DNA Intelligent WAN Campus Day

Intelligent WAN ArchitectureEnabling the Digital Enterprise

Steven Wood – Principal Engineer, Architect - IWAN

• Business Drivers and Outcomes• IWAN Architecture Overview• Orchestration & Automation• Product Portfolio• Closing

Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

Enterprise WAN - What’s Going on?• WAN bandwidth needs are growing!

• Increasing use of Cloud, BYOD/IOE and Videodriving increased traffic

• The Data Center is Exploding• Private DC -> Hybrid Cloud

• It’s all about Application Delivery

• IT budgets flat or declining• Transport/bandwidth costs are majority of WAN budget

• These trends are driving WAN modernization• Lower cost transports – Internet, LTE, Carrier Ethernet• Cloud Endpoints, Security, Threat Protection • Application performance monitoring and optimization• Fast IT Delivery Models

• Software Defined WAN

Is Your NetworkReady?

3


What is Software Defined WAN?

Device discovery, provisioning,registration

Automated configuration “no hands on keyboard”

DevOps/NetOps aligned

Network wide context and state access

Common controller for physical & virtual devices

Business & Application Policy driven

Integrated Monitoring

Network Function Virtualization

Application Aware Network


Why are enterprises thinking about SD-WAN?

Of IT budgets spent on WAN Connectivity

58%

of Apps accessed via Internet

50%

Cite poor application performance and latency as

corporate WAN concern

48.6%

Cite management of connectivity at branch as a

challenge

32.4%

Source: IDC Worldwide SD-WAN Survey Special Report (May 2016) 5


Cisco Digital Network Architecture

AutomationAbstraction & Policy Control

from Core to Edge

Open & Programmable | Standards-Based

Open APIs | Developers Environment

Cloud Service ManagementPolicy | Orchestration

VirtualizationPhysical & Virtual Infrastructure | App Hosting

AnalyticsNetwork Data,

Contextual Insights

Insights & Experiences

Automation& Assurance

Security & Compliance

Network-Enabled Applications

Cloud Enabled | Software Delivered

Principles


AutomationAbstraction and Policy

Control from Core to Edge

Open and Programmable | Standards-Based

Open APIs | Developers Environment

Cloud Service ManagementPolicy | Orchestration

VirtualizationPhysical and Virtual Infrastructure | App Hosting

AnalyticsNetwork Data,

Contextual Insights

Network-enabled Applications

Cloud-enabled | Software-delivered

Cisco DNA – How IWAN Fits

VirtualizationNetwork OverlaysEnterprise NFVService Virtualization

APIC-EMIWAN SD-WAN OrchestrationIWAN App for APIC-EMCampus Access AutomationNetconf & Yang Model supportREST API access

DNA-Assurance

Streaming Data collection; Netflow; SNMP; Syslog, othersScalable processing and analyticsAssurance and Debug Applications

DNA-Center

Landing Point for Cisco ServicesSecurityIWANCampusWirelessAssurance

Cloud Ready NetworkHybrid cloud Access – SaaS/IaaS/vPCCloud-based Network Controller


Internet as part of a Hybrid Enterprise WAN

Commodity Transports Viable Now

Dramatic Bandwidth, Price Performance Benefits

Higher Network Availability

Improved Application Performance

8


Intelligent WAN (IWAN)Optimized Hybrid WAN with Direct Cloud Access

OptimizedHybrid WAN

Branch

Direct CloudAccess

PrivateCloud

VirtualPrivateCloud

PublicCloud

1. IWAN Secure VPN for private and virtual private cloud access

2. Leverage local Internet path for public cloud and Internet access

4 Increase WAN transport capacity and app performance cost effectively!

4 Improve application performance (right flows to right places)

MPLS (IP-VPN)

Internet

9


Intelligent WAN (IWAN)So What is New Here?

OptimizedSecure Transport

Branch

Direct CloudAccess

PrivateCloud

VirtualPrivateCloud

PublicCloud

1. IWAN Secure transport for private and virtual private cloud access

2. Leverage local Internet path for public cloud and Internet access

4 Increase WAN transport capacity and app performance cost effectively!

4 Improve application performance (right flows to right places)

MPLS (IP-VPN)

Internet

Hybrid WANs with High Reliability

Service Levels for Business-Critical Applications

Centralized Security Policy for Internet Access

Dramatically Lower WAN Costs Without Compromise

10


Common IWAN Deployment Models

Dual MPLS

Internet

ü Highest SLA guarantees– Centralized Internet Access– Expensive

Public

MPLS

Branch

MPLS

ü More BW for key applicationsü Balanced SLA guarantees– Moderately priced

PublicEnterprise

Branch

MPLS+Internet

Consistent VPN Overlay Enables Security Across Transition

ü Best price/performanceü Most flexibility– Enterprise responsible for SLAs

Internet

Branch

Enterprise Public

Hybrid Dual Internet

Internet

11


Intelligent WAN (IWAN) ArchitectureEnterprise

MPLS

UnifiedBranch

3G/4G-LTE

Internet

PrivateCloud

VirtualPrivateCloud

PublicCloud

Application Optimization

Enhanced ApplicationVisibility and Performance

Secure Connectivity

ComprehensiveThreat Defense

Intelligent Path Control

ApplicationAware Routing

TransportIndependence

SimplifiedHybrid WAN

Management Automation

12


IWAN: Architectural and Systems Approach

• IWAN is a Solution Architecture• Solves a network problem• Use Case Driven• Systems Development Approach

• Prescribed. Tested. Interoperable.• Bounded Scope and Complexity• Enables Automation and Quality

• Delivers Business Outcomes• Reduce Operational Complexity• Reduce WAN costs, Increase bandwidth• Improve Application Performance• Direct Cloud Access• Guest Access Offload

IWAN2.1

13

Transport-IndependenceVirtualizing the Enterprise WAN


Simplifies WAN Design Dynamic Full-Meshed Connectivity Proven Robust Security

Flexible Secure IWAN Overlay Over Any TransportSecureFlexible

• Easy multi-homing with several providers

• Single routing control plane over the top of provider networks

• Consistent design over all WAN transport types

• Scalable Hub-n-spoke with dynamic full mesh topology

• Industry Certified security compliance

• Scalable high-performance cryptography in hardware

ISR

WAN

Internet

MPLSASR 1000

ASR 1000

Transport-Independent

Data CenterBranch

15


IWAN Transport IndependenceConsistent deployment models simplify operations

Internet MPLS

Branch

DMVPN DMVPN

IWAN HYBRID

Data Center

ISR

ASR 1000 ASR 1000

ISP A SP B

4G/LTE

Branch

DMVPN

IWAN HYBRID/LTE

Data Center

ISP C SP B

ASR 1000

MPLS

Branch

MPLS

DMVPN

IWAN Dual MPLS

Data Center

ISR

ASR 1000 ASR 1000

SP A SP B

DMVPN

MPLS

DMVPN

ISR

ASR 1000

16


IWAN Transport Independent Designwith Dynamic Multipoint VPN (DMVPN)

• Proven IPsec VPN technology• Widely deployed, Large scale• Standards based IPsec and Routing• Adv QOS: hierarchical, per tunnel

• Flexible & Resilient• Over any transport: MPLS, Carrier Ethernet, Internet, 3G/4G,..• Automatic Spoke registration (for Zero-touch Deployment)• Hub-and-Spoke with Dynamic full mesh Topology• Multiple encryption, key management, routing options• Multiple redundancy options: platform, hub, transports

• Secure• Industry Certified IPsec and Firewall• NG Strong Encryption: AES-GCM-256 (Suite B)• IKE Version 2• IEEE 802.1AR Secure unique device identifier

• Simplified IWAN Deployments• Prescriptive validated IWAN designs• Automated provisioning – Prime, IWAN-App, Glue

Branch

Internet MPLS

DMVPNPurple

DMVPNGreen

IWAN HYBRID

Data Center

ISP A SP B

17


Typical IWAN Topology

10.3.3.0/24 10.4.4.0/24 10.5.5.0/24

BR11 BR12 BR21 BR22

DMVPNMPLS

DMVPNINET

BR31 BR41

10.1.0.0/16 10.2.0.0/16

BR51 BR52

• IWAN Domain• Group of IWAN sites with common transports and policies• 2000 sites per domain, multiple domains for larger scale

• IWAN POP locations• 2+ WAN aggregation locations, also called Transit Sites• Each Border Router (BR) is a DMVPN Hub

with iBGP or EIGRP routing• Summary prefixes with primary and secondary path

metrics advertised out to branches• Transit routing to other locations with backdoor failover

routing between POP locations• Dedicated BR per WAN transport

• IWAN Branch locations• Simple consistent configurations• 1 or more BRs connected to each transport• Peer with each DMVPN Hub, stub routing

IWAN POP1 IWAN POP2

10.2.0.0/1610.0.0.0/8

DC1WAN Core

DC2

10.1.0.0/1610.0.0.0/8

10.0.0.0/8

18


Highly Redundant Large Scale Topology

10.3.3.0/24 10.4.4.0/24 10.5.5.0/24

BR31 BR41 BR51 BR52

BR12

IWAN POP1 IWAN POP2

DMVPNMPLS

DMVPNINET

BR11 BR14BR13 BR22BR21 BR24BR23

10.1.0.0/1610.2.0.0/1610.0.0.0/8

10.1.0.0/1610.2.0.0/1610.0.0.0/8

• Support for multiple BRs per transport• Horizontal scaling and redundancy

• Support for Multiple POPs• Different Prefix• Common Prefix

DC1

DCIWAN Core

DC2

19

Intelligent Path ControlImproving Application Delivery and WAN Efficiency


Getting the Most Out of Your WAN InvestmentBenefits of Intelligent Path Control

Data CenterBranch

ASR 1000

ASR 1000

ISR

MPLS

Internet

EnablingHybrid WANs

Efficient Distribution of Traffic Based Upon Load

or Path Preference

Application Best Path Based on Quality

Protection FromCarrier Black Holes

and Brownouts

Lower WAN Costs

Full Utilization of WAN Bandwidth

Improved Application

Performance

Higher ApplicationAvailability

21


What is Performance Routing (PfR)?

MPLS Internet

Branch

BR BR

Data Center

MC

“Performance Routing (PfR) provides additional intelligence to classic routing to track and verify the quality of a path over a Wide Area Networking (WAN) to determine the best path for application traffic....”

MC+BR

22


Intelligent Path Control with PfRVoice and Video Use-Case

Branch

MPLS

Internet

Virtual PrivateCloud

Private Cloud

• PfR monitors network performance and routes applicationsbased on policy

• PfR load balances traffic based upon link utilization levels to efficiently utilize all available WAN bandwidth

Other traffic is load balanced to maximize bandwidth Voice/Video will be rerouted if

the current path degrades below policy thresholds

Voice/Video take the best delay, jitter, and/or loss path

23


Load BalancingMaximizing Link Utilization to Increase Available Bandwidth

• Traffic distributed across all paths to efficiently use all WAN bandwidth

• Load Balancing based upon link utilization levels

• External links can have different bandwidth capacitiesMPLS = 1.5MbpsInternet = 15Mbps

ISR

WAN

Internet

MPLSASR 1000

ASR 1000

Data Center

50% T1 = 750kbps

50% 15Mbps = 7.5Mbps

24


SP1 (MPLS) ISP (FTTH)

• Protect voice and video quality

Latency < 150 msJitter < 20 ms

• Protect Email applications from WAN congestion

Loss < 5%

• Voice and video preferred path SP1

• Email preferred path ISP• Increase utilization

by load sharing

Multimedia and Critical Data Policy

Business App

Best-Effort Traffic

High Delay Detected

SP1 (MPLS) ISP (DSL)

Voice and Video

High JitterDetected

Email

Best-Effort Traffic

Protecting Critical Applications While Increasing Link Efficiency

• Protect transactionalbusiness app from brownouts

delay < 250ms• Preferred path SP1 (MPLS)

• Increase WAN bandwidth efficiency by load-sharing traffic over all WAN paths, MPLS + Internet

Business App and Load-Balancing Policy

25


Performance Routing—Components

The Decision Maker: Master Controller (MC)• Discover BRs, collect statistics• Apply policy, verification, reporting• No packet forwarding/inspection required

The Forwarding Path: Border Router (BR)• Does all packet forwarding• Visibility in network performance • Enforce MC’s decision (path enforcement)

The Policy Controller: Domain Controller (DC)• Discover site peers, prefixes and connected networks• Advertise policy and services• One per domain, collocated with MC

MPLS Internet

BranchMC+BR

BR BR

DC/MC

26

Application Optimization


Today’s Network is an IT Blind Spot

• Static port classification is nolonger enough

• More and more apps are opaque

• Increasing use of encryptionand obfuscation

• Application consists of multiple sessions (video, voice, data)

• What if user experience is not meeting business needs?

28


Branch

PrivateCloud

Make Your IWAN Application AwareApplication Visibility and Control (AVC)

DC/Headquarters

PublicCloud

Cisco AVC

Application Performance Visibility

• Application inspection with existing routers

• Rich data collection using NetFlow v9/IPFIX

• Easy to integrate into many reporting tools

Smart CapacityPlanning

• Better use of costly bandwidth

• Per-branch and per-application level reporting

Business Objective Enforcement

• Service Level monitoring per application

• Better Analytics to adjust network policies to maintain compliance

AVCAVC

29


PrivateCloud

Application Performance Monitoring for IWANTrack and Report Application Flows and Performance

WANNetFlow v9

Enterprise Edge

AVC

AVC

CSR

NetFlow/IPFIX Records(Same provisioning, same format)

• Traffic statistics records• Application Response Time records• Media monitoring records

(Application, Jitter, Loss, etc)

Cisco ToolsPrime, APIC-EM

Partner Tools EcosystemLiveAction

Glue NetworksPlixer

Living ObjectsCompuWare

CA Technologies

Collecting Collecting Collecting

Provisioning

Exporting

NetFlow v9 Export/IPFIX Export

Branch DC/HeadquartersAVC

AVC

30


PrivateCloud

Add WAN Optimization with WAAS + AkamaiSpeed and Bandwidth Benefits on Top of the IWAN

Branch DC/POP

ApplicationOptimization

• Improved Application performance, delay mitigation, less bandwidth

• Twice as many Citrix users over same WAN, 70% faster

• Typical ROI in less than one year, 65% BW cost savings

Content Caching& Prepositioning Simple and Scalable

• Works with existing branch routers

• Scale out optimizations resources with AppNav

• Native HA resiliency

vWAAS AppNav-XEController

CSR

WAVE,vWAAS

WAN

Improving Application Performance

• Reduces WAN bandwidth usage, while accelerating applications

• Intelligent caching of internal and Internet content

• Prepositioning of data and rich media before it is needed

31


Cisco WAAS – IWAN Application AccelerationEnhancing User Experience and WAN Efficiency

Solution

• Reduce load Data redundancy elimination (DRE), compression, and TCP optimization

• Application optimizationFewer protocol messages and metadata caching

Problem

• Application latency• WAN bandwidth

inefficiencies

Application bandwidth with Cisco® WAAS

Application bandwidth natively

Application latency natively

Application latency with Cisco WAAS 0 0

1

2

3

4

40

80

120

160

ApplicationBandwidth

ApplicationLatency

Bandwidth(Mbps)

Latency(Seconds)

Reduction inbandwidth

Reductionin latency

32


Akamai Connect accelerates HTTP/HTTPS applications, video and content in the branch, while maximizing existing enterprise network bandwidth

Branch

End-UserAkamai Connect

integrated into Cisco ISR-AX

routers

ISR-AX+AC INTERNET

Akamai Intelligent Platform

Data Center

WAASWAN

IWAN – Application Accelerationwith Akamai Connect

33


Branch

End-UserAkamai Connect integrated into Cisco

ISR-AX routers

ISR-AX+AC

Akamai Intelligent Platform

INTERNET

Data Center

WAASWAN

IWAN - Application AccelerationEnhancing User Experience and WAN Efficiency

Mobile Apps

Video

Software Downloads

Digital Signage

Catalogs

Guest WiFi

Any Device, Connectivity, Cloud Result – Improved Application Response Times

~70+% of HTTP/S data served from

cache

0123456789

WAAS + AKC Native WAN

Avg

. Loa

d Ti

me

(sec

.)

51% reductionload time

34

IWAN Secure Connectivity


Intelligent WAN: Secure ConnectivitySecuring the network and users

Secure WAN Transport

Branch

MPLS (IP-VPN)

InternetSecureInternetAccess

PrivateCloud Virtual

PrivateCloud

PublicCloud

Two areas of concern1. Protecting the network from outside threats with data privacy over provider networks2. Protecting user access to Public Cloud and Internet services; malware, privacy, phishing,…

36


Securing the IWAN TransportIPSec VPN and Access Control

• Step 1: Authenticate hardware and softwareTrust Anchor Module verification

• Step 2: Secure TransportProven IPsec VPN overlayStrong Cryptography: IKEv2 + AES-GCM 256F-VRF to isolate provider networks

• Step 3: Protect the SiteIOS Zone-based Firewall or ACLs protectionRole based access to router w/ loggingMinimize exposure

Provider assigned addressing to hide routersDon’t put tunnel addresses into DNS

MPLS Internet

Branch

ASR 1000 ASR 1000

ISP A ISP C

Data Center

37


MPLS Internet

Branch

ASR 1000 ASR 1000

ISP A ISP C

Data Center

Add Network Integrated Threat DefenseIOS Zone-Based Firewall

• Control the Perimeter:• External and internal protection: internal network is no longer trusted• Protocol anomaly detection and stateful inspection

• Communicate Securely: • Call flow awareness (SIP, SCCP, H323)• Prevent DoS attacks

• Flexible:• Split Tunnel-Branch direct Internet access• Internal FW— addresses regulatory compliances

• Integrated: • No need for additional devices, expenses and power• Works with other IWAN Services: CWS, WAAS, UCS-E,…

• Manageable: • APIC-EM, Prime, CLI, SNMP, CCP, and CSM

38


Intelligent WAN—Direct Internet Access

Branch

MPLS (IP-VPN)

InternetDirect

InternetAccess

PrivateCloud

VirtualPrivateCloud

PublicCloud

• Leverage Local Internet path for Public Cloud and Internet access• Improve application performance (right flows to right places)

SolutionsOn Premise – Zone Based FirewallCloud Based – Cloud Web Security

CloudSecurity

ISR-AXZBFW

39


Cloud Web Security Centralized Management for Distributed Policy

Cisco ScanCenter Portal

40


Secure Internet Access with Cisco Cloud Web Security (CWS) with ISR-4000 and ISR-G2 Series Routers

Secure Public Cloud and Internet

Access

ISR Connector toCWS Firewall towers

Web Filtering, Access Policy, Malware Detect

WAN1(IP-VPN)

CWS

PrivateCloud

PublicCloud

Branch

WAN2(Internet)

IWAN IPsec VPN for Private Cloud

TrafficIOS Firewall to protect Internet

Edge

Internet

41

IWAN Automation


Network-Wide Abstractions Simplify the NetworkApplications

SecurityOrchestration Automation

SOUTHBOUND ABSTRACTION LAYER

REST API

CATALYST® CISCO NEXUS® ASRISR WIRELESSASA OTHER

SDN Ideal: Controller as the

Application Platform

The SDN Ideal:

Controller as the Application

Platform

Virtualization

43

IWAN

APIC-EMIWAN APP


Cisco Intelligent WAN App for APIC-EM

IT Admin

App SLADMVPNSLAQoSSecurityPath Selection

Business Policy

ApplicationNetwork Profile

NETWORK

SDN

Simple Workflow Templates

Plug and Play Business Policy Rendering

Open Architecture

Network, Applications Monitoring

APIC-EM Abstraction Layer Services

Business Policy Dictates Network Action

APIC-EM

IWAN APP

Monitor Application Health

Update Policy


PnP: Pre-provisioning and Discovery Workflows

Plug & PlayEnterprise-wide scaleAutomated workflow

79% lower deployment costs

Pre-provision1 Discovery2 Secure Deployment3

Discovery1 Un-claimed Devices2 Secure Deployment3

Network PnP app pre-provisioned with device SR number

Configure device discovery• DHCP Option-43 or DNS

• Installer powers on devices• Devices download image and

configuration

• Installer powers on devices• Devices securely connect

to APIC-EM server, waiting to be ‘claimed’

• Network admin claims devices based on device information

• Device downloads image and configuration

Configure device discovery• DHCP Option-43 or DNS

Network PnP app on APIC-EM

AdminEM

DHCPServer

DNSServer

ORPnP-Agent PnP-Agent

EM

Device Authentication

Download Image and Configure

Installer

Network PnP app on APIC-EM

AdminEM

DHCPServer

DNSServer

OR

PnP-Agent PnP-Agent

EM

Device Authentication

Download Image and Configure

Installer


Cisco IWAN Management PortfolioCovering a broad range of requirements and preferences

• Customer wants advanced provisioning, life cycle management, and customized policies

• System-wide network consistency assurance

• Lean IT OR IT Network team

Cisco

Prime Infrastructure

• Customer needs customizable IWAN with end-to-end monitoring

• One Assurance across Cisco portfolio from Branch to Datacenter

• IT Network team

Enterprise Network Mgmt and Monitoring

Ecosystem Partners

IWAN App

• Customer wants considerable automation and operational simplicity

• Requirements consistent with prescriptive IWAN Validated Design

• Lean IT organization

Prescriptive Policy Automation

• Customer looking for advanced monitoring and visualization

• QoS/ PfR/ AVC configuration, Real-time analytics and network troubleshooting

• IT Network team

Application Aware Performance Mgmt

AdvancedOrchestration

46


Prime Infrastructure for IWAN

• IWAN workflow wizard with PnP• Template-based IWAN configs• PfRv3 Domain, MC and BR• AVC One-Click provision• QoS Provisioning• Single or Dual Router Branch• CVD-based, Customizable• AVC Readiness Assessment• AVC, QoS, PfR Visibility• Leverages APIC EM services

For YourReference

47


LiveAction Software

• An Application-aware Network Performance Management and QoS Control tool

• Fast, simple, cost effective way to monitor and control application performance leveraging Cisco capabilities

LiveAction Components

Flow QoS Monitor QoS Configure RoutingLAN IP SLA

For YourReference

48


Glue Networks IWAN Orchestration

• Cloud-based SaaS subscription model

• Eliminates manual building of WANs

• Automated WAN orchestration and management

• Quick configuration updates and IOS upgrades

• Rapidly delivers nextgen and IWAN features

• Forward compatible with SDN APIs for app aware WANs

• Broadband and MPLS support for centralized hybrid WANmanagement for IWAN

For YourReference

49

Cisco IWAN Product Portfolio


Start with Cisco AX RoutersIWAN Capabilities Embedded in the Router

ISR-AXSimplify

Application Delivery

One NetworkUNIFIED SERVICES

ISR4000-AX

Transport Independent

Secure Routing

Optimization

Control

Visibility

Cisco AX Routers ISRv | 890 | 1900 | 2900 | 3900 | 4000 | ASR 100051

ISRv-AX

ASR1000-AX


IWAN Branch Services RoutersISR4000 Series - IWAN AX Ready, Next Generation Branch

INTEGRATED IWAN SERVICES

APPLICATION CENTRIC

APPLIANCE LEVEL PERFORMANCE

4 IOS Firewall, VPN, IPSec, PfRV3, NBAR2, AVC, AppNav, VRF, MPLS

4 Scalable on-chip service provisioning

4 App/User policy-driven deployment4 APIC-EM Automation: deploy in minutes4 Pay-as-you-grow4 Up-to-75% cost savings

4 Service-Aware Dataplane4 Resilient Service Virtualization4 Multi-gigabit Fabric ISR4431

ISR4351

ISR4331

ISR4321

ISR4451

500Mbps/1Gbps

200/400Mbps

100/300Mbps

50/100Mbps

1-2Gbps

For YourReference

52


IWAN Aggregation Border RoutersASR1000 - IWAN AX Ready, High Performance Routers

INTEGRATED IWAN SERVICES

BUSINESS-CRITICAL RESILIENCY

COMPACT, POWERFUL ROUTER

4 IOS Firewall, VPN, IPSec, PfRV3, NBAR2, AVC, AppNav, VRF, MPLS

4 Scalable on-chip service provisioning

4 Separate control and data planes4 Hardware and software redundancy4 In-service software upgrades

4 Line-rate performance 2.5G to 200G+ with services enabled

4 Crypto performance from 2G to 60G+4 Flexible I/O: SPAs and Ethernet LCs

§ 2.5G Upgradeable to 5G, 10G, 20G§ Up to 8G Crypto Throughput

§ 5G Upgradeable to 10G, 20G, 36G§ Up to 4G Crypto Throughput

§ Modular, Redundant up to 200G§ Up to 60G Crypto Throughput

ASR1001-X

ASR1002-X

Modular ASR1006-X

For YourReference

53

§ 44G Upgradeable to 100G§ 8, 16, 25G Crypto Throughput

ASR1002-HXNew

New


Cisco Enterprise Service Automation (ESA) on APIC-EMVirtual Managed Services (vMS)

Introducing Cisco Enterprise NFVVirtualized IWAN and Branch Services

Cisco 4000 Series ISR + UCS® E-Series

Network Functions Virtualization Infrastructure Software (NFVIS)

Virtual Router(ISRv)

Virtual Firewall(ASAv)

Virtual WAN Optimization

(vWAAS)

Virtual Wireless LAN Controller

(vWLC)Third-Party VNFs

New

Cisco® UCS C-Series

Why Cisco IWAN?


IWAN Vision and Strategy

Secure VPN Overlay, Any Transport, Bandwidth Efficiency, Application SLA

Secure, Simple, Centralized Policy Automation

Global Policies, Cloud POPs, Mobility, Optimization, Cloud Security

vRouter, vService and App Orchestration

Campus/WAN/DC

INTELLIGENT VIRTUALIZATION AUTOMATION CLOUD

INTEGRATIONSERVICE

VIRTUALIZATIONENTERPRISE

DNA

56


Intelligent WAN (IWAN)

OptimizedSecure Transport

Branch

Direct CloudAccess

PrivateCloud

VirtualPrivateCloud

PublicCloud

MPLS (IP-VPN)

Internet

Mixed transport WANs with High Reliability

Service Levels for Business-Critical Applications

Centralized Security Policy for Internet Access

Dramatically Lower WAN Costs Without Compromise

57

Thank you

DNA Intelligent WAN Campus Day

Technology

Transcript of DNA Intelligent WAN Campus Day