Cisco - Global Home Page - ACI Anywhere Webinar 01052019 · Largest Memory Manufacturer in World 13...
Transcript of Cisco - Global Home Page - ACI Anywhere Webinar 01052019 · Largest Memory Manufacturer in World 13...
Brijeshkumar Shah ([email protected])APJ Head - Data Center Networking
ACI AnywhereThe network made simple
May 2nd, 2019
© 2019 Cisco and/or its affiliates. All rights reserved. © 2019 Cisco and/or its affiliates. All rights reserved.
Applications are Evolving
Workloads are more Distributed
Developers demand Multicloud
© 2019 Cisco and/or its affiliates. All rights reserved.
Intent-based Networking
Consistent Policy Driven Automation
Multicloud Connectivity and Segmentation
Simplified Visibility, Troubleshooting, and Monitoring
Campus & Branches Enterprise+Data centers Multicloud
Policy
Business
Intent
AutomationAnalytics
Intent-based Networking Delivers Multicloud
CiscoACI
CiscoTetration
CiscoNAE
Powered by Cisco Nexus®
Cisco IBN for Data Center Building Blocks
© 2019 Cisco and/or its affiliates. All rights reserved.
Application Centric InfrastructureThe Network Made Simple
Zero Touch Auto Provisioning With Policy Driven Automation
Any Hypervisor, Any WorkloadPhysical, Virtual, Containers
Single Central ManagementWith Integrated Overlay And Full Visibility
ACI(Central Network Control
Plane)
Nexus 9000(DC Network)
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: Multi PodSingle APIC Cluster Extends Network Virtualization, Policy, Services to Multiple PODs
Data Center 1 (ACI Pod 1)
Data Center 2 (ACI Pod 2)
Nexus 9000(DC Network)
ACI(Central Network Control
Plane)
IPNIPNIP Network
Nexus 9000(DC Network)
Multicast on IPN needed& Jumbo Frames (<=1550)
<= 50 ms RTT RequiredUp to 12 Pods, distributed gateway
Single central management (APIC)Automated L2 DCI VXLAN extension
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: Remote LeafConnect On-premises To Remote Offices With Nexus 9000 Switches
Zero Touch Auto Discovery of Remote Leaf
<= 300 ms RTT RequiredUp to 20 Remote Locations
Single central managementAutomated L2 VXLAN extension
IPN
Nexus 9000(DC Network)
Nexus 9000(DC Network)
WAN
Nexus 9000
(Remote Leaf Network)
ACI(Central Network Control
Plane)
IPN
VXLANL2 Extension
Local Router
IP Network
ACI(Central Network Control
Plane)
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: Multi Site OrchestratorSeamlessly Connect Multiple Data Centers At Scale
IPNData Center 1 (ACI Site 1) Data Center 2
(ACI Site 2)
Nexus 9000(DC Network)
Nexus 9000(DC Network)
WAN
IPN
VXLANL2 Extension
Local Router
IP Network
Multi-Site Orchestrator ACI
(Central Network Control Plane)
Nexus 9000
(Remote Leaf Network)
No Multicast/No Jumbo FramesPhased Changes (Zones)
<= 1s RTT Required (MSO à APIC)Up to 12 Sites, distributed gateway
Single central management (MSO)Automated L2 DCI VXLAN extension
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: ACI Virtual EdgeDecoupled From Hypervisor Kernel APIs
Policy Consistency Across Multiple Hypervisors
Enable Migration From Legacy To ACI
Maintain Existing Operational Models
IPNData Center 1 (ACI Site 1) Data Center 2
(ACI Site 2)
Nexus 9000(DC Network)
Nexus 9000(DC Network)
WAN
Nexus 9000
(Remote Leaf Network)
IPN
VXLANL2 Extension
Local Router
IP Network
Multi-Site Orchestrator
VMVMVM VMVMVMVM
ACI Virtual EdgeVM VM
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: ACI Virtual PodExtend ACI To Bare-metal Clouds, Remote Data Centers, and Legacy Infrastructure
IPNData Center 1 (ACI Site 1) Data Center 2
(ACI Site 2)
Nexus 9000(DC Network)
WAN
Nexus 9000
(Remote Leaf Network)
IPN
VXLANL2 Extension
Local Router
IP Network
Multi-Site Orchestrator
VMVMVM VMVMVMVM
ACI Virtual EdgeVM VM
Nexus 9000(DC Network)
ACI Virtual Edge
ACI Virtual Pod 1
Pod 1 Pod 2
VMVMVM VMVMVMVM
ACI Virtual Edge
ACI Virtual Pod 2
Virtual Spine/Leaf Functionalityw/AVE integration Up to 64 AVEs per vPod Single central management
Automated L2 VXLAN extension
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere: Public Cloud ExtensionsSeamlessly Connect Multiple Data Centers
IPNData Center 1 (ACI Site 1)
Nexus 9000(DC Network)
WAN
Nexus 9000
(Remote Leaf Network)
IPN
VXLANL2 Extension
Local Router
IP Network
Multi-Site Orchestrator
VMVMVM VMVMVMVM
ACI Virtual EdgeVM VM
VMVMVM VMVMVMVM
Infra VPC
User VPC User VPC
SG Web
SG APPSG Rule SG Rule SG
DB
CSR-1Kv/Direct-Connect integration
Operational Consistency
Single Point Of Orchestration
Discovery & Visibility
Policy Translation
EncryptedEncrypted
EPG Web
EPG APPContract Contract EPG
DB
© 2019 Cisco and/or its affiliates. All rights reserved.
ACI Anywhere – Extend The Simplicity To Any LocationMultiple Locations Managed As/From A Single Point
ACI Multi-PODMultiple Networks (Pods)
in a single Availability Zone
(Fabric)
ACI Remote-LeafPhysical Remote Leaf
extends ACI to remote locations
ACI Multi-SiteMultiple Availability Zones (Fabrics) in a Single Region ’and’ Multi-Region Policy
Management
ACI MulticloudACI Extensions to
Public Clouds (AWS, Azure, GCP)
ACI vPodVirtual POD extends an
Availability Zone (Fabric) to remote locations on
standard VMs
ACI 2.0
ACI 3.0
ACI 3.1
ACI 4.0
ACI 4.1H2CY’19
ACI Virtual EdgeDecoupled From
Hypervisor Kernel APIs
© 2019 Cisco and/or its affiliates. All rights reserved.
Multicloud – Connectivity and Policy AbstractionAny Workload, Any Location
Data Center
Public Cloud
ACI Anywhere
ACI Anywhere
Public Cloud
ACI Anywhere
Bare Metal Cloud B
Internet
MPLS
Co-LocationFacilitiesOn Premises
Cloud
Public Cloud
Containers Hypervisor
ACI Virtual ACI
Automation Security Mobility Visibility
Compute Edge (Branch)
DMZ
© 2019 Cisco and/or its affiliates. All rights reserved.
• Map application and service components to ACI
• Cross launch AppDynamics and ACI-APIC to correlate network and app data
• Baseline app health status in AppDynamics by correlating ACI network health and faults
• Create micro-segmentation based on app tiers
01 02 03
Application Performance MonitoringCorrelate app performance and network data
AppDynamics
Business IQ Map IQ
Baseline IQ Diagnostic IQ
Network and App Health Correlation
© 2019 Cisco and/or its affiliates. All rights reserved.
01 02 03
Application Performance Delivery:Automate application service delivery
• Dynamically coordinates automated provisioning of WAN-edge transport services with application requirements
• Based on application requirements and WAN service policies dynamically determines the optimal path between users in the branch to their applications hosted either in the on-prem DC, public cloud or SaaS required to meet the desired application SLA
• Based on business priorities determines optimal path selection between application components hosted across multiple on-prem Data Centers and multi-region AWS Public Cloud.
San Francisco ACI Data Center
New York ACI Data Center
Los Angeles Branch
AWS Region EastAWS Region West
Cloud ACI EdgeApp resource request
Path selection to meet business intent
© 2019 Cisco and/or its affiliates. All rights reserved.
01 02 03
Application Security:Identity access management from user to applications
• Integrate ACI’s application-based micro-segmentation in the data center with Cisco SD-Access user group-based segmentation across the campus and branch.
• Automate the mapping and enforcement of segmentation policy based on the user’s security profile as they access resources within the datacenter.
• Enables security administrators to manage end to end, user-to-application, segmentation seamlessly
• Provide a common and consistent identity based micro-segmentation capability from the user through to application
DNA-C / ISE (Identity Services Engine)
San Francisco ACI Data Center
New York ACI Data Center
Los Angeles Branch
AWS Region EastAWS Region West
ACI
Automated Mapping App GroupsUser Groups
ISE Controller
DNA Center Campus/Branch
Users
© 2019 Cisco and/or its affiliates. All rights reserved.
Security
Furthering the reach with ACI integrations
ACI Fabric
Observability and Analysis
Automation
ADC
Public Cloud
ITSM
Workload Management
© 2019 Cisco and/or its affiliates. All rights reserved.
Largest Stock Exchange (India)
Daily 13.8 Million Trades
Multisite, Disaster Recovery
Low Latency & Performance
Performance
Uptime
Compliance
SK Hynix (Korea)
Largest Memory Manufacturer in World
13 Fabrics, 600+ Leafs
Multicast Requirement
Proactive Day 2 ops
Policy Consistency
Risk Mitigation
Bank of Mandiri(Indonesia)
Largest Indonesian Bank
505 Trillion IDR
Proactive Vulnerability Detection
Zero Trust
DC Modernization
Visibility & Compliance
Reliance Jio(India)
> 400 Million Subscribers
33 Fabrics, 2500 Leafs
5G Ready Telco DC, NFVi
Scale With Simplicity
Automation
Availability
Largest Retail (Australia)
3000 Supermarkets
Multi-Pod, Fault Isolation
PCI DSS
Next Gen SDN
Geo Scale
Compliance
ACI Customer Success Stories #1 SDN Solution In The World
ACI + NAE ACI + Tetration ACI ACI + TetrationACI
© 2019 Cisco and/or its affiliates. All rights reserved.
Improving Agility, Better Automation
Better Orchestration, Integration with DC Infrastructure
Maintaining Uptime In Data Center Networks
DC Networking should evolve to better respond to trends
“The percentage of manual data center networking operational activities will fall below 50% by 2021, down from 80% today”
Gartner Magic Quadrant 2018
Gartner Magic Quadrant - 2018