A. Resilient services, extended to the wiring closet, help ensure network readiness and predictable performance for real-time collaborative and multimedia applications. They form the new requirement baseline for enterprise campus networks. They consist of high availability, security, application performance, and simplified operations.
Q. How does Cisco Systems
® deliver resilient services?
® has created technologies and products, and produced architecture and design guides, to help enterprises implement resilient network services in their campus.
Q. Why resilient services in the wiring closet?
A. Most networks are already prepared in the core and distribution layers, but making sure that the access layer (wiring closet) receives the same level of attention (strategic versus tactical) is critical for helping ensure consistency of these resilient services for real-time applications.
Q. What is the driver for resilient services?
A. The need for resilient services is driven by a new generation of applications: real-time communications applications.
WHAT'S NEW: REAL-TIME APPLICATIONS
Q. What are these new real-time applications?
A. A new generation of applications is being deployed on IP networks: real-time communications applications. These applications-for example, IP telephony, instant messaging, and desktop videoconferencing-require permanent network access to deliver their value. These communications services have previously been delivered by dedicated separate real-time communications networks such as text messaging services (pagers), telephony services (private branch exchanges [PBXs]), and dedicated meeting room conferencing systems.
Cisco Unified Communications include:
• IP telephony: Helps single-site and multisite enterprises use IP as a primary voice path.
• Cisco IP Contact Center software: Adds services such as intelligent contact management, real-time Web collaboration, and e-mail response management.
• IP audio- and videoconferencing: Maximize conference call flexibility by connecting people in different locations and time zones.
• IP video broadcasting: Provides an easy-to-manage, cost-effective network infrastructure for videoconferencing application deployment.
• Cisco Unified Communications software: Combines personal productivity management tools, such as unified messaging, rules-based call routing, and speech recognition, with IP telephony.
Q. Enterprises are deploying new applications. How does this affect me?
A. These new applications differ from the traditional data applications for which campus networks have been built. They are interactive and real time in nature. The traditional client-server network design is poorly suited to meet the needs of these new applications.
THE TRADITIONAL CLIENT-SERVER NETWORK DESIGN
Q. What is the traditional client-server network design?
A. Current campus networks have been designed for client-server applications. The client-server model is hierarchical, with clients making requests to a server-based application and data storage. Traffic patterns vary from less traffic at the edge to more dense traffic in the core caused by servers aggregated behind the core network.
Q. What are the characteristics of a client-server network design?
A. The client-server network design has the following characteristics:
• Hierarchical and server centric: Traffic flows only from desktop to server and back.
• Non real time: Small delays are acceptable.
• Centralized: Data and application processing mainly occurs in the data center.
• Created for data only: Voice, text messaging, and video services are provided on independent specialized networks.
Q. How are network services implemented in a client-server network design?
A. This model has called for the most valuable network services, such as high availability, security, and quality of service (QoS), to be concentrated closer to the servers, whereas fewer services have been utilized at the desktop. Many enterprises have been more strategic in designing their core layer and rather tactical when designing their access layer, or wiring closet.
Q. Can the traditional client-server network design support the new real-time applications?
A. A different campus network model is needed to support these new real-time applications. Campus LANs must be built with resilient services extended to the wiring closet in order to support such interaction-oriented applications in addition to traditional transactional applications.
THE NEW RESILIENT SERVICES NETWORK DESIGN
Q. What is the new resilient services network design?
A. The new resilient services network design requires intelligent services such as security, traffic management, and high availability to be extended to the access layer in the wiring closet. These new requirements make the availability of consistent network services business critical for all users of real-time applications.
Q. What are the characteristics of a resilient services network design?
A. The resilient services network design has the following characteristics:
• Any-to-any, server-assisted, or serverless: Traffic flows between client devices, whereas servers mostly provide control and authentication services.
• Real-time: Delays of any sort are unacceptable to real-time applications.
• Centralized and distributed: Data and application processing mainly occurs on the client side. Server assistance from the data center is typically control traffic.
• Created for multimedia: Voice, data, text messaging, and video services are all running on the same IP network.
Q. How are network services implemented in a resilient services network design?
A. To successfully deliver resilient services that will enable real-time applications, network designers must consider the entire campus network as a strategic system. As network managers look to provide consistent services end to end, the same principles applied in the core and distribution layers must be extended to the wiring closet. For instance, one such principle is the use of routing in the core and distribution to provide deterministic business continuity. A possible system design enhancement is to extend routing to the wiring closet through the use of routed access. Enterprises must now consider their access layer, or wiring closet, to be as strategic as their core or distribution layers.
Q. How can I assess if my wiring closet is ready for resilient services?
A. Properly evaluating the capabilities of the wiring closet can save time in the long run when extending resilient services throughout the campus network. Cisco and its specialized partners can help by performing a Discovery audit of the network and making design recommendations.
Q. What technologies are involved in delivering resilient services to the wiring closet?
A. The following are the primary technologies involved in delivering resilient services to the wiring closet. They include technology aces further described in the next section of this Q&A.
• Power over Ethernet (PoE): With the advent of Cisco IP Telephony, Cisco Systems innovated mechanisms whereby Cisco Catalyst® multiservice switches could deliver PoE using existing copper cabling to IP phones. The need to deliver 48-volt (V) power to IP phones over 10/100BASE-T Ethernet was driven by the requirement to support the basic features of traditional telephones. One critical requirement was the elimination of local power cords connected to the IP phone. Although originally developed to deliver power to IP phones, PoE is also relevant to other applications such as video surveillance cameras, digital signage, electronic badge readers, and even electric guitars. For example, magnetic card readers and magnetic door locks that allow personnel to be tracked for safety or security purposes by linking IP surveillance with a user's last known location can be powered using PoE.
• High availability: High availability helps ensure permanent service to real-time applications. To deliver high availability, network design must look at device-level (redundant elements), protocol-level (Enhanced Interior Gateway Routing Protocol [EIGRP]), and network-level (best practices architectures) reliability, including hardware redundancy, software modularity, and quick recovery from failures. The Cisco Catalyst switching product line offers complete and widely deployed solutions for these requirements. Routed access is a technology ace that contributes to high availability.
• Security: Today's attacks on organizations networks are more disruptive and expensive than ever, threatening productivity, customer service, and business continuity. A systemic management approach that defends against attacks and integrates security features into infrastructure products such as switches is fundamental to business operations. The Cisco Self-Defending Network provides comprehensive security systems and solutions to defend against the threats of now and the future. Cisco Network Admission Control (NAC) is a technology ace that contribute to the Cisco Self-Defending Network.
• Traffic management: Traffic management guarantees the appropriate performance for critical applications. The Cisco toolset includes Network-Based Application Recognition (NBAR), Layer 2 through 4 QoS, Cisco Express Forwarding (CEF), multicast, load balancing (EIGRP and Open Shortest Path First [OSPF]), and rate limiting, among others. Routed access is a technology ace that contributes to traffic management.
CISCO TECHNOLOGY ACES
Q. What is routed access?
A. A routed access solution uses routing protocols in the wiring closet to provide increased network availability for real-time applications and decreased network complexity, enabling better use of network administration resources and a standard set of configuration and troubleshooting tools to help ensure faster network implementation time and more timely resolution to network issues. By utilizing the intelligence and resiliency capabilities of Cisco routing protocols such as EIGRP, routing in the access layer or wiring closet delivers the mechanisms that enable a network to recover from failure in a deterministic way without having to fine tune multiple protocols or devices. Cisco EIGRP also delivers convergence times less than 200 milliseconds (ms) with fewer configuration commands for an industry-leading routed access solution. The inherent deterministic recovery from failure helps ensure that your network remains available for your critical communication applications.
Q. What is the value of routed access?
A. Routed access uses routing protocols such as EIGRP and OSPF in the wiring closet to provide increased network reliability and faster time to resolution for network issues. Cisco EIGRP delivers convergence times less than 200 ms with fewer configuration commands for an industry-leading routed access solution. The inherent deterministic recovery from failure helps ensure that your network remains available for your critical communication applications. Using one set of protocols for both the wiring closet and network core greatly reduces the complexity of troubleshooting issues within the network. Common tools used to troubleshoot network issues can be used across the entire network. Fewer protocols mean that there is less to get right in terms of configuration and management.
Q. What is Cisco NAC?
A. As employees travel between the "inside" and the "outside" of the network, they become the unknowing carriers of network viruses and worms. Cisco NAC is an industrywide collaboration led by Cisco to focus on limiting the damage caused by this type of security threat. Using NAC and Cisco Catalyst switches, administrators can restrict network access to only compliant and trusted endpoint devices (for example, PCs, servers, and personal digital assistants [PDAs]). NAC enables Cisco switches to enforce access privileges when an endpoint device attempts to connect to a network. This decision can be based on information about the endpoint device such as its current antivirus state and operating system patch level. NAC allows administrators to handle noncompliant devices in several ways: they can be denied access, placed in a quarantined area, or given restricted access to computing resources. NAC is part of the Cisco Self-Defending Network, a strategy to dramatically improve the network's ability to automatically identify, prevent, and adapt to security threats.
Q. What benefits does NAC provide?
A. NAC provides the following customer benefits:
• Dramatically improves security: NAC helps ensure that endpoints (laptops, PCs, PDAs, servers, and so on) conform to security policy in order to proactively protect against worms, viruses, spyware, and malware. It also helps organizations focus operations on prevention, not reaction.
• Extends existing investment: NAC provides broad integration with multivendor security and management software and enhances existing investments in network infrastructure and vendor software.
• Increases enterprise resilience: NAC provides comprehensive admission control across to prevent noncompliant and rogue endpoints from affecting network availability.
• Reduces operational costs: Reduces operating expenses related to identifying and repairing noncompliant, rogue, and infected systems.
BENEFITS OF CISCO RESILIENT SERVICES POWERING THE WIRING CLOSET
Q. Why do I need Cisco's resilient services in the wiring closet?
A. Enterprises are using new business-enhancing real-time collaborative applications and communications tools such as IP telephony, IP video, and multimedia conferencing. To address the requirements these applications are placing on the network, the prescriptive Cisco campus network design extends consistent resilient services throughout the campus network, all the way from the core layer to the wiring closet.
Q. What are the benefits of Cisco resilient services powering the wiring closet?
A. The benefits of Cisco resilient services powering the wiring closet are:
• Deterministic business continuity
• Security within the network
• Predictable application performance
• Simplification of network operations
Q. What Cisco Catalyst switches can be used to provide resilient services power in the wiring closet?
A. Cisco Catalyst 3560, 3750, 4500, and 6500 Series Switches can be used to implement a resilient services solution powering the enterprise wiring closet. All of these switches can provide PoE, routing, reliability, security, and traffic management for the wiring closet.
Q. How is Cisco different from other vendors?
A. Cisco differentiates itself from most other vendors by adopting a systems-level approach that integrates services throughout the infrastructure. Cisco resilient services are critical building blocks for the Cisco Service-Oriented Network Architecture (SONA).