CSS_product _overview

8/7/2019 CSS_product _overview

1/25

1 2005 Cisco Systems, Inc. A ll rights reserved.Session Number

Presentation_ID Cisco Confidential

Cisco 11500 SeriesContent Services Switch

Andy Pokladowski

[email protected]


2/25



Content Switching Overview

Introduction to CSS11500

New Features and Benefits Positioning, Migration, and

Related Products

AgendaAgenda


3/25



Cisco Content SwitchingTarget Applications and Results

Internet AND Intranet Applications

E-commerce business-to-business, business-to-consumer

E-business marketing, sales, service, exchanges

Customer care internal and external users

Workforce and supply chain automation

Advanced web hosting

Results, Rewards, Returns

Improve performance of your Web site and Web applications

Enhance experience for customers, employees, and partners

Better use existing infrastructure and reduce infrastructure costs

Assure online transactions are executed accurately and completely

Improve Web site security and integrity

Transparent addition to existing network and systems

Relieve find and fix burden on Help Desk and support staff


4/25



Server Load Balancing

Server Load Balancing Balances Client Request across multiple serversbased variables, cookies

Detects sever outages within the data center

Benefits: Scalability, Reliability, Server off-load

Client Traffic:HTTPSSLFTP

Clients access Applications

CSS 11500


5/25



Cisco Content SwitchingTraffic Direction Based on Content Not Connections

Supply-Side Analysis:

What is current server load?

Where is content located?

Is the content available? Accurate?

Is this site just one of many?

Demand-Side Analysis:

What content is requested?

Who is requesting content?

What access policies are in effect?

Any special request handling required?

Is this a secure or open transaction?

Internet/Intranet

What

content isrequested?

Who isrequestingcontent?

Isrequestspecial?

Whichserver is

best?

http://www.stocks.com

Its all about SUPPLY and DEMAND!Its all about SUPPLY and DEMAND!

Isexchangesecure?

Whichsite isbest?


6/25



Cisco Content SwitchingApplications

BronzeBronze

Gold

OverflowServers

InternetInternet

Local Load Balancing= improved utilization and availability(servers, Firewalls, caches)

User Prioritization= switch and stick by cookie(Silver, Gold, Platinum)

Client Device Discrimination= switch and stick by client device(PC, PDA, wireless)

Intelligent Content Positioning= switch by file type

(.html, .gif, .cgi) Security Optimization

= all of the above in SSL (HTTPS) environment

Global Server Load Balancing= pick best site based on load and proximity(Tokyo, Paris, New York)

Silver


7/25



Hosting

Solution Engine

HostingSolution Engine

Data Center Load BalancingFor Internet and Intranet

Web Servers

ISP-1 ISP-2

Database Servers

PIX

FirewallPIX

Firewall

Content Switch Content Switch

ApplicationVelocity Engine

ApplicationVelocity Engine


8/25



Introducing CSS11500


9/25



Requirements forContent Switches in 2005

Scalable/flexible architecture for current needs and futuregrowth

Availability: session and hardware redundancy

Small form factor

High port density

Integrated Services (SSL acceleration and HTTPCompression)

Broad set of L4-L7 features

Broad product line for small, medium, and large data centers


10/25



Introducing Cisco 11500 SeriesContent Services Switch

Content Switching Market Leader

Richest L4-7 services

Meets real-world scaling requirements

Innovative distributed architecture

Sets new high-availability standard

Adaptive session redundancy

Off loads intensive server processes

High-performance SSL and HTTP Compression Module

Delivers unprecedented flexibility Modular in performance, ports, and services

Protects investment

Upgradeable modules, memory, disks, software


11/25



Cisco L4-7 Switching Portfolio

Servers, Caches

Firewalls, VPNs

Decision Points

CSS 11501 CSS 11503 CSM forCatalyst 6500

Standalone Standalone Standalone Integrated

Appliance Modular Modular Module

CSS 11506

Max density 1 GE, 8 FE 6 GE/2 GE,32 FE 12 GE/ 2 GE,80 FE 8-178 GE, 46-528 FE

Site activity/intensity Low Medium High Highest

Hardware scalability

Compression Offload Yes Yes Yes Yes, with AVS

SSL acceleration Internal Internal Internal Internal

CS management

Session redundancy Yes Yes Yes Yes

Layer 2/3 networking

Load balancing Servers, Caches, Firewalls

Form factor


12/25



Compact Chassis

Fixed-Configuration two options

SLB only

SLB plus SSL Termination and HTTP Compression

SSL 1400 TPS or 500 Mbps compression

One Rack Unit

6 Gpbs Aggregate Throughput

Session Processor and Forwarding Engine

8 Fast Ethernet Ports and Optional Gigabit Ethernet Port(SFP: 1000BASE-SX or -LX)

Server Off-load feature (SSL Termination and HTTP Compression) must beordered up front --- not field upgradeable

Software (WebNS), Disks and SFP GBICs Same as 11503/6

Dual Disk (Hard or Flash) and 1 AC Supply

Cisco CSS 11501Content Services Switch


13/25



Mini-Chassis 3-slot/2RU with 20 Gbps switch fabric

Up to 3 modules--each with session processor, forwarding engine and policyengine

Switch Control Module with 2 GE

IO Modules (2GE, 8FE, 16FE)

Service modules (Session, SSL plus HTTP Compression)

SSL 1400TPS or 500 Mbps compression

Integrated Switch Module

Up to 32 FE plus 2GE

Up to 6 GE

Integrated AC or DC

Hard Disk or Flash

SCM, IOM, Service, memory, disk same as 11506

Cisco 11501Content Services Switch


14/25



Cisco 11506Content Services Switch

Mini-Chassis 6-Slot/5RU with 40 Gbps Switch Fabric

Up to 6 modules--each with session processor, forwarding engine and policyengine

Switch Control Module with 2 GE

(Redundant SCM in Standby) IO Modules (2GE, 8FE, 16FE) or Service Modules (Session, SSL)

SSL 1400TPS or 500 Mbps compression

Redundant Switch Modules

Up to 80 FE plus 2GE

Up to 12 GE

Redundant AC or DC

Hard Disk or Flash


15/25



CSS11500 Modules

Switch control module2 PCMCIA Disks

2 GE (SX/LX SFP GBIC)

Console/Management

2-port GE (SX/LX SFP GBIC)

16-port FE 10/100BaseT 8-port FE 10/100BaseT

Session Accelerator Module

SSL termination and HTTPCompression Module


16/25



New Features and Benefits


17/25



CSS11500Innovative Distributed Architecture

ForwardingForwarding

EngineEngine

SessionSession

ProcessorProcessor

ForwardingForwarding

EngineEngine

SessionSession

ProcessorProcessor

ForwardingForwardingEngineEngine

SessionSessionProcessorProcessor







1. Client Initiates

2. Spoof

3. Client GET

4. Select Server

5. NAT6. FastPath

7. Server Responds

Performance scales with number of modules Load is balanced among processors

Module


18/25



CSS11500Adaptive Session Redundancy (ASR)

Router CSS L2 Switch Server

Internet

L2

ISC

Link

Interbox stateful failover per content rule

Specify content rules worthy of replication (rule must have VIP)

Establish flows (pushed to FastPath)

Backup flows to standby over Interswitch communication (ISC) link

If one rule (or one box) fails, standby picks up specified flows

Data flow continues after TCP retransmit

State:

IP/Port for client/server URL/Cookie

Failover Time:

Configurable 3 seconds recommended

Redundancy Optimized for PerformanceRedundancy Optimized for Performance


19/25



CSS11500Integrated SSL and HTTP Compression Module

Leading SSL price-performance

ScalableCSS11506: Up to 5 modules

CSS11503: Up to 2 modules

Integration adds

Enhanced securityImproved manageability

Specifications (per module):

SSL 3/TLS 1Broadcom 5821512 MB dedicated SRAM


20/25



Content Switching and SSL

Problem Servers impaired: SSL increases processing

load and hides L5+ info necessary for loadbalancing and sticky

Solution Offload SSL processing from servers to SSLproxy

Benefit Improves server scalability

Increases server utilization/availabilitythrough L5+ load balancing and sticky

Simplifies management

SSLClients

Servers

CSS11500SSL Module


21/25



WebNS 8.10 Features: HTTP Compression

Combined SSL and Compression Module Very Attractive Combination for Server

offload Two approaches:

Module CSS5-SSL-C-K9(=) $9,995

New 1 RU platform CSS11501S-C-K9(=) $19,495.00

Will replace the existing SSL Moduleand existing CSS11501S

Refreshed the SSL Acceleration hardwaremodule to add an internally developed

FPGA in support of the compressionsoftware functionality

Patent pending techniques that achieves upto 4:1 compression ratios

HTTP CompressionAllows the CSS with this new module tocompress traffic from the servers to theclients. This takes advantage browsers

ability to decompress30% increase in SSL performance400-500 Mbps of CompressionPerformanceGZIP and Deflate file formats supportedAuto and Forced options supportedOlder SSL module can support newcompression but at a lower performance


22/25



CSS11500Key Feature-Benefit Summary

BenefitBenefitFeatureFeature

Adaptive SessionAdaptive SessionRedundancyRedundancy

DistributedDistributedArchitectureArchitecture

IntegratedIntegratedCompressionCompression

Integrated SSLIntegrated SSLModuleModule

Redundant SCM, SM,Redundant SCM, SM,

Disk, Power, FanDisk, Power, Fan

Availability optimized for performanceAvailability optimized for performance

Flexibility to replicate per flowFlexibility to replicate per flow

Scalability onScalability on Optimal priceOptimal price--performanceperformance

Improves Web Response timeImproves Web Response time

Saves Bandwidth and Server processingSaves Bandwidth and Server processing

SSL scalabilitySSL scalability

SSL manageabilitySSL manageability

AvailabilityAvailability


23/25



Network Management, CustomerProfiles and Related Products


24/25

242424 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID

WebNS 8.10 Features: CiscoView Device managerfor the CSS

GUI Replacement Replaces the CSS GUI introducedin WebNS 4.0 with a new, fullyfunctional GUI modeled after theproven and well received CiscoView

Device Manager Simplifies CSS Configuration Customizable initial setup wizards Comprehensive configuration ofserver load balancing servicesusing a single tool, including Layer

4 through Layer 7 policy setup Other Network Manger Features:CLIEmbedded device management GUICiscoWorks 2000 CiscoViewHosting services engineSNMP, RMON, log files

Programmatic management API


25/25



Hosting Solution Engine A turnkey management solution for Cisco powered data centers that enables SPsand hosting clients to autonomously perform daily duties on the shared network infrastructure for reliable e-businessdelivery

Benefits to Customers Provides autonomous e-business management to individual business groups whilemaintaining centralized IT operations

Enterprises: Improves operational efficiency between system managers and network admins; provides remote manageability whileutilizing colocation facilities or e-business hosting services

Service Providers: Reduces network and service capital and operational costs while supporting new content services

New Features

Granular customer domain partition down to switch ports for authorized user access to shared Cisco devices

Robust Layer4-7 service configuration and activation for Cisco server load balancing devices

Upper layer NMS/OSS integration with SYSLOG, trap, email notifications and domain-based historical data XML export

Web-based historical data reports with easy personalization

Industry Impact Industrys only turnkey solution for managing content networking infrastructure and services, including customer

self-monitoring and SLA verification

Cisco 1105 HostingSolution Engine 1.3

Documents

CSS_product _overview