Cisco offers complete solutions to meet customer's business needs, including IP telephony, security, optical, and storage solutions. Cisco also offers complete content networking solutions in order to achieve application acceleration.
The following networking environments are available for Cisco's content network solutions:
The first three environments, when enabled with Cisco's content networking software, together form an Enterprise Content Delivery Network (ECDN).
The primary differences between ECDNs and ICDNs are the billing requirements, mentioned previously. That is, the software is the same in both, but in an ICDN scenario additional software for content billing is necessary. For details on each of these four environments see Chapter 4.
Content is switched in much the same way that frames are switched in Layer 2 Ethernet networks. With Ethernet, frames are forwarded to an appropriate switch port based on information in the frame header. That is, the switches provide Layer 2 intelligence to the routers in the network. In comparison, content switching provides Layers 57 intelligence to the origin servers and clients in the network. The content is inspected and forwarded to the most appropriate system based on information in the packet headers and payload. Content switching includes replication of a single system, formation of a group of systems of identical functionality, and distribution of client requests across them.
Content switching is used in the following scenarios:
Server Load Balancing (SLB)
SLB devices use health metrics, such as server response time and number of connections, as criteria for determining which origin server should receive a request for content. The health of the server is determined based on responses received from the servers in reply to health-check traffic generated by the content switch. Users are directed to the best origin server available at the moment of the request.
The challenges associated with balancing requests across multiple systems are addressed with the various content switching algorithms discussed in Chapter 10, "Exploring Server Load Balancing." You can also load balance caches using SLB devices and Web Cache Control Protocol (WCCP), as you will learn about in Chapter 13, "Delivering Cached and Streaming Media."
Firewall Load Balancing (FWLB) and VPN Load Balancing
Firewalls often contain built-in failover mechanisms for firewall availability services. For example, the Cisco PIX firewall uses a proprietary stateful failover mechanism for the standby firewall to know when to take over processing for the active firewall. Technically, you also can use FWLB to manage availability, but in most cases Cisco recommends using its proprietary mechanism for Cisco PIX failover. Furthermore, scaling the Cisco PIX firewalls by upgrading to a higher series firewall is often less costly in terms of financial investment in the hardware and resources required to manage the design. Load balancing numerous lower-end Cisco PIX firewalls with content switches requires much more overall hardware and resources to manage the solution. Unless many millions of concurrent connections and many gigabits per second of bandwidth are required, the highest series of Cisco PIX firewall should be able to handle the load. FWLB is more useful in the following circumstances:
FWLB provides scalability and availability to firewalls in the same way that the SLB is used for origin servers, but with slightly more complexity and involved configurations. For example, FWLB does not support asynchronous routing. That is, the return traffic of a connection must be routed back through the originally selected firewall, in order for the firewall to reconcile traffic from like connections; otherwise, the firewall will drop the traffic. Additionally, "buddy" TCP connections from applications that originate connections in the reverse direction of the original connection, such as Active-FTP, must be sent through the originally selected firewall.
Cisco content switching also supports load balancing of signaling and data packets of VPN protocols, such as IPsec, Point-to-Point Protocol (PPTP), and Layer 2 Tunneling Protocol (L2TP) for scalability and redundancy of VPN devices.
Global Server Load Balancing
Although origin server redundancy within a single data center is achieved with SLB, global server load balancing (GSLB) is required when the following issues occur:
Application and Content Networking System
The Application and Content Networking System (ACNS) provides customers an integrated system that consists of content edge delivery, content distribution, and content routing. The following solutions are available to a network installed with ACNS software:
Content Edge Delivery
Most medium to large enterprises require regional office locations in closer proximity to areas of potential sales than the headquarters location. However, mission critical corporate applications, such as intranet web portals, Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), and the database and file servers that store data for these applications, reside at the headquarters. Similarly, other applications, such as corporate Internet access, e-mail, and video streaming, are also normally located at the corporate headquarters. In most cases, installing these applications in the regional branches proves too costly for the majority of enterprises.
However, employees at these locations demand the level of service they would have if the applications were installed locally. Realizing that revenue will most definitely be affected by performance decreases and increases in bandwidth usage at the edges of the network, corporate executives also expect high availability and performance at these branch locations. With content edge delivery, content is served directly from the branch locations, in closer proximity to the employees.
There are two common content edge delivery technologies employed to solve issues surrounding bandwidth and latency issues in branch locations:
Caching is by far the most commonly used feature in the short history of content networking topics. Generally speaking, the nature of content requests leans toward the popular 80/20 axiom in network computing: 80 percent of requests are for 20 percent of the content. To decrease server load, content is offloaded from an origin server to a device whose sole job is to deliver frequently requested content objects, in closer proximity to clients. Content is populated into the caches on-demand, as clients make the requests. How requests for content are handled by the local cache as opposed to the origin server itself is discussed in Chapter 13.
When users request an object from an edge delivery device, how can they be sure that it is identical to the content that resides on the origin server? Intelligent content freshness determination in globally and locally cached networks is essential to provide users with the most up-to-date version of the requested object. Therefore, any changes in the original content can be dynamically detected and uploaded by the edge caches, transparently to both client and server.
As with most aspects of network design, content edge delivery deployments also require attention to ensuring high availability and fast performance. As such, specific local content switching mechanisms are also applicable in designing availability into an edge deployment.
Streaming Media Delivery
Streaming media solves major issues with viewing video media on a network. Users no longer have to wait for downloads to complete before viewing video content online. Furthermore, the client video player displays video frames directly to the user as packets arrive on the network, which is similar to standard television broadcasting. As a result, live and scheduled video feeds are made possible with streaming media.
Streaming media benefits from content edge delivery by ensuring that only a single stream of video content traverses the network at any given time, resulting in bandwidth cost savings. Furthermore, streaming media can also benefit from caching, by storing the video feed locally for later viewing by clients.
Cisco's streaming media solution as supplied by ACNS within Content Engines, Cisco IP/TV, and industry partner streaming software, such as Real Networks, will be detailed in Chapter 13.
Content Distribution and Routing
Content distribution occurs in advance of client requests in order to position content into desirable locations within the network. In contrast, recall on-demand caching, in which content is populated to edge delivery devices as requests for content are fulfilled by the origin servers.
The act of distributing content throughout the network can be as taxing on networking resources as its delivery. Chapter 6, "Ensuring Content Delivery with Quality of Service," covers methods of minimizing network resource consumption during the distribution process, including IP Multicast, resource reservation, packet queuing, and scheduling.
Once the content network is populated with fresh content, requests for objects containing cached content are processed, in order to determine the best location of the requested content. In the same way that IP routers relay IP datagrams to their appropriate destination, content routers relay application messages. Content routers offer the best content to requesting clients based on factors such as geographic location, network load, and delay.
In the past, content has been a value-added service to customers. In this new millennium, content services are seen as a potential revenue generator. As such, third-party advertisement insertion, URL filtering, virus scanning, and e-mail spam filtering using various technologies can be performed on the content before delivery to the client. The section called "Enabling Transparent Value-Added Services on your CEs" of Chapter 13 discusses how these value-added services are performed.
Content Network Partnership Program
The Cisco Content Networking Partner Program enables third-party software companies to extend the Cisco ACNS infrastructure to provide complete end-to-end solutions to meet customers' business needs. The group of partner companies is known as an ecosystem, and each must fulfill certification criteria set by Cisco in order to become certified for membership. The main criterion is the use of standard interfaces to interoperate with Cisco's content networking products. The benefit of membership is the marketing program in place to promote partner software products coupled with Cisco's content networking infrastructure. In addition to this, customer solutions are guaranteed rigorous testing and verification before deployment.
End-to-end solutions offered by ecosystem partners may include e-learning, corporate communications, content filtering capabilities, and software and file distribution. These solutions can be offered to the customer as a managed service, located in the partner's data center, or installed as an enterprise server solution, requiring dedicated server hardware behind the customers' own firewall. Either way, Cisco's ACNS architecture is at the heart of the solution and provides the intelligence to ensure that the content is delivered reliably and efficiently to the end users.
Partners can offer solutions using any of the following content delivery categories:
Content management partners offer applications and databases used for indexing, searching, and retrieving content. A typical customer may be a corporation that requires rapid distribution and retrieval of audio/video content for corporate communications and training.
Content distribution partners provide efficient mechanisms to replicate content over low bandwidth and unreliable network links for delivery to Cisco content networks. These partners may have patent application protocols to improve efficiency and ensure security in distributing information to remote sites.
Content providers create content for training and corporate communications, such as video-on-demand, webcasts, or Macromedia Flash-based presentations. Providing packaged content for e-learning, corporate communications, product marketing, and sales support gives organizations the ability to concentrate on operational aspects of business rather than the production of content.
Producing educational material electronically and making it interactive and accessible for viewing anytime reduces training costs associated with instructor-led training and increases information retention rates among learners.
An e-learning application is an enterprise-wide learning system containing tools for creating, delivering, and managing content, for live and on-demand training or information-exchange portals. The application may contain event administration, promotion, registration, and management functionality for company-wide collaborative events. Organizations may centrally prescribe personalized training to individuals or groups of employees on standard employee procedures, new-hire training, and mentoring. Organizations are also able to track employee competencies and certifications with an e-learning application.
Content Filtering and Scanning
Content filtering provides a means to control a user's online accessibility to content, increase employee productivity, and eliminate the organization's legal liability of inappropriate Internet access and instant messaging. These tools enable administration of access settings to enforce an organization's standards and ethics. Reporting on employee usage is also available.
Content scanning involves, as the name indicates, capabilities to scan content for anomalous items, such as viruses, before sending across the network.