Cisco Blogs


Cisco Blog > Enterprise Networks

IWAN Wed: Securing Your Transport Independence with DMVPN

In my last blog I talked about the value of Pfr to the IWAN solution. This week I wanted to talk about DMVPN and why it is going to be a critical component of your IWAN deployment.

Your IWAN topology will most likely consist of one or more internet connections which means that your data will be traveling over untrusted connections and shared environments so security is going to be top of mind. So how do you secure your data over the internet and other untrusted or shared environments? Well DMVPN (Dynamic Multi-point Virtual Private Network) is based on VPN the same technology that many of you use today to securely connect back to your office when you are traveling or working from home. A VPN will create a tunnel between two end-points and then encrypt all data traveling over the tunnel. VPN’s can connect users to a remote site, client-to-site VPN, or connect two remote sites, site-to-site VPN. Unlike VPN, DMVPN can securely connect multiple points together dynamically.

DMVPNSo how does DMVPN work and what is the benefit to IWAN?  DMVPN works on top of your WAN infrastructure which means that DMVPN tunnels will be established between branch sites as traffic flow demands. In a common hub and spoke topology example, when data needs to be sent from the spoke to the hub site, the spoke will establish a VPN tunnel to the hub by registering first with the hub.  In order for each tunnel to function a new dynamic IP address is created at the branch since the hub site will initiate the connection. In order for data to be routed between sites over the DMVPN tunnels, routing information will need to be exchanged. As more tunnels are created there will be more dynamically created IP addresses and traditional routing protocols like BGP or EIGRP are used to efficiently share routing information so all sites can talk to each other. Lastly QoS is applied to each tunnel to ensure that the hub site does not oversubscribe the spoke sites.

Read More »

Tags: , , ,

Why Should I Care About Hybrid Networking?

When customers ask me why they should care about hybrid networks,

I ask them the following questions.

  • Did the number of mobile devices in your enterprise increase?
  • Did the number of applications on your datacenter increase?
  • Do your employees and guests expect to stay continuously connected while in the office?

If the answer is yes to any of the above questions, you may need more bandwidth! If you want more bandwidth without a major increase in your OPEX, then you should consider hybrid networks.

Read More »

Tags: , , , , , ,

IWAN Wed: What is Intelligent WAN?

Imagine that you have several branch offices that are using WAN demanding applications like Salesforce.com, Office 365, Virtual Desktops, Video Teleconferencing and more.  You are using those expensive MPLS/VPN WAN connections as you don’t want to risk it and probably because when you started to work there it was already there and … why mess around with something that is working, right?  Normally I would agree with that but when IT budgets are shrinking and the network needs to step up and support those business critical apps, there is no other way but to innovate.

At any given time your network carries information from LAN to WAN and vice versa, some is important and some is less important. In many cases as a network admin you don’t have the visibility to distinguish between them, so what do you do when those critical apps are starting to act up? Usually the answer will be to buy more WAN bandwidth and that will give the apps and the user experience behind them some breathing space. But all you’re doing is buying time.  Buying time never solves the problem because you will need to treat the symptoms again in a few weeks or months.

However, you can solve the problem and not just treat the symptoms using Cisco Intelligent WAN or IWAN for short.

Read More »

Tags: , , , , , , , , ,

IWAN Wed: Get 2X Bandwidth with PfR

AN33345As part of our IWAN series, I wanted to provide a deeper dive into PfR. Why PfR? It is a fundamental feature that helps customers protect critical apps while increasing bandwidth utilization. I think it is fair to say, every organization can benefit tremendously from this powerful capability.

PfR or Performance Routing is a feature that complements traditional IP routing protocols by adding application intelligence when making routing decisions. Why do we need application intelligence? Routers forward data packets based on their routing tables which are built using dynamic routing protocols such as RIP and OSPF to calculate the shortest path to the destination for the data packets. RIP and OSPF do not look into data packets to determine the type of application they belong to when making routing decisions. As a result if the application is time sensitive like voice over IP (VOIP) or bandwidth intensive like a file backup data packets are treated with the same priority and will be sent over the same route until they reach their destination. This can create problems if you have a single WAN link since a file backup could consume all bandwidth preventing voice packets from passing in a timely manner and impacting the quality of the voice call. QoS or Quality of Service can help to prioritize data on a single link but you may ultimately need more bandwidth.

Read More »

Tags: , , ,

IWAN Wed: How Glue Networks Improves the IWAN Experience with PfR

Network optimization is a touchy subject for many in the IT world, and a particularly thorny issue for the Wide Area Network (WAN). The idea that the network architecture as designed cannot meet the needs of tomorrow is the cause of much discussion, anxiety and in some cases, gnashing of teeth. However, the reality is that the rate of change of applications and ways the WAN is utilized is accelerating, and the methods of designing, testing, implementing and troubleshooting of today are not keeping pace. In addition, traditional services offered throughout the WAN only offer a partial view of the capabilities of what may be available.

Read More »

Tags: , , , , , , , ,