In my last blog I talked about the value of Pfr to the IWAN solution. This week I wanted to talk about DMVPN and why it is going to be a critical component of your IWAN deployment.
Your IWAN topology will most likely consist of one or more internet connections which means that your data will be traveling over untrusted connections and shared environments so security is going to be top of mind. So how do you secure your data over the internet and other untrusted or shared environments? Well DMVPN (Dynamic Multi-point Virtual Private Network) is based on VPN the same technology that many of you use today to securely connect back to your office when you are traveling or working from home. A VPN will create a tunnel between two end-points and then encrypt all data traveling over the tunnel. VPN’s can connect users to a remote site, client-to-site VPN, or connect two remote sites, site-to-site VPN. Unlike VPN, DMVPN can securely connect multiple points together dynamically.
So how does DMVPN work and what is the benefit to IWAN? DMVPN works on top of your WAN infrastructure which means that DMVPN tunnels will be established between branch sites as traffic flow demands. In a common hub and spoke topology example, when data needs to be sent from the spoke to the hub site, the spoke will establish a VPN tunnel to the hub by registering first with the hub. In order for each tunnel to function a new dynamic IP address is created at the branch since the hub site will initiate the connection. In order for data to be routed between sites over the DMVPN tunnels, routing information will need to be exchanged. As more tunnels are created there will be more dynamically created IP addresses and traditional routing protocols like BGP or EIGRP are used to efficiently share routing information so all sites can talk to each other. Lastly QoS is applied to each tunnel to ensure that the hub site does not oversubscribe the spoke sites.
Read More »
Tags: Cisco ISR, DMVPN, IWAN, PfR
#CiscoChampion Radio is a podcast series by Cisco Champions as technologists, hosted by Cisco’s Amy Lewis (@CommsNinja). This week we’re talking about Intelligent WAN (IWAN) with guest moderator, Cisco’s Lauren Friedman (@lauren)
Listen to the Podcast
Cisco Subject Matter Expert: Hugo Vliegen, Director of Technical Marketing
How IWAN benefits business
IWAN and Security
IWAN monitoring and configuration management
Levels of IWAN
How IWAN related to ACI Read More »
Tags: #CiscoChampionRadio, Cisco Intelligent WAN, Cisco iWAN, IWAN
The Interop Las Vegas team chose April Fools’ as the day to announce the Best of Interop winners – a curious choice some may say. But, there was no fooling when the Interop team announced the Cisco ISR 4451-X Converged Branch Infrastructure for the Best of Interop Networking category.
Here is what judge Kurt Marko wrote about the solution:
“Convergence has been a persistent theme at Interop for several years, yet it’s typically been applied to data center infrastructure. With the ISR 4451-X branch office router platform, Cisco is … transforming a product line that began as a way to connect remote sites to corporate networks and the Internet into a small-scale data center in a box…a very small, 2U box. … The product’s innovative hardware design splits the control and data planes between two multi-core CPUs. … The 4451-X is poised to address the gap between networking functions that are fully virtualized and those that are still embedded in dedicated networking devices. While edge devices with varying degrees of virtualization have preceded it, Cisco has exploited its UCS expertise to meld the traditional networking features of its branch platform with a general-purpose compute engine, opening the door to levels of integration that allow a blurring of where computing ends and networking begins. As organizations transition to greater virtualization of applications and network services, as embodied by NFV, the 4451-X will facilitate the shift and could serve as a model for future converged hardware designs.”
It is great validation that industry experts like Kurt Marko and other Interop judges understood the importance of convergence in the branch with an architecture that delivers unprecedented compute and WAN service performance. This advancement in routing comes at a very important time, when the industry is quickly migrating to mobile-cloud architectures and preparing for the Internet of Things. Both trends have dramatically changed branch requirements and have raised the dependency on the network to support business operations. Read More »
Tags: best of interop, Cisco ISR 4451-x, Converged Branch Infrastructure, IWAN, Networking for IoT, winner
When customers ask me why they should care about hybrid networks,
I ask them the following questions.
- Did the number of mobile devices in your enterprise increase?
- Did the number of applications on your datacenter increase?
- Do your employees and guests expect to stay continuously connected while in the office?
If the answer is yes to any of the above questions, you may need more bandwidth! If you want more bandwidth without a major increase in your OPEX, then you should consider hybrid networks.
Read More »
Tags: free webinar, hybrid networks, hybrid WAN, IWAN, IWAN Wednesday, PfR, PfRv3
For the last 3 weeks, my colleagues have written on the topic of IWAN and its various components. Ido wrote about the basics (and more) about IWAN, Kiran on how to get twice the bandwidth with PfR, and Hector on how Glue Networks improves the IWAN experience for IT. As the name suggests, the ‘WAN’ in Intelligent WAN is a very important element but we can’t forget why we need an intelligent WAN – the branch or store that sits on the other side. It’s the place where 80% of employees of enterprises reside and where content explosion is happening with cloud applications, video training, and other business applications need to be delivered to. So it would be an understatement to say the branch architecture and how applications are delivered and hosted is important.
Read More »
Tags: Cisco Router, ISR, IWAN, IWAN Wed, IWAN Wednesday, UCS-E Series