Simplify IT With Cisco Application Centric Infrastructure

André Rodrigues

Systems Engineer Cloud and DC

February 25, 2015

Cisco Confidential 2 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco has partnered with Microsoft to integrate technologies

Multi-year investment and commitment

Research & Development

Strategic partners in the data center

Executive Sponsorship

Cisco Confidential 3 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

AGENDA Challenges and Opportunities

Application Centric Infrastructure

and Business Benefits

What problem are we trying to solve

and how do we solve it

Open, Open and Open

Demo: ACI&WAP Integration

Cisco Confidential 4 ©2014 Cisco and/or its affiliates. All rights reserved.

ACI Addresses Business Objectives

CIO CISO

• Best Customer Service

• Product and Service Innovation

• IT as a Competitive Advantage

• Increased Business Insight

• Accelerated Application Delivery

• Flexible Infrastructure

• Greater Visibility and Analytics

• Simplified Processes

• Compliance and Governance

• Auditing and Forensics Integration

• Security Intelligence

• Alignment with Business Objectives

Competitive

Advantage

Business

Agility

Lower

TCO

Reduced

Risk

ACI Benefits

CEO

Cisco Confidential 5 ©2014 Cisco and/or its affiliates. All rights reserved.

IT Challenges and Opportunities

IT’s budget

Need:

IT S

implif

ication

Better alignment of IT with rapidly changing business needs requires dynamic and automated policy-based control of DC and Cloud infrastructure.

Cisco Confidential 6 ©2014 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential 7 ©2014 Cisco and/or its affiliates. All rights reserved.

Introducing: Application Centric Infrastructure

Apps + Infrastructure

Physical + Virtual Open + Secure

On-Premises + Cloud

Application Oriented Policy = Operational Simplicity

Cisco Confidential 8 ©2014 Cisco and/or its affiliates. All rights reserved.

Application Centric Infrastructure

Customer Business Benefits

• Deploy applications faster

• Workload mobility

• Higher application availability

• Compliant and secure

• CapEx reduction

Application Centric Infrastructure

East-West optimized for all workloads

HYPERVISOR HYPERVISOR HYPERVISOR

X86-Virtual Machines

& Virtual Appliances X86 Servers Unix Systems P and Z systems

Network Service Appliances X86 Multi-Hypervisor

Single open API

for entire system

IP Storage

Customer Operational Benefits

• Risk mitigation

• Better utilization of resources

• Operational efficient / zero touch

deployment and de-commissioning

• Self documenting network

• Simplified day-2 troubleshooting

• OpEx reduction

Cisco Confidential 9 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

The ACI Fabric

HYPERVISOR HYPERVISOR HYPERVISOR

Cisco Confidential 10 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Investment Protection Extending ACI into the existing infrastructure

Extend ACI Model on existing IP networks, L4-7 Services, Hypervisors

Extended ACI POLICY

ACI Fabric

PROFILE

Existing Nexus

networks

Hypervisors VM’s Bare

Metal

AVS

Bare Metal

Hypervisor VMs

AVS

Cisco Confidential 11 ©2014 Cisco and/or its affiliates. All rights reserved.

ACI is evolving the network infrastructure to be an enabler for

faster application deployment.

Cisco Confidential 12 ©2014 Cisco and/or its affiliates. All rights reserved.

Data Center Automation – Manual versus Policy Driven

Design it

Procure it

Install it

Configure it

Secure it

Is it ready?

Architect it

Design it

Is QA’d

Is procured

Is installed

Is configured

Is secured

It is ready

Architect it

ACI Policy Driven

ARCHITECT DESIGN COMPUTE Service

Request SERVICES SECURITY NETWORK

Application

Available ARCHITECT DESIGN

Service

Request Application

Available

QA it

Cisco Confidential 13 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Two Types of Languages

Infrastructure Language App Language

Human

Translator

• Application Tier Policy and

Dependencies

• Security Requirements

• Service Level Agreement

• Application Performance

• Compliance

• Geo Dependencies

• VLAN

• IP Address

• Subnets

• Firewalls

• Quality of Service

• Load Balancer

• Access Lists

Cisco Confidential 14 ©2014 Cisco and/or its affiliates. All rights reserved.

A new common language to describe desired state is needed.

Cisco Confidential 15 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

An Innovative Approach to Policy

Provided

Contract

Provided

Contract Provided

Contract

OUTSIDE DB APP WEB

ADC F/W

ADC

What is an application policy?

Group: A set of virtual or physical workloads with the same policy 1.

Contracts: A set of rules governing communication between groups 2.

Service Chains: A set of network services between groups 3.

Cisco Confidential 16 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Policy is Business Relevant

• Application Centric Infrastructure (ACI) allows the entire infrastructure to take commands in a business-relevant language.

1.

2.

3.

4. -

5.

6. QoS

7. Repeat every time app moves or needs more capacity

ACI Policy Aligned with Applications Traditional Policy Aligned with ….?

Cisco Confidential 17 ©2014 Cisco and/or its affiliates. All rights reserved.

Logical Provisioning of Stateless Hardware

SIM Card Identity for a Phone

Service Profile Identity for a Server

UCS Service Profile Unified Device Management

Network Policy

Storage Policy

Server Policy

Application Profile Identity for the Network

Cisco Confidential 18 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

The Benefits of an Application Centric Policy Application Workload Mobility

CONSISTENT VISIBILITY

ACROSS CLOUD AND DC

TENANT APPLICATION

Latency

Isolation

Systems

Telemetry 0 Packets

dropped

Health

Score

Latency

Health

Score

Isolation

Systems

Telemetry 25 Packets dropped

0 0 0 7 0 0 0 6

Cisco Confidential 19 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

InterCloud

Provider Cloud Enterprise Cloud

Secure Connection

AP

P F/W L/B

WE

B L/B DB APP

F/W ADC WEB ADC DB

AP

P F/W L/B

WE

B L/B APP

F/W ADC WEB ADC

AP

P F/W L/B

WE

B L/B APP

F/W ADC WEB ADC

AP

P F/W L/B

WE

B L/B APP

F/W ADC WEB ADC

Consistent ACI Policy Across Public and Private Clouds

Simplify IT Combining Public and Private Cloud

APIC

Cisco Confidential 20 ©2014 Cisco and/or its affiliates. All rights reserved.

Open

Open Source, Open Standards, Open Interfaces

Cisco Confidential 21 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Opening the ACI Policy with OpFlex

OPFLEX PROTOCOL + ECOSYSTEM

OPEN SOURCE Open source implementation

available to anyone

ECOSYSTEM Broad, growing vendor support including

hypervisor, network, and L4-7

STANDARD Upcoming OpFlex standard through IETF

APIC

OPFLEX

DELIVERING INVESTMENT PROTECTION BY

ALLOWING ANY DEVICE TO INTEGRATE WITH CISCO ACI

L4-7 DEVICE

HYPERVISOR SWITCH

Cisco Confidential 22 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

“The Network has always been FAIR… No longer… We are delivering a new network that does what is RIGHT for the Application. A BETTER network.” - Tom Edsall, CTO Insieme Networks

Cisco Confidential 23 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Future Proof—COMMON HARDWARE PLATFORM TWO operational models – Fabric mode w/ APIC

FABRIC MODE (APPLICATION CENTRIC

INFRASTRUCTURE - APIC)

Q2 2014

STANDALONE (TRADITIONAL NETWORKS

OPTIMIZED NX-OS)

Q4 2013

• Nexus 9000 - 1/10/40 GE, 100 GE READY PRICE/PERFORMANCE

• Integrates into Current DC designs – vPC, Integration with existing Nexus

• Optimized NX-OS – less features, less code, tighter HA for patching

• Open EcoSystem – API’s, VM

• Programmable – CLI, SNMP, onePK, JSON (API northbound)

APIC Software

Upgradable

to ACI

Performance

and Scale Security Simplicity Open Agility

Automation

and Visibility

Cisco Confidential 24 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

DEMO: ACI & WAP Integration

Cisco Confidential 25 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Summary: Our Direction

Data centers and cloud network infrastructures, both

physical and virtual, will no longer be configured, will not

be software defined (or programmed), but instead will

be Policy Driven and Application Centric.

Thank you.