Cisco's Cloud Connected Solutions Unveiled

Cisco continued its march to the cloud today with the announcement at Cisco Live 2012 of Cloud Connected Solution, a suite focused on delivering applications from a private cloud. While some of the features are standard Cisco fare wrapped up in a cloud moniker, others are aimed at supporting public- and private-cloud applications.

One such product is the Cloud Services Router (CSR) 1000v, a virtualized version of IOS-XE software designed to run on public and private clouds. CSR will initially be available on VMware's ESXi 5.0 and Citrix Xen 6.0 hypervisors. Each CSR virtual machine requires four cores, 4 Gbytes of RAM and 8 Gbytes of disk. The number of virtual network interfaces is limited by the hypervisor. Cisco representatives said support for Amazon Web Services instances and Microsoft's Hyper-V will be available by year's end.

The CSR 1000v supports features found in the ASR product line, including firewall, VPN, quality of service (QoS), NAT, AAA, and routing protocols like BGP, OSPF and EIGRP to cloud instances so that enterprises can securely connect their public and private clouds and route traffic between them. Some features that require hardware acceleration, like deep packet inspection reliance on Cisco's quantum flow processor, won't be supported. Cloud providers can use the CSR 1000v as a value-added service router/VPN service to their customers, including support for MPLS, LISP and HSRP.

There are other virtual routers, firewalls and VPNs available, such as Vyatta's Network OS, but most IT departments will stick with the products they know best. For Cisco shops, the CSR 1000v is an easy choice since it's IOS-XE, which runs on the ASRs. The big question is price. Depending on the cost, IT shops may well forgo the Cisco premium and use an alternative. That seems more complex operationally, but then again, most cloud applications don't need a full-blown router, either. The CSR 1000v won't ship until the fourth quarter.

Next: More on Cisco's Cloud ConnectorsCisco's Cloud Connectors are designed to integrate with ISRs running in branch offices and leverage functionality in the cloud or a remote service. The Cloud Connectors are created by Cisco partners and are available to ISR customers. One example of combining local and remote processing is Cisco's ScanSafe Web-scanning service, which filters malicious Web content before it reaches the user's computer. The ScanSafe Cloud Connector forwards requests to the ScanSafe service, which means traffic isn't being sent back to a central data center before going to the Internet. The scan and filter policies can be applied in the ScanSafe portal, and the only time there is an outage is if the branch office's network fails.

Of course, organizations moving to VoIP face a difficult choice: put an IP PBX in every branch or haul the VoIP traffic to a central location. If a company chooses the latter, then a network outage at the branch can hobble productivity. Cisco's Hosted Collaborations Services Cloud Connector provides enough functionality in the branch so that if there is an outage, calls won't be dropped and employees can still make and take calls.

The success of Cloud Connectors depends on Cisco getting third parties to develop them. Cloud storage vendor Ctera has a cloud connector for branch-office use that allows users to back up and restore data without installing agents--which is great for Ctera customers but doesn't hold much value for anyone else. What might be interesting is if Cisco can get enterprise cloud application vendors like Salesforce, Microsoft or Google to create survivable versions of their applications as a cloud connector so that in the event of a network failure, the applications will continue to run (but with reduced functionality).

Cisco also formally announced AppNav, a hardware and software module that clusters Cisco's wide area application services (WaaS) instances running as virtual machines or in their wide area virutalization engines appliances. AppNav can also run as a module within the CSR 1000v, fitting in with a public or private cloud strategy. AppNav, which won Best of Interop in May, intelligently clusters up to 32 WaaS instances into a single process pool. Traditional clustering usually requires adding a new appliance to a cluster and reconfiguring the pool. If a cluster member fails, the sessions fail with it. With AppNav, new WaaS appliances can be added or removed dynamically as needed. WaaS appliances maintain state with AppNav so if a member fails or is removed from the cluster, its sessions are seamlessly migrated to new members without loss.

In addition, if a WaaS instance is overloaded or a particular flow requires processing available on a subset of appliances, AppNav will intelligently add flows to the appliance best suited to handle it. Up to eight AppNav instances can be clustered in the same data center, across data centers or even in a public cloud. As long there is L2 or L3 connectivity, the AppNavs will synchronize.

Cisco also announced Application Visibility and Control (AVC), software that enhances application monitoring. AVC runs on the ISR and ASR family of routers and Cisco's new UCE-E module, and will be available on CSR 1000v. AVC monitors applications passing through the router and bundles up the data into NetFlow v9 records that can be sent to any NetFlow v9 device, such as Cisco's own Prime LAN Management product or network management or application performance management (APM) software suites. While AVC provides many of the benefits of network-based APM, such as agentless operation and broad visibility, companies would use it to augment a larger APM strategy.

Cisco is also enhancing existing product lines with a new processing module, the UCS-E for the ISR-G2. It's similar to UCS Express, but it's based on Intel's newest E3-E5 processors supporting four to six cores, up to 8 Gbytes of RAM and up to 3 Tbytes of disk space. The module fills two slots in the ISR-G2 chassis. It's designed to run multiple services, such as Cisco's vWaaS or partner products such as Infoblox and Ctera's storage product. The UCS-E can be used for larger branches that need more than one server locally. Cisco also added a new model, the 1002-X, to the ASR line. The ASR 1002-X can support up to 36 Gbps in license increments from 5 Gbps to 36 Gbps.