Conquer the Cloud | Part 1 - The Cloud and Your Network Is, There a Gap
-
Upload
yahya-nursalim -
Category
Documents
-
view
47 -
download
1
description
Transcript of Conquer the Cloud | Part 1 - The Cloud and Your Network Is, There a Gap
© 2012 Cisco and/or its affiliates. All rights reserved. 1© 2012 Cisco and/or its affiliates. All rights reserved. 1
Conquer the CloudPart 1: The Cloud and Your Network—Is There a Gap?
PresentersNick Lippis, Founder and CEO, Lippis EnterprisesRahul Tripathi, Director of Product Management, Services Routing, Cisco
HostRobb Boyd, TechWiseTV Host, Cisco
September 26, 2012, 8 a.m. Pacific Time
© 2012 Cisco and/or its affiliates. All rights reserved. 2
FIVE-PART WEBCAST SERIES
• September 26: The Cloud and Your Network—Is There a Gap?
• October 16: Optimizing App Performance from Branch to Cloud
• November 1: How to Enforce Pervasive Security
• November 15: Extending Virtualization to the Branch Office
• December 11: Designing Next-Generation, Cloud-Ready WAN
Experts Provide Best Practices on How to Accelerate Your Organization’s Journey to the Cloud
© 2012 Cisco and/or its affiliates. All rights reserved. 3
Why Traditional WANs Are Challenged by Cloud Computing
The Requirements for a Cloud-Ready Branch Office
Solutions for Robust Security, Accelerated Application Performance, and Efficient Operations
Management Tools That Improve Visibility and Control
Next Steps for Getting Your WAN Cloud-Ready
© 2012 Cisco and/or its affiliates. All rights reserved. 4
Conquer the Cloud: Part 1: The Cloud and Your Network—Is There a Gap?
Director,Product Management,
Services Routing, Cisco
Rahul TripathiNick Lippis
Founder and CEO, Lippis Enterprises
Host,TechWise TV
Robb Boyd, Host
© 2012 Cisco and/or its affiliates. All rights reserved. 5
What Percent of Your Workload Will Migrate to the Cloud by the End of 2012?
A. 100%
B. ~ 75%
C. ~ 50%
D. ~ 25%
E. < 10% or none
© 2012 Cisco and/or its affiliates. All rights reserved. 6
71% 80%
Cloud Apps to Mobile Devices
Video Demand in the Cloud
Move from Branch to Cloud
“By 2015, more than 60% of enterprises will have migrated branch office services to cloud or virtualized servers.”
Gartner, Analyst Review, February 2012
60%
“71% of organizations are extending or planning on extending their cloud applications to mobile devices.”
IDC’s Mobile Enterprise Software Survey, 2011
“In 2012, almost 80% of IT organizations will increase their use of video with focus on deploying cloud-based collaboration services.”
Cloud Networking Report, Ashton Metzler and Associates, 2011
© 2012 Cisco and/or its affiliates. All rights reserved. 7
“I deal with servers and
storage and I don’t get
why the network
matters”
“Do I really need to buy
a bunch of networking
gear to get cloud
deployed?”
Network Is the Critical Path for Implementing Cloud Computing
© 2012 Cisco and/or its affiliates. All rights reserved. 8
2000 2005 2010 2015 2020 t
Growing Gap
Executive
Management
Cloud
Computing
Expectation/
Demand
Branch
Office
Cloud
Readiness
© 2012 Cisco and/or its affiliates. All rights reserved. 9
A. Application performance (response time, latency)
B. WAN bandwidth
C. Security and policy control
D. Visibility and control of applications across the WAN
E. Reliability of cloud applications
Which Is Your Top Wide-Area Network (WAN) Challenge for Migrating to the Cloud?
© 2012 Cisco and/or its affiliates. All rights reserved. 10
Key Findings: Cisco Global Cloud Networking Survey*
Need for a Major Architectural Shift in the Network
Expectation
Organizations Who Plan to Have More Than 50% Apps in the Cloud by
2012
20%Consider
Cloud-Ready WAN to Be the Most Important
Infrastructure for Cloud
28% Virtualized DC21% SP SLA
37%
Reality: Top Network Challenges
Cited Performance
as a Key Challenge for Cloud
60%Cited
Security and Policy
as a Key Challenge for Cloud
66%Cited
Managementas a Key
Challenge for Cloud
60%
*1300+ global IT professionals across 13 countries, April, 2012
© 2012 Cisco and/or its affiliates. All rights reserved. 11
• Does not provide cloud-computing access• It’s not cloud aware • User experience of cloud services suffer
• Limited cloud security services • Outdated operational model and expensive • It’s only going to get worse as cloud
computing forces more structural changes
Backhaul and Hairpinning
Internet
MPLS
CLOUD FLOWSBRANCH
Public Cloud
Private Cloud
Users
© 2012 Cisco and/or its affiliates. All rights reserved. 12
Public
Private
Hybrid
Is Your Branch/WAN Ready for Cloud?
• 90% of branch offices hairpin Internet traffic
Drivers: lack of cloud security and old habits die hard
Robs other applications of this bandwidth
Not sustainable as workload/applications move to public cloud at speed
Will be a major cause of poor user/application experience
Public Cloud—Backhauling and Hairpinning Major Challenge
© 2012 Cisco and/or its affiliates. All rights reserved. 13
New York
Branch Office
Private Cloud—Virtual Desktops
Keystroke
Bandwidth Explosion: ~20 VDI Sessions
per T1 Line
WAN Latency: >200ms Need for Optimal
VDI Performance
Lack of Visibility, Control, and Prioritization
Dallas
Data Center
IaaS
Cloud Services
1500 Miles
Mouse
ControlVideo Screen
Users
© 2012 Cisco and/or its affiliates. All rights reserved. 14
You Want to be Ready for Cloud Computing Models
Traditional network model—MPLS limitations
Backhauling and hairpinning
Limited bandwidth and low latency links
Security concerns
Impacts business process, forcing structural changes
© 2012 Cisco and/or its affiliates. All rights reserved. 15
Internet
MPLS
Public Cloud
Private Cloud
Private Cloud
Right Experience for Endpoint Device
Secure the Cloud at Scale
Visibility and Monitor
CLOUD FLOWSBRANCH
Users
© 2012 Cisco and/or its affiliates. All rights reserved. 16
Connecting Users to the Cloud with
Confidence
Optimal Experience
PervasiveSecurity
Simplified Operations
VoIP VDIHD
Video
App
OS
IaaS
PaaS
SaaS
© 2012 Cisco and/or its affiliates. All rights reserved. 17
Delivering Optimal Experience, Pervasive Security, and Simplified Operations
Cloud-Ready Platforms
ISR G2 ASR 1K CSR 1KV
Branch
Branch Office Campus/Data Center Cloud
Private/Public/Hybrid
Users Cloud Services
© 2012 Cisco and/or its affiliates. All rights reserved. 18
Delivering Optimal Experience, Pervasive Security, and Simplified Operations
Cloud-Ready Network Services
Cloud-Ready Platforms
Visibility Optimization Security Collaboration App Hosting
ISR G2 ASR 1K CSR 1KV
Branch
Branch Office Campus/Data Center Cloud
Private/Public/Hybrid
Users Cloud Services
© 2012 Cisco and/or its affiliates. All rights reserved. 19
Management and Policy
Delivering Optimal Experience, Pervasive Security, and Simplified Operations
Cloud Connectors
Cloud-Ready Network Services
Cloud-Ready Platforms
Collaboration
Survivability
Web
Security
Cloud
Storage
Third
Party
Visibility Optimization Security Collaboration App Hosting
ISR G2 ASR 1K CSR 1KV
Branch
Branch Office Campus/Data Center Cloud
Private/Public/Hybrid
Users Cloud Services
© 2012 Cisco and/or its affiliates. All rights reserved. 20
High-Performance, High-Availability Platforms
• ISR G2: Unified branch with
wired/wireless WAN and
integrated services
• ASR 1000: WAN aggregation
up to 100 Gbps, with modular
upgrades
• CSR 1000V: Flexible virtual
form factor for cloud
deployments
Private WAN/
Internet ASR 1000
CSR
Branch/User
ISR G2
Private/Public/Hybrid
Traditional DC
© 2012 Cisco and/or its affiliates. All rights reserved. 21
Application Visibility, Control, and Optimization
High-Performance, High-Availability Platforms
• ISR G2: Unified branch with
wired/wireless WAN and
integrated services
• ASR 1000: WAN aggregation
up to 100 Gbps, with modular
upgrades
• CSR 1000V: Flexible virtual
form factor for cloud
deployments
• AVC: Granular application
visibility, response time, and
SLA management
• WAAS: Bandwidth optimization
and acceleration for apps,
video, and VDI
• PfR: Optimal path selection
based on performance
and policy
Private WAN/
Internet ASR 1000AVC, WAAS, PfR
CSR
Branch/User
ISR G2
Private/Public/Hybrid
Traditional DC
WAAS/vWAAS
© 2012 Cisco and/or its affiliates. All rights reserved. 22
Application Visibility, Control, and Optimization
Efficient Rich Media Collaboration
High-Performance, High-Availability Platforms
• ISR G2: Unified branch with
wired/wireless WAN and
integrated services
• ASR 1000: WAN aggregation
up to 100 Gbps, with modular
upgrades
• CSR 1000V: Flexible virtual
form factor for cloud
deployments
• AVC: Granular application
visibility, response time, and
SLA management
• WAAS: Bandwidth optimization
and acceleration for apps,
video, and VDI
• PfR: Optimal path selection
based on performance
and policy
• UC Gateways: API control and
voice quality enhancement for
TDM and SIP
• CME/E-SRST: Branch-
optimized call control and
enhanced survivability
• HCS Connector: Voice
survivability for hosted
collaboration services
Private WAN/
Internet ASR 1000
CME/SRST
AVC, WAAS, PfR
CUBE
CSR
Branch/User
ISR G2
HCS Connector
Private/Public/Hybrid
Traditional DC
WAAS/vWAAS
© 2012 Cisco and/or its affiliates. All rights reserved. 23
• Branch banking personal routinely utilized the Internet to assist customers quickly and efficiently
• Increase of teller applications on hosted desktops
• IT needs visibility on store to plan and prioritize traffic
• Business continuity is critical for timely transactions
• Network is critical for a good customer experience
• Need high performance network without compromising security
© 2012 Cisco and/or its affiliates. All rights reserved. 24
A. Public
B. Private
C. Hybrid (public/private)
D. What is a cloud?
Which Type of Cloud Are You Primarily Deploying?
© 2012 Cisco and/or its affiliates. All rights reserved. 25
Private/Public/Hybrid
Traditional DCBranch/User
Any-to-Any Secure Connectivity
• FlexVPN: Converged VPN at scale across branch, mobile user, and cloud
• GETVPN: Encrypted MPLS WAN for added privacy
• Next-generation encryption: Suite-B crypto with hardware acceleration
ISR G2
Private WAN/
Internet ASR 1000
CSR
© 2012 Cisco and/or its affiliates. All rights reserved. 26
100G FW
Private/Public/Hybrid
Traditional DCBranch/User
Integrated Threat DefenseAny-to-Any Secure
Connectivity
• FlexVPN: Converged VPN at scale across branch, mobile user, and cloud
• GETVPN: Encrypted MPLS WAN for added privacy
• Next-generation encryption: Suite-B crypto with hardware acceleration
• Network integrated firewall:
Up to 100 Gbps stateful
inspection for IPv4/v6
• TrustSec with ISE: End-to-
end user-aware access and
policy control
• PCI 2.0 Compliance:
Single box solution including
simplified IPS
FW, IPS
ISR G2
TrustSec
Private WAN/
Internet
GET, FlexVPN,
NGE ASR 1000
CSR
© 2012 Cisco and/or its affiliates. All rights reserved. 27
Cloud Web Security (Scansafe)
100G FW
Private/Public/Hybrid
Traditional DCBranch/User
Integrated Threat Defense Branch to Cloud SecurityAny-to-Any Secure
Connectivity
• FlexVPN: Converged VPN at scale across branch, mobile user, and cloud
• GETVPN: Encrypted MPLS WAN for added privacy
• Next-generation encryption: Suite-B crypto with hardware acceleration
• Network integrated firewall:
Up to 100 Gbps stateful
inspection for IPv4/v6
• TrustSec with ISE: End-to-
end user-aware access and
policy control
• PCI 2.0 Compliance:
Single box solution including
simplified IPS
• CSR: Any-to-any enterprise
VPN to connect users to
external clouds
• Cloud Web Security
(ScanSafe) Connector:
Secure, direct access to
cloud apps over Internet
FW, IPS
ISR G2
TrustSec
Private WAN/
Internet
GET, FlexVPN,
NGE ASR 1000
CSR
© 2012 Cisco and/or its affiliates. All rights reserved. 28
• From a PCI compliance perspective many retailers host their point of sale or PoS applications in a VPC environment
• To assure PCI compliance its credit card transactions are securely transmitted by terminating VPN connections within a VPC
• Retailer has direct access and control of their VPC environment to assure PCI compliance and reporting while also reducing their PCI infrastructure cost
© 2012 Cisco and/or its affiliates. All rights reserved. 29
36 Gbps
Services and Performance On-Demand
• ASR 1002-X: On-demand
performance from 5 to 36 Gbps
• ISR G2: On-demand services
in IOS or service engines with
no truck rolls
• WAAS AppNav: Easy-to-scale
headends as needs grow
5 Gbps
© 2012 Cisco and/or its affiliates. All rights reserved. 30
36 Gbps
Branch Infrastructure and Services Consolidation
Services and Performance On-Demand
• ASR 1002-X: On-demand
performance from 5 to 36 Gbps
• ISR G2: On-demand services
in IOS or service engines with
no truck rolls
• WAAS AppNav: Easy-to-scale
headends as needs grow
• UCS E-Series: Lean server
leveraging virtualization,
reduced power, and OpEx
• Network service hosting:
Cisco and third-party virtual
appliances
50% Savings
5 Gbps
© 2012 Cisco and/or its affiliates. All rights reserved. 31
36 Gbps
Branch Infrastructure and Services Consolidation
Unified Management
Services and Performance On-Demand
• ASR 1002-X: On-demand
performance from 5 to 36 Gbps
• ISR G2: On-demand services
in IOS or service engines with
no truck rolls
• WAAS AppNav: Easy-to-scale
headends as needs grow
• UCS E-Series: Lean server
leveraging virtualization,
reduced power, and OpEx
• Network service hosting:
Cisco and third-party virtual
appliances
• Cisco Prime: Unified
management with common
look and feel across branch,
WAN, DC, and cloud
• Cisco Prime Assurance
Manager: Single plane
monitoring for application traffic
and user experience with AVC
50% Savings
5 Gbps
© 2012 Cisco and/or its affiliates. All rights reserved. 32
• An Enterprise with advertising campaign residing in a Terremarkserver in a VPC
• The Enterprise could run a redundant advertising campaign application locally
• In the event of a brown out where VPC access could be cut-off the advertising campaign will still proceed uninterrupted with local application hosting
• Call services cannot be uninterrupted in the event of network congestion or a brownout
© 2012 Cisco and/or its affiliates. All rights reserved. 33
© 2012 Cisco and/or its affiliates. All rights reserved. 34
Assess the Branch Office Network for Cloud Readiness
Start to Use AVC to Gain Application Visibility
Utilize AppNav to Pool Distributed WAN Optimization
Network Services
Implement Broadband Access at Branch Offices
Consider Using FlexVPN to Manage Existing VPNs and to
Configure New Ones
Experiment with VPC Solutions and the CSR 1000V
Control Point
Start to Eliminate Hairpinning by Experimenting with the
Cloud Web Security (ScanSafe) Connector
Assess ASR 1000 Head End Capacity
© 2012 Cisco and/or its affiliates. All rights reserved. 35
Mobile and
Remote UsersWAN and Cloud Edge
Network
Management
Private and
Public CouldBranch Office
Connect Users to the Cloud with Confidence
ISR G2 WAAS
WAAS on SRE
WAAS Express
Secure
Network and Device Security
WAVE
WAVE
Virtual WAAS
ASR 1000
Cloud Services Router1000V
Cisco Prime Desktop Software
WAAS WAAS Mobile AnyConnect
CSR
FlexVPNCloud Web Security
TrustSec
WAAS
© 2012 Cisco and/or its affiliates. All rights reserved. 36
CONQUER THE CLOUD WEBCAST SERIES
• October 16: Optimizing App Performance from Branch to Cloud
• November 1: How to Enforce Pervasive Security
• November 15: Extending Virtualization to the Branch Office
• December 11: Designing Next-Generation, Cloud-Ready WAN
© 2012 Cisco and/or its affiliates. All rights reserved. 37
• Test your cloud readiness knowledge
Step 1: Download the Cisco Enterprise WAN app on your mobile device
Step 2: Go to Trivia
Step 3: Take our challengeChallenge open until Friday, 9/28 midnight Pacific Time
• Top three winners
1st: AppleTV
2nd: Jawbone Icon Headset
3rd: Cisco Press Book
http://tinyurl.com/ciscoewan
© 2012 Cisco and/or its affiliates. All rights reserved. 38
Cisco Enterprise WANblogs.cisco.com/go/bn
Facebook: http://www.facebook.com/ciscoenterprisewan
Twitter: @ciscoenterprise
Nick LippisPrincipal Analyst and CEO, Lippis
Twitter: @NickLippis
TechWiseTVTechwisetv.com
Twitter: @ciscocin
© 2012 Cisco and/or its affiliates. All rights reserved. 39
Thank You