IWAN, Cisco, and Akamai (Oh My!)

Peter Welcher
Architect, Operations Technical Advisor

Well, I intended to write about IWAN, then Cisco and Akamai crept into the picture with a partnership announcement. Here’s what that’s all about…


If you haven’t run across the Cisco acronym “IWAN”, expect to hear more about it. IWAN, as in Internet as WAN.

The Cisco ISR G2 hardware and IOS code (including the 4451-X)  is being renamed ISR-AX (for Application Experience), pushing the use of integrated WAAS services, AVC, NBAR2, and the security capabilities. The new emphasis will be on the services in the platform: hence IWAN. Centralized Internet access is turning into distributed Internet, in part due to guest access needs, cloud services, and reducing latency by not detouring Internet traffic through central locations. In addition, as branch office speeds increase, centralized Internet exacts penalties for both WAN and Internet bandwidth. I expect some companies and other organizations supporting a large mobile and/or home-based staff to shift applications into the cloud, at which point it may be attractive to save money by using the Internet securely instead of a corporate WAN.

My punny side hopes Cisco doesn’t run bad commercials about this, like “It’s all IWAN it to be”.

Cisco / Akamai Partnership

Cisco is also now partnering with Akamai for related services, integrating Akamai Unified Performance technology into these routers, improving both WAN and Internet performance.

“Both companies intend to co-develop enterprise network offerings, aimed at delivering the world’s first enterprise WAN and Internet optimization solution to provide a secure, high-quality end user experience for both public and private cloud applications to all remote offices.”

From the whitepaper (see below):

“Akamai Unified Performance technology provides Intranet and Internet traffic optimization, acceleration, and caching of content. Critical to support the needs of rich media applications, Akamai Unified Performance can cost-effectively extend high-quality digital web experiences to the branch office.”

The first focus appears to be on pre-positioning Akamai and general Internet content in stores and branch offices, with dynamic acceleration and caching.

The bigger focus is on faster more reliable connections over the Internet for branch offices, including hybrid cloud scenarios.


The Network World article listed below gets it right. Cisco wants to encourage ISR G2 sales with licensing etc. for the new features and the hardware to run them. Akamai gets to expand its market to smaller businesses by embedding in effect a point of presence (POP) in the branch routers. Cisco does the WAN acceleration, Akamai does the Internet acceleration. Win-win!

Life Log

I’m doing QoS for a site using DMVPN. QoS, DMVPN, Internet — that always seems like a bit of a mixed proposition. The new DMVPN Per-Tunnel QoS feature is interesting, lets you pace traffic to spoke sites. I keep ending up with “it may be better than nothing”. Note that per-tunnel hub shaping controls still doesn’t handle converging traffic oversubscribing the egress link to a spoke. Couple it with CAC, well you’re still missing egress QoS prioritizing VoIP.

I also can’t find Cisco advice about DMVPN spoke to hub QoS. I’m also curious about the effects of running DMVPN with every site or most sites mutual hubs, which is definitely different than the two hub site models most articles talk about.

Relevance? If IWAN and the new Akamai service are going to be great, sooner or later QoS is going to be wanted. Personally, I can see IWAN and Akamai accelerating and compressing to speed things up, maybe even picking best paths in some fashion. QoS and the Internet? That would seem to be a bit of a stretch!

So what do you think? Is QoS for DMVPN useful? Or just  putting lipstick on a pig? (I end up somewhere in the middle of that range.)

Related Links

Cisco IWAN: http://www.cisco.com/en/US/netsol/ns1247/index.html

Cisco blog re IWAN: http://blogs.cisco.com/borderless/a-brave-new-world-for-it-internet-as-wan-2/

Good Network World article about Akamai / Cisco: http://www.networkworld.com/community/blog/cisco-partners-akamai-optimize-hybrid-cloud

Akamai about Akamai / Cisco partnership: http://www.akamai.com/html/about/press/releases/2013/press_100913_1.html

Cisco about Akamai / Cisco partnership: http://blogs.cisco.com/borderless/another-better-together-combination-cisco-and-akamai/

Akamai / Cisco whitepaper: http://www.akamai.com/dl/akamai/Akamai-Whitepaper-Cisco-Maximize-Your-WAN-Investment.pdf

Twitter: @pjwelcher

Disclosure Statement


Leave a Reply


Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.


Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.


John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.