they have to worry about failing. Through moving to an integrated model for the ThousandEyes agent, Cisco IT was able to reduce their mean time to troubleshoot by 43% and their mean time to restore by 8% while reducing the complexities of the remote office.

 

For us as a product development team this was a fantastic opportunity. We could have direct interaction with both the application developers as well as the end users. It allowed us to see firsthand the challenges a non-Cisco developer would face porting their application to run on a Cisco router. We provided ThousandEyes with some early versions of the developer guide that you can find in DevNet right now. We wanted their experience to be as close as possible to what a developer with no special access would go through.

As it turns out, the challenge wasn’t that imposing. Since ThousandEyes already had support for KVM agents, the development work to get their agent running on an ISR was minimal. They had the whole thing working in just a couple days.

 

What Does “Support” Mean

To be completely clear, when an unsigned application runs on an ISR 4000 or an ASR 1000, there is no support for that application from Cisco. This is no different than other hypervisor or hosting environments that you’ll run into.

OpenAppImage2.png

The hypervisor vendor supports the infrastructure and the plumbing that the application needs. In this case the Cisco router provides the network and hypervisor so Cisco supports the hardware along with the IOS-XE operating system that includes the KVM hosting capabilities. Because all Cisco applications carry a Cisco digital signature while all non-Cisco applications don’t, it’s easy to see which applications are supported by Cisco and which are supported by the developer.

Because this is open-source KVM under the hood, there’s also no license required from Cisco or any other group to host an application on the router. KVM is fairly universal across Linux distributions so it should not matter which platform you develop an application or which distribution it runs on top of. Cisco IOS XE happens to use a lightweight Monte Vista distribution for efficiency, but the KVM component is completely standard. Of course the operating system or application within the KVM machine could have licensing requirements depending on what’s inside.

 

OpenAppImage3.png

If you’re a developer, you are not on your own. Cisco DevNet is the primary source for everything you need to develop or modify your application for a Cisco router. There we have developer guides, sample code, useful tools, and a community of Cisco and external developers excited to help make your application a success. If you’ve never taken a look at DevNet, it’s a deep resource with plenty to get you started on whatever project you can dream up.

 

It is the responsibility of the developer to support the application running within that virtual machine. In this case the developer was ThousandEyes. That’s the newsworthy piece about the press release today. The packaging of ThousandEyes agents to run on a Cisco router was not the impressive thing from the press release today.

 


It is the confidence ThousandEyes has in Cisco that justified testing, certifying, and supporting their software on a Cisco router. That shows a level of trust in the infrastructure as well as a market understanding that the network is a compelling place for ThousandEyes agent and will be of interest to their customers. The announcement today is also a validation of openness and extensibility, a pillar of Cisco DNA. With open extensibility now available on Cisco ISR 4000s and ASR 1000s there’s a new world of possibilities to customize the capabilities of the branch router. As a result, it creates a benefit greater than any single vendor’s offer.

Twitter contest.JPGAttending Cisco Live Las Vegas and theEnterprise Networks Innovation Talk on July 13? You could win an Apple Watch – just for tweeting.

 

Here’s how it works:

Answer the question "What is the one wish you have of your network" on Twitter by 6:30pm PT on Tuesday, July 12.

 

Tweet your answer to @CiscoEnterpriseusing #CiscoDNA and #CLUS with your answer.

 

May the best tweet win!

 

The winner will be announced during the Enterprise Networks Innovation Talk, The Future of the Network is Here, on Wednesday, July 13th at 9AM. You must be present at the Cisco Live EN iTalk to be eligible to win and can collect the Apple Watch after the iTalk event.

 

We look forward to seeing you at Cisco Live!, July 10-14 in Las Vegas! Follow the link for more information on all-things Cisco Enterprise Networks at #CLUS.


View the official Terms and Conditions below:


 

 

#CiscoDNA Cisco Live 2016 Twitter Contest

Official Rules

 

NO PURCHASE NECESSARY TO ENTER OR WIN.  A PURCHASE WILL NOT INCREASE YOUR CHANCES OF WINNING.  VOID WHERE PROHIBITED OR RESTRICTED.

 

This Contest (the "Contest") opens on June 29, 2016 at 8:00am Pacific Time and ends on July 12, 2016 at 6:30pm Pacific Time, or if earlier, until there are no more available prizes (the "Contest Period").  Entry into this Contest is acceptance of these Official Rules.  This Contest is sponsored by Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA  95134 USA ("Sponsor" or "Cisco").

 

  1. 1.  ELIGIBILITY.
This Contest is open to participants ("Participants" or “you”) who are age 18 years or older at the time of entry, and are present during The Future of the Network is Here Innovation Talk at Cisco Live in Las Vegas, NV on July 13, 2016 at 9:00am Pacific Time This Contest is not open to: (1) employees or internally contracted vendors of Sponsor or its parent/subsidiaries, agents and affiliates; (2) the immediate family members or members of the same household of any such employee or vendor; (3) anyone professionally involved in the development or administration of this Contest; (4) employees or internally contracted vendors of governments and government-affiliated companies or organizations; or (5) any employee whose employer's guidelines or regulations do not allow entry in the Contest or acceptance of the prize(s).  This Contest is not open to individuals in the province of Quebec in Canada.  In addition, residents of Cuba, Iran, Syria, North Korea, Myanmar (formerly Burma) and Sudan are not eligible to participate. This Contest is void in these countries and where otherwise prohibited or restricted by law.
  1. 2.  HOW TO ENTER.
Answer the question, "What is the one wish you have of your network?" on Twitter by 6:30pm PT on Tuesday, July 12. Tweet your answer to @CiscoEnterprise using #CiscoDNA and #CLUS with your answer. Entries must be received during the Contest Period. Sponsor is not responsible for late, lost, delayed, damaged, misdirected, incomplete, void, corrupted, garbled, illegible, and/or unintelligible entries, or for any problems, bugs or malfunctions Participants may encounter when submitting their entry.  Only complete valid entries will be accepted.  Sponsor will not verify receipt of entries.  Participants must provide all information requested to be eligible to win.  Sponsor reserves the right to disqualify false entries or entries suspected of being false.  Incomplete, unreadable, or unintelligible entries, in the sole discretion of Sponsor, will be disqualified.  All entries submitted become the sole property of Sponsor and will not be acknowledged or returned. JUDGING CRITERIA Cisco Enterprise Networks Marketing team members will be the judging panel. The judging panel will review all entries. The Judging Panel will make their final selection based on the following criteria of the entries: (1) originality and creativity and (2) perceived inspiration or vision
  1. PRIZES.  Subject to the terms of these Official Rules, once confirmed by Sponsor, the winner(s) will receive the following:
One (1) first prize winner will receive an Apple Watch Sport with approximate retail value (ARV) of US$349.00. Limit one (1) prize per Participant.  The approximate retail values are subject to change based on current market conditions at the time of prize fulfilment. Winners are not entitled to any surplus between actual retail value (ARV) of prize and stated ARV and any difference between stated ARV and actual value of the prize will not be awarded. No substitution, assignment, transfer, or cash redemption of any prize is allowed by Winner.  Sponsor reserves the right to substitute a prize with another prize of equal or greater value should the advertised prize become unavailable for any reason. If applicable, prizes may be awarded in the form of voucher(s), coupon(s) and/or gift card(s) in Sponsor’s sole discretion.  If a potential winner is unable to participate in or accept the prize or any portion of the prize for any reason, Sponsor shall have no further obligation to such potential winner.  Neither Sponsor nor any of its prize suppliers will replace any lost or stolen prizes, cards or certificates after being awarded to winners.  In no event will Sponsor be responsible for awarding more than the stated number of prizes. NOTIFICATION OF WINNER(S).  Winners will be notified on stage during The Future of the Network is Here Innovation Talk at Cisco Live in Las Vegas, NV on July 13, 2016 at 9:00am Pacific Time  and by Twitter.  Sponsor’s decision will be final in all matters.  Sponsor may also send potential winner(s) a declaration of eligibility / liability / publicity release ("Release").  Unless restricted by law, potential winners receiving such a Release may be required to complete and return it within the time period specified therein.  The prize may be forfeited and, in such case, an alternate potential winner may in Sponsor's discretion be selected from among the remaining eligible entries (using the criteria described above), if a potential winner:   cannot be reached; (ii) fails to obtain all signatures on the Release and to return the documents in a timely manner as required pursuant to these Official Rules; or (iii) cannot accept or receive the prize for any reason.  Prizes will be sent to winner as quickly as practicable following notification (and receipt of any Release and related document, if applicable). CONTENT AND LICENSE TERMS. Originality:  By participating in this Contest, Participant warrants and represents that his or her entry:
  • is original and has been legally created, and that Participant owns all rights to the entry;
  • does not infringe the intellectual property, privacy or publicity rights or any other legal or moral rights of any third party;
  • has not been entered in any previous contest or won any previous award;
  • has not been published or distributed previously in any media; and
  • complies in all respects with the requirements set out in these Official Rules.
Third Party Rights.  No part of any entry may depict recognizable third party marks, copyrights, brands or other property, unless Participant has obtained all proper licenses.  The entry must not contain any elements that would infringe upon any third party's rights (intellectual property or otherwise), and must not include any commercial content that: (1) promotes any product or service, other than one owned or branded by Sponsor, or (2) disparages Sponsor, its affiliates, partners, customers, competitors or any third party in any way.  Sponsor’s determination as to whether Participant's Submission potentially violates the rights of any third party is final.Permissions and Releases.  Participant acknowledge and agrees that he or she is responsible for obtaining any and all documents, policies and authorizations necessary to submit the entry to Sponsor in connection with this Contest, including but not limited to publicity releases, permits and venue permissions, as may be necessary; and Participant represents and warrants that he or she has done so and can make written copies of such permissions available to Sponsor upon request. If applicable: Participant represents and warrants that he or she has obtained permission from each person whose name, image, likeness and/or voice ("Likeness") is included in any entry, and that such person(s) has/have granted Participant all necessary rights to use the person’s Likeness as described in these rules, and that Participant can make written copies of such permissions available to Sponsor upon request.  If the Likeness of a minor is included, such grant of rights must include written permission from the minor’s parent or legal guardian authorizing the use of the minor’s likeness on behalf of the minor.  Participant represents and warrants that he or she has obtained written permission when filming or photographing any part of his or her entry on private property not owned or controlled by Participant, where such permission is required.Additional Content Limitations.  Participant’s entry must not include anything in its theme or language that would offend parents whose young children view the entry, and must not include any nudity, ***, explicit activity, violence or drug use, nor any references to same. License Grant.  By submitting any entry in this Contest, Participant irrevocably grants Sponsor and its affiliates, legal representatives, assigns, agents and licensees, the unconditional, irrevocable and perpetual right and permission, royalty-free, to reproduce, encode, store, copy, transmit, publish, post, broadcast, display, publicly perform, adapt, exhibit and/or otherwise use or reuse (without limitation as to when or to the number of times used), for any purpose, the Participant's entry and ideas and materials contained therein, including, but not limited to, any recordings and performances contained therein (in each case, as submitted or as edited/modified in any way by the Sponsor, in its sole discretion), as well as to use Participant's Likeness, and/or statements regarding his/her participation in this Contest (with or without using the Participant's name) in any and all media without limitation as to time or territory, and without additional compensation or approval from the Participant, or any other party.  Participant waives all intellectual property rights, privacy/publicity rights or other legal or moral rights that might preclude the Sponsor's use of the Submission, and agrees not to sue or assert any claim against Sponsor for the use of the Submission or Participant's Likeness or statements.  The grant of rights under these Official Rules includes all rights of paternity, integrity, disclosure, and withdrawal and any other rights that may be known as or referred to as "moral rights" ("Moral Rights").  If Moral Rights cannot be assigned under applicable law, then to the full extent allowed by law, Participant hereby waives such Moral Rights in favor of Sponsor and consents to any action of Sponsor which would violate such Moral Rights in the absence of such consent. GENERAL CONDITIONS. The Contest is subject to applicable federal, state and local laws, and these Official Rules. Each winner will be solely responsible for any local, provincial, country or any other applicable taxes, and any other costs, expenses and fees in connection with the prize.  If applicable, the winner(s) may be issued an IRS Form 1099 or other tax documentation for the approximate retail value of any awarded prize. Participant grants permission to Sponsor and its authorized representatives to use his/her name, address (city and state/province/territory/country), photograph, voice, and/or other likeness for advertising, trade and promotional purposes without further compensation, in all media now known or hereafter discovered, worldwide, and on the Internet and world wide web, in perpetuity, without notice, consideration, review or approval. Following the Contest Period, Sponsor shall not be required to retain records of any Entries. By participating, Participant hereby: (a)  agrees bound by these Official Rules, and the decisions of Sponsor, which shall be final and binding; and (b) waives any right to claim ambiguity in the Contest or these Official Rules, except where prohibited by law.  Once submitted, an Entry cannot be deleted or cancelled. If any prize involves travel, all potential winners are responsible for obtaining all necessary travel documents, including valid passports, visas and travel insurance, and complying with all health or other government regulations. Participant acknowledges and agrees that Sponsor has neither made, nor is in any manner responsible or liable for, any warranty, representation or guarantee, expressed or implied, in fact or in law, relative to any prize or the Contest.  All warranties are hereby disclaimed; and each potential winner will accept the Prize "AS IS."   All costs and expenses, including support services, not specifically listed above as part of the prize, are solely the winner’s responsibility. In the event of a dispute as to the source of any Entry, the authorized account holder of the email address used to enter will be deemed to be the person making the Entry.  The authorized “account holder” is the natural person assigned an email address by an Internet access provider, online service provider or other organization responsible for assigning email addresses for the domain associated with the submitted address.Subject to applicable law, Sponsor reserves the right in its discretion, to (a) cancel, terminate, modify or suspend this Contest and these Official Rules, for any reason, at any time and without any liability, and (b)limit or restrict participation in the Contest, upon notice.All Participants are solely responsible for compliance with any applicable laws, rules and regulations, contractual limitations and/or office or company policies, if any, regarding Participant’s participation in trade promotions or acceptance of promotional prizes; and by entering this Contest, Participant confirms that he or she is not in violation of any of the foregoing and has obtained the consent of his or her employer to participate, if applicable.  If a Participant is not permitted to accept any received prize, then the Participant may return such prize to Sponsor; and Sponsor will refund the cost of shipment, as appropriate. Use of any automated entry device or software is prohibited.  Creation or use of multiple accounts for registration or participation in the Contest is prohibited.  To the extent the Contest uses or requires functionality of any third party website (e.g., social media sites or platforms that enable broad communications, collaboration and/or posting of videos), you understand that the Contest is not sponsored by such third parties, and further agree to follow the policies on such website(s), as applicable.  Sponsor reserves the right to disqualify any Participant it finds to be tampering with the entry process or the operation of the Contest or violating these Official Rules, or otherwise acts in an uncooperative, unsportsmanlike, disruptive, abusive, or threatening manner; and Sponsor reserves the right to cancel the Contest should it suspect fraud or for reasons out of the control of Sponsor.  Disputes regarding these Official Rules and/or this Contest will be governed by the internal laws of California.  CAUTION: ANY ATTEMPT TO DELIBERATELY DAMAGE OR UNDERMINE THE LEGITIMATE OPERATION OF THE CONTEST MAY BE IN VIOLATION OF CRIMINAL AND CIVIL LAWS AND WILL RESULT IN DISQUALIFICATION FROM PARTICIPATION IN THE CONTEST.  SHOULD SUCH AN ATTEMPT BE MADE, SPONSOR RESERVES THE RIGHT TO SEEK REMEDIES AND DAMAGES (INCLUDING ATTORNEY FEES) TO THE FULLEST EXTENT OF THE LAW, INCLUDING CRIMINAL PROSECUTION. Sponsor is not responsible for: (a) lost, late, misdirected, undeliverable, incomplete or indecipherable entries due to system errors or failures, or faulty transmissions or other telecommunications malfunctions and/or entries; (b) technical failures of any kind; (c) failures of any of the equipment or programming associated with or utilized in the Contest; (d) unauthorized human and/or mechanical intervention in any part of the submission process or the Contest administration; (e) technical or human error which may occur in the administration of the Contest or the processing of entries; or (f) other factors beyond Sponsor’s reasonable control.  Sponsor is not responsible for injury or damage to any Participant’s or any other person’s computer related to or resulting from participating in the Contest or downloading materials from or use of the Site.If for any reason the Contest is not capable of running as planned by Sponsor, including infection by computer virus, bugs, tampering, unauthorized intervention, fraud, technical failures, or any other causes which, in Sponsor’s sole determination, corrupts or affects the administration, security, fairness, integrity, or proper conduct of this Contest, Sponsor reserves the right at its sole discretion to cancel, terminate, modify or suspend the Contest.  If Contest is cancelled prior to the end of the Contest Period, for the reasons stated above, notice will be posted on the Contest website; and some or all of the prizes may, in Sponsor’s sole discretion, be awarded to potential winners to be selected (using the judging criteria described above) from among all the remaining uncorrupted entries received up until the time of modification or cancellation.Sponsor shall not be liable to any Participant or other person for failure to supply any prize or any part thereof, by reason of the prize becoming, for reasons beyond the reasonable control of Sponsor, unavailable or impracticable to award, or for any force majeure event, technical or equipment failure, terrorist acts, labor dispute, or act/omission of any kind (whether legal or illegal), transportation interruption, civil disturbance, or any other cause similar or dissimilar beyond Sponsor’s control. LIMITATIONS OF LIABILITY AND RELEASE.  PARTICIPANT AGREES THAT SPONSOR, ITS AFFILIATES, DIVISIONS, SUBSIDIARIES, RESELLERS, DEALERS, DISTRIBUTORS, ADVERTISING/PROMOTION AGENCIES, AND ALL OF THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, CONTRACTORS, REPRESENTATIVES AND AGENTS (“RELEASED PARTIES”) WILL HAVE NO LIABILITY WHATSOEVER FOR, AND WILL BE RELEASED AND HELD HARMLESS BY PARTICIPANT FOR ANY CLAIMS, LIABILITIES, OR CAUSES OF ACTION OF ANY KIND OR NATURE FOR ANY INJURY, LOSS OR DAMAGES OF ANY KIND INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES TO PERSONS, INCLUDING WITHOUT LIMITATION DISABILITY OR DEATH.  WITHOUT LIMITING THE FOREGOING, EVERYTHING ON THE SITE AND IN CONNECTION WITH THE CONTEST IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.  SOME JURISDICTIONS MAY NOT ALLOW THE LIMITATIONS OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES OR EXCLUSION OF IMPLIED WARRANTIES, IN WHICH CASE SUCH LIMITATION OR EXCLUSION SHALL APPLY ONLY TO THE EXTENT PERMITTED BY THE LAW IN THE RELEVANT JURISDICTION.
  1. PUBLICITY. Participant acknowledges and agrees that Sponsor may use the Contest (including any submission) for publicity, advertising or other marketing purposes, in any media, and may use the name, likeness, and hometown name and/or prize information of potential winners as part of that publicity, without additional compensation to the potential winners.
  2. PRIVACY. All personal information collected by Sponsor will be used for the administration of the Contest and in accordance with Sponsor's privacy policy.  Any questions regarding privacy matters should be directed to the address set out below. Please refer to Sponsor's privacy policy located athttp://cisco.com/web/siteassets/legal/privacy.html for important information regarding the collection, use and disclosure of personal information by Sponsor.

 

OFFICIAL RULES AND WINNERS' LIST. For a copy of these Official Rules or the names of winners, please email your request to julmcphe@cisco.com. Winners list to be available approximately ten days after the Contest Period.

*    * *


 

1,000 CLI commands reduced to 10 GUI clicks…

240,000 total branches connected…

4 Managed Service Providers as partners…

 

This is what Cisco’s SD-WAN solution, Intelligent WAN (IWAN) can do for you.

 

Back in the summer of 2015, the Intelligent WAN Application (IWAN App) on Cisco’s APIC-EM was announced, and it brought Software Defined Networking to the WAN (SD-WAN) to Cisco’s ISR 4000 series routers. The IWAN App enables you to bring up new branches in minutes by:

  • Simplifying configuration, provisioning, and management of your WAN
  • Automatically translating business policy to network configuration
  • Providing openness, programmability, and customization


IWANApp.png

 

Now, you can do all of that on the industry-leading ISR G2 routing platforms. By leveraging the IWAN App, you will take the first step towards a Digital Network Architecture (DNA) by automating your WAN with SD-WAN, protect your investment, and save on bandwidth costs today – no adding new hardware or ripping and replacing necessary.

 

There’s never been a better time. To see for yourself what the IWAN App on APIC-EM can do for you, take a look at the first video in the WAN Resolutions series here.

 

Get more technical information on these recent updates and details on platform support for the IWAN App by reading Jake Sacharok’s blog here.

 

Lastly, if you’re ready to get started, download APIC-EM here or contact your Cisco sales team or channel partner team.

Intelligent WAN (IWAN) Application for the Cisco® Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) allows you to accelerate the deployment of IWAN and align to business priorities based on applications and user needs.

 

So what’s new in 1.2?

 

The IWAN Application update 1.2.0.1594 brings a number of new features and improvements. APIC-EM IWAN App continues to simplify WAN deployments by providing a highly intuitive, policy-based interface that helps IT abstract network complexity and design for business intent.

 

xxx.png

Business policy is automatically translated into network policies that are propagated across the network. This solution enables IT to accelerate the transition to hybrid WAN, and quickly realize the benefits of Software-Defined WAN (SD-WAN): lower costs, simplified IT, increased security, and optimized application performance.

 

Cisco IWAN App includes the following features:

xxx.png

xxx.png

xxx.png

xxx.png

 

Below is a summary of what’s new in the IWAN App 1.2.0.1594 APIC-EM Release:

  • Improved application visibility and network monitoring via Prime Infrastructure integration
    • Monitor application bandwidth per link and per site
    • Quickly visualize site health and receive alerts
    • Simple application troubleshooting and remediation via the GUI
  • Increased scalability to 1000 IWAN devices (routers)
  • ISR G2 Support
    • Select IWAN supported ISR G2 Platforms are now configurable (See table below)
  • Post site provisioning improvements (Day 2 features)
    • Add or delete WAN clouds and service providers in any order
    • Connect hub devices to different service providers  
  • Improved LAN interface selection

 

Supported Cisco Platforms and Software Releases

Cisco IWAN supports the following Cisco router platforms and software releases:

 

Platform

Models

Software Release

Cisco 4000 Series Integrated Services Routers

4321
4331
4351
4431-X
4451-X

Cisco IOS XE 3.16.2S

Cisco ASR 1000 Series Aggregation Services Routers

ASR1001
ASR1001-X
ASR1002
ASR1002-X
ASR1004
ASR1006
ASR1013

Cisco IOS XE 3.16.2S

Cisco CSR 1000v Series Routers

Cloud Services Router 1000v

Cisco IOS XE 3.16.2S

Cisco Integrated Services Routers Generation 2 (ISR-G2) Series Routers NEW!

ISR 3945
ISR 3945-ISM
ISR 3945-E
ISR 3945E-ISM
ISR 3925
ISR 3925-ISM
ISR 3925E
ISR 3925E-ISM
ISR 2951
ISR 2951-ISM
ISR 2921
ISR 2921-ISM
ISR 2911
ISR 2911-ISM
ISR 2901
ISR 2901-ISM
ISR 1941
ISR 1941-ISM
ISR 1921
ISR 1921-ISM
ISR 892FSP

Cisco IOS 15.5(3)M2a

 

For more details on the IWAN Application consult the IWAN App 1.2.0.x release notes here.

Gartner’s latest Magic Quadrant for WAN Optimization recognized Cisco as a leader, again. More details about Cisco positioning are highlighted in Prashanth Shenoy’s blog post. This follow up post shares an overview of Cisco considerations for our WAN Opt (Cisco WAAS) vision and strategy.

Screen Shot 2016-05-17 at 3.48.08 PM.png

 

 

(Source: Gartner, Magic Quadrant for WAN Optimization, May 2016. G00276843)

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Cisco.

 

Innovation is more than just about speed, feed, and the latest shiny box. A true technology leader evaluates current and future needs of the market, its customers’, then builds value-added innovations to help get customers towards that future. That, essentially, is our guiding principle. So what does Cisco see?

 

Market Needs

Cisco continues to see convergence of network services into a single platform that provides operational and capital cost savings as well as license flexibility for the customers. The exponential growth of mobile devices, high bandwidth apps, and cloud-based services adoption demands new WAN paradigm, for example, hybrid WAN. Internet as an alternative to offload the WAN gives rise to new application assurance challenge and security vulnerability traditionally not encountered with the DC backhauled model. Early adopters increasingly embrace virtualization, e.g. Network Functions Virtualization (NFV) with WAN opt as one of many virtual network functions (VNF), to lower operation costs and have greater deployment flexibility.

 

What Do These Mean? 

Customers are looking for more than just a narrowly focused solution, but a comprehensive and integrated WAN Optimization that helps them address a) digital business needs, b) operational complexity, and c) costs optimization across the WAN fabric.

 

A. Digital business needs. A one-second delay in web page response time could result up to 16% decrease in customer satisfaction1. The non-existence of an app, say on a mobile device or at a remote unwired location, boils down to missed revenue opportunity. The key to delivering great experience for digital customer is the ability to deploy application performance anywhere, anytime, through any connectivity, on any platform, i.e. physical or virtual. This means application optimization at the branch and WAN opt in the WAN or cloud (anywhere), instantiated on-demand (anytime), delivered via MPLS, Internet or 3/4G LTE (any connectivity), as dedicated hardware, virtual instance, or virtual network function (any platform).

 

B. Operational complexity. Agility is the desired state so IT can quickly respond to changing digital business needs. Therefore, the automation of network and branch services, like WAN opt, is central. Cisco WAAS is part of Cisco Intelligent WAN (IWAN), our solution for software defined WAN (SD-WAN). Cisco IWAN provisioning can be done in a few GUI friendly clicks using the IWAN App on APIC-EM, an SDN controller (see video below). Cisco WAAS also is a VNF supported by Cisco Enterprise NFV solution, manageable by the Enterprise Services Automation (ESA) app on APIC-EM.

Screen Shot 2016-05-20 at 5.01.44 PM.png

 

Agility comes hand-in-hand with deployment flexibility as well. Customers should have the freedom to choose any platform for deployment:

  • Inline as a dedicated hardware in cases where Layer 3 topology must be preserved;
  • As virtual instances either in a container on a router (ISR-WAAS) or a router-integrated compute blade (vWAAS on the UCS-E), where branch infrastructure convergence is the goal;
  • As virtual network function in an NFV solution for greater deployment flexibility; or
  • As cloud service from managed services.

   

C. Costs optimization

Cost is always the elephant in the room when discussing IT initiatives. There is no better time than now to address that. By 2019, 59% of total cloud workloads will be Software-as-a- Service (SaaS) workloads, up from 41% in 20142. Connectivity between users and their apps will become more dynamic. HTTPs traffic optimization, live streaming of video with adaptive bitrate protocols (HLS, HDS, HSS), and a variety of media formats such as Adobe, Apple, and Microsoft are a few examples of the new application assurance challenge. This translates to the need for web optimization feature and also an asymmetric solution, one that does not require a WAN opt device or service at either head end or each cloud provider – a 50% cost savings just by cutting the number of WAN opt devices or services in half. Cisco introduced this capability and enhanced features for Microsoft updates and single-sided SSL encrypt and decrypt handling in WAAS 6.2 Software Release (see NPI announcement). Apple iOS optimization on Cisco networks started with Cisco-Apple partnership, announced in August 2015. 

 

WAAS total cost of ownership (TCO), one of Cisco key strengths highlighted by Gartner, is very attractive in comparison to other point-product or SD-WAN solution. WAAS virtual instances reduce both CapEx and maintenance contract costs. That is because Cisco WAAS is an integrated part of Cisco branch and WAN solutions.

 

Why Cisco Does What It Does

Cisco goal is very similar to customer goal, and that is to achieve item a, b and c above. Cisco DNA is the architecture for customer to get there. Cisco DNA solutions: Cisco Enterprise NFV, Intelligent WAN, StealthWatch Learning Network, Connected Mobile Experience are a few key enablers in delivering a secure, open, programmable fabric that ties together the branch, wan, campus and data center. This fabric securely connects SaaS/cloud-based applications and virtual services delivered to/from cloud and also acts as sensor of threat and enforcer of security policy. A unified network control plane together with one consistent management framework delivers the ultimate flexibility for the enterprise: any app, any platform, any connectivity. One common deployment and operation model across the WAN fabric, whether customer premises, partner’s, or managed services, brings simplicity for IT and costs savings for the business.

 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

Citation:

1. Gomez, Why Web Performance Matters

2. Cisco Global Cloud Index: Forecast and Methodology, 2014–2019

Are you attending Cisco Live! 2016 in Las Vegas? Want to learn how aging infrastructure can impact your organization and why you need to modernize your network for digital? Join Prashanth Shenoy on Thursday, July 14th to find out how Cisco Digital Network Architecture (DNA) can help you innovate, generate actionable insights and create new customer experiences, all while protecting the business.


Follow this link to schedule: Session Catalog - Cisco Live US 2016

2016 marks the beginning of Cisco WAAS and Akamai Connect (AKC) deployment at our flagship industry event, Cisco Live. This post will cover the process for that deployment at Cisco Live Berlin, design of the network, and reports showing the optimization results.

 

PRE-EVENT ASSUMPTION:

Optimization focused on Web based traffic including Apple and Microsoft Windows Updates.

 

NETWORK DESIGN:

WAAS Deployment Overview:

  • Two UCS C220 Rack Servers (one server per DC core)
  • VMWare ESXI 6.0
  • Ten vWAAS6k (6000 Concurrent Connections) instances across two DC Cores with Akamai Connect enabled
  • WAAS version 6.1.1a
  • VM Requirements: 40 vCores, 110 GB RAM, and 10 TB of Storage.
  • Interception and Distribution: two ASR 1001s running AppNavXE

 

Cisco Event Infrastructure team had a set of 3 top design priorities and requirements.

Design PriorityWAAS Object Caching
Reliable and proven technologies Deploying multiple vWAAS instances on a UCS server allowed for quick and easy setup. Redirecting traffic from the edge routers using AppNavXE ensured that load is distributed evenly and failed vWAAS nodes could be moved out of the pool.
Secure Network Access to the WAAS Central Manager is limited to secure network only.
Flexible Design - many last minute changes Using vWAAS allowed for flexible horizontal scaling. If additional caching capacity is required, a new vWAAS instance could have been enabled quickly, and AppNavXE would ensure traffic distributes properly to additional resources.

 

 

Network Diagram:

Network Diagram.png

 

RESULTS:

Peak of concurrent devices connected to Cisco Live Wi-Fi:

Wi-Fi Chart.png

 

HTTP bandwidth offload - aggregated over a week

The graph below shows the total amount of data offloaded from the WAN by using caching. During the busiest days, over 300GB was offloaded amounting to over 30% of HTTP data served from cache.

Data Served Chart.png

 

HTTP response time saving - daily report for a single vWAAS

This report shows the amount of time saved due to content being downloaded from cache. This type of report is available per device. The graph below shows a single vWAAS at its busiest period (around 11am); caching saved over 18h in download time.

Response Time Chart.png

 

Top 10 sites based on WAN data offload - daily report for a single vWAAS

The graph below shows a list of Top 10 sites based on their WAN offload in GB. (Cisco Live had a dedicated IOS App that attendees could use to navigate around the venue and schedule sessions.)

Top Sites Chart.png

 

SUMMARY

Throughout Cisco Live Berlin, Cisco WAAS and Akamai Connect offloaded a total of nearly 1 TB of data from the WAN links. During peak times, up to 1GB of data per every 5 minutes was delivered from cache. There were also significant improvements to user experience for downloading applications and general browsing; saving at the peak 18h of download time in a 1h period.

 

The top objects delivered from cache were:

  • Apple IOS and App Updates
  • Windows Updates
  • Virus Definition Updates (Norton and McAfee)

 

Overall user feedback about the event was positive. There we no complaints raised at all about performance or stability.

 

(Credit: data and deployment details provided by Anthony Lockart, Cisco Product Manager)

CL Tweet.png

Filter Blog

By date:
By tag: