Conquer the Cloud | Part 1 - The Cloud and Your Network Is, There a Gap

© 2012 Cisco and/or its affiliates. All rights reserved. 1© 2012 Cisco and/or its affiliates. All rights reserved. 1

Conquer the CloudPart 1: The Cloud and Your Network—Is There a Gap?

PresentersNick Lippis, Founder and CEO, Lippis EnterprisesRahul Tripathi, Director of Product Management, Services Routing, Cisco

HostRobb Boyd, TechWiseTV Host, Cisco

September 26, 2012, 8 a.m. Pacific Time

© 2012 Cisco and/or its affiliates. All rights reserved. 2

FIVE-PART WEBCAST SERIES

• September 26: The Cloud and Your Network—Is There a Gap?

• October 16: Optimizing App Performance from Branch to Cloud

• November 1: How to Enforce Pervasive Security

• November 15: Extending Virtualization to the Branch Office

• December 11: Designing Next-Generation, Cloud-Ready WAN

Experts Provide Best Practices on How to Accelerate Your Organization’s Journey to the Cloud


Why Traditional WANs Are Challenged by Cloud Computing

The Requirements for a Cloud-Ready Branch Office

Solutions for Robust Security, Accelerated Application Performance, and Efficient Operations

Management Tools That Improve Visibility and Control

Next Steps for Getting Your WAN Cloud-Ready


Conquer the Cloud: Part 1: The Cloud and Your Network—Is There a Gap?

Director,Product Management,

Services Routing, Cisco

Rahul TripathiNick Lippis

Founder and CEO, Lippis Enterprises

Host,TechWise TV

Robb Boyd, Host


What Percent of Your Workload Will Migrate to the Cloud by the End of 2012?

A. 100%

B. ~ 75%

C. ~ 50%

D. ~ 25%

E. < 10% or none


71% 80%

Cloud Apps to Mobile Devices

Video Demand in the Cloud

Move from Branch to Cloud

“By 2015, more than 60% of enterprises will have migrated branch office services to cloud or virtualized servers.”

Gartner, Analyst Review, February 2012

60%

“71% of organizations are extending or planning on extending their cloud applications to mobile devices.”

IDC’s Mobile Enterprise Software Survey, 2011

“In 2012, almost 80% of IT organizations will increase their use of video with focus on deploying cloud-based collaboration services.”

Cloud Networking Report, Ashton Metzler and Associates, 2011

http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/2011cnr_cisco.pdf


“I deal with servers and

storage and I don’t get

why the network

matters”

“Do I really need to buy

a bunch of networking

gear to get cloud

deployed?”

Network Is the Critical Path for Implementing Cloud Computing


2000 2005 2010 2015 2020 t

Growing Gap

Executive

Management

Cloud

Computing

Expectation/

Demand

Branch

Office

Cloud

Readiness


A. Application performance (response time, latency)

B. WAN bandwidth

C. Security and policy control

D. Visibility and control of applications across the WAN

E. Reliability of cloud applications

Which Is Your Top Wide-Area Network (WAN) Challenge for Migrating to the Cloud?


Key Findings: Cisco Global Cloud Networking Survey*

Need for a Major Architectural Shift in the Network

Expectation

Organizations Who Plan to Have More Than 50% Apps in the Cloud by

2012

20%Consider

Cloud-Ready WAN to Be the Most Important

Infrastructure for Cloud

28% Virtualized DC21% SP SLA

37%

Reality: Top Network Challenges

Cited Performance

as a Key Challenge for Cloud

60%Cited

Security and Policy

as a Key Challenge for Cloud

66%Cited

Managementas a Key

Challenge for Cloud

60%

*1300+ global IT professionals across 13 countries, April, 2012


• Does not provide cloud-computing access• It’s not cloud aware • User experience of cloud services suffer

• Limited cloud security services • Outdated operational model and expensive • It’s only going to get worse as cloud

computing forces more structural changes

Backhaul and Hairpinning

Internet

MPLS

CLOUD FLOWSBRANCH

Public Cloud

Private Cloud

Users


Public

Private

Hybrid

Is Your Branch/WAN Ready for Cloud?

• 90% of branch offices hairpin Internet traffic

Drivers: lack of cloud security and old habits die hard

Robs other applications of this bandwidth

Not sustainable as workload/applications move to public cloud at speed

Will be a major cause of poor user/application experience

Public Cloud—Backhauling and Hairpinning Major Challenge


New York

Branch Office

Private Cloud—Virtual Desktops

Keystroke

Bandwidth Explosion: ~20 VDI Sessions

per T1 Line

WAN Latency: >200ms Need for Optimal

VDI Performance

Lack of Visibility, Control, and Prioritization

Dallas

Data Center

IaaS

Cloud Services

1500 Miles

Mouse

ControlVideo Screen

Users


You Want to be Ready for Cloud Computing Models

Traditional network model—MPLS limitations

Backhauling and hairpinning

Limited bandwidth and low latency links

Security concerns

Impacts business process, forcing structural changes


Internet

MPLS

Public Cloud

Private Cloud

Private Cloud

Right Experience for Endpoint Device

Secure the Cloud at Scale

Visibility and Monitor

CLOUD FLOWSBRANCH

Users


Connecting Users to the Cloud with

Confidence

Optimal Experience

PervasiveSecurity

Simplified Operations

VoIP VDIHD

Video

App

OS

IaaS

PaaS

SaaS


Delivering Optimal Experience, Pervasive Security, and Simplified Operations

Cloud-Ready Platforms

ISR G2 ASR 1K CSR 1KV

Branch

Branch Office Campus/Data Center Cloud

Private/Public/Hybrid

Users Cloud Services



Cloud-Ready Network Services


Visibility Optimization Security Collaboration App Hosting


Branch





Management and Policy


Cloud Connectors

Cloud-Ready Network Services


Collaboration

Survivability

Web

Security

Cloud

Storage

Third

Party

Visibility Optimization Security Collaboration App Hosting


Branch





High-Performance, High-Availability Platforms

• ISR G2: Unified branch with

wired/wireless WAN and

integrated services

• ASR 1000: WAN aggregation

up to 100 Gbps, with modular

upgrades

• CSR 1000V: Flexible virtual

form factor for cloud

deployments

Private WAN/

Internet ASR 1000

CSR

Branch/User

ISR G2


Traditional DC


Application Visibility, Control, and Optimization




integrated services



upgrades



deployments

• AVC: Granular application

visibility, response time, and

SLA management

• WAAS: Bandwidth optimization

and acceleration for apps,

video, and VDI

• PfR: Optimal path selection

based on performance

and policy

Private WAN/

Internet ASR 1000AVC, WAAS, PfR

CSR

Branch/User

ISR G2


Traditional DC

WAAS/vWAAS


Application Visibility, Control, and Optimization

Efficient Rich Media Collaboration




integrated services



upgrades



deployments

• AVC: Granular application

visibility, response time, and

SLA management

• WAAS: Bandwidth optimization

and acceleration for apps,

video, and VDI

• PfR: Optimal path selection

based on performance

and policy

• UC Gateways: API control and

voice quality enhancement for

TDM and SIP

• CME/E-SRST: Branch-

optimized call control and

enhanced survivability

• HCS Connector: Voice

survivability for hosted

collaboration services

Private WAN/

Internet ASR 1000

CME/SRST

AVC, WAAS, PfR

CUBE

CSR

Branch/User

ISR G2

HCS Connector


Traditional DC

WAAS/vWAAS


• Branch banking personal routinely utilized the Internet to assist customers quickly and efficiently

• Increase of teller applications on hosted desktops

• IT needs visibility on store to plan and prioritize traffic

• Business continuity is critical for timely transactions

• Network is critical for a good customer experience

• Need high performance network without compromising security


A. Public

B. Private

C. Hybrid (public/private)

D. What is a cloud?

Which Type of Cloud Are You Primarily Deploying?



Traditional DCBranch/User

Any-to-Any Secure Connectivity

• FlexVPN: Converged VPN at scale across branch, mobile user, and cloud

• GETVPN: Encrypted MPLS WAN for added privacy

• Next-generation encryption: Suite-B crypto with hardware acceleration

ISR G2

Private WAN/

Internet ASR 1000

CSR


100G FW



Integrated Threat DefenseAny-to-Any Secure

Connectivity




• Network integrated firewall:

Up to 100 Gbps stateful

inspection for IPv4/v6

• TrustSec with ISE: End-to-

end user-aware access and

policy control

• PCI 2.0 Compliance:

Single box solution including

simplified IPS

FW, IPS

ISR G2

TrustSec

Private WAN/

Internet

GET, FlexVPN,

NGE ASR 1000

CSR


Cloud Web Security (Scansafe)

100G FW



Integrated Threat Defense Branch to Cloud SecurityAny-to-Any Secure

Connectivity




• Network integrated firewall:

Up to 100 Gbps stateful

inspection for IPv4/v6

• TrustSec with ISE: End-to-

end user-aware access and

policy control

• PCI 2.0 Compliance:

Single box solution including

simplified IPS

• CSR: Any-to-any enterprise

VPN to connect users to

external clouds

• Cloud Web Security

(ScanSafe) Connector:

Secure, direct access to

cloud apps over Internet

FW, IPS

ISR G2

TrustSec

Private WAN/

Internet

GET, FlexVPN,

NGE ASR 1000

CSR


• From a PCI compliance perspective many retailers host their point of sale or PoS applications in a VPC environment

• To assure PCI compliance its credit card transactions are securely transmitted by terminating VPN connections within a VPC

• Retailer has direct access and control of their VPC environment to assure PCI compliance and reporting while also reducing their PCI infrastructure cost


36 Gbps

Services and Performance On-Demand

• ASR 1002-X: On-demand

performance from 5 to 36 Gbps

• ISR G2: On-demand services

in IOS or service engines with

no truck rolls

• WAAS AppNav: Easy-to-scale

headends as needs grow

5 Gbps


36 Gbps

Branch Infrastructure and Services Consolidation






no truck rolls



• UCS E-Series: Lean server

leveraging virtualization,

reduced power, and OpEx

• Network service hosting:

Cisco and third-party virtual

appliances

50% Savings

5 Gbps


36 Gbps

Branch Infrastructure and Services Consolidation

Unified Management






no truck rolls



• UCS E-Series: Lean server

leveraging virtualization,

reduced power, and OpEx

• Network service hosting:

Cisco and third-party virtual

appliances

• Cisco Prime: Unified

management with common

look and feel across branch,

WAN, DC, and cloud

• Cisco Prime Assurance

Manager: Single plane

monitoring for application traffic

and user experience with AVC

50% Savings

5 Gbps


• An Enterprise with advertising campaign residing in a Terremarkserver in a VPC

• The Enterprise could run a redundant advertising campaign application locally

• In the event of a brown out where VPC access could be cut-off the advertising campaign will still proceed uninterrupted with local application hosting

• Call services cannot be uninterrupted in the event of network congestion or a brownout



Assess the Branch Office Network for Cloud Readiness

Start to Use AVC to Gain Application Visibility

Utilize AppNav to Pool Distributed WAN Optimization

Network Services

Implement Broadband Access at Branch Offices

Consider Using FlexVPN to Manage Existing VPNs and to

Configure New Ones

Experiment with VPC Solutions and the CSR 1000V

Control Point

Start to Eliminate Hairpinning by Experimenting with the

Cloud Web Security (ScanSafe) Connector

Assess ASR 1000 Head End Capacity


Mobile and

Remote UsersWAN and Cloud Edge

Network

Management

Private and

Public CouldBranch Office

Connect Users to the Cloud with Confidence

ISR G2 WAAS

WAAS on SRE

WAAS Express

Secure

Network and Device Security

WAVE

WAVE

Virtual WAAS

ASR 1000

Cloud Services Router1000V

Cisco Prime Desktop Software

WAAS WAAS Mobile AnyConnect

CSR

FlexVPNCloud Web Security

TrustSec

WAAS


CONQUER THE CLOUD WEBCAST SERIES

• October 16: Optimizing App Performance from Branch to Cloud

• November 1: How to Enforce Pervasive Security

• November 15: Extending Virtualization to the Branch Office

• December 11: Designing Next-Generation, Cloud-Ready WAN


• Test your cloud readiness knowledge

Step 1: Download the Cisco Enterprise WAN app on your mobile device

Step 2: Go to Trivia

Step 3: Take our challengeChallenge open until Friday, 9/28 midnight Pacific Time

• Top three winners

1st: AppleTV

2nd: Jawbone Icon Headset

3rd: Cisco Press Book

http://tinyurl.com/ciscoewan





Cisco Enterprise WANblogs.cisco.com/go/bn

Facebook: http://www.facebook.com/ciscoenterprisewan

Twitter: @ciscoenterprise

Nick LippisPrincipal Analyst and CEO, Lippis

[email protected]

Twitter: @NickLippis

TechWiseTVTechwisetv.com

Twitter: @ciscocin


Thank You

Conquer the Cloud | Part 1 - The Cloud and Your Network Is, There a Gap

Documents

cloud apps

cloudready wan

wan cloudready

lack of cloud security

cisco andor

cloud computing forces

cloud computing models

cloud networking report