Many organizations run Oracle E-Business Suite 11i applications such as order management, customer relationship management, or financials from their branch locations and access the application servers in data centers over the WAN. But application performance suffers when applications designed for LAN environments are deployed over the WAN-a trend that is growing in popularity-and that affects worker productivity. This is caused by latency and delay on the WAN and by the dramatically increased load being placed on the data center infrastructure.
Cisco® now offers a robust and scalable application acceleration and WAN optimization solution through the use of Cisco® Wide Area Application Services (WAAS) software and the Cisco Application Control Engine (ACE) for the Cisco Catalyst® 6500 Series of multilayer intelligent switches. These solutions operate within Cisco Service-Oriented Network Architecture (SONA), an architectural approach that connects network services to applications to deliver business solutions. This white paper will highlight the benefits enterprises can realize when they run Oracle E-Business Suite applications within the Cisco SONA framework.
Business Challenges
In the past 20 years, many businesses have deployed LAN-based applications on local servers in branch offices to run business applications. While this represented an advance over centralized, mainframe-hosted applications, it still had drawbacks. As the number of company branches and servers grew, businesses incurred continuously increasing capital costs to deploy hardware for each branch. Operational costs also increased as companies needed to maintain IT expertise in each branch to manage and troubleshoot the IT environment. As backup and security were left to inconsistently skilled and experienced staff in each branch, data availability became a concern.
In recent years, significant advances in networking technology and widespread use of the Internet have enabled many companies to consolidate their application and storage servers in centralized data centers. This reduces branch office operational costs and capital expenditures. It also improves data availability, manageability, and compliance, because the data center, unlike branch offices, is designed for efficient and reliable IT operations and is staffed with experienced, technical operations personnel.
But increased reliance on the WAN for application delivery has created a new set of challenges, including:
• WAN bandwidth and latency limitations
• The potential for sluggish application response
• Increase in WAN link costs as more bandwidth is added to overcome the limitations of WAN performance
• Extra burden on the data center infrastructure not designed to handle the explosive growth of WAN-based application activity
Many applications, including Oracle E-Business Suite 11i, are "chatty," making tens or hundreds of calls to render a single page, which contributes to the challenge. The time it takes for multiple calls across a few hundred feet of cable in a LAN is unnoticeable. Over long distances in a WAN, however, each call might require tens to hundreds of milliseconds for a round trip between client and server (see Figure 1), which adds up to significant delay and poor performance. LAN-based applications also expect fast response times and begin to deteriorate when response times increase across WAN distances.
Figure 1. WAN Is One Barrier to Branch Application Performance
The enormous increase in WAN traffic flooding the data center infrastructure also causes slow application performance at the branch. The Oracle E-Business Suite 11i, for example, is a Web-enabled suite of applications that runs on application servers in data centers. As enterprises have increasingly adopted this centralized model in recent years, providing branch offices with Web access to these applications, they have seen heavy burdens placed on the data center infrastructure. If requests overload application or database servers, or security processes such as encrypting and decrypting Secure Sockets Layer (SSL) traffic is not handled efficiently, response time back to the branches slows.
Without certain application delivery enhancements over the WAN and in the data center infrastructure itself, frustrated branch office users may circumvent the use of mission-critical applications and put an enterprise's business plans at risk. Slow application response time can also have a negative impact on customers, who may become impatient waiting for a customer rep in the branch to retrieve information.
Cisco SONA Enables Integration of Optimization and Acceleration Capabilities from the Branch to the Data Center
To contend with these issues, Cisco has created and integrated WAN optimization and data center acceleration capabilities within Cisco Service-Oriented Network Architecture (SONA). Cisco SONA is an architectural framework that describes how network-based services such as application delivery, security, mobility, compute, and storage are built into the Cisco network infrastructure, providing some of the middleware functionality typically provided by separate devices or third-party software. Because this functionality is integrated within the network, the services interoperate seamlessly across the enterprise network. This helps ensures better network and application performance. It also allows software developers and IT architects to easily apply value-added services such as location information or application-level security to new applications, rather than having to deploy separate solutions.
Figure 2. SONA Infrastructure
As shown in Figure 2, Cisco SONA comprises three layers. The Network Systems Layer contains networking devices and software and represents the capital infrastructure of the IT environment, including the routing and switching infrastructure, storage, servers, and devices. It hosts many of the services in the middle layer as either software or add-on blades. The integrated network services layer contains services that operate as a type of middleware and provide reusable, virtualized services throughout the network. The application layer includes the business applications, such as the Oracle E-Business Suite 11i, and collaborative applications such as Unified Messaging.
Cisco WAAS, which is a powerful new application acceleration and WAN optimization solution for the enterprise, is contained within the Application Delivery services box in SONA's integrated network services layer. Cisco WAAS software runs on Cisco Wide-Area Application Engine (WAE) platforms that are deployed in the data center and branch locations as appliances attached to the LAN or as networked modules integrated with the branch router (see Figure 3).
Coupled with Cisco IOS® software capabilities running on Cisco integrated services routers, Cisco WAAS application acceleration technologies can minimize the amount of traffic that must traverse the WAN, maximize the efficiency of WAN bandwidth usage, and control the behavior of WAN traffic by application type according to corporate policy.
VeriTest, a network testing organization, studied the impact of this solution on network traffic and in its July 2006 report found that Cisco WAAS:
• Reduced traffic crossing the WAN by more than 85 percent.
• Improved performance of data access significantly. The study found that "over a T1/E1 connection with 100 ms delay, a 2 MB Microsoft Excel file that took 32.2 seconds to open normally took only 1.7 seconds with Cisco WAAS."
This data suggests that Cisco WAAS can deliver significant business value to enterprise branches that are experiencing decreased employee productivity and customer service due to slow application response times and slow file transfers.
A key piece of infrastructure that interacts with Cisco WAAS is the Cisco Application Control Engine (ACE), a module (it also comes as a standalone device) that is inserted into a Cisco Catalyst 6500 Series switch in the data center. The Cisco ACE module provides optimization, offload, and security capabilities to improve data center performance. This powerful consolidation of functions includes:
• Intelligent server load balancing: To determine which application servers in the data center are busy processing requests and route new requests to free servers, thereby greatly speeding request processing time
• Secure Sockets Layer acceleration: To integrate SSL acceleration technology, which offloads the encryption and decryption of SSL traffic from external devices (servers, appliances, and others), thereby allowing Cisco ACE to look deeper into the encrypted data and apply security and content switching policies
• Connection management: To consolidate multiple client TCP connections on a single-server TCP connection, reducing server overhead by off-loading TCP handling from multiple appliances
These functions typically require multiple devices throughout the data center infrastructure. By consolidating them in one device, Cisco ACE speeds performance into and out of the data center as these functions occur at one time and place-interrupting the flow of traffic only once, in turn saving time, processing power, and memory. Less integrated solutions may terminate packet flows at four or more locations on the network, which is time consuming and processing heavy.
In combination, Cisco WAAS and the Cisco ACE module provide a high-performance and feature-rich end-to-end application delivery solution with nearly unlimited scalability in the data center. Together, they provide up to four times the performance and scalability of the nearest competitor.
Figure 3. Power of SONA-Seamless Network Integration
Cisco SONA Services Operate Automatically
The Cisco SONA framework continually applies other services as needed to protect transactions across the network. For example, it can use SONA identity services to determine if a branch office user trying to access the Oracle application in the data center actually is who he or she claims to be and whether or not they are authorized to access the applications. These services will also identify the type of device the person is using to log in to the network, and will make sure that the device-say, a laptop-does not contain viruses that could infect the enterprise.
Before the Cisco network enables any communications between the branch and the data center, it automatically exerts operational control to determine if the user is on a secure, certified, and valid endpoint. It does so through the SONA security service, which checks to be sure that Cisco Security Assurance software is running on the endpoint. Cisco Security Assurance interacts with other Cisco security software to determine that the endpoint has the proper virus protection installed. It also checks that the virus software is up-to-date with the latest signatures and that any necessary operating system patches are installed before network access is allowed. If the laptop lacks the necessary security safeguards, it would be automatically quarantined to a LAN until it could be remediated, at which time it would be given access to the data center.
Conclusion
Many enterprises that provide branch workers with access to Oracle E-Business Suite applications in data centers rely on a Cisco SONA infrastructure-and use the services that are integrated into the infrastructure. These services interoperate to help ensure security, check identity, and apply WAN optimization and data center application acceleration techniques that keep performance levels high-allowing branch workers to function securely and at greatest efficiency. The added benefit of Cisco SONA is that these services are shared and can be virtualized. As enterprises develop applications to promote new business initiatives, they can deploy them more quickly and cost effectively by calling on the needed network services-from security to mobility to identity, among others-built into the network itself.
