agile networks - cisco · agile networks automation, security & flexibility with aci soni...
Post on 14-Jul-2020
23 Views
Preview:
TRANSCRIPT
Agile NetworksAutomation, Security & Flexibility with ACI
Soni Jiandani, SVP Marketing
Trevor Moore CIO Qatar University
March 5, 2015
Duncan Mitchell, SVP Emerging Markets
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Data Center Transitions – Road to ACI/Nexus 9K
VM Density& Server I/0
10G LAN on
motherboard2
Big Data
IP traffic
25% CAGR4
Multi-Cloud
~45% of data center
Multi-hypervisor3
1. Morgan Stanley CIO Survey, 2013 2. HP 3. Information Week 2013 Virtualization Mgmt Survey, 2013 4. Cisco Global Cloud Index Forecast (2013-2017)
Lower TCO -●- Workload Flexibility -●- Agility -●- Compliance/Security
“Bare Metal”
75% physical servers1
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Business Demand: Transition to Modern Cloud Operations
Fast IT =
Efficient
Business
Processes
Model Driven
Software Ecosystem
Open Choice
Simplification
Transformation
OpEx and CapEx
Rapid Adoption
Multi-vendor Innovation
Automation and Operations
Cloud Models
4© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We want to know from you…
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
We Give You Freedom of Choice With a Broad & Deep Ecosystem
Modernize operating system /
Merchant / Open APIs
Programmable Network
Embedded overlay / VXLAN/BGP /Third-party controllers
Network Virtualization
Physical, virtual & containers / Open / Embedded security
Cisco ACI
Common
Portfolio
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Enabling Automation and DevOps:Open NX-OS and NXAPI
POAP ONIE NXAPI
Linux/Python
Daemon
BootStrap and Provisioning
PXE
Package and Application Management
Standard Open Interfaces
Acceptable NXOS
Automation and Visibility
Server Management Tools
Ease of
OperationsModular Open 3rd Party Apps Programmable
Ready for
DevOps
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Multi-Tenancy and Seamless Host Mobility at Cloud Scale Next Gen VXLAN Fabric with BGP-EVPN Control Plane
VTEP VTEP VTEP VTEP
BGP-EVPN VXLAN Overlay
Expanding VXLAN Fabric Choices
InteroperableIncreased
Scale
Optimized
Mobility
Operational
Flexibility
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
ACI is at the CenterThe Most Comprehensive SDN Solution
Open, Standards, and Embedded
Security
Physical, Virtual, and Containers
Automation: Application-Centric
Policy Model
APIC
9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We want to know from you…
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
ACI + OpenStack - VXLAN-GBP has been accepted into the Linux Kernel and Open vSwitch project
NEUTRON
ROUTER
SECURITY
GROUP
W
ebW
eb
W
eb
W
eb
A
pp
A
pp
D
BD
B
HYPERVISOR HYPERVISOR HYPERVISOR
NEUTRON
NETWORK
APIC
Contrac
t
Contrac
tContrac
tDBAPPWEB
ADCF/W
ADC
APIC
APIC
Driver OVS Driver
Neutron
NetworkingGroup Policy
OVS Driver
Neutron
Networking
APIC PLUGIN GROUP POLICY PLUGIN
APIC Group Driver
W
ebW
eb
W
eb
W
eb
A
pp
A
pp
D
BD
B
HYPERVISOR HYPERVISOR HYPERVISOR
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Cisco Data Center and Cloud Management
UCS CENTRAL
UCS MANAGER
APIC
UCS DIRECTOR Orchestration for Compute, Storage & Network
Converged
Infrastructure
Prime Service Catalog - Portal
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
InterCloud: 40+ Partners
DBAPPADC
WEB
F/W
ADC
Cisco InterCloud and ACI: Just Decide Where to Put Your App
13© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We want to know from you…
14© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Security, Security, Security
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
• Is our data secure?
• Do our policies really work, and are they measurable?
• Do our policies meet compliance?
• How are our applications structured in our data center?
• How can I minimize downtime of our network?
Security: What You Care About
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
ACI Offers Open Security Framework with a Broad Security Ecosystem
Security Applications(Compliance, SIEM, Security Analytics etc.)
End-to-End Layered Security EnforcementACI
FabricHostFirewall IDS / IPS DDoS
Open Standard
OPFLEX
Open Device
Interface
Open REST APIs
APIC
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
ACI Key benefitsCustomer Profile
Qatar University is a
rapidly growing university
in Qatar with over 16,000
students from fifty-two
nationalities.
Speed of Services
Deployment
Open architecture providing
integration with F5 & ASA
Embedded Security
18© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We want to know from you…
19© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco as a Partner: Services & Solutions
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Delivering Cisco Services for ACI Deployment Success
Smart
Service
Capabilities
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
SDN Solutions: Partner Innovation & DifferentiationChris Paggen
Consulting
Architect
and Design
Integration
w/ Existing
Day 1
Day 2
Connectivity and Visibility Security and Services Application Network Profiles
Traditional to Policy-based
Automate Connectivity
Extend into Existing Use-case
API to Orchestration
Counters,
Logging, Export
Traditional ACL’s to Policy
Policy and Device
Packages
L4 – L7 Service Stitching
Align Profiles
to Services
Centralized Security,
Visibility, Compliance,
and Logging
Evolve Basic VLAN
to Application
Construct
Application Profiles
Map Existing Network Policy
to Application Model
Enable Service Catalog
Based on Profiles
Audit and Monitor
Applications, Tenants,
and Services
22© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Solutions & The Road Ahead
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Key Initiatives & Roadmap
Open NXOS
Nexus 9000 & 3000
1G / 10G / 25G / 40G / 100G
ASICs : High Density 100G – Merchant and
Merchant Plus
NXOS: Object Model, API’s, Automation,
and 3rd Party Tools
ACI: IPv6, Multi-Site, ISV Integration,
AVS/OVS & Scale
OPEN Initiatives: VXLAN / IETF,
OpenStack, Linux
EcoSystem : VMware / MSFT integration,
L4-L7 – Palo Alto
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Microsoft System Center / Azure Pack
ACI FABRIC
Microsoft System Center | R2 w/ Service Provider Foundation
Azure Pack GUI
Websites, Apps, Database, VMs, ACI
Provider PortalConsumer
Self-Service Portal
Websites VMs SQL Service BusFuture
Services
ACI PROVIDER
SERVICE
OpFlex Driver
Policy Management: APIC / Azure Pack
VM Discovery:OpFlex
Encapsulation:VLAN, NVGRE
Zero TouchProvisioning
Service Insertion(Physical / Virtual)
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Immediate Security Benefits with ACI & Tetration Analytics
Proactive Maintenance Lower TCO
Risk Mitigation “Facebook” for machines
Time Series Queries Analyze traffic
Compute Visibility Publish policies
Fast IT No network downtime
26© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
We want to know from you…
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you
top related