Feeds

Cisco puts a virty router in the clouds

And a virty server in a router, among other unnatural acts

Application security programs and practises

Cisco Live 2012 Nothing is what it appears to be in the data center any more. Servers have integrated storage and switching, routers and switches are getting servers. And virtual switches and now virtual routers are running inside of servers and blade enclosures.

Nothing seems to know its proper place any more. Maybe it is convergence. Maybe it is confusion. Maybe it is both, and the desire by hardware and software makers to try to make their machines do a little bit of everything to try to take some market share away from each other.

The convergence continues apace at Cisco on Tuesday, with the company hosting its annual Cisco Live event, this time in San Diego. It is announcing a bunch of new gear that are part of the company's Cloud Connected Solutions strategy of making the connections between mobile users and services running in the data center and out on the cloud more intelligent and efficient.

Cisco's Cloud Connected Solution gets hardware moist

Cisco's Cloud Connected Solution gets hardware moist (click to enlarge)

Let's talk about the new hardware and software first and then how it all plugs together to reach the Cloud Connected strategy networking requirements that Cisco's top brass say customers are asking it to meet.

Up front is a new Cloud Services Router 1000v which lifts Cisco's routing software, running atop its IOS network operating system, off the iron and plunks it into a virtual machine for deployment out on the cloud. Cisco has taken IOS and the routing software stack in it physical hardware – including routing, VPN, firewall, NAT, QoS, application visibility, failover, and WAN optimization code – and ported it to a VM container that can execute on either VMware's ESXi hypervisor or Citrix Systems' XenServer hypervisor.

This is analogous to the virtual Nexus 1000v switch that Cisco created for its "California" Unified Computing System blade servers to virtualize the network links between VMs running on the blades.

Now Cisco can put routing and related security functions (all based on the familiar IOS stack) in all parts of an organizations infrastructure, whether it is an Aggregation Services Router (ASR) at the head end of the network, the Integrated Services Router (ISR) in the branch office, and the CSR out in the cloud.

By putting a virtual router out in the cloud, customers can extend their own routing networks into the data centers of cloud operators and ensure that their networks are isolated from other companies who are sharing that physical infrastructure. This will allow customers or managed service providers to offer end-to-end routing from the data center to the branch office to the cloud.

At the moment, the CSR1000v can be used as a VPN using IPSec security, and in the future Cisco will be adding support for SSL encryption. It can also be used to redirect traffic to Cisco's virtual WAAS WAN optimization appliances, which debuted back in September 2010 and which optimizes traffic for the Nexus 1000v virtual switch. In October 2010, Cisco rolled out another virtual WAAS appliance that runs atop IOS itself and can run on any router in the Cisco lineup.

(The real question is this: When will Cisco just run all of its stuff on x86 iron and in secure partitions and just do away entirely with networking hardware, aside from ports that hang off a server?)

The CSR 1000v runs on x86 iron, of course, and the recommended configuration is to have four cores, 4GB of main memory, and 8GB of disk capacity allocated to its virtual machine for it to run.

It runs IOS-XE release 3.8 and will run atop ESXi 5.0 or XenServer 6.0 hypervisors. The product will be sold under a subscription model; pricing was not announced. Cisco says that the CSR 1000v will be available in the fourth quarter.

On the real router front, Cisco announced the ASR 1002-X, which delivers between 5Gb/sec and 36Gb/sec of routing bandwidth (scalable with a "golden screwdriver" software upgrade to 10Gb/sec, 20Gb/sec, or 36Gb/sec speeds).

The 2U rack-mounted router slides in the line between the ASR-1002 and the ASR-1004, and has six Gigabit Ethernet ports and all of the software you would expect: VPN, firewall, plus WAN, broadband, and firewall aggregation. The ASR 1002-X peaks at 36Gb/sec, compared to the 40Gb/sec for the ASR-1004, but it only takes up 1U of rack space compared to the 2U for the ASR-1004.

The ISR G2 branch router (PDF), which debuted in October 2009, is also being goosed with new UCS E-Series x86-based coprocessors. Cisco has been offering such coprocessors on the ISRs for several years, and the company will be putting out an upgraded x86 coprocessor for the latest ISR G2s starting in the fall as well.

The feeds and speeds of this new coprocessor were not divulged, but Cisco did say that the point of having a peppier coprocessor in the ISR G2 was that it expected for more third parties to build software and services to run on them.

Cisco Cloud Connected Solution

How the Cloud Connected Solution stacks up (click to enlarge)

In a nutshell, that is what all of this Cloud Connected Solution talk is all about. You can put a virtual switch or router on internal servers or external clouds, or on physical iron if you want to go that way, and also load up other software and services to run on virtual machines or coprocessors that make use of that cloudy switching and routing.

Cisco is cooking up its own Cloud Connected software, and to that end is rolling out its WAAS 5.0 with AppNav, which is a traffic steering mechanism for the WAAS WAN optimization appliance that can work with physical or virtual manifestations (running on the CSR 1000v cloudy router) of the WAAS software to pool and scale up traffic steering as needed.

Cisco has also created a Cloud Connector to run its ScanSafe web security software and its Host Collaboration Services disaster recovery for IP telephony software for when the WAN crashes. ®

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.