Karl-Etienne St-Pierre

Systems Engineer

Nov10, 2016

APIC-EM

Software Defined Networking in the Enterprise

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

Cisco Digital Network Architecture

Automation

Abstraction and Policy Control

from Core to Edge

Open and Programmable | Standards-Based

Open APIs | Developers Environment

Cloud Service Management

Policy | Orchestration

Virtualization

Physical and Virtual Infrastructure | App Hosting

Analytics

Network Data,

Contextual Insights

Insights and

Experiences

Automation

and Assurance

Security and

Compliance

Network-enabled Applications

Cloud-enabled | Software-delivered

Principles

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Resiliency/Scale has been proven

Distributed Networking has worked

BRKCRS-3011 4

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Distributed Networking has worked

?

Distributed Networking adds complexity to manage/comprehend

!

!

!

However

BRKCRS-3011 5

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

But uses controller

to mask complexity

NETWORK

Admin still makes network behavior decisions

BRKCRS-3011 6

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Intent Policies

High Level Constructs

Translation

Network Control Functions

QoS ACLConfiguration

Translation of high level constructs

to network control functions

reduces skills gaps and clarifies

policy procedures

Cisco Intent Policy Management

BRKCRS-3011 7

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Network

Devices

Controller

Applications

Allow Protocol/API

choice while

maintaining stack

integrity• CLI

• SNMP

• Web UI

• NETCONF

• XML

• onePK

• Openstack

• Web UI

• YANG

• REST API

BRKCRS-3011 8

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

WWW Network

Web

Admin

Network

Admin

Both at one time had direct admin control

BRKCRS-3011 9

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Web Dev GUI

WWWNetwork

WWW

Admin

Network

Admin

Controller

Direction to abstract complexityNetwork Management should follow Web Development

Focus on the

What

and not

How

2005

Power Technologist

2013

Non Technical Users

2010

Application Developers

2015

Intent Networking

2018

Self Healing

2016

Partial Automation

BRKCRS-3011 10

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

APIC-EMPlatform Architecture

Network PnP Network InventoryPath TraceIWAN

Advanced Topology Visualizer

APIC-EM

Applications

APIC-EM Controller

Northbound REST APIs

APIC-EM

Services

Grapevine

Inventory

ManagerRBAC Policy Analysis

Policy

Programmer

Network PnPData Access

Service

Topology

ServicesIWAN

Services

Elastic Service Infrastructure

APIC-EM

Applications

APIC-EM

Services

Addresses

Scale Out

and HA

Requirements

BRKCRS-3011 13

Grapevine Appliance Grapevine Appliance Grapevine Appliance

…Grapevine spins up more

service instances in

response…

As load

increases…

Multi-Instance

• Dynamic Scaling based on Load

• Faster Provisioning and Data Collection

• HA for select services with minimal disruption

• Enable Future Support for Seamless Cloud Upgrade and Near Zero downtime

* Future Support

`

System Requirements

Server: 64-bit x86 (Ubuntu 14.04 LTS)

vCPU: 6 (2.4 GHz) or more

RAM: 64 GB (for single-host deployments)/

32 GB (for multi-host deployments)

Storage: 500 GB HDD

Browser: Google Chrome or Firefox

Hypervisor: VMware vSphere 5.1/5.5/6.0 (for Virtual

Appliance)

x

APIC-EM 1.x Footprint

• Lower Footprint (32GB)

• Dynamic Sizing based on Scale

• Horizontal and Vertical Performance Scaling

• Support for 64, 128GB nodes

• Support for clustering of up to 3 nodes

x32 GB

6 vCPU

250 Wired Devices

250 Wireless Devices

6k Hosts

x32 GB

6 vCPU

10k Wired Devices

10k Wireless Devices

100k Hosts

As load

increases…

`

Scale Numbers

Network

Devices:

10000

Access

Points:

10000

End

Hosts:

100,000

Note: These scale numbers are for the APIC-EM platform and the base applications.

Some other APIC-EM applications might have different scale numbers.

Apps IndependencePluggable Service Architecture

IWAN

EasyQoS

PnP

Path Trace

Lifecycle Mgmt.

Integrity Verification• Better Footprint Alignment

• Improved Installation Experience

• Functional Scaling (PnP Only, IWAN Only Platform etc)

• Better Patching Capabilities

• Faster Downloads

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

APIC-EM – Functions and Applications

• Network Plug-n-Play – for Zero Touch Deployment

• Network Information Base – Device Inventory

• Network Information Base - Host Inventory

• Topology Visualizer

• Path Visualization Application

• Intelligent WAN

• EasyQoS GUI

(*) GA1BRKCRS-3011 20

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Automation: Plug and Play

”

Plug and play means no more IT

engineers in the field – faster time to

market and dramatically lowered costs.

“

Eliminates

Staging Truck Roll

Network Plug and Play

Plug in and

Auto Provision

Order Controller-Based

Management

Cisco ONE

Foundation

SWIIM

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

How it Works: Cisco PnP Application

Plug & Play

Enterprise-wide scale

Automated workflow

Pre-provision1 Discovery2 Secure Deployment3

Discovery1 Un-claimed Devices2 Secure Deployment3

Network PnP app pre-provisioned

with device SR number

Configure device discovery

• DHCP Option-43 or DNS

• Installer powers on devices

• Devices download image and

configuration

• Installer powers on devices

• Devices securely connect

to APIC-EM server, waiting

to be ‘claimed’

• Network admin claims devices

based on device information

• Device downloads image

and configuration

Configure device discovery

• DHCP Option-43 or DNS

Network PnP app on APIC-EM

AdminEM

DHCPServer

DNSServer

OR

PnP-Agent PnP-Agent

EM

Device Authentication

Download Image and Configure

Installer

Network PnP app on APIC-EM

AdminEM

DHCPServer

DNSServer

OR

PnP-Agent PnP-Agent

EM

Device Authentication

Download Image and Configure

Installer

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Plug and Play Support Across Cisco Devices

DHCP Option

43/60

iPhone App

based

installation

USB key

based

Bootstrap

Switches (Catalyst®) Routers (ISR, ASR) Wireless Access Points

DHCPServer

DNS Server

DNSServer

Switches (Nexus)

Cloud

Redirection

https://devicehelper.cisco.co

m/device-helper

https://pnpserver.localdo

main

PnP string:

5A1D;B2;K4;I10.10.10.1;J80 iPhone, iPad, Android

CA

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

APIC-EM Path Trace Application

User Trouble Ticket IT Path Trace

NETWORK

Open

Architecture

Network,

Applications

Monitoring

Simple Workflow

BENEFITS

SDN

Easy visual discovery of trouble spots in the

communication path based on 5-tuple info

OpEx for ticket processing decreased by 98%

from 1.6 hours to 1 minute

`

Path Trace App: Application Flow Visibility

Link Source InformationStats: Device, Interface, QoS, PerfmonACL CheckCAPWAP Tunnel

Path Trace Demo

Controllers

APIC-EM platform

APIC-EM use cases

Plug & Play App

Path Trace Analysis

EasyQoS

IWAN

Agenda

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

Policy Service: EasyQoS

Enhance Collaboration Experience

300% 50%Reduction in

voice jitter

Video quality

improves

No Operator Intervention

”

The EasyQoS App reduces deployment times

for network-wide QoS dramatically. We can

now respond to changing application needs via

policy-based automation within minutes or even

seconds.

“

Select from Predefined

Policies

Automated Deployment

of QoS config

Optimized for Any

Infrastructure

Cisco ONE

Foundation

Edeka

Lower Costs & Complexity

Deploy changes: Months to Minutes

Thousands in cost savings

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com

EasyQoSApplication QoS

Wireless AP

Trust Boundary

PEP

4Q (WMM)

Catalyst 3650

Trust Boundary

PEP

2P6Q3T

Catalyst 4500

1P7Q1T

Catalyst 6500

1P3Q4T

1P7Q4T

2P6Q4T

…

Nexus 7700

F3: 1P7Q1T

WLC

PEP

ASR/ISRs

MQC

Catalyst 2960-X

Trust Boundary

PEP

1P3Q3T

Wireless AP

Trust Boundary

PEP

4Q (WMM)

EM

Applications can interact with APIC-EM via Northbound

APIs, informing the network of application-specific and

dynamic QoS requirements

Southbound APIs translate

business-intent to platform-

specific configurations

Network Operators express high-level

business-intent to APIC-EM EasyQoS

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Publicwolfgang@cisco.com 3232© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 32

EM

EasyQoS will seamlessly interconnect all types of

hardware and software queuing models to achieve

consistent and compatible end-to-end treatments

aligned with the expressed business-intent

EasyQoSApplication QoS- Deploy End-to-End DSCP based Queueing Policies

EasyQoS Demo