Guest

Cisco Services Modules

Cisco ACE Application Control Engine Solution for High Availability

Hierarchical Navigation

Downloads

The Cisco® ACE Application Control Engine solution enhances application availability and uptime by solving challenges posed in today's application environments.

Overview

The Cisco ACE, part of the Cisco Application Networking Services (ANS) product portfolio, offers a very high level of application infrastructure control, application performance, application security, and infrastructure simplification while delivering high availability and redundancy for each physical and virtual device. This solution, targeted at enterprise and service provider customers, helps ensure the optimized and secure delivery of mission-critical application traffic while providing a highly available environment. This document describes the benefits of the Cisco ACE in a high-availability environment.

Challenge

Maintaining application uptime and availability is a major concern of information technology administrators. Many mission-critical applications require transparent failover that occurs in less than a second if a system becomes unresponsive. Applications must experience minimal, and preferably zero, downtime. Website and server uptime is important in helping prevent lost revenue and profit and helping ensure that interested viewers can access the customer Website or application without any interruptions, so that they will return to visit the site in the future. Users or visitors may not return again if the site is even occasionally offline, degraded, or inaccessible, engendering annoyance and loss of trust.
Enterprise systems must be able to detect any failure of servers or processes and dynamically mitigate the failure. In complex Web applications, verification of several layers of infrastructure (such as a Web server, application software, or database) on which a target server depends to complete its function may be desirable before requests are sent to that server. To determine that all pieces of application infrastructure are active and available, application switches need to provide flexible capabilities to test various types of servers. Active health checking is required to test the application server and not just the protocol layer.
Today network applications cross network segments, from the enterprise backbone, enterprise edge, and service provider edge, to the service provider core. All segments must recover from faults quickly enough to be transparent to users and network applications. A failure that is detected anywhere in the network can result in termination, interruption, or violation of service-level agreements (SLAs) for business-critical applications such as voice, e-commerce, storage area networking, workflow, trading, and point-of-sales processes. To minimize mission-critical application downtime and maintain the highest possible uptime and availability, information technology administrators must implement a solution that can mitigate any event, with no disruption to the viewer or user.

Business Benefits

The Cisco ACE highly available deployment provides all the elements needed to mitigate these challenges. The Cisco ACE solution offers the following major benefits:

• Scalability: The Cisco ACE allows scaling of applications and devices, and the scaling is transparent to the user. New applications can be added to the load-balanced pool, or a new service can be introduced without any disruption to the user.

• Health checking: The Cisco ACE provides active health checking by implementing a proactive health monitoring probe mechanism to help ensure high availability and increase the reliability of the application. This health monitoring mechanism can check the status of the application and remove an application server from the load-balanced pool if the application becomes unresponsive or fails to return the correct status code. The Cisco ACE sends messages to the servers and looks for certain expected results in return. Active health checking is useful for more complex types of verification, such as verification of the availability of the database that a particular Java Servlet relies on to perform its functions. In addition, scripting functions allow the operator to customize active health checking for applications for which preprogrammed capabilities do not exist. Active health checks are performed at regular intervals.

• Availability and reliability: The Cisco ACE Module uses a highly robust architecture consisting of multiple redundant network processors. The architecture provides separation of the control path and data path, helping ensure that device control and connection management are separated and that a high rate of load-balanced traffic will not affect health monitoring or high availability.

Solution

To maximize application availability, the Cisco ACE solution uses best-in-class Layer 4 load balancing and Layer 7 application switching algorithms coupled with highly available system software and hardware to offer many configuration options for intelligent failover and redundancy across physical and virtual devices and across data centers. The Cisco ACE solution offers an extensive set of application health monitoring probes that help ensure that traffic is forwarded to the most available server. In the event of a server failure, the Cisco ACE detects the failure and distributes traffic to the next most available server. The Cisco ACE allows servers to be added or maintained without service disruption. The Cisco ACE is designed to deliver high stateful redundancy at the physical and virtual device levels. The stateful redundancy feature of the Cisco ACE enhances the end-user experience by helping ensure that network services and applications are available regardless of device failure. Both connections and persistence information can be replicated between Cisco ACE physical devices.

• Virtual device redundancy: The Cisco ACE can be configured to provide redundancy between two Cisco ACE Modules in the same Cisco Catalyst® 6500 Series Switch chassis or in two different chassis. The Cisco ACE also supports redundancy between two appliance form factor devices. In contrast to traditional solutions, the Cisco ACE supports high availability at both the physical and virtual device levels. The Cisco ACE device can be partitioned into up to 256 virtual devices, each with its own configuration files, resources, and management interfaces. The Cisco ACE provides the flexibility to configure redundancy only for selected virtual devices. For example, if a customer has consolidated the production and development environments of an application on the same Cisco ACE device but allocated separate virtual devices for each application environment because of security and other concerns, the customer can configure the Cisco ACE device to provide redundancy only for production environment.

• Active-active redundancy: The Cisco ACE supports flexible active-active redundancy configuration between two physical and virtual devices. This setup allows customers to distribute workload between both physical Cisco ACE devices rather than use only one of the devices in active mode. Figure 1 shows two physical Cisco ACE devices configured with four virtual devices. In this example, the virtual devices are evenly distributed between the two physical Cisco ACE devices. The letters A, B, C, and D represent the active virtual devices, and the primed letters A', B', C', and D' represent standby virtual devices.

Figure 1. Physical and Virtual Device Redundancy

• Stateful failover: The Cisco ACE replicates flows on the active virtual device on the standby virtual device on a per-connection basis. The replicated flows contain all the flow-state information necessary for the standby virtual device to take over the flow if the active virtual device becomes unresponsive. If the active device becomes unresponsive, the replicated flow on the standby virtual device becomes active when the standby virtual device assumes ownership. The active flows on the formerly active virtual device transition to a standby state to fully back up the active flows on the newly active virtual device. Supported end-user applications do not need to reconnect to maintain the same network session during failover and failback. This stateful failover and failback redundancy feature of Cisco ACE provides transparent failover for applications without any effect on business during device failure.

• Tracking and failure detection: The Cisco ACE supports tracking and failure detection of several network items and performs transparent switchover from an active Cisco ACE physical or virtual device to a standby device if the tracked network devices become unresponsive. All active connections that exist at the time of the switchover continue uninterrupted on the new active device. When the failed tracked network device becomes available again, the Cisco ACE evaluates the priority between active and standby devices and performs transparent switchover to the original active device if the resulting priority of the standby device is greater than the priority of the active device. The Cisco ACE can be configured to track several network devices such as gateways or hosts, interfaces, and Hot Standby Router Protocol (HSRP) groups. For example, the Cisco ACE can track an HSRP group and perform transparent switchover from an active Cisco ACE device to a standby Cisco ACE device if the HSRP group is unresponsive. In this scenario, the Cisco ACE capability to track and switch over reduces traffic on the Inter-Switch Link (ISL) between two distribution layer switches.

Intelligent Networking

Cisco ANS products deliver application infrastructure functions as network-based services. The Cisco ACE helps simplify enterprise application deployment, integration, and management by providing common infrastructure capabilities directly within the network, creating an intelligent network that can understand application messages (such as voice calls, video conferencing, purchase orders, delivery notices, and stock trades) and apply policies such as those for routing, transformation, and security. Cisco ACE technology helps enterprises make the transition from an application-centric view to a service-oriented architecture that uses the network's inherent capabilities to reduce complexity and improve scalability, delivering superior customer experience.

Why Cisco?

Cisco has been instrumental in development of high-availability standards and is a pioneer in the delivery of business application switching infrastructure and services. Cisco ANS is a unified portfolio of data center and wide-area solutions that secure, scale, optimize, and accelerate the delivery of internal- and external-facing applications. These products are comprehensively supported by a global network of Cisco field personnel and partners, online support, certified training programs, open discussion forums, and equipment replacement in as little as 4 hours.

For More Information

For more information about Cisco Application Networking Services, Cisco data center solutions for Cisco ANS, and Cisco ACE, visit http://www.cisco.com/go/applicationservices or contact your local Cisco account representative.