In today's business environment, intense competition and time-to-market pressures are prompting enterprises to look for new IT solutions that can help them better respond to market and customer demands. Consumers want new products and service offerings-and they want them fast. They also demand improved customer service, enhanced customization flexibility, and greater security, all at a lower cost.
In response, business executives are directing IT organizations to either modernize their network infrastructure or implement strategic applications that allow them to meet new demands. But while chief information officers typically understand the need to adopt one or both of these strategies, they are constantly challenged by the complexity and the inflexibility of the prevailing IT environment. In a typical enterprise, the IT infrastructure encompasses hundreds of applications that are isolated from each other in various networks and data centers. These applications often run on multiple, separate platforms, each fulfilling a specific, narrow function with limited interoperability or scalability. Because each platform has its own management system, the addition of each new application or service on the network increases the operational complexity.
Many enterprise networks also operate multiple overlay networks for separate services, which further complicates operations and management. The result, in many cases, is a convoluted infrastructure that lacks the speed and flexibility to enable companies to respond to new business opportunities, unforeseen changes, and customer demands.
Such environments are also a challenge to secure. Separate operating systems and hardware platforms involve different security requirements. And with the growing number of security threats and regulatory requirements, IT managers must expend increasing time and effort to enforce security policies. As infrastructure complexity increases, these systems and policies become more susceptible to security breaches due to human error or intervention.
In this traditional IT model, enterprises have few options. Their limited IT budgets are consumed by basic operations, leaving insufficient funds for deploying new technologies that could help them improve the business. According to Gartner, the typical enterprise spends 70 percent of its annual IT budget on operations, leaving just 30 percent for investment in new solutions that could help the enterprise maintain its competitive edge.
Solution
Today's enterprises require a new IT strategy, one that will improve their ability to respond to competitive pressures and market demands. Cisco® delivers a solution that takes advantage of a more flexible, adaptive, and feature-rich IT architecture in its Service-Oriented Network Architecture (SONA).
Cisco® SONA functions as a services-delivery platform. It helps companies evolve their existing infrastructure into an intelligent network-the kind of network that's needed to support new and evolving IT strategies, including Web services and the virtualization of applications such as voice, video, and presence. Because the network connects with every part of the IT infrastructure and every user in an organization-as well as with most customer-facing applications and processes that affect the customer experience-it is the ideal location to build in ubiquitous services based on standard interfaces and technologies.
By integrating advanced capabilities enabled by intelligent networks through SONA, an enterprise can reduce complexity and management costs, enhance system resiliency and flexibility, and improve the use and efficiency of networked assets.
This next-generation architecture allows enterprises to use their network as a strategic asset that properly aligns IT resources with business priorities. The result is decreased total cost of ownership and increased revenue. Over time, this enables organizations to shift an increasing proportion of their IT budgets to strategic investment and business innovation.
The Cisco SONA Framework
Implementing a new architecture for the more effective use of networked assets requires foresight and planning. Cisco believes that the network itself is the best place to begin the transition, because it touches every part of the infrastructure, from servers to applications, middleware, devices, and users. Therefore, network enhancements can improve the performance and functions of every element and bring benefits to all segments and people within the enterprise.
In Cisco SONA, distributed applications and services are centrally managed over a common, unified platform. This integrated environment increases the efficiency and use of network assets, decreasing capital expenses and management costs. Creating a feature-rich, integrated foundation increases the availability of applications and services that benefit the network itself (such as integrated security or identity services). In addition, a unified system enables employees from any corporate location to access networked applications and services more quickly and with greater service quality than a nonintegrated infrastructure.
By integrating devices, applications, and services that have been designed to work together, SONA brings greater intelligence to the network. The resulting infrastructure is dynamic, application- and service-aware, and capable of taking a more active role in optimizing communications.
With intelligence integrated in virtually every device, application, and service, the network can perform high-level functions, including traffic classification, monitoring, and shaping. It can provide management at the session, presentation, and application layers as well as traditional transport. For example, application awareness allows intelligent devices to perform deep packet inspection to decode Extensible Markup Language (XML) or Simple Object Access Protocol (SOAP) headers, or to examine e-mail headers in order to provide intelligent routing to the appropriate resources.
Business Benefits of Cisco SONA
Cisco SONA helps enterprises gain business value across their entire organization. Specifically, it helps them:
• Increase productivity and efficiency while reducing costs: Cisco SONA promotes more effective use of networked resources, leading to improved workforce efficiency and decreased capital costs and operating expenses. For example, virtualization technologies such as virtual firewalls, Cisco InfiniBand switching, and VLAN segmentation improve resource use and free other resources, which protects your network investment.
• Increase resiliency and business agility: Cisco SONA integrates voice, video, and data services across a converged platform that can scale throughout a distributed enterprise environment. The architecture incorporates enterprisewide intelligent infrastructure that includes built-in redundancy, allowing the network to respond and recover more rapidly from service disruptions and outages. The benefits include higher network availability and improved employee productivity. In addition, Cisco products facilitate tight application integration, allowing shared visibility and communication between business applications and network services. These advanced capabilities allow enterprise employees to respond more quickly to changing market demands.
• Improve customer relationships: Intelligent networks enhance the visibility of applications and data across the enterprise. Employees can benefit from faster, more accurate, and more available access to corporate data, improving their ability to serve customers, partners, and suppliers. With Cisco SONA, enterprises could integrate customer relationship and supply chain management applications with their IP-based call centers, thereby giving all attendants in a global organization simultaneous access to real-time information. An attendant at a help desk would have the same information about the caller as a customer support representative, improving the service experience for the customer.
• Increase revenue and maximize business opportunities: A centrally managed and unified architecture across a standardized platform allows employees to make more informed business decisions and bring products to market more quickly. With Cisco SONA, R&D teams and corporate decision makers in different locations could benefit from shared access to data retrieved from multiple integrated databases. This would provide them with more consistent, accurate, and current data, and allow them to make better decisions more rapidly. In turn, this would speed product development lifecycles and yield better business results.
Cisco SONA: An Evolutionary Approach
Using Cisco SONA as a framework, enterprises can migrate to an Intelligent Information Network at their own pace by making incremental investments in the infrastructure. As enterprises build intelligence into their infrastructure, the overall complexity and cost of operations decrease, while the manageability and effectiveness of applications increase exponentially. Businesses realize this cumulative gain by taking advantage of network standardization and virtualization.
• Standardization: In a Cisco SONA-based infrastructure, all elements work together as a unified system. Standardization increases the efficiency of networked assets, optimizes application performance, eases management, and reduces operational costs. By standardizing on a single vendor, businesses spend less to support the same number of assets than they would in a multivendor environment. IT staff no longer need to oversee multiple operating systems or technologies. A standardized infrastructure also allows organizations to create a more secure and reliable environment. With a tightly integrated infrastructure, staff can more easily and cost-effectively implement and deploy security policies across the enterprise.
• Virtualization: Through virtualization technologies, a single physical device or resource can act as if it were multiple physical versions of itself and be shared across the network. Cisco SONA uses virtualization technologies to increase use of networked assets such as servers and storage area networks, which can be used at a higher rate without causing a significant corresponding impact on CPU resources. Thus, a storage unit that once used only 20 percent of its capacity (a figure typical for most organizations) would use a much higher percentage through virtualization. Similarly, one physical firewall could be configured to perform as multiple virtual firewalls, helping enterprises optimize resources and security investments. Services for security, identity, and collaboration, it should be noted, can be virtualized only in a standardized infrastructure. Other virtualization strategies include load balancing, dynamic allocation, distribution, and centralized policy management. The use of virtualization enhances agility and improves network efficiency, reducing both capital and operational expenses.
Architecture Overview
The Cisco SONA design comprises three layers that incorporate all necessary network elements. These layers include the application layer, the integrated network services layer, and the network systems layer (Figure 1). Cisco has defined each layer according to the logical functions and capabilities performed within it. To facilitate smooth migration, investment protection, and easy addition of new technology, Cisco has designed the architecture using a modular approach. Organizations may develop each layer independently as their technology innovation plan or market demands dictate, with the confidence that their infrastructure will converge into a tightly integrated environment following Cisco SONA. This setup allows businesses to add new capabilities rapidly and effectively.
In a Cisco SONA network, layers integrate closely with each other to facilitate and complement communication between applications and networked services, while simultaneously enhancing the performance and functions of the network as a whole.
• Application layer: This layer includes all software used by end users within the enterprise for business purposes (such as enterprise resource planning and customer relationship management) and software used for collaboration (such as unified messaging and conferencing).
• Integrated network services layer: This layer optimizes communications between applications and services in the application layer by taking advantage of intelligent network functions such as embedded security, identity, and quality-of-service (QoS) features.
• Network systems layer: This layer interconnects devices at critical points in the network (campus, data center, network edge, metropolitan-area network [MAN], WAN, branch offices, and teleworker locations) and facilitates transport of services and applications throughout the enterprise.
Figure 1. Service Oriented Network Architecture
Application Layer Overview
Executives in today's enterprises expect new applications to have a direct effect on productivity and innovation. Whether the applications do or not depends on how thoroughly they are integrated throughout the network. As businesses evolve to a Cisco SONA infrastructure, networked applications become tightly interwoven and capable of supporting greater collaboration and more effective communications. The enterprise often reaps additional benefits that would not have been possible using standalone platforms and point products.
The application layer (Figure 2) includes business applications and collaboration applications that are commonly used in the enterprise environment. These enterprise applications facilitate collaboration and visibility between departments, partners, customers, and suppliers and perform internal business functions (such as back-office systems for business intelligence and network management). To fulfill their intended tasks optimally, each application must be highly secure, reliable, flexible, and responsive. In addition, applications must use technologies that enable them to deliver accurate information and comply with government regulations and business policies. Cisco and its partners provide an array of applications to meet business needs while Cisco SONA provides a powerful foundation that supports crucial application requirements.
Figure 2. Application Layer
Integrated Network Services Layer Overview
The integrated network services layer (Figure 3) provides direct support for essential applications and the network systems layer. By using a standardized network foundation and virtualization, interactive services such as security and voice services scale and perform better and interoperate more effectively than if delivered using standalone devices or networks that lack the integration and intelligent features of Cisco SONA.
Services provided at this layer support applications and services distributed throughout the Cisco SONA infrastructure that have the following characteristics:
• Security: Application-level security and network embedded security (VPN/Secure Sockets Layer [SSL], network access control, access control lists, and segmentation) help to ensure data security.
• Accuracy: Services such as continuous data protection, intrusion protection, and HTTP inspection promote application accuracy.
• Reliability: The infrastructure achieves service and application reliability through data replication, remote backup, worm mitigation, enhanced QoS, and distributed denial of service.
• Flexibility: Services such as multiprotocol message routing, message translation, mobility services (for example, anytime, anywhere remote access), and IP convergence for multichannel deployments all promote network and application flexibility.
• Responsiveness: The network becomes more responsive through the use of compute services such as remote direct memory access and I/O virtualization; and application enhancement services such as application acceleration, content caching, and server load balancing.
• Compliancy: Services such as event capture and logging, adaptive management, Cisco Wide Area File Services, and pervasive policy enforcement promote compliancy and accountability.
The services provided at this layer fall into one of two categories: infrastructure services or application networking services.
Infrastructure services provide critical, networkwide functions that optimize the operation of network services and applications and benefit the entire Cisco SONA infrastructure. Infrastructure services also provide the interface between the network infrastructure and the application services layers.
Six infrastructure services are crucial for providing a secure, interactive, and collaborative enterprise network environment:
• Identity services: To promote flexibility and scalability of users and resources
• Mobility services: To facilitate network access regardless of physical location
• Storage services: To improve storage usage enterprisewide
• Compute services: To improve compute resources enterprisewide
• Security services: To deliver security for all devices and users on the network
• Voice and collaboration services: To facilitate collaboration of all users through all network resources
By virtualizing these services over the network systems layer and defining how to use the pool of virtual resources through adaptive management capabilities, the business transformation becomes more accelerated and dynamic. In the infrastructure services layer, elements such as CPUs, storage, servers, and memory are treated as pooled resources to be used over a unified network infrastructure. These resources are allocated on an as-needed basis, depending on application or service demands.
In addition, capabilities that enhance the network itself, such as firewall or load balancing, are integrated into the devices and applications distributed throughout the network. For example, network security is not limited to the protection provided by a standalone appliance such as a firewall at the WAN edge. Instead, security capabilities reside in everything from PCs to router CPUs and thus become pervasive throughout the infrastructure.
Similarly, identity services such as authentication, authorization, and accounting; Network Admission Control Layer 2 IP Validation; and Network-Based Application Recognition-which are integrated in various devices and systems throughout the infrastructure-work together to determine who is using the network, how it is being used, and what is being transmitted. This intelligence can be used to apply high-level policies for QoS and security, for instance, or to take specific actions such as stopping a virus in an e-mail message before it circulates to every PC.
Application networking services facilitate scalable and highly secure communication, integration between applications, and messaging capabilities for the intelligent processing of application layer information. This tier takes advantage of middleware applications and Cisco Application-Oriented Networking to optimize application delivery and help ensure tight integration and interoperability between applications. Application services deliver application information, optimize application delivery, manipulate application-level messages, help ensure application-to-application security, and provide application message-level event visibility.
Virtualization technologies are used at this layer to maximize resource usage, improve performance, and provide the flexibility necessary for effective resource sharing. As a result, applications and services operate more quickly and more effectively. Thus, users throughout the enterprise benefit from rapid access to applications and services, and avoid the latency problems of the past.
Figure 3. The Integrated Network Services Layer
The complexity needed to keep up an enterprise network infrastructure that supports critical applications and services does have its risks, and that can translate into expensive downtime. Having an adaptive management policy simplifies the deployment and administration of the network and services. The result is increased automation of provisioning and monitoring of tasks, flexible integration and optimization of both application and network resources, maintenance of network-to-business resilience, regulatory compliance, and optimization of application performance behavior.
Critical aspects of adaptive management include the capability to control all the elements of the supporting network infrastructure architecture, to control Inter-Switch Link services, the interaction between them, and integration and interoperability between service functions and application environments.
Adaptive management services also play an important role in the demand-based and real-time environments, particularly dealing with automating tasks triggered by real-time events and handling the resource pools to support the objective of such tasks.
Network Systems Overview
The network systems layer (Figure 4) supports a wide range of connectivity functions, including client-to-server and storage-to-storage connectivity, as well as a variety of unique network interconnection capabilities.
Cisco switching and routing solutions provide optimal performance and I/O capabilities, predictable service, reliability, and security levels based on validated network architectures for every place in the network. Virtualization across all three layers of the architecture promotes efficient use of devices and services. In addition, Cisco validated network architectures help facilitate role-based policy control of application and service delivery.
Cisco SONA encompasses all locations across the enterprise network, including campus, data center, network edge, MAN, WAN, branch offices, and teleworker locations (Figure 4). Cisco has developed intelligent architecture solutions for every location, each featuring a complete, integrated design. Each solution contains critical elements that enhance the performance and capabilities of the Cisco SONA infrastructure.
Figure 4. Places in the Network
Cisco Services
Figure 5. SONA Services
Before migrating to a fully converged and integrated Cisco SONA infrastructure, enterprises must adopt a deployment strategy that takes them in the right direction. Businesses typically invest in IT infrastructure either as part of an initiative to implement strategic business applications or in an effort to modernize their infrastructure and decrease operational expenses. In the first case, the plan should include how to migrate existing systems and applications. In the second, the plan should encompass the transition of existing components based on IT priorities and return-on-investment goals.
Regardless of their objective, enterprises must adopt an architectural approach that incorporates all phases of the lifecycle, including preparation, planning, design, implementation, operation, and optimization. Working with such a model, an enterprise can design, implement, operate, and evolve its architecture with confidence. In addition, organizations must use best practices and proven designs to mitigate risk and hasten the deployment of applications. Together, Cisco and its partners can provide businesses with the knowledge and skills necessary to support and evolve the new infrastructure.
Cisco Services help companies make a successful transition to Cisco SONA infrastructure with a broad portfolio of end-to-end services. This approach helps enterprises design and implement a Cisco SONA infrastructure that meets their business goals and drives customer business value.
A Strong Foundation for Business Growth
As new technologies emerge and networks become more pervasive, enterprises will have an increasing opportunity to deploy new applications and IT solutions that can help them improve network operations and business results. However, many enterprise IT departments today lack the resources necessary to take advantage of new solutions. To gain competitive advantage, companies need to control the costs of operating and managing their IT systems so that they can free resources for development and deployment of new applications that could help the business.
Using Cisco SONA as a framework, enterprises can evolve their networks to a more intelligent infrastructure that can adapt to market changes and demands. By gradually investing in the network, businesses benefit from the network multiplier effect: costs decrease as the efficiency of network and asset use increases, even as the network continues to require new equipment, new services, and new applications. The resulting savings in operational expenses and maintenance costs makes it possible for businesses to allocate additional resources for new applications and technology solutions. Enterprises that seize these opportunities become better prepared for the business challenges that lie ahead.
