Copyright © 2015 World Wide Technology, Inc. All rights reserved.

Architecting the Intelligent WAN (IWAN)September 24, 2015

Neil AndersonBill Thompson

Laks Vijayarajan

Lead, Mobility and Access SolutionsTechnical Solutions ArchitectTechnical Solutions Architect

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

Increasing Demands on the Branch NetworkRISK | ASSET MANAGEMENT | COMPLEXITY

Proliferation of Intelligent DevicesMore people and more devices, many mobile, are on the network

The Need for a Multi-functional NetworkCollaboration requires voice, video, and data simultaneously

Additional Complexity with Shrinking StaffNeed for rapid provisioning and real-time services

Mobility and Cloud are Changing the Business Landscape

New Digital Experiences Make the Network More Relevant

RETAIL

Generate More SalesStores Omni-channel

EDUCATION

Improved LearningBooks iPads

FINANCE

Customer LoyaltyTellers Remote Agents

of executives state achieving digital transformation in two years is critical*78%

*MIT Sloan Management Review, 2013 Digital Transformation Global Executive Study

Mobile Device Traffic

AVERAGE NUMBER OF APPS PER DEVICE

AVERAGE APP SIZE

LATEST OS UPDATE SIZE

41 32 41

23mb 6mb 25mb

1.3gb 400mb 940mbiOS 9 Lollipop Windows 8.1

WAN Demands Exceeding Budgets

Exhibit 2: The Widening Network Complexity Gap

Building Blocks of IT

Endp

oint

s on

the

Net

wor

k

VoIP/Video

Virtualization

Cloud Computing

Mobility

IoT

IT Budgets

Network Complexity Gap

Source: ZK Research, 2014

5 years Cisco Visual Networking Index, June 2014

Increase 3X in the next

GLOBAL IP TRAFFIC GROWTH:

will be flat or declining

Nemertes Research, August 2014

60% WAN budgets

LIMITED WAN BUDGETS:

Intelligent WAN Vision

UNCOMPROMISED EXPERIENCE OVER ANY CONNECTION

4G/LTE

Internet MPLS

AnyUser

AnyApplication

Application Experience

SecureAccess

Lower Costs

IT Simplicity

Align Infrastructure to Better Business Outcomes

AnyTransport

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

Securing Connectivity with DMVPN

MPLS

Internet

192.168.40.0/24

192.168.50.0/24

192.168.10.0/24

Physical: 172.16.10.2Tunnel0: 10.10.10.2

Physical: 172.16.20.2Tunnel0: 10.10.20.2

Physical: 172.16.10.50Tunnel1: 10.10.10.50

Physical: 172.16.20.40Tunnel0: 10.10.20.40

Physical: 172.16.10.40Tunnel0: 10.10.10.40

Physical: 172.16.20.50Tunnel0: 10.10.20.50

10.10.20.40 -> 172.16.20.40

10.10.20.50 -> 172.16.20.50

NHRP Table10.10.20.40 -> 172.16.20.4010.10.20.50 -> 172.16.20.50

10.10.10.40 -> 172.16.10.40

10.10.10.50 -> 172.16.10.50NHRP Table10.10.10.40 -> 172.16.10.4010.10.10.50 -> 172.16.10.50

Routing Table:192.168.40.0/24 - > 10.10.20.40

interface tunnel0 ip address 10.10.10.40 255.255.255.0 ip nhrp network-id 10 ip nhrp nhs 10.10.10.2 nbma 172.16.10.2 multicast tunnel source GigabitEthernet0/0/0 tunnel mode gre multipoint tunnel protection ipsec profile INET-PROFILE

DMVPNCloud 1

DMVPNCloud 2

10.10.20.40 -> NBMA 172.16.20.40

10.10.20.40 NBMA?

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

Realizing Performance with Performance Routing v3 (PfRv3)

MPLS

Internet

192.168.40.0/24

192.168.50.0/24

192.168.10.0/24

Master Hub

192.168.10.0/24

Transit Hub

Border Router

Master Branch/Border Router

Master Branch/Border Router

Border Router

Border Router

Border Router

Border Router

domain ATC

domain ATC

Path discovery: INET

Path discovery: MPLS Path: MPLS

Path: INET

Policies:class VOICE sequence 5 path-preference MPLS fallback INET match dscp ef policy voice priority 1 one-way-delay threshold 150 msec

Traffic Class:Dst-Site-Prefix Dst-Site-ID DSCP 192.168.10.0/24 10.0.0.10 EF

Delay Threshold 150 msecPreferred path: MPLSBackup path: INET

Delay > 150msec

Traffic Class:Dst-Site-Prefix Dst-Site-ID DSCP 192.168.10.0/24 10.0.0.11 EF

Delay Threshold 150 msecPreferred path: MPLSBackup path: INET

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

Improving App Experience with AVC/WAASUNIFIED PERFORMANCE MONITOR | AVC | FLEXIBLE NETFLOW & NBAR2

Branch

Proliferationof Devices

Users/Machines

PrivateCloud

DC/Headquarters

PublicCloud

ApplicationVisibility & Control (AVC)

60% of IT Professionals Cite Performance as Key Challenge for Cloud

No Probes• Deep packet inspection

• Passive monitoring for voice, video, critical apps and best-effort apps

• No additional hardware (and included in IOS-AX license)

Business-Aligned Privacy Enforcement• No need for complex IP and port

ACLs

• See inside HTTP flows to identify specific Cloud applications

Smart Capacity Planning• Better use of expensive bandwidth

• Per-branch and per-application level reporting

Improving App Experience with Content Caching

ExtranetHTTP Akamaized Web Content

Akamai Intelligent Platform

Authentication to Akamai Intelligent Platform

Akamai Connected Cache

Branch User

Network Challenges• Customer’s own content already cached in the

Akamai Intelligent Platform

• Last mile access may still be an issue

• Users access their own and 3rd party content from the branch

Akamai Connect Solution• Cache previously “non-cacheable” Internet content

inside the branch

• Utilizes the breadth and scale of the Akamai Intelligent Platform

• Automatically takes advantages of changes in the Akamai Intelligent Platform

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

IWAN Management and AutomationPRESCRIPTIVE CUSTOMIZABLE

3RD PARTY MANAGEMENT TOOLS

Lifecycle Management and Provisioning

APIC EM IWAN App (on-prem)Policy automated, prescriptive deployment of IWAN in Greenfield with PnP and PKI

Prime Infrastructure (on-prem)Full configurability of IWAN features in Greenfield and Brownfield with PnP and PKI automation

(cloud-based, multi-tenant)

Advanced orchestration, provisioning, lifecycle management and customized policies

Assurance, Monitoring, Troubleshooting

Prime Infrastructure (on-prem)One assurance visibility and reporting across Cisco infrastructure including WLAN, Access, WAN and data center

(on-prem)Application-aware performance management, visualization, granular troubleshooting, real-time analytics and flow visibility

What is Driving Change in the Branch?

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Management and Automation

Your Next Steps with WWT

Q&A

AGENDA

Advanced Technology Center (ATC)

ATC MISSIONTo create a collaborative ecosystem to design, build, educate, demonstrate and deploy innovative technology products and integrated architectural solutions for our customers, partners and employees around the globe.

CLICK HERE

Bringing it All Together for WWT Customers

DATA CENTERS

SMALL BRANCH

MEDIUM BRANCH

LARGE BRANCH

HOME OFFICE

What is Driving Application Changes?

Architecting the Hybrid WAN

Securing Connectivity with DMVPN

Realizing Performance with PfRv3

Improving App Experience with WAAS

Your Next Steps with WWT

Q&A

AGENDA