DNA Intelligent WAN Campus Day

Intelligent WAN Architecture
Enabling the Digital Enterprise
Steven Wood – Principal Engineer,Architect - IWAN

• Business Drivers and Outcomes
• IWAN Architecture Overview
• Orchestration & Automation
• Product Portfolio
• Closing
Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise WAN - What’s Going on?
• WAN bandwidth needs are growing!
• Increasing use of Cloud, BYOD/IOE and Video
driving increased traffic
• The Data Center is Exploding
• Private DC -> Hybrid Cloud
• It’s all about Application Delivery
• IT budgets flat or declining
• Transport/bandwidth costs are majority of WAN budget
• These trends are driving WAN modernization
• Lower cost transports – Internet, LTE, Carrier Ethernet
• Cloud Endpoints, Security, Threat Protection
• Application performance monitoring and optimization
• Fast IT Delivery Models
• Software Defined WAN
Is Your Network
Ready?
3

What is Software Defined WAN?
Device discovery, provisioning,
registration
Automated configuration “no hands
on keyboard”
DevOps/NetOpsaligned
Network wide context and state
access
Common controller for physical &
virtual devices
Business &Application Policy
driven
Integrated Monitoring
Network Function Virtualization
Application Aware Network

Why are enterprises thinking about SD-WAN?
Of IT budgets spent on
WAN Connectivity
58%
of Apps accessed via
Internet
50%
Cite poor application
performance and latency as
corporate WAN concern
48.6%
Cite management of
connectivity at branch as a
challenge
32.4%
Source: IDC Worldwide SD-WAN Survey Special Report (May 2016) 5

Cisco Digital Network Architecture
Automation
Abstraction & Policy Control
from Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-Enabled Applications
Cloud Enabled | Software Delivered
Principles

Automation
Abstraction and Policy
Control from Core to Edge
Open and Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical and Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Network-enabled Applications
Cloud-enabled | Software-delivered
Cisco DNA – How IWAN Fits
Virtualization
Network Overlays
Enterprise NFV
Service Virtualization
APIC-EM
IWAN SD-WAN Orchestration
IWAN App for APIC-EM
Campus Access Automation
Netconf & Yang Model support
REST API access
DNA-Assurance
Streaming Data collection;Netflow;
SNMP; Syslog, others
Scalable processing and analytics
Assurance and Debug Applications
DNA-Center
Landing Pointfor Cisco Services
Security
IWAN
Campus
Wireless
Assurance
Cloud Ready Network
Hybrid cloud Access – SaaS/IaaS/vPC
Cloud-based Network Controller

Internet as part of a Hybrid Enterprise WAN
Commodity Transports Viable Now
Dramatic Bandwidth, Price Performance Benefits
Higher Network Availability
Improved Application Performance
8

Intelligent WAN (IWAN)
Optimized Hybrid WAN with Direct Cloud Access
Optimized
Hybrid WAN
Branch
Direct Cloud
Access
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
1. IWAN Secure VPN for private
and virtual private cloud access
2. Leverage local Internet path for
public cloud and Internet access
4 Increase WAN transport capacity and
app performance cost effectively!
4 Improve application performance
(right flows to right places)
MPLS (IP-VPN)
Internet
9

So What is New Here?
Optimized
Secure Transport
Branch
Direct Cloud
Access
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
1. IWAN Secure transport for private
and virtual private cloud access
2. Leverage local Internet path for
public cloud and Internet access
4 Increase WAN transport capacity and
app performance cost effectively!
4 Improve application performance
(right flows to right places)
MPLS (IP-VPN)
Internet
Hybrid WANs with High Reliability
Service Levels for Business-Critical Applications
Centralized Security Policy for Internet Access
Dramatically Lower WAN Costs Without Compromise
10

Common IWAN Deployment Models
Dual MPLS
Internet
ü Highest SLA guarantees
– Centralized Internet Access
– Expensive
Public
MPLS
Branch
MPLS
ü More BW for key applications
ü Balanced SLA guarantees
– Moderately priced
PublicEnterprise
Branch
MPLS+
Internet
Consistent VPN Overlay Enables Security Across Transition
ü Best price/performance
ü Most flexibility
– Enterprise responsible for SLAs
Internet
Branch
Enterprise Public
Hybrid Dual Internet
Internet
11

Intelligent WAN (IWAN) Architecture
Enterprise
MPLS
Unified
Branch
3G/4G-LTE
Internet
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
Application
Optimization
Enhanced Application
Visibility and Performance
Secure
Connectivity
Comprehensive
Threat Defense
Intelligent
Path Control
Application
Aware Routing
Transport
Independence
Simplified
Hybrid WAN
Management Automation
12

IWAN: Architectural and Systems Approach
• IWAN is a Solution Architecture
• Solves a network problem
• Use Case Driven
• Systems DevelopmentApproach
• Prescribed. Tested. Interoperable.
• Bounded Scope and Complexity
• Enables Automation and Quality
• Delivers Business Outcomes
• Reduce Operational Complexity
• Reduce WAN costs, Increase bandwidth
• Improve Application Performance
• Direct Cloud Access
• Guest Access Offload
IWAN
2.1
13

Transport-Independence
Virtualizing the Enterprise WAN

Simplifies WAN Design
Dynamic Full-Meshed
Connectivity
Proven Robust Security
Flexible Secure IWAN Overlay Over Any Transport
SecureFlexible
• Easy multi-homing with several
providers
• Single routing control plane over
the top of provider networks
• Consistentdesign over all
WAN transport types
• Scalable Hub-n-spoke with
dynamic full mesh topology
• Industry Certified security
compliance
• Scalable high-performance
cryptography in hardware
ISR
WAN
Internet
MPLS
ASR 1000
ASR 1000
Transport-Independent
Data CenterBranch
15

IWAN Transport Independence
Consistent deployment models simplify operations
Internet MPLS
Branch
DMVPN DMVPN
IWAN HYBRID
Data Center
ISR
ASR 1000 ASR 1000
ISP A SP B
4G/LTE
Branch
DMVPN
IWAN HYBRID/LTE
Data Center
ISP C SP B
ASR 1000
MPLS
Branch
MPLS
DMVPN
IWAN Dual MPLS
Data Center
ISR
ASR 1000 ASR 1000
SP A SP B
DMVPN
MPLS
DMVPN
ISR
ASR 1000
16

IWAN Transport Independent Design
with Dynamic Multipoint VPN (DMVPN)
• Proven IPsec VPN technology
• Widely deployed, Large scale
• Standards based IPsec and Routing
• Adv QOS: hierarchical, per tunnel
• Flexible & Resilient
• Over any transport: MPLS, Carrier Ethernet, Internet, 3G/4G,..
• Automatic Spoke registration (for Zero-touch Deployment)
• Hub-and-Spoke with Dynamic full mesh Topology
• Multiple encryption, key management, routing options
• Multiple redundancy options: platform, hub, transports
• Secure
• Industry Certified IPsec and Firewall
• NG Strong Encryption: AES-GCM-256 (Suite B)
• IKE Version 2
• IEEE 802.1AR Secure unique device identifier
• Simplified IWAN Deployments
• Prescriptive validated IWAN designs
• Automated provisioning – Prime, IWAN-App, Glue
Branch
Internet MPLS
DMVPN
Purple
DMVPN
Green
IWAN HYBRID
Data Center
ISP A SP B
17

Typical IWAN Topology
10.3.3.0/24 10.4.4.0/24 10.5.5.0/24
BR11 BR12 BR21 BR22
DMVPN
MPLS
DMVPN
INET
BR31 BR41
10.1.0.0/16 10.2.0.0/16
BR51 BR52
• IWAN Domain
• Group of IWAN sites with common transports and policies
• 2000 sites per domain,multiple domains for larger scale
• IWAN POP locations
• 2+ WAN aggregation locations,also called TransitSites
• Each Border Router (BR) is a DMVPN Hub
with iBGP or EIGRP routing
• Summary prefixes with primary and secondary path
metrics advertised out to branches
• Transit routing to other locations with backdoor failover
routing between POP locations
• Dedicated BR per WAN transport
• IWAN Branch locations
• Simple consistentconfigurations
• 1 or more BRs connected to each transport
• Peer with each DMVPN Hub, stub routing
IWAN POP1 IWAN POP2
10.2.0.0/16
10.0.0.0/8
DC1
WAN Core
DC2
10.1.0.0/16
10.0.0.0/8
10.0.0.0/8
18

Highly Redundant Large Scale Topology
10.3.3.0/24 10.4.4.0/24 10.5.5.0/24
BR31 BR41 BR51 BR52
BR12
IWAN POP1 IWAN POP2
DMVPN
MPLS
DMVPN
INET
BR11 BR14BR13 BR22BR21 BR24BR23
10.1.0.0/16
10.2.0.0/16
10.0.0.0/8
10.1.0.0/16
10.2.0.0/16
10.0.0.0/8
• Support for multiple BRs per transport
• Horizontal scaling and redundancy
• Support for Multiple POPs
• Different Prefix
• Common Prefix
DC1
DCI
WAN Core
DC2
19

Intelligent Path Control
Improving Application Delivery and WAN Efficiency

Getting the Most Out of Your WAN Investment
Benefits of Intelligent Path Control
Data Center
Branch
ASR 1000
ASR 1000
ISR
MPLS
Internet
Enabling
Hybrid WANs
Efficient Distribution of
Traffic Based Upon Load
or Path Preference
Application Best Path
Based on Quality
Protection From
Carrier Black Holes
and Brownouts
Lower
WAN Costs
Full Utilization
of WAN Bandwidth
Improved
Application
Performance
Higher Application
Availability
21

What is Performance Routing (PfR)?
MPLS Internet
Branch
BR BR
Data Center
MC
“Performance Routing (PfR) provides
additional intelligence to classic routing
to track and verify the quality of a path
over a Wide Area Networking (WAN) to
determine the best path for application
traffic....”
MC+BR
22

Intelligent Path Control with PfR
Voice and Video Use-Case
Branch
MPLS
Internet
Virtual Private
Cloud
Private Cloud
• PfR monitors network performance and routes applications
based on policy
• PfR load balances traffic based upon link utilization levels
to efficiently utilize all available WAN bandwidth
Other traffic is load
balanced to maximize
bandwidth
Voice/Video will be rerouted if
the current path degrades
below policy thresholds
Voice/Video take the best
delay,jitter, and/or loss path
23

Load Balancing
Maximizing Link Utilization to Increase Available Bandwidth
• Traffic distributed across all paths to efficiently use all WAN bandwidth
• Load Balancing based upon link utilization levels
• External links can have different bandwidth capacities
MPLS = 1.5Mbps
Internet = 15Mbps
ISR
WAN
Internet
MPLS
ASR 1000
ASR 1000
Data Center
50% T1 = 750kbps
50% 15Mbps = 7.5Mbps
24

SP1 (MPLS) ISP (FTTH)
• Protect voice and
video quality
Latency < 150 ms
Jitter < 20 ms
• Protect Email applications
from WAN congestion
Loss < 5%
• Voice and video preferred
path SP1
• Email preferred path ISP
• Increase utilization
by load sharing
Multimedia and Critical Data Policy
Business App
Best-Effort Traffic
High Delay
Detected
SP1 (MPLS) ISP (DSL)
Voice and Video
High Jitter
Detected
Email
Best-Effort Traffic
Protecting Critical Applications While Increasing Link Efficiency
• Protect transactional
business app from brownouts
delay < 250ms
• Preferred path SP1 (MPLS)
• Increase WAN bandwidth
efficiency by load-sharing
traffic over all WAN paths,
MPLS + Internet
Business App and Load-Balancing Policy
25

Performance Routing—Components
The Decision Maker: Master Controller (MC)
• Discover BRs, collect statistics
• Apply policy, verification, reporting
• No packet forwarding/inspection required
The Forwarding Path: Border Router (BR)
• Does all packet forwarding
• Visibility in network performance
• Enforce MC’s decision (path enforcement)
The Policy Controller: Domain Controller (DC)
• Discover site peers, prefixes and connected networks
• Advertise policy and services
• One per domain, collocated with MC
MPLS Internet
BranchMC+BR
BR BR
DC/MC
26

Today’s Network is an IT Blind Spot
• Static port classification is no
longer enough
• More and more apps are opaque
• Increasing use of encryption
and obfuscation
• Application consists of multiple
sessions (video, voice, data)
• What if user experience is not
meeting business needs?
28

Branch
Private
Cloud
Make Your IWAN Application Aware
Application Visibility and Control (AVC)
DC/Headquarters
Public
Cloud
Cisco AVC
Application Performance
Visibility
• Application inspection with
existing routers
• Rich data collection using
NetFlow v9/IPFIX
• Easy to integrate into many
reporting tools
Smart Capacity
Planning
• Better use of costly
bandwidth
• Per-branch and per-
application level reporting
Business Objective
Enforcement
• Service Levelmonitoring per
application
• Better Analytics to adjust
network policies to maintain
compliance
AVC
AVC
29

Private
Cloud
Application Performance Monitoring for IWAN
Track and Report Application Flows and Performance
WAN
NetFlow v9
Enterprise Edge
AVC
AVC
CSR
NetFlow/IPFIX Records
(Same provisioning, same format)
• Traffic statistics records
• Application Response Time records
• Media monitoring records
(Application,Jitter, Loss, etc)
Cisco Tools
Prime,APIC-EM
Partner Tools Ecosystem
LiveAction
Glue Networks
Plixer
Living Objects
CompuWare
CA Technologies
Collecting Collecting Collecting
Provisioning
Exporting
NetFlow v9 Export/IPFIX Export
Branch DC/Headquarters
AVC
AVC
30

Private
Cloud
Add WAN Optimization with WAAS + Akamai
Speed and Bandwidth Benefits on Top of the IWAN
Branch DC/POP
Application
Optimization
• Improved Application
performance, delay mitigation,
less bandwidth
• Twice as many Citrix users over
same WAN, 70% faster
• TypicalROI in less than one year,
65% BW cost savings
Content Caching
& Prepositioning
Simple and Scalable
• Works with existing branch
routers
• Scale out optimizations
resourceswith AppNav
• Native HA resiliency
vWAAS
AppNav-XE
Controller
CSR
WAVE,
vWAAS
WAN
Improving Application Performance
• Reduces WAN bandwidth
usage, while accelerating
applications
• Intelligent caching of internal
and Internet content
• Prepositioning of data and rich
media before it is needed
31

Cisco WAAS – IWAN Application Acceleration
Enhancing User Experience and WAN Efficiency
Solution
• Reduce load
Data redundancy elimination
(DRE), compression, and
TCP optimization
• Application optimization
Fewer protocol messages
and metadata caching
Problem
• Application latency
• WAN bandwidth
inefficiencies
Application bandwidth with Cisco®
WAAS
Application bandwidth natively
Application latency natively
Application latency with Cisco WAAS 0 0
1
2
3
4
40
80
120
160
Application
Bandwidth
Application
Latency
Bandwidth
(Mbps)
Latency
(Seconds)
Reduction in
bandwidth
Reduction
in latency
32

Akamai Connect accelerates HTTP/HTTPS applications, video and content
in the branch, while maximizing existing enterprise network bandwidth
Branch
End-User
Akamai Connect
integrated into
Cisco ISR-AX
routers
ISR-AX+AC INTERNET
Akamai Intelligent Platform
Data Center
WAAS
WAN
IWAN – Application Acceleration
with Akamai Connect
33

Branch
End-User
Akamai
Connect
integrated
into Cisco
ISR-AX
routers
ISR-AX+AC
Akamai
Intelligent
Platform
INTERNET
Data Center
WAAS
WAN
IWAN - Application Acceleration
Enhancing User Experience and WAN Efficiency
Mobile Apps
Video
Software Downloads
Digital Signage
Catalogs
Guest WiFi
Any Device, Connectivity, Cloud
Result – Improved Application Response Times
~70+% of HTTP/S
data served from
cache
0
1
2
3
4
5
6
7
8
9
WAAS + AKC Native WAN
Avg.LoadTime(sec.)
51% reduction
load time
34

Intelligent WAN: Secure Connectivity
Securing the network and users
Secure WAN
Transport
Branch
MPLS (IP-VPN)
Internet
Secure
Internet
Access
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
Two areas of concern
1. Protecting the network from outside threats with data privacy over provider networks
2. Protecting user access to Public Cloud and Internet services; malware, privacy, phishing,…
36

Securing the IWAN Transport
IPSec VPN and Access Control
• Step 1: Authenticate hardware and software
Trust Anchor Module verification
• Step 2: Secure Transport
Proven IPsec VPN overlay
Strong Cryptography:IKEv2 + AES-GCM 256
F-VRF to isolate provider networks
• Step 3: Protect the Site
IOS Zone-based Firewall or ACLs protection
Role based access to router w/ logging
Minimize exposure
Provider assigned addressing to hide routers
Don’tput tunnel addresses into DNS
MPLS Internet
Branch
ASR 1000 ASR 1000
ISP A ISP C
Data Center
37

MPLS Internet
Branch
ASR 1000 ASR 1000
ISP A ISP C
Data Center
Add Network Integrated Threat Defense
IOS Zone-Based Firewall
• Control the Perimeter:
• External and internal protection: internal network is no longer trusted
• Protocol anomaly detection and stateful inspection
• Communicate Securely:
• Call flow awareness (SIP, SCCP, H323)
• Prevent DoS attacks
• Flexible:
• Split Tunnel-Branch direct Internet access
• Internal FW— addresses regulatory compliances
• Integrated:
• No need for additional devices, expenses and power
• Works with other IWAN Services: CWS, WAAS, UCS-E,…
• Manageable:
• APIC-EM, Prime, CLI, SNMP, CCP, and CSM
38

Intelligent WAN—Direct Internet Access
Branch
MPLS (IP-VPN)
Internet
Direct
Internet
Access
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
• Leverage Local Internet path for Public Cloud and Internet access
• Improve application performance (rightflows to right places)
Solutions
On Premise – Zone Based Firewall
Cloud Based – Cloud Web Security
Cloud
Security
ISR-AX
ZBFW
39

Cloud Web Security
Centralized Management for Distributed Policy
Cisco ScanCenter Portal
40

Secure Internet Access with Cisco
Cloud Web Security (CWS) with ISR-4000 and ISR-G2 Series Routers
Secure Public
Cloud and Internet
Access
ISR Connector to
CWS Firewall towers
Web Filtering,
Access Policy,
Malware Detect
WAN1
(IP-VPN)
CWS
Private
Cloud
Public
Cloud
Branch
WAN2
(Internet)
IWAN IPsec VPN
for Private Cloud
TrafficIOS Firewall to
protect Internet
Edge
Internet
41

Network-Wide Abstractions Simplify the Network
Applications
SecurityOrchestration Automation
SOUTHBOUND ABSTRACTION LAYER
REST API
CATALYST®
CISCO NEXUS®
ASRISR WIRELESSASA OTHER
SDN Ideal:
Controller as the
Application Platform
The SDN
Ideal:
Controller as
the Application
Platform
Virtualization
43
IWAN
APIC-EM
IWAN APP

Cisco Intelligent WAN App for APIC-EM
IT Admin
App SLA
DMVPN
SLA
QoS
Security
Path
Selection
Business
Policy
Application
Network Profile
NETWORK
SDN
Simple Workflow
Templates
Plug and Play Business Policy
Rendering
Open
Architecture
Network, Applications
Monitoring
APIC-EM Abstraction Layer Services
Business Policy Dictates Network Action
APIC-EM
IWAN APP
Monitor Application
Health
Update
Policy

PnP: Pre-provisioning and Discovery Workflows
Plug & Play
Enterprise-wide scale
Automated workflow
79% lower
deploymentcosts
Pre-provision1 Discovery2 Secure Deployment3
Discovery1 Un-claimed Devices2 Secure Deployment3
Network PnP app pre-provisioned
with device SR number
Configure device discovery
• DHCP Option-43 or DNS
• Installer powers on devices
• Devices download image and
configuration
• Installer powers on devices
• Devices securely connect
to APIC-EM server, waiting
to be ‘claimed’
• Network admin claims devices
based on device information
• Device downloads image
and configuration
Configure device discovery
• DHCP Option-43 or DNS
Network PnP app on APIC-EM
Admin
EM
DHCP
Server
DNS
Server
OR
PnP-Agent PnP-Agent
EM
Device Authentication
Download Image
and Configure
Installer
Network PnP app on APIC-EM
Admin
EM
DHCP
Server
DNS
Server
OR
PnP-Agent PnP-Agent
EM
Device Authentication
Download Image
and Configure
Installer

Cisco IWAN Management Portfolio
Covering a broad range of requirements and preferences
• Customer wants advanced
provisioning, life cycle
management, and
customized policies
• System-wide network
consistencyassurance
• Lean IT OR IT Network team
Cisco
Prime
Infrastructure
• Customer needs
customizable IWANwith
end-to-endmonitoring
• One Assurance across
Cisco portfolio from Branch
to Datacenter
• IT Network team
Enterprise Network
Mgmt and Monitoring
Ecosystem Partners
IWAN App
• Customer wants
considerable automation
and operational simplicity
• Requirements consistent
with prescriptive IWAN
Validated Design
• Lean IT organization
Prescriptive
Policy Automation
• Customer lookingfor
advanced monitoringand
visualization
• QoS/ PfR/ AVC configuration,
Real-time analytics and
network troubleshooting
• IT Network team
Application Aware
Performance Mgmt
Advanced
Orchestration
46

Prime Infrastructure for IWAN
• IWAN workflow wizard with PnP
• Template-based IWAN configs
• PfRv3 Domain, MC and BR
• AVC One-Click provision
• QoS Provisioning
• Single or Dual Router Branch
• CVD-based, Customizable
• AVC Readiness Assessment
• AVC, QoS, PfR Visibility
• Leverages APIC EM services
For Your
Reference
47

LiveAction Software
• An Application-aware Network Performance
Management and QoS Control tool
• Fast, simple, cost effective way to monitor and
control application performance leveraging Cisco
capabilities
LiveAction Components
Flow QoS Monitor QoS Configure RoutingLAN IP SLA
For Your
Reference
48

Glue Networks IWAN Orchestration
• Cloud-based SaaS subscription model
• Eliminates manual building of WANs
• Automated WAN orchestration and management
• Quick configuration updates and IOS upgrades
• Rapidly delivers nextgen and IWAN features
• Forward compatible with SDN APIs for app aware WANs
• Broadband and MPLS support for centralized hybrid WAN
management for IWAN
For Your
Reference
49

Start with Cisco AX Routers
IWAN Capabilities Embedded in the Router
ISR-AX
Simplify
Application
Delivery
One Network
UNIFIED SERVICES
ISR4000-AX
Transport
Independent
Secure
Routing
Optimization
Control
Visibility
Cisco AX Routers ISRv | 890 | 1900 | 2900 | 3900 | 4000 | ASR 1000
51
ISRv-AX
ASR1000-AX

IWAN Branch Services Routers
ISR4000 Series - IWAN AX Ready, Next Generation Branch
INTEGRATED IWAN SERVICES
APPLICATION CENTRIC
APPLIANCE LEVEL
PERFORMANCE
4 IOS Firewall, VPN, IPSec, PfRV3,
NBAR2, AVC, AppNav, VRF, MPLS
4 Scalable on-chip service provisioning
4 App/User policy-driven deployment
4 APIC-EM Automation: deploy in minutes
4 Pay-as-you-grow
4 Up-to-75% cost savings
4 Service-Aware Dataplane
4 Resilient Service Virtualization
4 Multi-gigabit Fabric
ISR4431
ISR4351
ISR4331
ISR4321
ISR4451
500Mbps/1Gbps
200/400Mbps
100/300Mbps
50/100Mbps
1-2Gbps
For Your
Reference
52

IWAN Aggregation Border Routers
ASR1000 - IWAN AX Ready, High Performance Routers
INTEGRATED IWAN SERVICES
BUSINESS-CRITICALRESILIENCY
COMPACT, POWERFUL ROUTER
4 IOS Firewall, VPN, IPSec, PfRV3,
NBAR2, AVC, AppNav, VRF, MPLS
4 Scalable on-chip service provisioning
4 Separate control and data planes
4 Hardware and software redundancy
4 In-service software upgrades
4 Line-rate performance 2.5G to 200G+
with services enabled
4 Crypto performance from 2G to 60G+
4 Flexible I/O: SPAs and Ethernet LCs
§ 2.5G Upgradeable to 5G, 10G, 20G
§ Up to 8G Crypto Throughput
§ 5G Upgradeable to 10G, 20G, 36G
§ Modular,Redundantup to 200G
ASR1001-X
ASR1002-X
Modular ASR1006-X
For Your
Reference
53
§ 44G Upgradeable to 100G
§ 8, 16, 25G Crypto Throughput
ASR1002-HX
New
New

Cisco Enterprise Service Automation (ESA) on APIC-EM
Virtual Managed Services (vMS)
Introducing Cisco Enterprise NFV
Virtualized IWAN and Branch Services
Cisco 4000 Series ISR +
UCS® E-Series
Network Functions Virtualization Infrastructure Software (NFVIS)
Virtual Router
(ISRv)
Virtual Firewall
(ASAv)
Virtual WAN
Optimization
(vWAAS)
Virtual Wireless
LAN Controller
(vWLC)
Third-Party VNFs
New
Cisco® UCS
C-Series

IWAN Vision and Strategy
Secure VPN Overlay, Any Transport, Bandwidth Efficiency,Application SLA
Secure, Simple,Centralized Policy Automation
Global Policies,Cloud POPs, Mobility, Optimization,Cloud Security
vRouter, vService and App Orchestration
Campus/WAN/DC
INTELLIGENT
VIRTUALIZATION
AUTOMATION
CLOUD
INTEGRATION
SERVICE
VIRTUALIZATION
ENTERPRISE
DNA
56

Optimized
Secure Transport
Branch
Direct Cloud
Access
Private
Cloud
Virtual
Private
Cloud
Public
Cloud
MPLS (IP-VPN)
Internet
Mixed transport WANs with High Reliability
Service Levels for Business-Critical Applications
Centralized Security Policy for Internet Access
Dramatically Lower WAN Costs Without Compromise
57

DNA Intelligent WAN Campus Day

More Related Content

What's hot

Viewers also liked

Similar to DNA Intelligent WAN Campus Day

More from Cisco Canada

Recently uploaded

DNA Intelligent WAN Campus Day