If you have a need to set up networking for a new satellite clinic, a bank branch, a retail store or any other branch site, you probably have a lot of pressure to do it fast. After all, branches are where business actions take place. Did you know that branch locations and users consume 70% ~ 90% of a typical company’s business resources? Anything you can do to speed up the deployment and to reduce resource consumption is a big plus for your company’s topline growth and bottom line savings. In this 5-part blog series, I will share with you how to do so easily with Cisco Prime Infrastructure. I’ll use weekly blogs to accomplish it, and here’s the plan.
Let’s get started right away. The first thing for any remote site networking is WAN connectivity. That’s our focus of this blog. Cisco Intelligent WAN (IWAN) solution is an ideal way to go that provides transport flexibility and intelligent path control, plus support for high performance applications and security. But first thing first. We need to think about how to bring a new branch router into production. Read More »
Tags: Application and Visibility Control, Cisco Performance Routing, Cisco Prime Infrastructure, Cisco Validated Design, DMVPN, IWAN, QoS
Security is hot topic on everyone’s mind and for IT it is a constant challenge to stay ahead of the latest threats and vulnerabilities that their organizations face on a daily basis. Take a quick look at the news and it won’t take you long to find an article talking about the latest cyber attack that resulted in the leak of personal data. So what can organizations and more specifically IT teams do to protect themselves from threats and vulnerabilities. Personally I don’t think you can protect yourselves from all threats and vulnerabilities. Cyber threats will continue to exist and cyber criminals will continue to develop increasingly sophisticated attacks to evade even the most robust security barriers. Even if you were to isolate your network from the internet an intruder could overcome your physical security and launch an attack from within your organization.
So what can you do to protect yourself? I view security as a way to reduce your exposure to threats and you should at a minimum make sure you have the appropriate security measures in place to reduce your exposure to threats and vulnerabilities. While you may never be able to stay one step ahead of cyber attacks you should be in a position to detects threats and be able to mitigate them as fast as possible to reduce your exposure.
Read More »
Tags: Advanced Malware Protection, AMP, Cloud web security, CWS, DMVPN, firewall, IDS, IPS, ISR 4000, ISR4k, IWAN, routers, security
These are just a few of the many questions that were asked on the webinar ‘How to Deliver Uncompromising Branch Application Performance‘:
- Would DMVPN also allow me to easily integrate networks using multiple MPLS providers?
- Is there a specific router model, IOS required for a PfRv3 branch controller and master controller?
- Can you explain how the direct spoke-to-spoke routing is accomplished when using DMVPN?
- Is using BGP with DMVPN scalable? Wouldn’t we have to define each neighbor?
Read More »
Tags: DMVPN, hybrid WAN, Intelligent WAN, ISR 4000, IWAN, PfRv3
A few weeks back, Gartner analyst Bjarne Munch stated, “Internet and MPLS play an equally important role for enterprise connectivity. Network planners must establish a unified WAN with strong integration between these two networks to avoid performance problems.”[i]
So, why should IT move to a hybrid WAN architecture? What are the benefits?
#1 – Control Costs
Growth in bandwidth demand is overwhelming customer networks, particularly at the branch. IP traffic is expected to grow three times over the next five years due to video, cloud applications, rich media and data center centralization. At the same time, Nemertes’ 2014 WAN Best Practices and Success Factors report states that 60% of IT WAN budgets will remain flat or decline in 2015. Read More »
Tags: Akamai Connect, AVC, DMVPN, Glue, hybrid WAN, Intelligent WAN, IWAN, LiveAction, PfRv3
Since DMVPN has been added to the CCIE v5 BluePrint (http://www.cisco.com/web/learning/exams/docs/ccieRS_Lab5.pdf) I figured that now was just as good of a time as any to write this blog.
DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks.
DMVPN is combination of the following technologies:
- Multipoint GRE (mGRE)
- Next-Hop Resolution Protocol (NHRP)
- Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
- Dynamic IPsec encryption
- Cisco Express Forwarding (CEF)
Topology that we will be starting with:
First thing will be to complete the base configurations on R1, R2 & R3. This will consist of configuring the IP addresses on the above interfaces and setting up the routing protocol to distribute the routes. In this case we will use EIGRP 123. Read More »
Tags: #ciscochampion, BGP, CCIE, DMVPN, EIGRP, OSPF