A New Services Aggregation Benchmark for the WAN and MAN Network
advertisement
A New Services Aggregation Benchmark for the WAN and MAN Network Services Aggregation Routers Flexible and Proven Architectures Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. 1 Agenda • Market Trends in Services Aggregation • Establishing New Services Aggregation Benchmark • New Product Details and Architectures Design Guidance • Summary Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2 Business Imperatives Drive Network Decisions Voice and Security Are Branch Office “Must Haves” Firewall Virus Protection IP Telephony IPSec VPN SSL VPN #1 #2 #3 Intrusion Prevention Systems Intrusion Detection Systems Yankee Group Research, Inc. 2005 Branch Spending Survey, December 2005 • Twice as many customers buy ISRs with security and IPC-enabled • At the head-end, 7200 Series is enabling customer migration to IP VPN and services deployment Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. 330,000+ Installed Business Resilience Services Enablement OpEx Reduction Cisco Confidential 3 Redefining the Role of the WAN Aggregation Router Integrated Services 48% 47% Integrated Security 22% 27% 31% VoIP Support Head-End Aggregation Requirements 21% 18% 24% IPv6 0% 20% Headquarters/Data Centers 2005, Infonetics Research, Inc. 40% Branch Offices • More branch offices • More branch applications and services • More bandwidth at lower cost Session Number Presentation_ID Router-Integrated Services Are Critical Across the WAN/MAN in Both the Branch and Headquarters 59% © 2006 Cisco Systems, Inc. All rights reserved. 60% 80% Remote Offices New Services Aggregation Benchmark • Cisco 7200 Series Router WAN/MAN services aggregation at higher speeds (OC-3, with GE support) • Continued investment and leadership with router-integrated services and solutions • Ability to readily adapt to new requirements Cisco Confidential 4 Announcing New Services Aggregation Benchmark with Most Widely Deployed Aggregation Router Cisco Delivers Integrated WAN and MAN Services Aggregation at OC-3 Speeds with a Unique Combination of Scalability, Price, Performance, and Flexibility in the Cisco 7200 Series Router • New Cisco 7200 Series Network Processing Engine — 2X performance increase for services • New Cisco 7200 Series VPN Services Adapter — 3X IPSec AES, 3DES performance increase for best-in-class, end to end integrated IPSec VPN • New Cisco 7200 Series Port Adapter Jacket Card — Up to 50% more bandwidth and slot capacity • New IOS Innovations - Cisco MPLS Diagnostics Expert and Secure IP Multicast • Cisco 7200 Series — New services aggregation requirements with industry’s most popular WAN aggregation platform. Without forklift upgrades Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5 New Flexible and Scalable Services Aggregation Increased Performance, Density, and Value Cisco 7200 VXR VPN Service Adapter Cisco 7200 VXR NPE-G2 - Reduce WAN costs with highperformance IPSec VPN - AES end to end for compliance Doubled support for services - WAN MAN Services Aggregation - Internet Gateway - Broadband Aggregation, etc Multicast Cisco® 7200 Series Services Aggregation Router Secure Multicast Cisco MPLS Diagnostics Expert - Reduce costs with secure IP Multicast natively; no overlay network - Cisco Network Management tool for MPLS networks - Simple GUI; 10–20X faster than manual MPLS troubleshooting Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco 7200 VXR Port Adaptor Jacket Card - Extends platform value & versatility - New level of throughput with highperformance port adapters Cisco Confidential 6 Cisco WAN Aggregation Solutions for Optimized IP Services Aggregation Tomorrow HQ Applications (ERP, CRM, etc.) • WAN/MAN is an extending services globally problem Critical factors: Cost/resilience/speed Security • Service Integration—Voice, video, wireless • Integrated architectural approach— IPSec/SSL VPN, MPLS VPN, Ethernet Cisco 7200 VXR Services Aggregation WAN/MAN WAN/VPN Aggregation Internet Gateway IP-to-IP Gateway Yesterday’s WAN/MAN • WAN/MAN was a transport problem • Critical factors: Cost Reliability Speed • Discrete architectural approach Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco ISR Branch Services Branch Users Cisco Confidential 7 Cisco 7200 Series Leadership Ongoing Innovation and Investment Protection 2006 and Beyond More Than 330,000 Units Installed Continuous Services Scalability Future Broadband NPE-G2 Security NPE-G1 HW Encryption MPLS PE NPE-400 IPS Voice VPN IP-to-IP Gateway Firewall Quality-of-Service SSL VPN Dynamic Intrusion Protection Control MPLS IPv6 Auto QoS Network Admission Control Optical Transport DMVPN Quality of Service Auto Secure Gigabit Ethernet Router and Security Device Manager Multiprotocol Security Session Number Presentation_ID Mobile Wireless Voice/BB/Others © 2006 Cisco Systems, Inc. All rights reserved. Continuous Performance Network Foundation Protection Services Innovation Industry Leadership Continues Optimized Services Aggregation at OC-3 NPE-225 Reliable with Proven Track Record NSE-1 NPE-300 Versatile and Flexible NPE-200 NPE-175 NPE-150 NPE-100 Cutting Edge SW and HW Innovations Investment Protection Leadership Performance Cisco Confidential 8 Cisco Enterprise Router Portfolio Best-in-Class Routing with Integrated Services Services Aggregation Routers Increased value with new products • Optimized services aggregation Services performance and scale NEW! Cisco® 7600/6500 Series • Substantial performance boost • Investment protection Cisco 7604 Router Cisco 7200 Series NPE-G2 Services aggregation up to OC-192; highest performance and scale Cisco 7304 Router VPN Service Adapter Services aggregation up to OC 48 Cisco 7200 Series (NPE-G1) Cisco 7301 Router Port Adapter Jacket Card Services aggregation up to OC-3/GE Cisco Integrated Services Routers Embedded services up to T3/E3 SP edge / Enterprise head office Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Branch, SMB, and teleworker Cisco Confidential 9 Cisco 7200 Series Router Services Integration Key Benefits vs. Overlay Services Reduced cost and simplified management with services integration • Simplified network management—reduces operating cost • Reduced training cost— standard platforms and common user interface among services • Simplified installation and maintenance—a single service contract Voice: IP-to-IP gateway Broadband aggregation vs. Cisco® 7200 Series Router Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. IPSec/SSL VPN, DMVPN, Easy VPN Voice, Video, and Application services QoS, Multicast, IP SLA, NBAR, etc. Routing, OER, IPv6, etc. Threat Defense, Trust & Identity Network Foundation Protection Cisco Confidential 10 Cisco 7200 Network Processing Engine NPE-G2 Double the performance for multiple services at OC-3 speeds with GE support Full Cisco IOS® Software feature support Performance for additional services: Full suite of MPLS and L2/L3 VPN features Secure VPN connectivity: Site-to-site and remote access Trust and identity: Network Admission Control NEW! Network foundation protection: Control plane policing, NBAR, Cisco® AutoSecure Voice gateway/IP-to-IP gateway functions Threat defense: Firewall, IPS, & NetFlow Three built-in GE ports, one FE port, and USB ports; SFP support Default 1-GB SDRAM and 256-MB Flash Availability: May 2006 Suggested List: $19,000 Investment Protection─ Extend Value of Installed Chassis Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11 Cisco 7200 VPN Services Adapter (VSA) Up to 3X performance improvement with VSA and NPE-G2 NEW! Performance and scalability to fill OC-3 aggregation WAN pipe IPSec hardware acceleration module Increased performance to support large-scale IPSec aggregation architectures Cisco IOS® Software Secure VPN Connectivity: Easy VPN, V3PN, DMVPN, 3DES, AES (128, 192, and 256 bit key encryption) Multi-Virtual Route Forwarding (Multi-VRF) to connect central site to branches with segmentation IPSec Virtual Tunnel Interface (VTI) for simplified VPN design and configuration Requires: NPE-G2 Availability: 2H CY’06 VSA NTE: $15,000 VSA Utilizes I/O Slot and Frees Up Valuable Bandwidth and Slot Real Estate for Other Connectivity Needs Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12 Cisco 7200 Port Adapter Jacket Card Increases Cisco® 7200 Series Router chassis versatility and value, and protects investment NEW! Adds 50% more PA slot capacity 50% increase in bandwidth on the existing chassis without forklift Enables new level of throughput with high-performance PAs: PA-MC-2T3+, PA-MC-STM-1SMI, PA-MC-STM-1MM, PA-POS-2OC3, SA-VAM2+, and SA-VAM2 (with NPE-G1 only) Requires: NPE-G1/G2 Availability: NOW Suggested list: $1,250 I/O slot with PA Jacket Card can now be used for adding a 7th Port Adapter Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13 Cisco Services Aggregation Architectures Deploying New 7200 Series Products Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14 Cisco Services Aggregation Architectures Best Practices for Deploying New Products and Services Proven Scalable Architectures • Decrease deployment times • Help customers get it done right the first time • Reduce design overhead • Reduce costs as efficiencies increase • Build technical expertise, helping to strengthen customer relationships Best-Practices from Cisco 7200 Series Customer Deployments Validated in the Industry’s Most Comprehensive Solution Labs Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15 Deploying Cisco SONA Building an Intelligent Information Network in the Enterprise Application Protocol Optimization Business Value Networked Infrastructure Virtualization Virtualization • Improved IT utilization • Improves efficiency of networked assets • Increased network availability and security • Reduced TCO Network-Based Common Services Delivery Infrastructure Services • Security, storage mobility, voice/ collaboration, compute, identity • Enterprise-wide network franchises Application Services • App integration, delivery, scale, and performance • Application rewrite avoidance • Integrated with networked infrastructure Business Process Integration Application Delivery • Improved application performance and throughput and user response time • Reduced operations and capital costs • Integrate IT to business process • IT driven value adapted to changes in business process • Increased network application “fluency” • Decreased customization requirements • Reduced application and processintegration costs • The network as the platform Differentiation Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16 Cisco Enterprise Services Aggregation Solutions: Flexibility and Deployment Choices • Validated designs based on customer experience and bestpractices Enterprise WAN/MAN Technologies Relative Adoption & Trends Encrypted Layer 2 Connectivity (Frame Relay, ATM, etc) IP VPN (Service Provider Managed MPLS) IPSec VPN (Internet) Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Multi-VRF Self-Deployed MPLS VPN • Use strong encryption (AES) to meet industry regulations and privacy standards SP-m anaged MPLS VPN • Migrate using your existing network IPSec VPN Self-Deployed MPLS VPN Segmentation Private Circuits Multi-VRF Segmentation (Virtual Route Forwarding) Cisco Confidential 17 The Value of an Architectures Approach Secure Connectivity and Services Leadership Infrastructure Voice, Video & Application Support Secure, Toll Quality Services INTERACTIVE SERVICES LAYER Security Secure VPN connectivity Threat Defense Trust and identity Network Foundation Protection NetOps and SecOps Cisco® 7200 Series Management Services Aggregation Router NETWORKED INFRASTRUCTURE LAYER IPSec VPN Session Number Presentation_ID Services Aggregation Architectures Voice, Video, Data (V3PN) Dynamic Multipoint VPN Secure Multicast IP-to-IP Gateway RSVP Network Instrumentation Multi-VRF (Internet) (Virtual Route Forwarding) Encrypted Private Circuits MPLS VPN (Frame Relay, ATM, etc.) SP managed or Self-Deployed Secure connectivity with public and private IP networks Convergence and resilience at lower cost Strong encryption for information privacy Protect assets via separation Consolidate networks and reduce cost Ensure information privacy / compliance Deploy new services and sites faster © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18 Cisco IOS Secure Multicast Securing Business Intelligence • First in the industry to offer native IP Multicast encryption Performs and scales well beyond existing tunnel-based solutions Combines with industry-leading routing features • New approach Finance Stock Trading Stock Quotes Enterprise Video Conferencing Corporate Communications DB Replication Surveillance Security Childcare Industry standard encryption techniques Entertainment New group keying mechanism Video Games Animatronics Seamlessly integrates with mVPN • Developed to overcome the current inefficiencies and inflexibility facing IP Multicast security today Session Number Presentation_ID Cisco, First to Market—Secure Multicast © 2006 Cisco Systems, Inc. All rights reserved. Information Sharing e-Learning Software Distribution Media Internet Audio (Live) Video On-Demand Cisco Confidential 19 Maximizing Integrated Services Through Network Management Holistic View of Network Service Deployment and Operations Operational Pressures • Simplify service deployment with Cisco Router and Security Device Manager (SDM) • Ease network management and administration with tools like MPLS Diagnostics Expert • Reduce risks with embedded IOS IP Service Level Agreement Business Pressures • Enable services and applications • Enforce corporate compliance with new VPN Services Adapter • Improve reliability and performance with new Network Processing Engine-G2 Prepare Plan Align Resources and Services to Business Objectives Confidence to Safely Optimize Change/Deploy New Services Design Improved Operational Efficiencies via Automation, Integration, and Simplification Business Service Flexibility Through Greater Network Control and Visibility Operate Implement New Products + Tools + Services Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20 Simplifying MPLS Network Management Cisco MPLS Diagnostics Expert New! “Cisco MDE is 10-20x faster than manual troubleshooting” Miercom • Uses Cisco®-unique failure knowledgebase to troubleshoot MPLS networks • Empowers NOC Helpdesk operators to diagnose in minutes a range of complex MPLS outages • Improves responsiveness to customer issues and increases network availability • Drives greater customer satisfaction, increases revenues and profitability Simple GUI tells network admin Where problem is, What is causing the problem…and Recommends Corrective Action … ~100 potential failure scenarios checked Automatically—repeatable process Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21 Customer Deployment Example Wachovia Corporation • Goal Support convergence of data, voice and video Improve reliability of automated teller machine (ATM) network Retire aging protocols to reduce network deployment and management costs • Solution Cisco 7206 VXR routers and Cisco 12000 Series routers Cisco Catalyst® 6509 switches A mix of Cisco 1700, 2600, 2800, 3600, and 3700 series routers • Results Transitioned from Systems Network Architecture (SNA), data link switching (DLS), and other protocols to IP Reduced ATM network-related outages by 50 percent Built architecture for successful convergence of data, voice, and video Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. “The Cisco 7206 VXR routers fulfilled their initial purpose and have allowed us to now use them to take on new tasks. We left them right where they were connected, added new features, and implemented the IP SLA capability and VoIP gatekeeper features in Cisco IOS® Software. It saved us millions of dollars in new deployments.” John Burns Vice President of Network Services, Wachovia Cisco Confidential 22 Summary • Establishes a new benchmark for resilient Services Aggregation across the WAN and MAN • Innovative architecture enables Services Aggregation scalability, performance, and density with a proven and familiar platform • Maximum investment protection • Leadership with validated design guidance and best practices for Services Aggregation architectures Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23 Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24 Migration Path to New 7200 VXR Solutions Performance and Services Density Cisco 7200VXR Series with NPE-G2, NPE-G1 Cisco 7200 Series VPN Service Adapter 7200VXR Services Aggregation Series Easy To Upgrade & Deploy VSA NPE-G1 Migrate at your pace Mix & match new & old NPE-G2 Full IOS feature support Cisco 7200 with NPE-400, NPE-225, NPE-300*, NSE-1* etc. Cisco 7200 Series VPN Acceleration Module Complementary feature set with 7200 VXR Investment Protection SA-VAM 2+ NPE-400, 225, etc SA-VAM* Software support for five years after last sale SA-VAM 2* * End of Sale Session Number Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25 HCM CRM ERP Procurement SCM Business Applications Instant Messaging Unified Messaging Meeting Place IPCC IP Phone Video Delivery Collaboration Applications Cisco Offerings Middleware and Application Platforms Application Services Application DeliveryNetworking Application-Oriented Networking Services Virtualization Services Management Interactive Services Layer Advanced Analytics and Decision Support Security Services Infrastructure Services Mobility Services Storage Services Voice and Collaboration Services Compute Services Identity Services Network Infrastructure Virtualization Networked Infrastructure Layer Infrastructure Management Session Number Presentation_ID Campus Branch Server © 2006 Cisco Systems, Inc. All rights reserved. Data Center Enterprise Edge Storage WAN/MAN Adaptive Mgmt Services Application Layer PLM Collaboration Layer Cisco Service-Oriented Network Architecture (SONA) Framework Teleworker Clients Cisco Confidential 26
