As companies turn to content networking technologies to deliver information and services to their customers, the need to manage and administer this unique and rigorous environment is rising. Designed to better enable companies to manage their content networking, CiscoWorks Hosting Solution Engine (HSE) proactively manages the availability of data center infrastructure for Layer 4-7 network services.
CiscoWorks HSE is a complete and self-contained network management software package preloaded on a network appliance that helps operators to monitor, activate or suspend, and configure load-balancing services in data centers based on Cisco Systems® equipment using a unified Web interface. As part of the Cisco® Enterprise Data Center Architecture, CiscoWorks HSE helps you to protect, optimize, and increase your business by providing up-to-date fault and performance information about the network infrastructure plus Layer 4-7 load-balancing services. The Cisco 1140 hardware appliance, which is one-rack-unit (1-RU) high, runs CiscoWorks HSE and allows it to be conveniently deployed on the same rack with other Cisco e-business networking devices or with the data center operations devices, whichever matches your particular operations model.
CiscoWorks HSE provides an access security model that facilitates delegation of authority and responsibility for operations, administration, and monitoring of Cisco load-balancing devices, including activation and suspension of selected load-balanced servers. CiscoWorks HSE automatically discovers the data center infrastructure and then can immediately begin collecting statistics and management information, providing a current snapshot of the managed environment. CiscoWorks HSE provides up-to-date information for operational staff to easily pinpoint the source of a problem. CiscoWorks HSE is a manageable device with a full Cisco Discovery Protocol implementation and supports Cisco MIB II. Table 1 lists features and benefits of Cisco HSE.
Table 1. Features and Benefits
Flexible user security model with granular, tiered user access to content switches
Removes unnecessary overhead between network administrators and server managers to increase productivity of all operational staff; allows administrative tasks to be securely delegated without granting full device access
Configuration and activation of Layer 4-7 e-business services
Provides productivity gains for server managers by offering daily management features such as taking Web servers in and out of service, graceful shutdown, and changing weight; provides ability to perform simultaneous configuration access to multiple devices at one time
Up-to-date, at-a-glance fault and performance monitoring of data center infrastructure
Saves time and resources in daily operations through an optimized operational GUI to monitor Cisco infrastructure
Proactive Layer 4-7 e-business service monitoring
Saves time in troubleshooting e-business availability and the application traffic distribution among Web servers
Web-based, lightweight, secure GUI with easy customer view personalization and reporting
Generates incremental revenue for managed service providers with one-stop customer service management
Fault event notifications for user-defined threshold crossing alerts through syslog, trap, or e-mail
Provides upper-layer network management systems and operations support systems integration for analysis
CiscoWorks HSE is ideal for enterprise and service providers that implement Cisco content switches such as the Cisco Content Services Switch (CSS) and Cisco Catalyst® 6000 Series switches with Content Switching Module (CSM). These customers range from data center infrastructure providers, application service providers, large enterprises, to e-business data centers and small and medium-sized enterprises.
Key Features and Benefits
CiscoWorks HSE offers the following key features:
• A granular user access model (Role-Based Access Control) is used to partition network resources for Layer 4-7 services and switch ports, as well as authorize user group access to individual application services with their actions logged for auditing.
• Delegated activation and suspension of Virtual IP addresses (VIPs), real servers, and services eliminates any need for server administrators to have network topology or operations knowledge, with access controlled by Role-Based Access Control.
• Robust Layer 4-7 service configuration of content switches, including virtual servers, real servers, and content owners and rules is provided by secure Web-based GUI. Eliminating the need to use the command-line interface (CLI) helps enable common configuration of devices for standardization of policies.
• Enhanced configuration support for server load balancing tasks such as on the Cisco Content Services Switch for VIP redundancy and on Cisco Catalyst 6000 Series switches with CSMs for CSM redundancy. Support for creation of policy maps to help set up content probing, validate proper configuration, and specifically set policies for cookie, URL, and session maps.
• Secure Sockets Layer (SSL) proxy services are monitored and reported on the Cisco Catalyst 6000 Series with SSL service modules and Cisco Content Services Switch.
• Near-real-time flexible fault and performance monitoring of a select set of Cisco routers, switches, Cisco PIX® security appliances, Cisco content engines, Cisco content switches, and Layer 4-7 services can be done in Cisco technology-based data centers.
• The secure Web-based GUI facilitates easy customer view/report personalization and historical data reporting.
• It is easy to create filters, make predefined groups, and perform rapid searches to make selections of one or a set of devices and services, enabling quick and easy administration even in environments with thousands of managed objects.
• Upper-layer NMS/OSS integration includes syslog, trap, and e-mail notifications as well as Extensible Markup language (XML) export of historical data.
CiscoWorks HSE has a flexible user security model that allows it to be used as a dedicated resource or shared by many customers. Within CiscoWorks HSE, domains can be defined to include a specified subset of devices, interfaces, and Layer 4-7 services in the managed data center that is accessible only to users with rights to that domain. For example, one Cisco Content Services Switch and a pair of Web servers can be grouped under a domain for a particular application or customer. Through user assignment of rights, only users with rights to that domain can see the existence and act on the devices and services in that group. Similarly, within CiscoWorks HSE user roles define granular access to various features offered by CiscoWorks HSE. For instance, a server manager user role has access to Layer 4-7 monitoring, service activation, and service configuration functionality. By combining the assignment of users to specific roles and domains, a specific customer's server manager account can be limited to only this customer's domain with the granted server manager user role.
Users are authenticated either by local accounts created on CiscoWorks HSE or by common remote authentication methods such as TACACS+, RADIUS, Lightweight Directory Access Protocol (LDAP), or Active Directory (AD). Using one of the common remote authentication methods can greatly simplify administrative work and allows CiscoWorks HSE operations to be integrated to existing access security methods. CiscoWorks HSE uses 128-bit full encryption Secure Sockets Layer (SSL) connections between its platform and the client Web browser for secure communications with users. Authorized users can monitor, activate, and configure Layer 4-7 services remotely, even through firewalls. In addition to the Web-based GUI, CLIs like that of Cisco IOS® Software provide direct console, Telnet, or Secure Shell (SSH) Protocol access to CiscoWorks HSE.
To complete the security environment, CiscoWorks HSE also records the configuration changes that users make to devices into an audit log file. This helps ensure that a clear record of who changed what and when is maintained. This log is stored in a secure text file.
CiscoWorks HSE provides for delegation of activation and suspension of Layer 4-7 e-business services, such as taking Web servers in and out of service. Layer 4-7 e-business services with availability status are mapped to Web servers in a domain-limited listing so that users need not have knowledge of the content switch hierarchy. For a given (shared) physical Web server, CiscoWorks HSE also provides a mapping of all the virtual servers and content rules using the server. By using CiscoWorks HSE, before taking a server down, all its services can be disabled easily from one place instead of visiting all the affected virtual servers, content rules, and related configuration tasks. During activation and suspension tasks, a status monitor allows the operator to track in near-real time the effect of an action. Quick actions are provided for routine daily operational tasks.
CiscoWorks HSE provides up-to-date fault and performance monitoring of Cisco routers, switches, content engines, and content switches in Cisco-based data centers. Detailed system- and interface-level information provides users with quick problem identification, governed by user security. For example, the Device Status page lists all the data center network infrastructure devices available to a particular user, including detailed system-level information (such as device operational status, uptime, IP address, and CPU and memory usage) and interface-level information (such as interface operational status, utilization, drops, and errors). The Service Status page lists all the Layer 4-7 services available to a user along with detailed network service information (such as service status, virtual servers, content rules, content services, hits per second, and total connections).
Layer 2-7 faults that occur within the customer domain are highlighted in the Alarms page. Filtering and sorting by priority is available to view and act upon selected faults. This capability enables CiscoWorks HSE to effectively monitor network degradation and unavailability.
CiscoWorks HSE supports robust Layer 4-7 configuration of content switches. It supports redundant configuration of owners, content rules, services, virtual servers, real servers and their bindings on Cisco Content Services Switch and Cisco Catalyst content switching modules, as well as configuration of virtual servers, real servers, server farms, and their bindings for Cisco LocalDirector and Cisco IOS Software server load-balancing devices. Although it does not provide for every possible configuration task on these devices, it provides the bulk of those needed by operators implementing or modifying services.
CiscoWorks HSE supports monitoring and reporting of SSL proxy services on Cisco Catalyst 6000 Series switches with SSL Module and Cisco content services switches. It provides a view of the SSL proxy server list (such data as Virtual IP address, index number, port, RSA key, RSA certificate, DSA key, DSA certificate) and SSL statistics (such as connections attempted, connections completed, full handshakes, data failures, number of cipher alerts). This capability allows CiscoWorks HSE to provide reports on the SSL Module.
Personalized views and reports can be easily created and customized for each user, governed by user security. For example, a few specific Layer 4-7 services and a few specific interfaces can be singled out from a customer's domain to create a detailed view or report with attributes. Specific attributes of interest (tables and columns) from all the categories of monitored data (routers, switches, and content switches) can be grouped into a personalized view or report. These provide users with quick and easy access to critical information relevant to daily operations and can be shared with different users to simplify customer network management.
CiscoWorks HSE offers many predefined historical data reports for service hits, connections, CPU utilization, and so forth. Just as with personalized views, customized historical data reports can be built by selecting desired attributes based on customer domain. Reports can be run against a set of devices by selecting a report and specifying a time period. Reports can be configured to be e-mailed periodically, simplifying the tasks of distributing reports.
Reports are available in both tabular and graphic formats. These are based on the formats used by the Cisco Network Analysis Module (NAM) formats, simplifying the coordination for analysis of data from CiscoWorks HSE and Cisco NAM when both are used. CiscoWorks HSE can provide up to a few weeks of historical data depending on the level of reporting collection required. Administrators can specify both aggregation and truncation frequencies for the monitored data. Historical data and views can be exported in CSV/XML formats.
Table 2 lists product specifications and Table 3 provides ordering information for CiscoWorks Hosting Solution Engine.
Table 2. Product Specifications
Hard drive: One 40-GB IDE hard drive
CD-ROM drive: One CD-ROM drive
Disk drive: One 3.5 in., 1.44-MB disk drive
Serial: One 9-pin connector
RJ-45: Two RJ-45 connectors for connection to two 10/100 Ethernet controllers
AC power supply wattage: 230W
AC power supply voltage: 100 to 120V at 50 Hz; 200 to 240V at 60 Hz
System battery: CR2032 3V lithium coin cell
Height: 1.7 in. (4.3 cm)
Width: 16.7 in. (42.5 cm)
Depth: 22 in. (55 cm)
Weight : 23 lb (10 kg) maximum
Operating temperature: 50 to 95°F (10 to 35°C)
Storage temperature: -40 to 149°F (-40 to 65°C)
Operating relative humidity: 8 to 80% (noncondensing) with a humidity gradation of 10% per hour
Storage relative humidity: 5 to 95% (noncondensing)
Operating maximum vibration: 0.025g (half-sine wave) at a sweep of 3 to 200 Hz for 15 minutes
Storage maximum vibration: 0.5g at 3 to 200 Hz for 15 minutes
Operating maximum shock: Six consecutively executed shock pulses in the positive and negative x, y, and z axes (one pulse on each side of the system) of 41g for 2 ms
Operating altitude: -5 to 10,000 ft (-15 to 3048m)
Storage altitude: -50 to 35,000 ft (-16 to 10,600m)
To place an order, visit the Cisco Ordering Home Page. CiscoWorks HSE upgrades are available for download or through the Product Upgrade Tool at http://www.cisco.com/upgrade if you have an earlier version of CiscoWorks HSE. CiscoWorks HSE contains encryption technologies controlled by the U.S. government, and you will be prompted to apply for permission to access the encrypted files.
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco services help you to protect your network investment, optimize network operations, and prepare the network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, see Cisco Technical Support Services or Cisco Advanced Services.