Guest

Cisco AVS 3100 Series Application Velocity System

Cisco AVS 3120 Application Velocity System

  • Viewing Options

  • PDF (154.9 KB)
  • Feedback
DATA SHEET

The Cisco® AVS 3120 Application Velocity System is an enterprise data center appliance for improving Web application performance, measuring end-user response time, and enforcing application security. It is a complete enterprise application delivery solution for all enterprise Web applications, accelerating the application experience for all users, whether they are in the office or on the road.

The Cisco AVS 3120 offers the industry's best set of optimizations (Figure 2), including:
1. Network latency mitigation
2. Bandwidth reduction
3. Server processing offload
The optimizations have an immediate impact on any application and integrate smoothly with any Web front end. No changes to applications, desktops, or servers are required. Cisco AVS 3120 appliances can be rapidly deployed in any environment and can uniquely control and optimize content delivery at the application layer (Layer 7 of the OSI stack). The Cisco AVS 3120 includes the Application Accelerator Module and AppScreen Web Application Firewall. It can be configured and managed with the on-board, browser-based GUI management system or with the Cisco AVS 3180 Management Station (see the Cisco AVS 3180 data sheet).

ARCHITECTURE

The architectural approach behind the Cisco AVS 3120 Application Velocity System is open and standards-based. It focuses on a data-center-centric, one-box approach (or asymmetric approach) for acceleration and security, with an agentless architecture for measuring end-user response times. The design concept is "one page, one packet, one traversal." At the core of the Cisco AVS 3120 solution is a comprehensive Layer 7 Web application processing engine. This engine not only processes all application content, but also provides for optimization and control at the application and session levels. Unlike systems built on packet-based processing, it can optimize across individual sessions and dramatically improve the way that applications perform on the network.

Figure 1. AVS 3120 Architecture

DEPLOYING THE APPLICATION VELOCITY SYSTEM IN THE ENTERPRISE

Deploying the Cisco AVS 3120 in the enterprise typically involves a data center installation directly in front of the Web application servers. It requires no changes to the desktop, applications, or servers. It is easy to install, configure, and manage.

APPLICATION ACCELERATOR MODULE

Cisco AVS 3120 Application Accelerator Module benefits fall into three categories-network latency mitigation, bandwidth reduction, and server CPU offload.

NETWORK LATENCY MITIGATION

Using patented techniques such as FlashForwarding and Smart Redirect, the Cisco AVS 3120 reduces the latency at which a client accesses an application, which is one of the largest network bottlenecks. By transforming the browser's own cache into a dynamic "engine", the Cisco AVS 3120 significantly reduces the amount of data required to complete a page load or transaction by reducing the overall number of network roundtrips required. This typically results in a 200 to 500 percent improvement in response times for the client.

BANDWIDTH REDUCTION

The Cisco AVS 3120 Application Accelerator Module helps your company realize a 70 to 90 percent typical reduction in bandwidth usage ( Figure 2). The result is a dramatic reduction in bandwidth costs, a delay or elimination of network upgrade expenses, and an overall improved end-user experience.

Figure 2. Performance Improvement and Bandwidth Saving

SERVER CPU OFFLOAD

With the Cisco AVS 3120 Application Accelerator Module, your organization can obtain up to an 80-percent typical reduction in server cycles, greatly increasing the effective capacity in your data center. In addition to better overall performance, you can also delay or reduce server purchases and minimize application licenses.
Table 1 lists the features and benefits of the Cisco AVS 3120.

Table 1. Features and Benefits of the Cisco AVS 3120

 

Features

Impact

Benefit

Network Latency Mitigation
• Request aggregation
• FlashForwarding/browser cache management
• Browser TCP multiplexing
• PDF download optimization
• Response redirection control

2-5X typical improvements in response time

Dramatically improve end-user performance

Bandwidth Reduction
• Delta encoding
• Dynamic browser caching
• Dynamic image optimization (JPG, GIF, PNG)
• Gzip/DEFLATE compression
• Flexible processing rules

70-90 percent typical reduction in bandwidth use

• Reduce bandwidth costs
• Delay or eliminate network upgrades
• Improve end-user performance
Server CPU Offload
• Configurable dynamic caching
• Load-based caching
• Lazy request evaluation
• Single sign-on optimizations
• TCP connection multiplexing
• Secure Sockets Layer (SSL) offload and acceleration
• Static caching
• XML offload

80 percent typical reduction in server cycles

• Delay or reduce server purchases
• Minimize application licenses
• Improve performance

EASY DEPLOYMENT AND MANAGEMENT

In addition to outstanding performance, the Cisco AVS 3120 Application Accelerator Module offers enterprises industry-leading deployment and management features that automate mundane tasks and enable IT personnel to easily track network performance with comprehensive reports. Specific features include:

• Cisco AVS 3120 auto-installer enables quick and easy deployment with a simple one-command system installation process.

• Graphical reports enable IT personnel to easily quantify Cisco AVS 3120-enabled bandwidth usage reductions and Cisco AVS 3120 throughput

• The Cisco AVS 3120's Simple Network Management Protocol (SNMP) MIB enables SNMP-based management that is compatible with BMC Patrol, IBM, Tivoli, HP OpenView, and others. It also reduces the time and costs associated with management tasks.

• Browser-based administration enables browser-based Cisco AVS 3120 monitoring to ease management tasks.

• Cisco AVS 3120 transaction logging provides access to Web data statistics for traffic accounting and data mining applications.

• Support for multiple URLs and domains enables multiple applications to be handled simultaneously.

• Intelligent data inspection optimizes the Cisco AVS 3120's efficiency for maximum application acceleration.

APPSCREEN WEB APPLICATION FIREWALL

The Cisco AVS 3120 AppScreen Web Application Firewall (AppScreen) provides "day-zero" protection using a rules-based, policy-driven approach. This integrated approach offers complete flexibility and helps secure your application infrastructure (even encrypted SSL transactions) from entire classes of HTTP and HTTPS-based threats. AppScreen also provides protection against entire classes of attacks, unlike signature-based protection, which handles only specific, known threats; or learned-rules-based protection, which requires an extensive training phase.
Security is always a priority within the enterprise. Yet while network firewalls and intrusion prevention systems protect against network-layer attacks, they do little to prevent application-layer attacks, including worms and other intrusions. These attacks can easily exploit the vulnerabilities found in both the enterprise infrastructure and the applications themselves. The Cisco AVS 3120 AppScreen delivers application protection against classes of attacks right out of the box, with preconfigured rules and policies. AppScreen can be rapidly deployed across applications and via customized rules and policies, without requiring staff to be trained on its management.

Day-Zero Protection

Traditional virus checking and signature-based solutions must generally download signatures (definitions) of known viruses in order to defend the system, leaving enterprises vulnerable. The Cisco AVS 3120 AppScreen offers day-zero security, automatically protecting against complete classes of vulnerabilities. Out of the box, AppScreen provides:

• Binary blocking

• Cross-site script blocking

• Directory traversal blocking

• SQL injection blocking

• File upload blocking

Full Content Inspection-Enabled-The Cisco AVS 3120 AppScreen scans and analyzes all HTTP and HTTPS requests. Network firewalls normally only look at the TCP header and about 16 KB of information; this packet-centric approach does not have content awareness or application awareness. AppScreen's stateful inspection (having awareness of the application state based on content matching) enables a deeper inspection than packet-level information like TCP headers.
Simple, Policy-Driven, Rules-Based Management-The Cisco AVS 3120 AppScreen uses XML to allow administrators to set actions and notifications upon rule matches at both the global and application-class levels, including blacklist and whitelist behaviors. AppScreen even provides additional policies (such as binary blocking) to supplement all standard rule matching.
Reports and Alerts-The Cisco AVS 3120 AppScreen provides graphical views of incidents by severity (Figure 3). It also includes SNMP interfaces, allowing alerts to be published to enterprise management systems.
Customization with XML-Cisco AVS 3120 AppScreen policies can be customized and enhanced using industry-standard XML.

Figure 3. Graphical Summary of Incidents by Severity

APPSCOPE END-USER PERFORMANCE MONITOR

The AppScope Monitor (AppScope) is the industry's only agentless, end-to-end application performance measurement solution. The AppScope management client and database run on the Cisco AVS 3180 Management Station Appliance (see AVS 3180 data sheet). AppScope obtains performance data by polling performance measurement data from the Cisco AVS 3120 appliance. AppScope performance monitoring provides a lightweight way for organizations to monitor, measure, and report end-user response times from a central location. AppScope measures the true application performance as realized by real end users-nothing is simulated. It breaks down response times into individual components that allow better allocation of your IT resources and greatly reduce mean time to repair.

Figure 4. URL Trend Report

The unique proxy architecture of the Cisco AVS 3120 enables AppScope to measure not only the delivery time of both HTTP- and HTTPS-encrypted pages (there are no compromises between visibility and security), but also of embedded objects such as images, JavaScripts, and stylesheets. In addition, AppScope accurately determines both the server delay and network delay components associated with the user experience. Agentless and transparent, AppScope requires no changes to the application or the desktop ("drop-in" deployment) and provides both business-level and process-level aggregation. AppScope's unique statistical traffic-sampling technology enables you to sample user requests rather than measuring all user requests-a tremendous savings in resources. This makes AppScope highly scalable for high-traffic applications.

GUI-Based Reporting

AppScope provides a sophisticated GUI-based reporting engine to efficiently track application performance. The reporting engine provides detailed graphical performance-monitoring results with full detail available for the following:

• URL group-Analyze results for single- and multi-URL transactions

• Source IP address and group-Monitor results for a specific network client and groups of network clients

• Source geography group-Monitor results for clients in distributed remote offices

Once generated, the monitor data is stored in a self-contained relational database for additional flexibility. IT personnel can then use reporting tools such as Crystal Reports, create custom performance-monitoring reports, or integrate the data with all Network and System Management platforms. AppScope also provides a wizard-based transaction builder and full support for enterprise management systems, including BMC Patrol, IBM Tivoli, and HP OpenView.

System Specifications

Table 2 provides system specifications for the Cisco AVS 3120 Application Velocity System. Table 3 provides system specifications for the Cisco AVS 3180 Management Station.

Table 2. Cisco AVS 3120 Application Velocity System Specifications

Software

Application Accelerator Module, AppScreen Web Application Firewall, and GUI single-device management. Both the Cisco AVS 3120 appliance and the Cisco AVS 3180 Management Station are required for AppScope performance monitoring.

Chassis

1-RU appliance

Memory

4 GB

CPU

3 GHz

Network Ports

One available RJ-25 10/100/1000 autosensing Ethernet port for inline traffic. One available RJ-25 10/100/1000 autosensing Ethernet port for management. Three additional Ethernet ports are inoperable and will be used in future software releases.

Table 3. Cisco AVS 3180 Management Station Specifications

Software

Cisco AVS AppScope Monitor performance monitoring client. Both the Cisco AVS 3120 appliance and the Cisco AVS 3180 Management Station are required for AppScope performance monitoring. GUI device management for one or more Cisco AVS 3120 appliances.

Chassis

1U appliance

Memory

4 GB

CPU

3.2 GHz

Disk Space

Two 200-GB hard disks

Network Ports

One available RJ-25 10/100/1000 autosensing Ethernet port. One additional Ethernet port is inoperable and will be used in future software releases.

Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 	205417.G_ETMG_JH_10.05Printed in the USA Text Box:  Corporate HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-4000	800 553-NETS (6387)Fax:	408 526-4100	European HeadquartersCisco Systems International BVHaarlerbergparkHaarlerbergweg 13-191101 CH AmsterdamThe Netherlandswww-europe.cisco.comTel:	31 0 20 357 1000Fax:	31 0 20 357 1100	Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAwww.cisco.comTel:	408 526-7660Fax:	408 527-0883	Asia Pacific HeadquartersCisco Systems, Inc.168 Robinson Road#28-01 Capital TowerSingapore 068912www.cisco.comTel: +65 6317 7777Fax: +65 6317 7799Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed onthe Cisco Website at www.cisco.com/go/offices.Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica · Croatia · Cyprus Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal Puerto Rico · Romania · Russia · Saudi Arabia · Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan Thailand · Turkey · Ukraine · United Kingdom · United States · Venezuela · Vietnam · ZimbabweCopyright  2005 Cisco Systems, Inc. All rights reserved. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, TeleRouter, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) 	205417.G_ETMG_JH_10.05Printed in the USA