Cisco Performance Routing (PfR) example

Performance Routing (PfR) complements traditional routing technologies by using the intelligence of a Cisco IOS infrastructure to improve application performance and availability. PfR can select the best path for each application based upon advanced criteria such as, reachability, delay, loss, jitter, and mean opinion score (MOS).

PfR can also improve application availability by dynamically routing around network problems like black holes and brownouts that traditional IP routing may not detect. In addition, the intelligent load balancing capability of PfR can optimize path selection based on link use or circuit pricing.

Some of the scenario’s you could create are described on below links

Enterprise Intranet Solutions:

Internet Edge Solutions:

In this example we will demonstrate the rerouting of a Cisco Video IP Phone traffic based on Jitter criteria.

The setup is as follows:

PfrLabexample1

We use the ip sla functions of the router  to verify the jitter behaviour of a WAN link between the 3925 and 2921-1 router.
As soon as the Jitter goes above a threshold the Voice/Video Traffic will be rerouted to an alternative link.
(Note: that you could allow all other traffic on the degraded link)
The following video shows the effect of Jitter on the phone,  and the reaction off Pfr (timing can be tuned of course).
.
.
As mentioned in the video, you’ll see a change in routing behaveour, as example we’ll take the output off router 2921-1:
-Sep  3 17:16:19.358: %PFR_MC-5-ROUTE_EVENT: 50% of traffic classes controlled through policy VIDEO_VOICE 10 are NOT INPOLICY (trigger-log-percentage is 30%)
-Sep  3 17:17:19.382: %PFR_MC-5-ROUTE_EVENT: 100% of traffic classes controlled through policy VIDEO_VOICE 10 are INPOLICY (trigger-log-percentage is 30%)
-Sep  3 17:17:49.302: %PFR_MC-6-OOP_ACTIVE_MODE: Relative short term delay measurement is out of policy. Appl Prefix 10.0.63.11/32 N    17 [16384, 65535] [16384, 65535], delay 13, BR 10.0.62.34, i/f Gi0/1relative change 225, prev BR Unknown i/f Unknown
-Sep  3 17:17:49.502: %PFR_MC-6-ROUTE_EVENT_INFO: Appl Prefix 10.0.63.11/32 N    17 [16384, 65535] [16384, 65535]: route changed to BR 10.0.62.34, i/f Gi0/2, due to Jitter criteria. Out of policy reason: delay criteria
<-  A route is injected in router 2921-1 for the IP Phone .11 (PBR)
Below you can find the key commands to configure above setup and some show commands to illustrate.
.
For additional examples do have a look at:

Cisco 3925 ISRG2:

!
key chain key1    
<- For secure communication between master & border
 key 1
  key-string cisco
!
pfr master
 policy-rules VIDEO_VOICE
<- Defined specific rules for a specific application
 logging
 !
 border 10.0.62.13 key-chain key1
  interface GigabitEthernet0/0 external
   link-group primary
<- Definition of the link- group, could be any name, linked to the pfr maps
  interface GigabitEthernet0/1.63 internal
 !
 border 10.0.62.17 key-chain key1
  interface GigabitEthernet0/0 external
   link-group secondary
  interface GigabitEthernet0/1.63 internal
 !
 no learn                                                                  
<- Learning disabled
 !
!
pfr border
 local Loopback1
 master 10.0.62.13 key-chain key1
 active-probe address source interface Loopback1
!
!
!
interface Loopback1
 ip address 10.0.62.13 255.255.255.252
!
interface GigabitEthernet0/0
 ip address 10.0.61.2 255.255.255.240
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.63
 encapsulation dot1Q 63
 ip address 10.0.63.3 255.255.255.0
 standby 1 ip 10.0.63.1
 standby 1 priority 150
 standby 1 preempt
!
!
interface GigabitEthernet1/0
 ip address 10.0.62.45 255.255.255.252
!
!
router eigrp 1
 network 10.0.61.0 0.0.0.15
….
!
router bgp 65002
 bgp log-neighbor-changes
 neighbor 192.168.0.2 remote-as 65001
 !
 address-family ipv4
  network 10.0.63.0 mask 255.255.255.0
  neighbor 192.168.0.2 activate
 exit-address-family
!
!
ip access-list extended VOICE_VIDEO_ACCESS_LIST
 permit udp any range 16384 65535 host 10.0.6.155 range 16384 65535
 permit udp any range 16384 65535 host 10.0.6.158 range 16384 65535
!
ip sla auto discovery
ip sla responder     
<- IP SLA responder as well , to respond to probes of 2921-1
ip sla enable reaction-alerts
!
!
!
pfr-map VIDEO_VOICE 10
 match traffic-class access-list VOICE_VIDEO_ACCESS_LIST
<- Match Voice & Video traffic
 set mode monitor fast
<- Fast failover choosen
 set resolve jitter priority 1 variance 5
 set resolve delay priority 2 variance 50
 set resolve loss priority 3 variance 50
 set jitter threshold 100
 set active-probe jitter 10.0.62.34 target-port 3050
<- Active Jitter Probe
 set probe frequency 5
 set link-group primary fallback secondary
<- link group fallback (primary and secondary can be any name)
!
control-plane
!
.

The 2921-2 Border Router 

.
….
key chain key1
 key 1
  key-string cisco
!
!
!
pfr border
 local Loopback1
 master 10.0.62.13 key-chain key1
 active-probe address source interface Loopback1
<- Used loopback as source for the Jitter probe packets
!
interface Loopback1
 ip address 10.0.62.17 255.255.255.252
!
!
interface GigabitEthernet0/0
 description WAN interface
 ip address 10.0.62.6 255.255.255.252
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.63
 encapsulation dot1Q 63
 ip address 10.0.63.2 255.255.255.0
 standby 1 ip 10.0.63.1
 standby 1 preempt
!
router eigrp 1
 network 10.0.62.4 0.0.0.3
We do a show command off the Master Controller before change of jitter:
3925#  sho pfr master
OER state: ENABLED and ACTIVE
  Conn Status: SUCCESS, PORT: 3949
  Version: 3.3
  Number of Border routers: 2
<- Master controls 2 border routers
  Number of Exits: 2
  Number of monitored prefixes: 4 (max 5000)
  Max prefixes: total 5000 learn 2500
  Prefix count: total 4, learn 0, cfg 4
  PBR Requirements met
  Nbar Status: Inactive
Border           Status                UP/DOWN             AuthFail  Version  DOWN Reason           <- Both Border routers are active
10.0.62.17       ACTIVE                UP       1w5d          0  3.3
10.0.62.13       ACTIVE                UP       1w5d          0  3.3
….
Default Policy Settings:
  backoff 90 900 90
  delay relative 50
  holddown 90
  periodic 90
  probe frequency 56
  number of jitter probe packets 100
  mode route control
  mode monitor both
  loss relative 10
  jitter threshold 1000
  mos threshold 3.60 percent 30
  unreachable relative 50
  trigger-log percentage 30
Learn Settings:
  current state : DISABLED
<-  We disabled learning in this example, going for fast failover
….
We’ll now look at the traffic-classes defined, seen we disabled
learning and enabled only 1 application prefixed (Voice/Video)
(only 2 traffic-class are defined).
One could use Netflow or NBAR2 to profile traffic.
c3925H#sho pfr master traffic-class
OER Prefix Statistics:
 Pas – Passive, Act – Active, S – Short term, L – Long term, Dly – Delay (ms),
 P – Percentage below threshold, Jit – Jitter (ms),
 MOS – Mean Opinion Score
 Los – Packet Loss (percent/10000), Un – Unreachable (flows-per-million),
 E – Egress, I – Ingress, Bw – Bandwidth (kbps), N – Not applicable
 U – unknown, * – uncontrolled, + – control more specific, @ – active probe all
 # – Prefix monitor mode is Special, & – Blackholed Prefix
 % – Force Next-Hop, ^ – Prefix is denied
DstPrefix           Appl_ID Dscp Prot     SrcPort     DstPort SrcPrefix
           Flags             State     Time            CurrBR  CurrI/F Protocol
         PasSDly  PasLDly   PasSUn   PasLUn  PasSLos  PasLLos      EBw      IBw
         ActSDly  ActLDly   ActSUn   ActLUn  ActSJit  ActPMOS  ActSLos  ActLLos
——————————————————————————–
10.0.6.155/32             N    N  udp 16384-65535 16384-65535 0.0.0.0/0
                          INPOLICY       @6        10.0.62.13 Gi0/0           PBR
               U        U        0        0        0        0        0        0
               2        2        0        0        0        0        0        0
10.0.6.158/32             N    N  udp 16384-65535 16384-65535 0.0.0.0/0
                          INPOLICY      @37        10.0.62.13 Gi0/0           PBR
<– Detected application, in policy exiting GE 0/0
               U        U        0        0        0        0      178      178
               2        2        0        0        0        0        0        0
The active probe:
sho pfr master active-probes forced:
        OER Master Controller active-probes
Border   = Border Router running this Probe
Policy   = Forced target is configure under this policy
Type     = Probe Type
Target   = Target Address
TPort    = Target Port
N – Not applicable
The following Forced Probes are running:
Border          State    Policy             Type     Target          TPort Dscp
10.0.62.17      ACTIVE   10                 jitter   10.0.62.34       3050 defa
10.0.62.13      ACTIVE   10                 jitter   10.0.62.34       3050 defa
After the rerouting off the traffic. Use a other sho command to illustrate on the 3925:

sho pfr master traffic-class performance

=============================================================

…..

Traffic-class:

Destination Prefix : 10.0.6.158/32           Source Prefix    : 0.0.0.0/0

Destination Port   : 16384-65535             Source Port      : 16384-65535

DSCP               : N                       Protocol         : udp

Application Name:  : N/A

General:

Control State                   : Controlled using PBR

Traffic-class status            : INPOLICY

Current Exit                    : BR 10.0.62.17 interface Gi0/0, Tie breaker was None

Time on current exit            : 0d 0:8:2

Time remaining in current state : @59 seconds

Traffic-class type              : Configured

Improper config                 : None

Last Out-of-Policy event:

No Out-of-Policy Event

Average Passive Performance Current Exit: (Average for last 5 minutes)

Unreachable            : 0% — Threshold: 50%

Delay                  : 0% — Threshold: 50%

Loss                   : 0% — Threshold: 10%

Egress BW              : 1033 kbps

Ingress BW             : 1030 kbps

Time since last update : 0d 0:0:28

Average Active Performance Current Exit: (Average for last 5 minutes)

Unreachable            : 0% — Threshold: 50%

Jitter                 : 0 msec — Threshold: 10000 msec

Delay                  : 80% — Threshold: 50%

Loss                   : 0% — Threshold: 10%

Last Resolver Decision:

BR              Interface    Status       Reason       Performance Threshold

————— ———— ———— ———— ———– ———

10.0.62.13      Gi0/0        Eliminated   Jitter       N/A          N/A     

   10.0.62.17      Gi0/0        Best Exit    Jitter       N/A          N/A   

.

The Central router 2921-1

.
(has also pfr enabled)
!
!
key chain key2
 key 1
  key-string cisco
!
!
pfr master
 policy-rules VIDEO_VOICE
 logging
 !
 border 10.0.62.34 key-chain key2                            
<- Only 1 border router this time, with 2 external interfaces
  interface GigabitEthernet0/2 external
   link-group secondary
  interface GigabitEthernet0/1 external
   max-xmit-utilization percentage 100
   link-group primary
  interface GigabitEthernet0/0 internal
 !
 no learn
!
pfr border
 local GigabitEthernet0/0
 master 10.0.62.34 key-chain key2
!
!
interface Loopback0
 ip address 10.0.62.37 255.255.255.252
!
interface GigabitEthernet0/0
 ip address 10.0.62.34 255.255.255.252
 duplex full
 speed 1000
!
interface GigabitEthernet0/1
 ip address 10.0.61.1 255.255.255.240
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 ip address 10.0.62.5 255.255.255.252
 delay 20
 duplex auto
 speed auto
!
!
router eigrp 1
 network 10.0.61.0 0.0.0.15
….
!
!
ip access-list extended VOICE_VIDEO_ACCESS_LIST
 permit udp any range 16384 65535 host 10.0.63.11 range 16384 65535
!
ip sla auto discovery
ip sla responder
ip sla enable reaction-alerts
!
!
!
pfr-map VIDEO_VOICE 10
 match traffic-class access-list VOICE_VIDEO_ACCESS_LIST
<- This time ip phone .11
 set mode route control
 set mode monitor fast
 set resolve jitter priority 1 variance 5
 set resolve delay priority 2 variance 50
 set resolve loss priority 3 variance 50
 set jitter threshold 120
 set active-probe jitter 10.0.63.1 target-port 3050
 set probe frequency 5
 set link-group primary fallback secondary
!
Have fun!
 Johan De Ridder
Advertisements

CiscoLive 2013 in London is ready to start

The biggest European Cisco event of the year – CiscoLive – is ready to start!!

As from tomorrow the techtorials are starting, followed as from Tuesday by the Keynotes and the general sessions. We look forward to meet the numerous Belgian and Luxemburg customers and partners attending the event. To give you already a glimpse of one of the main content tracks, please see underneath banner !

unified access ciscolive 2013

For those not able to attend physically CiscoLive in London, do not hesitate to register on the virtual event web site, where you will be able to see the keynotes and get access to very interesting event content : http://www.ciscolive.com/london/virtual/

Cisco Catalyst 6500 ready to serve you another decade!

The Cisco Catalyst 6500 was born more than 12 years ago when it started its baby steps in the networking market around June 1999. In the last dozen years this platform has seen great evolutions and even caused some ‘revolutions’ in the networking industry. The first release went out and stayed in the market for about 6 years. Then the E-series chassis and SUP720 were introduced as from 2004. One year later in 2005 the SUP32 was also introduced, focusing on the Access layer. Although new chassis were launched you could still use the older chassis for the new SUP720 and SUP32. Also existing linecards could be reused with the new supervisor and in the new chassis. During its lifetime, the platform had some linecard additions, linecard revisions and supervisor enhancements. But overall the solution with SUP720 and SUP32 remained there for another 6 years.

This track record brings us twelve years later in 2012 where a lot of questions from customers arise around the future life of the Catalyst 6500. Certainly after the launch of our Datacenter centric Nexus products most of our customers started to question its future. Can the Catalyst 6500 keep up with these developments? Will the Nexus 7000 replace the Catalyst completely? Or will Cisco launch a complete new platform for the Campus?

Well, exactly at that time the next step for the Catalyst 6500 was already getting ready of being launched. A brand new Supervisor with amazing speed and without compromising on the vast amount of available features on the platform, together with a new set of linecards. The supervisor almost delivers 3x more speed and brings new in-hardware features.

Just to tease you already, it offers an amazing 2 Terabit crossbar with 80 Gbps per slot (even for the 13 slot 6513-E) and also new PFC4 and MSFC5 daughtercard on board. These 3 new components together deliver also new features like TrustSec incl MacSec, VPLS in hardware, L2/L3 MPLS in hardware and innovations in QoS, Managebility and Virtualization. And if these where not yet enough it also offers you up to 512k/1024k (for XL) of Flexible Netflow entries, up to 720Mpps* of IPv4 routing and 390Mpps* of IPv6 routing all performed in hardware as well. Like all the above was not yet enough you can of course use this in a proven Virtual Switching System (VSS) solution offering a massive 4Tbps system with all these features.

As for backward compatibility, the product has been developed with our customers as prior focus, to offer them maximum investment protection on their existing installed base. To begin with, all the existing E-chassis and power supplies are supported with this new hardware. With regards to linecards there are a few options. First of all it supports most of the existing 67xx linecards in CFC or in DFC as soon as you upgrade them to DFC4 with exception for the WS-X6708-10GE linecard which has been replaced with a new WS-X6908-10GE card. These 67xx linecards offer you the same backplane connection of 40Gbps. In case you would be ordering new linecards in this range they are available as a 68xx series where the same hardware ships with the DFC4 upgrade onboard. If you really want to take all advantages of the additional speed you can use the 69xx series linecards which offer you a 80Gbps bandwidth to the backplane. Last but not least it also supports a few of the 61xx line cards but only in a non-VSS setup.

All these new and exciting speeds and features make the Catalyst 6500 ready for again another decade. The platform provides a unique investment protection to customers, valuing the trust they have for all those years already in this great platform. This launch is only a beginning. Don’t forget to visit Cisco Live 2012 in London to discover what this platform will unleash even more in the future.

The Catalyst 6500 serves you again for another decade!

Cisco Live 2012 - London - January 30th till February 3rd

Before and after VXI

Recent studies have revealed that over 60% of enterprise companies plans to deploy desktop virtualization in some way over the next 3 to 4 years.  From a TCO point of view the advantages of desktop virtualization are simply amazing. As we move further into the so called “post-pc era”, having the ability to “port over” the virtual desktop environment to other devices or let’s say locations than the traditional office desk brings unseen flexibility and mobility.  Think of our Cius business tablet that offers you a full desktop environment in the office, while keeping access to the virtual desktop  over wi-fi or 3G/4G connectivity while on the go.

Desktop virtualization however just doesn’t prove to be that good a solution when it comes to integrating real-time audio and video. Using a soft phone or video client over a display protocol such as Citrix ICA or VMWare PCOIP simply doesn’t scale. “Hair-pinning” all the real-time traffic back and forth to the data center where the virtual desktop resides causes delay and jitter and puts a heavy burden on data center resources, not to mention possible bandwidth exhaustion…

Thanks to our Virtual Expirience Infrastructure or simply VXI, we are able to separate real-time traffic out of the VDI display protocol, routing voice and video traffic directly between end points, bypassing the data center.

Please take a moment to view a short video on our VXI solutions, showing you how separating voice and video traffic from the display protocol enhances the user experience. To start with, you will first see what you get without VXI. They say that seeing is believing. Well,  this video really speaks for itself.

 

 

To find out more about our VXI offering and VXC clients, please visit the link below, and see how we effectively bring the best of our borderless networking, virtualization and collaboration technologies together.

http://www.cisco.com/go/vxi

Cisco Prime NCS – A New Way of Managing “Access”

As mentioned in previous blogs regarding “enabling Bring Your Own device” or “New Ways of Working”, people will access the network  in more and more different and variable ways. Starting with Home Working in the morning, connecting on the road, working at a virtual desk in the office and returning to the home office. The end user is therefore continuously changing between VPN, LAN and WLAN. Within that changing scope, the user is connecting with corporate devices as well as own private devices.

And then suddenly the user cannot access the data he wants, and he calls the IT support and says : “I don’t have access – can you solve this ?”.

Today, IT support will need to dive into a myriad of management tools, connecting the LAN, WLAN, VPN and Security dots to find the cause of the problem. This is where NCS jumps in by delivering you that Unified Access View !!

With Cisco Prime Network Control System you can see every user in your network regardless of whether he is connected through a wire or wireless and get all the information you need for identity management. You also get complete visibility into endpoint connectivity ,no matter where or what that endpoint is and how it is connected.
As mentioned above, this speeds troubleshooting for the most reported customer pain point – network problems related to client devices.

Cisco Prime NCS also provides monitoring of endpoint security policy through integration with Cisco Identity Services Engine (ISE) to deliver visibility into compliance based on real-time contextual information from the network, users and devices across the entire wired and wireless access network.

Built on the WCS, Cisco Prime NCS includes complete lifecycle management of 802.11n and 802.11a/b/g, enterprise-class, indoor and outdoor wireless networks. You get immediate access to the tools you need, when you need them, so that you can more efficiently implement and maintain secure wireless LANs, monitor wired and wireless LANs, and view users and endpoints across both networks – all from a centralized location.
Operational costs are significantly reduced as well through the platform’s workflow-oriented, simplified, and intuitive user experience. Unlike overlay management tools, Cisco NCS incorporates the full breadth of management requirements – from radio frequency, to controllers, switches, endpoints, and users on wired and wireless networks, and to mobility and identity services.

For an nice overview , have a look at below video:

Still having doubts ?
Well the best way to be sure is to test Cisco Prime NCS
Demo licenses are available and should be issued within 15-minutes. Remember, you need your own server (VMware ESX and ESXi) to install the .ova:
https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?FormId=3999

For more information, please visit: www.cisco.com/go/ncs

Lennert

Datanews 2/12/2011: « Helft van Belgische bedrijven wil iPad – La moitié des entreprises belges veulent utiliser l’iPad »

Datanews’ yearly survey amongst 300 telecom- and IT-responsibles of Belgian companies (http://t.co/gnsy0DNF) is very clear : around half of the companies plan to use an iPad or another tablet for mobile data services (up from 21% last year). Impressive is that 41% of the companies mentioned that employees could use their own smartphone. Priority for the surveyed companies was : 1. Mobile Data, 2. Security and 3. Standardization. This survey confirms that the evolution to consumer devices entering the network (“Consumerization”) and people bringing in their own devices (“BYOD – Bring Your Own device”) is really breaking through.

More then 1 year ago, Cisco IT moved from an environment where all devices were corporate-owned and controlled, towards an environment allowing end users to choose from a broad catalog of devices as well as use their own devices. One year later, the result is spectacular: in 1 year mobile device count grew 59% up to more then 43.000 devices. iPhones take up 40% of those devices, BlackBerry 32% and Cisco IT now sees a rapidly growing community of Tablet users (15%), as well as Android device users (10%).


Can you block/ignore this evolution ?

No, difficult, as many customers mentioned us their upper management were the first to bring in the iPhone, iPad and other devices. Difficult to say “no” to them, although they might carry the most sensitive data and therefore carry the greatest potential security risk. So, how as an IT department can you accept and guide this evolution, taking into account the security risks ?

What happens when you say “yes” ?

First of all, it answers a real demand from the end users and leads to a more satisfied and productive end user community. As IT, you are addressing what Peter Hinssen mentions : “Work being that moment in time when you use old technology” (see Peter Hinssen : “The New Normal”). As mentioned above, at Cisco it led to an enormous growth in mobile devices, and a broad spectrum of new operating systems accessing the network. The times of the desktop with the single operating system are clearly behind us. Often, this evolution will also go hand in hand with enabling new ways of working : allowing the employees to work from home, on the road or in the office (behind a desk, virtual desk, flex desk, in meeting rooms or meeting corners – (wired or wireless).

How will mobile data usage evolve ?

An additional measurement of Cisco IT showed that the increased capabilities of the new generations of smartphones and tablets make data- and application access seamless, leading to a 40x increased data usage versus previous BlackBerry data usage. Therefore, it will be important to offload the devices wherever possible from 3G to a corporate wireless network for higher bandwidth and lower costs.

In fact, we need to move beyond looking at the access methods as such, and create an environment that allows the end user to connect seamlessly and transparently from anywhere to enable him to work in new ways : home working, working on the road, working behind one’s office desk, working in flexible desk environments, going wireless in meeting rooms and meeting corners, … This will require a going together of LAN, WLAN and VPN technologies into a seamless solution.

So, how can I start the journey ? How can Cisco help ?

First of all, as users access with new types of devices, you need to have the capability to discover which device they are using. Cisco’s Identity Services Engine with its unique profiling capability will give IT visibility on which devices access the network.

Secondly, you need to provide a strong standardized infrastructure to allow access from wherever needed : Cisco Virtual Office at home, mobile data services while on the road, a full wired and wireless LAN deployment in the corporate buildings.

Thirdly, as the end user wants access from different environments (without needing to be an IT expert), you need to provide him a uniform way of  access. Here, Cisco has unique capabilities to gradually evolve your LAN and WLAN environment towards a secure 802.1x environment. Cisco’s AnyConnect end device client can then incorporate VPN and 802.1x connectivity to deliver a seamless Access Experience, whether at home, on the road or in the office.

Finally, an adequate Security Policy environment is needed. As people can and will access the network with multiple devices – some controlled, some private – an evolution is required towards Context-Aware Security with Cisco’s Identity Services Engine as policy engine. This will allow IT to define the right security policies dependent on who accesses, as well as with what device, from where, at what time, …

In upcoming blogs, we will go deeper on each of the different above mentioned elements of the total solution.

Let’s start the journey !

Wide Area Application Services

Network World has provided an independent review of the new WAVE appliances after conducting extensive lab testing of the appliances. The report’s executive summary says it all – “The latest release of Cisco’s WAN optimization product line — Wide Area Application Services (WAAS) 4.4 — proves that the company famous for routing packets can also shape, optimize and accelerate them”. For customers, this report backed by hands-on testing, provides an independent source of product evaluation that goes beyond analyst or blogger speculation.

Cisco WAAS shows pizzazz by By Keith Schultz, Network World, November 21, 2011. Link and noteworthy quotes below:
http://www.networkworld.com/reviews/2011/112111-cisco-waas-252854.html

Performance: The top-end WAVE-8541 is an absolute speed demon and its ability to handle 150,000 connections and pass 2Gbps optimized traffic over the WAN is impressive…That represents some of the best performance we’ve seen based on previous testing of WAN optimization gear.
Reporting and Monitoring: The reporting and monitoring engine is top notch and overall, we found the system easy to navigate and use. There are a number of reports included in Central Manager, such as traffic and optimization summary, HTTP, HTTPS, video, SSL, MAPI and NFS acceleration reports, and also an overall acceleration summary.
Context-aware DRE: Cisco’s new context-aware DRE (Data Reduction Engine) does away with the segmented cache, opting for a single large unified cache that all appliances can participate in. Cisco’s DRE adapts to changing conditions in traffic and applications.
Video, VDI optimization: What’s interesting is that DRE can also function in a uni-directional mode for specific traffic types, like streaming audio and video, and VDI… take advantage of any cached byte segments in the branch appliance without filling up the data center cach
Manageability: We found the browser-based management UI is well laid out and very intuitive to use…WAAS covers just about all possible scenarios. We were able to create custom policies quickly in just minutes and easily deploy them to specific device groups… WAAS provides TCP optimization, data compression, application specific optimization and intelligent caching, all controlled from a single browser-based management console.
Breadth of Portfolio: WAAS comes in a variety of form factors and deployment methods — a data center appliance, branch office box, virtual WAAS for cloud-ready installations, and a mobile client for Windows operating systems… overall, Cisco has designed a consistent user interface and feature set across platforms
Maturity and Scalability : Cisco’s latest release of WAAS is a very mature and highly scalable platform for speeding up TCP traffic in the enterprise… the TCP support covers just about every conceivable situation.

The report also calls out WAAS optimizations for Citrix Virtual Desktops and Microsoft RDP which can be deployed with Microsoft and VMWare desktop virtualization solutions. The report points out that WAAS does not optimize UDP based traffic today, which could be an option if PCoIP is deployed on the WAN (instead of RDP). Cisco WAAS provides up to 90%+ optimization for Video delivered when using PCoIP with MMR. What we have seen is that Video is the bandwidth culprit in many cases and WAAS Video optimizations benefit PCoIP environments too.

Also, like other leading vendors, Cisco charges for the WAAS Central Manager. However, we provide the integration with Cisco Prime, NAM at no additional cost. As the article points out, this integration is very powerful – “We like that Cisco includes Cisco Prime, its Network Analysis Module, as part of Central Manager. Where Central Manager’s reporting is unique to WAAS devices, Cisco Prime will collect network statistics from all across the network, including non-WAAS appliances. This allows IT to get a complete picture of network traffic from end to end and not be limited to WAAS-only information.”

Pleas have a look at the new appliances on:
www.cisco.com/go/waas

%d bloggers like this: