Cisco Confidential 1© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco ACI Nexus 9000Igino (igino@cisco.com)@just_iginoProduct Manager, Cisco INSBU

Executive Briefing

“UCS was a game changer for Cisco. ACI is a game changer for the industry.”

– Large Network Television

Company

Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved.

ACI & Nexus 9000 - Industry Adoption

6,000+

50+1400+Nexus 9K and ACI

Customers GloballyEcosystem PartnersACI Customers

150+ACI Customers in Production

Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Applications Are Changing

78%Network is even more critical to delivering applications than a year ago*

Type Big data, distributed, mobile

Consumption

Cloud – public, private, hybrid

Delivery Any where, any time, any device

* Cisco Global IT Impact Survey

Cisco Confidential 6© 2013-2014 Cisco and/or its affiliates. All rights reserved.

5

YEARS

2.5 YEAR

SFaster SERVER Refresh Cycle

2-3 YRS

NETWORK refresh cycle of 5 yrs. should

cover two server refresh cycles

Intel Haswell(2 Sockets x 12 Cores)*2

10G LOM/FlexLoM Shipping *4

New Server Platforms Enabling

Higher I/0 Throughput

Big DataIncreasing East-

West Traffic

DATA CENTER IP TRAFFIC GROWTH

25% CAGR (2012-2017)*3

*1 IDC Worldwide Virtual Machine 2013-2017 Forecast *3 Cisco Global Cloud Index: Forecast (2012-2017)

HYPERVISOR

VM VM VM VM VMVM

Virtual Machine Density Driving I/0

Performance

24 VMs/ Server*1

Data Market Trends

Cisco Confidential 7© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Remove complexity from DC networks

1st gen SDN solutions tried to meet new technical challenges

Why SDN? Why Now?

Cisco Confidential 8© 2013-2014 Cisco and/or its affiliates. All rights reserved.

APPLICATION LANGUAGE

?

NETWORK LANGUAGE

• VLAN• IP Address• Subnets• Firewalls • Quality of Service • Load Balancer• Access Lists

• Application Tier Policy and Dependencies

• Security Requirements• Service Level Agreement• Application Performance• Compliance• Geo Dependencies• Tenants

Application vs. Network

Cisco Confidential 9© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Automation & Programmability

Centralized Provisioning & Visibility

Simplification/ Abstraction

App Agility

Deliver New Revenue Streams More Quickly

Lower OpEx

Minimize Risk

Reduce CapEx

APIC

Cisco Confidential 10© 2013-2014 Cisco and/or its affiliates. All rights reserved.

SIM CardIdentity for a Phone

Service ProfileIdentity for a Server

UCS Service ProfileUnified Device Management

Network Policy

Storage Policy

Server Policy

Application ProfileIdentity for the Network

Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved.

WAN

Firewall

LB to Group 2

Connect to EPG 3

Connect to Group 2

High Priority

Group Policy ModelTopology /

Service Graph

GROUP 1 GROUP 2 GROUP 3

PRODUCTION POD DMZ

SHARED SERVICES

1 Profile

VLAN 1 VXLAN 2

VLAN 3

100s of Profiles DEV TEST

PROD

10s of Profiles

WEB APP

DB

1000s of Profiles

Cisco Confidential 12© 2013-2014 Cisco and/or its affiliates. All rights reserved.

TENANT APPLICATION

Operations Support

Cisco Confidential 13© 2013-2014 Cisco and/or its affiliates. All rights reserved.

EXISTING 3-TIER DESIGNS

PROGRAMMABLE SDN OVERLAY MODEL

APPLICATION PROFILES & POLICIES

VXLAN Bridging & Routing Application Centric Infrastructure

Existing 2-Tier & 3-Tier Designs

DC PODs

DC Core

Open API: Programmability

Modernized Operating System

Nexus OS

Integrated Network Virtualization

OpenFlow Support

No VM Tax: Any Hypervisor

Physical & Virtual

Open API’s & Controller

APIC

Cisco Confidential 16© 2013-2014 Cisco and/or its affiliates. All rights reserved.

AutomateCompliance, Centralized

Audit

VM VM VMVM VM

Visibility, Analytics, Forensics

Policies Track Workloads

Lifecycle Management

Security Expressed in Application Language

Distributed Security Across Physical and VirtualCentrally Managed & Fully Automated

Advanced Security At Scale

Cisco Confidential 17© 2013-2014 Cisco and/or its affiliates. All rights reserved.

DBAPPADCWEBF/W

ADC

ESX

MGMT VMOTION

BareMetal

LinuxContainer

ACI Integrated Security - Open, Flexible, Policy Driven

Consistent Audit, Logging, & Visibility – FIPS / CC / PCI / RBAC

ACI Policy Model – Security & Micro-Segmentation

Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved.

200 PORTS SCALING

TO

100K+PORTS

64K TENANTS

57640G PORTS WIRE-RATE (PER SPINE)

1M IPV4 / IPV6

END POINTS

60 TBPS CAPACITY

(PER SPINE)

8K MULTICAST

GROUPS (PER LEAF)

BUILT FOR THE GROWING COMMERCIAL ENTERPRISE TO THE LARGEST SERVICE PROVIDERS

Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved.

ACI & 9K Momentum is Growing: Public References“It’s critical that we are able to deliver hundreds of thousands of transactions per second, so latency and 40G throughput is a number one concern. After evaluating numerous vendor solutions, Cisco's Nexus 9000 switching platform provided us with the best performance to support our evolving data centers, while protecting existing IT investments."Bob Hammond, CTO, Millennial Media

“Symantec is an early adopter of Cisco's ACI, leveraging the technology within our own Agile Data Center. Cisco ACI brings the scalability and efficiency we need while enabling us to truly bring next generation networking capabilities to our customers.”Jon Sanchez, Director of Data Center Services, Symantec

Cisco Confidential 23© 2013-2014 Cisco and/or its affiliates. All rights reserved. 23

Delivering on Its Strategic Vision: 441% ROIWith Next-Generation, Secure Data Center Powered by Cisco ACI

5-Year Cumulative Benefits

IN BUSINESS BENEFITS

$145M

PAYBACK11MTH

FASTER APPLICATIONDEV. CYCLE

87%MORE EFFICIENT NETWORK OPS

83%IMPROVEMENT IN

BANDWIDTH

40X

“We did the planning, design and execution for this whole software-defined, ACI approach in four and a half months. That kind of speed is unheard of when

implementing a leapfrogging technology.” ~ Sheila Jordan, CIO, Symantec

Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Sungard Availability Services provides cloud computing, disaster recovery as a service and managed hosting service globally.A multi-tenant cloud solution utilizing ACI open API (CloudStack); integrated tenant security and segmentation; ACI Fabric deployed at 7 sites.Start to finish time: 2 weeks

Key services Sungard will deliver via ACI:• New global public cloud service• Disaster recovery as a service• SAP as a service

Key challenges customer solved with ACI

- Fully-automated deployment- Infrastructure scalability- Power Efficiency (Cooling huge cost)- Mobility- Huge Capex saving- Operations Simplicity

Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Key challenges customer solved with ACI

- Infrastructure scalability- Power Efficiency (Cooling huge cost)- Mobility- Multi-hypervisor support by design- Huge Capex saving- Operations Simplicity

Du is a leading Integrated Telecommunication Service Provider in UAE and the fastest growing in Middle East region.15+ data center consolidation to 2 new green field data centers designed to host new cloud services using Cisco Nexus 9000 switches and a multi-tenant ACI Fabric deployment. Key services Du will deliver via ACI:• Pay TV packages to commercial &

residential customers• Corporate IT• Hosted messaging & collaboration

solution• Voice & video services• Telecom / mobile & data services

Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Key challenges customer solved with Nexus 9000:

- Infrastructure scalability- Future Proofing for SDN - Sustain changing needs for 7-10 years- Leveraging 10G Fiber infra for 40G core- Power Efficiency (Cooling huge cost)

Major school district in USA with over 23,000 students. The campuses are located in rural areas often separated by farming.School district wanted to paperless with their project named “Going Digital” where they decided they would give all 23,000 students wireless MSFT Surfaces. Leveraging Nexus 9000 for 10G aggregation and 40G in the core. Future proofing for SDN and changing network needs over the next 7-10 years. Key services school district will deliver with Nexus 9000 and Cisco offerings:• All Digital access to school programs

via MSFT Surface tablets• Network for physical Security cameras

and building control systems • Strong security with ICE• Centralized Unified Communications

services in a highly available environment

Cisco Confidential 27© 2013-2014 Cisco and/or its affiliates. All rights reserved.

ACI: Business Outcome and Benefits for Cisco IT

Reduce Network

Provisioning

58%Reduce

Management Costs

21%Reduce Power and Cooling

Costs

45%CAPEX

Reduction

25%Compute and

Storage Optimization

10–20%

GreaterBusiness Agility

Lower Capital

Expenses

Reduced Costs/

Complexity

Lower Operating

CostResource

Optimization

Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Thank you.

Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Attributes Based Intra-EPG BasedEPG Based

Cisco ACI Delivers Flexible, Granular, Consistent Microsegmentation

Attributes Based Micro-segmentation VMware VDS, Microsoft Hyper-V, KVM*, Cisco AVS, Physical

ACI Benefits

PROD POD DMZ

SHARED SERVICES

Basic DC Segmentation

DEV

TEST

PROD

Application Lifecycle Segmentation

WEB

APP

DB

Service Level Segmentation

Network-Centric Segmentation

VLAN 1 VXLAN 2

VLAN 3

VM

VM

VM

VM

FW

OS ‘Linux’

IP ‘1.1.1.1’

FW

Name ‘Video’

Intra-EPG Isolation

All Workloads Can Communicate

Application Tier Policy Group

VM VM

Isolate Workloads within Application Tier

Application Tier Policy Group

VM VMVMVM

Quarantine Compromised Workloads

Isolate

VMware VDS

Microsoft Hyper-V KVM* Cisco AVS

Policy Driven Micro-segmentation for Any WorkloadPhysical

*Future