Today branch office infrastructure features two prominent service deployment models.The first model centralizes all applications into the Data Center and delivers them over the WAN. The branch is as lean as possible, containing primarily end-point client devices.In the second model the services are decentralized and hosted in the branch office. Only necessary traffic traverses the WAN, for example data backup and recovery.EXAMPLE:Unified Communication is one example where both of these deployment models feature prominently. Cisco Unified Call Manager Express with Cisco Unity Express meets the needs of Enterprises that require the decentralized deployment model. Cisco Unified Call Manager with Cisco Unity deployed in the data center and supported in the branch with Survivable Remote Site Telephony meets the needs of Enterprises that require the centralized deployment model.In practice, the centralized and decentralized service deployment models are just two opposites of a much larger continuum of service deployment models. When all relevant Branch Office services are taken into consideration some may be centralized, others deployed locally, leading to many different hybrid deployment models.What are the implications of today’s service deployment models?
While full application and infrastructure centralization would be the ideal scenario for all organizations, in practice it is often difficult to achieve. Typically a long geographic distance separates the end-user in the branch office from the application processing environment in the data center. Because of this geographic distance, the corporate WAN and the Internet have several inherent limitations that impact the quality of user experience with the application.The first user experience challenge is in the area of application performance. Following WAN speed limitations impact the performance of a centrally hosted application: Latency: physical distance and mechanics of the TCP protocol introduce a delay into the user-application interaction. Delay leads to a sluggish response time for the applicationBandwidth: cost dictates how much bandwidth is available at a remote location. Competition between users for bandwidth or data intensive applications leads to diminished responsiveness for the applicationIf business requirements dictate that an application has to have specific performance target, be it response time or number of transactions, that application may have to be hosted locally to achieve this service level.The second user experience challenge is in the area of application availability. Following WAN quality limitations impact the availability of a centrally hosted application:Reliability: WAN outages do occur and backup links may either be too expensive, too limited, or altogether unavailable in the area. WAN outages make the centrally hosted application unusableCongestion: Bandwidth is typically oversubscribed which often results in congestion, which in turn, leads to spotty availability of the applicationsIf business requirements dictate that an application has to have a specific availability target that application may need a local, lightweight proxy that makes the application survivable during a WAN outage or congestion event.The third user experience challenge is in the area of compliance. Storing application data off-site - across the WAN, or more worryingly the Internet, impacts centrally hosted applications in the following ways:Data privacy: certain regulatory policies (for example Health Insurance Portability and Accountability Act (HIPAA) in the US) dictate that data has to be “always-available” or have stringent security requirements. Compliance rules are often simplest to implement when the application generating the data is localApplication access: Remote applications, especially applications hosted in a public Cloud, require multiple sign-ons, which reduce user satisfaction with centrally hosted applicationsIf regulatory requirements dictate that an application has to be local, or if corporate security policies constrain how an application is accessed, that application may have to be hosted locally to comply.
What are the typical applications that would run in a “lean” branch office?Generally speaking they fall into 3 categories:Core Windows ServicesDHCP server – Layer 2 service that may be difficult or performance prohibitive to implement across the WANActive Directory Domain Services – Services needed to access resources on Microsoft networks needed locally in the branch for survivability reasonsDNS server – Name to IP address resolution service needed locally in the branch for survivability reasonsPrint services – Local hosting eliminates sending large files from client device to centralized print service and back to a local printerFile services – Local file system often used for performance and survivability reasonsMission Critical Business applicationsPoint of Sale (POS) server – Needed locally in case of WAN outageBank Teller control point – Needed locally in case of WAN outageElectronic Medical Records (EMR) – Needed locally because of HIPPA complianceInventory Management – Needed to manage local inventoryClient Management Services – Software to manage PCs in the branchSoftware Update and Patch Software – Prevents multiple PCs trying to download the same patch at the same timeClient Monitoring Services – Traffic and security monitoring that cannot be done real time over the WANBackup and Recovery – Local backup and recovery softwareTerminal Server Gateway – Terminal server for logging into client devicesAll of the above are examples of applications that defy centralization and in most cases are required to be hosted locally in the branch office.
Focusing on each component, lets’ start with the ISR G2.For UCS E-Series Servers, ISR G2 functions as the server blade enclosure. The advantage of this approach is that the ISR G2 is the most widely deployed branch office device and already has slots for various networking modules. Now you can re-use the same slots for x86 blade servers.The ISR G2 has a rich set of functionality. The features that are relevant when considering it in the context of a blade server chassis are the following:1,2,4 blade slot options depending on the ISR G2 model. 2911 and 2921 have 1, 2951 and 3925 have 2, and 3945 has 4The router provides comprehensive security measures to prevent un-authorized access, but also unlike stand-alone servers, blade servers reduce the physical attack surface by eliminating wires to tap into, ports to listen on, monitors to peek at.The 3900 ISRs have options for redundant power supplies to improve high availabilityMulti-Gigabit backplane switch allows direct access to the LAN either through EHWIC or SM EtherSwitch modules, without sending the traffic through the router CPU ISRs have typically 5-6 year service life, but have been designed to last much longer. The overall system MTBFs are in 250K-300K range compared to 100K-150K for a typical branch serverISR G2 with slots come in 2 or 3 RU form factorsUnlike any other device on the market ISR G2 can consolidate ALL branch office services into a single box. These include:Connectivity: LAN and WANMobility: Wireless LAN and WANApplication Performance: WAN optimizationSecurity: VPNs, Firewalls, IPS, AAACollaboration: voice gateways, video processing, call management, and voicemailApplication platforms: network integration for applications
The Cisco UCS E-Series Server Modules extend the Cisco UCS product portfolio to meet the needs of customers who want to deploy a virtualization-ready computing infrastructure in the branch-office environment while maintaining a lean branch-office architecture. The server modules are available in two form factors: a single-wide module and a double-wide module. The single-wide module includes a four-core Intel Xeon E3 processor and occupies a single service module slot in the Cisco ISR G2 device.It following are the features in detail Memory: 8 GB (default: one 8-GB DIMM) and up to 16 GB (two 8-GB DIMMs)Power efficiency: The highest-end SRE consumes only 50 Watts of power versus 300-400 Watts consumed by a comparable tower serverStorage access: The internal Gigabit Ethernet ports offer iSCSI initiator hardware offload functionalityCPU: Intel Xeon E3 family quad-core processor. Lights-out hardware management: Cisco Integrated Management Controller can manage one or multiple blades out-of bandDisk: Up to two: 7200-RPM SATA: 1 TB or 10,000-RPM SAS: 900 GB or 10,000-RPM SAS SED: 600 GB or SAS SSDSLC: 200 GBRAID: œ Hardware RAID 0 and 1 œ LSI MegaRAID controllerPhysical dimensions: wire-free, plug-and-play modularity, with low shipping weightFront-panel connectors: One KVM console connector (supplies 2 USB, 1 VGA, and 1 serial connector)Power management: Manual and schedulable on/off times that can be configured remotely
The double-wide module occupies two Cisco ISR G2 service-module slots side by side and includes either a four-core or six-core Intel Xeon E5-2400 processor with more RAM and storage capacity than the single-wide module. The double-wide module also has a PCIe card option for expanding external network and storage I/O.It following are the features in detail Memory: 8 GB (default) and up to 48 GB (three 16-GB DIMMs)Power efficiency: The highest-end SRE consumes only 50 Watts of power versus 300-400 Watts consumed by a comparable tower serverStorage access: The internal Gigabit Ethernet ports offer iSCSI initiator hardware offload functionalityCPU: Intel Xeon E5-2400 quad core (Cisco UCSE140) or six-core (Cisco UCSE160) processor Lights-out hardware management: Cisco Integrated Management Controller can manage one or multiple blades out-of bandDisk: Up to two: 7200-RPM SATA: 1 TB or 10,000-RPM SAS: 900 GB or 10,000-RPM SAS SED: 600 GB or SAS SSDSLC: 200 GBRAID: Cisco UCSE140D and E160D: Hardware RAID 0, 1, and 5 ● Cisco UCSE140DP and E160DP: Hardware RAID 0 and 1 ● LSI MegaRAID controllerPhysical dimensions: wire-free, plug-and-play modularity, with low shipping weightFront-panel connectors: Front-panel VGA, 2 USB, and serial console connectorsPower management: Manual and schedulable on/off times that can be configured remotely
Maintaining Application Performance with Desktop Virtualization in the Branch Office
TCO View for Remote Office Branch Office Solution 70% Savings Wireless LAN Controller WAN Opt. Security Voicemail Appliance - Overlay Appliances Cisco ISR G2 Truck Roll Facilities CapEx Productivity Loss Power Consumption Maintenance Support