January 6, 2015
One thing I hear from customers on a day-to-day basis is how tight their budget is while IT demands from the organization continue to grow. IT Directors, CIOs, and Administrators face the tough tasks of reducing operating costs, getting the most out of their current investments, and improving performance for end users so that businesses can run like the well-oiled machines they are supposed to. Cisco’s Intelligent WAN (IWAN) design methodology and framework help customers do just that.
Cisco’s IWAN delivers an excellent end user experience over any type of connection
With IWAN, organizations no longer need to have extremely expensive MPLS WAN circuits at each of their locations with long contract terms. Organizations can now use low-cost Internet links that utilize the Internet as their WAN. The Internet is no longer the unknown or new ‘thing.’ It’s really just a low-cost commodity that is much more stable than it has been in the past with very attractive price-to-performance ratios. Cisco’s IWAN enables businesses to smoothly switch from expensive MPLS WAN connections to a far less expensive Internet transport with no compromise in terms of application performance, reliability, or security.
Cisco’s IWAN provides benefits through four main architectural framework components
1. Transport Independent Design
Dynamic Multipoint VPN (DMVPN) is the building block for this transport-independent design. DMVPN allows organizations to use the Internet as the WAN transport and achieve the following benefits:
- Essentially creates a fully meshed MPLS WAN infrastructure over the Internet leveraging multipoint generic routing encapsulation (mGRE) tunnels to interconnect all locations together via the hub router.
- mGREtunnels support unicast, multicast, and broadcast traffic all with the ability to run routing protocols within the tunnels. The advantage of being able to run routing protocols within the tunnels is that it allows organizations to intelligent route traffic based on best path, advanced routing possibilities that are not available with Firewalls, and ensures that the connectivity between all locations is always up and ready because the routing protocols use hello messages to ensure that their neighbors are operational. EIGRP, OSPF and BGP are supported.
- Allows branch locations to communicate directly with each other over the Internet, such as when using Voice Over IP systems (IP phone at Branch A needs to call IP phone at Branch B).
- Enables Zero-Touch deployments of IPsec VPNs when deploying new branch locations since adding new spokes to the VPN require no changes at the hub. Also, spoke routers can use dynamic IP addresses which is a typical requirement for cable Internet or lower cost links.
2. Intelligent Path Control
Cisco’s Performance Routing (PfR) is the component of the IWAN solution that can dynamically make routing path decisions by looking at the application type, performance requirements, a predefined set of policies based on the needs of your applications, and the status of path (jitter, latency, oversubscription, etc.). This component of the IWAN solution consists of spoke routers, which connect to the Internet service and/or existing MPLS WAN, and a master controller application running within the IOS of the hub router. The spoke routers collect traffic and path information sending this data to the master controller. The master controller will then ultimately tell the border router which egress path to take based on the conditions of the path, the policies, and to intelligently load-balance traffic based on the circuits thereby providing companies operating savings.
3. Application Optimization
Cisco’s Application Visibility and Control (AVC) and Cisco Wide Area Application Services (WAAS) provide the necessary application visibility and optimization over the WAN or Internet. This level of visibility is needed more than ever because as more and more applications are web-based, well known ports such as HTTP/HTTPS are continually reused, so it’s no longer efficient to define policies based on static port classification. AVC takes care of this by providing application awareness with deep packet inspection of traffic (all the way up to Layer 7) to identify and monitor the applications real-time performance. AVC uses technologies such as:
- Network-based Application Recognition (NBAR2)
- Quality of Service
- IP SLA Performance Monitoring
What this ultimately boils down to is that AVC ensures that companies’ business critical applications are properly prioritized across the network so that the end users get the performance they need.
4. Secure Connectivity
The primary value that this component provides is its ability to protect the existing WAN by off loading a substantial amount of traffic directly to the Internet thereby preventing customers from having to upgrade the existing MPLS WAN or saturate the WAN.
At a high level, this solution requires a Cisco Integrated Services Router (ISR) with the ISR-AX license bundle and WAAS accelerators at each end, but there is obviously further design discussions that need to take place before an installation of this exciting framework can take place.
Is this the year your organization should reduce cost, improve end user experience, and reduce complexity with Cisco IWAN?
Like what you read?
Contact us today to discuss Cisco Intelligent WAN.
Mindsight, a Chicago IT consultancy and services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We’ve always prided ourselves in delivering the full spectrum of IT services and solutions, from design and implementation to support and management. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for a local business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.