Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Steven Pollock 4-2 Smart Business Architectures With Borderless Networks

497
views

Published on

Smart Business Architectures and the Case for Cisco Borderless Networks

Smart Business Architectures and the Case for Cisco Borderless Networks

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
497
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Smart Business Architectures and the case for Cisco Borderless NetworksSteven Pollock, CCIE#3148Sr. Systems Engineering ManagerBorderless Network ArchitecturesUnited States Public Sector© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
  • 2. Government Business Challenges The Network – Your Strategic Investment Smart Business Architecture for Government Next Steps© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
  • 3. Workplace Mobility Video Experience 7 Billion New Blurring the Borders Changing the Way Wireless Devices We Work Consumer ↔ Workforce by 2015 Employee ↔ Partner Video projected to Physical ↔ Virtual quadruple IP traffic by 2014 to 767 exabytes Mobile Devices Anyone, Anywhere, Anytime IT Resources© 2011 Cisco and/or its affiliates. All rights reserved. 2010 Cisco Confidential 3
  • 4. Borderless Experience ANYONE ANYTHING ANYWHERE ANYTIME Securely, Reliably, Seamlessly© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
  • 5. Helping Government Educate, Defend and Serve Government Solutions Application Layer Operations Applications Collaboration Applications Network Infrastructure Borderless Network Collaboration Data Center© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
  • 6. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
  • 7. … a building without an architectural blueprint? Without a Blueprint With a Blueprint  One problem creates another  Provides detailed proper planning and design  Silo’d projects exist with no integration  Allows a clean integration when additions are plan made  Constant re-design with additions  Reduces Total cost of ownership  Changes are costly  Additions do not require entire buildingConfidential re-design© 2011 Cisco and/or its affiliates. All rights reserved. 2010 Cisco 7 7
  • 8. Data Center/Collaboration Virtualization Borderless Networks
  • 9. Architecture for Agile Delivery of the Borderless Experience Borderless End-Point/User Services Workplace Mobility Video Experience Securely, Reliably, Seamlessly:AnyConnect Infrastructure Borderless Borderless Network Services Policy, Management, App Switching and Smart Mobility: Green: Security: Performance: Voice/Video: Routing Services Motion EnergyWise TrustSec App Velocity Medianet Wireless Security WAAS Optical PROFESSIONAL SERVICES: Realize the Value of Borderless Networks Faster© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
  • 10. Transform Voice and Video Experiences No Resource Reservation, Context-Aware, Prioritized, Degraded Voice and Video High-Quality Voice and Video GLOBAL BUSINESS, WORLDWIDE OFFICES CEO M&A Sports CEO M&A Sports Meeting Negotiation Event Meeting Negotiation Event Can My Network Deliver Real-Time Collaboration Experiences?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
  • 11. Superior Application Performance, Better User Experience Compromised Up to 2X Improved Response Time and Costly Experience and 90% Reduced Bandwidth Cost SP C SP C SP A Shortest path SP A Real-Time selected! Fastest Path No application Scalable SP D SP D SP D control App Visibility SP B Wasted SP B Embedded WAN bandwidth Optimization SP D SP D SP D Can My Network Optimize Performance of Applications Anytime, Anywhere?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
  • 12. Enables Business Continuity and Network Reliability Unreliable WAN Leads to Poor ―Lean‖ Application Hosting ProvidesExperience with Cloud/Data Center Branch-to-Cloud Application Survivability Hosted Applications and Infrastructure Agility Cloud Cloud WAN WAN UCS-E Can My Network Optimize Performance of Applications Anytime, Anywhere?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
  • 13. Reducing Energy Costs No Energy Countywide Office Management Energy Management COUNTY OFFICES 10,000 PCs Annual Managed Additional Energy Total Savings Energy Costs Nightly Shutdown Policies $770,000 $430,000 $280,000 $150,000 Am I Using My Network to Reduce My Energy Costs?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
  • 14. Guest Access Made Easy IT Devices Changed Manually ―Guest‖ Access Policy CONSULTANT FOR A PROJECT Do I Have a Consistent Access Policy Architecture Across My Network for All Users and Devices?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
  • 15. Next-Generation Security Clear Data and Video Encrypted, Tamper-Proof Streams in LAN Transactions D D D D D D D D D D D D D D D D D D V V V V V V V V V MALICIOUS V V V V V V V V V GUEST USER Is My Network Ready for Current and Future Regulatory Requirements?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
  • 16. Next-Generation Security Unmanaged Devices, Risk of Data Loss, and Lack of Access Secure Mobile Connectivity Acceptable Use MOBILE EXECUTIVE Access Control Data Loss Prevention Can Mobile Devices Access My Network Securely, Reliably and Seamlessly?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
  • 17. 802.11n Performance ProtectionWireless Interference Decreases CleanAir Detects and Mitigates 802.11n Performance Interference for Performance Protection AIR QUALITY PERFORMANCE AIR QUALITY PERFORMANCE WIRELESS PERFORMANCE Can Mobile Devices Access My Network Securely, Reliably and Seamlessly?© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
  • 18. Roadmap to Building a Borderless Experience and more! Target: SBA for Deployment Recommendations Government •Step by step guide for technology adoption • 100 to 10,000 endpoints • Targeted at CCNA level Prescriptive Solutions • Tested with ASE’s and Partners • Specific Cisco tested and validated solutions are • When implemented, it will prescribed within each guide to speed and simplify work! borderless enablement • Major reduction of deployment time Modular Design for the Future • Accelerates deployment of AT • Modular approach protects IT investments and ensures • Foundation for all other architectures phased builds work with the long-term strategy • Defense networks (future) Tested & Validated Architectural Comprehensive Systematic Solutions Work Design Solution Approach Together 18© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  • 19. SBA for Government Large and Midsize Agency Subway Map DC BN COL BN© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
  • 20. What Does it Look Like… Hardware and • LAN Software VPN Internet Edge Routers Internet Edge Data Center Email Internet Remote Security Appliance Access VPN • WAN/Aggregation Teleworker/ WAN Aggregation Guest Mobile Worker WLAN • Internet Edge WAN Application Acceleration Firewall Internet Servers Wireless VPN Access Wireless Point LAN Web Security • 7K Core Client Access Controller Appliance Switch • Regional Branch Router with Application Acceleration Core Switches Remote Office/Remote Local Area Network Collapsed Distribution/ • Data Center Core Switches Distribution Switches • IPv6 Addressing Wireless LAN Regional Controller Router • Wireless Client Application Access Acceleration Switches • Data Security Regional Office Building 1 Building 2 Building 3 Building 4 * Each contains a Deployment and Configuration guide Cisco Confidential 20© 2011 Cisco and/or its affiliates. All rights reserved.
  • 21. LAN Design - Resilient Core and Distribution • Dual Box L3 Core Internet Edge Routers Internet Edge Email Data Center Security Remote Appliance Access VPN • Resilient Virtual Switch Design WAN Aggregation Guest WLAN Distribution Layer Application Firewall Acceleration VPN Internet Servers • Loop-free topology Wireless LAN Controller Web Security Appliance No STP for convergence • No standby uplinks Core Switches Local Area Network Leverages EtherChannel Distribution • No FHRP’s required Switches • < 1 second recovery Client Access Switches Mostly transparent to users apps • Multiple product options Building 1 Building 2 Building 3 Building 4 3750, 4507RE, 6500VSS© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
  • 22. Campus Access Design • Switch selection Standalone, stackable, or chassis Distribution PoE on all ports • CISF (Catalyst Infrastructure Sec Features) ARP inspection DHCP snooping Port security IP source guard • Voice & Video Enabled Wireless IP Phones and Wired and wireless Access Point Computers QoS Client Access Multicast CDP© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
  • 23. Collapsed Core with Cisco Nexus 7000 • Target: 2,000—10,000 connected users • Alternate core design: Data Center Access Switches data center and campus Data Center Aggregation cores are collapsed into Switches one pair of devices Data Center Data Center and LAN Core Switches Local Area Network • Cisco Nexus 7000 used LAN Distribution as core device due to its Switches feature set and 10G density LAN Access • Provides DCI with OTV Switches (l2 over l3) Building 1 Building 2 Building 3 Building 4 • Hitless ISSU© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
  • 24. WAN Design • Primary Internet Edge 10k connectivity Internet Edge Routers Internet Edge Internet via MPLS WAN Email Security Remote Appliance Access VPN • Optional backup WAN Aggregation DMVPN WAN Guest WLAN WAN • Application optimization Application Acceleration VPN Firewall Internet Servers • Regional Access Wireless LAN Controller Web Security Appliance model To Core • Config CLI or LMS WAN 100  Product models change based on scale© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
  • 25. Deployment Using CiscoWorks LMS (LAN Management Solution) Best Practice SBA Templates Easy Deployment 1. Select Template 2. Select devices in bulk 3. Override any config manually Immediate or Scheduled Delivery© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 25
  • 26. Deployment Using CiscoWorks LMS© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 26
  • 27. Deployment Using CiscoWorks LMS© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 27
  • 28. • Together with two colleagues in 2.5 hours, Cisco conducted a live implementation of the Foundation Routing & Switching, WAN, Edge, Firewalling, IPSec VPN Remote Access, EasyVPN branch office, controller-based WLAN and UC using the RDM method. • Attendees loved it – highest-rated session of the whole Conference.© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
  • 29. http://cisco.com/go/govsba© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29