SONA and IIN
IIN describes an evolutionary vision of a network that integrates network
and application functionality cooperatively and allows the network to be
smart about how it handles traffic to minimize the footprint of applications.
IIN is built on top of the Enterprise Composite Model and describes structures
overlaid on to the Composite design as needed in three phases.
Phase 1, “Integrated Transport,” describes a converged network, which is
built along the lines of the Composite model and based on open standards.
This is the phase that the industry has been transitioning. The Cisco
Integrated Services Routers (ISR) are an example of this trend.
Phase 2, “Integrated Services,” attempts to virtualize resources, such as
servers, storage, and network access. It is a move to an “on-demand” model.
By “virtualize,” Cisco means that the services are not associated with a
particular device or location. Instead, many services can reside in one device
to ease management, or many devices can provide one service that is more
reliable.
An ISR brings together routing, switching, voice, security, and wireless It is
an example of many services existing on one device. A load balancer, which
makes many servers look like one, is an example of one service residing on
many devices.
VRFs are an example of taking one resource and making it look like many.
Some versions of IOS are capable of having a router present itself as many
virtual router (VRF) instances, allowing your company to deliver different
logical topologies on the same physical infrastructure. Server virtualization
is another example. The classic example of taking one resource and making
it appear to be many resources is the use of a virtual LAN (VLAN) and a
virtual storage area network (VSAN).
Virtualization provides flexibility in configuration and management.
Phase 3, “Integrated Applications,” uses application-oriented networking
(AON) to make the network application-aware and to allow the network to
actively participate in service delivery.
An example of this Phase 3 IIN systems approach to service delivery is
Network Admission Control (NAC). Before NAC, authentication, VLAN
assignment, and anti-virus updates were separately managed. With NAC in
place, the network is able to check the policy stance of a client and admit,
deny, or remediate based on policies.
IIN allows the network to deconstruct packets, parse fields, and take actions
based on the values it finds. An ISR equipped with an AON blade might be
set up to route traffic from a business partner. The AON blade can examine
traffic, recognize the application, and rebuild XML files in memory.
Corrupted XML fields might represent an attack (called schema poisoning),
so the AON blade can react by blocking that source from further communication.
In this example, routing, an awareness of the application data flow,
and security are combined to allow the network to contribute to the success
of the application.
Services-Oriented Network Architecture (SONA) applies the IIN ideal to
Enterprise networks. SONA breaks down the IIN functions into three layers:
■ Network Infrastructure—Hierarchical converged network and attached
end systems.
■ Interactive Services—Resources allocated to applications.
■ Applications—Includes business policy and logic
IOS features, such as Survivable Remote Site Telephony (SRST) and
AutoQoS, cooperate with centralized services to increase the resiliency of
the network by easily distributing network application logic to the edges of
the enterprise, so that the entire network participates in operations instead of
just the core.
Figure 1-1 shows how IIN and SONA more specifically compare.
CCNP ONT
Chapter 1: Network Architecture [ 249 ]
Phase 1 – Integrated Transport (converged network)
Phase 3 – Integrated Applications
(“application aware”)
Phase 2 – Integrated Services (virtualized resources)
IIN Phases
Business Apps Collaboration Apps
Middleware Middleware
SONA Framework Layers
Infrastructure
Layer
Application
Layer
Interactive
Services
Layer
Network
Servers Clients Storage