Cisco Application Control Engine (ACE) XML Gateway Solution
PDF(79.3 KB) View with Adobe Reader on a variety of devices
Updated:September 13, 2007
Q. What is the Cisco
® Application Control Engine (ACE) family of products?
A. The Cisco
® Application Control Engine (ACE) family, the next generation application delivery solution for the data center, is the most comprehensive application delivery solution in the industry. Cisco ACE includes highly scalable application switching modules for the Cisco Catalyst 6500 Series switches and for the Cisco 7600 Series routers. The ACE module consolidates a broad range of services in one device.
The ACE module enables enterprises to accomplish four key IT objectives for application delivery: maximizing application availability; accelerating application performance; securing the data center and critical business applications; and enabling data center consolidation into fewer servers, load balancers and data center firewalls. The ACE module also provides administrators new levels of control-including the ability to define 250 unique virtual devices that are completely secure and isolated from each other-for deploying, securing and accelerating critical applications across the extended enterprise.
The Cisco ACE family also includes the Cisco ACE XML Gateway Solution. These appliances extend the core ACE functionality to XML and Web Services, including security, scalability and acceleration.
To ensure data center availability, the Cisco ACE application delivery solution is integrated with Cisco leading data center availability system, Cisco ACE Global Site Selector (GSS), which provides intelligent failover between data centers and ensures business continuity.
Q. What is the Cisco ACE XML Gateway Solution?
A. The Cisco ACE XML Gateway Solution is the latest addition to the Cisco ACE family of products. The Cisco ACE XML Gateway extends the core Cisco ACE functions to a new traffic type: XML. These standalone appliances provide interapplication fluency by extending application intelligence into the network and enabling efficient deployment of scalable, secure, and accelerated XML applications and Web services. These cutting-edge functions enable the intelligent network to harness the power of service-oriented architectures (SOA) and Web 2.0, while enabling customers to build on the value of their existing application, security, and networking infrastructure investments. Using the Cisco ACE XML Gateway solution, Cisco customers can now accelerate, scale, and secure XML, providing another powerful advantage to the Cisco ACE family, in addition to its industry-leading virtualization, application security, and performance.
The Cisco ACE XML Gateway solution also includes the ACE XML Manager, a secure, Web-based application available as a standalone appliance for Web services policy creation and monitoring.
Q. What customer challenges does the Cisco ACE XML Gateway solution solve?
A. The industry evolution toward Web 2.0 and SOA means that applications must communicate with each other and share data on an unprecedented scale. The underlying technology enabling this major market and technology shift is XML. The 450 Group estimates that 50 percent of all network traffic will be XML by 2008.
An XML message is a high-valued transaction and complex to process, and an XML message can be 3 to 10 times larger than an equivalent binary message, making servers and infrastructure overloaded with XML traffic processing and vulnerable to XML threats. As XML traffic in the network increases, new XML security threats arise, and application performance deteriorates. The Cisco ACE XML Gateway solution addresses these concerns and the broad set of challenges involved in managing the deployment and delivery of XML applications and Web services from the data center to local and remote users. The Cisco ACE XML Gateway solution scales, accelerates, and secures XML application and Web services and addresses the following concerns:
• Ongoing need to maximize XML application and Web services availability and uptime, while providing dynamic scaling of resources as business requirements grow
• Support for data center consolidation by reducing the required quantity of application servers
• Optimized performance of data center applications delivered to remote users by reducing end-to-end latency
• Improved XML applications, Web services, and overall data center security
Q. What customer benefits does the Cisco ACE XML Gateway solution offer?
A. The Cisco ACE XML Gateway solution allows enterprises to accomplish the following primary IT objectives:
• Maximize XML applications and Web services scalability by improving concurrency and reducing end-to-end latency
• Improve XML applications and data center security by preventing XML-based threats and providing XML message security
• Accelerate performance of XML applications and Web services by offloading computationally intensive XML processing operations and reducing the number of expensive servers
Q. What are the main Cisco ACE XML Gateway solution features?
A. The main features of the Cisco ACE XML Gateway solution are:
• Threat mitigation, to defend against XML-based threats
• Acceleration and offload of XML application processing
• Extensibility software development kit (SDK), to extend XML transformations and customize XML message processing
• Centralized provisioning of XML applications and Web services, to enforce message processing policies in multiple production environments
Q. What are the benefits of these core features of the Cisco ACE XML Gateway solution?
A. The benefits are as follows:
• Strengthen network and application security by defending against XML-based attacks.
• Reduce operating costs by offloading intensive processing power from application servers onto the Cisco ACE XML Gateway.
• Improve IT agility to quickly capitalize on new business opportunities by extending Web services connections using the extensibility SDK.
• Increase application developer productivity while decreasing development errors through policy-based provisioning with sophisticated rollback and versioning capabilities.
Q. What are the highlights of the Cisco ACE XML Gateway solution?
A. The highlights of Cisco ACE XML Gateway solution are as follows:
• XML application scalability: Cisco ACE XML Gateways provide best-in-the-industry scalability and throughput for management of XML application traffic: up to 30,000 transactions per second (TPS) and up to 40,000 concurrent connections in a single appliance. Cisco ACE XML Gateways reduce service latency and improve the user experience and server utilization by implementing a high-performance, highly parallel event-driven architecture. These gateways help IT organizations manage unpredictable service outage and utilization by enabling a shared, scalable infrastructure that actively enforces service latency agreements.
• XML security: The Cisco ACE XML Gateway delivers firewall capabilities and provides the critical protection needed at each service perimeter, between different trust zones. In addition to working with transport and session layers of network traffic, the Cisco ACE XML Gateway differs from network firewalls in that it focuses primarily on the application layer and works with the payload of the XML message. In the perimeter defense role, the Cisco ACE XML Gateway performs a broad range of security services, such as guarding against malicious XML payloads, structurally invalid XML messages, and XML denial-of-service (XDoS) attacks, and performs other security functions such as authentication, authorization, and auditing (AAA); nonrepudiation; message encryption and integrity; and privacy.
• High-performance acceleration and offloading: Cisco ACE XML Gateways improve server utilization by offloading computationally intensive XML processing and freeing server resources. The unique Cisco XML acceleration technology, with patented predictive optimizations; sophisticated caching; enhanced parser, algorithm, and processing mechanisms; and multicore, parallel-processing architecture, provides 7X end-to-end message processing improvement over other appliances.
• Policy-based provisioning: The Cisco ACE XML Manager increases developer productivity and improves deployment flexibility with sophisticated rollback and versioning capabilities. Enterprisewide management is accessible anywhere on the network through a secure Web UI. The Cisco ACE XML Manager allows you to configure security, integration, and routing policies in one centralized policy management system, without programming. The Cisco ACE XML Manager autodiscovery feature helps simplify Web services policy definition and enforcement.
Q. What return on investment (ROI) does the Cisco ACE XML Gateway solution offer?
A. Customers deploy the Cisco ACE XML Gateway solution for two main reasons. The first is to decrease costs through reuse of existing infrastructure and services; the more services that are reusable from system to system, the greater ROI the customer achieves. Customers have achieved complete ROI in as little as 6 months through these accomplishments:
• Fewer software licenses and servers, translating into cost savings in capital and operating budgets
• Fewer redundant software components, reducing the need for redundant programming groups
• Offloading of intensive XML processing, decreasing the use of expensive CPU processing power
• Consolidation of data centers, reducing leased-line costs
• Increased application performance, reducing service-level agreement (SLA) penalties and development and help-desk costs
The second reason that customers choose the Cisco ACE XML Gateway solution is the capability to change the IT infrastructure faster to adapt to the changing needs of the business. This capability provides a huge strategic advantage, and although determining the ROI on agility is difficult to quantify, the value clearly is there.
Q. What type of customers can benefit from the Cisco ACE XML Gateway solution?
A. The Cisco ACE XML Gateway solution is targeted at enterprise and service provider customers who have or are deploying XML applications and Web services and want to secure and improve the performance of these applications:
• Enterprise customers using Web services or who are developing or deploying SOA implementations
Q. How is the Cisco ACE XML Gateway solution deployed?
A. Typically, customers deploy Cisco ACE XML Gateways in a data center in front of application server farms hosting XML applications and Web services. As traffic is sent from clients to the data center servers, it passes through the Cisco ACE XML Gateways used to secure, offload, and accelerate message processing for XML data.
Q. What are the performance characteristics of the Cisco ACE XML Gateway solution?
A. Cisco ACE XML Gateways provide best-in-the-industry scalability and throughput for management of XML application traffic. The Cisco ACE XML Gateway can process up to 30,000 TPS and up to 40,000 concurrent connections in a single appliance. Cisco ACE XML Gateways reduce server latency and improve the user experience and server utilization by implementing a high-performance, highly parallel, event-focused architecture.
Support and Services Questions
Q. What services are offered on the Cisco ACE XML Gateway products?
A. Cisco SMARTnet
® Services are available for the hardware, and Software Application Support plus Upgrades (SASU) is available for the Cisco ACE XML Gateway and Management software. Software Application Support (SAS) is not available for Cisco ACE XML Gateway products.