Deploying Cisco Wide Area Application Services (WAAS

)
BRKAPP-2005

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Agenda
!! WAAS Overview !! WAAS Installation and Configuration !! Deployment into the Network !! WAAS Application Optimizer (AO) Deployments !! WAAS Sizing Guidelines

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

2

Case Study
Phoning Home

!! Extensive Preamble !! Chatty !! Bandwidth Intensive !! Predominantly Unidirectional !! Repetitive Sequences

!!6x Optimized
!! Minimal Overhead !! Compressed and Accelerated

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

3

All rights reserved.WAAS Overview BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public .

Cloud New IT and WAN Optimization Requirements Branch Office Secondary Data Centre Branch Office Primary Data Centre BRKAPP-2005 © 2011 Cisco and/or its affiliates. Video !! Any-any collaboration !! Virtual Desktops Remote Access Evolution !! Increased mobile users !! ‘Low-footprint’ branches !! Partner access Customers / Partners Home Office/ Coffee Shop xAAS . Guest Users Cisco Public Campus 5 .WAAS Overview Drivers and Trends Datacenter Transformation !! Virtualization !! Private/Public Clouds !! Software-as-a-Service New Applications. Services !! Rich Media. All rights reserved.

Cisco Public 6 . All rights reserved.WAAS Overview Application Delivery Challenges !! LAN Connectivity High bandwidth Low latency Reliability Round Trip Time ~ 0ms !! WAN Connectivity Already congested Low bandwidth Latency Packet Loss Client Client LAN Switch Server Round Trip Time ~ Many milliseconds LAN Switch WAN LAN switch Server BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Cisco Public VPN Domestic Mobile User International Mobile User Regional Office BRKAPP-2005 WAAS Mobile Software Over VPN 7 .WAAS Overview Cisco WAAS: WAN Optimization Solution New Virtual Private Cloud vWAAS WAE Server VMs New Nexus 1000v vPATH Branch Office WAAS Express VMware ESXi Server Nexus 1000v VSM WAAS Service Module UCS /x86 Server FC SAN Branch Office WAN Data Center or Private Cloud WAAS Appliances Branch Office WAAS Appliance Internet Server VMs VMware ESXi vWAAS Appliances New WAAS Appliance WAAS Mobile Server VPN © 2011 Cisco and/or its affiliates. All rights reserved.

All rights reserved.WAAS Overview WAAS Product Offering vWAAS vWAAS-750 vWAAS-6000 vWAAS-12000 WAAS Appliances WAAS ISR Modules WAAS Express WAAS Mobile WAVE-274 WAVE-474 WAVE-574 WAE-674 WAE-73x1 SM-SRE-700 SM-SRE-900 890 1941/2901 29xx 39xx WAAS Mobile Tele Worker Small Branch Medium Branch Large Branch Larger Branch to Small Data Center Data Center & Campus BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 8 .

WAAS Overview Session and Transport Layer Optimization Client Application Presentation Session Transport Network Data Link Host Application WAAS 1 Application Optimizer (AO) WAAS 2 Application Optimizer (AO) Presentation Session Transport Network Data Link TFO Network Data Link TFO Network Data Link Origin Physical Physical Optimized Physical Origin Physical WAN BRKAPP-2005 BRKAPP-2005 14633_05_2008_c1 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 .

TFO Virtual Blades Kernel Virtual Machine Cisco Linux Kernel Policy Engine. All rights reserved. Auto-Discovery Flash IOS Shell Linux Application Storage Object Storage DRE Storage Virtual Blade Storage Ethernet Network I/O BRKAPP-2005 © 2011 Cisco and/or its affiliates. Directed Mode. Filter-Bypass. LZ. Egress Method. Cisco Public 10 .WAAS Overview Architecture IOS Platform with Services and CLI CIFS AO MAPI AO HTTP AO RTSP AO NFS AO EPM AO SSL AO Windows On WAAS (WOW) ACNS On WAAS ACNS VB Virtual Blade #3 Configuration Management System (CMS) TCP Proxy with Scheduler Optimizer (SO) DRE.

Regular TCP in the WAN Cisco TFO Provides Significant Throughput Improvements over Standard TCP Implementations 7./-% 0+12$3-"+1%45+"6.%)-.16% TFO TCP )*+.17$% !"#$%&'!!(% BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 .WAAS Overview TFO vs.

Cisco Public 12 . All rights reserved.WAAS Overview Advanced Compression "! Data Redundancy Elimination (DRE) "! Persistent LZ compression Benefits •! Application-agnostic compression •! Up to 100:1 compression •! Session-based compression •! Up to an additional 10:1 compression even after DRE LZ WAN! LZ DRE Synchronized Compression History DRE BRKAPP-2005 © 2011 Cisco and/or its affiliates.

. All rights reserved. MAPI.. !! Licensed developed and validated with application vendors !! Intelligent Server Offload Caching and optimizations Remote Office Data Center WAN! •! Object Cache Verification •! Security and Control •! WAN Optimization •! LAN-like Performance •! WAN Bandwidth Savings BRKAPP-2005 © 2011 Cisco and/or its affiliates... Cisco Public •! Server Safely Offloaded •! Fewer Servers Needed •! Power/Cooling Savings 13 . SSL.WAAS Overview Application-Specific Acceleration !! Application and Protocol Awareness Minimize chatter -> Latency Mitigation Safe caching Scheduled File preposition !! Application Optimizers (AO’s) –!CIFS... NFS. HTTP. Video. Windows Printing.

firewall policies) BRKAPP-2005 © 2011 Cisco and/or its affiliates.WAAS Overview Network Transparency B/24 C/24 A/24 WAN D/24 E/24 !! Packets between each network are routed as normal. monitoring. Cisco Public 14 . reporting Security functions (ACLs. NBAR NetFlow. WAAS autodiscovery will find WAEs in path !! WAAS Network Transparency (same L3/L4 headers) allows application acceleration components to maintain compliance with existing network features Quality of Service (QoS). All rights reserved.

.WAAS Overview Auto-Discovery—Two WAE Configuration !! In-band signaling with TCP option 0x21 !! WAE B closest to host (A) and WAE (C) closest to host (B) !! Connection optimized between WAE (B) and (C) !! WAE shifts optimized TCP SEQ number by 2 billion !! If a WAE that was optimizing connections fails: A B C D Receiving host will see segments with SEQ/ACK numbers that are out of range Host will reset (RST) connection WAAS will propagate the RST Host application will re-establish a new TCP connection A:D SYN A:D SYN(OPT) A:D SYN(OPT) D:A SYN/ACK D:A SYN/ACK Origin Connection BRKAPP-2005 D:A SYN/ACK(OPT) Optimized Connection Cisco Public Origin Connection 15 © 2011 Cisco and/or its affiliates. All rights reserved.

All rights reserved. .WAAS Overview Auto-Discovery—Cascade WAE Configuration !! WAE (B) closest to host (A) !! WAE (D) closest to host (E) !! Intermediate WAE (C) sees TCP option in both directions and goes into Pass Through (PT) !! WAE supports 10X optimized limit for Pass Through A B C D E A:E SYN A:E SYN(OPT) A:E SYN(OPT) A:E SYN(OPT) E:A SYN/ACK E:A SYN/ACK(OPT) E:A SYN/ACK A:E ACK A:E ACK(OPT) E:A SYN/ACK(OPT) A:E ACK(OPT) Optimized Connection Cisco Public A:E ACK Origin Connection BRKAPP-2005 Origin Connection 16 © 2011 Cisco and/or its affiliates.

WAAS Overview Intermediate Firewall Support Options !! Tunnel through Firewall Not managed by WAAS Renders firewall useless for stateful L3/L4 packet filtering !! WAAS Directed Mode Permit TCP options and UDP 4050 tunnel Traffic optimized by WAAS using auto-discovery but then tunneled between WAE’s Firewall rendered useless for L3. All rights reserved. L4. . or L5 packet filtering and stateful inspection !! Permit TCP options and disable sequence number checking on firewall Allowing WAAS TFO Autodiscovery Firewall implementing stateless L3/L4 filters !! Cisco firewall with WAAS awareness Traffic transparently optimized by WAAS using autodiscovery Cisco firewall preserves L3/L4 stateful inspection by permitting TCP options and statefully tracking TCP sequence number shift A B C D E Origin Connection BRKAPP-2005 Optimized Connection No Connection Layer Security Cisco Public Origin Connection 17 © 2011 Cisco and/or its affiliates.

All rights reserved.WAAS Deployment Installation and Configuration BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public .

Cisco Public . All rights reserved.Basic Configuration BRKAPP-2005 © 2011 Cisco and/or its affiliates.

! Initial setup is done using IOS-like Console CLI 2. All rights reserved. an AccelerationGroup make sure you apply the correct application policies (e.! Next bring up Application Accelerators –! New WAAS devices will be auto-registered to WAAS CM and become a member of the AllDevicesGroup or any other preconfigured Group within WAAS –! When creating e.g.WAAS Deployment Deployment Overview 1.! Configure traffic interception (inline.! Always bring up the Central Manager (CM) first 4.! Further configuration should be done from within the CM BRKAPP-2005 © 2011 Cisco and/or its affiliates.! License configuration is required 3. WCCP etc) –! Start traffic interception on Core or Central devices –! Next add intercept to Remote Devices 6. set default one) and automembership for this group is enabled 5. Cisco Public 20 .g.

and license the WAE !! Ideal for CM and pilots or small deployments !! Proactive Diagnostics BRKAPP-2005 © 2011 Cisco and/or its affiliates. network integrate. manage. Cisco Public 21 .WAAS Installation Setup Script !! Prompted on boot of factory default box to run setup script or execute ‘setup’ !! Script prompts for configuration to communicate. All rights reserved.

31 255.WAE Interface Channeling !! Interfaces can be bundled into a PortChannel for loadbalancing and high availability across switch modules !! Requires identical interface configuration on both physical interfaces !! IP addresses are defined on the PortChannel interface wae(config)# interface PortChannel 1 wae(config-if)#no shut wae(config-if)#ip address 10.0 wae(config)# interface gigabitEthernet 1/0 wae(config-if)#no shutdown wae(config-if)#channel-group 1 DO NOT wae(config-if)#exit wae(config)#interface gigabitEthernet 2/0 wae(config-if)#no shutdown wae(config-if)#channel-group 1 FORGET BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 22 .1.1.255.255. All rights reserved.

100 255.Standby Network Interface Card (NIC) !! Must be layer 2 path between two NICs !! MAC only on in-use interface !! Primary preempts !! No primary floats !! Gratuitous ARPs on failover wae(config)#interface Standby 1 wae(config-if)#ip address 10.2. Cisco Public 23 .0 wae(config-if)#exit wae(config)#interface GigabitEthernet 1/0 wae(config-if)#standby 1 primary wae(config-if)#exit wae(config)#interface GigabitEthernet 2/0 wae(config-if)#standby 1 wae(config-if)#exit WAE(config)#primary-interface standby 1 wae#show interface standby 1 Interface Standby 1 (2 physical interface(s)): GigabitEthernet 1/0 (active) GigabitEthernet 2/0 (active) (primary) (in use) G 1/0 G 2/0 BRKAPP-2005 © 2011 Cisco and/or its affiliates.255.255.1. All rights reserved.

Deploying WAAS Central Manager (WAAS CM) BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public .

All rights reserved. Cisco Public 25 .Central Management System (CMS) !! CMS process runs on all WAEs !! Bidirectional configuration synchronization between CM and accelerators !! Communicates over HTTPS using self signed device specific certificates and keys !! Central Manager collects health and monitoring data to every five minutes by default !! CMS provides means to backup and restore configuration !! Provides means to replace a failed device with a new device !! Use “show cms info” to get CMS status BRKAPP-2005 © 2011 Cisco and/or its affiliates.

255.1.1.255.1.21 clock timezone AEST 10 0 ntp server ntp.0 exit ip default-gateway 10.Deploying WAAS CM CM Configuration !! Device located in Data Center !! Setup script recommended !! Non-default configuration –! –! –! –! –! –! Device mode Hostname Primary-interface IP configuration Date/time configuration Configuration Management System (CMS) device mode central-manager hostname dc1-cm1 license add Enterprise primary-interface GigabitEthernet 1/0 interface GigabitEthernet 1/0 ip address 10. All rights reserved.1.31 255.1.254 ip name-server 10.1. Cisco Public 26 .foo.com cms enable copy run start !! CMS must be enabled to access the web GUI !! Reload required (role change) !! Optionally use standby interface to dual-home to two switches BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Deploying WAAS CM WAAS CM Dashboard: https://cm-ipaddress:8443 BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 .

Cisco Public 28 . All rights reserved.Deploying WAAS CM Group Configuration Best Practices EdgeDevicesGroup Transaction logs Prepositioning Disk encryption Flow Agent AllDevicesGroup DNS SNMP Date/Time > NTP Server | Time Zone Login Access Control > SSH | MoD | Exec Timeout Authentication Common criteria System Log Settings Storage > Disk Error Handling CoreDevicesGroup SSL Acceleration AccelerationGroup Application Policies BRKAPP-2005 © 2011 Cisco and/or its affiliates.

SSL. All rights reserved. Print) System-wide. Device Specific and Grouped by Location BRKAPP-2005 © 2011 Cisco and/or its affiliates. CIFS. Video. Cisco Public 29 . NFS.Deploying WAAS CM WAAS Monitoring !! !! !! !! !! Dashboard Aggregate Statistics Optimisation Summary Connection Trending Application Acceleration (HTTP. MAPI.

Cisco Public .Deploying Physical WAE BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

All rights reserved.100.foo.0 ! Optionally configure 100 Mb Full Duplex exit ip default-gateway 10.100.254 ip name-server 10.255.Deploying WAAS Accelerators Device Mode Accelerator (Default Setting) !! Default configuration Hostname Primary-interface IP configuration CMS enable hostname br1-wae1 primary-interface GigabitEthernet 1/0 interface GigabitEthernet 1/0 ip address 10.101 255. Cisco Public 31 .1.1.21 ! Implement DNS for CM mobility central-manager address cm.1.255.1.com cms enable copy run start !! No reload required !! CMS required to register with CM !! Hostname for CM recommended to ease CM moves !! Use standby to dual-home WAE to two switches in a redundant environment (N+1 redundancy) !! Use EtherChannel® to achieve higher throughput and redundancy !! Auto-registration option enables CM discovery through DHCP BRKAPP-2005 © 2011 Cisco and/or its affiliates.

All rights reserved.Deploying WAAS Accelerators CM Manage Devices BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 32 .

g. Cisco Public 33 . All rights reserved. Edge or Core) groups where necessary BRKAPP-2005 © 2011 Cisco and/or its affiliates.Deploying WAAS Accelerators Device Group Assignment !! Newly configured WAAS device is automatically added to AllDeviceGroup !! Add the new device to other (e.

86 GHz Intel Core 2 Duo 1.86 GHz Intel Core 2 Duo (Single Core) (Dual Core) 2 GB 500 GB SATA HDD !! 2 Internal GE ports !! 1 External GE port !! 1 External USB port © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 GB 2 x 500 GB SATA HDDs w/ RAID 0/1 !! 2 Internal GE ports !! 1 External GE port !! 1 External USB port 34 .Deploying WAAS on SRE Service Ready Engine (SRE) SRE 700 SM SRE 900 SM Processor Maximum Memory Maximum Storage Ports BRKAPP-2005 1.

All rights reserved.1 recommended !! Initial WAAS Configuration Standard WAAS configuration steps BRKAPP-2005 © 2011 Cisco and/or its affiliates.1 WAAS Version 4.3.2. Cisco Public 35 .Deploying WAAS on SRE Deployment Steps !! Initial SRE Configuration Configure IP Connectivity between ISR and SRE !! Initial WAAS Installation Load WAAS Software on SRE (when needed) WAAS on SRE: min version 4.

2.bin.bin.7-k9.7-k9.7-k9.3.2.2.bin.2.2.3.7-k9. All rights reserved.install.header waas-accelerator-4.7-k9.srebootloader BRKAPP-2005 © 2011 Cisco and/or its affiliates.3.installer waas-accelerator-4.install.bin.7-k9.Deploying WAAS on SRE Obtain WAAS Software !! Download WAAS software from CCO CCO account is needed !! Extract the ZIP file and install in FTP directory Make sure FTP Server is reachable from ISR! Directory should contain following 6 files: waas-accelerator-4.bin.key waas-accelerator-4.bin waas-accelerator-4.sre waas-accelerator-4. Cisco Public 36 .3.sre.2.3.3.

Deploying WAAS on SRE Initial SRE Configuration !! SRE is recognized by IOS as “Interface SM<slot>/0” Router#show run interface SM1/0 interface SM1/0 no ip address shutdown service-module fail-open !! Configure IP Addresses and Gateway Router#conf t Router(config)#interface SM1/0 Router(config)#ip address 10.255.254 BRKAPP-2005 © 2011 Cisco and/or its affiliates.255.255.0 Router(config)#service-module ip default-gateway 10.0 Router(config)#service-module ip address 10. All rights reserved. Cisco Public 37 .42.1 255.12.12.254 255.12.42.255.42.

3. Cisco Public 38 .2.42.100/waas/SRE/waas-accelerator-4.40.sre ! [OK .3.7-k9.Deploying WAAS on SRE WAAS SW Load with Router CLI Script !! CLI Script: service-module sm1/0 install url !! Use the full path to the bin image Router# service-module sm 1/0 install url (continued on next line) ftp://username:password@10.7-k9.install.2.bin Proceed with installation? [no]: yes Loading SRE/waas-accelerator-4.1722/4096 bytes] Welcome to the WAAS installation checking resource requirements now Resource check complete proceeding with installation BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.bin.

42. 2067 .12.255.254 BRKAPP-2005 © 2011 Cisco and/or its affiliates.12..3 (build b7 Jul 29 2010) ! device mode application-acceleratorinterface GigabitEthernet 1/0 ip address 10. Cisco Public 39 .0 exit ! ip default-gateway 10.42. All rights reserved.Deploying WAAS on SRE Initial Configuration Using CLI !! Session into SRE (is reverse telnet on line 2067) Router#service-module sm 1/0 session Trying 10.254.255..1 255.2.42. Open !! Device comes up as Accelerator with Interface IP and Default Gateway already configured NO-HOSTNAME#sho run ! waas-accelerator-k9 version 4.12.

. Please preserve running configuration using 'copy running-config startupconfig'.bnelab. All rights reserved.40.40. Sending device registration request to Central Manager with address 10.waas.com SRE700(config)#ip name-server 10.. domain-name.bnelab. initializing CMS tables Successfully initialized CMS tables Registration complete.42.cisco. management services enabled BRKAPP-2005 © 2011 Cisco and/or its affiliates. Otherwise management service will not be started on reload and node will be shown 'offline' in WAAS Central Manager UI..101 SRE700(config)#primary-interface gi 1/0 SRE700(config)#central-manager address cm.cisco.1 Please wait. primary-interface and central-manager address before enabling CMS and do save the configuration (or use setup script. Cisco Public 40 .) NO-HOSTNAME(config)#hostname SRE700 SRE700(config)#ip domain-name waas..com SRE700(config)#cms enable Registering WAAS Application Engine.42.Deploying WAAS on SRE Initial Configuration Using CLI !! Configure hostname. dns.

1 10.1 !! Next step would be configuring WCCP on SRE and ISR BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.42. Cisco Public 41 .40.40.42.Deploying WAAS on SRE Save and Check CMS !! Save the config and check if CMS is running SRE700(config)#exit SRE700#wr mem SRE700#sho cms info Device registration information : Device Id Device registered as Current WAAS Central Manager Registered with WAAS Central Manager CMS services information : Service cms_ce is running = = = = 4206 WAAS Application Engine 10.

All rights reserved.Deploying Virtual WAAS (vWAAS) BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public .

Cisco Public 43 . All rights reserved.Deploying vWAAS Cloud-Ready Optimization Cisco vWAAS Cisco vWAAS WAN WAAS Mobile Server Internet Public Cloud Mobile Users WAAS Mobile Client Private Cloud WAAS Branch Differentiators Key Requirements "! "! "! "! On demand deployment with elastic scalability Minimal network configuration VM mobility awareness Multi-tenant deployment Benefits "! On-demand orchestration of WAN optimization "! Increased availability with SAN based storage "! Lower OPEX for Cloud Migration "! "! "! Policy based provisioning with Cisco Nexus 1000V Rapid creation of WAN Optimisation Service Transparent deployment w/ WCCP BRKAPP-2005 © 2011 Cisco and/or its affiliates.

All rights reserved.Deploying Virtual WAAS Interception at Core or Access !! Core Interception w/ WCCP vWAAS vWAAS vWAAS -! Multiple vWAAS VMs can be clustered in same WCCP cluster. -! Both physical and virtual WAE can be part of same cluster WAN VMWare ESX/ESXi UCS /x86 Server WCCP Cat6K/N7K !! Access Interception w/ vPath -! Interception based on port-profile policy configured in Nexus 1000v -! Bidirectional Interception .(no IN/OUT configuration) -! Pass-through traffic automatic bypass Nexus 2K/5K Nexus 1000V /VN-Link vPATH UCS Compute/ Physical servers BRKAPP-2005 UCS Compute/ Virtualized Servers © 2011 Cisco and/or its affiliates. ! ! ! ! ESX/ESXi with N1000v UCS /x86 Server Cisco Public 44 .

All rights reserved. CPU.0+ hypervisor !! VMware vCenter server & vSphere client 4. 6000.x !! Cisco UCS or other x86 Server -!Server hardware should 64 bit CPU & be on the VMware Compatibility List (HCL) -! Ensure Intel VT is enabled in the host’s BIOS !! Nexus 1000v version 4.2(1)SV1(4) (for vPATH Interception) BRKAPP-2005 © 2011 Cisco and/or its affiliates. 2000N !! VMware ESX/ESXi 4. 12000 vCM-100N. NIC’s and other VMWare related configuration vWAAS-750.Deploying Virtual WAAS Installation Prerequisites !! vWAAS is provided as a Virtual Appliance in OVF File Prepackaged with disk. memory. Cisco Public 45 .

Deploying Virtual WAAS Installation BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 .

Deploying Virtual WAAS Installation BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 .

All rights reserved.Deploying Virtual WAAS Installation BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 48 .

Deploying Virtual WAAS Vmware vSphere—Summary Display BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 49 . All rights reserved.

Cisco Public 50 .Deploying Virtual WAAS vWAAS Configuration Steps !! Configuration is the same as for a normal WAAS Device !! Connect to the Console through vCenter !! Use of Setup Wizard is recommended !! Some differences you will notice Interface “virtual 1/0” Interception “other” (for vPATH) BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public . All rights reserved.Deploying WAAS Express BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Cisco Public 52 . Interoperable with existing Cisco WAE appliance / module product range Managed by WAAS Central Manager Supported on ISR-G2 platforms.Deploying WAAS Express Introduction !! An IOS-based WAN optimisation solution for the ISR G2 Platform Integrates WAN Optimisation functionality natively into Cisco IOS via a feature license. All rights reserved. Increase available bandwidth to small/medium branch sites Data Center WAAS Appliances WAAS CM WAN ISR G2 Branch Office WAAS Express BRKAPP-2005 © 2011 Cisco and/or its affiliates.

g.Default Policy is the same as Cisco WAAS default policy (Except for non-supported features e.Default built-in policy is applied to running-config .Standard IP Routing .Crypto VPN Technology .IOS 53 . Cisco Public .Flexible Netflow BRKAPP-2005 © 2011 Cisco and/or its affiliates.NAT .QoS Firewall .Configuration via global policy-map and parameter-map .Deploying WAAS Express Requirements !! Maximum router memory is required !! Minimum IOS version 15.1(2)T !! WAAS Express is configured on the WAN interface !! No intercept configuration like WCCP is necessary !! WAAS Express uses CPL for configuration . AO) !! Natively interoperates with Cisco IOS® features .IP ACL . All rights reserved.

Cisco Public 54 . All rights reserved.Deploying WAAS Express Configuration ISR-G2 WAN WAAS Express Branch Office router (config-if)# waas enable Router#configure terminal Router(config)#interface <wan-interface-name> Router(config-if)#waas enable !! Simple one command configuration !! End User License Agreement is displayed for Trial licenses the first time WAAS Express is enabled !! Router should be configured to as HTTP secure-server BRKAPP-2005 © 2011 Cisco and/or its affiliates.

.Deploying WAAS Express Default Configuration (Snippet) parameter-map type waas waas_global tfo optimize full tfo auto-discovery blacklist enable lz entropy-check ! class-map type waas match-any CIFS match tcp destination port 139 match tcp destination port 445 class-map type waas match-any FTP-Control match tcp destination port 21 class-map type waas match-any FTP-Data match tcp source port 20 … class-map type waas match-any waas-default match tcp any ! policy-map type waas waas_global class CIFS optimize tfo dre lz application WAFS class FTP-Control passthrough application File-Transfer class FTP-Data optimize tfo dre lz application File-Transfer . All rights reserved. class waas-default optimize tfo dre lz application waas-default BRKAPP-2005 © 2011 Cisco and/or its affiliates... Cisco Public 55 .

All rights reserved.Deploying WAAS AOs BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public .

----------. Print (and DRE/TFO/LZ) !! Video requires Enterprise !! Virtual Blade requires Enterprise !! CM requires Enterprise !! CLI commands show license license add <license-name> clear license clear license <license-name> BRKAPP-2005 © 2011 Cisco and/or its affiliates. MAPI. Cisco Public #show license License Name By Status Activation Date Activated -------------. CIFS. SSL.---------------------------Transport Enterprise Video Virtual-Blade #show license License Name By Status Activation Date Activated not active active not active not active 03/20/2008 admin #license add Video -------------. HTTP.Deploying WAAS AOs Configuring Licenses !! License managed at device level !! License name is case sensitive !! Transport includes DRE/LZ/TFO !! Enterprise includes NFS.----------. All rights reserved.---------------------------Transport Enterprise Video Virtual-Blade not active active active not active 03/20/2008 04/01/2008 admin admin 57 .

Cisco Public 58 .Deploying WAAS AOs Configuration 1. All rights reserved." 2." Go To AllDevicesGroup Globally enable WAAS Accelerators Enable Blacklist if firewalls upstream from core drop SYN packets with options else disable BRKAPP-2005 © 2011 Cisco and/or its affiliates." 3.

Core WAE: Server Private Key 59 . All rights reserved.Encrypted Optimized & Encrypted Original Data .Deploying WAAS AOs SSL Optimization !! Core WAE acts as a Trusted Intermediary Node for SSL requests by client !! Private Key and Server Certificate are stored on the Core WAE device !! Core WAE participates in SSL Handshake to derive “session key” !! Distributes the “session key” securely in-band to the Edge WAE over the established connection between the Edge WAE and Core WAE Edge WAE Send “session key” Core WAE Transparent Secure Channel Client SSL Handshake SSL Handshake Server WAN Original Data . Cisco Public SSL Session Core WAE to Server .Encrypted SSL Session Client to Core WAE (WAAS) BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Offload Server Local HTTP Freshness Response Local HTTP Redirect Response Local HTTP Authneeded Response DRE Flush Stream DRE Skip Bytes DRE Skip LZ Disables Server Compression BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 60 .Deploying WAAS AOs HTTP Optimization with SSL Advanced HTTP Parser Cache HTTP Meta Data Send DRE Hints Modify Compression Directive Mitigate Latency Mitigate Latency Improve Performance Improve Perf. All rights reserved.

Cisco Public 61 . All rights reserved.Deploying WAAS AOs HTTP/HTTPS AO Configuration BRKAPP-2005 © 2011 Cisco and/or its affiliates.

All rights reserved.Deploying WAAS AOs Central Manager Secure Store for SSL !! CM’s secure store keeps all imported host and accelerated SSL certificates and private keys !! Certificates and private keys encrypted with user pass-phrase: When secure store is being initialized first time (initialization) After CM device reloads to open secure store (opening) !! CM secure store must be open to synchronize configuration between SSL capable CM and WAEs !! Upon reboot. Cisco Public 62 . if CM detects the secure store is initialized but not open a critical alarm is raised BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Deployment into the Network BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public .

Cisco Public . All rights reserved.WAAS Inline Deployment BRKAPP-2005 © 2011 Cisco and/or its affiliates.

1q VLAN trunking support Supported on all WAE appliance models WAN BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 65 . software.WAAS Inline Deployment Simple Transparent Inline Deployment !! Simple Plug-and-Play Deployment Physical in-path deployment between switch and router Mechanical fail-to-wire upon hardware. All rights reserved. or power failure Remote Office !! High Availability Two 2-port fail-to-wire groups with support for redundant network paths and asymmetric routing Serial in-path clustering with fail-over !! Seamless Transparent Integration Transparency and automatic discovery 802.

software. All rights reserved.1q trunks Use Gi1/0 primary interface !! Switch Straight through cable from engine to switch Ensure the router and switch have matching speed and duplex Implement portfast for faster recovery BRKAPP-2005 © 2011 Cisco and/or its affiliates. or power failure Support for interception 802.WAAS Inline Deployment Non-Redundant Branch g1/0 s1 e1 r1 WAN 1/0/LAN 1/0/WAN 1/1/WAN 1/1/LAN 1/0/WAN 1/0/LAN !! Router Crossover cable from router to engine Fix speed and duplex settings for Fast Ethernet connections Ensure the router and switch have matching speed and duplex !! Engine One Inline NIC per WAE appliance (cannot be used with WCCP) Installed in-path between switch and router or firewall Use single pair of inline ports (1/0 or 1/1) removing RJ45 port covers Ports fail-to-wire upon hardware. Cisco Public 66 .

WAE-7371 Branch Inline WAE (Up to 2) !!Simplified HA deployment model !!HA supported by other WAE !!NEW Interception Access List –! Bypass for non-relevant traffic WAN1 WAN2 Dual WAN Links !!Small and medium data centers Inline Serial Cluster Data Center BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.WAAS Inline Deployment Serial Inline Cluster !!Support for 2 Inline Cards per WAE –! Up to 4 inline groups (8 ports) –! WAE-674. Cisco Public 67 . WAE-7341.

All rights reserved.WAAS Inline Deployment Redundant Branch Topology WAN WAN WAN WAE-DC1 WAE-DC2 WAN BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 68 .

Cisco Public 69 . All rights reserved.WAAS Inline Deployment Data Centre Topology WAN WAN WAN WAE-DC1 WAE-DC2 WAN BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Cisco Public 70 .WAAS Inline Deployment Serial Inline Cluster Best Practices !! Deploy the same platform for both devices in cluster !! Apply the same bidirectional policy/interception ACL on both devices !! Disable optimization between serial cluster devices !! Use CM to configure and manage the Serial Inline Cluster Automatic peer configuration Verify peer optimization settings are mutually configured Location based reporting !! Second WAE in serial inline cluster is for High Availability only. Not supported for scaling (use WCCP instead) BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

All rights reserved.WAAS WCCP Deployment BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public .

Cisco Public 72 . All rights reserved.WAAS Overview Network-Integrated Off-Path Interception !! WCCPv2 Interception Transparent network integration and automatic discovery Active/active clustering supports up to 32 WAEs and 32 routers with automatic load-balancing. and fail-through operation Near-linear scalability and performance improvement when adding devices Remote Office WAE Cluster !! Policy-Based Routing Interception Routing of flows to be optimized through a Cisco WAE as a next-hop router Active/passive clustering provides high availability and failover using IP SLA as a tracking mechanism WAN BRKAPP-2005 © 2011 Cisco and/or its affiliates. fail-over. load redistribution.

All rights reserved.WAAS WCCP Deployment WCCP Functions Intercept R1 Assign C1 Redirect E1 S1 Return/Egress !! Intercept – Identify packets for WCCP processing (in or out) !! Assign – Select the WAE !! Redirect – Router sends the packet to the WAE !! Return – WAE sends the packet back to the router !! Egress – WAE may ignore WCCP negotiated return by using another return method like IP forwarding (routing) or generic GRE BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 73 .

WAAS WCCP Deployment Redirect List !! Permit all applications but deny specific protocols Avoid redirection of management traffic with a universal ACL Apply bidirectional ACL to service groups 61 and 62 Create the redirect ACL before enabling WCCP service groups 61 and 62 Do not enable logging on WCCP redirect ACL (performance) ip access-list extended waas remark WAAS WCCP Redirect List deny tcp any any eq telnet deny tcp any any eq 22 deny tcp any any eq 161 deny tcp any any eq 162 deny tcp any any eq 123 deny tcp any any eq bgp deny tcp any any eq tacacs deny tcp any any eq 2000 ! Reverse Direction deny tcp any eq telnet any deny tcp any eq 22 any deny tcp any eq 161 any deny tcp any eq 162 any deny tcp any eq 123 any deny tcp any eq bgp any deny tcp any eq tacacs any deny tcp any eq 2000 any ! ! Below optional per branch in pilot permit tcp any <<branch subnet>> permit tcp <<branch subnet>> any deny tcp any any !! Optionally permit specific IP subnets during PoC !! Avoid TCAM overflow on 6500 BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 74 . All rights reserved.

0000:0000.0000:0000 BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.Byte level XOR computation divided into 256 buckets (default) Mask .Bit level AND divided up to 128 buckets (7 bits) !! Branch DHCP allocated addressing Balance hosts to multiple engines 0x1 to 0x7F (or similar) Balancing to a single engine (mask selection is irrelevant) !! Retail Data Center Site /24 allocation per site Balance sites or engines with 0x100 to 0x7F00 (or similar) !! Enterprise Data Center Regional/16 allocation Balance regions with 0x10000 to 0x7F0000 0xF = 0000:0000.0000:0000.WAAS WCCP Deployment Assignment !! Assignment (engine selection) Hash .0000:0000.0000:1111. Cisco Public 75 .0000:0000 0xF0000 = 0000:0000.0000:1111.0000:1111 0xF00 = 0000:0000.0000:0000.

WCCP GRE or WCCP L2 return (L2 not yet supported in WAAS) Generic GRE .Frame MAC address rewritten to engine MAC !! WAE WCCP Return (WAE to Router) WCCP GRE . Return and Egress Method !! Configured on WAE !! Dependant on design and router hardware/software !! Router WCCP Redirect (Router to WAE) GRE .13) WCCP Layer 2 . Cisco Public 76 . All rights reserved.Frame statefully rewritten to router MAC !! WAE Egress Method (WAE to Router) IP Forward .Packet statefully returned router (as of 4.Engine ARPs for default gateway (default) WCCP negotiated .Stateful return in hardware to Catalyst 6500 Sup720/32 (as of WAAS 4.Entire packet GRE tunneled to the engine (default) Layer 2 .WAAS WCCP Deployment Redirect.0.1) BRKAPP-2005 © 2011 Cisco and/or its affiliates.

0(1)M 12. 12.2(6). Mask Only GRE or L2 Extended ACL In only GRE or L2 Planned 2.2(46)SE Assign Redirect Redirect List Direction Return VRFs IOS Mask Only L2 L3/L4 ACL In or Out L2 only Supported! 4. 12. 5.2 (26).2 (18)SXF14 Cat 4500 Mask only L2 only No ACL Support In only L2 only NA 12.4(15)T8.3(14)T5.1(27)E.1 (3)T. 12.2(18)SXF14 12.WAAS WCCP Deployment Platform Recommendations Function Nexus 7000 Software ISR & 7200 Hash or Mask GRE or L2 Extended ACL In or Out GRE or L2 Supported 12. All rights reserved.2(50)SG1 Cat 3750 Mask only L2 only Extended ACL (no deny) In only L2 only NA 12. Cisco Public 77 .2(33)SXH4 12. 12.2(18)SXD1! BRKAPP-2005 © 2011 Cisco and/or its affiliates.3(13). 12.4(10). 12.0 (3)! Mask GRE or L2 Extended ACL In L2 Planned! 6500 12. 12. 12.2(33)SXI2a 7600 ISR G2: 15.4(2) ASR 1000 Cat 6500 Sup720/32 7600 Cat 6500 Sup2 Mask L2 or GRE / L2 Extended ACL In L2 NA 12.1(14).2(14) T.

168. Cisco Public 78 . All rights reserved.WAAS WCCP Deployment WAAS Configuration Prevent Loop! Turn on WCCP after configuration BRKAPP-2005 wccp router-list 1 192.254.2 wccp tcp-promiscuous router-list-num 1 egress-method negotiated-return interceptmethod wccp wccp version 2 © 2011 Cisco and/or its affiliates.

All rights reserved.WAAS WCCP Deployment Router Configuration !! Router Global Configuration Router(config)# ip cef Router(config)# ip wccp 61 <optional-redirect-list acl-name> Router(config)# ip wccp 62 <optional-redirect-list acl-name> Router(config)# ip wccp version 2 !! Router Interface Configuration Router(config-if)# ip wccp 61 redirect <in|out> Router(config-if)# ip wccp 62 redirect <in|out> Router(config-if)# ip wccp redirect exclude in Determined by topology Src Balance 61 62 Dst Balance A A e1 B C e2 B BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 79 .

Service Identifier: 62 Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected: 581196 Process: 107 Fast: 0 CEF: 581089 Redirect access-list: -none.............0 dc1-wae1#show wccp routers Router Information for Service: TCP Promiscuous 61 Routers Configured and Seeing this Engine(1) Router Id Sent To Recv ID 10....3......254 0001CD80 Routers not Seeing this File Engine -NONERouters Notified of but not Configured -NONERouter Information for Service: TCP Promiscuous 62 Routers Configured and Seeing this Engine(1) Router Id Sent To Recv ID 10.....1..3.....1..254 10....... All rights reserved..............254 0001CD7C Routers not Seeing this File Engine -NONERouters Notified of but not Configured -NONEdc1-wae1#show wccp gre Transparent GRE packets received: Transparent non-GRE packets received: Transparent non-GRE non-WCCP packets received: Total packets accepted: Packets sent back to router: GRE packets sent to router (not bypass): Packets sent to another WAE: Packets received with client IP addresses: Service Identifier: 61 Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected: 1954820 Process: 474 Fast: 0 CEF: 1954346 Redirect access-list: -none......... 105587 0 0 100152 0 52222 0 100152 BRKAPP-2005 © 2011 Cisco and/or its affiliates.2......1.......3.WAAS WCCP Deployment Verifying Operation dc1-rtr1#show ip wccp Global WCCP information: Router information: Router Identifier: Protocol Version: 10..254 2. Cisco Public 80 ...1.2...1...254 10............

1.1.254 wccp tcp-promiscuous router-list-num 1 egress-method negotiated-return intercept-method wccp wccp version 2 Router ip wccp 61 ip wccp 62 interface g0 ip wccp 61 redirect in interface s0 ip wccp 62 redirect in WAE wccp router-list 1 10. Cisco Public 81 .254 wccp tcp promiscuous router-list 1 l2-redirect mask-assign wccp tcp-promiscuous mask src-ip-mask 0xF wccp version 2 BRKAPP-2005 © 2011 Cisco and/or its affiliates.1. All rights reserved.WAAS WCCP Deployment Branch Options A/24 h1 61 h2 g0 s0 62 h1 A/24 g0 61 Si s0 62 sm1/0 WAN h2 WAN SRE-700 Router ip wccp 61 ip wccp 62 interface g0 ip wccp 61 redirect in interface s0 ip wccp 62 redirect in WAE wccp router-list 1 10.1.

WAAS WCCP Deployment Shared WAE’s Within Distribution Layer !! WAE with Interface Standby (N+1 Redundancy) Registration – r1/r2 interface IP Assignment – Mask Redirect – WCCP GRE Return/Egress .IP forward or generic GRE Network Engines on dedicated subnets (no interface standby) Routed interface link (r1-r2) with no WCCP e1 e2 62 62 r1 WAN 61 Si 61 Si r2 e3 e4 BRKAPP-2005 © 2011 Cisco and/or its affiliates.IP Forwarding. All rights reserved. Cisco Public WCCP Registration 82 . or WCCP GRE (ASR) Network Engines on shared subnet between r1 and r2 Interface VLAN inter-core link with no WCCP e1 61 r1 Si WAN e2 e3 e4 61 Si r2 62\ 62 !! WAE with Single Interface or EtherChannel Registration – Loopback IP Assignment – Mask Redirect – WCCP GRE Return/Egress . generic GRE (6500).

WCCP GRE Return/Egress – WCCP GRE or IP forward Hardware Plaftorm (6500/PFC3 or ASR) Assignment – Mask Redirect – WCCP GRE Return/Egress – Generic GRE (6500). All rights reserved.WAAS WCCP Deployment Shared WAE’s at WAN Edge !! Local WAE Redirect and Return Registration –r1/r2 interface IP Software platform (7200/ISR) Assignment – Hash Redirect .WCCP GRE Return/Egress . or IP forward return 61 r1 WAN e1 e2 61 r2 62 62 Si Si !! Remote WAE GRE Redirect and Return Registration – Remote r1/r2 loopback IP Assignment – Hash (7200/ISR) or mask (6500/ASR) Redirect .WCCP GRE (ASR/7200/ISR) or Generic GRE (6500) WAN 61 r1 61 r2 62 e1 Si 62 e2 Si WCCP Registration BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 83 . WCCP GRE (ASR).

Dual Data Center
Asymmetric Routing Condition
!! Condition
Branch route summarization Connections sent to DC-A when application resides in DC-B
/16

SYN and SYN/ACK not seen by same WAE

DC-B

!! Solutions
Advertise summary route for each data center to eliminate asymmetric routing WAE in server farm distribution with WCCP or ACE WAE cross registers with WAN edge or distribution routers in both data centers
Si

DC-A

/16

0.0.0.0

Si

Si

Si

DC-A
BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

DC-B
84

Dual Data Centre
Asymmetric Routing Solutions

61

61

62

62

62 61

62 61

62
Si Si Si Si Si Si

62
Si Si

61

61

62

62

!! WAE in server farm !! Distribution with WCCP or vPath

!! WAE cross registers with WAN edge or distribution routers in both data centers
Cisco Public

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

85

WAAS WCCP Deployment
Configuration Best Practices
!! Registration
Do NOT use a virtual gateway address (HSRP, VRRP, GLBP) Use interface IP address if L2 adjacent to WCCP router Use highest loopback address if not L2 adjacent to WCCP router Do not configure large MTU (>1500 bytes) on WCCP client interfaces

!! Software Platforms
GRE Forwarding (Default) Hash Assignment (Default) Inbound Interception "ip wccp redirect exclude in" on WCCP client interface (outbound interception only) WAAS Egress Method: IP Forwarding

!! Hardware Platform
L2 Forwarding Mask Assignment [ Since 4.2.1 the default mask is changed to 0xF00 from 0x1741 ] Inbound Interception Do not use "ip wccp redirect exclude in” WAAS Egress Method: IP Forwarding, Generic GRE (Cat6k PFC-based systems only)

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

86

WAAS vPath Deployment BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public .

VMware ESXi Server Non Optimized VM Cisco Public 88 .vWAAS vPath Deployment Introduction to vPath !! Intelligence build into Virtual Ethernet Module (VEM) of N1000V !! vPath has following main functions: !! Intelligent Traffic interception for vWAAS !! Offload the processing of Pass-through traffic from vWAAS !! ARP based health check !! Maintain Flow entry table Cisco UCS x86 Server Cisco UCS x86 Server vWAAS WebServer 1 App Server WebvWAAS Server 1 WebApp Server 2 Server VM VM Add New WebServer Virtual Machine (VM) VM VM NEW VM Nexus 1000V vPath Nexus 1000V vPath VMware ESXi Server vWAAS Optimized VM BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public 89 .vWAAS vPath Deployment Port-Profile Configuration Port-Profile Network Admin view Port-group vPATH interception Nexus 1000v VSM Server Admin view vSphere client Attach Opt-port-profile to server VMs BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

WAAS Sizing Guidelines BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public .

* SSL connections / TCP connections 91 . All rights reserved.WAAS Sizing Guidelines Platform Performance (4.3) Capacity SRE 700 SRE 900 WAVE -274 WAE474 WAE5743GB WAE5746GB WAE674-4G B WAE6748GB WAE6748GB +VB WAE-7341 WAE-7371 WAN Bandwidth (Mbps) Optimized TCP Connections Optimized Throughput (Mbps) Total Disk Capacity (GB) DRE Disk Capacity (GB) CIFS Disk Capacity (GB) Maximum LAN Video Streams Virtual Blades Supported Total Virtual Blade Disk Capacity Core Fan Out CM Managed Devices BRKAPP-2005 20 50 2 4 8 20 45 90 90 310 12000 9000/3000* 800 900 500 230 1000 1000 50000 12000/28000* 1500 1500 1000 230 1000 500 400 200 400 750 1300 2000 6000 4000 150 500 120 120 200 250 500 120 120 200 90 250 40 120 40 2 30 90 250 60 120 80 2 30 100 500 80 120 150 2 60 35 150 500 120 120 300 6 175 70 1000 Cisco Public 250 600 120 120 400 2 120 100 1500 350 600 320 120 1000 350 600 150 120 600 6 200 200 1500 200 2000 1400 2800 125 250 500 © 2011 Cisco and/or its affiliates.

NAT. T1.5 G 2.WAAS Sizing Guidelines WAAS Express Recommendations Platform 89x 1941 2901 2911 2921 2951 3925 3945 Total DRAM Required 768 M 2. E1.5 G 4G 4G 4G Maximum WAN bandwidth Supported 2 Mbps 4 Mbps 6 Mbps 6 Mbps 6 Mbps 6 Mbps 10 Mbps 10 Mbps Recommended Number of Users 1-10 15-20 15-20 25 25 25 50 50 Max TCP Connections 75 150 150 200 200 200 500 500 !! WAAS Express requires maximum DRAM installed as indicated !! Typical Interfaces – 3G.5 G 2. and Serial !! Performance Testing Conducted with IOS FW. All rights reserved. QoS BRKAPP-2005 © 2011 Cisco and/or its affiliates. Multi T1s. VPN (IPsec). Cisco Public 92 . and.5 G 2. Multi E1s.

Cisco Public 93 .TCP Connection) Virtual Cores: 4 Memory : 12 GB Hard Disk: 750 GB Modeled after 7341 vCM-Small 100 (Max Devices) Virtual Cores : 2 Memory : 2 GB Hard Disk: 250 GB Modeled after 274 vCM-Large 2000 (Max Devices) Virtual Cores: 4 Memory : 8 GB Hard Disk: 600 GB Modeled after 674 BRKAPP-2005 © 2011 Cisco and/or its affiliates.TCP Connection) Virtual Cores: 4 Memory : 8 GB Hard Disk: 500 GB Modeled after 674 Large DC Medium-DC 12000 (Opt. All rights reserved.WAAS Sizing Guidelines vWAAS Branch/ Small DC BRANCH 750 (Opt.TCP Connection) Virtual Cores : 2 Memory : 4 GB Hard Disk: 250 GB Modeled after 574 Medium DC Small-DC 6000 (Opt.

Closure BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public .

. Use CM Configuration Groups Monitor Router/Switch CPU load after implementing WCCP Beware of Routing Loops with WCCP Follow recommended order of operations Fix Line-rate and Duplex on Fast Ethernet networks Use of Port-Fast where appropriate Usage of DNS and NTP is recommended BRKAPP-2005 © 2011 Cisco and/or its affiliates.. Cisco Public 95 .Closure Remember Guidelines !! Remember. All rights reserved.

ciscolivevirtual. !! Give us your feedback and you could win fabulous prizes. and on-demand and live activities throughout the year. communities. !! Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center. Cisco Public 96 . Activate your account at any internet station or visit www. Points are calculated on a daily basis. !! Don’t forget to activate your Cisco Live and Networkers Virtual account for access to all session materials.Complete Your Online Session Evaluation !! Receive 25 Cisco Preferred Access points for each session evaluation you complete. BRKAPP-2005 © 2011 Cisco and/or its affiliates. Winners will be notified by email after July 22nd.com. All rights reserved.

Visit the Cisco Store for Related Titles http://theciscostores.com BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 97 . All rights reserved.

BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 98 . All rights reserved.

All rights reserved.Thank you. BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 99 .

Cisco Public . All rights reserved.Backup Slides BRKAPP-2005 © 2011 Cisco and/or its affiliates.

Cisco Public .WAAS Mobile BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved.

Fault Resilient. stability and troubleshooting tools reduce cost of support !! Centralized policy based management reduces deployment and support cost !! Integration with software distribution tools reduces deployment costs BRKAPP-2005 © 2011 Cisco and/or its affiliates. Client/Server Architecture WAN 2. Interoperable !! Best reliability. What It Does •! Accelerates Application Performance over Challenged Mobile or Remote Connections WAAS Mobile Client WAAS Mobile Server Web. All rights reserved. File & App Servers •! Installs on Windows Desktop 3. Why It’s Better !! Designed for Mobile & Remote Users Purpose Built for the Windows PC/Laptop Industry-leading Performance Lowest TCO !! Optimized for Diverse Challenged Networks !! Complements WAAS Appliance as Complete Acceleration Solution !! Highest performance over mobile and SOHO networks !! Scalable. Cisco Public 102 . Manageable.WAAS Overview WAAS Mobile 1.

WAAS Mobile Architecture BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 103 .

! >K1+F! .)<2%*7!>I11+6F! .-! 34$-'! +4.J-$))NAOP&L'*74! >9"+MF! OD/'%$! >+. All rights reserved.%*8)<!=!! >?@ABCDE%-F! G%2-'!>?@A! BCDE%-F! H+! .-L4.4!.)-)&)$! .422%)*! 6422%)*2! .2%2-4*-! +.!"##$%&'()*2! BRKAPP-2005 © 2011 Cisco and/or its affiliates.4E!:.)<2%*7! >I11+F! 64&J.%*8)<2!K%$4!6L'.#(/%0'()*! 6%7*48! 69:! Supported Windows Client Platforms .4E! :.'*2Q4.'*2#). Cisco Public 104 .#(/%0'()*! 5)/#.42! >5MK6A69:F! .+BA691+F! K%$4!1.WAAS Mobile Acceleration Matrix Application WAAS Mobile Acceleration Feature "##$%&'()*! 1.

All rights reserved. Cisco Public 105 .WAAS Mobile Network Setup Data Center 1 WAAS Mobile Server Data Center 2 WAAS Mobile Server Intranet Application Servers Remote Access VPN Application Servers Internet Small Office Cisco WAAS Mobile Clients Mobile users connect through VPN to multiple WAAS Mobile Servers Cisco WAAS Mobile Client Workers in small offices may connect to multiple WAAS Mobile Servers Simultaneously Accelerate Traffic to Applications Hosted in Multiple Data Centers BRKAPP-2005 © 2011 Cisco and/or its affiliates.

WAAS Mobile Client – Server Data Flow WAAS Mobile Client Accelerated Applications CIFS SMB Other Applications WAAS Mobile Server TCP Intercept/Redirect (TDI driver) TCP Acceleration Process Control TCP 1182 Data UDP 1182 Acceleration Process Intercept/Redirect (TDI driver) TCP TCP !! WAAS Mobile Client proxies all accelerated TCP traffic and sends it via UDP port 1182 to the WAAS Mobile Server BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 106 .

Cisco Public 107 . All rights reserved. redundant capacity !! Scale out to handle multiple data centers •!Cisco WAAS Mobile server farms hosted at multiple data centers provide acceleration for any worker to any application !! Scalable Cisco WAAS Mobile Manager data flow •!Manager communicates with Cisco WAAS Mobile worker servers •!Worker servers communicate with Cisco WAAS Mobile clients •!A single Cisco WAAS Mobile Manager can manage hundreds of servers and hundreds of thousands of clients BRKAPP-2005 © 2011 Cisco and/or its affiliates.000 concurrent users per Cisco WAAS Mobile server •!Multiple Cisco WAAS Mobile Servers can be aggregated into Cisco WAAS Mobile server farms for load balanced.Cisco WAAS Mobile Scalability !! Scale up to handle maximum throughput of any data center •!Up to 10.

WAAS Mobile Management Central WAAS Mobile Manager !! Highly scalable •!Manage hundreds of Cisco WAAS Mobile servers or just a single server •!Manage hundreds of thousands of end users from a single user interface !! Total system visibility •!View performance at system level. or a single user !! Consolidated end-user management and monitoring •!Visibility into the performance and status of accelerated traffic by application and path for any end user from the Cisco WAAS Mobile Manager !! Highly available •!Central manager not required to be operational for acceleration services to be operational. All rights reserved. Cisco Public 108 . or drill down to a server farm. BRKAPP-2005 © 2011 Cisco and/or its affiliates. a group of end users. a single server.

Cisco Public 109 . All rights reserved.Cisco WAAS Mobile Management: Manage All Clients Centrally !! View all clients from the central console and filter to find the user or set of users of interest BRKAPP-2005 © 2011 Cisco and/or its affiliates.

If unable. client attempts to connect to previous server. they will automatically attempt to connect to backup server farms BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 110 . tries another server in the same farm !! To provide high availability in the event of a data center outage •!Cisco WAAS Mobile server farms may be located at backup data centers •!When clients are unable to connect to the primary server farm.Enterprise Deployment Considerations High Availability !! To provide high availability and capacity within a data center •!Multiple Cisco WAAS Mobile servers in a data center may be configured to be members of a Cisco WAAS Mobile server farm •!Traffic load is automatically balanced across the servers in a server farm –!Initial access is random –!On subsequent access.

All rights reserved.Enterprise Deployment Considerations Manageability !! Software installation •!Client profiles are packaged as executable . Cisco Public 111 .msi files !! Software upgrades •!Automatic upgrade and downgrade !! Configuration updates •!Automatic updates !! Policy based management •!Separate configuration profiles for different user groups •!Optional Active Directory group policies !! Central monitoring console •!Graphical displays of acceleration and traffic breakdown BRKAPP-2005 © 2011 Cisco and/or its affiliates.

All rights reserved. Cisco Public 112 .Enterprise Deployment Considerations Architecture Scalability !! Highly scalable storage system •! Each file or data sequence is only stored once •! Single instance of a file or data sequence is shared with all users !! Highly efficient memory utilization •! Uses only 2 MB of server RAM for each simultaneous active download •! 1000:1 disk to RAM ratio for search index supports deep histories !! Scalable CPU utilization •! Multi threaded architecture makes efficient use of multi core CPUs !! Optimized disk utilization •! Employs a dynamic disk seek algorithm that optimizes throughput under high load by dynamically trading off acceleration gain vs disk activity to mitigate thrashing BRKAPP-2005 © 2011 Cisco and/or its affiliates.

2008. Cisco Public 113 . 2003 R2.8 GHz dual core 2 GB 5 GB Windows Server 2003. or 2008 R2 !! See Appendix A of the Cisco WAAS Mobile Administration Guide for production server sizing and operating system guidelines BRKAPP-2005 © 2011 Cisco and/or its affiliates.Cisco WAAS Mobile Server Configurations !! Cisco WAAS Mobile is deployable on bare metal server or as virtual machine !! For 5-10 user evaluations: Minimum Configuration CPU System Memory (RAM) Disk Space Available for Delta Cache Operating System 1. All rights reserved.

Cisco WAAS Mobile and UCS
!! Industry’s Most Scalable Mobile Acceleration
Cisco WAAS Mobile Virtual Appliance
Evolve from hundreds to thousands of concurrent users

Cisco WAAS Mobile Server

Cisco UCS C-200M1

Unparalleled Throughput
600 Mbps LAN-side 200 Mbps WAN-side 100,000 TCP connections

Flexible Multi-Service Platform
Co-host Cisco WAAS Mobile with other applications

Cisco WAAS Mobile Clients
BRKAPP-2005 © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public

114

Cisco WAAS Mobile
Client Configurations

Supported CPU System Memory (RAM) Disk Space Available for Cache Operating System 750 MHz 512 MB 80 MB Windows XP, prior to SP2

Recommended Minimum 1.5 GHz 1 GB 1 GB Windows XP SP2, Vista, or Windows 7

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

115

Video Optimization

BRKAPP-2005

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Deploying WAAS AO’s Live Video RTSP AO: Edge Splitting !! Enable Video Accelerator !! Windows Media 9 or later !! Operates on RTSPT only !! Stream Splitting occurs at the edge !! Auto-discovery puts intermediate engines into Pass Through !! ACNS/CDS origin configured with ‘wmt disallowclient-protocols rtspu mmsu’ to force TCP use !! Option to TCP optimize or drop unaccelerated streams !! Support for Windows Media Logs WAAS WAN ACNS Live Video Source BRKAPP-2005 © 2011 Cisco and/or its affiliates. Cisco Public 117 . All rights reserved.