Cisco Blogs


Cisco Blog > Data Center

Network Services Headers (NSH): Creating a Service Plane for Cloud Networks

In the past, we have pointed out that configuring network services and security policies into an application network has traditionally been the most complex, tedious and time-consuming aspect of deploying new applications. For a data center or cloud provider to stand up applications in minutes and not days, easily configuring the right service nodes (e.g. a load balancer or firewall), with the right application and security policies, to support the specific workload requirements, independent of location in the network is a clear obstacle that has to be overcome.

Let’s say, for example, you have a world-beating best-in-class firewall positioned in some rack of your data center. You also have two workloads that need to be separated according to security policies implemented on this firewall on other servers a few hops away. The network and security teams have traditionally had a few challenges to address:

  1. If traffic from workload1 to workload2 needs to go through a firewall, how do you route traffic properly, considering the workloads don’t themselves have visibility to the specifics of the firewalls they need to work with. Traffic routing of this nature can be implemented in the network through the use of VLAN’s and policy-based routing techniques, but this is not scalable to hundreds or thousands of applications, is tedious to manage, limits workload mobility, and makes the whole infrastructure more error-prone and brittle.
  2. The physical location of the firewall or network service largely determines the topology of the network, and have historically restricted where workloads could be placed. But modern data center and cloud networks need to be able to provide required services and policies independent of where the workloads are placed, on this rack or that, on-premises or in the cloud.

Whereas physical firewalls might have been incorporated into an application network through VLAN stitching, there are a number of other protocols and techniques that generally have to be used with other network services to include them in an application deployment, such as Source NAT for application delivery controllers, or WCCP for WAN optimization. The complexity of configuring services for a single application deployment thus increases measurably.

Read More »

Tags: , , , , , ,

Cisco SPotlight Series – The Year Ahead in Mobility

To address many questions about mobility, I am delighted to share with you our point-of-view through our “Cisco SPotlight Series,” an ongoing course of videos in which we answer questions and provide commentary on many hot topics in the service provider industry.

In this latest video, I reveal what mobile operators and their customers, including enterprises and end-users, can expect in 2015 as mobile Internet networks are increasingly becoming virtualized, and virtualization is increasingly becoming networked. Read More »

Tags: , , , , , , ,

Developing Products and Solutions in the 21st Century

On November 3rd, 2014 at the Software Defined Network-Multiprotocol label Switching SDN-MPLS (Software Defined Networking-Multiprotocol Label Switching) Conference in Washington D.C: I moderated a stellar panel titled, “Developing Products and Services in the 21st Century.”

Quite a few of the attendees represented Service Providers; with a few attendees from the Public Sector and vendor communities.

In framing up the discussion, I had proposed the following provocative abstract:

Read More »

Tags: , , , , , , , , ,

Take 2: Is Your WLAN Ready for Unified Communications and Collaboration?

In the previous blog, we covered details about Cisco AVC enhancements with AireOS 7.6 that allow you to classify various collaboration applications such as Cisco Jabber™, Cisco WebEx®, Microsoft Office 365, Microsoft Lync, and Microsoft Skype. Many customers have deployed voice-over-WLAN in mission-critical environments. The goal in this blog is to walk you through the collaboration specific enhancements implemented since then, that enable customers to get a great experience when supporting Microsoft Lync over Cisco WLAN.

Timeline

The above picture shows the timeline for various AVC, policy and Lync enhancements. The crucial updates since AireOS 7.6 are:

Tags: , , , , , ,

Pathway to a Cloud-Ready Wide-Area Network (WAN)

Tighter Planning Cycles for Greater Efficiency with the Evolved Services Platform

In the global geography of telecom, wide-area networks (WAN) are oceans of uncertainty. Resource-constrained and multivendor, WANs produce delays and outages in far-flung and sometimes remote areas, posing a special set of issues that are distinct from those we see in data centers and access networks.

WAN bandwidth is the most expensive bandwidth in the network and failure impacts are large. WANs bear the brunt of traffic growth with a very tricky calculus: underbuild your WAN and jeopardize your brand, but overbuild it and spend your way into oblivion.

Greater Predictability through Ever-Shortening Planning Cycles

To keep pace with these conundrums, you need sophisticated modeling and planning tools, which naturally evolved—in the case of the WAN Automation Engine (WAE)—into an ever-tightening loop of planning, building, and measuring, eventually encompassing SDN.

Longer planning cycles inevitably means over-engineering, over-building and over-hiring. With the Evolved Services Platform’s (ESP) Orchestration Engine, Cisco is shrinking these cycles, and thus reducing the uncertainties that lead to inefficiencies.

Last week I discussed the Orchestration Engine of the ESP in terms of how different components fit in individual domains. Let’s see how to use this framework to plan, engineer, and ultimately automate the WAN to make it cloud-ready.

1

As the Process Becomes More Automated, a Shrinking Planning Cycle Brings Huge Efficiencies.

The cycle progressively shortens, from years to months, and eventually (with automated, programmable networking) to continuous changes. As this process moves from manual to automated, the network becomes more predictable.

But Why is this Happening Now? Read More »

Tags: , , , , , ,