Cisco Digital Network Architecture:

Similar documents
Cisco DNA. Digital Network Architecture.

Cisco Digital Network Architecture The Network Enables Digital Business. Rene Andersen Cisco DK

Simplify and automate your network with Cisco DNA

Digital Network Architecture

Cisco Digital Network Architecture

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

Delivering Enterprise SDN. Now. Simplify and Automate Your Network for Digital Transformation

Simplify and Automate Your Network with Cisco DNA. Brink Sanders Managing Director, Software and Network Transformation 12 May 2017

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

Networking in the Digital Era

Routing Underlay and NFV Automation with DNA Center

Cisco Software Defined Access (SDA)

A Practical Look at DNA Center: A better way to manage your network in the digital era. Hands-On Lab

Cisco SD-WAN and DNA-C

DNA Automation Services Offerings

Cisco Exam Questions & Answers

Next generation branch with SD-WAN and NFV

Borderless Networks. Tom Schepers, Director Systems Engineering

Prepare for Digital Network Architecture, NFV, and SDN with Cisco ONE Software

IWAN APIC-EM Application Cisco Intelligent WAN

APIC-EM / EasyQoS - End to End Orchestration of QoS in Enterprise Networks

Cisco APIC Enterprise Module Simplifies Network Operations

Cisco.Network.Intuitive FastLane IT Forum. Andreas Korn Systems Engineer

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

Cisco ISR G2 Management Overview

Enterprise Network Compute System (ENCS)

Deploying and Administering Cisco s Digital Network Architecture (DNA) and Intelligent WAN (IWAN) (DNADDC)

vbranch Introduction and Demo

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Pradeep Kathail Chief Software Architect Network Operating Systems Technology Group, Cisco Systems Inc.

Transforming the Network for the Digital Business

Cisco ONE for Access Wireless

Fundamentals and Deployment of Cisco SD-WAN Duration: 3 Days (24 hours) Prerequisites

Cisco Virtual Managed Services

APIC-EM. Adam Radford Distinguished Systems Engineer

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Več kot SDN - SDA arhitektura v uporabniških omrežjih

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

Simplifying the Branch Network

CISCO EXAM QUESTIONS & ANSWERS

Cisco Unified Data Center Strategy

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

SD-WAN Solution How to Make the Best Choice for Your Business

Cisco Integrated Services Virtual Router

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

IWAN AVC/QoS Design. Kelly Fleshner, Communications Architect. CCIE # years BRKRST-2043

Cisco ONE for Access Wireless

Cisco Exam Questions & Answers

Cisco Software-Defined Access

One Management Realized, with Cisco Prime Infrastructure Manage Complexity. Manage Effectively. Manage Intelligently. Closing

Cisco Actualanswers Exam

Cisco APIC-EM Components and Architecture, page 3. About the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), page 1

Configure Policies. Policy Overview. Policy Dashboard

SD-Access Wireless: why would you care?

Title DC Automation: It s a MARVEL!

Transforming Networks for Higher Performance. Technologies and Strategies for Service Providers

Cisco Digital Network Architecture The Network Helps Enable Digital Business. Aleksandar Stepancev, EN PSS Balkan October 2016

Identity Based Network Access

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Next Gen Enterprise Management and Operations with Cisco DNA

Exam Code: Exam Code: Exam Name: Advanced Borderless Network Architecture Systems Engineer test.

Unified Communications from West

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

Powering Transformation With Cisco

Virtualized Network Services SDN solution for service providers

Cisco Hosted Collaboration Solution (HCS) and Cisco Collaboration Cloud

Cisco Campus Fabric Introduction. Vedran Hafner Systems engineer Cisco

Features. HDX WAN optimization. QoS

Transforming the Cisco WAN with Network Intelligence

Voice of the Customer First American Title SD-WAN Transformation

The New Enterprise Network In The Era Of The Cloud. Rohit Mehra Director, Enterprise Communications Infrastructure IDC

Transformation through Innovation

Virtualized Network Services SDN solution for enterprises

Cisco.Realtests v by.TAMMY.29q. Exam Code: Exam Name: CXFF - Cisco Express Foundation for Field Engineers

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Extreme Policy Access Control

Cisco ONE New Way Buying & Consuming Cisco NW Software! Thomas Latzer Enterprise Networking Lead Cisco Systems

The Next Opportunity in the Data Centre

Supported Platforms for Cisco Path Trace, Release x. This document describes the supported platforms for the Cisco Path Trace, Release x.

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Cisco Software-Defined Access

MASERGY S MANAGED SD-WAN

Automating Enterprise Networks with Cisco DNA Center

Cisco Tetration Analytics

CTO PoV: Enterprise Networks (Part 2) Security for IoT & Cloud

Cisco DNA Center FAQ

Transform your network and your customer experience. Introducing SD-WAN Concierge

Delivering on Cloud Transformation Infinite Solutions update. Presenter: Adam Davies, January 20 th, 2016

Network Computing Trends and Technology Cisco and/or its affiliates. All rights reserved. 1

Transcription:

Cisco Digital Network Architecture: Enabling Enterprise Networks for the Digitalized Business Therdtoon THEERASASANA ttheera@cisco.com

And Creating New Priorities for Digital Organization Transform Processes and Business Models Innovations Faster Time to Market Empower Workforce Efficiency and Innovation Increased Productivity Better Retention Personalize Customer/ Citizen Experience Increased Loyalty Greater Insight Mobility IoT Analytics Cloud Mobile traffic will exceed wired traffic by 2017 IoT devices will triple by 2020 75% of companies planning to or investing in big data 80% of organizations will primarily use SaaS by 2018 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Digital Transformation is Moving IT to the Boardroom UPS My Choice Delivery Control Personalized Service Workforce Efficiency WIP Inventory and Part Tracking Starbucks Apps Order Ahead Skip the Line Customer Experience Physical and Virtual RFID Content American Express Personalized Service Through Mobile 3

Evolution of the Enterprise Network Cisco s Enterprise Strategy Unlock the Power that Exists in the Network through Abstraction, Automation, and Policy Enforcement Leverage the Power of Existing Distributed Systems Enable Network Wide Fidelity to an Expressed Intent (Policy) 4

Network Requirements for the Digital Organization Insights & Experiences Drive Business Innovations Automation & Assurance Speed, Simplicity & Visibility Security & Compliance Real-time and Dynamic Threat Defense The Network Enables Digital Business 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 5

Network Requirements for the Digital Organization Insights & Experiences Abstraction, Intent, Policy Automation Verification of Desired Result Assurance Abstraction layer Automation & Assurance APIC EM Security & Compliance Using the Network as a Sensor for security threats and then Enforce Compliancy through Segmentation Visibility into Users behavior, Applications, Network performances Customer has the elements to make decision faster Wi-Fi Core WAN Cloud Drive Business Innovations Speed, Simplicity & Visibility TECCRS-2700 Real-time and Dynamic Threat Defense 6

The Network Enables New Experiences Workforce Experience Customer Experience Business Operations City Operations Digital Workforce Personalized Workspaces Effective Collaboration Omnichannel Experience Enhanced Points of Service Personalized Customer Experiences Business Insights Asset Management Facility Management Citizen and visitor services Safety and security Ruggedized infrastructure New Business Capabilities Built on the Network as a Platform TECCRS-2700 7

Evolution of Networking Software How do I deliver new applications? How do I improve security? How do I achieve speed & simplicity? Model Driven Analytics Open APIs Open Flow Network Function Virtualization Cloud Controllers Policy How do I learn new software skills? How does this come together? Open Compute Standards Overlays Cisco Digital Network Architecture Open Extensible Software-driven 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 9

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 10

Hosting and Hosted Networking Functions Virtualization Physical & Virtual Infrastructure App Hosting Subtitle vbranch WAAS IPS VPC UNI WAAS AWS VPC IP vswitch WAN Agg Encryption IPS Apps NFVOS Encryption vbranch Enterprise Fabric VPC WAAS WAAS IPS PEP IPS Apps IP vswitch NFVIS Encryption Public Cloud Network Interface (UNI) PEP: Policy Enforcement Point 11

Software Control: Enterprise NfV New! Cisco ONE Foundation Full Software Stack to Increase Branch Agility Central Orchestration Management SDN: APIC-EM with Enterprise Service Automation Consistent, trusted network services Virtual Network Functions (VNFs): Cisco and Third Party Software Intelligence over Hardware Virtualization Layer: NFV Infrastructure Software Freedom of Choice Hardware: Cisco UCS E- and C-Series COTS Deploy Validated Designs in Minutes Cisco s approach to network functions virtualization (NFV) delivers the elasticity to invoke innovative capabilities in an optimal way whenever, wherever, and with whatever capacity they are required. March 2016 Controlled Availability: General Availability in Cisco ONE June 2016 12

Building on a Strong Foundation Of Hardware and Software Innovation QFP QuantumFlow Processor IOS-XE The Evolution of IOS Virtualization Physical & Virtual Infrastructure App Hosting UADP Unified Access Data Plane Advanced, Multi-Core, Feature-Rich Routing Silicon Fully Programmable: leveraging the many features of IOS-XE with hardware performance Scalable: Massive number of CPU cores (40/64), abilityto cascade multiple QFPs = consistent high performance Advanced on-chip QoS: 100,000+ hardware-based queues, sophisticated traffic shaping and control Secure: linkage to high-performance crypto capability for secure WAN transport Extensible Architecture: ability to scale both up and down the foundation for a long-lived family of high-performance, flexible routing silicon Taking the Proven Strengths of IOS to the Next Level Operational and Services Uniformity: Routing, Switching, and Wireless consistency New Foundational Capabilities: HA and operational leadership, state decoupling, net database Speed of Innovation Velocity: Code once and Re-use Many across multiple places in the network Foundation for Virtualization: providing for network hosting and integration of virtualized functions (VNFs, containers) Platform for the Future: the software stage for the next wave of Cisco innovation Flexible, Programmable, High-Performance Switching Silicon Fully Programmable: excellent flexibility, ability to handle new encaps (VXLAN, GPE, etc.) hardware speed, software elasticity Scalable: Massive recirculation bandwidth and low recirculation latency provide excellent tunneling and services support for traffic flows Advanced on-chip QoS: client level granularity, sophisticated bandwidth shaping, with integrated on-chip NetFlow for visibility Secure: integrated on-chip support for MACsec encryption (AES-128, CBC) Extensible Architecture: ability to scale both up and down the foundation for a long-lived family of highperformance, flexible switching silicon People that are really serious about software should build their own hardware 100% Cisco-developed programmable silicon: unlocking the power of DNA at hardware speeds 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 14

Configuration Source Evolution to a Policy Model Express Business Intent Translate into device specific policy/configuration Leverage Abstraction (the controller knows about the device specifics) Automate the Deployment across the Network Insure Fidelity to the Expressed Intent (keep everything in sync) Automation Controller-Led Networking Deployment Protected Assets De-coupling of Production Servers Development Servers Internet Access Employee User Identity PERMIT anddeny Topology PERMIT (managed asset) Employee (Registered BYOD) PERMIT DENY PERMIT Much easier to translate business Employee (Unknown BYOD) DENY DENY PERMIT objectives to network functionality ENG VDI System Lowers DENY TCO PERMIT PERMIT Policy based Configuration Dynamic, able to be automated by the Controller Over time Policy grows, static shrinks Today Controller-based Automation Policy Policy Policy User policy based on user identity and user-to-group mapping Traditional Traditional Traditional 15

Controller-Led Networking Bridging the Gap to Increased Success in Network Deployment and Use Any given custom configuration has a very high probability of not being tested exactly as deployed individually as a one off which introduces potential issues The automated configuration deployed by the controller will have gone through Joint development by the Cisco Product Teams, the Architects developing Best Practices, and the Controller Team Blessed Configurations Testing by Cisco s Solution, System, and Devtest teams against the deployment use cases developed jointly, above And will be deployed by 1000 s, with any unforeseen situations addressed ASAP due to widespread and standardized deployment Automation Controller-Led Networking Deployment Risk Bugs Trust Uncertainty Problems Combinatorial Issues Greatly increased probability of success 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Deploy, Report, Measure, Adjust, Repeat Analytics Network Data, Contextual Insights APIC EM Run Reports Deliver relevant content Applications Discover user insights Instrumentation Telemetry Correlation Network Measure and Adjust Click here to Correct Always Correct this way (and never ask me again) Analytics Endpoints Automated Deployment 17

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 18

Cloud-Enabled Networking Cloud Connected Simplicity Speed Cloud Edge IaaS Scale Flexibility Cloud Delivered Innovation Insights VPC/ vdc Telemetry Continuous Innovation Cloud Enabled Audits CSR1000V vasa FTDv StrataWatch Plug & Play CMX Business Analysis Campus/HQ Branch Teleworker Campus/HQ WAN Teleworker Hybrid Cloud AWS Rackspace Azure Cisco Intercloud Campus/HQ Branch Teleworker Branch 19

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 20

Configuration Management Today jafrazie$ ssh admin@172.27.230.76 admin@172.27.230.76's password: cho# conf t Enter configuration commands, one per line. End with CNTL/Z. cho(config)# Software Unfriendly Syntax/format changes No Common Data Model No Error Reporting Task Oriented Human Friendly Easy To Replay No Special Tools 21

Open Device Programmability RESTCONF NETCONF grpc Set Get Automate Open Device Programmability Data Model Configuration Operational Standard Device Specific Standard Device Specific Physical and Virtual Network Infrastructure Device Features Interface BGP QoS ACL Other vendors 22

Embracing Tools Devops Orchestration Automation tcollector Monitoring/ Analytics 23

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 24

Digital Network Architecture Vision Cloud Service Management Policy Orchestration APIs UNI Service Definition & Orchestration Telemetry Intent Enterprise Controller (Policy Determination) APIs UNI PEP Branch WAN / Branch WAN Agg PEP Campus PEP Data Center PEP Apps PEP Branch SP Enterprise Fabric PEP Apps Internet PEP PEP Int. Acc PEP Cloud PEP Apps WAN VNFs Campus VNFs DC VNFs Cloud VNFs Network Function Virtualization Network Interface (UNI) PEP: Policy Enforcement Point 25

Common Policy and Orchestration Vision APIs Network Enabled Applications UNI GUI Prescriptive Service Definition & Orchestration Model-based Customized UNI Telemetry Intent Service Instantiation Topology Easy QoS Enterprise Controller (Policy Determination) Plug & Play Path Optimization Analytics APIs PEP Branch WAN / Branch WAN Agg PEP Campus PEP Data Center PEP Apps PEP Branch SP Enterprise Fabric PEP Apps Internet PEP PEP Segmentation 1 Segmentation 2 Segmentation 3 Int. Acc PEP Cloud PEP Apps WAN VNFs Campus VNFs DC VNFs Cloud VNFs Localized or network-wide Service Chaining Network Function Virtualization Network Interface (UNI) PEP: Policy Enforcement Point 26

Cisco Digital Network Architecture Network-enabled Applications Principles Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Insights & Experiences Automation & Assurance Security & Compliance Cloud-enabled Software-delivered 27

What s New: Additions New! New! New! APIC-EM Automation Platform Completely New Platform Available Now Base Automation: Plug and Play Available Now Cloud version Controlled Availability, May 2016 Policy Services: IWAN App & EasyQoS Available Now March 2016, respectively Enterprise NFV Branch Service Virtualization Controlled Availability, March 2016 CMX Cloud Presence Analytics and Connect Available Now in US, April 2016 for ROW Cloud Service Management Open APIs Developers Environment Automation Abstraction & Policy Control from Core to Edge Network-enabled Applications Policy Orchestration Open & Programmable Standards-Based Virtualization Analytics Network Data, Contextual Insights Physical & Virtual Infrastructure App Hosting Cloud-enabled Software-delivered Available on DNA-Ready Infrastructure through Cisco ONE Software 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Automation: Cisco APIC-EM Platform Industry-Leading Network Controller Enterprise Scale and Resiliency Open and Extensible Automation and Services Unlike other SDN solutions, APIC-EM can be deployed on our existing infrastructure so we can move quickly with minimum risk and maximum investment protection. CJ Singh, Chief Technology Officer Backcountry.com Clustering Technology Cisco APIC-EM Complete Abstraction Open APIs Group-based Policy Cloud Connected Telemetry The inherent programmability of Cisco APIC-EM allows us to drive innovation and improve on user experience on a world-class infrastructure. It is a solid foundation to embark on a journey to SDN. Raj Gulani, Director Product Management Citrix IOS ASIC Complete Lifecycle Consistent End to End 1000s Of DevNet Developers Customer Momentum 160+ Customers Deployments running up to 4000 devices 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Automation: Plug and Play New! Cisco ONE Foundation Cloud-Based Plug and Play Order Plug in and Cloud Provision Controller-Based Management Lower deployment 79% costs PnP Available Now PnP Cloud May 2016 (controlled availability) Eliminates Plug and play means no more IT engineers in the field faster time to market and dramatically lowered costs. Staging Truck Roll 30

PnP: Pre-provisioning and Discover Workflows 1 Pre-provision 2 Discovery 3 Secure Deployment Network PnP app pre-provisioned with device SR number Network PnP app on APIC-EM Configure device discovery DHCP Option-43 or DNS Installer powers on devices Devices download image and configuration Device Authentication Plug & Play Enterprise-wide scale Automated workflow 79% lower deployment costs EM 1 Discovery 2 Un-claimed Devices 3 Secure Deployment Configure device discovery DHCP Option-43 or DNS Admin DHCP Server OR DNS Server Installer powers on devices Devices securely connect to APIC-EM server, waiting to be claimed Device Authentication PnP-Agent PnP-Agent Download Image and Configure EM Installer Network admin claims devices based on device information Device downloads image and configuration Network PnP app on APIC-EM DHCP Server OR DNS Server PnP-Agent PnP-Agent Download Image and Configure EM Installer EM Admin 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Policy Service: IWAN Automation Optimal Branch Experience Made Easy Cisco ONE Foundation Available Now Simple Workflows 85% Faster deployments Zero-Touch Rollout Set Application Policy Gain Visibility and Tune IWAN Momentum 200+ deployments running up to 2500 sites Point and Click Troubleshoot IWAN automation eliminates tedious configuration tasks for advanced networking features. I can configure IWAN with just 10 GUI clicks. Transport- Independent Intelligent Path Control Application Optimization Highly Secure Connectivity 32

Intelligent WAN (IWAN) Architecture Unified Branch MPLS Private Cloud 3G/4G-LTE Virtual Private Cloud Internet Public Cloud Management Automation Transport Independence Intelligent Path Control Application Optimization Secure Connectivity Simplified Application Enhanced Application Comprehensive Hybrid WAN Aware Routing Visibility and Performance Threat Defense 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33

Intelligent WAN Deployment Models Dual MPLS Hybrid Dual Internet Internet Public Enterprise Public Enterprise Public MPLS MPLS MPLS+ Internet Internet Internet Branch Branch Branch Highest SLA guarantees Centralized Internet Access Expensive More BW for key applications Balanced SLA guarantees Moderately priced Best price/performance Most flexibility Enterprise responsible for SLAs Consistent VPN Overlay Enables Security Across Transition 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34

Policy Service: EasyQoS New! Cisco ONE Foundation Select from Predefined Policies Automated Deployment of QoS config Optimized for Any Infrastructure March 2016 General Availability in Cisco ONE May 2016 Improved Application Experience with No Operator Intervention Enhance Collaboration Experience Implements QoS in 250 ms 300% 50% Reduction in voice jitter Video quality improves The EasyQoS App reduces deployment times for network-wide QoS dramatically. We can now respond to changing application needs via policy-based automation within minutes or even seconds. 35

What Do We Do Under-the-Hood? Apply RFC 4594-based Marking / Queuing / Dropping Treatments Application Class Per-Hop Behavior Queuing & Dropping Application Examples VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729) Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV Real-Time Interactive CS4 (Optional) PQ Cisco TelePresence Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx Relevant Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs) Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE Signaling CS3 BW Queue SCCP, SIP, H.323 Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution Default Irrelevant Default Forwarding DF Default Queue + RED Default Class Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, itunes, BitTorrent, Xbox Live 36

New: APIC-EM QoS Automation with EasyQoS Applications can ALSO interact with APIC-EM via Northbound APIs, informing the network of application-specific and dynamic QoS requirements Network Operators express high-level business-intent to APIC-EM EasyQoS APIC EM Southbound APIs translate business-intent to platform-specific configurations as they are needed STATIC DYNAMIC QoS QoS 37

Software Control: Enterprise NfV New! Cisco ONE Foundation Full Software Stack to Increase Branch Agility Central Orchestration Management SDN: APIC-EM with Enterprise Service Automation Consistent, trusted network services Virtual Network Functions (VNFs): Cisco and Third Party Software Intelligence over Hardware Virtualization Layer: NFV Infrastructure Software Freedom of Choice Hardware: Cisco UCS E- and C-Series COTS Deploy Validated Designs in Minutes Cisco s approach to network functions virtualization (NFV) delivers the elasticity to invoke innovative capabilities in an optimal way whenever, wherever, and with whatever capacity they are required. March 2016 Controlled Availability: General Availability in Cisco ONE June 2016 38

Introducing Cisco Enterprise NFV Network Services in Minutes, on Any Platform Cisco Enterprise Service Automation (ESA) on APIC-EM Virtual Router (ISRv) Virtual Firewall (ASAv) Virtual WAN Optimization (vwaas) Virtual Wireless LAN Controller (vwlc) Third-Party VNFs Network Functions Virtualization Infrastructure Software (NFVIS) Cisco 4000 Series ISR + Cisco UCS E-Series Cisco UCS C-Series Cisco ENCS NEW 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Customized Network Services for Your Network 1 Select your network functions 2 Select your preferred platform 3 Orchestrate and automate services vrouter vfirewall vwan optimization Cisco ISR, UCS E-Series Cisco UCS C-Series x86 server APIC-EM with Enterprise Service Automation IT Agility vwlan controller Third-party services Elastic Services Run on Any Platform Deploy in Minutes 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Enterprise Network Compute System (ENCS) 41

Cisco ENCS 5400 Series ENCS5406 6-Core ENCS5408 8-Core ENCS5412 12-Core ENCS5406 ENCS5408 ENCS5412 CPU 6-core, 1.9GHz 8-core, 2.0GHz 12-core, 1.5GHz PoE No 200W 200W Capacity Guidance ISRv + 2 VNFs ISRv + 3 VNFs ISRv + 5 VNFs 42

Digital Services: CMX Cloud New! Cisco ONE Advanced Customer Insights and Engagement Presence Analytics Zone-based location analytics Connect Drag-and-drop customizable portal on demand Data on Storefront Conversion Frictionless Guest Onboarding Available now. General Availability in Cisco ONE June 2016 CMX Cloud has helped us quickly gain business insights, so we can enhance the shopper experience at Santana Row with easy Wi-Fi onboarding, increased customer data, and improved customer engagement. 43

Inside Cisco CMX Cloud Gain Insights and Engage Customers SaaS consumption No MSE hardware required Deploy in less than 20 minutes 1 2 3 Subscribe to Cisco CMX Cloud and point to wireless infrastructure Collect analytics on user behavior Set up customized captive portal for guest onboarding Easy templates Multiple languages support Social logins Easily add logo and image Send relevant offers Capture user information 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

APIC-EM Path Trace Application User Trouble Ticket IT Path Trace NETWORK BENEFITS SDN Simple Workflow Network, Applications Monitoring Open Architecture Easy visual discovery of trouble spots in the communication path based on 5-tuple info OpEx for ticket processing decreased by 98% from 1.6 hours to 1 minute 45

Path Trace App: Application Flow Visibility ` CAPWAP Tunnel ACL Check Stats: Device, Interface, QoS, Perfmon Link Source Information 46 46

Security: StealthWatch and ISE Cisco ONE Adv. Security Extend Security Everywhere Rapid Threat Containment Quickly detect and stop threats General Availability in Cisco ONE Wi-Fi Core WAN Cloud Network as a Sensor: Real-time situational awareness and rapid threat detection everywhere Infrastructure-Enforced Policy Network as an Enforcer: Software-defined segmentation with TrustSec for assurance and compliance Scales to handle dramatic threat increase The network touches every element of the digital enterprise every business process, device, customer, employee and therefore has the unique ability to detect, analyze, and prevent new forms of attack by flagging unusual network behavior. 47

Analytic: Conversational Flow Record Where When Who How What Who Highly scalable (enterprise class) collection High compression Long term storage Months of data retention More Context Security Group 48

NaaS: StealthWatch Labs Intelligence Center (SLIC) Enrichment with Global Threat Intelligence Correlated flow data collected in (1) with a global threat feed (SLIC) Collection and Behavior Analysis The StealthWatch FlowCollector collects and analyzes data from various flow sources Superior Threat Protection Additional threat context by revealing what infected hosts are doing within the network 49

How TrustSec Simplifies Network Segmentation Traditional Segmentation Static ACL Routing Redundancy DHCP Scope Address VLAN Enterprise Backbone VACL Aggregation Layer Access Layer TrustSec Micro/Macro Segmentation Central Policy Provisioning No Topology Change No VLAN Change DC Servers Enterprise Backbone DC Firewall / Switch Policy Access Layer ISE Non-Compliant Voice Employee Supplier BYOD Voice Non-Compliant Employee Supplier BYOD Quarantine VLAN Voice VLAN Data VLAN Guest VLAN BYOD VLAN Employee Tag Voice VLAN Data VLAN Security Policy based on Topology High cost and complex maintenance Supplier Tag Non-Compliant Tag Use existing topology and automate security policy to reduce OpEx 50

access-list 102 permit tcp 37.85.170.24 0.0.0.127 lt 3146 77.26.232.98 0.0.0.127 gt 1462 access-list 102 permit tcp 155.237.22.232 0.0.0.127 gt 1843 239.16.35.19 0.0.1.255 lt 4384 access-list 102 permit icmp 136.237.66.158 255.255.255.255 eq 946 119.186.148.222 0.255.255.255 eq 878 access-list 102 permit ip 129.100.41.114 255.255.255.255 gt 3972 47.135.28.103 0.0.0.255 eq 467 Network as an Enforcer Traditional Security Policy with TrustSec Security Control Automation Simplified Access Management TrustSec Security Policy Improved Security Efficacy software defined segmentation Network Fabric Switch Router Wireless DC FW DC Switch Flexible and Scalable Policy Enforcement 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Where Do You Start? What does my business need? How can I save time and money? Minimize Costs IT Priorities Business Goals Avoid Delays Mitigate Risks Architecture Strategy How do I ensure performance? Maximize Performance Increase ROI Reduce Complexity Cisco and our Partners can help. 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback