Cisco Cisco ACE Application Control Engine Module White Paper
© 2006 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 3 of 8
Cisco AVS appliances enhance application performance over the WAN by improving response times. Without any changes to the application or in
client interaction, Cisco AVS solutions routinely shrink end-user response times by 50 to 80 percent. Cisco data-center solutions maintain the state
of the entire application across all clients and servers. Through knowledge of the context of requests, the solutions transform data previously
considered uncacheable and eliminate the need to check with either Web or application servers. Aggregating Web requests and minimizing
unnecessary network calls bring gains for users regardless of their location, access, or client system. These advances rely on four primary capabilities
of the Cisco AVS products:
•
FlashForward object acceleration helps the Cisco AVS 3120 Application Velocity System eliminate unnecessary browser cache validation
requests. This new technology eliminates the network delays associated with embedded cacheable Web objects such as images, style sheets,
and JavaScript files. In a Web deployment, each embedded object must ensure that the user has the proper browser version, and each validation
involves a separate HTTP request from the client to the origin server. Pages that embed many objects must wait to be rendered until the client-to-
server round trips are completed. Cisco FlashForward technology automates this process at the server. All object validity information is carried in
the single download of the parent HTML document. The Cisco AVS 3120 takes responsibility for transparently managing validity and
expirations. This automatic aggregation saves traffic by validating object freshness on the server side, rather than on the client. The benefits can
be realized in any application.
and JavaScript files. In a Web deployment, each embedded object must ensure that the user has the proper browser version, and each validation
involves a separate HTTP request from the client to the origin server. Pages that embed many objects must wait to be rendered until the client-to-
server round trips are completed. Cisco FlashForward technology automates this process at the server. All object validity information is carried in
the single download of the parent HTML document. The Cisco AVS 3120 takes responsibility for transparently managing validity and
expirations. This automatic aggregation saves traffic by validating object freshness on the server side, rather than on the client. The benefits can
be realized in any application.
•
Smart Redirect speeds Webpage redirecting by helping the Cisco AVS 3120 convert HTML metatag-based redirects into more efficient HTTP
header-based redirects. The result is significantly faster page response time that does not sacrifice the flexibility and productivity of metatag-based
redirection.
redirection.
•
Fast Redirect speeds HTTP header-based 301/302 redirects, reducing the round trips required from two to one. The Cisco AVS 3120 processes the
301/302 HTTP status code response and fetches the redirected resource over the LAN in the data center.
•
FlashConnect improves browser performance by enabling responses to be processed in parallel rather than serially. By default, Microsoft Internet
Explorer fetches objects over only two TCP connections established for each domain name it sees in an HTML container page. This limit means
that requests are often queued unnecessarily, and first-visit performance suffers. By multiplexing these connections, the Cisco AVS 3120
accelerates performance.
that requests are often queued unnecessarily, and first-visit performance suffers. By multiplexing these connections, the Cisco AVS 3120
accelerates performance.
Reduce Time, Cost and Complexity of Application Deployment
Enterprises and service providers need flexible, scalable, and reliable platforms for application delivery. Significant reduction in the time needed to
deploy applications is achieved through centralized control with decentralized management using virtual partitioning, role-based access control, and
hierarchical management domains. Virtual partitioning can provide the same level of service to as many as 250 logical groups., Role-Based Access
Control (RBAC) enable centralized control and decentralized management. Combined with hierarchical management domains these functions allow
resource distribution and management in logical groups (such as businesses, applications, or customers) on a given physical platform and ensure
maximum flexibility for deployments, for the most scalable and efficient use of the Application Control Engine.
Security
The Self-Defending Network concept aims at peace of mind through built-in defense at multiple levels in the data center. A Cisco data center
solution for Application Networking Services integrated with a Cisco Self-Defending Network supports multilevel security while efficiently
handling application traffic. Such a solution provides a single point of control for all business and security policies and a robust solution for
application security, including:
•
SSL encryption and decryption
•
Directional deep inspection
•
Integrated hardware-accelerated protocol control
•
Positive and negative (whitelist and blacklist) security
•
Protocol compliance
•
Anomaly detection
•
Transaction logging and reports for application security forensics