Guest

Cisco AVS 3100 Series Application Velocity System

Cisco AVS 3110 Application Velocity System

  • Viewing Options

  • PDF (194.9 KB)
  • Feedback
DATA SHEET

The Cisco AVS 3110 Application Velocity System is an enterprise data center appliance for improving HTML- and XML-based application performance, measuring end-user response time, and managing application security (Figure 1). It is a complete enterprise application delivery solution for all Web-based (HTTP/HTTPS) HTML and XML enterprise applications. It offers the industry's best set of optimizations that mitigate network latency, reduce bandwidth requirements, and offload servers (Figure 2). The optimizations have an immediate impact on any application and integrate smoothly with any Web front end. Configuration flexibility is assured with detailed rules-based control, pre-built application templates, and comprehensive best practices. No changes to applications, desktops, or servers are required. Cisco AVS 3110 appliance can be rapidly deployed in any environment and can uniquely control and optimize content delivery at the application layer (Layer 7 of the OSI stack). The Cisco AVS 3110 Application Velocity System includes the Condenser Application Accelerator, AppScreen Web Application Firewall, AppScope Monitor, and Management Console. The system supports clustering for high availability and scalability.

Figure 1.

ARCHITECTURE

The architectural approach behind the Cisco AVS 3110 Application Velocity System is open and standards-based. It is focused on a data-center-centric, one-box approach (or asymmetric approach) for acceleration and security, with an agentless architecture for measuring end-user response times. The design concept is "one page, one packet, one traversal." At the core of the Cisco AVS 3110 solution is a full Layer 7 reverse proxy that provides a comprehensive HTML and XML processing engine. This engine not only processes all application content, but also provides for optimization and control at the application and session levels. Unlike systems built on packet-based processing, it can optimize across individual sessions and dramatically improve the way that your applications perform on the network.

Figure 2.

DEPLOYING THE APPLICATON VELOCITY SYSTEM IN THE ENTERPRISE

Deploying the Cisco AVS 3110 in the enterprise typically involves a data center installation behind the firewall and between the desktop/user and the server. It requires no changes to the desktop, applications, or servers. It is easy to install, configure, and manage.

Figure 3.

Condenser Application Accelerator Module

Cisco AVS 3110 Condenser Accelerator Module benefits fall into three categories-network latency mitigation, bandwidth reduction and optimization, and server offload capabilities (Figure 3). The condenser tackles latency, which is one of the largest network bottlenecks. By transforming the browser's own cache into a dynamic "engine", the condenser significantly reduces the amount of data required to complete a page load or transaction while reducing the overall number of network roundtrips required. As a result, less data is being transferred less often-with no changes to clients and applications.

NETWORK LATENCY MITIGATION

Using patented techniques such as FlashForward and Smart Redirect, the condenser can perform user requests at high LAN speeds instead of WAN speeds, which are prone to latency. This typically results in a 200 to 500 percent improvement in response times.

BANDWIDTH REDUCTION

The Cisco AVS 3110 Condenser Accelerator Module enables your company to realize a 70 to 90 percent typical reduction in bandwidth usage. (Figure 4). The result is a dramatic reduction in bandwidth costs, a delay or elimination of network upgrade expenses, and an overall improved end-user experience.

Figure 4.

SERVER OFFLOAD

With the Cisco AVS 3110 Condenser Accelerator Module, your organization can obtain an 80-percent typical reduction in server cycles, greatly increasing the effective capacity in your data center. In addition to better overall performance, you can also delay or reduce server purchases and minimize application licenses.

Figure 5.

Table 1 lists the features and benefits of the Cisco AVS 3110.

Table 1. Features and Benefits of the Cisco AVS 3110

 

Features

 

Impact

 

Benefits

 
Network Latency Mitigation
• Request aggregation
• Browser cache management
• Browser TCP multiplexing
• PDF download optimization
• Response redirection control

2-5X typical improvements in response time

Dramatically improve end-user performance

Request aggregation Browser cache management Browser TCP multiplexing PDF download optimization Response redirection control 

2X-5X typical improvements in response time

 
Network Optimization
• Delta encoding
• Dynamic browser caching
• Dynamic image optimization (JPG, GIF, PNG)
• Gzip/DEFLATE compression
• Flexible processing rules

70-90 percent typical reduction in bandwidth use

• Reduce bandwidth costs
• Delay or eliminate network upgrades
• Better end-user performance
• Delta encoding
• Dynamic browser caching Dynamic image optimization (JPG, GIF, PNG) Gzip/DEFLATE compression Flexible processing rules

70-90% typical reduction in bandwidth use

• Reduce bandwidth costs  
• Delay or eliminate network upgrades Better end-user performance
Server Offload
• Configurable dynamic caching
• Load-based caching
• Lazy request evaluation
• Single sign-on optimizations
• TCP connection multiplexing
• Secure Sockets Layer (SSL) offload and acceleration
• Static caching
• XML offload

80 percent typical reduction in server cycles

• Delay or reduce server purchases
• Minimize application licenses
• Better performance
• Configurable dynamic caching Load-based caching
• Lazy request evaluation Single sign-on optimizations TCP connection multiplexing SSL offload and acceleration Static caching
• XML offload

80% typical reduction in server cycles

• Delay or reduce server purchases
• Minimize application licenses Better performance

EASY DEPLOYMENT AND MANAGEMENT

In addition to outstanding performance, the Cisco AVS 3110 Condenser Accelerator Module offers your enterprise industry-leading deployment and management features that both automate mundane tasks and enable IT personnel to easily track network performance with comprehensive reports. Specific features include:

• Condenser auto-installer enables quick and easy deployment with a simple one-command system installation process.

• Graphical reports that enable IT personnel to easily quantify condenser-enabled bandwidth usage reductions (Figure 4).

• Graphical reports that enable IT personnel to easily quantify Condenser throughput (Figure 4).

• The condenser's Simple Network Management Protocol (SNMP) MIB enables SNMP-based condenser management that is compatible with BMC Patrol, IBM, Tivoli, HP OpenView, and others. It also reduces the time and costs associated with management tasks.

• Browser-based administration enables browser-based condenser monitoring to ease management tasks.

• Condenser transaction logging provides access to Web data statistics for traffic accounting and data mining applications.

• Support for multiple URLs and domains enables multiple applications to be handled simultaneously.

• Intelligent data inspection optimizes the condenser's efficiency for maximum application acceleration.

APPSCREEN WEB APPLICATION FIREWALL

The Cisco AVS 3110 AppScreen Web Application Firewall (AppScreen) provides "day-zero" protection using a rule-based, policy-driven approach. This integrated approach offers complete flexibility and helps secure your application infrastructure (even encrypted SSL transactions) from entire classes of HTTP and HTTPS-based threats. AppScreen provides protection against entire classes of attacks, unlike signature-based protection, which handles only specific, known threats, or learned-rules-based protection, which requires an extensive training phase.
Security is always a priority within the enterprise. Yet while network firewalls and intrusion prevention systems protect against network-layer attacks, they do little to prevent application-layer attacks, including worms and other intrusions. These attacks can easily exploit the vulnerabilities found in both the enterprise infrastructure and the applications themselves. AppScreen delivers application protection against classes of attacks right out of the box, with preconfigured rules and policies. AppScreen can be rapidly deployed across applications and via customized rules and policies, without requiring staff to be trained on its management.

Figure 6. Graphical Summary of Incidents by Severity

Day-Zero Protection

Traditional virus checking and signature-based solutions must generally download signatures (definitions) of known viruses in order to defend the system, leaving enterprises vulnerable. AppScreen offers day-zero security, automatically protecting against complete classes of vulnerabilities. Out of the box, AppScreen provides:

• Binary blocking

• Cross-site script blocking

• Directory traversal blocking

• SQL injection blocking

• File upload blocking

Full Content Inspection-Enabled-AppScreen scans and analyzes all HTTP and HTTPS requests. Network firewalls normally only look at the TCP header and about 16K of information; this packet-centric approach does not have content awareness or application awareness. AppScreen's stateful inspection (having awareness of the application state based on content matching) enables a deeper inspection than packet-level information like TCP headers.
Simple, Policy-Driven, Rule-Based Management-AppScreen uses XML to allow administrators to set actions and notifications upon rule matches, at both the global and application-class level, including blacklist and whitelist behaviors. AppScreen even provides additional policies (such as binary blocking) to supplement all standard rule matching.
Reports and Alerts-AppScreen provides graphical views of incidents by severity (Figure 6). It also includes SNMP interfaces allowing alerts published to enterprise management systems.
Customization with XML-AppScreen policies can be customized and enhanced using industry-standard XML.

APPSCOPE END-USER PERFORMANCE MONITOR

The Cisco AVS 3110 AppScope Monitor (AppScope) is the industry's only agentless, end-to-end application performance measurement solution. Installed in the data center, it provides a lightweight way for organizations to monitor, measure, and report end-user response times from a central location. AppScope measures the true application performance as realized by real end users-nothing is simulated. It breaks down response times into individual components that allow better allocation of IT resources and greatly reduce mean time to repair.

Figure 7. URL Trend Report

The unique proxy architecture of the Cisco AVS 3110 enables AppScope to measure not only the delivery time of both HTTP- and HTTPS-encrypted pages (there are no compromises between visibility and security), but also of embedded objects such as images, JavaScripts, and stylesheets. AppScope also accurately determines both the server delay and network delay components associated with the user experience.
Appscope is agentless and transparent, requires no changes to the application or the desktop ("drop-in" deployment), and provides both business-level and process-level aggregation. AppScope's unique statistical traffic-sampling technology enables your company to sample user requests rather than measuring all user requests-a tremendous savings in resources. This makes AppScope highly scalable for high-traffic applications.

GUI-Based Reporting

AppScope provides a sophisticated GUI-based reporting engine to efficiently track application performance. The reporting engine provides detailed graphical performance-monitoring results with full detail available for the following:

URL group-Analyze results for single and multi-URL transactions

Source IP address and group-Monitor results for a specific network client and groups of network clients

Source geography group-Monitor results for clients in distributed remote offices

Once generated, the monitor data is stored in a self-contained relational database for additional flexibility. IT personnel can then use reporting tools such as Crystal Reports, create custom performance-monitoring reports, or integrate the data with all NSM platforms. There is also a wizard-based transaction builder and full support for enterprise management systems, including BMC Patrol, IBM Tivoli, and HP OpenView.

System Specifications

Table 2 provides system specifications for the Cisco AVS 3110

Table 2. Specifications

Chassis

1U appliance

Memory

2 GB

CPU

3 GHz

Bus speed

800 MHz FSB

Panel display

Front-panel power/reset switch and front-panel LCD keypad

 

One PCI expansion slot

Disk space

Two Seagate ST3200822A 200-GB ATA hard disk

Network ports

Two RJ-25 10/100/1000 autosensing Ethernet ports

Certification

CE FCC UL TUV certified

Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 	205298.I_ETMG_KL_7.05Printed in the USA Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 	205298.I_ETMG_KL_7.05Printed in the USA