Cisco Intelligent WAN (IWAN) - Brad Edgeworth, David Prall, Jean Marc Barozet, Anthony Lockhart, Nir Ben-Dvora

Cisco Intelligent WAN (IWAN)

Buch | Softcover
880 Seiten
2017
Cisco Press (Verlag)
978-1-58714-463-9 (ISBN)
74,15 inkl. MwSt
The complete guide to Cisco® IWAN: features, benefits, planning, and deployment

Using Cisco Intelligent WAN (IWAN), businesses can deliver an uncompromised experience, security, and reliability to branch offices over any connection. Cisco IWAN simplifies WAN design, improves network responsiveness, and accelerates deployment of new services. Now, there’s an authoritative single-source guide to Cisco IWAN: all you need to understand it, design it, and deploy it for maximum value.

In Cisco Intelligent WAN (IWAN), leading Cisco experts cover all key IWAN technologies and components, addressing issues ranging from visibility and provisioning
to troubleshooting and optimization. They offer extensive practical guidance on migrating to IWAN from your existing WAN infrastructure.

This guide will be indispensable for all experienced network professionals who support WANs, are deploying Cisco IWAN solutions, or use related technologies such as DMVPN or PfR.



Deploy Hybrid WAN connectivity to increase WAN capacity and improve application performance
Overlay DMVPN on WAN transport to simplify operations, gain transport independence, and improve VPN scalability
Secure DMVPN tunnels and IWAN routers
Use Application Recognition to support QoS, Performance Routing (PfR), and application visibility
Improve application delivery and WAN efficiency via PfR
Monitor hub, transit, and branch sites, traffic classes, and channels
Add application-level visibility and per-application monitoring to IWAN routers
Overcome latency and bandwidth inefficiencies that limit application performance
Use Cisco WAAS to customize each location’s optimizations, application accelerations, and virtualization
Smoothly integrate Cisco WAAS into branch office network infrastructure
Ensure appropriate WAN application responsiveness and experience
Improve SaaS application performance with Direct Internet Access (DIA)
Perform pre-migration tasks, and prepare your current WAN for IWAN
Migrate current point-to-point and multipoint technologies to IWAN

Brad Edgeworth, CCIE No. 31574 (R/S & SP), Cisco Systems Engineer and Technical Leader, and author of IP Routing on Cisco IOS, IOS XE, and IOS XR. A Distinguished Speaker at Cisco Live, he has architected networks for multiple Fortune® 500 companies. He has nearly 20 years of IT experience, specializing in routing for enterprise and service provider environments. Jean-Marc Barozet is a Principal Engineer with the Intelligent WAN (IWAN) product management team, helping to architect and lead the Cisco SD-WAN solution. He has more than 25 years of enterprise and service provider networking experience, and has been with Cisco for more than 19 years. David Prall, CCIE No. 6508 (R/S, SP, and Security), is a Communications Architect on the Enterprise Networks Technical Strategy Team for Cisco. He previously held system engineering positions supporting US federal agencies. Prall’s primary focus is complex routing and switching, including design, deployment, and troubleshooting of large-scale networks. Anthony Lockhart, Technical Marketing Engineer at Cisco, has 15 years of experience with Cisco technologies, network infrastructure, architecture, and the design and implementation of datacenters and call centers. As POC Engineer at HCL America, he provided design and pre-sales engineering for Cisco WAAS products. Nir Ben-Dvora, Senior Technical Leader at Cisco, technically leads architecture for the Application Visibility and Control (AVC) solution for Cisco, collaborating with teams worldwide. He has 17 years of Cisco management and architecture experience.

Part I Introduction to IWAN

Chapter 1 Evolution of the WAN

WAN Connectivity

Increasing Demands on Enterprise WANs

Quality of Service for the WAN

Branch Internet Connectivity and Security

Cisco Intelligent WAN

Summary

Part II Transport Independent Design

Chapter 2 Transport Independence

WAN Transport Technologies

Benefits of Transport Independence

Summary

Chapter 3 Dynamic Multipoint VPN

Generic Routing Encapsulation (GRE) Tunnels

Next Hop Resolution Protocol (NHRP)

Dynamic Multipoint VPN (DMVPN)

DMVPN Configuration

Spoke-to-Spoke Communication

Problems with Overlay Networks

IP NHRP Authentication

Unique IP NHRP Registration

DMVPN Failure Detection and High Availability

DMVPN Dual-Hub and Dual-Cloud Designs

IWAN DMVPN Sample Configurations

Sample IWAN DMVPN Transport Models

Backup Connectivity via Cellular Modem

IWAN DMVPN Guidelines

Troubleshooting Tips

Summary

Further Reading

Chapter 4 Intelligent WAN (IWAN) Routing

Routing Protocol Overview

Topology

WAN Routing Principles

EIGRP for IWAN

Border Gateway Protocol (BGP)

FVRF Transport Routing

Multicast Routing

Summary

Further Reading

Chapter 5 Securing DMVPN Tunnels and Routers

Elements of Secure Transport

IPsec Fundamentals

IPsec Tunnel Protection

IKEv2 Protection

Securing Routers That Connect to the Internet

Control Plane Policing (CoPP)

Device Hardening

Summary

Further Reading

Part III Intelligent Path Control

Chapter 6 Application Recognition

What Is Application Recognition?

What Are the Benefits of Application Recognition?

NBAR2 Application Recognition

NBAR2 Application ID, Attributes, and Extracted Fields

NBAR2 Operation and Functions

Custom Applications and Attributes

NBAR2 State with Regard to Device High Availability

Encrypted Traffic

NBAR2 Interoperability with Other Services

NBAR2 Protocol Discovery

NBAR2 Visibility Dashboard

NBAR2 Protocol Packs

Validation and Troubleshooting

Summary

Further Reading

Chapter 7 Introduction to Performance Routing (PfR)

Performance Routing (PfR)

Introduction to the IWAN Domain

Intelligent Path Control Principles

Summary

Further Reading

Chapter 8 PfR Provisioning

IWAN Domain

Topology

PfR Configuration

Advanced Parameters

Path Selection

Summary

Further Reading

Chapter 9 PfR Monitoring

Topology

Checking the Hub Site

Checking the Transit Site

Check the Branch Site

Monitoring Operations

Summary

Further Reading

Chapter 10 Application Visibility

Application Visibility Fundamentals

Performance Metrics

Flexible NetFlow

Evolution to Performance Monitor

Metrics Export

Deployment Considerations

Summary

Further Reading

Part IV Application Optimization

Chapter 11 Introduction to Application Optimization

Application Behavior

Cisco Wide Area Application Services (WAAS)

Caching and Compression

Application-Specific Acceleration

Summary

Further Reading

Chapter 12 Cisco Wide Area Application Services (WAAS)

Cisco WAAS Architecture

Cisco WAAS Platforms

WAAS Design and Performance Metrics

Cisco WAAS Operational Modes

Interception Techniques and Protocols

WAAS Interception Network Integration Best Practices

Summary

Further Reading

Chapter 13 Deploying Application Optimizations

GBI: Saving WAN Bandwidth and Replicating Data

WAN Optimization Solution

Deploying Cisco WAAS

AppNav-XE

GBI Branch Deployment

Summary

Part V QoS

Chapter 14 Intelligent WAN Quality of Service (QoS)

QoS Overview

Ingress QoS NBAR-Based Classification

Ingress LAN Policy Maps

Egress QoS DSCP-Based Classification

Egress QoS Policy Map

Hierarchical QoS

DMVPN Per-Tunnel QoS

QoS and IPSec Packet Replay Protection

Complete QoS Configuration

Summary

Further Reading

Part VI Direct Internet Access

Chapter 15 Direct Internet Access (DIA)

Guest Internet Access

Guest Access Quality of Service (QoS)

Guest Access Web-Based Acceptable Use Policy

Internal User Access

Fully Specified Static Default Route

Verification of Internet Connectivity

Network Address Translation (NAT)

Policy-Based Routing (PBR)

Internal Access Zone-Based Firewall (ZBFW)

Cloud Web Security (CWS)

Baseline Configuration

Outbound Proxy

WAAS and WCCP Redirect

Prevention of Internal Traffic Leakage to the Internet

Summary

References in this Chapter

Part VII Migration

Chapter 16 Deploying Cisco Intelligent WAN

Pre-Migration Tasks

Migration Overview

Deploying DMVPN Hub Routers

Migrating the Branch Routers

Post-Migration Tasks

Migrating from a Dual MPLS to a Hybrid IWAN Model

Migrating IPsec Tunnels

PfR Deployment

Testing the Migration Plan

Summary

Further Reading

Part VIII Conclusion

Chapter 17 Conclusion and Looking Forward

Intelligent WAN Today

Intelligent WAN Architecture

Intelligent WAN Tomorrow

Appendix A Dynamic Multipoint VPN Redundancy Models

Appendix B IPv6 Dynamic Multipoint VPN

Index

Erscheinungsdatum
Reihe/Serie Networking Technology
Verlagsort Indianapolis
Sprache englisch
Maße 190 x 230 mm
Gewicht 1320 g
Themenwelt Mathematik / Informatik Informatik Netzwerke
Informatik Weitere Themen Zertifizierung
ISBN-10 1-58714-463-8 / 1587144638
ISBN-13 978-1-58714-463-9 / 9781587144639
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich