View
217
Download
0
Category
Preview:
Citation preview
8/7/2019 CSS_product _overview
1/25
1 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco 11500 SeriesContent Services Switch
Andy Pokladowski
apoklado@cisco.com
8/7/2019 CSS_product _overview
2/25
2 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Content Switching Overview
Introduction to CSS11500
New Features and Benefits Positioning, Migration, and
Related Products
AgendaAgenda
8/7/2019 CSS_product _overview
3/25
3 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco Content SwitchingTarget Applications and Results
Internet AND Intranet Applications
E-commerce business-to-business, business-to-consumer
E-business marketing, sales, service, exchanges
Customer care internal and external users
Workforce and supply chain automation
Advanced web hosting
Results, Rewards, Returns
Improve performance of your Web site and Web applications
Enhance experience for customers, employees, and partners
Better use existing infrastructure and reduce infrastructure costs
Assure online transactions are executed accurately and completely
Improve Web site security and integrity
Transparent addition to existing network and systems
Relieve find and fix burden on Help Desk and support staff
8/7/2019 CSS_product _overview
4/25
4 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Server Load Balancing
Server Load Balancing Balances Client Request across multiple serversbased variables, cookies
Detects sever outages within the data center
Benefits: Scalability, Reliability, Server off-load
Client Traffic:HTTPSSLFTP
Clients access Applications
CSS 11500
8/7/2019 CSS_product _overview
5/25
5 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco Content SwitchingTraffic Direction Based on Content Not Connections
Supply-Side Analysis:
What is current server load?
Where is content located?
Is the content available? Accurate?
Is this site just one of many?
Demand-Side Analysis:
What content is requested?
Who is requesting content?
What access policies are in effect?
Any special request handling required?
Is this a secure or open transaction?
Internet/Intranet
What
content isrequested?
Who isrequestingcontent?
Isrequestspecial?
Whichserver is
best?
http://www.stocks.com
Its all about SUPPLY and DEMAND!Its all about SUPPLY and DEMAND!
Isexchangesecure?
Whichsite isbest?
8/7/2019 CSS_product _overview
6/25
6 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco Content SwitchingApplications
BronzeBronze
Gold
OverflowServers
InternetInternet
Local Load Balancing= improved utilization and availability(servers, Firewalls, caches)
User Prioritization= switch and stick by cookie(Silver, Gold, Platinum)
Client Device Discrimination= switch and stick by client device(PC, PDA, wireless)
Intelligent Content Positioning= switch by file type
(.html, .gif, .cgi) Security Optimization
= all of the above in SSL (HTTPS) environment
Global Server Load Balancing= pick best site based on load and proximity(Tokyo, Paris, New York)
Silver
8/7/2019 CSS_product _overview
7/25
7 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Hosting
Solution Engine
HostingSolution Engine
Data Center Load BalancingFor Internet and Intranet
Web Servers
ISP-1 ISP-2
Database Servers
PIX
FirewallPIX
Firewall
Content Switch Content Switch
ApplicationVelocity Engine
ApplicationVelocity Engine
8/7/2019 CSS_product _overview
8/25
8 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Introducing CSS11500
8/7/2019 CSS_product _overview
9/25
9 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Requirements forContent Switches in 2005
Scalable/flexible architecture for current needs and futuregrowth
Availability: session and hardware redundancy
Small form factor
High port density
Integrated Services (SSL acceleration and HTTPCompression)
Broad set of L4-L7 features
Broad product line for small, medium, and large data centers
8/7/2019 CSS_product _overview
10/25
10 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Introducing Cisco 11500 SeriesContent Services Switch
Content Switching Market Leader
Richest L4-7 services
Meets real-world scaling requirements
Innovative distributed architecture
Sets new high-availability standard
Adaptive session redundancy
Off loads intensive server processes
High-performance SSL and HTTP Compression Module
Delivers unprecedented flexibility Modular in performance, ports, and services
Protects investment
Upgradeable modules, memory, disks, software
8/7/2019 CSS_product _overview
11/25
11 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco L4-7 Switching Portfolio
Servers, Caches
Firewalls, VPNs
Decision Points
CSS 11501 CSS 11503 CSM forCatalyst 6500
Standalone Standalone Standalone Integrated
Appliance Modular Modular Module
CSS 11506
Max density 1 GE, 8 FE 6 GE/2 GE,32 FE 12 GE/ 2 GE,80 FE 8-178 GE, 46-528 FE
Site activity/intensity Low Medium High Highest
Hardware scalability
Compression Offload Yes Yes Yes Yes, with AVS
SSL acceleration Internal Internal Internal Internal
CS management
Session redundancy Yes Yes Yes Yes
Layer 2/3 networking
Load balancing Servers, Caches, Firewalls
Form factor
8/7/2019 CSS_product _overview
12/25
12 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Compact Chassis
Fixed-Configuration two options
SLB only
SLB plus SSL Termination and HTTP Compression
SSL 1400 TPS or 500 Mbps compression
One Rack Unit
6 Gpbs Aggregate Throughput
Session Processor and Forwarding Engine
8 Fast Ethernet Ports and Optional Gigabit Ethernet Port(SFP: 1000BASE-SX or -LX)
Server Off-load feature (SSL Termination and HTTP Compression) must beordered up front --- not field upgradeable
Software (WebNS), Disks and SFP GBICs Same as 11503/6
Dual Disk (Hard or Flash) and 1 AC Supply
Cisco CSS 11501Content Services Switch
8/7/2019 CSS_product _overview
13/25
13 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Mini-Chassis 3-slot/2RU with 20 Gbps switch fabric
Up to 3 modules--each with session processor, forwarding engine and policyengine
Switch Control Module with 2 GE
IO Modules (2GE, 8FE, 16FE)
Service modules (Session, SSL plus HTTP Compression)
SSL 1400TPS or 500 Mbps compression
Integrated Switch Module
Up to 32 FE plus 2GE
Up to 6 GE
Integrated AC or DC
Hard Disk or Flash
SCM, IOM, Service, memory, disk same as 11506
Cisco 11501Content Services Switch
8/7/2019 CSS_product _overview
14/25
14 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Cisco 11506Content Services Switch
Mini-Chassis 6-Slot/5RU with 40 Gbps Switch Fabric
Up to 6 modules--each with session processor, forwarding engine and policyengine
Switch Control Module with 2 GE
(Redundant SCM in Standby) IO Modules (2GE, 8FE, 16FE) or Service Modules (Session, SSL)
SSL 1400TPS or 500 Mbps compression
Redundant Switch Modules
Up to 80 FE plus 2GE
Up to 12 GE
Redundant AC or DC
Hard Disk or Flash
8/7/2019 CSS_product _overview
15/25
15 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
CSS11500 Modules
Switch control module2 PCMCIA Disks
2 GE (SX/LX SFP GBIC)
Console/Management
2-port GE (SX/LX SFP GBIC)
16-port FE 10/100BaseT 8-port FE 10/100BaseT
Session Accelerator Module
SSL termination and HTTPCompression Module
8/7/2019 CSS_product _overview
16/25
16 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
New Features and Benefits
8/7/2019 CSS_product _overview
17/25
17 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
CSS11500Innovative Distributed Architecture
ForwardingForwarding
EngineEngine
SessionSession
ProcessorProcessor
ForwardingForwarding
EngineEngine
SessionSession
ProcessorProcessor
ForwardingForwardingEngineEngine
SessionSessionProcessorProcessor
ForwardingForwardingEngineEngine
SessionSessionProcessorProcessor
ForwardingForwardingEngineEngine
SessionSessionProcessorProcessor
ForwardingForwardingEngineEngine
SessionSessionProcessorProcessor
1. Client Initiates
2. Spoof
3. Client GET
4. Select Server
5. NAT6. FastPath
7. Server Responds
Performance scales with number of modules Load is balanced among processors
Module
8/7/2019 CSS_product _overview
18/25
18 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
CSS11500Adaptive Session Redundancy (ASR)
Router CSS L2 Switch Server
Internet
L2
ISC
Link
Interbox stateful failover per content rule
Specify content rules worthy of replication (rule must have VIP)
Establish flows (pushed to FastPath)
Backup flows to standby over Interswitch communication (ISC) link
If one rule (or one box) fails, standby picks up specified flows
Data flow continues after TCP retransmit
State:
IP/Port for client/server URL/Cookie
Failover Time:
Configurable 3 seconds recommended
Redundancy Optimized for PerformanceRedundancy Optimized for Performance
8/7/2019 CSS_product _overview
19/25
19 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
CSS11500Integrated SSL and HTTP Compression Module
Leading SSL price-performance
ScalableCSS11506: Up to 5 modules
CSS11503: Up to 2 modules
Integration adds
Enhanced securityImproved manageability
Specifications (per module):
SSL 3/TLS 1Broadcom 5821512 MB dedicated SRAM
8/7/2019 CSS_product _overview
20/25
20 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Content Switching and SSL
Problem Servers impaired: SSL increases processing
load and hides L5+ info necessary for loadbalancing and sticky
Solution Offload SSL processing from servers to SSLproxy
Benefit Improves server scalability
Increases server utilization/availabilitythrough L5+ load balancing and sticky
Simplifies management
SSLClients
Servers
CSS11500SSL Module
8/7/2019 CSS_product _overview
21/25
21 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
WebNS 8.10 Features: HTTP Compression
Combined SSL and Compression Module Very Attractive Combination for Server
offload Two approaches:
Module CSS5-SSL-C-K9(=) $9,995
New 1 RU platform CSS11501S-C-K9(=) $19,495.00
Will replace the existing SSL Moduleand existing CSS11501S
Refreshed the SSL Acceleration hardwaremodule to add an internally developed
FPGA in support of the compressionsoftware functionality
Patent pending techniques that achieves upto 4:1 compression ratios
HTTP CompressionAllows the CSS with this new module tocompress traffic from the servers to theclients. This takes advantage browsers
ability to decompress30% increase in SSL performance400-500 Mbps of CompressionPerformanceGZIP and Deflate file formats supportedAuto and Forced options supportedOlder SSL module can support newcompression but at a lower performance
8/7/2019 CSS_product _overview
22/25
22 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
CSS11500Key Feature-Benefit Summary
BenefitBenefitFeatureFeature
Adaptive SessionAdaptive SessionRedundancyRedundancy
DistributedDistributedArchitectureArchitecture
IntegratedIntegratedCompressionCompression
Integrated SSLIntegrated SSLModuleModule
Redundant SCM, SM,Redundant SCM, SM,
Disk, Power, FanDisk, Power, Fan
Availability optimized for performanceAvailability optimized for performance
Flexibility to replicate per flowFlexibility to replicate per flow
Scalability onScalability on Optimal priceOptimal price--performanceperformance
Improves Web Response timeImproves Web Response time
Saves Bandwidth and Server processingSaves Bandwidth and Server processing
SSL scalabilitySSL scalability
SSL manageabilitySSL manageability
AvailabilityAvailability
8/7/2019 CSS_product _overview
23/25
23 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Network Management, CustomerProfiles and Related Products
8/7/2019 CSS_product _overview
24/25
242424 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
WebNS 8.10 Features: CiscoView Device managerfor the CSS
GUI Replacement Replaces the CSS GUI introducedin WebNS 4.0 with a new, fullyfunctional GUI modeled after theproven and well received CiscoView
Device Manager Simplifies CSS Configuration Customizable initial setup wizards Comprehensive configuration ofserver load balancing servicesusing a single tool, including Layer
4 through Layer 7 policy setup Other Network Manger Features:CLIEmbedded device management GUICiscoWorks 2000 CiscoViewHosting services engineSNMP, RMON, log files
Programmatic management API
8/7/2019 CSS_product _overview
25/25
25 2005 Cisco Systems, Inc. A ll rights reserved.Session Number
Presentation_ID Cisco Confidential
Hosting Solution Engine A turnkey management solution for Cisco powered data centers that enables SPsand hosting clients to autonomously perform daily duties on the shared network infrastructure for reliable e-businessdelivery
Benefits to Customers Provides autonomous e-business management to individual business groups whilemaintaining centralized IT operations
Enterprises: Improves operational efficiency between system managers and network admins; provides remote manageability whileutilizing colocation facilities or e-business hosting services
Service Providers: Reduces network and service capital and operational costs while supporting new content services
New Features
Granular customer domain partition down to switch ports for authorized user access to shared Cisco devices
Robust Layer4-7 service configuration and activation for Cisco server load balancing devices
Upper layer NMS/OSS integration with SYSLOG, trap, email notifications and domain-based historical data XML export
Web-based historical data reports with easy personalization
Industry Impact Industrys only turnkey solution for managing content networking infrastructure and services, including customer
self-monitoring and SLA verification
Cisco 1105 HostingSolution Engine 1.3
Recommended