Intent-based Networking - Cisco · Intent-based Networking Journey Context Analytics and Assurance...
Transcript of Intent-based Networking - Cisco · Intent-based Networking Journey Context Analytics and Assurance...
Intent-based NetworkingPowered by Cisco Digital Network Architecture
Jason Pernell
WW Sales Director
SDA & Assurance
Why Intent Based Networking?
What benefits does it bring?
How do I get started?
3
Intent-based Networking with Cisco
Digital
BusinessNetwork
Business
Goals
Insights
Intent Context
Security
Learning
SecurityMobile IoT
Powered By Intent. Informed by Context.
4
Traditional networks cannot keep up
More users and endpoints
More VLANs and subnets
Difficult to
segment
Complex to
configure
Inconsistent
user
experience
Multiple steps to give
users credentials
Difficult to maintain policy
Separate user policies
for wired and wireless networks
Unable to find users
when troubleshooting
Common user
policy for the
branch,
campus, WAN,
and cloud
5
Cisco’s Intent-based Networking
Intent Context
Security
Learning
DNA Center
Analytics & Assurance
AutomationPolicy
Intent-Based Network Infrastructure
Switching Routers
Wireless
Powered By Intent.
Informed by Context.
6
Intent-based Networking Journey
Context
Analytics and
Assurance
Intent-based
Network
Infrastructure
Readiness
Secure
Foundation
Policy Based
Automation
Intent
Machine
Learning & AI
End-to-end view
of the network
with full context
through data
and insights
Constantly
learning,
adapting,
protecting
Open and
Programmable
Rapid threat
detection
and mitigation
Simplify, scale
network
deployment for
Cloud,
Mobile, IoT
Policy Validation
Predictive
Self-healing
7
Software-Defined AccessIndustry’s first policy-based automation from the edge to the cloud
Secure users, devices, and
applications with identity-based
policy, regardless of location
End-to-End
Segmentation
Simple,
automated
workflows
Intelligent
network fabric
Design, provision, and manage your
wired and wireless networks
Enable a consistent user experience
anywhere with insights and analytics
into user and application behavior
Common user
policy for the
branch,
campus, WAN,
and cloud
8
Cisco’s Intent Based
NetworkingShift IT Time to Business Focus
67% 80%
48% 61%
Network
Provisioning
Time Savings
Improve Issue
Resolution
Reduced Security
Breach Impact
Reduced
Operating
Expense
How do you
defend against
threats?
How deliver a
great user
experience?
SECURITY ASSURANCE
How do you scale
for the mobility &
IoT explosion?
SCALE
MobilityRansomware IoT10
. 1 McKinsey Study of Network Operations for Cisco – 2016
IT Challenge: 43% of IT Time spent in Troubleshooting
4x
Replication
challenge
Slow
resolution
Network operators spend more time
collecting data than analyzing while
troubleshooting
Impossible for IT to troubleshoot if they
cannot replicate the issue or see it real
time
Half of WiFi issues take more than
30min to resolve
11
12
Network Quality is a Complex, End-to-End Problem
* Both = Join/roam and quality/throughput
APs
Local WLCs
Network services DCOffice site
ISE
Mobile clients
CUCM
Client firmware
AP coverage
WAN Uplink usage End-User services
RF Noise/Interf.
Cisco Prime™
Configuration
AuthenticationWLC Capacity
WAN
Client density
Affects Join/Roam
Affects Quality/Throughput
Affects Both*
DHCP
Addressing
WAN QoS, Routing, ...
There are
100+ points of
failure
between user
and app
What is the problem?
Where is the problem?
How can I fix the problem fast?
Too Many Tools
Fragmented visibility
Closed interfaces / Silo’d views
Devices queried multiple times
Different protocols/mechanisms
Reactive Systems
Always playing catch up
Not designed for analytics
Inconsistent API architecture
Specialized knowledge required
Limited Insights
Limited data that is not
actionable
My report vs your report
No view of state changes
Lacking context or feedback
loop
RIGID CLOSED/
PROPRIETARY
LACK OF
INTELLIGENCE
Today’s tools are limited and do not address network needs
13
Right Place Right Time Right Action
Quick Problem
Isolation
Replicate the
Problem in data
Resolve the problem
Decisively
Ideal Solution to Network Assurance
14
Transforming network operations through actionable insights and simplicity
Introducing Cisco DNA Assurance
Right Place Right Time Right Action
Quick Problem
Isolation
Replicate the
Problem in data
Resolve the problem
Decisively
Right Place: Isolation
How Cisco Does It?
360◦ Context Graph – connected view of users, clients, applications and network, end-to-end
Wi-Fi Analytics for iOS
DNA Center Assurance
Event driven telemetry
Everything as a sensor –Granularity
BEFORE
Hours finding
needle in the
haystack
AFTER
Get to root cause
in minutes
16
Of WiFi Issues
take more than 30
minutes to resolve50%
Disassociation
Reason
Dis-associated
from AP
Session
Duration
Time Location – Building
Flr
DHCP Failure AP1 23min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F
DHCP Failure AP1 5min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F
Device internal
state reset
AP1 10min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F
DHCP Failure AP2 1min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F
Captive Portal
failure
AP2 52sec 23:30:15 – Dec-2-2018 SJC24 / 2F
Captive Portal
failure
AP2 2min 10sec 23:30:15 – Dec-2-2018 SJC24 / 2F
Miscellaneous
Reasons
AP2 30min 10sec 23:30:15 – Dec-2-2018 SJC24 / 1F
Apple Insights
Support per device-
group Policies and
Analytics
Insights into the
clients view of the
network
Provide clarity into
the reliability of
connectivity
1 2 3
Device Profile Wi-Fi Analytics Assurance
Client shares
these details
1. Model e.g. iPhone 7
2. OS Details
e.g. iOS 11
Client shares
these details
1. BSSID
2. RSSI
3. Channel #
Client shares
these details Error code for why did
it previously
disconnected
17
How Cisco Does It?
Full Contextual State – 14 days of history
Right Time:Problem Replication
Predictive trends to resolve issues before they are problems
Proactively test drive the network
BEFORE
Wi-Fi issues come
& go. If you cannot
replicate, you
cannot solve
AFTER
Network Time
Travel with full
context
Aironet Active Sensor
DNA Center Assurance
18
Of organizations have
10% or more of their
users experience a Wi-Fi
issue in a typical week
47%
Right Action: Resolution
BEFORE
Continuous training
AFTER
Leverage 30
years of industry
experience
How Cisco Does It?
Step by step Guided Remediation based on 30 years of Cisco networking expertise and best practices
Extending network context to improve business operations efficiency with Operational Insights
DNA Center Assurance
Operational
Insights
of organizations say a
single hour of downtime
costs over $300K
19
81%
End-to-end visibility – Network/Client Health
• Client Health Summary
• Onboarding, RF and Client Profile info
• Network Health Summary
• Control, Data, Policy Plane and Health info20
End-to-end visibility –360 views of users & devices
• Single location for all user
information and every user device
• History of performance for each
user device
• Proactive identification of any
issues affecting user’s experience
• Single location for all user device
related user information
‒ Connectivity graph with health
score of all device on the path
‒ Application performance
‒ Device KPIs
21
Network Time Travel – Go back in time to understand the network state when issue occurred
• Rewind time to when the issue
occurred
• All the information on the user
or network device 360 changes
to the selected time!
• History shows critical events
• Identifies when issues
occurred!
22
Insights with Guided Remediation Actions
Detailed drill
downs to identify
the impact
quickly
Guided Actions
to help
remediate issues
quickly
23
From Network Data to Business Insights
IPAM
CMX
AppD
IPSLA
SNMP
OID
TelnetDNS
MIB
Ping
CLIDHCP
AAA
SyslogNetflow
TracerouteComplex
correlation
Steam
Processing
Metadata
extraction
Clients Baseline
Application Network
Network Telemetry
Contextual Data
Complex Event
ProcessingCorrelated Insights
Guided
Remediation
Everything as a Sensor
Over 100+ Actionable Insights
Client | Applications | Wireless | Switching | Routing
001110101100110
1010110010
00101101
0110100
1101101
001011
01
1010110
0110
101011
000110
011
Office Site Network
Services DC
WAN
Local WLCs
APsMobile Clients
Turn Data into Insights: End-to-End Assurance
SFCDC
SNOW
BOX
Cloud Apps
On-boarding
& connectivity
Configuration
compliance
Visibility &
performance
Network
health
Machine Learning Predicts Issues Before It Impacts the Business
DHCP
CUCM
NMS
DNA Center ApplianceAutomation Software Module
Assurance Software Module
DNA Solution Components
DNA Center
Policy Design
Provision Assurance
Router Wireless LAN
Controller
Access
Point
Switch
Cisco® Identity
Services Engine
DNA-Ready Hardware
and
Non-DNA-Ready Hardware
26
Challenges
• Eight campuses including Texas Medical Center (13
buildings), seven comunity hospitals and 150 off-site
locations comprised of emgerency, imaging, and
primary care offices
• A small staff: ten full-time employees, but only four
people dedicated to wireless.
• What’s the problem: With up to 50,000 clients on the
network each day, wireless roaming and
authentication issues arise but users may not
necessarily report those issues. Wireless connectivity
plays a critical role in patient care and satisifaction.
Solutions & Outcomes
Cisco’s DNA Center helps Houston Methodist Hospital
achieve:
• Better access to data: with a mostly wireless network,
is able to easily detect devices throughout the network
and solve any issues with the help of analytics.
• Spolier Alerts: DNA Center helps the team to target
small issues before they become big problems.
Customer Case Study
Houston Methodist HospitalInterview with Manuel Ortiz III Senior Wireless Engineer, HMH
I like that DNA Center helps me
find problems proactively, before
users contact me.“ “
Challenges
• A large campus: Over 8,000 acres and 45,000 clients
daily at peak times. More devices during one of the
University’s many on-campus events.
• Lots of people, using lots of apps: With more than 20
different types of wireless client hardware in use on
campus, all need to work on the network. Issues can
arise when supporting students’ personal streaming
devices and smart home applications.
Solutions & Outcomes
Cisco’s DNA Center helps Stanford University to
achieve:
• Information, where you need it: “DNA Center has the
opportunity to be the Holy Grail of wireless
management,” Norris said. “The products is focused
on providing the end-user with all of the information
needed to design, run and troubleshoot a large
network. The client data is presented in a clear and
thoughtful way, providing all of the data you need
within two or three clicks.”
Customer Study
Stanford University
Residential Dept.Drew Norris, Sr. Network Engineer, Stanford University
Cisco DNA Center is a great idea
packed with a lots of potential.
Cisco is moving in the right
direction!
“ “
Challenges
• The same experience at every park: unlike other sports,
MLB is attempting to standardize the wireless network at
all of their parks. This way fans of any team will have the
same customer experience, no matter what park they call
home.
Solutions & Outcomes
• Cisco Consistency: 18 out of 30 MLB parks are equipped
with Cisco products allowing for the standardization and
consistencey that Major League Baseball desires.
• DNA Center starts in KC: Kauffman Stadium in Kansas
City, MO is the first ballpark that is equipped with Cisco
DNA Center. The plan is for all 30 stadiums to follow suit.
• Already a hit: Once DNA Center was installed, an issue
about performance degredation was spotted. Using DNA
Center, the IT Manager was able to drill into the source
and found that a switch interface—specifically an old,
extended cable—was to blame. The cable was replaced
and the Wi-Fi ran better than ever.
Customer Case Study
Major League BaseballInterview with Matt Swartz Advanced Services Principle Engineer Cisco
Without Cisco DNA, solving this
issue] was like looking for a needle
in a haystack!“ “
In Closing…
Start your IBN
Journey
Begin your
Journey with
Assurance
Leverage Base
Automation &
PoV SDA
Cisco Starter Kits Available, work with your
account team and partner
Assurance = Insights & Network Analytics
that you can take action on
Leverage Base Automation for Configuration
SDA PoV in Green/Brownfield Environments
30
1. This is Cisco’s Controller for
Intent Based Networking
• DNAC
2. Cisco can time travel for how
many days to trouble shoot
• 14
3. This is the policy engine that
feeds into DNAC
• ISE