The intelligence of the next generation Cisco IT network fabric (called Extended Enterprise Network or E2N) is defined as dynamic, aware, secure, programmable, agile, manageable, automated, and policy-based. The new network architecture is pervasive, non-segmented, non-fragmented, and non-location specific. Identity is becoming the new corporate perimeter, and network data is becoming big data. As the internet becomes the internet of everything, device proliferation is exploding, and work is becoming not a location, but a human function. Client server architecture has transitioned from a client–server model to an increasingly mobile and cloud based paradigm. And today video is becoming part of the baseline productivity tools - essentially the new audio. New realities are changing the nature of network management, and Cisco IT’s strategic direction is to address them by implementing the Cisco Prime Framework as the foundation of the new network.
Cisco employees are moving towards a mobile collaborative office environment – within the workplace. We sit where we like and log into the nearest phone, using extension mobility. But when we traveled to different Cisco offices around the world, we couldn’t log in to the Cisco IP phone: extension mobility only worked at certain limited locations within our home region.
Now, employee phones can essentially follow them to any Cisco office worldwide because Cisco IT deployed the Extension Mobility Cross Cluster (EMCC) feature on Cisco Unified Communications Manager (Cisco UCM).
Understanding future demands on the network are instrumental in developing a robust and scalable network architecture. As seen below, projected growth in mobile, video, and IP traffic is staggering. Read More »
Last year on World IPv6 Day, Cisco brought up IPv6 on Alpha for 24-hours. Now on June 6, 2012, Cisco will participate in the World IPv6 Launch with www.cisco.com. Here are some important points about the upcoming launch:
• During this production launch, Website Operators, Network Operators and Home Router vendors will offer content over IPv6 for their production service (e.g. www.example.com).
• This is a “turn it on, leave it on” event.
• We will advertise an IPv6 DNS record for www.cisco.com to make www.cisco.com IPv6 permanently accessible to the world.
• 1000+ participating companies are participating in this event.
• Several cross functional Cisco groups participating including IT, Services and Engineering:
This is an important event for Cisco to participate in because it gives us the opportunity to enable our Enterprise with a very important Infrastructure capability as well as learn valuable lessons that can be shared with our peers, customers and internally to Engineering and Services. IPv6 is critical to the Internet’s continued growth as a platform for innovation and economic development.
We have a strong Cisco-on-Cisco message for June 6. Cisco is using many of our own technologies end-to-end for the World IPv6 Launch. Nexus 5k/7k, ASR, GSS, ACE30, Catalyst Switches, ASA and Netflow v9 to name a few.
The ACE30 is a key capability for making www.cisco.com IPv6 accessible for the World IPv6 Launch. We’re using the ACE30 to proxy IPv6 user traffic to our IPv4-only web servers.
We’ve been diligently preparing for June 6. Here are the key IPv6 projects allowing Cisco to successfully participate in the World IPv6 Launch:
1. The IPv6 Core Project -- Focused on the foundations of our network and deploying the IPv6 core regional tunnel head-ends and dual stacking CAPNet. This means the entire network is ready to support both IPv4 and IPv6 protocols. To-date, major milestones have been achieved including fully enabling IPv6 from Bangalore to San Jose and San Jose to Richardson IPv6 deployment.
2. The IPv6 DMZ Project – (1) Enabled IPv6 in the Richardson DMZ in order to support the World IPv6 Launch on June 6, 2012. (2) Enabled IPv6 for the Core DMZ in San Jose to support the Campus/Branch User internet access. (3) Make all 15 Cisco DMZs (transit and non-transit) IPv6-capable globally in FY12, including San Jose, Amsterdam, Bangalore, Allen, Richardson, Hong Kong, Raleigh, Singapore, Sydney, Tokyo, Boxborough, Johannesburg, Shanghai, Tel Aviv, and Vancouver.
3. The IPv6 Data Center Project – Ensures all Cisco Data Centers are IPv6 capable. The immediate goal is to ensure the data center in Richardson (Texas), running www.cisco.com, is capable to support the World IPv6 Launch.
I’m excited about the great work our team has achieved to get IPv6 launched globally.
World IPv6 Launch is just around the corner. By June 6, 2012, web companies, major ISPs, and home networking equipment manufacturers are coming together to permanently enable IPv6 for their products and services. Cisco is among them, participating in this global IPv6 launch both as a website operator and leading network solutions provider. As a web company, we’ll be making www.cisco.com permanently IPv6 accessible starting on June 6. Here’s a view into how Cisco IT has been preparing our IPv6 web presence.
The enterprise journey toward IPv6 started almost a decade ago, and the focus on our web presence started a couple of years ago when the Cisco IT team built a small-scale, parallel IPv6 environment in a sandbox network that was used to host static content. We used the domain name www.ipv6.cisco.com, knowing that few people would visit the site. It gave us a chance to get our feet wet with IPv6 while minimizing the risk should something go wrong.
Fast forward to June 8, 2011 and World IPv6 Day when many website operators globally enabled IPv6 access to their production sites and services as part of a 24-hour “test run.” Cisco made www.cisco.com IPv6 accessible on that day. The outcome was a success, and gave all the participants confidence that IPv6 was truly production ready. World IPv6 Day was also a valuable learning opportunity for Cisco IT to better understand what it would take to permanently IPv6-enable our website.
In the year since that test run, our focus has been on preparing for the World IPv6 Launch. The big difference in planning for this launch stems from “the turn it on and leave it on” objective. To leave IPv6 on permanently demands production quality, and production quality demands readiness. Readiness started for us several months ago when we first sought support for World IPv6 Launch from IT and business leaders. Based on our experiences with World IPv6 Day, we knew that planning and delivery would require collaboration across most of the IT organization. So the first step was buy-in at the CIO level to help ensure that all needed teams were at the table.
Next, we turned our attention toward architecture and design. Our primary goals were to:
- Leverage the existing production network infrastructure investment and avoid costs of parallel networks.
- Ensure production quality and the ability to maintain service levels for www.cisco.com.
The design we chose centers on a reverse proxy model using the Cisco Application Control Engine (ACE). Incoming IPv6 sessions are proxied by the ACE to the existing web tier using IPv4. The network upstream of the ACE is dual stacked, including existing ISP connections.
With the design in place, our attention shifted to network hardware, software, service provider, and application readiness. We performed an assessment using the IPv6 Device Readiness Assessment service to determine whether existing devices in our DMZ and data center networks were capable of supporting IPv6. The assessment showed that existing hardware was capable of supporting IPv6, but software upgrades were required on some platforms. In parallel, we assessed our ISP partners and their ability to dual stack existing connections, as well as our content delivery network provider’s ability to accelerate content delivery for www.cisco.com over IPv6. Based on our experience with World IPv6 Day, we felt comfortable that existing applications and services residing behind the www.cisco.com domain name were compatible with IPv6. The only application that required slight modification was our web analytics system that tracks site usage for www.cisco.com and uses source IP address as a data point. We found that the system vendor supported IPv6 in the product, and we made minor configuration changes to accommodate IPv6 source addresses.
Operational readiness followed, which is a critical stage given the need to maintain production levels of service. With service assurance being top of mind, we enhanced our network management systems to support network, device, and application monitoring over IPv6. We also put together a training program to ensure that everyone, from the front line help desk to network engineers, had the IPv6 knowledge and skills appropriate for their role.
And finally we reached system-level testing, which is where we’re at today. End-to-end testing is under way with QA engineers performing functional and performance checks. Our last test will be a “final practice run” when we temporarily advertise an AAAA DNS record for a couple of hours and validate that everything works end to end in our production environment, including our content delivery network and ISP services.
Next stop? June 6, 2012 00:00 UTC.