Can you give me a little bit of background on how Cisco defines services aggregation and what Cisco's place in the market is?
If you remember the launch message, it was really connecting all of the services that we talked about more with a branch focus to the rest of the network infrastructure. Services aggregation for us is essentially the key area to enable the services we usually think of at the branch, like voice, like security, from an end-to-end perspective. If we look at it from a vision perspective, it is the piece of our Intelligent Information Network that really translates down to the SONA architecture and the interaction between the network layer and the service layer. Services aggregation sits in the middle between the network layer and the service layer and is there to enable the services end-to-end.
… In order to make voice work, what does the rest of the infrastructure beyond the branch need to do. So at the branch we have Power over Ethernet ports, Call Manager Express, and all the various voice features that are part of the ISRs, but at the services aggregation layer you don't need to replicate all the services, but you have to have the complements. For example, you'd have cRTP sessions to compress the voice traffic for slower branch connections; you'd have IPSLA running, which is an application that essentially monitors the state of the network in real time. You'd have QoS defined, and so forth.
Services aggregation is really the collection of features and scale that you need at the aggregation point in order to make the new services work end-to-end.
This is something we really introduced in this launch with the 7200 enhancements. That's also by far the most widely deployed platform at the aggregation space. But it is a strategy or a vision that we carry forward in all of the product enhancements that we plan to ship in the next years in the enterprise space, because we see the upgrade at the branch and the services that go along with that as really … fundamentally changing the enterprise routing architecture and network architecture. What benefits does services aggregation bring to branch offices?
Today the benefits really are around making the services work end-to-end in a predictable, scalable way. It's one thing to connect a couple of branches with voice to the headquarters, it's another thing to do it across hundreds or thousands of branches. In order to make that work, you really need to integrate the various features that I just talked about as examples of services that live in the network infrastructure. You need to integrate those into the service aggregation platform.
For example, one of the reasons that the 7200 is so popular is [that] the way you turn on many of these features and services in the aggregation infrastructure is … by enabling it just on the CLI [command line interface]. It's all part of IOS already. For some instances, you'd have to buy a license, but mostly it's already integrated into the product and integrated into the Cisco solution.
And this is a big contrast to looking at solutions that have a box per function. Let's say an aggregation router that just does connectivity, then a VPN head-end to terminate IPsec, then a probe of the network to do real-time quality measurements, and so forth. There's obviously the CapEx component of the advantage of integrating these things into a single service aggregation device. But really, more importantly, it's the simplicity of the network and the related OpEx savings that are probably the most attractive. Stepping out of the branch office, what about the headquarters of the enterprise or the main offices? What benefits do you see there?
Services aggregation is something that happens at the regional headquarters or the headquarters. We talked about how that's beneficial to connecting the branches to the headquarters. At the headquarters, the challenges are mainly around management of a deployment that scales and also about clearly connecting the vast aggregation infrastructure where we talk about service aggregation to the data center or to the campus core. If you look at some of the solutions Cisco puts out, there's the space as you go past the service aggregation point or the aggregation point of the headquarters; you're able to enter all the corporate resources based on all of the security checks and all the QoS prioritization that already happened at the aggregation infrastructure.
Basically, think of services aggregation as the role of the network where branches and remote users connect to the campus core or the data center.
I think the concept itself or the role of aggregation really is nothing new. We've always connected branches to headquarters. But I think what's new here is really putting together a complete picture of the services that are needed in the aggregation infrastructure and a guideline for suggestions and testing information from Cisco in order to know how to make the services work at scale. It's sort of a natural transition that our customers go through now that they've deployed, or they're thinking of deploying voice at a large scale or IPsec at a very large scale, and the problem statement shifts from how do I deploy the service at the branch to how do I actually build a network that supports all of these services concurrently. I think they come to services aggregation very naturally as the next challenge to tackle to really get to a converged network with all of the services running at scale.
If you want to use an analogy of the service provider space, we usually go through cycles in which service providers focus their upgrade on the edge and then there'll be a cycle following that drives upgrade at the core. And I think that's what we're seeing here. We're in the midst of a cycle of the upgrade at the branch …. And the next natural point that needs to be upgraded that needs to be thought of for enterprise customers is the aggregation infrastructure. That's really where the concept of services aggregation plays. What are some of the key services you see customers looking for that they really want in that one location?
If you look at the collection of features, for voice that would be fine-grained QoS, that would be cRTP. Voice over IP actually does drive a significant amount of traffic, especially if you deployed at scale and you can't obviously in one day upgrade all of your WAN connections to all of your branches. cRTP played the key role, IPSLA played the key role to actually look at the quality of the network or application in a real-time basis. Then, beyond that, we're looking at things beyond voice that are generally applicable. Things like optimized edge routing to more flexibly handle and get optimal usage out of your network. This is a Cisco innovation where based on measurement of delay and jitter and other [problems] in the network, the devices pick a different path to the network and basically influence their routing decisions.
The next big area of things is security and how you make all of the features I just mentioned work over an IPsec infrastructure. And so there's IPsec, DMVPN features for branch connectivity. And there are a few others. Voice gateway kind of functions at the headquarters for toll bypass, things like NBAR or network based application recognition.
If you break it down at the feature level, it's a fairly comprehensive list … you can do it in one system and you can pick and choose which services you want to enable without having to choose a different piece of hardware for each service. You mentioned security. Where do you see the overall market for services aggregation going over the next year or two? Is it going to be really security focused? Are there going to be some new services wrapped in that we might not even know are out there yet, or that customers are craving?
I think there are certainly going to be some services we haven't thought of yet.
In addition to security, voice is a key piece. Certainly I see security as growing rapidly, mainly because of additional concerns and more sensitive information traveling over the IP network. We see our IPsec attach rate for the ISRs growing, and that's driving the growth of our IPsec modules on both the 7200 and 7600. That's definitely a growth area that's fairly well understood.
I think what's not so well understood yet is: We use IPsec a lot today for data connectivity, but actually making voice, video and other application services work over the IPsec infrastructure … all of them need to be secured. That's something that we're at the leading edge of, and I think there are still some answers that need to be delivered in the industry for how to make all of that work.
The other things that have an implication on the services aggregation infrastructure are things like WAN optimization. Today, we have solutions that we're getting ready to ship between the ISRs and the 6500s, our premier data center product. I think WAN optimization is the topic where it's very important to know which problem you need to solve and in which part of the network. In the services aggregation infrastructure today, our NBAR functionality does a very good job of working in sync with Cisco's application optimization solutions by sort of a complete end-to-end. The compression of applications may happen at the branch or at the data center, and the network plays a roll of prioritizing the treatment of these applications as they flow through the network. I think that's an area that we certainly see a lot of hype around today, and I think there will be significant steps forward in that area as customers think about how to deploy that at scale. What is Cisco's real vision going forward for keeping the services aggregation marketplace going, and exactly how will you keep adapting with it?
The strategy overall is really unchanged from before, which is integrating intelligent services into the infrastructure in order to drive a better return of investment on IP infrastructure overall. It's really aligned with the SONA vision ... Enhancements to NBAR, new ways to connect more flexibly, secure multicast solutions -- that was another part of our launch -- those kinds of things. So it really is about aligning ourselves with the SONA vision of making the network more intelligent and continuing to deliver solutions that are comprehensive rather than point solutions.