Introducing Cisco Network Assurance Engine

Similar documents
2018 Cisco and/or its affiliates. All rights reserved.

PSOACI Tetration Overview. Mike Herbert

Tetration Hands-on Lab from Deployment to Operations Support

Customer s journey into the private cloud with Cisco Enterprise Cloud Suite

CloudCenter for Developers

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Get Hands On With DNA Center APIs for Managing Intent

Cisco SD-Access Hands-on Lab

Cisco Container Platform

Delivering Intent for Data Center Networking

Cisco Tetration Analytics

Routing Underlay and NFV Automation with DNA Center

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

NXOS in the Real World Using NX-API REST

NetBrain Technologies: Achieving Agile Network Operations: How Automation Can Improve Visibility Across Hybrid Infrastructures

Deploying Cloud-Agnostic Applications with Cisco CloudCenter

Ipswitch: The New way of Network Monitoring and how to provide managed services to its customers

Cisco UCS Director and ACI Advanced Deployment Lab

DevNet Workshop-Hands-on with CloudCenter and Jenkins

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

Serviceability of SD-WAN

DevOps CICD for VNF a NetOps Approach

Cisco SD-Access Building the Routed Underlay

Cloud Mobility: Meraki Wireless & EMM

Cisco Tetration Analytics + Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Your API Toolbelt Tools and techniques for testing, monitoring, and troubleshooting REST API requests

Intuit Application Centric ACI Deployment Case Study

Cisco Network Assurance Engine with ServiceNow Cisco Network Assurance Engine, the industry s first SDN-ready intent assurance suite, integrates with

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Cisco Application Centric Infrastructure

Contiv installation and integration with ACI. LTRCLD-2003

Cisco Enterprise Agreement

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Network Behavior Analysis

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Hands On Exploration of NETCONF and YANG

Cisco Spark. Questions? Use Cisco Spark to communicate with the speaker after the session. How

DEVNET Introduction to Git. Ashley Roach Principal Engineer Evangelist

Title DC Automation: It s a MARVEL!

Using Workload Automation to Optimize Hybrid Cloud Estates

LTRDCT-2781 Building and operating VXLAN BGP EVPN Fabrics with Data Center Network Manager

Cisco Spark Messaging APIs - Integration Platforms as a Service Real World Use-Cases

Contiv installation and integration with ACI

Who wants to be a millionaire? A class in creating your own cryptocurrency

Cisco Network Assurance Engine Release Notes, Release 3.0(1)

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab

Consuming Model-Driven Telemetry

Getting Started with OpenStack

Hands-On with IoT Standards & Protocols

Simplifying Collaboration Deployments with Prime Collaboration

Trends and challenges Managing the performance of a large-scale network was challenging enough when the infrastructure was fairly static. Now, with Ci

BRKCOC-2399 Inside Cisco IT: Integrating Spark with existing large deployments

NSO in Brownfield: Fully Automated One-Click Reconciliation

An Introduction to Developing for Cisco Kinetic

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Cisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction

Migrating Applications with CloudCenter

Automation with Meraki Provisioning API

DNA Assurance. Predict Network Failures Before They Become Issues

Git, Atom, virtualenv, oh my! Learn about dev tools to live by!

Demystifying Machine Learning

VXLAN EVPN Fabric and automation using Ansible

Multi-Site Use Cases. Cisco ACI Multi-Site Service Integration. Supported Use Cases. East-West Intra-VRF/Non-Shared Service

Cisco ACI App Center. One Platform, Many Applications. Overview

AWS Reference Design Document

Introduction to Cisco SD- WAN (Viptela)

Self-driving Datacenter: Analytics

Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003

VMWARE AND NETROUNDS ACTIVE ASSURANCE SOLUTION FOR COMMUNICATIONS SERVICE PROVIDERS

Connected Mobile Experiences (CMX) Aligning Use Cases and Technology

The Transformation of Media & Broadcast Video Production to a Professional Media Network

PnP Deep Dive Hands-on with APIC-EM and Prime Infrastructure

Sourcefire Network Security Analytics: Finding the Needle in the Haystack

Cisco ACI vcenter Plugin

Automation and Programmability using Cisco Open NXOS and DevOps Tools

NetDevOps Style Configuration Management for the Network

Insights into your WLC with Wireless Streaming Telemetry

DNA Automation Services Offerings

Cisco VIRL. The Swiss-Army Knife of Network Simulators. Simon Knight, Software Engineer Brian Daugherty, Technical Leader.

The Why, What, and How of Cisco Tetration

Magical Chatbots with Cisco Spark and IBM Watson

Cisco Cloud Application Centric Infrastructure

Service Graph Design with Cisco Application Centric Infrastructure

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

Cisco Tetration Analytics

BGP in the Enterprise for Fun and (fake) Profit: A Hands-On Lab

Best Practices in Securing a Multicloud World

Cisco HyperFlex Systems

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

Cisco ACI - Application Policy Enforcement Using APIC

The threat landscape is constantly

OpenStack Enabling DevOps Shannon McFarland CCIE #5245 Distinguished DEVNET-1104

Hybrid Cloud Automation using Cisco CloudCenter API

APIC-EM / EasyQoS - End to End Orchestration of QoS in Enterprise Networks

Stateless Multicast with Bit Indexed Explicit Replication

Cisco Firepower NGIPS Tuning and Best Practices

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Transcription:

BRKACI-2403 Introducing Cisco Network Assurance Engine Intent Based Networking for Data Centers Sundar Iyer, Distinguished Engineer Head Cisco Network Assurance Engine Team Dhruv Jain, Director of Product Marketing Data Center Switching Business Unit

Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkaci-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Network Assurance Engine (Candid) @ Cisco Live Why Continuous Assurance Will Transform Data Center Networks Making Predictive Operations in Data Center Networks a Reality Increase Operational Agility & SLAs in Modern ACI Data Centers Implementing Network Assurance in ACI Environments Tuesday, Jan 30 11:15 am to 12:45 pm [BRKACI-2403] Wednesday, Jan 31 st 1:15 pm to 2:15 pm [PSODCT-4590] Wednesday, Jan 31 st 5 pm to 5:45 pm [DEVNET-1699] Walk-in Lab 9am-7pm [LABACI-2030] BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 4

Problem: DC Paradigms Are Fundamentally Reactive Intent Frequently Breaks We Always React Leaving Us With Operational Security Compliance Change Troubleshoot Scramble to fix it Fail audits Undo changes An Inability to Assure Intent Proactively BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5

... Creating a Major Assurance Gap Intent Controllers How can I have confidence that I haven t made an error? Infrastructure How do I easily understand the state of my entire infrastructure? VM How do I rapidly analyze the network to identify issues? BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6

Intent Assurance The guarantee that the infrastructure is doing what you intended it to do Intent Encompasses Data Center Operations Configs, Changes, Routing, VMs, Security, Compliance, Audits BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7

Introducing Cisco Network Assurance Engine Based on mathematical models of the network Continuously verifies and validates the entire network Delivers the confidence that the network is operating correctly Comprehensive, Intelligent, Continuous BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

Use Case & Benefits Achieving Higher Operational Maturity, Faster PREDICT THE IMPACT OF CHANGES Drive change agility Minimize human errors and eliminate configuration drift Accelerate migrations PROACTIVELY VERIFY NETWORK-WIDE BEHAVIOR Ensure connectivity Proactively eliminate potential network outages or vulnerabilities Enhance SLAs ASSURE NETWORK SECURITY POLICY AND COMPLIANCE Reduce security risk Achieve provable compliance by design, continuously BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

Cisco Network Assurance Engine: How It Works Data Collection Captures all non-packet data: intent, policy, state across data center network Comprehensive Network Modeling Mathematically accurate models spanning underlay, overlay and virtualization layers Intelligent Analysis 5000+ domain knowledge-based error scenarios built-in, codified remediation steps BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10

Stories from Customer Trials PREDICT THE IMPACT OF CHANGES PROACTIVELY VERIFY NETWORK-WIDE BEHAVIOR ASSURE NETWORK SECURITY POLICY AND COMPLIANCE Challenge Mainframe misconfiguration in DR site Potential Impact Mainframe cluster inaccessible in case of fail-over event Benefit Identify latent misconfigurations before outages happen Avoid $$ in lost revenue Challenge Overlapping subnets due to routes leaked across VRFs Potential Impact Connectivity loss for Skype VoIP and Video users Benefit Continuous & proactive networkwide dynamic state analysis Save days in downtime Challenge TCAM utilization hitting capacity, inefficient security policy definitions Potential Impact Degraded security posture & inability to deploy policies Benefit Identified 17,000 unused policies Surfaced opportunity for 20-70% TCAM optimization BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11

User Interface: Centered Around Smart Events Change Management Compliance and Visualization Incidence and Problem Management Smart Events: What, Where, Why, and How BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12

Demo: Network Security Policy Assurance 1. Use Case: Visualization, Search, Filters (Radial View, Green Arc) 2. Use Case: Compliance: Isolation (Disjointed Arcs) 3. Use Case: Incident Management: (Needle in the Haystack Red Arc) 4. Smart Events: with Human Readable Next Steps

Assure Network Security Policies & Compliance BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14

Core Technology Idea Every device performs a mathematical transformation on a packet Header 0110101 Data Header 1000101 Data Spine Leaf1 Leaf2 FW We Can Build Comprehensive Mathematical Models of Network Behavior BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15

What can a Model Answer? Example : Tenant Security Policies, TCAM Rules Questions You Can Ask Who all can EPG-A talk to? d x1 x2 x2 x3 x3 0 1 Can EPG-A talk to EPG-B? Are any policies conflicting? Are policies aliased? Did upgrade to a new version change my existing security policy enforcement? Reduced Order Binary Decision Diagrams Are the configured policies compliant? Which exact policy is violated? Analyze millions of policies, answer questions in real-time BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16

Demo: Network Assurance Engine Comprehensive Intelligent Continuous

User Interface: Centered Around Smart Events Change Management Compliance and Visualization Incidence and Problem Management Smart Events: What, Where, Why, and How BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23

User Interface: Dashboard with Smart Events 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Transforming Change Management with NAE BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25

De-Risk Changes, Increase Change Agility Automated Gold Standard Make Changes in Test Env. Verify Instantly with Candid Present Report to CAB Faster Approval Cycles Make Changes in Production Verify Instantly with Candid Shrink Change Windows Multiple Changes, Long Windows Dramatically Reduce # of Changes Reqd. Reduce Risk of Outage ROADMAP Long CAB Model Changes Approval Process in Candid Analyze Configs, Verify in Candid Push Changes to Production Faster, Confident Change Cycles Drastically Reduce Outages BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26

Tenant End-point Assurance Analyze Static configurations of VLANs, IPs, MACs.. Dynamic EP Learning, Mobility, EP Connectivity, Communication Common issues found Duplicate IPs: human error, NIC teaming, migrations, DHCP errors EPs deployed against leafs without BD subnet EP table consistency across fabric BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 27

Tenant Forwarding Assurance BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28

Network Audit Trail with Candid Timeline DVR for Network State, Connectivity, Issues BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29

What Makes Us Different? Comprehensive Intelligent Continuous Capture, analyze and correlate entire network state: switch configurations + hardware data-plane state 5000+ built-in failure scenarios, powering Smart Events with remediation steps Runs Continuously Near real-time: collection, modeling, analysis BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30

Early Customers: Impact & Feedback 40+ Customer Fabrics Analyzed The User Interface is professional and easy to use. 1500+ Critical / Major Issues Found The ease of getting started is pretty fantastic. 35+ Potential Outages Detected Proactively quickly pointed out things we should resolve. very impressed... BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31

Available Now Available 2018 Vision : Assurance Everywhere Cross Platform, Multi-cloud Cross-platform Network Integration Firewall Virtual Machine Manager Integration with Operations Toolchains Under Certification ACI Data Center Fabric BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32

Cisco Network Assurance Engine Deployment Model No sensors Read only credentials Time to Value 30 mins to deploy 60 mins to value Form Factors Software only OVA Lightweight: 3 VMs (v1.0) Available Now 30 Day Free Trial Subscription Licensing BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33

Intent-Based Data Center Intent Policy Policy Network Assurance Engine Tetration Assurance Configuration Analysis Very Large State-Space Guarantees Compliance Consistency ADM Monitoring Forensics Analytics Traffic Analysis Lots of Data BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34

Thank you

Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkaci-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/. 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tetration Hands-on Lab from Deployment to Operations [LTRACI-2184] Whitelist policy and security enforcement through Tetration Analytics [LABACI-2020] An Introduction to Tetration and Policy Deployment [LABDCN-1206] Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKACI-2403 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback