Cisco Application Networking Services Modules

Application Visualization, Control, and Delivery of Services with Cisco AON

  • Viewing Options

  • PDF (293.5 KB)
  • Feedback


Until recently, IP networks have transported traffic without regard to the content they are carrying. But with the explosion in next-generation services that rely on an IP network for access and delivery, service providers see an opportunity to gain new revenue sources based on their unique position as providers of both services and the underlying network. To maximize this opportunity, operators need to understand more about the content of the traffic on their networks, not only at the packet level but also at the much higher application level. This paper looks at application-oriented networking (AON), a new technology that lets operators reassemble application messages from the packets passing over their networks and use that message content to support delivery of next-generation services. AON works in real time, transparently to applications themselves, and provides a level of message awareness formerly only available in IT middleware.

Key Trends in Next-Generation Service Delivery

To deliver next-generation IP services to consumers while meeting their own and regulatory policies, operators need a good deal of information about their subscribers; moreover, they need this information in real time, whenever the subscriber sends a service request. For example, operators need to understand who subscribers are and be able to pass this identity data on to the service. Service providers need to look up subscribers' permissions and the state of their accounts to check their entitlement to a particular service. And recognizing the device a customer is using to access a service is key to delivering it with the right quality of user experience. If a customer is sending an HTTP message from a handheld device, for example, operators need to ensure an appropriate Web browsing experience. Understanding whether a customer is asking to access a messaging server or a content-based application such as video on demand gives operators valuable information they can use for purposes ranging from bandwidth management to the sales and marketing of new services.
The number of application messages sent over networks is set to soar. At the same time, many new message types are appearing. New applications, such as the Mini Opera browser for mobile phones or video-on-demand systems supporting the Real Time Streaming Protocol (RTSP), are adding to the long list of message formats operators must support if they are to understand, classify, and control application-level traffic in their networks. In the business-to-business market, networks carry mission-critical business application messages, such as SAP transactions between companies in a supply chain or financial trades between investment banks. If operators understand the range of messages flowing across their infrastructure, they can add value by carrying out important tasks on a business's behalf, such as transforming messages into a format the company's partner will understand, intelligently routing messages according to business-specific policies, or monitoring and recording messages to provide an audit trail.

Understanding Application Messages: Middleware Meets the Network

Operators realize that an ability to classify and control message traffic is critical to their ambitions to become next-generation service providers. However, the means they are currently using to understand application messages are complex, inflexible, and costly in terms of both performance and maintenance.
Current solutions rely on general-purpose servers or on custom-made systems that take packets off the wire, reassemble them into messages, and pass them to software that performs functions on them. These functions include the insertion of MSISDN identity information into an HTTP request header, image compression, or adult content checking. But the processing involved in the server operating system, middleware, and application software adds considerable latency. If an operator wants to perform several functions in sequence, this latency multiplies for each function. Typically such solutions are unselective, forcing all messages to pass through all functions, and inflexible, leaving operators unable to orchestrate the route messages take through functions. Operators would want a policy-driven process that sends message requests from subscribers under 18, for example, through the adult content filter first, before applying other functions such as image compression.
Some operators have chained these functions, or service proxies, together using physical cables in their data centers. This approach is likely to become increasingly unsustainable as the number of service proxies and message types grow. Each new function to understand or manipulate a new message type used by a new service would require more hardware, software, and cabling. And scaling operations to meet new performance and availability demands would add to maintenance bills and operational costs.
Essentially, AON carries out the functions found in the bottom half of the middleware stack: it is a stateless mediation, monitoring, and enforcement point that understands network protocols and application messages. In contrast to a traditional software-only product built upon a general-purpose server, AON can use specialized hardware to accelerate common messaging functions (such as encryption, XML parsing, and XML validation), and some customers have shown 5-10 times end to end performance improvements over conventional server based middleware for multi-step message interactions.

Figure 1. Preferential Service for Wireless Customers Using AON for Message Enrichment

AON can be implemented as a transparent proxy, such that messages destined for an application can be intercepted en route. An AON approach, which would consolidate functions shown in Figure 1, will allow an operator to apply policies and business rules without making changes to existing applications. The benefit is that new services can be deployed with minimal effort and reduced risk.
AON can also take copies of messages as they flow across the network without slowing down the originals, that is, with zero latency. And AON has all the flexibility of a message bus: once configured with an operator's policies, it can be programmed to apply them in an orchestrated way using a graphical process modeling tool. The power of AON for next-generation service providers is that it supports their business process models within the fabric of the network.
AON provides a single, high-performance enforcement point for all the functions operators want to apply to application-level service requests, both today and in the future. It offers a extensible mechanism for messaging classification and control, and it enables operators to reduce cost and complexity in their data centers by replacing multiple general-purpose servers and point appliances with a single box. The choice of AON form factors means that an AON blade can easily be inserted within an operator's existing Cisco ® Catalyst ® switches or operate as a standalone appliance. Cisco intends for its AON solution to encompass the full spectrum of traffic classification capabilities an operator needs, from packets to messages.

The Business Case for Application-Oriented Networking

A large operator that wants to provide a range of new products and tiered services to attract new customers may have multiple service proxies engaged in applying message-level functions to network traffic. These may carry out antivirus checking, adult content checking, and URL filtering, for example. However, the operator faces a number of challenges:

• Each time it wants to add a new service proxy, it may need to recable its data center and route all its traffic through the new proxy.

• It must keep ahead of new technologies, such as Mini Opera, that can be used to bypass its policies on adult content checking, for example.

• It is forecasting a massive increase in the traffic carried by its network over the next two years.

To remain competitive in the short term, the operator will need to make a large investment to scale up its hardware, software, and cabling infrastructure to support the future services it wants to offer, increased traffic throughput, and the policies it wants to apply.
With an AON solution, the operator can do away with much of the hardware, software, and cabling it needs to run service proxies (see Figure 2). AON can understand any message format entering the network and orchestrate the routing of individual messages through the appropriate functions. AON can take an HTTP service request, for example, manipulate the header to insert the MSISDN information, and pass the message on to a content filtering engine. With its policy-driven knowledge of the subscriber, it can selectively invoke image compression services (for example, if the subscriber is a premium customer). While the HTTP request and responses are underway, AON intercepts the associated RADIUS accounting messages and uses this information in two ways. First, it caches the RADIUS information to avoid a new RADIUS server lookup for the subscriber's next HTTP request. In a scenario with multiple HTTP requests, this feature can save hundreds of milliseconds of latency. Second, when AON receives a stop message from the RADIUS server, it understands that the user session has finished and can instruct the firewall to shut down the relevant port. This prevents IP spoofing and revenue fraud.

Figure 2. AON Abstracts Message Handling Infrastructure Logic

AON provides an inherently simple architecture requiring considerably less capital expense to build out and low operational costs. In the large operator's case, deploying an AON solution is a fraction of the cost of scaling up its data center infrastructure. The operator also gets more performance for its money: an AON appliance can handle up to 3000 HTTP transactions per second, well beyond the capabilities of hardwired service proxy solutions. At the same time, it is much easier and quicker to introduce new services into the network by modeling them in AON's graphical policy enforcement environment than by physically rewiring a data center and deploying a new server. Services can be deployed using AON in hours rather than weeks. In the future, further cost savings should be possible with AON as it expands its range of generic functions beyond message routing, transformation, and monitoring to include, for example, image compression and content filtering.

Application-Oriented Networking is the Future

Operators need their middleware to work harder and faster than ever before in support of next-generation service delivery. Conventional, software-based ways of understanding application messages and applying new service functions to them won't suffice in the next-generation environment, where message volumes and services are expected to grow exponentially. The network is already transporting messages; it is only a small further step to enable the network to understand those messages and perform a wide set of functions on them as they flow past. The network inherently provides a low-latency, low-cost environment in which to manipulate application messages, and AON offers service providers a powerful and compelling tool with which they can outmaneuver their competitors in a next-generation world.

Application-Oriented Networking can Simplify Your Integration Needs

For more information about the Cisco AON platform, visit, email, or contact your local Cisco account representative.