Introduction to IWAN Davin Gibb Technical Solutions Architect #clmel
Mobile Device Network Traffic Average Number of Apps per Device*: 41 Average App Size**: 23 MB ios OS Update File Size***: 750 MB ios 7 for iphone 5 6 MB Android 168 MB Jelly Beans 4.1 25 MB Windows 400 MB Windows 7 Sources: * http://www.nielsen.com/us/en/newswire/2012/state-of-the-appnation-%c3%a2%c2%80%c2%93-a-year-of-change-and-growth-in-u-s-smartphones.html ** https://www.abiresearch.com/press/average-size-of-mobile-games-for-ios-increased-by- *** http://www.wirelessandmobilenews.com/2013/05/samsung-galaxy-s3-iii-update-android-4.2.1-jelly-bean.html http://theiphonewiki.com/wiki/firmware#ipad_4 http://answers.microsoft.com/en-us/windows/forum/windows_other-windows_update/what-is-average-monthly-size-of-update-downloads/dfe9bb34-c2dd-478e-a6cb-0a26228cf552
Chromebook Creates an Average of 152 Times More Traffic Third-Party Lab Test: Chromebook vs. Windows 8 Laptop Document Manipulation Photo Manipulation 0.14 0.27 10.80 57.84 Chromebook creates as high as 692.2 times more network traffic On average, Chromebook creates152 times more network traffic Video Manipulation Music Manipulation Web Browsing 2.73 0.21 41.33 211.29 145.56 77.39 Note Taking 6.06 18.30 Test Taking 5.00 8.65 http://principledtechnologies.com/microsoft/chromebook_pc_netw ork_traffic_0613.pdf 0 5 10
Emerging Branch Demands The Application Landscape Is Changing Applications Are Moving to the Data Centre and Cloud Cloud Branch Internet Edge Is Moving to the Branch Pressures on the WAN Data Centres Cloud of CIOs Expect to Operate via the Cloud by 2015 Mobility More Mobile Data Traffic by 2015 Fat Apps of Mobile Traffic Will Be Video
Why Move to Internet as WAN? Low Cost Alternative 46 % 1. Internet Transit Pricing based on surveys and informal data collection primarily from Internet Operations Forums street pricing estimates 2. Packet delivery based on 15 years of ping data from PingER for WORLD (global server sample) from EDU.STANFORD.SLAC in California Source: William Norton (DrPeering.net); Stanford ping end-to-end reporting (PingER)
WAN Spending Trends WAN Transport Costs Re-think Your WAN Fortune 500 $100M + Midmarket $500K + 68 % Say Demand for WAN Bandwidth Will Increase** 75 % Organisations Have Flat WAN Budgets* Nearly HALF of WAN Budget on Wireline/Internet Transport Services* NemertesResearch Benchmark Report: Emerging WAN Trends: The Internet Arises* Information Week Reports: 2014 Next Gen WAN Survey** HOW WILL YOU GET MORE VALUE FROM YOUR WAN INVESTMENT?
Introduction
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Empower IT to Conquer the WAN What If An Intelligent WAN Could Deliver More Bandwidth for Lower Cost Improve Your App SLA Ensure Security Over Any Connection Increase WAN Utilisation Pinpoint App Issues Instantly Security at Scale 1X 2X+ Hours Minutes Backhaul Off-load
Intelligent WAN: Leveraging the Internet Hybrid WAN Transport MPLS $$$ Private Cloud Branch Direct Internet Access Cisco Cloud Web Security Internet $ Internet backhaul Virtual Private Cloud Public Cloud Secure WAN transport across MPLS and/or Internet for private cloud / DC access Leverage local Internet path for public cloud and Internet access Increase WAN Capacity Improve App Performance Scale Security at the Branch
Building Highly Available WANs with Cisco IWAN Redundancy and Path Availability Matter Single Router Single Path Single Router Dual Paths Dual Routers Dual Paths Downtime per Year 4 Hours 23 Minutes 99.95% 4:23 / yr * MPLS Downtime per Year 24 Minutes Downtime per Year 5 Minutes ISR -AX 99.998% 0:24 / yr 99.999% 0:05 / yr Downtime per Year 8 Hours 46 Minutes 99.90% 8:46 / yr * Internet MPLS or Internet MPLS or Internet MPLS or Internet MPLS or Internet ISR -AX ISR-AX ISR-AX * Typical MPLS and Business Grade Broadband Availability SLAs and Downtime per Year
What Can Cisco Intelligent WAN Enable? Innovate and Transform Your Business Grow Revenues Improve Customer Experiences Reduce Costs and Improve Efficiency Enable next generation apps Improve customer engagement Increase productivity Higher sales transactions Meet growing user expectations Faster app performance Instant access to content Seamless experience Lower WAN costs Fully utilise network Offload traffic Lower downtime
Case Studies: Large European Bank Driver: Reduce costs 14,000 bank branches worldwide MPLS dual broadband ISR 2901 and ASR1004 PfR and IPSEC 40% Reduction in WAN costs Completed 200 UK branches Next 300 Germany branch Followed by Global rollout 40% Cisco Reduction Public in WAN costs
Case Studies: Mid-Size Insurance Company WAN expansion with growing costs Addressing MPLS upstream issues Real-time apps (voice) quality Cisco ISR G2 with PfR, WAAS Enable Active-Active MPLS + Internet Doubled bandwidth utilisation (4X with WAAS) at no additional costs Dynamic network response; less manual configuration 2-4x Increase in BW utilisation
Case Studies: Luxury Global Retailer Re-energise customer in-store experience Improve mobile application performance Cisco ISR-AX featuring IWAN with Akamai Pilots in Hong Kong, Paris, NYC experience faster app response Sales Apps from 36 6 sec Catalogs available instantly 38 6 Reduction in mobile app response time SECONDS
Case Studies: Large US School District Support ipad apps for all students HD Video curriculum Limited bandwidth in classrooms Cisco ISR-AX with AVC, WAAS Cisco featuring IWAN with Akamai Moving forward to provide 750K ipads to students Able to deliver online rich media content with minimal WAN impact 100% offload after initial user 100% WAN off-load after initial user
What Can IWAN Enable? WiFi SaaS Rollout High BW Apps OpEx Savings 365 Apps BUSINESS CHALLENGES Increase Traffic Security and Policy App Latency Backhaul to DC Bandwidth Costs App Quality High WAN recurring charges Inflexible SLAs HOW IWAN HELPs App Visualisation and Prioritisation Threat Defence DIA: no backhaul DIA: low latency Faster Roll Out Visibility and control Transport Choice App Awareness and Prioritisation Intelligent WAN Path Selection Leverage low-cost Internet links Flexibility for new services No tradeoffs
Cisco Intelligent WAN Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Provider Flexibility Modular Design Common Operational Model Load Balancing Policy-Based Path Selection Network Availability Application Visibility App Acceleration Intelligent Caching Scalable, Strong Encryption App-Aware Threat Defence Cloud Web Security Application Experience / IT Simplicity / Lower WAN Costs
Cisco Intelligent WAN Solution Offerings IWAN Cisco On-Premise On-premise management with automation Software Defined WAN for deployment and configuration with customisable features Extensive support for 3rd party partner integration Cisco Cloud-Managed Cloud-based network management Includes zero-touch provisioning and optimised feature set out of the box Automatic feature, firmware and security updates pushed from the Cloud
Cisco On-Premise and Cloud-Managed Portfolio Cisco On-Premise Managed Cisco Meraki Cloud-Managed Small branches ISR 800/4321 MX64/64W Mid-size branches MX80 ISR 4331/4351 MX100 Large branch/campus MX400 ISR 4431/4451 MX600
Feature Comparison Feature Description On-Premise - Cisco ISR Cloud Managed - Meraki MX Intelligent Path Selection Security Transport Independence Application Optimisation Unified Communications Routed Protocols Load Balancing Policy-Based Path Selection Number of Paths Supported Rapid Failure Detection and Mitigation Virtual Private Netw ork Firew all Intrusion Prevention & Detection Content/URL Filtering Anti-Virus WAN Connectivity Cellular IPv6 WAN Optimisation Content Caching Application Visibility Congestion Control Voice Gatew ay Session Border Controller Call Control Agent OSPF EIGRP BGP Yes Yes (L7 / app level) Multiple (Any Transport) Yes (Blackout & Brow nout) Yes Yes Yes (Snort) Yes (Cloud Web Security) No T1/E1, T3/E3, Serial, xdsl, Ethernet Yes (Integrated/Module) Yes Yes (WAAS) Yes (Akamai) Yes Yes (HQoS) Yes Yes Yes Yes Yes Yes Yes Yes (L3-L4 / Netw ork level - based on loss, latency) 2 (Broadband,4G,MPLS) Yes Yes Yes Yes (Snort) Yes (Built-in) Yes (Built-in) Ethernet Yes (Dongle) Planned (2H2015) No Yes (Squid-Cache) Yes Yes (L7 Traffic prioritisation) No No No Planned (2H2015) Planned Planned (2H2015) Integrated Storage & Compute Integrated Compute Yes (UCS E-Series) No
Solution Components
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Transport Independent Comprehensive WAN Transport Support with Secure, Full Mesh Connectivity Transport-independent Simplifies WAN Design Easy multi-homing over any carrier service offering Single routing control plane with minimal peering to the provider Flexible Dynamic Full-Meshed Connectivity Consistent design over all transports Automatic site-to-site IPsec tunnels Zero-touch hub configuration for new spokes Secure Proven Robust Security Consistent design over all transports Automatic site-to-site IPsec tunnels Zero-touch hub configuration for new spokes ISR-G2 Internet WAN ASR 1000 ASR 1000 Branch MPLS Data Centre
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Intelligent Path Control Maximise WAN Utilisation with High Reliability Problem Enforce App SLA Business continuity for critical/real-time apps Poor bandwidth utilisation Set Policy Actions Based on app traffic classes Re-route based on criteria (app SLA, link status) Extends Classical Routing Adaptive to Real-time Conditions Delay, Jitter, BW metrics 2X WAN Utilisation Solution Path A Path B Data Centres App Priority Path Loss Jitter Delay Voice/Video Path A x x x Business Critical Remaining Path B x x Load balance Lower WAN Costs Full Bandwidth Utilisation Improved App Performance
What PfR Does Protecting Critical Applications While Increasing Bandwidth Utilisation Hybrid IWAN Dual Internet WAN Detect Loss Greater Than 10% Detect High Jitter Cloud Services Best-Effort Traffic Voice and Video Best-Effort Traffic VDI SP1 (MPLS) ISP (Internet) ISP-1 (Cable) ISP-2 (DSL) Cloud Services and Load-Balancing Policy Multimedia and Critical Data Policy Protect business cloud applications from brownouts Loss less than 5% Preferred path for critical applications: SP1 (MPLS) Increase WAN bandwidth efficiency by load-sharing traffic over all WAN paths, MPLS + Internet Protect voice and video quality Latency less than 150 ms; Jitter less than 20 ms Protect VDI applications from brownouts Loss less than 5% Voice and video preferred path SP-A VDI preferred path SP-B Increase utilisation by load sharing
PfR Enhances Classical Routing Classical PfR PATH CONTROL METRICS Topological state Least cost path Static user preference Path cost Interface state + Application-aware Policy controlled Measured performance Delay Jitter Bandwidth ADAPTIVE Responds To: Link and node state changes (up/down) Responds To: Measured performance changes (degradation)
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Application Optimisation: Start with Visibility Enhancing User Experience and WAN Efficiency Problem Limited visibility to web apps Unable to prioritise and adequately plan for capacity Difficultly resolving cause of application degradation Probe-less Deployment Integrated on the router Visibility between LAN and WAN Visibility to 1000+ apps Solution Gain L7 visibility into the network; see inside HTTP flows NetFlow, IPFIX export + partner tools Rapid root cause analysis Hop by hop media trace Determine app, network or carrier Validate App SLA Smart Capacity Planning Pinpoint App Issues in Minutes
Make Your Network App Aware with IWAN Cisco Application Visibility and Control No Probes Visibility To 1000+ Apps Smart Capacity Planning Pervasive App Visibility No additional hardware Rich data collection using NetFlow v9/ipfix Easy to integrate into many reporting tools Users/ Machines Proliferation of Devices Branch ISR Business Policy-based Rules No need for complex IP and port ACLs See inside HTTP flows to identify specific Cloud applications Public Cloud NetFlow v9 Comprehensive Reporting Better use of costly bandwidth Per-branch and per-application level reporting 60% of IT Professionals Cite Performance as Key Challenge for Cloud AVC AVC CSR ASR AVC Private Cloud DC/Headquarters Enterprise Edge AVC
Cisco WAAS Enhancing User Experience and WAN Efficiency Problem Solution Application latency WAN bandwidth inefficiencies Reduce load Data redundancy elimination (DRE), compression, and TCP optimisation Application optimisation Fewer protocol messages and metadata caching 4 3 Bandwidth (Mbps) Latency (Seconds) 160 120 Reduction in bandwidth Application bandw idth natively Application bandw idth w ith Cisco WAAS 2 1 80 40 Reduction in latency Application latency natively Application latency w ith Cisco WAAS 0 0 Application Application Bandwidth Latency
WAAS Delivers User Experience at Scale EMAIL 5 MB Attachment CIFS 5 MB File 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 Time in Seconds Send and receive email over native WAN First optimised with WAAS Second pass optimised with WAAS 24x FASTER MS SHAREPOINT 5 MB Document T1 (1.54Mbps) 80 ms Latency 0 10 20 30 40 50 60 70 80 90 100 110 120 130 140 150 Time in Seconds File drag and drop over native WAN First optimisedwith WAAS Second pass optimised with WAAS VDI (CITRIX) 17x FASTER 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Time in Seconds SharePoint file download over native WAN First optimised with WAAS Second pass optimised with WAAS 30x FASTER 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Time in Seconds Launch Citrix XenDesktop over native Citrix ICA/SSL Launch Citrix XenDesktop with WAAS Site navigation over native Citrix ICA/SSL Site navigation with WAAS 3 8x FASTER
Digitisation of the Enterprise Impact the Network Education Retail Enterprise Retail Banking Extend learning beyond classroom walls Deliver HD content to tablets for students Increase shopper dwell time with guest wi-fi Seamless online and in-store experience (omni channel) Accelerate business apps from all clouds On-demand video sales or new hire training Guest wifi Digital signage HD video Virtual offices Real-time online education system Online concierge Product catalogs Web Point-of-Sale Direct Internet access for faster app performance
Extending Akamai to the Branch with Akamai Connect Akamai Intelligent Caching Inside Cisco ISR-AX Branch Akamai Connect WAN/MPLS Data Centre ISR-AX Akamai Intelligent Platform Optimal Experience Regardless of Device, Connectivity or Cloud All HTTP Traffic in Private, Public, Akamai Cloud 2015 Cisco and/or Prepositioning its affiliates. All rights reserved. Dynamic HTTP Caching (YouTube) Any Transport
Building On Cisco WAAS Solution Akamai Caching Enhances the User Experience World s Best Optimisation Solution for HTTP Traffic AKAMAI WEB ACCELERATION Intranet HTTP Caching Dynamic OTT HTTP Caching Akamai Connected Cache Content Pre-positioning LZ Compression TCP Optimisation CISCO WAAS Data De-duplication Application Specific Acceleration
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Secure Connectivity Secure Transport for Backhaul, Plus Threat Defence for Direct Internet Access Secure Branch Edge Scalable security via DMVPN enforced locally Firewall/IPS support to protect for external threats Off-load Corporate Wan Secure local Internet breakout with encapsulated traffic Improved application performance at lower costs Cloud Web Security Real-time web filtering with Application Visibility & Control Advanced Malware Protection and Threat Analytics ISR Cloud Connector to CWS datacentres Branch CWS Encapsulated HTTP, HTTPS WAN2 (Internet) Web Filtering, Adv. Malware Detection & Threat Analytics WAN1 (IP-VPN) Cisco Cloud Web Security CWS IWAN Tunnels for HQ/DC Traffic Secure Public Cloud and Internet Access Private Cloud Public Cloud Internet
Web Filtering Web Reputation Malware Signature File Reputation File Behaviour File Retrospection Threat Analytics Cisco Cloud Web Security (CWS) Advanced Threat Protection for Intelligent WAN (Direct Internet Access) Cloud Web Security Application Visibility and Control Roaming Users Headquarters Branch Office
Continuous Protection Across the Attack Continuum Cloud Web Security (CWS) for Dedicated Internet Access Attack Continuum BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Web Filtering Reputation Filtering Acceptable Use Policy Application Visibility Control Signature-based AV Heuristic Analysis File Reputation File Behaviour File Retrospection Threat Analytics Actionable Reporting
Deployment
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Deployment Models Dual MPLS Hybrid Dual Internet MPLS Internet Public Public MPLS Internet Internet Internet Highest Service Level (SLA) Least flexible for new services Expensive, high latency for Cloud Enable SaaS and/or high BW apps Balanced SLA guarantees Moderately priced Best price/performance Least dependent on contracts Enterprise responsible for SLAs Consistent VPN Overlay Enables Security Across Transition
Cisco Intelligent WAN Is SDN Provisioning Ready Cisco APIC Enterprise Module Architecture Security QoS Mobility Cisco and Third Party Applications Cisco APIC - Enterprise Module Network Info Database REST API Policy Infrastructure CLI, OpenFlow, OnePK API Network Devices Catalyst, ASR, ISR Automation Exposes Network Intelligence For Business Innovation Abstracts Network Devices to Mask Complexity Treat Network as a System
Cisco APIC Enterprise Module Enabling the Intelligent WAN Eliminate IT Complexity Dynamic Set-Up, Tear Down, Provisioning, Monitoring Orchestration Full Access to Resource Pools Anywhere Simplification Template, On-demand On-Demand Workload Movement with Service Profiles Network Automation Simple Scale Automated Secure Scale 1000s of devices across domains SIMPLER OPERATIONS, FASTER SERVICE DELIVERY
Cisco IWAN Management On-Prem Management Cloud-Based Management Specialised Management Cisco Prime Enterprise and Integrator Lifecycle Management Lifecycle: Simplified deployment and configuration Configuration: Plug and Play deployment automation Health Assurance: Improved application delivery Compliance: Regulatory requirements and best practices Automates Deployment and Lifecycle Management Speed: Eliminates manual building of WANs Agility: Quick configuration updates and IOS upgrades Dynamic: Compatible with onepk for app aware WANs Reduced OpEx: Automated WAN orchestration Cost Savings: Centralised hybrid WAN management Application Aware Network Performance Management Integrates with Cisco App Visibility and Control Monitor and analyse app-level traffic Visualisation real-time traffic, end-to-end Troubleshoots hop-by-hop to pinpoint source QoS monitoring and configuration
Close
Agenda Introduction Solution Components Transport Independent Intelligent Path Control Application Optimisation Secure Connectivity Deployment Close
Why Cisco for Your Intelligent WAN? Application Performance with IT Simplicity at Lower Costs One Platform for Simplicity Pervasive Services Security at Scale Context-Based Routing Quick ROI $$$ Integrated Platform Up to 72% in Savings vs. stack of overlay appliances Branch ISR-AX DC ASR1K-AX Cloud CSR1000V Proven security across thousands of sites Protect all branch resources Secure direct internet access App-Aware Endpoint-Aware Network-Aware Many pay off in 6-12 months
Cisco Intelligent WAN CVD 2.0 IWAN 2.0 CVD http://www.cisco.com/c/dam/en/us/td/docs/solutions/cvd/jan2015/cvd-iwandesignguide-jan15.pdf
Q & A
Complete Your Online Session Evaluation Give us your feedback and receive a Cisco Live 2015 T-Shirt! Complete your Overall Event Survey and 5 Session Evaluations. Directly from your mobile device on the Cisco Live Mobile App By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/clmelbourne2015 Visit any Cisco Live Internet Station located throughout the venue T-Shirts can be collected in the World of Solutions on Friday 20 March 12:00pm - 2:00pm Learn online with Cisco Live! Visit us online after the conference for full access to session videos and presentations. www.ciscoliveapac.com
Thank you.