Score your ACE in Business and IT Efficiency Optimize your Data Center capabilities with Cisco s Application Control Engine (ACE)
Agenda In this webinar, you will be given an insight into the following: Introduction of Cisco Application Control Engine (ACE) Deployment Considerations for Microsoft Exchange and SharePoint Optimizing Microsoft Exchange and SharePoint with Cisco ACE Q&A session
Application Delivery Controller Benefits of Traffic Management Why application delivery Controller: Availability Scalability Performance Security Mobile phone Web browser Outlook (remote user) Virtual IP ACE Load Balancer aa Outlook k(local l user) Client Access Server farm The Cisco Application Control Engine (ACE) provides validated solutions for Microsoft applications Cisco ACE 4710 0.5 4Gbps Cisco ACE Module 4 16 Gbps
Application Solutions Validated with ACE Comprehensive set of validated ACE solutions Example showing Cisco and Microsoft validated solution for Microsoft Exchange Server 2007 using ACE Currently testing Exchange 2010 running Cisco Unified Computing System (UCS) load balanced by ACE
B E N E F I T S Cisco and Microsoft Integrated Solutions Integrated Management SCOM, VMM Integration* Hardware/application correlation 20% OpEx cost reduction Optimized Delivery to Users Preconfigured & integrated 5x branch user performance Low footprint core services Validated for Microsoft Applications Documented architecture R2 HyperV, Live Migration End-to-end / client to data center Virtualized Data Center Platform Application Control Engine Unified Computing Preconfigured for virtualization 30% cost reduction UCS Manager Integrated Management Optimized Delivery WAAS Mobile Remote Desktop Windows Server on WAAS Validated for Microsoft Applications Virtualized Data Center Platform Virtualization Compute Unified Fabric V I R T U A L I Z A T I O N
Introduction of Cisco Application Control Engine (ACE) 6 6
Supporting Multiple Applications: The Traditional Way One Physical load balancer Exchange Many load balancers No isolation Load Balancer SharePoint SAP Portal Inefficient Isolation Load Balancer Exchange Load Balancer SharePoint Load Balancer SAP Portal Applications compete for resources Changes to one app can impact others Overly complex configuration Device sprawl Underutilized d device resources Complex to upgrade 7
Introduction to ACE Load Balancer Cisco ACE provides many advanced load balancing feature which can be applied to meet challengers with deploying today's applications These features include: 1. Access-control (permit or deny a request) 2. Management traffic 3. TCP normalization/connection parameters 4. Server load balancing 5. Fix-ups/application inspection 6. Source NAT 7. Destination NAT 8
Virtual Context Setup Virtual contexts are virtualized ACEs. Each virtual context has independent configuration and dedicated resources assigned. One context can pull resources from another Microsoft Exchange 2007 Cisco UCS Microsoft SharePoint Virtualization ti of Microsoft Exchange 2010 A separate virtual machine for each of the roles: Two Client Access Server, Hub Transport, Four Mailbox in a DAG (Database Availability Group) 9
Design Considerations One Armed Load Balancer not inline Allows direct server access Requires Source NAT Routed Mode Easy to deploy Requires at least two IP subnets Servers in dedicated IP subnet Bridged Mode Easy migration for servers Requires one IP subnets Recommend for none-lb traffic 10
SSL Server Offload Offload CPU-intensive SSL processing Servers resources are dedicated to serving requests and running applications, rather than encrypting data Centralized key/certificate t storage/management t Allows advanced content switching (URL-based, cookie-sticky, payload parsing) and inspection of SSL traffic Scalability: easy to add more SSL performance Encrypted to VIP:443 Clear Text to Servers:80 Application Switch Servers 11
ACE for Microsoft Applications 12 12
ACE deployment enhanced the Microsoft Exchange environment Customer reference on recent Exchange deployment ACE enabled our Microsoft Exchange environment to achieve automatic and almost instantaneous Exchange failover between data centers, " says Huffman "Microsoft had no offering to `enhance' DNS and failover was a 30 minute task per their normal DNS methodology Microsoft engineers were so impressed, they documented the Cisco Global Site Selector & ACE setup and have a made it a recommendation Reference: https://www.clisco.com/en/us/solutions/collateral/ns340/ns517/ns224/case_study_c36-541993_ps4162_products_case_study.htm 13
Understanding Exchange Architecture Exchange Components WS Mailbox Agents OWA Sync UM Transport Agents Entourage Outlook / MAPI clients Exchange Components WS Mailbox Agents OWA Sync UM Transport Agents M iddle Tie er Exchange Biz Logic Outlook / MAPI clients Entourage le Midd Tier MAPI, Exchange RFR & Biz Logic NSPI RPC Exchange Core Biz Logic Mailbox MAPI RPC Store DAV Mailbox MAPI RPC Store 14
Exchange 2010 Middle Tier What is it? New services in Exchange Server 2010 that reside on CAS Outlook Clients Restrict all Outlook data access to a single common path by migrating g Mailbox and Directory endpoints to CAS What it handles: Outlook data connections go to RPC Client Access Service on CAS instead of connecting to Mailbox servers Address Book Service on CAS replaces DSProxy interface, handles all Outlook Directory connections Public folder connections connect directly to the Mailbox server, but through h RPC Client Access Service running on backend Exchange CAS Array MB GC 15
Focus on Microsoft Exchange 2007 16 16
Microsoft Exchange 2007 Logical Layout How can ACE provide a highly available and scalable solution which benefits the Microsoft Exchange 2007 application environment? 17
Microsoft Exchange 2007 Components Client access to exchange environment via users web browser Client using HTTP/HTTPS OWA is installed as a virtual server under IIS 6.0 CAS is a independent server roles which provides indirect access to users mailbox Located in a DMZ or DC Client Types Protocol Outlook MAPI over RPC Outlook Voice Access Outlook Web Access Exchange ActiveSync Outlook Anywhere POP Client IMAP Client RTP HTTP/HTTPS HTTP/HTTPS RPC over HTTP/HTTPS POP/SMTP ACE can scale all components running on Microsoft Exchange 2007 Client Access Server (CAS) 18
Load Balancing Outlook Web Access (OWA) Outlook Web Access (OWA) Microsoft Active Directory ACE can provide the following benefits: Internet Additional Data Centre Security using ACL ACE Layer 7 load balancing between server with HTTP Cookie session persistence SSL termination Health monitoring check Client Access Server status HTTP to HTTPS Server Redirection Possible TCP multiplexing and HTTP Compression Access Switch Mailbox Server Microsoft Exchange CAS Servers 19
ACE Load Balancing Outlook Anywhere Outlook Anywhere Microsoft Active Directory Internet ACE Access Switch ACE can provide the following benefits: Additional Data Centre Security using ACL Load balancing using the HTTP header-value "MSRPC Session persistence based on SOURCE-IP or http-header Authorization SSL termination Health monitoring check Client Access Server status Mailbox Server Microsoft Exchange CAS Servers 20
ACE Guided Setup for Application Configuration and optimization Cisco Application Networking Manager (ANM) provides simplified setup for Microsoft Exchange and SharePoint 21
Simplified Setup for Exchange ANM configured with three Exchange 2007 applications: OWA, Outlook-Anywhere and Active-Sync ANM shows Exchange 2007 servers components running on Microsoft Hyper-V 22
Microsoft SharePoint 23 23
What Is Microsoft Office SharePoint Server (MOSS)? Microsoft Office SharePoint Server (MOSS) is the full version of a portal-based platform for collaboratively creating, managing and sharing documents and Web services MOSS enables users to create "Sharepoint Portals" that include shared workspaces, applications, blogs, wikis and other documents accessible through a Web browser 24
Customer Case Study TV viewers look to the Internet for information and video clips about their favorite TV shows, but Internet search engines were not providing truly relevant results Using MOSS, SQL Server 2005, and other Microsoft technologies, customer built a new, targeted broadband Internet video guide Customer built a three-tiered architecture using a familiar presentation, application, and data layer model Microsoft Office SharePoint Server 2007...is helping us increase our usership and our revenue potential. It is also helping us to reposition and promote the brand in an entirely new way. 25
ACE Function and Performance Testing Figure shows Server processor savings from ACE SSL termination and TCP connection management Performance testing that measured server processor savings by conducting SSL termination and TCP connection management The ACE revealed a 71 percent decrease in server CPU usage Cisco Application Networking for Microsoft SharePoint Solutions 26
Topology Consideration The GSS probes the ACE load balancers to retrieve the Web front-ends health and load information Based on this information the GSS can load balance the users request to the best available data centre The GSS then provides user stickiness for all users sequential request The GSS is authoritative for the WWW. The GSS will only provide a A record if the Web front-ends health is available 27
28