Deploying Cisco Wide Area Application Services by Zach Seils - CCIE No 7861; Joel Christner - CCIE No 15311 Publisher: Cisco Press Pub Date: May 12, 2008 Print ISBN-10: 1-58705-494-9 Print ISBN-13: 978-1-58705-494-5 eText ISBN-10: 1-58705-752-2 eText ISBN-13: 978-1-58705-752-6 Pages: 400 Table of Contents | Index Overview Design and deploy Cisco WAN optimization and application acceleration solutions for the enterprise WAN Today, IT organizations are increasingly squeezed by competing demands They must support more distributed users who demand greater availability and performance They must protect their digital assets with far more robust security And they must do it all while gaining far greater control over cost Distributing IT resources increases management, hardware, and software overhead, but centralizing IT can worsen application performance There is a solution to this quandary: Cisco application acceleration and WAN optimization technologies that permit IT to safely centralize distributed IT resources, meeting user performance expectations without replacing existing network infrastructure Deploying Cisco Wide Area Application Services is the first comprehensive guide to designing and deploying solutions with these Cisco technologies Zach Seils and Joel Christner show how to deploy Cisco WAAS in a scalable, transparent, and seamless fashion that responds to both your business and technical challenges Writing for network design and implementation engineers and other networking professionals, they cover the entire planning and configuration process Drawing on their extensive experience implementing WAAS in the enterprise, they also offer real-world implementation examples and case studies—including full chapters on network, branch office, and data center integration Zach Seils, CCIE No 7861, is a technical leader in the Cisco Advanced Services Data Center Networking Practice, where he specializes in designing, deploying, and troubleshooting application acceleration solutions for the largest Cisco enterprise and service provider customers Joel Christner, CCIE No 15311, is director of product management for Reconnex Corporation, the industry leader in data loss prevention (DLP) solutions Prior to Reconnex, Joel was senior manager of technical marketing for the Application Delivery Business Unit (ADBU) at Cisco, where he helped drive the product and technical strategy for Cisco Wide Area Application Services Christner is coauthor of Application Acceleration and WAN Optimization Fundamentals Centrally provision applications to employees in any location without compromising performance Reduce costs by centralizing servers, storage, and applications by leveraging optimization capabilities that integrate cleanly with your existing infrastructure Thoroughly understand Cisco Wide Area Application Services (WAAS) and Wide Area Application Engine (WAE) and the business benefits provided by them Perform effective WAAS planning, discovery, and analysis Use WAAS and interception mechanisms such as WCCP or inline to transparently optimize flows traversing your network for end users accessing centrally deployed and centrally managed applications, files, and other information Integrate application acceleration and optimization into data centers, branch offices, and other environments Learn how to use the Cisco WAAS Central Manager, WAE device GUI, and command-line interface to configure, manage, and troubleshoot This book is part of the Networking Technology Series from Cisco Press, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers Deploying Cisco Wide Area Application Services by Zach Seils - CCIE No 7861; Joel Christner - CCIE No 15311 Publisher: Cisco Press Pub Date: May 12, 2008 Print ISBN-10: 1-58705-494-9 Print ISBN-13: 978-1-58705-494-5 eText ISBN-10: 1-58705-752-2 eText ISBN-13: 978-1-58705-752-6 Pages: 400 Table of Contents | Index Copyright About the Authors Acknowledgments Icons Used in This Book Foreword Introduction Chapter 1 Introduction to Cisco Wide Area Application Services (WAAS) Understanding Application Performance Barriers Introduction to Cisco WAAS Summary Chapter 2 Cisco Wide Area Application Engine (WAE) Family Cisco WAE Product Architecture Hardware Family Licensing Performance and Scalability Metrics Summary Chapter 3 Planning, Discovery, and Analysis Planning Overview Requirements Collection and Analysis Site Information Network Infrastructure Application Characteristics File Services Requirements Platform Requirements Scalability Requirements Availability Requirements Management Requirements Security Requirements Summary Chapter 4 Network Integration and Interception Interface Connectivity Interception Techniques and Protocols Egress Methods for Intercepted Connections Network Integration Best Practices Summary Chapter 5 Branch Office Network Integration In-Path Deployment Off-Path Deployment Summary Chapter 6 Data Center Network Integration Data Center Placement Deployment Solutions Scaling Transparent Interception Firewall Integration Summary Chapter 7 System and Device Management System and Device Management Overview Device Registration and Groups Provisioned Management Device Configuration, Monitoring, and Management Reporting and Logging Backup and Restore of Central Manager Summary Chapter 8 Configuring WAN Optimization Cisco WAAS WAN Optimization Capabilities Application Traffic Policy Reporting Summary Chapter 9 Configuring Application Acceleration Application Acceleration Overview Configuring CIFS Acceleration CIFS Preposition Disconnected Mode of Operation Summary Chapter 10 Case Studies Common Requirements Existing WAN Topology Remote Site Profile A Remote Site Profile B Remote Site Profile C Data Center Profile Application Traffic Policy Summary Index Copyright Deploying Cisco Wide Area Application Services Zach Seils, Joel Christner Copyright © 2008 Cisco Systems, Inc Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review Printed in the United States of America First Printing May 2008 Library of Congress Cataloging-in-Publication Data Seils, Zach Deploying Cisco Wide area application services / Zach Seils, Joel Christner p cm ISBN 978-1-58705-494-5 (hardcover) Wide area networks (Computer networks) 2 Application software I Christner, Joel II Cisco Systems, Inc III Title TK5105.87.S35 2008 004.67 dc22 2008011639 ISBN-13: 978-1-58705-494-5 Warning and Disclaimer This book is designed to provide information about deploying Cisco Wide Area Application Services (WAAS), a powerful solution that enables IT infrastructure consolidation while ensuring remote users fast access to centralized resources Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied The information is provided on an "as is" basis The authors, Cisco Press, and Cisco Systems, Inc shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accompany it The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc Trademark Acknowledgments All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark Corporate and Government Sales The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests For more information, please contact: U.S Corporate and Government Sales 1-800-3823419 corpsales@pearsontechgroup.com For sales outside the United States please contact: International Sales international@pearsoned.com Feedback Information At Cisco Press, our goal is to create in-depth technical books of the highest quality and value Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community Readers' feedback is a natural continuation of this process If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at feedback@ciscopress.com Please make sure to include the book title and ISBN in your message We greatly appreciate your assistance Publisher Paul Boger Associate Publisher Dave Dusthimer Cisco Representative Anthony Wolfenden Cisco Press Program Manager Jeff Brady Editor-in-Chief Karen Gettman Managing Editor Patrick Kanouse Senior Development Editor Christopher Cleveland Senior Project Editor San Dee Phillips Copy Editor Bill McManus Technical Editors Mani Ramaswamy, Etai Lev Ran Editorial Assistant Romny French Cover and Book Designer Louisa Adair Composition Octal Publishing, Inc Indexer Publishing Works Proofreader Sheri Cain Americas Headquarters Cisco Systems, Inc 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS(6387) Fax: 408 527-0883 Asia Pacific Headquarters Cisco Systems, Inc 168 Robinson Road #28-01 Capital Tower Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Europe Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] SACK (selective acknowledgment) saving bandwidth statistics CIFS preposition configuration scalability CM data centers ACE WCCP enterprise-class requirements WAE system limits Central Manager device memory disk capacity LAN throughput optimized TCP connections peers WAN bandwidth WCCP scheduling preposition jobs secondary servers, configuring security CM firewalls allowed ports FWSM configuration FWSM connection display FWSM server farm aggregation PIX/ASA configuration requirements access control Central Manager checklist data encryption selective acknowledgment (SACK) serial clustering servers CIFS DNS file NTP primary secondary syslog 2nd WINS server-to-server traffic services CMS core configuring enabling edge configuring device GUI enabling verifying groups placement WCCP 2nd Layer 4 VSS sessions CIFS layers set ip next-hop command set ip next-hop verify-availability command setup command setup script boot sequence interruption CM CMS, enabling device mode, defining primary interface running shares (dynamic) show cifs connectivity peers command show cifs session count command show cifs session list command show cms info command show conn long command show interface command show interface PortChannel command show interface Standby command show stat der connection command show statistics tfo saving command show tfo accelerators command show tfo auto-discovery command show tfo connection command show tfo connection summary command signatures (digital) Simple Network Management Protocol [See SNMP (Simple Network Management Protocol).] sites checklist physical environments Profile A sites LAN switch configuration requirements topology WAE WAN router configuration Profile B sites requirements topology WAE WAN router configuration Profile C sites requirements topology WAE configuration WAE placement/interception WAN router 1 configuration WAN router 2 configuration types user community small to medium-sized nonredundant branch offices, offpath deployment reference topology WAE configuration WCCP configuration GRE return traffic flow small to medium-sized redundant branch offices, off-path deployment redirection loop WAE configuration 2nd subnet as transit path WAN router configuration 2nd SNMP (Simple Network Management Protocol) community strings MIBs supported traps/inform routing snmp-server command software file entries upgrades/downgrades ssh-key-generate command standby command standby interface feature states CMS devices status CIFS preposition indicator status/health monitoring status indicator locations Troubleshooting Devices window switches data centers LANs WAN distribution WAE configuration WCCP configuration WCCP enabled on syslog servers 2nd system messages table (CM) system time, configuring Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] table of contents (CM) TCP (Transmission Control Protocol) optimization compression connections WANs over LFNs packet loss and congestion TFO, compared TFO (Transport Flow Optimization) 2nd 3rd AD 2nd blacklist operation buffers 2nd congestion avoidance extensions keepalives large initial windows MSS settings SACK TCP, compared WAN optimization window scaling third-party authentication throughput (LANs) time zones, configuring timers (CMS) topologies classifiers data center distribution egress flows forwarding/return methods policies (CIFS) remote office statistics detail report traffic WAN Transmission Control Protocol [See TCP (Transmission Control Protocol).] transparency Transport Flow Optimization [See TFO (Transport Flow Optimization).] transport licenses (WAE) transport protocols tree of lights troubleshooting devices trusted WAN optimization two-arm deployment, branch office networks traffic flow WAE configuration WAN router configuration types sites traffic flows Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] Unicast Reverse Path Forwarding upgrading software users accounts RBAC site community information UUIDs (universally unique identifiers) Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] validating messages verifying CIFS acceleration policies proxy connections edge services IP next hop addresses viewing CMS registration and service status connections CM WAE traffic classifiers VIP (virtual IP) addresses VSS (Volume Shadow Copy Services) Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] WAAS (Wide Area Application Services) WAE (Wide Area Application Engine) appliances physical requirements website WAE model 512 WAE model 612 WAE model 7326 WAE model 7341 WAE model 7371 architecture ATP engine CMS disk encryption interface manager network interception and bypass manager reporting interface compact flash cards compression statistics configuring data centers with MHSRP Profile A site Profile B sites Profile C sites connections, viewing content switching dual data center configuration EtherChannel hardware inline interception cabling guidelines InlineGroup configuration multiple routers one-armed routing operating modes interception data centers Profile A site Profile B sites Profile C sites interfaces bandwidth, increasing configuring connectivity names standby interface feature large nonredundant branch office deployment configuration large redundant branch office off-path deployment licensing Linux platform mask/value distribution (data centers) NetBIOS names Network Module Enhanced (NME-WAE) interface connectivity models nonredundant branch office in-path deployment PBR performance and scalability system limits Central Manager device memory disk capacity LAN throughput optimized TCP connections peers WAN bandwidth placement data centers Profile A site Profile B sites Profile C sites primary interface redundant branch office in-path configuration router-integrated network modules NME-WAE model 302 NME-WAE model 502 NME-WAE model 522 setup script boot sequence interruption CM CMS, enabling device mode, defining primary interface running small to medium-sized nonredundant branch office configuration small to medium-sized redundant branch office configuration deployment two-arm deployment configuration WAN distribution switch configuration router configuration WCCP on LAN switch deployment configuration WAE model 512 WAE model 612 WAE model 7326 WAE model 7341 WAE model 7371 WAFS AO (Wide Area File Services Application Optimizer) advanced features performance requirements WAFS core clusters, creating WAFS transport policies WANs (wide-area networks) application performance barriers application layer Layer 4 network infrastructure presentation layer session layer solutions transport protocols bandwidth 2nd distribution switches WAE configuration WCCP configuration WCCP enabled on edges data center placement routers existing WAN topology case study latency network oversubscription optimization 2nd application acceleration ATP automatic discovery DRE 2nd enabling/disabling features EPM PLZ 2nd 3rd policy consistency statistics TFO 2nd 3rd TFO blacklist operation TFO buffers, tuning trusted router configurations Profile A sites Profile B sites Profile C sites topology WCCP (Web Cache Communication Protocol) configuring IOS router lists data center deployment dual data centers WAN distribution switches WAN edge routers WCC, enabling 2nd data center scalability client distribution WAE hash bucket distribution WAE mask/value distribution hardware-based platforms overview redirection failure detection forwarding/return methods graceful shutdown load distribution redirect lists scalability service group placement redirection flow protection service groups attributes data centers small to medium-sized nonredundant branch office configuration WCCPv2 (Web Cache Coordination Protocol version 2) 2nd Web Cache Communication Protocol [See WCCP (Web Cache Communication Protocol).] web-cache service websites Alarm Book Error Message Book NetQos SuperAgent Unicast Reverse Path Forwarding WAE appliance physical requirements WCCPv2 IETF draft well-known services Wide Area Application Engine [See WAE (Wide Area Application Engine).] Wide Area Application Services (WAAS) Wide Area File Services Application Optimizer [See WAFS AO (Wide Area File Services Application Optimizer).] wide-area networks [See WANs (wide-area networks).] window scaling (TFO) WINS servers, configuring write-behinds 2nd ... Introduction to Cisco Wide Area Application Services (WAAS) Understanding Application Performance Barriers Introduction to Cisco WAAS Summary Chapter 2 Cisco Wide Area Application Engine (WAE) Family Cisco WAE Product Architecture... Data Center Profile Application Traffic Policy Summary Index Copyright Deploying Cisco Wide Area Application Services Zach Seils, Joel Christner Copyright © 2008 Cisco Systems, Inc Published by: Cisco Press. .. Deploying Cisco Wide Area Application Services by Zach Seils - CCIE No 7861; Joel Christner - CCIE No 15311 Publisher: Cisco Press Pub Date: May 12, 2008 Print ISBN- 10: 1-58705-494-9 Print ISBN- 13: 978-1-58705-494-5