BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

1

Cisco Application Service Module

BRKDEV-1061

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

2

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

1

Agenda
Overview Use Cases High-Level Technical Overview Programming API Demo Q and A

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

3

“A New Place for Application Developers”
Enable ISVs to Transparently Extend Their Application’s Reach “into the Network” Deployed into Cisco Equipment Creating New Differentiated Services A New Development and Deployment Runtime Platform for In-Network Message Processing

Service in C++ Service in C

Complements Existing Server-Based, Application Development Paradigms
Service in Java

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

4

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

2

Today: Clients, Servers with Databases
Browser + Ajax Desktop J2SE Desktop

J2ME Mobile Phone

Server J2EE

Server J2EE Other Legacy Server (s)

DB

DB

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

5

Tomorrow: Clients, Servers with Databases In-Network App Components
Browser + Ajax Desktop ASM Server J2EE Server J2EE Other Legacy Server (s) J2SE Desktop ASM

J2ME Mobile Phone ASM

DB

DB

A New Place in Applications Infrastructure

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

6

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

3

Sample Technology Use Cases
Agentless network programming
Network becomes agent deployment platform

Protocol mediation
Create transparent mediation/switching of network/application protocols

Visibility and dynamic control of application network flows
Including multihop/multimessage distributed applications Enterprisewide application monitoring and discovery support

Effective enterprisewide policy enforcement
Network acts a policy enforcement point on behalf of applications

Application Quality of Service (QoS)
Leveraging network QoS on applications rather than packets

Event correlation
Enterprisewide, real-time business intelligence collection Providing a control channel for active business intelligence systems
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

7

Document Management Example

Document Management Server

Wiki

Shared Drives

NFS

Document Management Server

Wiki

Shared Drives

NFS

ISV Code ISV Code

ISV Code

ISV Code

ASM

ASM

ASM

Users

Users

Structured Document Management System
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

Enhanced with Visibility, Control for Documents in Unstructured Storage
8

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

4

Business Intelligence Example
Daily/Nightly ETL Data Warehouse Daily/Nightly ETL Data Warehouse

BI Server
ISV Code ISV Code ISV Code

BI Server

Analytics User Transactional Systems

ASM

ASM

ASM
ISV Code

Analytics User

Transactional Systems

ISV Code

Users

ASM

Users

Traditional, Data Warehouse-Based BI
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

BI Enhanced with Real-Time Network Visibility
9

Overview ASM Model
In-line execution
Layer 2 transparent bridge with proxy capabilities Filter flows as early as possible—10 Gbps capable Asynchronous stream processing of network flows Provides application control (drop, redirect, etc.) of flows

Message classification and extraction
Deep message inspection rather than just packets Extensible programming model to add message classifiers Provide broad support for application protocols Stream-based classification—highly scalable

Services Container Messages Packets Platform

Open Network Programming Model
New category of applications executed in data path Simple and extensible container based programming model Supports C/C++ and Java

Deployed at standard places in the network
Data center aggregation points Edge aggregation points
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

10

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

5

The Netlet API

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

11

Netlet Interface
void onClassification (Message msg, Action action)
Primary event handler upon message classification

void onMoreData (Message msg, Action action)
Notification that more data has arrived for processing

void onFlowEvent (FlowEvent evt, Action action)
Notification about out-of-band change to flow state

void init (NetletConfig config)
Registration, setup

void destroy ()
Allow Netlet to clean up resources
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

12

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

6

onClassification (Message, Action)
Message Action

flowID: Long classificationID: Long L2–L4 Headers Preextracted Fields Raw Payload Data Read-only Mostly zero copy

actionType: enum Some L2–L4 Values
Alternate destination IP Alternate destination port Alter QoS

Once any packet of flow is sent, no changes to L2–L4 are possible Action can be applied to future flows that match certain L2–L4 criteria

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

13

Demonstration

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

14

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

7

Summary
Provides a new place in applications infrastructure for software vendors to take advantage of Serve up unique capabilities in this new place that only a networking company could offer Enable new value propositions and revenue possibilities for software vendors Facilitate adoption via a developers network Stimulate growth and innovation through open standards

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

15

Q and A

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

16

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

8

Recommended Reading
Continue your Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books

Available Onsite at the Cisco Company Store
BRKDEV-1061 14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

17

Complete Your Online Session Evaluation
Give us your feedback and you could win fabulous prizes. Winners announced daily. Receive 20 Passport points for each session evaluation you complete. Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Don’t forget to activate your Cisco Live virtual account for access to all session material on-demand and return for our live virtual event in October 2008. Go to the Collaboration Zone in World of Solutions or visit www.cisco-live.com.

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

18

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

9

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

19

ASM System Architecture
ASM Container (C or Java) Application Application Application Container Management and Monitoring Network Extension Modules
Crypto Dyn. Discovery Network Identity IEEE 1588 Flow Manager Packet Manager DMIe XPath MPLS IPv6 User Defined

Application Layer

Classification

Application Management/IPC
CLI SNMP

Network Processing OS

Network Processing Engine (NPE)
Shared Memory

Real-Time Embedded Linux
Packet Acceleration SSL Acceleration Regex/XML Acceleration Extension Hardware

Ingress

Egress

Hardware

Appliance, Service Module, ISR Module,…

BRKDEV-1061 14637_05_2008_x1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

20

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

10