Post on 28-Jul-2018
Routing Underlay and NFV Automation with DNA Center
Prakash Rajamani, Director, Product Management
BRKRST-1888
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#BRKPAR-4980
• DNA Center
• Software Update
• Routing Underlay Automation
• NFV Automation
• Cloud Connect
• Intent Based Networking
– Application Policy
• Conclusion
Agenda
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
The Current Enterprise Branch Landscape
Multiple DevicesRouters, Appliances, Servers
Costly to OperateUpgrades, refresh cycles,
site visits
Difficult to ManageDevice integration and
operation
Virtualization solves all these challengesBRKRST-1888 5
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6BRKRST-1888
What does this lead to?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Why are companies spending so much?
*
*McKinsey study conducted for Cisco in 2016
95% 70% 75%
OpEx Spent on Network Changes & Troubleshooting
Policy Violations Due to Human Error
Network Changes Performed Manually
7BRKRST-1888
The Cost of Doing Business in the Digital World
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intent-based Network Infrastructure
DNA Center
Policy Automation Analytics
I N T E N T C O N T E X T
S E C U R I T Y
L E A R N I N G
Informed by ContextVisibility into traffic and threat patterns
Who, What, When, Where, How
Powered by IntentTranslate Business Intent to Network Policy
Automate the management and provisioning millions of devices instantly
8BRKRST-1888
The Network. Intuitive.Constantly learning, adapting and protecting.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Insights &
Actions
Automation
& Assurance
Security &
Compliance
DNA Software Capabilities
Cloud Service Management
Automation Analytics
Virtualization
DNA-Ready Physical and Virtual infrastructure
Security
9BRKRST-1888
Digital Network Architecture (DNA)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKRST-1888 10
DNA SolutionCisco Enterprise Portfolio
AnalyticsAutomation Policy
Software-Defined Access (SDA) + Non SDA
Routers Switches Wireless AP WLC
DNA Center
DESIGN PROVISION
POLICY ASSURANCE
DNA Center:
Simple Workflows
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKRST-1888 11
DNA Center: Design, Policy, Provision, Assurance A better way to manage your network
DNA Center: Design, provision,
automate policy and assure
services from one place
Logical workflow to design,
provision, set policy
Respond to changes faster
Monitor end-to-end
network performance
Predict and act on problems
before they happen
Pinpoint problems faster
Reduce downtime with an
end-to-end view instead of
hop by hop
Manage hardware and
software lifecycles
Keep up to date, meet
compliance and plan for refresh
Automation Using DNA Center
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
DNA Automation Principles
IT Process Automation Policy Based AutomationZero Touch Deployment
BRKRST-1888 13
Getting Started With Automation…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Changes for Automation
Standard Change:
• Automated Change Request
• No Approval Required
• Fully owned by Network Engg
team with minimal to zero
downtime
Non-Standard Change
• Require Approval by Change
Board
• May require service disruption
• Co-ordination with Application
team during change window
Settings Update (Syslog, NTP)
Password Update
Port Settings, VLAN changes
New device/site deployment
Software Update
New service/Update service
Network
Change
BRKRST-1888 15
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case:
• Adding a new Syslog (Ex:
Splunk) in the network
• SoX requirements to update
password every 6 months
Network Settings Update (Standard)
AAA
Server
Site1
North
America
South
AmericaSite2
Africa
EMEAR
AAA
Server
DNS
Server
Syslog
Server
Syslog
Server
DHCP
Server
Benefits:
• Repeated manual error prone
tasks automated
• Engg get additional time to focus
on design and deployment
• Standard change automation
removes the lead time to make
changes
BRKRST-1888 16
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Settings Roll Out
What’s new!!• Password roll out with
embedded recovery mechanism
• Scheduler for config update
• Banner Updates in Settings
• SWIM Provisioning is now Time
Zone Aware
New!
BRKRST-1888 17
IT Process Automation - Software Image Management
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case:
• Ensure Consistency of Software
for all network devices (by
platform type)
• React to PSIRT and bugs fast
• Deploy software with confidence
Managing Software Lifecycle
Benefits:
• Golden Image based workflows
drive software consistency
• Pre/Post check ensures that
software updates do not have
adverse effects on the network
• Patching provides small updates
to react quickly to security fixes
BRKRST-1888 19
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20BRKRST-1888
Core Principles of Software Upgrade
21 3
Intent based Network Upgrades Upgrade Pre/Post Checks Patching Support
Intent based network upgrades
allows for image standardization,
much desired by all network
admins.
Pre and post checks allows
network admins more
control and visibility over
network upgrades
Patches are supported in
DNAC from intent to pre-
post checks in same way we
manage regular images
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
DNA Center Based Software Update
SWIM and IT Process Automation
Select
Golden
Image
Identify
devices to
upgrade
Create a
Change
Request
Approval
of CR
Pre-Check
validations
Distribute
Image
Activate
Image
Post
Upgrade
Validation
Close CR
Plan a
Image
Upgrade
Steps to Update Software Image Update
Select
Golden
Image
Identify
devices to
upgrade
Create a
Change
Request
Approval
of CR
Pre-Check
validations
Distribute
Image
Activate
Image
Post
Upgrade
Validation
Close CR
Plan a
Image
Upgrade
Traditional NMS Software Image Update
Select
Golden
Image
Identify
devices to
upgrade
Create a
Change
Request
Approval
of CR
Pre-Check
validations
Distribute
Image
Activate
Image
Post
Upgrade
Validation
Close CR
Plan a
Image
Upgrade
Indicates ITSM Process Steps
How to interpret
the colors
Actions outside of NMS,
mostly manual
Steps covered in NMS Tool
Steps covered in DNA-C
BRKRST-1888 21
SWIM Demo
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKRST-1888 23
IT Process Integration – SWIM
SWIM
ServiceNow
Integration
Zero Touch Provisioning – Router
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
ORDER EQUIPMENTSTAGE AT CENTRAL LOCATION DEPLOY DEVICE
ONSITE
TODAY
Cisco DNA-C
DNA-C Automation w/ Plug & Play
TRUCK ROLL WITH
TECHNICIAN
Lower deployment costs
ORDER EQUIPMENT DEPLOY DEVICE
ONSITE
Direct Costs
• Pre-staging & Shipping costs
• Travel costs
Security
• 3rd party not secure
• Rogue devices
Time/Productivity
• Manual process
• Shipping , Storage, Travel
Complexity
• Configuration errors
• Different products, IOS Releases
• Drop Ship devices
• Centralized device discovery (DHCP, DNS,
Cloud)
• Non-technical installer at site
• Template based configurations
• Secure SUDI Authentication
~50%Day0 OPEX Savings*
* OPEX savings based on customer data
Router Day-0 Deployment Automation
BRKRST-1888 25
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKRST-1888 26
Network Deployment using Profile
Network
Design
Deployment
Standardization
Network
Compliance
Before
During
After
Profile Based Deployment
• Plan for the network deployment
• Feature and Capabilities to be
enabled based on requirements
• Topology for network deployment
• PnP Based Day 0 Deployment
• Version management of Profile
for Day 2 Change Management
• Configuration Compliance
Validation against Profile
• Remediation of Configuration to
Golden Configuration
Configuration ConsistencySimplified Network
Deployment
Integrated IT
Process Flows
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 27BRKRST-1888
Two Steps to Automate Device Deployment
DESIGN PROVISION
• Network Design and Topology
• Routing Protocols and WAN
Connectivity
• LAN Connectivity
• Routing Services
• Network Settings
• IP Addressing Schema
• Naming Convention
• Service Provider Configuration
• Ship Devices to Site
• Design applicable for site
• Site specific parameters
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Profiles for Underlay Automation
Network Settings
Named Capability
Template
Programmer CLI
PROFILE
PROFILE
1
2
DESIGN
PROVISION
BRKRST-1888 28
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CLI Template vs Feature Template
• CLI Based Config template and
Rollback template
• Syntax Checking/Validation of CLI
• Provisioning: Form View
• Cannot push Policy CLI
configuration
• UI flow to create a feature
• No CLI to configure a feature
• Leverage Netconf/Yang to
configure a feature
• Example: DMVPN, Routing
protocol: BGP/OSPF, VLAN,
SSID, AVC
CLI Template Named Capability
BRKRST-1888 29
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Profile with Features Templates
Enterprise SSID
Guest SSID
Feature Templates
(future)
RF Profiles
AVC
BandSelect
FRA
Voice
WLAN Override
Other…
PROFILE NAMED Capability
BRKRST-1888 30
Router Underlay Design and Provisioning Demo
Enterprise NFV
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Freedom of choiceHardware platform
Hardware and software independenceVirtualization layer
Consistent, trusted network services across all the platformsVirtual network functions (VNFs)
Centralized Orchestration and ManagementSDN Applications
What Is Enterprise NFV?
BRKRST-1888 33
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Functions Virtualization Infrastructure Software (NFVIS)
Cisco DNA Center (DNA Center) Cisco Network Service Orchestrator (NSO) / Virtual Managed Services (VMS)
Introducing Cisco Enterprise NFVNetwork Services in Minutes, on Any Platform
Virtual Router
(ISRv,CSR,vEdge)
Virtual Firewall
(ASAv, NGFWv)
Virtual WAN
Optimization
(vWAAS)
Virtual Wireless
LAN Controller
(vWLC)
Third-Party VNFs
Cisco 4000 Series ISR + UCS® E-Series
Enterprise Network Compute System (ENCS)
Cisco® UCS C-Series
BRKRST-1888 34
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lower operating costs
AND
IoTMobility Analytics CloudMobile traffic will Exceed
wired traffic by 2017
IoT Devices will
triple by 2020
76% of companies
planning to or investing in
Big Data
80% of organizations will
primarily use SaaS by 2018
Deploy new capabilities faster
Why Virtualization for the Network?
BRKRST-1888 35
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
ENCS 5000 Series - Chassis Options
ENCS541212-CoreENCS5408
8-CoreENCS54066-Core
ENCS 5104 ENCS 5406 ENCS 5408 ENCS 5412
CPU 4-core, 3.4 GHz 6-core, 1.9GHz 8-core, 2.0GHz 12-core, 1.5GHz
PoE No No 200W 200W
Capacity Guidance ISRv + 1 VNF ISRv + 2 VNFs ISRv + 3 VNFs ISRv + 5 VNFs
ENCS51044-Core
What makes this possible
BRKRST-1888 36
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Single slide on NFVIS
37BRKRST-1888
Demo – DNA Center
Cloud Connect
Policy Based Automation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58BRKRST-1888
Policy Based Automation
Authentication and Authorization
Group Assignment Based on
Authentication methods
Access Policy
Who can access what
Rules for x-group accessPermit group to app
Permit group to group
Access Control Policy
Transforming network operations through intent expressed as policy
Traffic treatment
QoS for ApplicationPath Optimization
Application compressionApplication caching
Application Policy
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59BRKRST-1888
Key Takeaways
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#BRKRST-1888
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Session Evaluations after each session
• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.
Complete Your Online Session Evaluation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
62BRKRST-1888
Thank you