Chapter 17. Conclusion and Looking Forward
Cisco Intelligent WAN (IWAN) architecture delivers a new paradigm for the capabilities of a WAN. Instead of having to rely on routing protocols to find the best path, engineers can monitor application performance to greatly improve the user experience and reduce operational support interaction. New capabilities and features will continue to be infused in future versions of IWAN.
Uses any transport.
Provides bandwidth efficiency by placing application flows on the correct transport via policy or load distribution, thereby maximizing expensive WAN circuits.
Provides application SLAs to protect applications end to end across the WAN.
Reduces bandwidth consumption while improving application experience with application optimizations.
Provides optimized access to Internet resources with direct Internet access. A centralized management and monitoring interface for real-time threat defense is provided with Cisco Cloud Web Security services.
All these functions are integrated into a complete software-defined WAN (SD-WAN) solution with the use of Cisco Prime Infrastructure (PI) and Cisco Application Policy Infrastructure Controller—Enterprise Module (APIC-EM), which provide centralized operation and management automation in a simple and secure method.
Intelligent WAN Architecture
The IWAN solution, like many other emerging technologies, is constantly evolving. Over time, enhancements will be developed and integrated. IWAN as an architecture will evolve as new features are developed specifically for IWAN and existing features are integrated into IWAN solution testing. The currently available version, IWAN 2.1, has integrated several enhancements over the prior release of IWAN 2.0, which brought us the integration of DMVPN Phase 3 with the first release of PfRv3. IWAN 2.1 brings us support for multiple next hops and multiple data centers, providing additional redundancy and SLA monitoring.
The IWAN architecture today is a very prescriptive design, allowing complete validation of everything within the solution. This minimizes the number of components that need to be tested, encompassing interaction among all pillars of the solution. IWAN architecture testing will be expanded both to encompass new features and integrate existing ones. Cisco provides incremental improvements to the IWAN architecture while delivering new use cases based on customer feedback.
The available features within IOS provide the flexibility for a variety of design requirements within a network deployment. The ability to integrate additional features above and beyond the IWAN architecture is the reason IWAN is such a strong solution. Even as new versions of the IWAN architecture are developed by integrating new features, the IWAN architecture testing will never be able to integrate every single feature available in IOS-XE. The IWAN design as a baseline guarantees capability, timely deployment, and confidence in the solution. Using this foundational logic and ability to handle any deviations on a network-by-network basis is powerful. Being able to integrate additional features with minimal additional test cycles decreases the time needed for validation and deployment while producing a solid solution for critical applications.
Today IWAN best practices are available within Cisco Validated Design (CVD) documents. Deployment using the IWAN application in APIC-EM or IWAN workflow in Cisco PI speeds deployment using CVD-based templates. The APIC-EM IWAN application follows the very strict prescriptive model, whereas the IWAN PI workflow allows customization of templates to meet specific deployment requirements, granting the ability to meet any customer’s requirements.
Intelligent WAN Tomorrow
Today’s IWAN architecture can make real-time decisions about application performance; future versions of Cisco IWAN architecture hold so many possibilities.
Network functions virtualization (NFV) and vBranch in its simplest definition allows for the virtualization of traditional network devices such as routers, firewalls, IPS, or identity and authentication services. NFV allows for the deployment of new features and functions where network engineers were previously prohibited from deploying them because of cost or time to deploy these new services.
Cloud-based providers (IaaS, SaaS, or PaaS) continue to gain popularity. Cloud-based providers can provide more flexibility and functions, reduce costs, provide redundancy, or provide services that in-house employees cannot provide. Integrating the IWAN architecture with cloud-based services offers the best of both worlds by ensuring connectivity, integration, and cloud intelligence in the IWAN architecture. A cloud-integrated IWAN architecture would be composed of essential global policies, cloud points of presence for virtual private cloud infrastructure, application optimization, and cloud security.
Software-defined networking (SDN) continues to evolve. The future of SDN and Cisco IWAN opens the door for the network to learn about the WAN transports and make decisions based on current experiences. Predictive decisions will be based on prior knowledge (gained from an implementation’s past experiences) and managed to preempt network anomalies. Integrating the software-defined WAN with enterprise SDN provides end-to-end orchestration of applications and services across the campus, WAN, and data center. These technologies are seen with the digital network architecture, providing rapid deployment of required features, allowing for faster innovation, and reducing cost and complexity with lower risk.
Ultimately, Cisco IWAN uses multiple WAN transports with high reliability and SLAs for business-critical applications while dramatically lowering WAN costs without compromising the network’s integrity. The future of the intelligent network starts now.