I have a question surrounding QOS. Although I have many branch offices that connect to my data center via IPSEC VPN tunnels. I think it will be easiest for me to understand if I focus on a single link, but please keep in mind that whatever I come up with I will need to do something similar in 30 or so additional branch locations. Different locations have different numbers of users, different bandwidth capabilities, etc.
We use Cisco Call Manager, Unity Connection VM, Cisco Presence and IPCC all installed in my data center. Some branch office use their router as a PSTN gateway, while others rely on Call Manager based SIP trunks for PSTN connectivity.
So my branch office has a Cisco 2821 router with a Serial T1 direct internet access. This DIA is provided by Carrier “A” and they have assigned a public IP for my router. MY data center has an ASA5510 Security appliance and it has 15 megs of DIA, also provided by Carrier “A” and it too has a public IP assigned by Carrier “A”.
I have an IPSEC VPN tunnel created between the public IP of my branch router and the public IP of my ASA in my data center.
The traffic traversing this link consists of the following (list in the order of importance to me):
•1) Voice Traffic (branch phones to other branch phones, branch phones to and from Unity Connection, ad hoc conference calls, MeetMe conference calls and some branch phone to PSTN via SIP trunks terminated on my Call Managers in my data center – number of such calls vary by location)
For example it ranks Signalling above Critical Data. Also consider using a Scavenger class.
I also suggest that if you haven't done so already that you get business sign off on the policy. Then people can't complain about poor perfromance for their favourite applications when it is implemented.
I suggest that you also ensure that you have your trust QoS boundary configured on your switches and routers before the traffic hits the firewall.
Usually no news means good news in security, but how do you know what is working, what could be better and where you should invest? Introducing the Cisco Security Outcomes Study.
We commissioned an independent survey of 4,800 active security a...
Cisco is happy to announce their Fall release, FTD 6.7/ASA 9.15.1/FXOS 2.9, which consists of 104 features across 24 initiatives, addressing technical debt while staying true to our five core investment areas: Ease of Use and Deployment, Unified Policy an...
Hi Team, I have one exclusion provided by internal team which is Is it right way to exclude ? *\Program Files\XYZ\* , as per Cisco Docs i see its not recommended because it will create performance issue when we use * at starting , So...
Central Log Management using Cisco Security Analytics and Logging, December 2nd at 8am-9:30am PT
Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a c...