Data Centre


New appliances from Cisco aim to make branch SD-WAN easier

Optimised Office 365 performance also on cards

By Richard Chirgwin


Cisco has claimed to be "bringing intent-based networking into every domain", the latest being branch offices which need software-defined WAN capabilities and security.

The quote came from product management senior veep Sachin Gupta, who told El Reg the cloud has destroyed traditional notions of the "network edge", and while SD-WAN makes it easier to shift packets in the multi-cloud world, securing such environments involves too much heavy lifting.

"The cloud has a 'pretty fluid edge' that could be in your HQ, Branch, DC, cloud," Gupta told The Register. A business wants the same security everywhere, without destroying the amenity of its cloud services.

Three launches comprised the announcement: a couple of new appliances; Cisco Umbrella getting SD-WAN support; and SD-WAN support for Office 365; and all three are aligned with the company's intent-based networking strategy.

The appliances are the ISR 1111X-8P and the ISR 4461, both targeting branch deployment with integrated SD-WAN support, and available immediately.

The ISR 1111X-8P is a compact unit with Wi-Fi and LTE support, while the ISR 4661 targets the largest branches and integrates storage and compute.

Security includes integrated firewall, intrusion prevention, and URL filtering, with deployment simplified by Cisco Umbrella.

Gupta explained that someone trying to implement SD-WAN and security from different devices and interfaces lets themselves in for "a ton of actions" which are "costly and prone to error".

The SD-WAN capabilities follow the intent-based networking aim of compressing weeks of work into hours, with a single vManage interface for everything.

The same interface also lets the sysadmin bring all branch sites under Cisco Umbrella with a single action.

Gupta noted that system admin can happen either on-premises, or in the cloud.

The security capabilities don't require a separate licence, Gupta said, they're embedded into the three existing SD-WAN licence tiers.

It wouldn't be a 2018 Cisco announcement without open APIs and DevNet.

The APIs expose all Cisco SD-WAN capabilities, so third parties can have their application talking to the SD-WAN, and DevNet has new SD-WAN learning labs and sandboxes.

Integrated Office 365... but why?

Alongside appliances, security and cloudy admin, an Office 365 optimisation offering looks a little out of place, but Gupta said the Microsoft suite is the foundation of how most people spend their office day, and in cloud environments low performance hits productivity hard.

An end user might be accessing Office 365 via head office from a branch gateway, from the enterprise data centre, from a third-party colocation centre, or over 4G. "Customers will have multiple methods to connect to the cloud," he said.

To overcome this, the SD-WAN offers real-time monitoring of "all available paths to the Microsoft Office 365 cloud", and it uses Microsoft Office URLs to identify the closest cloud to the user.

"People expect the same performance as they get on their office desktop," Gupta said. The integration is designed to automatically take "the best path, the most reliable path, to get the best performance".

Of course, understanding the performance of different routes to a host is a Cisco core competence, but Gupta said the Office 365 integration goes beyond "ping host" and selecting optimal routes... and it goes beyond identifying and prioritising Office 365 traffic.

"I'm getting data from the application itself on how the application is performing," Gupta said, "so although Path A is faster, Path B has better latency, and that's what matters at the moment."

"Performance characteristics change on different circuits," he added. "Sometimes the shortest path is not the best." ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Life's certainties: Death, taxes, and Cisco patching more serious vulnerabilities

Switchzilla closes off 18 CVE-listed holes, get to work

Cisco Webex bug allowed anyone to join a password-protected meeting

Patched vuln was 'in active use', firm reveals

'Tens of millions' of Cisco devices vulnerable to CDPwn flaws: Network segmentation blown apart by security bugs

Enterprises face fear of phone fragging fest as Doom spawns on IP phones

It's 2019 so now security vulnerabilities are branded using emojis: Meet Thrangrycat, a Cisco router secure boot flaw

That's how you pronounce 😾😾😾: A means to bury spyware deep inside pwned networking gear

Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes

Unified Comms, Jabber among targets for clean-up

Ding-dong: Cisco delivers your Patch Tuesday warm-up with WebEx, IOS fixes for a few irritating security holes

The main event is next week

Cisco: We warned months ago our sales would be a bit glum, we did not disappoint, and don't expect changes soon. PS: We axed Cisco Live Oz

The aristocrats! The aristocrats!

New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc

Data Center Network Manager bugapalooza with three must-fix flaws

Cisco waves swatter at ten new vulnerabilities

It's 2017, and UPnP is still a critical attack vector

Cisco blasts sueball at 3 ex-employees it claims handed trade secrets over to same rival

Two high-level engineers and one managing director accused of stealing from Switchzilla


Delivering Instant Experiences: Optimizing the Performance, Cost and Capacity of Data-Driven Applications

How can you accelerate data processing to keep up with accelerating business demands for an instant experience? Get the answer to this question and more in this webinar.

How to Fortify Your Organization’s Last Layer of Security – Your Employees

People impact security outcomes, much more often than any technology, policy or process.

The Total Economic Impact™ Of CrowdStrike Falcon®

Forrester estimates that a composite customer could generate an estimated 316% ROI with payback in less than three months.

Intel & SAP: Bringing the Memory Revolution to Your Intelligent Enterprise

SAP and Intel have collaborated on memory & processor co-innovation to help you deliver the intelligent enterprise.