Agile Networks - Cisco · Agile Networks Automation, Security & Flexibility with ACI Soni Jiandani,...

Agile NetworksAutomation, Security & Flexibility with ACI

Soni Jiandani, SVP Marketing

Trevor Moore CIO Qatar University

March 5, 2015

Duncan Mitchell, SVP Emerging Markets

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Data Center Transitions – Road to ACI/Nexus 9K

VM Density& Server I/0

10G LAN on

motherboard2

Big Data

IP traffic

25% CAGR4

Multi-Cloud

~45% of data center

Multi-hypervisor3

1. Morgan Stanley CIO Survey, 2013 2. HP 3. Information Week 2013 Virtualization Mgmt Survey, 2013 4. Cisco Global Cloud Index Forecast (2013-2017)

Lower TCO -●- Workload Flexibility -●- Agility -●- Compliance/Security

“Bare Metal”

75% physical servers1


Business Demand: Transition to Modern Cloud Operations

Fast IT =

Efficient

Business

Processes

Model Driven

Software Ecosystem

Open Choice

Simplification

Transformation

OpEx and CapEx

Rapid Adoption

Multi-vendor Innovation

Automation and Operations

Cloud Models

4© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

We want to know from you…


We Give You Freedom of Choice With a Broad & Deep Ecosystem

Modernize operating system /

Merchant / Open APIs

Programmable Network

Embedded overlay / VXLAN/BGP /Third-party controllers

Network Virtualization

Physical, virtual & containers / Open / Embedded security

Cisco ACI

Common

Portfolio


Enabling Automation and DevOps:Open NX-OS and NXAPI

POAP ONIE NXAPI

Linux/Python

Daemon

BootStrap and Provisioning

PXE

Package and Application Management

Standard Open Interfaces

Acceptable NXOS

Automation and Visibility

Server Management Tools

Ease of

OperationsModular Open 3rd Party Apps Programmable

Ready for

DevOps


Multi-Tenancy and Seamless Host Mobility at Cloud Scale Next Gen VXLAN Fabric with BGP-EVPN Control Plane

VTEP VTEP VTEP VTEP

BGP-EVPN VXLAN Overlay

Expanding VXLAN Fabric Choices

InteroperableIncreased

Scale

Optimized

Mobility

Operational

Flexibility


ACI is at the CenterThe Most Comprehensive SDN Solution

Open, Standards, and Embedded

Security

Physical, Virtual, and Containers

Automation: Application-Centric

Policy Model

APIC


ACI + OpenStack - VXLAN-GBP has been accepted into the Linux Kernel and Open vSwitch project

NEUTRON

ROUTER

SECURITY

GROUP

W

ebW

eb

W

eb

W

eb

A

pp

A

pp

D

BD

B

HYPERVISOR HYPERVISOR HYPERVISOR

NEUTRON

NETWORK

APIC

Contrac

t

Contrac

tContrac

tDBAPPWEB

ADCF/W

ADC

APIC

APIC

Driver OVS Driver

Neutron

NetworkingGroup Policy

OVS Driver

Neutron

Networking

APIC PLUGIN GROUP POLICY PLUGIN

APIC Group Driver

W

ebW

eb

W

eb

W

eb

A

pp

A

pp

D

BD

B

HYPERVISOR HYPERVISOR HYPERVISOR


Cisco Data Center and Cloud Management

UCS CENTRAL

UCS MANAGER

APIC

UCS DIRECTOR Orchestration for Compute, Storage & Network

Converged

Infrastructure

Prime Service Catalog - Portal


InterCloud: 40+ Partners

DBAPPADC

WEB

F/W

ADC

Cisco InterCloud and ACI: Just Decide Where to Put Your App


Security, Security, Security


• Is our data secure?

• Do our policies really work, and are they measurable?

• Do our policies meet compliance?

• How are our applications structured in our data center?

• How can I minimize downtime of our network?

Security: What You Care About


ACI Offers Open Security Framework with a Broad Security Ecosystem

Security Applications(Compliance, SIEM, Security Analytics etc.)

End-to-End Layered Security EnforcementACI

FabricHostFirewall IDS / IPS DDoS

Open Standard

OPFLEX

Open Device

Interface

Open REST APIs

APIC


ACI Key benefitsCustomer Profile

Qatar University is a

rapidly growing university

in Qatar with over 16,000

students from fifty-two

nationalities.

Speed of Services

Deployment

Open architecture providing

integration with F5 & ASA

Embedded Security


Cisco as a Partner: Services & Solutions


Delivering Cisco Services for ACI Deployment Success

Smart

Service

Capabilities


SDN Solutions: Partner Innovation & DifferentiationChris Paggen

Consulting

Architect

and Design

Integration

w/ Existing

Day 1

Day 2

Connectivity and Visibility Security and Services Application Network Profiles

Traditional to Policy-based

Automate Connectivity

Extend into Existing Use-case

API to Orchestration

Counters,

Logging, Export

Traditional ACL’s to Policy

Policy and Device

Packages

L4 – L7 Service Stitching

Align Profiles

to Services

Centralized Security,

Visibility, Compliance,

and Logging

Evolve Basic VLAN

to Application

Construct

Application Profiles

Map Existing Network Policy

to Application Model

Enable Service Catalog

Based on Profiles

Audit and Monitor

Applications, Tenants,

and Services


Solutions & The Road Ahead


Key Initiatives & Roadmap

Open NXOS

Nexus 9000 & 3000

1G / 10G / 25G / 40G / 100G

ASICs : High Density 100G – Merchant and

Merchant Plus

NXOS: Object Model, API’s, Automation,

and 3rd Party Tools

ACI: IPv6, Multi-Site, ISV Integration,

AVS/OVS & Scale

OPEN Initiatives: VXLAN / IETF,

OpenStack, Linux

EcoSystem : VMware / MSFT integration,

L4-L7 – Palo Alto


Microsoft System Center / Azure Pack

ACI FABRIC

Microsoft System Center | R2 w/ Service Provider Foundation

Azure Pack GUI

Websites, Apps, Database, VMs, ACI

Provider PortalConsumer

Self-Service Portal

Websites VMs SQL Service BusFuture

Services

ACI PROVIDER

SERVICE

OpFlex Driver

Policy Management: APIC / Azure Pack

VM Discovery:OpFlex

Encapsulation:VLAN, NVGRE

Zero TouchProvisioning

Service Insertion(Physical / Virtual)


Immediate Security Benefits with ACI & Tetration Analytics

Proactive Maintenance Lower TCO

Risk Mitigation “Facebook” for machines

Time Series Queries Analyze traffic

Compute Visibility Publish policies

Fast IT No network downtime

Agile Networks - Cisco · Agile Networks Automation, Security & Flexibility with ACI Soni Jiandani,...

Documents

Transcript of Agile Networks - Cisco · Agile Networks Automation, Security & Flexibility with ACI Soni Jiandani,...