Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Ruh_Cisco_EA_2006_04_24
Document related concepts
Internet protocol suite wikipedia , lookup
Computer security wikipedia , lookup
Distributed firewall wikipedia , lookup
Network tap wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Zero-configuration networking wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Deep packet inspection wikipedia , lookup
Airborne Networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Service-oriented architecture implementation framework wikipedia , lookup
Transcript
SONA: ENTERPRISE ARCHITECTURE FOR A REAL-TIME WORLD William Ruh, Senior Director Cisco Systems © 2005 Cisco Systems, Inc. All rights reserved. 1 Today’s Business Imperative: Real-Time Interactions INTERACTIONS TRANSACTIONS PRODUCTION Fast Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Faster Real-Time Cisco Confidential 2 The Real-Time Supply Chain Production Monitoring local operations Transactions Just-in-time inventory management Limited visibility, monthly planning cycle Fast Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Interactions Real-time to sense, decide and respond Web-based collaboration across value chain Faster Real-Time Cisco Confidential 3 Supply Chain Interactions Cemex Optimized Cement Delivery Business Need • Reduce transportation costs, spoilage from changed orders • Installed GPS-enabled logistics system to link delivery trucks and control center Impact • Re-route dynamically based on up-tothe-minute customer needs • Improved customer satisfaction and increased revenue by 15% • Projected $100 million reduction in operating expenses Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4 Industry Inflection Points Historically Drive New Architectures SERVICE ORIENTED Source: Gartner, Cisco INTERNET CLIENT-SERVER NETWORK OF NETWORKS MAINFRAME PACKET NETWORKS PROPRIETARY NETWORK Integrated system for terminal to mainframe connectivity (VTAM) Session Number Presentation_ID Demand for networks to connect multivendor devices (packets) © 2005 Cisco Systems, Inc. All rights reserved. Pervasive, open networks enable client-server to extend beyond corporate boundaries (TCP/IP) We Are At A New Inflection Point INTELLIGENT INFORMATION NETWORK New Network Architecture The network and applications work together as an integrated system (messages) Cisco Confidential 5 Addressing a Market in Transition • Dramatic growth in number • Growth in number, cost, and complexity of systems of applications in the to enable application enterprise (from 50 to 500) integration and security • Transition from monolithic apps to SOA (not 500 apps, • “Conga line” of appliances, new 1RU, 2RU devices but 2,500 “application services”) • Management headache, high operations/ people costs • Exponential growth in application message traffic Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6 Network = Most Scalable Platform Since the Microprocessor Services Enterprise Home Voice Data Video Mobility Commercial Service Providers Services Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7 Cisco’s 3–5 Year Technology Vision: The Intelligent Information Network Network Intelligence INTEGRATED APPLICATIONS Network-Enabled Applications INTEGRATED SERVICES PHASE 3 Virtualized Resources and Services INTEGRATED TRANSPORT PHASE 2 The Intelligent Movement of Data / Voice / Video Across a System of Networks PHASE 1 Time Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8 Cisco’s Technology Strategy Three Components – No Compromises SMARTER Programmable ASICs Distributed architecture Endpoint-to-endpoint performance Resilient design Integrated security and management Adaptive system functionality Global Intelligent Systems Information Approach Network FASTER LASTING Future-proof architecture Investment protection Integrated technologies Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9 Faster Feature Size/ # Metal Layers # Transistors (Million) Chip Size (mm2) Pentium4 0.18/6M 42 217 Itanium 0.18/6M 25 300 Athlon 0.18/6M 37.5 128 Ultra-III 0.15/7M 29 210 PPE 0.18/6M 50 243 FFE 0.18/6M 91 180 Metro 0.13/7M 56 334 NT3 0.18/6M 97 350 Chip Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Custom silicon as advanced as recognized industry players Cisco Confidential 10 Networked Resources Come In Fixed Packages Memory Processing Storage I/O Networked Infrastructure Component Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11 Duplicated, Isolated, Wasted Resources Memory Processing Storage I/O Multiple Components Under-utilized Capacity Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12 Virtualization Allows You to Treat Your Networking Resources as Shared Pools Memory Session Number Presentation_ID Processing Storage I/O Memory Processing Storage I/O © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13 Resources Can Be Brought Together On Demand Session Number Presentation_ID Memory Processing Storage I/O © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14 Virtualization Lets You Overcome Physical Boundaries and Eliminate Waste • Consolidated, policy-based management • Simpler alignment of IT resources to business requirements Memory Processing Storage I/O Virtual Networked Infrastructure Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15 Virtualizing the Data Center INTELLIGENT ETHERNET SWITCHING SSL FW IDS VPN Virtual “Backplane” Between All Resources SLB Networking Pool INTELLIGENT SERVER SWITCHING Blade Servers Web,E-mail Servers DB Servers Utility Network Processor Pool Storage Pool INTELLIGENT SAN SWITCHING Volume Mgmt. Backup Assist Session Number Presentation_ID Replication NAS © 2005 Cisco Systems, Inc. All rights reserved. Processor Network Storage Service File Virtualization Cisco Confidential 16 AON: Network Speaking the Language of Applications APPLICATIONS MFG CRM SCM ERP WEB FIN Business Applications Application Infrastructure APPLICATION-ORIENTED NETWORK INTELLIGENT NETWORKING Packet Network PACKET NETWORKING Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17 Enabling Real-Time Application Monitoring Through the Network APPLICATION ORIENTED NETWORKING Application messaging read by the network Customer Order Order Entry Finance Normal Approval Shipment Billing Exception Approval PURCHASE ORDER ABC Co $25,000 Urgent 2 days Session Number Presentation_ID Network operations on application messages: Log Route Transform Validate Notify © 2005 Cisco Systems, Inc. All rights reserved. POLICYBASED Cisco Confidential 18 Cisco AON Core Capabilities • • • • • • Reliable messaging Content based routing Transformation Protocol switching Message distribution Message load balance • • • • Authentication Authorization Encryption/Decryption Data integrity/ non-repudiation • Digital signatures • Centralized PKI mgt. Application Optimization • Hardware Acceleration (SSL, Crypto, XML) • Message level Caching and Compression • High Availability, Failover, Load Balancing Session Number Presentation_ID Business Event Visibility Application-level Security Intelligent Messaging © 2005 Cisco Systems, Inc. All rights reserved. • • • • • • Event capture, filtering Logging for audit Automatic notification Policy controlled Feed to dashboards Link to Network events Extensibility • ADK (for custom adapters) • SDK (for custom bladelets) • AON Technology Partners Cisco Confidential 19 Application Security Gateway Use Case: Cisco IT (cisco.com) • Secure, integrated entry point for all Cisco online B2B orders • Lower cost: one box • Multiple application-level security functions Log Validate messages Authenticate/Authorize Manage digital certificates/ keys Verify digital signatures SSL sessions based on application ID Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. AON Cisco Confidential 20 Filtering and Aggregating RFID Messages at the Edge for Retail Co., Medical Products Co. CPG Supplier #1 WMS TA G TA G TA G TA G TA G TA G • Digital Signature • Application Level Event (ALE) Filtering • Logging • Partner Integration • Message-level Security • Reliable Messaging • Reader Virtualization and Management TA G AON in Cat6K, 7600 • Event aggregation TA G CPG Supplier #2 • Message logging TA G TA G TA G AON in ISR • Content-based routing • Message copy TA G Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21 AON: Shared SOA Infrastructure Services addressing Deployment Challenges Pervasive, Universally Shared, Reusable Utilities in the Network SERVICE PROVIDERS .NET Mainframe APPLICATIONS BEA IBM SAP Java Sun Packaged Apps SERVICE CONSUMERS Shared SOA Infrastructure Services Business Mobile Portals Dashboards(Messaging, Apps Oracle Processes MS APPLICATIONORIENTED NETWORK Logging Transformation, Security, Protocol Bridging, Reliable Delivery, Rules-based Routing, Monitoring SLAs, Events) Policy Controls Flexible, Real-time, Distributed Enforcement Operational Benefits Hardware Acceleration, Pervasive Location, Availability, Manageability PACKET NETWORK Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22 AON as Web Services Intermediary • Logging, Auditing • Translation/ Protocol Switching • Message Transformation • WSDL Filtering Browser-based Apps (J2EE) Trading Applications HR Applications Business Process Engine Web Service Interfaces • Rules-based, Content-based Routing • Reliable Delivery • Monitoring • Caching • Load-balancing and Failover Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Branch Office SOAP-Compliant Client Apps (VB) External Web Services Customer Apps Back Office SOAP-Compliant Client Apps (VB, J2EE) Cisco Confidential 23 AON as XML/ Web Services Security Gateway • Schema Validation XSD schema validation (partial document) on incoming SOAP request message identified by XPath expression Forward valid SOAP request message to endpoint, discard invalid messages 1. Validate part of SOAP Request Message against its XSD schema 2. Decrypt SOAP Request Message data field, Log and Sign message body 3. Encrypt SOAP Response Message data field SOAP/HTTP SOAP/HTTP • Encryption/ Decryption WSS standard field-level encryption/ decryption Interoperates with SOAP/ Apache AXIS 1.1 client implementation of WSS 1. Service Provider SOAP Client 2. Service Provider JAVA/Apache AXIS 1.1 Client Encrypt SOAP Response message data field Service Provider SOAP .NET Endpoint • Digital Signatures of SOAP request message body • Logging of meta-data about the SOAP request message Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. AON Certificate Generation/ Import Cisco Confidential 24 Implementing IIN….Enterprise Cisco Service-Oriented Network Architecture PLM CRM ERP Business Applications Procurement HCM SCM Application Layer Instant Messaging Unified Messaging Meeting Place Collaboration Video Applications IPCC IP Phone Delivery Middleware and Application Platforms Cisco Offerings Interactive Services Layer Security Mobility Networked Infrastructure Layer Session Number Presentation_ID Campus Application Voice & Collaboration Storage Services Compute Services Identity Infrastructure Data Branch Places In Centre Server © 2005 Cisco Systems, Inc. All rights reserved. Storage Enterprise WAN/ theEdge Network MAN Clients Teleworker Devices Cisco Confidential 25 Interactive Services Layer Customer Value and Cisco Differentiation Application Delivery & Optimization Application Velocity System Wide Area Application Services Content Services Switch/ Content Services Module Application Control Engine APPLICATION SERVICES Security Services Session Number Presentation_ID INFRASTRUCTURE SERVICES Mobility Services SECURITY SERVICES • • • • • • • App security VPN / SSL Virtual firewalls Anti-X DDoS NAC HTTP inspection Voice & Collaboration Services Compute Services Identity Services Storage Services VOICE SERVICES • IPT • E911 • Presence Services • Intelligent message routing (translation, transformation, reliable delivery) , SOA support • Application-to-application security • Application message/ business event visibility and responsiveness MOBILITY SERVICES • • • • Indoor Outdoor Metro area Location based roaming • Voice © 2005 Cisco Systems, Inc. All rights reserved. STORAGE SERVICES • • • • • VSAN & IVR Data replication Remote backup Tape acceleration Point in time copy continuous data protection COMPUTE SERVICES • RDMA • Server virtualization • I/O virtualization Adaptive Mngmnt Services INTERACTIVE SERVICES LAYER • • • • Application-Oriented Networking IDENTITY SERVICES • 802.1X • RADIUS • ACLs Cisco Confidential 26 The Challenge… mySAP Business Suite Main office Branch office Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27 Cisco and SAP Join Forces Business Processes Accessible Through Enterprise Services Enterprise Services Architecture Application Oriented Network MFG CRM SCM ERP WEB FIN ESA AON SS L Intelligent Packet Network Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28 Remote Management of Subsidiaries/Branches Headquarters Subsidiary: Nairobi Start-up/Shut down Checking status Master data update mySAP Intercompany process AON AON Network AON Management Console Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29 Remote Management of Subsidiaries/Branches Headquarters Subsidiary: Nairobi Process Order mySAP Cluster Network AON Application programs and messaging The IBM MQSeries range of products provides application programming services that enable application programs to Application programs and The IBM MQSeries range of products provide programming services programcation programsthatto AON Decrypt, & Authenticate Transformation, Protocol Content Based Route to digital translation, Fastest Server signing, encryption AON Management Console Session Number Presentation_ID Send Invoice © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30 Cisco SONA Accelerates the Network's Role in Transforming Business Processes Virtualization, GRID Computing Disruptive Technologies (e.g. RFID, Infiniband) Application Layer SONA Business Applications Interactive Services Layer Networked Infrastructure Layer Infrastructure Services Server © 2005 Cisco Systems, Inc. All rights reserved. Storage Clients Adaptive Management Services Application Services On Demand, Adaptive Enterprise, etc. Session Number Presentation_ID Collaboration Applications Network SOA Cisco Confidential 31 Key Takeaways • The network is the only common, single element that connects and enables all components of the IT infrastructure Only Cisco offers a comprehensive network infrastructure and intelligent networking services • Cisco SONA enables businesses to benefit from the “network multiplier” effect Optimizing business processes and applications • Cisco lifecycle services, proven enterprise architectures and experience across industries can help you meet your business imperatives in real-time Convergence and Integration Session Number Presentation_ID Virtualization © 2005 Cisco Systems, Inc. All rights reserved. Automation Cisco Confidential 32 Session Number Presentation_ID © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
