Current wired and wireless networks will be inadequate as traffic is forecast to triple over next five years as per Cisco VNI. Business Internet video traffic is expected to grow at 39%, mobile data traffic at 59% & Internet of Things M2M traffic at 113% per year through 2017-2018. Even when users are not actively using the apps on their mobile devices, the mobile devices create up to 1GB of background traffic (OS, App updates & backups) per month per device. With BYOD, there are 3x more devices per user according to a Cisco IBSG study of 600 IT & business leaders. Internet of Things (IoT) connects sensors, cameras and plenty of other previously unconnected devices to the network.
This trend in combination with growth in traffic from each device results in an explosion of traffic.
Higher connectivity speed is adding fuel to the fire. Wi-Fi is now the de facto primary network access in workplace. Wi-Fi standards have continuously provided more radio bandwidth to the users. 802.11ac (also called the Gigabit wireless) standard enables a network that is 3 times faster due to its 1.3 Gbps capacity. 802.11ac wave 2 is capable of up to 6 Gbps. The latent unmet demand from wireless devices will take full advantage of 802.11ac.
Therefore, the choke point in the network has moved up from wireless AP to the access and access uplinks. The access switch ports are moving to 1G. The access switch uplinks and backbone switch ports will need to move to 10G. Read More »
In my last blog I talked about the value of Pfr to the IWAN solution. This week I wanted to talk about DMVPN and why it is going to be a critical component of your IWAN deployment.
Your IWAN topology will most likely consist of one or more internet connections which means that your data will be traveling over untrusted connections and shared environments so security is going to be top of mind. So how do you secure your data over the internet and other untrusted or shared environments? Well DMVPN (Dynamic Multi-point Virtual Private Network) is based on VPN the same technology that many of you use today to securely connect back to your office when you are traveling or working from home. A VPN will create a tunnel between two end-points and then encrypt all data traveling over the tunnel. VPN’s can connect users to a remote site, client-to-site VPN, or connect two remote sites, site-to-site VPN. Unlike VPN, DMVPN can securely connect multiple points together dynamically.
So how does DMVPN work and what is the benefit to IWAN? DMVPN works on top of your WAN infrastructure which means that DMVPN tunnels will be established between branch sites as traffic flow demands. In a common hub and spoke topology example, when data needs to be sent from the spoke to the hub site, the spoke will establish a VPN tunnel to the hub by registering first with the hub. In order for each tunnel to function a new dynamic IP address is created at the branch since the hub site will initiate the connection. In order for data to be routed between sites over the DMVPN tunnels, routing information will need to be exchanged. As more tunnels are created there will be more dynamically created IP addresses and traditional routing protocols like BGP or EIGRP are used to efficiently share routing information so all sites can talk to each other. Lastly QoS is applied to each tunnel to ensure that the hub site does not oversubscribe the spoke sites.
Read More »
Tags: Cisco ISR, DMVPN, IWAN, PfR
We continue to see significant interest in the CSR 1000V as customers look for robust routing and VPN solution for securely connecting users and branch offices to the Cloud. Last week at the Amazon Web Services Summit in San Francisco Cisco announced a number of key enhancements to its Cloud Services Router (CSR) 1000V for AWS that increase throughput, reduce cost and make it easier for you to get support. These enhancements are explained in more detail below:
- Hourly billing on a pay-as-you-go basis reduce upfront costs and enable you to get started with minimal upfront costs. You can find out more at the CSR AWS Marketplace page which includes a 30-day free trial.
- Higher throughput of 100MB gives you faster access to your applications and data.
- Enhanced support to help you deploy and install the CSR. The new CSR AWS Community is an online community managed by Cisco TAC and CSR Product Management.
- Testing environment. Deploy and explore the value and benefits of the CSR1000V on the AWS cloud in a lab environment using the CSR AWS Test Drive Lab. The current CSR 1000V lab includes up to 4 hours of complimentary AWS server time for you to try and evaluate a live CSR.
Don’t forget that you can still try the CSR free for 60-days in AWS with the BYOL version. Visit www.cisco.com/go/csrtrial to get started. For those of you still deciding on how to move to the Cloud, I encourage you to read my last blog post where I talk about some of the key considerations you should take into account when making a decision. Lastly our technical marketing organization has put together a detailed video showing with 3 simple steps on how to deploy the CSR 1000V in Amazon Web Services. With all these support resources and free trials there is no excuse to not get started today!
Tags: Amazon Web Services, AWS, Cisco cloud Services Router, Cisco CSR, CSR 1000V, vpn
The Interop Las Vegas team chose April Fools’ as the day to announce the Best of Interop winners – a curious choice some may say. But, there was no fooling when the Interop team announced the Cisco ISR 4451-X Converged Branch Infrastructure for the Best of Interop Networking category.
Here is what judge Kurt Marko wrote about the solution:
“Convergence has been a persistent theme at Interop for several years, yet it’s typically been applied to data center infrastructure. With the ISR 4451-X branch office router platform, Cisco is … transforming a product line that began as a way to connect remote sites to corporate networks and the Internet into a small-scale data center in a box…a very small, 2U box. … The product’s innovative hardware design splits the control and data planes between two multi-core CPUs. … The 4451-X is poised to address the gap between networking functions that are fully virtualized and those that are still embedded in dedicated networking devices. While edge devices with varying degrees of virtualization have preceded it, Cisco has exploited its UCS expertise to meld the traditional networking features of its branch platform with a general-purpose compute engine, opening the door to levels of integration that allow a blurring of where computing ends and networking begins. As organizations transition to greater virtualization of applications and network services, as embodied by NFV, the 4451-X will facilitate the shift and could serve as a model for future converged hardware designs.”
It is great validation that industry experts like Kurt Marko and other Interop judges understood the importance of convergence in the branch with an architecture that delivers unprecedented compute and WAN service performance. This advancement in routing comes at a very important time, when the industry is quickly migrating to mobile-cloud architectures and preparing for the Internet of Things. Both trends have dramatically changed branch requirements and have raised the dependency on the network to support business operations. Read More »
Tags: best of interop, Cisco ISR 4451-x, Converged Branch Infrastructure, IWAN, Networking for IoT, winner
As part of our IWAN series I wanted to take a closer look into what trends are impacting the Service Providers. My previous blog talked about how Enterprises can use the CSR 1000V to migrate to the Cloud. This week I wanted to talk about how Service Providers are using the CSR to deliver services to their customers.
Historically Service Providers deliver services like routing, firewall and VPN to customers by installing multiple hardware products at the customer site. At the customer site the location where the customer and Service Providers network meet is referred to as the customer premise equipment or CPE. The hardware installed at the CPE is often specialized for different network functions, and the architecture and associated management systems are designed by the Service Provider. This approach provides reliable network services to business customers however it can become complex as more network services are added and it is not very flexible when it comes to adding new services. As a result when businesses demand more services or capacity, Service Providers can be slow to respond and will ultimately see an increased time-to-revenue.
Network Function Virtualization (NFV) aims to overcome these challenges by allowing network services to be moved, or instantiated, in various locations in the Service Provider network on demand and without the need for the installation of specialized hardware equipment. For NFV to work it requires industry vendors like Cisco to virtualize network functions like routers just like we did with the CSR 1000V. We took our IOS XE operating system from the Aggregation Services Router (ASR) 1000 which was already tried and tested in Service Providers networks and turned it into a virtual form factor that can be run on any off-the-shelf x86 server. Cisco has many more products that are in virtualized form factors and the list includes but is not limited to:
• Virtual Wide Area Application Services (vWAAS)
• Virtual Wireless LAN Controller (vWLC)
• Virtual Mobility Service Engine (vMSE)
• Virtual Security Gateway (VSG)
• Virtual Network Analysis Module (VNAM)
• Virtual Identity Services Engine (vISE)
• Virtual Adaptive Security Appliance (vASA)
• Nexus 1000v vSwitch (N1Kv)
The primary benefit of NFV is the ability to use the same data center equipment and management tools that Service Providers currently use for their internal networks to host and manage network functions for their customers. The new vCPE has a reduced hardware footprint, simplified infrastructure and requires less customization. Core network functionality shifts to the Service Provider network where the pooling of resources increases flexibility allowing them to deploy services faster and scale them according to customer demand.
The benefits to of NFV are significant, however the transition will take some time due to the complexity and size of Service Provider networks. Look out for more blog posts around NFV and the vCPE as I explore in more detail the challenges of moving to this new architecture. In the mean time I encourage you to download a new CSR case study about MiroNet AG, a Swiss Cloud and Infrastructure provider that is using the CSR to deliver new differentiated services to its existing customers while simultaneously attracting new customers.
Tags: CPE, CSR 1000V, IOS XE, NFV, vCPE