BRKDEV-1061

14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 1

Cisco Application
Service Module

BRKDEV-1061

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 2

© 2006, Cisco Systems, Inc. All rights reserved. 1

Presentation_ID.scr
 Agenda

ƒ Overview
ƒ Use Cases
ƒ High-Level Technical Overview
ƒ Programming API
ƒ Demo
ƒ Q and A

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 3

“A New Place for

Application Developers”
Enable ISVs to A New Development and
Transparently Extend Deployment Runtime
Their Application’s Platform for In-Network
Reach “into the Message Processing
Network”

Deployed into Cisco

Equipment Creating Complements Existing
New Differentiated Server-Based, Application
Services Service in C++
Development Paradigms

Service in C Service in Java

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 4

© 2006, Cisco Systems, Inc. All rights reserved. 2

Presentation_ID.scr
 Today: Clients, Servers with Databases

Browser J2SE
+ Ajax J2ME
Desktop Desktop Mobile Phone

Server Server
Other
Legacy
J2EE J2EE Server (s)

DB DB

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 5

Tomorrow: Clients, Servers with

Databases In-Network App Components

Browser J2SE
+ Ajax J2ME
Desktop Desktop Mobile Phone

ASM ASM ASM

Server Server
Other
Legacy
J2EE J2EE Server (s)

DB DB
A New Place in
Applications
Infrastructure

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 6

© 2006, Cisco Systems, Inc. All rights reserved. 3

Presentation_ID.scr
 Sample Technology Use Cases
ƒ Agentless network programming
Network becomes agent deployment platform
ƒ Protocol mediation
Create transparent mediation/switching of network/application protocols
ƒ Visibility and dynamic control of application network flows
Including multihop/multimessage distributed applications
Enterprisewide application monitoring and discovery support
ƒ Effective enterprisewide policy enforcement
Network acts a policy enforcement point on behalf of applications
ƒ Application Quality of Service (QoS)
Leveraging network QoS on applications rather than packets
ƒ Event correlation
Enterprisewide, real-time business intelligence collection
Providing a control channel for active business intelligence systems
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 7

Document Management Example

Document Wiki Shared NFS Document Wiki Shared NFS

Drives Drives
Management Management
Server Server

ISV ISV ISV

Code Code Code

ISV ASM ASM ASM

Code

Users Users

Structured Document Enhanced with Visibility, Control for

Management System Documents in Unstructured Storage
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 8

© 2006, Cisco Systems, Inc. All rights reserved. 4

Presentation_ID.scr
 Business Intelligence Example
Data Data
Daily/Nightly ETL Daily/Nightly ETL
Warehouse Warehouse

BI Server BI Server
ISV ISV ISV
Code Code Code

Analytics ASM ASM ASM Analytics

User ISV User
Code

Transactional Systems Transactional Systems

ISV
Code

Users ASM
Users

Traditional, Data BI Enhanced with Real-Time

Warehouse-Based BI Network Visibility
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 9

Overview ASM Model

ƒ In-line execution
Layer 2 transparent bridge with proxy capabilities
Filter flows as early as possible—10 Gbps capable
Asynchronous stream processing of network flows
Provides application control (drop, redirect, etc.) of flows
Services
ƒ Message classification and extraction Container
Deep message inspection rather than just packets
Extensible programming model to add message classifiers Messages
Provide broad support for application protocols
Stream-based classification—highly scalable Packets
ƒ Open Network Programming Model
New category of applications executed in data path Platform
Simple and extensible container based programming model
Supports C/C++ and Java
ƒ Deployed at standard places in the network
Data center aggregation points
Edge aggregation points
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 10

© 2006, Cisco Systems, Inc. All rights reserved. 5

Presentation_ID.scr
 The Netlet API

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 11

Netlet Interface

ƒ void onClassification (Message msg, Action action)

Primary event handler upon message classification

ƒ void onMoreData (Message msg, Action action)

Notification that more data has arrived for processing

ƒ void onFlowEvent (FlowEvent evt, Action action)

Notification about out-of-band change to flow state

ƒ void init (NetletConfig config)

Registration, setup

ƒ void destroy ()
Allow Netlet to clean up resources
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 12

© 2006, Cisco Systems, Inc. All rights reserved. 6

Presentation_ID.scr
 onClassification (Message, Action)

Message Action
flowID: Long actionType: enum
classificationID: Long Some L2–L4 Values
ƒ Alternate destination IP
L2–L4 Headers ƒ Alternate destination port
ƒ Alter QoS
Preextracted Fields
Raw Payload Data

ƒ Read-only ƒ Once any packet of flow is

sent, no changes to L2–L4
ƒ Mostly zero copy
are possible
ƒ Action can be applied to future
flows that match certain L2–L4
criteria
BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 13

Demonstration

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 14

© 2006, Cisco Systems, Inc. All rights reserved. 7

Presentation_ID.scr
 Summary

ƒ Provides a new place in applications infrastructure for

software vendors to take advantage of
ƒ Serve up unique capabilities in this new place that only
a networking company could offer
ƒ Enable new value propositions and revenue
possibilities for software vendors
ƒ Facilitate adoption via a developers network
ƒ Stimulate growth and innovation through open
standards

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 15

Q and A

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 16

© 2006, Cisco Systems, Inc. All rights reserved. 8

Presentation_ID.scr
 Recommended Reading

ƒ Continue your Cisco Live

learning experience with further
reading from Cisco Press
ƒ Check the Recommended
Reading flyer for suggested
books

Available Onsite at the Cisco Company Store

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 17

Complete Your Online

Session Evaluation
ƒ Give us your feedback and you could win Don’t forget to activate
fabulous prizes. Winners announced daily. your Cisco Live virtual
account for access to
ƒ Receive 20 Passport points for each session all session material
evaluation you complete. on-demand and return
for our live virtual event
ƒ Complete your session evaluation online now in October 2008.
(open a browser through our wireless network Go to the Collaboration
to access our portal) or visit one of the Internet Zone in World of
stations throughout the Convention Center. Solutions or visit
www.cisco-live.com.

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 18

© 2006, Cisco Systems, Inc. All rights reserved. 9

Presentation_ID.scr
 BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 19

ASM System Architecture

ASM Container (C or Java) Network Extension Modules

Container Crypto XPath

Application Management
Application Dyn. Discovery MPLS
Application and
Layer Application
Monitoring
Network Identity IPv6

IEEE 1588 User Defined

Classification Flow Manager DMIe

Packet Manager Application Management/IPC

Network
Network Processing Engine (NPE) CLI SNMP
Processing

OS Shared Memory Real-Time Embedded Linux

Packet SSL Regex/XML Extension

Ingress Egress Acceleration Acceleration Acceleration Hardware
Hardware Appliance, Service Module, ISR Module,…

BRKDEV-1061
14637_05_2008_x1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 20

© 2006, Cisco Systems, Inc. All rights reserved. 10

Presentation_ID.scr