Getting the Most Out of Your Network Investment with Virtualization, Collaboration, and Operational Optimization
When you buy a Cisco® product, you are making an investment. As with any investment, there is an expectation of return that exceeds the initial capital outlay. Certainly, that return on investment is available to Cisco customers, but the degree of the return will depend on how the network is used to support your business goals. This document summarizes some primary expectations that you should place on your network infrastructure and outlines strategies for fulfilling those expectations. The strategy can be encapsulated in a very simple approach: Expect more, get more, and save more.
• You should expect more out of your existing LAN infrastructure with LAN virtualization. Although virtualization is usually associated with the data center, it is increasingly being deployed in other areas of the network. Virtualization helps make the most out of your existing investment while reducing both IT capital costs and operational costs.
• You should get more out of your network than simple connectivity. Cisco Catalyst® switches enable business transformation with their support for collaboration, unified communications, and Web 2.0 applications. Businesses are starting to realize that collaboration is crucial to faster business decisions, which can allow them to respond quickly to inflection points in their market and seize opportunities. In addition, collaboration can provide cost savings through related benefits such as travel reduction.
• Finally, you should save more by maximizing the value of your initial capital investment in Cisco products and easing your management cost through operational optimization. This optimization should not be limited to the network infrastructure itself. Cisco Catalyst switches provide new innovations that allow the network to affect the rest of the business by helping save energy costs.
If the formula for success at a business level is "expect more, get more, and save more," the formula for success at an IT level is the Cisco Network Fabric. The three primary components of the Cisco Network Fabric are virtualization, collaboration, and operations (VCO). Let's look at each of these in turn.
Expecting More from Your Network with Virtualization
When most network managers hear the word virtualization, they immediately think of the data center. There is a tremendous need for virtualization in most data centers. By virtualizing servers and the data center infrastructure, businesses can realize considerable cost savings in terms of capital outlay, rack space, energy, and management expenses.
However, these same concepts that work so well in the data center can also be applied in the rest of your network. There are many different and complementary approaches for virtualization in the network outside of the data center. These include one-to-many user or device segmentation, many-to-one bandwidth consolidation, services virtualization, and even virtual workspace applications provided through a virtual desktop interface (VDI). Each of these approaches can provide greater flexibility, enhanced productivity, and simpler management for your company.
The one-to-many concept of LAN virtualization enables IT groups to deploy and manage IT resources as logical services instead of physical resources. LAN virtualization allows IT administrators to segment and align IT services to meet the specific needs of the users and groups on the network. Logical, secure segmentation also helps IT groups comply with regulations for resource and information security.
By managing the network to correspond more directly with the services that people use and the groups of people who use it, IT personnel can focus on adding value to user productivity and closely managing operational expenditures.
All Cisco Catalyst switches support Virtual Routing and Forwarding (VRF), which can be used to build multiple virtual networks over a common IP infrastructure. IP services such as Dynamic Host Configuration Protocol (DHCP), Policy-Based Routing (PBR), NetFlow, and Telnet, among others, are VRF-enabled so that you can deploy the common network services within a virtual network instance. In addition, the 802.1x and identity-related capabilities of these switches make it simple to manage users and assign them to specific user groups.
As the number of virtual network instances within your business grows to include multiple departments, security, wireless, and many other virtual domains, Multiprotocol Label Switching (MPLS) on the Cisco Catalyst 6500 Series Switches can provide a robust solution for large-scale network virtualization.
Another virtualization option is many-to-one. One example of this is the Virtual Switching System (VSS) for the Cisco Catalyst 6500 Series Switches. VSS technology allows for the grouping of two Cisco Catalyst 6500 switches into a single virtual switch. A VSS system provides physical infrastructure redundancy while simultaneously simplifying the logical topology of the campus network.
The primary benefits of this logical grouping include:
• Increased operational efficiency of a simplified network architecture using virtualization
• Increased availability using interchassis Stateful Switchover (SSO) and Nonstop Forwarding (NSF)
• Increased forwarding performance using Multichassis EtherChannel (MEC)
Services can also be virtualized. In addition to the aforementioned VRF services, the Firewall Services Module (FWSM) on the Cisco Catalyst 6500 can provide up to 250 virtual firewall contexts. Each firewall context is an independent firewall, with its own security policy, interfaces, and administrators. The overall system resources within a single physical firewall can be administrated separated for each context. By deploying a single FWSM, as opposed to multiple appliances, you can save on initial capital costs and energy costs while simplifying management.
An emerging form of virtualization is the VDI. As users become more mobile, there is an increasing demand to have the same desktop and applications available in the office, in the home, or while on the road. Ultimately this increases worker productivity.
Cisco Catalyst series switches provide a variety of network services that can help in securing, optimizing, and helping ensure the availability of VDI services, while improving the user experience. These services include:
• Resiliency: Virtual desktops are highly dependent on the network for access to the data center, and therefore network availability is critical to help ensure successful virtual desktop deployments. On the Cisco Catalyst fixed switches, resiliency is provided by Cisco StackWise® technology, which prevents the failure of one switch in a stack from affecting the operation of the other stack members. For higher levels of availability, Cisco NSF with SSO and In-Service Software upgrade (ISSU), available on the Cisco modular switches, can provide subsecond recovery from service outages.
• Bandwidth scalability: VDI changes the patterns and volumes of traffic in the network and might require increased bandwidth. All Cisco Catalyst series switches provide Gigabit Ethernet to the desktop. The Cisco Catalyst fixed series switches have optional 10 Gigabit Ethernet. The Cisco Catalyst 4500 and 6500 Series Switches allow for higher density 10 Gigabit Ethernet aggregation.
• Security: VDI changes the location of the user, but also consolidates the virtual desktop in the data center. This presents new security challenges. There is a greater need to validate user identity, using IEEE 802.1x-based identity services, which are supported across the Cisco Catalyst series switches. Cisco NetFlow, available on the Cisco Catalyst 4500 and 6500 Series Switches, can also provide insight on new traffic patterns VDI introduces and can detect and observe any anomalous or malicious activities.
• Rich media support: Video, voice, and interactivity has become part of the way in which your employees communicate, share ideas, and make decisions. The same tools available to them in the office must also work in VDI. This topic will be discussed at further length in the next section.
As you can see from the preceding discussion, your network might have bandwidth and processing power that is currently unused. Are you using your network to its fullest potential, or could you expect more from your network with virtualization?
Getting More from Your Network with Collaboration
There was an era in the development of networks during which the focus was entirely on bandwidth. The faster the "plumbing" could transport data, the better the network. The advent of convergence of voice, video, and data over a common IP infrastructure caused a reevaluation of that philosophy. It became apparent that certain applications had requirements for delay, jitter, and packet loss prevention that simple bandwidth alone could not solve. Customers had to get more from their network.
A factor in this more sophisticated view of the network is the increasing importance of collaboration to a company's business models. Collaboration allows you to overcome barriers of location, distance, and time introduced by globalization and provides a framework for increased productivity. Cisco has a rich portfolio of applications and tools that enable increased collaboration on your network. These include solutions for converged voice and video, wireless mobility, digital media systems, IP surveillance, Cisco TelePresence™ conferencing, and Cisco WebEx™ Connect. With these applications you can:
• Collaborate across any workspace: Create secure unified communications systems that help coworkers, partners, vendors, and customers collaborate more effectively.
• Accelerate decision making: Use collaboration, including presence, instant messaging, and rich media services, to improve productivity and help ensure that information reaches the right person right away.
• Innovate across the value chain: Embed collaboration capabilities into business applications to transform business processes and increase customer satisfaction.
• Integrate applications: Integrate Cisco Unified Communications and collaboration capabilities with other industry-leading applications so that workers can collaborate in real time using their favorite tools and applications.
• Reduce travel: Cisco collaboration technologies can help you bridge the gaps of time and distance and make more effective decisions without having the cost, productivity loss, and environmental damage incurred by constant travel.
To get the best results from your collaboration solution, you need an intelligent infrastructure to support it. The Cisco Catalyst 6500, 4500, 3750-E, and 3560-E Series Switches were designed with collaboration in mind and provide a scalable and secure infrastructure for unified communications.
For the convergence of voice onto the IP network, the Cisco Catalyst series switches automatically detect IP phones through either Link Layer Discovery Protocol-Media Endpoint Devices (LLDP-MED) or Cisco Discovery Protocol exchange. After IP phones are identified, voice VLANs to separate and protect voice traffic from data traffic can be automatically created. Cisco SmartPorts, available across the Cisco Catalyst series, can also make voice port configuration much simpler and more accurate.
After voice traffic has been identified, the Cisco Catalyst industry-leading quality-of-service (QoS) capabilities help ensure deterministic behavior and prioritization of video and interactive traffic. If you don't have specific QoS expertise within your IT staff, Cisco AutoQoS can help reduce operational expense through automated configuration of QoS for voice and data.
If your application mix is particularly complex, the Cisco Catalyst 6500 Supervisor Engine 32 PISA (Programmable Intelligent Services Accelerator) can provide hardware-enabled intelligent packet inspection and application recognition to help further prioritize communications.
The successful integration of voice, video, and real-time collaboration and interactivity into your business model will depend on the user experience. As these technologies become more integral to the way in which you do your business, availability is a must. Cisco ISSU and Cisco NSF with SSO on the Cisco modular switches can provide network recovery in the subsecond range to maintain the integrity of video and security systems.
Scaling is another factor that must be considered, especially for high-bandwidth applications such as video. The comprehensive multicast capabilities in the Cisco Catalyst series switches allow the secure, scalable, and efficient distribution of video and other streams to multiple endpoints.
Collaboration technologies also change the nature and direction of flows within your network. We have progressed from the era of client/server computing to a new era where the traffic is more peer-to-peer (for collaboration applications) or point-to-multipoint (for large-scale video deployments). To provide greater visibility into these new traffic streams, the Network Analysis Module for the Cisco Catalyst 6500 switch provides performance and signaling analysis and troubleshooting for common voice and video protocols such as H.323, Media Gateway Control Protocol, and Session Initiation Protocol.
To help ensure worker productivity, these new applications be not only available but also mobile. Workers now are using the network any time, anywhere, and from any device. The Cisco Catalyst series switches provide the foundation for your mobility deployments. The Wireless Services Module (WiSM) for the Cisco Catalyst 6500 provides centralized security policies, intrusion prevention capabilities, and fast secure user session transfer between access points as the workforce becomes increasingly mobile. It scales to 300 lightweight access points and more than 10,000 wireless client devices per WiSM. The WiSM modules can be centrally managed and monitored with the Cisco Wireless Control System (WCS).
For smaller wireless deployments, you might consider the Cisco Catalyst 3750G Integrated Wireless LAN Controller. This module integrates wireless LAN controller functions into the resilient stackable Cisco Catalyst 3750 and 3750-E Series Switches. It delivers improved operational efficiency and WLAN security, mobility, and ease of use for business-critical wireless LANs.
As you progressively adopt collaboration as part of your business processes, the number of IP devices on your network will increase. This provides an opportunity to employ the flexible power management capabilities of the Cisco Catalyst series switches. Enhanced Power over Ethernet (ePoE) can provide inline Ethernet power to the newest class of IP video surveillance cameras (for higher resolution plus pan/tilt/zoom capabilities), wireless access points (for higher bandwidth and broader area coverage), and higher-function IP phones. Using ePoE eliminates the need for costly rewiring and provides centralized power management for these devices. Cisco Catalyst 4500 Series Switches are also Power over Ethernet (PoE) Plus ready, providing up to 30 watts of power per port for the next generation of high-power PoE devices.
Although the productivity and cost-saving benefits of collaboration technologies are apparent, it is also clear that they place some new requirements on the network infrastructure. Customers must get more from their network than simple packet forwarding. The Cisco Catalyst series switches are ready to meet those requirements.
Saving More with Your Network Using Operational Optimization
The third, and perhaps one of the most important, components of the "expect more, get more, save more" strategy is operational optimization. Operational costs are typically a much larger portion of a business's total budget than capital costs. Being able to use the network to lower your operational costs justifies the initial hardware investment. There are at least three areas of investigation here: energy costs, management costs, and total cost of ownership over time.
New energy cost-saving innovations on Cisco switches provide effective energy management and control both at the switch level and by extending the intelligence of the network to other devices, as exemplified by Cisco EnergyWise technology. Cisco EnergyWise is a new Cisco energy management architecture that allows your IT operations and facilities to measure and fine-tune power usage to realize significant cost savings. Cisco EnergyWise focuses on reducing power utilization on all devices connected to a Cisco network, ranging from PoE devices such as IP phones and wireless access points to integration with IP-enabled building and lighting controllers. It uses an intelligent network-based approach, allowing IT and building facilities operations to understand, optimize, and control power across an entire corporate infrastructure, potentially affecting any powered device. Cisco EnergyWise is unique because it extends the value proposition of the network by controlling other utilities within a business, such as lighting, elevators, and heating, ventilating and air conditioning (HVAC) systems. This allows potential cost reductions across all of your facilities.
The tangible benefits associated with Cisco EnergyWise include:
• The network discovers Cisco EnergyWise-manageable devices, monitors the power consumed, and takes action to reduce power consumption while maintaining business productivity.
• Cisco EnergyWise can promote companywide sustainability by reducing energy consumption across an entire corporate infrastructure and affecting more than 50 percent of global greenhouse gas emissions created by worldwide building infrastructure, a much greater effect than the 2 percent generated by the IT industry.
• Power levels and priority levels provide fine-grained control of how network infrastructure and endpoints react to network-based control signals. High-priority devices do not shed load, while lower priority devices can shut down or reduce power.
• Network security is maintained by using authentication between management systems and the network, between clients, and between network devices.
• Device location enables customers to understand power by device type, device label, and device location. For example, a management station can ask the Cisco EnergyWise network to summarize the power of desktop IP phones within a single building. Cisco EnergyWise understands which devices are IP phones, where the IP phones reside, and which ones are designated with the desktop label.
• Network intelligence acts as a proxy, allowing easy communication with diverse endpoints and enhanced scalability.
Cisco EnergyWise is available today on the Cisco Catalyst fixed and 4500 Series switches, and will be available on Cisco Catalyst 6500 Series Switches in the near future.
Another area for potential cost savings is the actual management and automation of the network itself. You want your IT staff spending more time in productive activities and less time on troubleshooting failures, configuring common tasks, and traveling to problem sites.
The Cisco Catalyst series switches are known for their ability to automate and simplify network operations, with an extensive list of built-in monitoring and management tools. Table 1 provides a short list of the more common and useful integrated tools.
Table 1. Integrated Tools on the Cisco Catalyst Series Switches
Cisco Catalyst Switching Capability
Description
Enables Savings By...
Network-Based Application Recognition (Cisco Catalyst 6500 Series Switches)
Flexible Packet Matching (Cisco Catalyst 6500 Series Switches)
User-configurable deep packet inspection
Help protect against worms and viruses which could cause service interruptions
Embedded Event Manager
Integrated scripting capabilities
Automate many common management and troubleshooting tasks, freeing IT resources for other projects
Generic Online Diagnostics
Runtime troubleshooting and network heath check
Greater network availability and proactive notification of potential problems
Smart Call Home
Proactive diagnostics, alerts, and system reports
Problem avoidance and faster problem resolution
SmartPorts
Associate multiple Cisco IOS® Software commands with a port
Automate port provisioning for security, telephony, and other uses
Configuration Rollback
Simple configuration reversion to known working state
Avoids network downtime from accidental misconfiguration
Enhanced Remote SPAN
Mirror traffic across the network
Enables remote troubleshooting; avoids necessity of on-site service calls
AutoQoS
Automated configuration of quality of service
Faster and more accurate deployment of quality of service
Inline Power Management
Negotiate power requirements for PoE
Reduce energy costs by supplying minimum power needed
Finally, the Cisco Catalyst series switches also protect your investment in your network infrastructure, which is a primary attribute of determining total cost of ownership. One such example is the Cisco Catalyst 6500 Series switching platform, which exemplifies the Cisco investment protection story. Over its deployment lifetime, four generations of supervisor engine modules have been released. Each new supervisor engine provides greater processing power, intelligence, and packet throughput, for an incremental investment. Thus, the useful lifetime of the platform as a whole is extended.
The current generation supervisor engine, the Cisco Catalyst 6500 Series Supervisor Engine 720, while introduced in 2003, is expected to have a lifetime of 15 years. Cisco is working toward helping ensure that investment protection and support for upcoming hardware for this modular switching platform stay in place until at least 2020 and beyond.
With the Cisco Catalyst 6500 and 4500 Series Switches now nearly 10 years old, it is important to realize that hardware purchased in 1999 can still operate in these modular chassis today. This is investment protection that is unmatched in the switching industry.
It is not only the modular platforms that have provided investment protection, but also the Cisco Catalyst fixed series switching platforms. For example, the Cisco Catalyst 3750-E Series Switch can be incorporated into an existing non-E Cisco Catalyst 3750 switch stack. This allows both platform generations to interoperate together under a common management address.
Any poll of the concerns of CIOs, IT directors, and network managers will consistently find "cost of operations" near the top of the list. With Cisco Catalyst series switches, you have the tools to reduce operations cost with integrated configuration, management, and troubleshooting technologies as well as industry-leading platform longevity. The innovative Cisco EnergyWise technology takes those benefits a step further by extending the influence of IT and allows you to save more throughout the rest of the business.
Expect More, Get More, and Save More with Cisco Catalyst Series Switches
In the current economic climate, companies are looking for strategic ways to invest their restricted budgets. As this document has shown, the Cisco Catalyst series switches make an excellent investment based on their ability to introduce costs savings in every aspect of the network. The primary points to remember are:
• Expect more out of your existing LAN infrastructure with Cisco Catalyst virtualization of the network infrastructure, integrated virtualized services, and support capabilities for virtual desktop environments.
• Get more out of your network than simple connectivity. Cisco Catalyst series switches enable business transformation with their support for voice, video, data, collaboration, and Web 2.0 applications.
• Save more on energy costs with Cisco EnergyWise. Save on operation costs with time-saving embedded management tools. Save on capital costs with industry-leading investment protection.
