cisco cloud platform for internet of everything - idc台灣 · enhanced nx-os shipping ... 7% 4%2%...
TRANSCRIPT
Agenda
• IOE Cloud Vision
• Cisco – Microsoft Collaboration
• Cisco – Microsoft Joint Engineering
• Cisco ACI – Security, Scalability and Performance
• Summary
APPLICATION
SECURITYNETWORK
STORAGESERVER
+
VIRTUALIZATION
CIO
CLOUD
+
INFRASTRUCTURE AUTOMATION
OPERATIONS
Private Cloud
IaaS
What IT is doing to solve the App agility issue
CLOUD
CONSUMPTION
DEVELOPMENT
COMPLIANCE
BUSINESS ENTITIES
BUSINESS
ARCHITECT
BUSINESS APP
OWNER
Public Cloud
SaaSPaaSIaaS
How the business has addressed the App agility issue
APPLICATION
SECURITYNETWORK
STORAGESERVER
+
VIRTUALIZATION
CIO
CLOUD
+
INFRASTRUCTURE AUTOMATION
OPERATIONS
CLOUD
CONSUMPTION
DEVELOPMENT
COMPLIANCE
BUSINESS ENTITIES
BUSINESS
ARCHITECT
BUSINESS APP
OWNER
Public Cloud
Private Cloud
SaaSPaaSIaaS
IaaS
GAP
APPLICATION
SECURITYNETWORK
STORAGESERVER
+
VIRTUALIZATION
CIO
CLOUD
+
INFRASTRUCTURE AUTOMATION
OPERATIONS
CLOUD
CONSUMPTION
DEVELOPMENT
COMPLIANCE
BUSINESS ENTITIES
BUSINESS
ARCHITECT
BUSINESS APP
OWNER
Public Cloud
Private Cloud
Hybrid Cloud
SaaSPaaSIaaS
IaaS
Cisco ACI (Application Centric Infrastructure) -Common Hardware Platform, Two Operational Models
APPLICATION CENTRIC INFRASTRUCTURE
APIC
SHIPPING
ENHANCED NX-OS
SHIPPING
Existing Network Model
PROGRAMABILITY—40 GigE—PRICE/PERFORMANCE
Nexus 9000
Cisco and Microsoft Are Working Together to…
Deep level
of engagement
Alignment around customer
success
Shared long-term
vision
Microsoft Converged Cloud OS Network Stack / Market Relevance
Cloud Elements Microsoft Position in Market
Workloads /
Applications
Management,
Identity & Security
Platform
Virtualization
Self-service
Metering
Dynamic provisioning
Process Automation
Control
Physical and Virtual
Infrastructure and Applications
Secure access
Agile - Cross Platform
High-Performance
Elastic and Scalable
Owned and Outsourced
Datacenter, Desktop, Cloud
Leading
Enterprise
Applications
Leading
Management
Solution
Fastest Growing
Virtualization
Solution*
Comprehensive
Solution
34%
16%11%
7% 4% 2%
Microsoft HP IBM/Tivoli VMWare Dell Symantec
Server 43%
9% 7%4% 4% 4%
Microsoft HP IBM/Tivoli Dell Symantec Novell
Desktop
Source: IDC Management Tracker: Microsoft Internal research
16%
9.6%
0
4
8
12
16 Microsoft
VMware
Source: IDC WW Quarterly Server Virtualization Tracker, March 2011
70% of Server OS
Market Share90% of
Desktop
*net new deployments
**internal
Cisco - Microsoft Joint Product EngineeringContinuing investments for deeper integration
UCS Health, Manage UCS domains, Graphical views
Power tools for
Compute &
Storage
Cisco UCS with Microsoft System Center
Compute and Storage Integration
Cisco ACI/APIC with
Microsoft System Center
Network and Services Integration
Windows Azure Pack
Microsoft System Center
Virtual Machine Manager (SCVMM)
APIC
Expose Cisco SDN
& Network Services
with APIC and
Resource Providers
Cisco Fast Track
Validated Architecture
Microsoft Cloud Fast TrackFabric Management Integration
Windows Azure Pack
Microsoft System Center
Windows Server (Hyper-V)
On-board
Microsoft Fabric
Management
on Cisco
Architecture
Beyond SDN - Software Defined Data CenterFrom VMDC… To CCA…
• Data Center Fabric using Nexus 7000, Nexus 5000, Nexus 2000
• NOT SDN Capable, no STATEFUL connection policies
• Programmable connections per by tools OUTSIDE the Fabric
• 10G / 40G Capable
• Data Center Fabric using Nexus 9000, ACI/APIC
• SDN Capable, Programmable features built into Fabric
including Security
• Stateless Policy Model (APIC), fabric automation built-in
• Repeatable Deployment Model using Network/Service
Profiles
• 10G / 40G AND 100G Capable
• Lower Cost per Port Switching
External tools to stitch a
specific container
SDN Application Network Profiles,
Stateless, repeatable, secure, faster to
deploy
Introducing Cisco Cloud Architecture Service Patternsbuilt with the Microsoft Cloud Platform
Patterns represent
best practice
designs that are
validated on the
Cisco Cloud
Architecture and
enable Cloud
Offers:- Many IaaS Container
options
- Many WAN Gateways
options
- Application Hosting
(eg: DBaaS,
DeskTop-aaS)
- Value Added Services
(eg: DRaaS, BaaS)
Application
Zone
Tenant Perimeter
Services
WAN Gateway
Services
Customer
Network Pattern 1 + Backup-as-a-Service Zone
Application
Zone
Tenant Perimeter
Services
WAN Gateway
Services
Site to Site
VPNMPLS
L3 VPN
Value Added
Service
Zone
Cloud Storage as a Service
+ Secure Application Zone
Application
Zone
Tenant Perimeter
Services
WAN Gateway
Services
Site to Site
VPNMPLS
L3 VPN
Application
Zone 2
DMZ
WEB APP
Cisco Network Plan Example in WAP Value ADD-ONS to a Cisco Network PLAN
CCA - Network Automation ManagerBuilding Secure Value-Added Services with Window Azure Pack (WAP)
Multiple WAN Gateway Options
Multi-Tier Application support
Secure DMZ option for Internet
Secure Connection to Customer
SQL-aaS Database Service
Secure L2 Segments for Apps
Load Balancing Service
WAP Subscription for Services
Create Cisco Network Container directly from WAP Portals
ACI Fabric Provides L4 Distributed Firewall for East/West Traffic
Firewall at Each
Leaf switch
Servers (Physical or Virtual)
L4 Policy Enforcement in Leaf Switch
Line rate Policy Enforcement
Group based Policy (Managed via APIC)
L4 Stateful Firewall with AVS
Scales independent of End-Points
Policy Follows Workloads
MicroSegmentation
ACI - Multi-Hypervisor-Ready Fabric
• Integrated gateway for VLAN,
VxLAN, and NVGRE networks from
virtual to physical
• Normalization for NVGRE, VXLAN,
and VLAN networks
• Customer not restricted by a choice
of hypervisor
• Fabric is ready for multi-hypervisor
Virtual Integration
Network
Admin
Application
Admin
PHYSICAL
SERVER
VLAN
VXLAN
VLAN
NVGRE
VLAN
VXLAN
VLAN
ESX Hyper-V KVM
Hypervisor
Management
ACI Fabric
APIC
APIC
VMware
Microsoft
Red Hat
XenServer
VMware Microsoft Red Hat
Application Trends in Data Center
Instantiate
new VM
Decommission
existing VM
Migrate
existing VM
On-Demand ScalingDISTRIBUTED DEPLOYMENTS
Physical & VirtualHETERGENEOUS IMPLEMENTATION
Dynamic Instantiation/Removal
DYNAMIC WORKLOADS
Transparent to Underlying Network
LOCAITIONINDEPENDENT
Migration across public/private clouds
CLOUD-AWARE
Advanced Threat Protection with FirePOWER + ACI
FireSIGHT
Management CenterAlerts
Network Visibility
Policy Management
Analytics
Remediation
• Situation
– Advanced threats that are not detected by
conventional security products
– Limited security resources
• ACI Solution
– Automated provisioning of NGIPS and
Advanced Malware Protection
– Visibility and awareness with FireSIGHT
– Continuous analysis
– Physical and virtual appliances
• Benefits
– Industry-leading security efficacy
– Automation and correlation for reduced TCO
– Retrospective security helps scope, contain
and remediate
Automated Feedback Loop
for Intelligent Threat
Response
WEB
WEB WEB WEB
DB
DB DB DB
APP
APP APP APPAMP
NGIPSAMP
NGIPS
100 150 200 250 300
ACI
TraditionalNetwork
Time (s)
Case Study –Big Data Analytics
Based on common network load and link failure scenarios
ACI Innovation Driving Application Performance
Congestion Management
60% 60%
90%
Network Innovations
Dynamic Load Balancing
Dynamic Packet Prioritization
30% reduction
in application
completion time
Network Utilization
ACI Full application visibilityA Single View of your Application in a distributed environment
Cisco Confidential
HEALTH SCORE
LATENCY
DROP COUNT
VISIBILITY
VMs
Physical
Application Delivery Controller
Firewall
28
96%
Microsecond(s)
Packets Dropped
5
25
73
ACI Openness: Opening the ACI policy ENGINE with Opflex
OPFLEX PROTOCOL + ECOSYSTEM
OPEN SOURCEOpen source implementation
available to anyone
ECOSYSTEMBroad, growing vendor support including
hypervisor, network, and L4-7
STANDARDUpcoming Opflex standard through IETF
APIC
OPFLEX
DELIVERING INVESTMENT PROTECTION BY
ALLOWING ANY DEVICE TO INTEGRATE WITH CISCO ACI
L4-7 DEVICE
HYPERVISOR SWITCH
Summary
Cisco ACI + Microsoft Azure Pack – best Cloud Platform for Internet of Everything
Deep technical integration between Cisco and MSFT stacks to automate delivering
of Cloud Services and common IT tasks – Speed of deployment and lower TCO
Cisco ACI – Strong Adoption and Broad Ecosystem
1,700+Nexus 9K and ACI Customers Globally
300+APIC Customers
35+Ecosystem Partners
APIC Cloud
NetworkApplication
Compute
Storage
Security
31
1,000+ 200+915+4,100+