Leveraging NSO for SD- WAN, SDA, and ENFV

BRKRST-2557 Leveraging NSO for SD- WAN, SDA, and ENFV Bill Reilly Specialist Cisco Multicloud Jean-Marc Barozet - Principal Engineer SDWAN/NFV

Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkrst-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Agenda Introduction and High Level Overview Network Service Orchestrator (NSO) Overview vbranch Core Function Pack SDWAN Core Function Pack On Boarding SDWAN Site with Physical or Virtual Platforms Conclusion

Introduction

Common Themes The need for network services orchestration Complexity Increasing Complexity Increasing Deployment Time Service complexity increasing Network operations complexity increasing New service TTM too long and increasing Multi-vendor/multi-box environment Time Deployment Service B Service A Service C Time Increasing OpEx Network and services fragility increasing Break/fix time increasing Direct human interactions error-prone OpEx Time BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6

Complexity Drivers The need for network services orchestration Homegrown scripting tools Devices-by-device configuration Typically create only Increasingly Complex services Span multiple devices and vendors Multi-Vendor Environment Multiple management systems (one per vendor) Scripts per-vendor Increasing Complexity OSS/BSS support Manual, disconnected, external operational business support systems BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7

Most Organizations Are Still Attempting to Optimize Their Cloud Strategies Almost 68% of organizations use some form of cloud today (61% increase) 30% 28% 25% 20% 22% 19% 17% 15% 10% 11% 5% 3% 0% No Strategy Ad Hoc Opportunistic Repeatable Managed Optimized 69% of organizations do not have mature cloud strategies in place Figures may not add to 100% due to rounding N=11,350 Source: IDC InfoBrief, sponsored by Cisco, Cloud Going Mainstream. All Are Trying, Some Are Benefiting; Few Are Maximizing Value. September 2016 BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

An Optimized Cloud Strategy Can Deliver Tangible Business Impact IT Cost Reduction 77% Ability to Meet SLAs 72% Time to Provision IT Services 87% Strategic Allocation of IT Budget 200% Revenue Growth 11% Hybrid Cloud Essential to an Optimized Strategy 95% Use Private Cloud 92% Use Public Cloud BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

Vision The need for network services orchestration Operational Expenditure Time to Revenue Customer Experience Less Manual Work Fewer Errors Shorter Lead Times Service Quality Scheduled Services BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10

Best Practices Coming Together SNMP Experience CLI Best Practices Service Provider Requirements NETCONF Yang Informational RFC 3535 BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11

NSO Model Based Architecture Applications Engineers REST, NETCONF, Java, Python, Erlang, CLI, Web UI NED YANG Model NETCONF Orchestration NED NED NETCONF, REST, SNMP, CLI, etc YANG Model CLI Network devices are currently managed using configurations that are defined using CLI commands Transition from managing devices using CLI to NETCONF or REST When using a Device YANG Model defined by the device CLI, the transition from CLIbased to model-based management can be automated BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14

Extending Orchestration to the Datacenter and Cloud for NFV Intent/Policy Systems Network Services Orchestrator (NSO) NFVO VNF Manager (ESC) Physical Networks Virtual Networks Compute Platforms Virtualized Infrastructure Manager BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15

SD-WAN Service Enabling Dynamic Services BSS LivingObjects CFS Cisco VMS OSS Data Collector REST, NETCONF, Java, Python, Erlang, CLI, Web UI Network Service Orchestrator (NSO) Core Function Pack (IWAN, ENFV) RFS SP Services Facebook Yahoo YouTube, Internet Cloud Service Node SDN-Enabled Customer VPN SaaS VNFM Controller Apps EMS and NMS Physical Networks Virtual Networks Network Apps BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16

SP s Must Automate their Networks to Remain Competitive 50-70% of Network & Service Operations can be Automated 70% 30% 40% Operational Efficiency Revenue Uplift & Faster GTM Improve Customer Sat Maintenance window New Customer On-boarding Incident Resolution Time spent 5.3 11.2 Today With Automation 8.0 16.4 5.1 10.7 * Mean time to repair BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17

Evolving to Service Provider Integration Friendly Solutions Service Provider Example BSS/OSS Systems Service Provider Example BSS/OSS Systems Billing Systems Trouble Ticketing Inventory Order Entry SLA Measurement Network Monitoring Billing Systems Trouble Ticketing Inventory Order Entry SLA Measurement Network Monitoring Open APIs Sparsely Automated, Labor Intensive, Customized, Siloed Vendor Integration Business Logic Fueled Service Orchestration With a Single Point of Integration CP E Metro and Access WAN Data Center CP E Open APIs Metro and Access WAN Data Center Traditional Networks Automated, Orchestrated Networks BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18

Network Automation decouple Lifecycle of Product-Services and Network Resources Services OSS / ITIL Well-defined API Resource Facing Services (RFS) Physical Networks Virtual Networks Product/ Service Systems Lifecycle Network Service Lifecycle Decouples the Network from OSS/ITIL Unlocks agility and flexibility at the Resource Facing Services layer (RFS) Enables DevOps at the network/rfs layer Network changes and new features can be rolled out continuously during run-time, i.e. DevOps Network Service Orchestration System BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19

NSO Orchestration

Orchestration Turn-Key Customizable Turnkey solution stack for endto-end enterprise orchestration On-prem or cloud-based Build/design/run & Analytics Virtual and Physical Support for SDA and IWAN Open API for Extensibility Multi-vendor & Multi-Tenant Service-orchestration focused Modular solution architecture Flexible demarcation between SP and Enterprise Multi-vendor / Multi-tenancy Customized SP service catalogues DNA Center Network Services Orchestrator (NSO) BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21

NSO Model Based Architecture Applications Service Manager Device Manager Engineers REST, NETCONF, Java, Python, Erlang, CLI, Web UI Network Element Drivers (NEDs) NETCONF, REST, SNMP, CLI, etc VNFM Controller Apps EMS and NMS Service Model Device Model Logically centralized network services Model based architecture Data models written in YANG (RFC 6020) Structured representations of: Service instances Network configuration and state No hard-coded assumptions about: Network services Network architecture Network devices Mapping service operations to network configuration changes Transactional integrity Multiprotocol and multivendor support Physical Networks Virtual Networks Network Apps BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22

Mapping Features FastMap Only the CREATE operation needs to be specified UPDATE, DELETE and REDEPLOY operations are automatically generated and compute minimal change set needed Benefits Reduces service implementation code by two orders of magnitude Supports modifications of services at runtime Create Service Update Service Delete Service Redeploy Service Service Manager Device Manager Network Element Drivers (NEDs) NETCONF, REST, SNMP, CLI, etc VNFM Controller Apps EMS and NMS Service Model Device Model Physical Networks Virtual Networks Network Apps BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23

Reactive FastMap Create Service Update Service Delete Service Redeploy Service REDEPLOY SERVICE Service Manager Service Model Device Manager Network Element Drivers (NEDs) Device Model Changed network state triggers service redeploy NETCONF, REST, SNMP, CLI, etc VNFM Controller Apps EMS and NMS Physical Networks Virtual Networks Network Apps BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Storing Service Configs as Models in NSO (CDB) Yang Model Representation Internal NSO Representation container service { key "name"; service Router Interface Configuration container interface { type string; container type { type int64; container number { leaf ip { type inet:ip-address; Store interface type number } } } } leaf speed { type int64; } ip {10.1.1.21} speed {100} Service Models written independent of devices! BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25

Instantiating a Service; Fastmap Feature API calls to NSO to Map Service to Device Models API with Input Parameters {configure interface} {interface} {GigabitEthernet} {1} {172.16.11.1} {100}0 Call Map Commit Write BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26

Core Function Pack Design Stacked Services Approach Improved Code Reusability Service Abstraction APIs Customer Package SDWAN Package Infrastructure Package NED NED NED Service Models composed of multiple internal models. Single NB API exposed. Models are layed on top of each other to build specific services. This creates reusability in the models for new services to be deployed. The internal models are currently not yet supported as individual packages.. BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28

Function Pack DEMO

vbranch Function Pack Instantiate/Activate VNFs on NFVIS

ENCS 5000 Series Portfolio ENCS5412 12-Core NEW Q3/CY17 ENCS5104 4-Core ENCS5406 6-Core ENCS5408 8-Core ISRv + 5 core VNF PoE ISRv + 9 core VNF PoE ISRv + 2 core VNF LTE on Radar ISRv + 3 core VNF LAN Ports NIM LTE, DSL, T1 HDD, SSD RAID, HW Crypto BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32

NFVIS Software Stack PnP Server Console/ SSH NSO DNA-C Local Device Web Portal NFVIS CLI NETCONF REST PnP Client Health Monitoring Orchestration (VM Lifecycle) Host Management RBAC HTTPS Virtualization Layer Hypervisor and vswitch Interface Drivers Linux Platform Drivers BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33

Cisco and 3 rd Party VNF Support New New New New vedge ISRv NGFWv Third-Party VNFs High performance High performance Harden virtual services VNF program SDWAN Edge NETCONF support Rich features End-to-end support Enable secure access On-premise or cloud management Tested and certified Streamlined support from Cisco and third party vwaas vwlc ASAv Applications ISR WAAS: Leader in Gartner MQ Superior caching with Akamai Connect Survivability and scale Built for small and medium-sized branches Comprehensive protection Full DC class Featured functionality Designed for NFV Microsoft Windows Custom applications BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34

VNF Service Chaining Using NFVIS networks Profile1 ENCS lan-net wan-mpls wan-inet WAN VNF deployment on NFVIS LAN lan-net and wan-net predefined Profile2 ENCS lan-net service-net wan-mpls wan-inet WAN No limitation in terms of supported topologies LAN Support for 3 rd party VNFs Profile3 ENCS WAAS lan-net service2-net service1-net wan-mpls wan-inet WAN LAN BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36

Stacked Services Approach vbranch use of Core FP packages vbranch Service Request APIs Services Branch Service Supports a Strongly Typed Core service model Allows customizations using Key-Value pairs Supports custom templates Notifications Optionally used for pushing Day 1 Configurations through branch-infra Infrastructure Branch-Infra Supports Physical / Virtual Infrastructure onboarding Maintains a catalog of VNFDs, VDUs, Deployments, Day-0 configurations. Network creation Instantiate VNF and Service Chain Instantiates VNFs using ETSI-MANO compliant VNF descriptors Supports multi-vm VNFs Can be extended to work with multiple VNFMs ENCS devices BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38

vbranch FP High Level View of Service Model 1 Catalog Definition 2 VNFs and Service Chaining Branch-infra nfvo catalog Branch-cpe VNFD VDU deployment VNF network CPE config vedge VNF Descriptor and Flavor defined. Deployment parameters defined VNFD VDU BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39

Initial Configuration VNFDs Catalog (Gold, Bronze ) provider-infra (SP Name) Branch CPE VNFD: ISRv Platforms ENCS-54xx Tenant Platform (ENCS-54xx) VNFD: ASAv ENCS-5104 VNFD: vedgecloud Supported Deployment Catalog: Gold VNF1 (vedge) ISR Catalog: Bronze VNF2 (ASAv) vedge Network ASA BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41

Service Configuration Portal NETCONF NSO Core FP NETCONF VNFM ISRv NFVIS Use NETCONF and push a XML payload (instantiation of the service model) Transaction based BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43

Service Configuration Portal NETCONF NSO Core FP Another option is to use NSO CLI to configure and troubleshoot NETCONF VNFM ISRv NFVIS BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44

On Boarding ENCS/NFVIS NSO with the vbranch Function Pack Network Service Orchestrator (NSO) Network Service Orchestrator (NSO) PnP 3 Core FP (vbranch) 1) ENCS boots and creates basic n/w infrastructure 2 4 2) NFVIS registration to NSO using PnP IP + serial + model + capabilities 3) NFVIS registered to NSO PnP VNFM ISRv 4) NSO connects to branch NFVIS (NETCONF) 1 NFVIS 5 5) ENCS/NFVIS on-boarded in NSO BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45

Loading ISR VNF NSO with the vbranch Function Pack Network Service Orchestrator (NSO) Core FP (vbranch) SERVICE INSTANCE VNF Definitions NETWORK Definitions 1) NSO registers ISRv to NFVIS 5) NFVIS notifies NSO ISRv is active 2) NFVIS pulls ISRv images / local preparation 3) NSO instructs NFVIS to deploy NWs/ISRv 4) NFVIS deploys ISRv, load day 0 config and sets up local ISRv monitoring PnP VNFM ISRv ISRv loaded NFVIS VNFs are loaded in parallel BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46

State Machine with Reactive FASTMAP and Plan Service CPE Network VDU VNF Using YANG grouping ncs:plandata to support Reactive FASTMAP service progress reporting. Allowing staged creation and deletion Leveraging additional RFMbased packages as needed Plan: ncs:plan-data element Day1 config Init State Ready State BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47

Example: plan admin@ncs> show branch-infra:branch-infra-status branch-cpe UCPE1 plan component state tab NAME STATE STATUS WHEN ref MESSAGE ------------------------------------------------------------------------------------------------------------------------- self init reached 2017-12-18T17:24:07 - ready not-reached - - UCPE1 init reached 2017-12-18T17:24:07 - ready reached 2017-12-18T17:24:07 - Ready service-net init reached 2017-12-18T17:24:08 - ready reached 2017-12-18T17:24:08 - Ready ISR_vBranch-ISR-1.0 init reached 2017-12-18T17:25:42 - ready reached 2017-12-18T17:26:23 - Ready Cisco-ISR_UCPE1 init reached 2017-12-18T17:26:23 - Deployed VNF, waiting for NFVIS notifications. vm-deployed not-reached - - vm-alive not-reached - - ready not-reached - - [ok][2017-12-18 17:26:32] ENCS created Network created VNFD created [edit] admin@ncs% VNF Started Waiting for NFVIS confirmation that ISRv is up BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48

SDWAN-SITE Function Pack Instantiate/Activate vedge Cloud on NFVIS

Cisco SD-WAN Architecture The Power of Abstraction Orchestration Plane vmanage vanalytics APIs 3 rd Party Automation Management Plane vbond vsmart Controllers Control Plane MPLS INET 4G vedge Routers Data Plane Cloud Data Center Campus Branch SOHO BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 50

Cisco SD-WAN Platform Options Branch Services (Future) vedge Appliances ISR 1000 ISR 4000 ASR 1000 vedge 100 vedge 1000 vedge 2000 200 Mbps Next-gen connectivity Performance flexibility Up to 2 Gbps Modular Integrated service containers Compute with UCS E 2.5-200Gbps High-performance service w/hardware assist Hardware & software redundancy 100 Mbps 4G LTE & Wireless Up to 1 Gbps Fixed NEW 10 Gbps Modular vedge 5000 ~30 Gbps Modular Branch ENCS - vedge Cloud VNF Public Cloud - vedge Cloud VNF ENCS 5100 ENCS 5400 Up to 250Mbps 250Mbps 2GB BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51

Running vedge Cloud on ENCS SDWAN-SITE Core Function Pack March CY18 Virtualizing the branch vedge Cloud + other VNFs VNFM NFVIS ENCS NFVIS 3.7.1 ENCS5104 ENCS5406 ENCS5408 ENCS5412 ENCS On Boarding Automation of Managed Virtual Branch (vedgecloud, Firewall, WAN Opt, etc ) vedge Cloud day0 configuration BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 52

Plug-n-Play vedge Secure Bring-up ZTP Server Administrator Identity Trust vedge List (White-List) vedge Configuration Template vmanage vsmart vbond BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 53

SDWAN-SITE Function Pack NSO/vManage Split Cisco and 3 rd party VNFs OSS/BSS - VMS Service Abstraction APIs REST/NETCONF REST Potential SP Model SDWAN SITE CFP NSO vmanage NED REST vmanage SDWAN-SITE Function Pack vbranch CFP NETCONF NETCONF Cisco Router ENCS NFVIS vedge Appliance vbranch Function Pack NSO (vbranch, vmanage NED) to instantiate VNFs (including 3 rd party VNFs) and activate vedge. Apply device template vmanage to configure vedge NED NED NED SDWAN FP scope with expand over time BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54

vmanage NED vmanage Programmatic Access API Documentation built-in https://vmanage-url/apidocs Test calls can be executed directly from doc page API programming documented at: https://docs.viptela.com/product_documentation/command_reference/vmanage_rest_apis/vmanage_rest_apis_ov erview/using_the_vmanage_rest_apis BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55

vedge Cloud Provisioning / Activation Network Service Orchestrator (NSO) 2 vmanage Control and Policy Elements 1 Core FP (vbranch) Core FP (SDWAN-SITE) Define SDWAN Service on ENCS (VNF and Chaining) Get the unclaimed vedge Cloud router list from vmanage. Generates Bootstrap Configuration file (cloud-init config file) which contains cloudconfig (bootstraps) and cloudboothook (day0) sections 5 3 6 7 Full Registration and Configuration 4 VNFs instantiated and loaded with Bootstrap Configuration cloud-init file. Chaining of VNFs occurred if requested. vedge Virtual Networks (ENCS) BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58

SDWAN-SITE Packaging Option1 - SDWAN-SITE Service to deploy vedge Cloud along with other VNFs SDWAN-SITE 1) SDWAN-SITE Service could be used as a top service to deploy vedge Cloud and other VNFs with service chaining. 2) vbranch onboards ENCS and then creates all of the VNFs and perform service chaining 3) SDWAN-SITE monitors vmanage/vedge Cloud sync status vbranch 1 2 3 Notes: In this deployment, SDWAN-SITE Service could be a top service itself (ready-out-of-the-box for SDWAN onboarding use case) and provides a single set of API to NB to bring up vedge Cloud and other VNFs in a service chain. It focuses on the simplicity (for SDWAN use case), hides away the complexity of vbranch and offers one integrated view of all VNFs deployment. On the other hand, SDWAN-SITE does not expose all of the gut (and bell & whistle) of vbranch in which an expert user of vbranch is able to do. VNFM NFVIS BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59

SDWAN-SITE Packaging Option2 - Adding SDWAN-SITE into an Existing Service SP Service 1 3 1) A SP service already utilizes vbranch to instantiate/chain VNFs on a ENCS platform 2) vbranch onboards ENCS and then creates VNFs along with service chain 3) To add a vedge Cloud, that SP service will use SDWAN-SITE to onboard vedge Cloud. SDWAN-SITE will see ENCS as a brownfield device which is already in the NSO device tree vbranch SDWAN-SITE 4) SDWAN-SITE creates vedge Cloud on the same ENCS and also adds vedge Cloud to the service chain using vbranch 5) SDWAN-SITE monitors vmanage/vedge Cloud sync status 2 VNFM 4 5 Notes: This deployment is used when customer already created a SP service which utilized vbranch to spin up VNFs but vedge Cloud. The SDWAN-SITE is used solely to onboard a vedge Cloud in the same ENCS service chain owned by the SP service. SDWAN-SITE simplifies the logics for the SP service to bring up vedge Cloud NFVIS The SP service needs to deal with 2 different interfaces (vbranch & SDWAN- SITE) BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 60

SDWAN-SITE Service Configuration Portal NETCONF NSO SDWAN FP NETCONF VNFM vedge NFVIS Use NETCONF and push a XML payload (instantiation of the service model) Transaction based BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61

DEMO Demo Portal 10.49.234.158 NSO 10.49.234.151 XCA 10.49.234.156 vmanage 10.49.234.153 vsmart 10.49.234.166 vbond 10.49.234.159 vedge 10.49.234.4 GE 0/0 GE 0/1 vedge 10.49.234.6 GE 0/0 GE 0/1 10.49.234.254 LAN NFVIS MGMT 10.49.234.2 LAN NFVIS MGMT 10.49.234.5 BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 62

SDWAN-SITE Function Pack DEMO

Summary Steps Define if you want to use SDWAN-SITE with option1 or option2 If option 2 (Adding SDWAN-SITE into an Existing Service), add ENCS to the device tree Define your provider infrastructure (Provider name, tenant, catalog and vmanage) Pick your preferred vedge Network Deployment Unit (NDU) Define your own if you want to Define your SDWAN-SITE service That s all BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 64

VNFD and VDU For Reference VNFDs VNFD: ISRv VNFD: ASAv VNFD: vedgecloud VNFD and VDU definitions Pre defined on installation BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65

Catalog For Reference Catalog (Gold, Bronze ) Platforms ENCS-54xx ENCS-5104 Pre defined on installation Supported Deployment ISR vedge ASA BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 66

Provider Infrastructure provider-infra (SP Name) provider-infrastructure ProviderA tenant-infrastructure TenantB Catalog Gold vmanage vmanage1 tenant-infrastructure TenantA Provider-infra.cli admin@ncs% load merge provider-infra.cli provider-infrastructure ProviderA { tenant-infrastructure TenantA { catalog Silver; } tenant-infrastructure TenantB; catalog Gold; vmanage vmanage-1; ca-cert "ADD ROOT CERT"; } provider-infrastructure ProviderB { tenant-infrastructure TenantC; catalog Bronze; } For Reference Catalog Silver Check vmanage is mapped to a Provider Add Root Chain certificate if not using the default BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 67

Provider Infrastructure XML payload For Reference <config xmlns="http://tail-f.com/ns/config/1.0"> <provider-infrastructure xmlns="http://com/cisco/corefpcommon"> <provider>providera</provider> <tenant-infrastructure> <tenant>tenanta</tenant> <catalog xmlns="http://cisco.com/ns/branch-infra-common">silver</catalog> </tenant-infrastructure> <tenant-infrastructure> <tenant>tenantb</tenant> </tenant-infrastructure> <catalog xmlns="http://cisco.com/ns/branch-infra-common">gold</catalog> <vmanage xmlns="http://com/cisco/nso/corefp/sdwan/vedge">vmanage-1</vmanage> <ca-cert xmlns="http://com/cisco/nso/corefp/sdwan/vedge">root CERT</ca-cert> </provider-infrastructure> <provider-infrastructure xmlns="http://com/cisco/corefpcommon"> <provider>providerb</provider> <tenant-infrastructure> <tenant>tenantc</tenant> </tenant-infrastructure> <catalog xmlns="http://cisco.com/ns/branch-infra-common">bronze</catalog> </provider-infrastructure> </config> BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 68

Network Deployment Unit (NDU) For Reference Network Deployment Units ndu ASA vedge vedge + ASA This defines the Service Chain that you want to use for vedge Cloud. SDWAN-SITE FP comes with pre-defined chains add yours if needed BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 69

Network Deployment Unit (NDU) vedge Only Single WAN wan-net vedge Only Dual WAN wan-net wan-net2 lan-net lan-net vedge + ASAv Dual WAN wan-net wan-net2... lan-net BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 70

SDWAN-SITE Service SDWAN-SITE Service sdwan-site Berlin provider infrastructure type nfvis member-vnfs vnf vedgecloud day0 <config xmlns="http://tail-f.com/ns/config/1.0"> <sdwan-site xmlns="http://com/cisco/nso/corefp/sdwan"> <site-name>berlin</site-name> <provider>providera</provider> <location> <name>berlin</name> </location> <infrastructure> <type>nfvis</type> <nfvis> <nfvis-serial>fgl214280gk</nfvis-serial> <shared-branch-office/> <branch-office>ucpe1</branch-office> <device-on-boarding>pnp-unmanaged</device-on-boarding> <nfvis-device-name>ucpe1</nfvis-device-name> </nfvis> </infrastructure> <member-vnfs> <vnf>vedgecloudberlin</vnf> <type>vedge-cloud</type> <username>admin</username> <password>admin</password> <ip>10.49.234.4</ip> <mask>255.255.255.0</mask> <gtw>10.49.234.254</gtw> <day-0> <cfg-file>vedge_day0_template.cfg</cfg-file> </day-0> <vedge-cloud> <system-ip>10.8.0.81</system-ip> <site-id>8</site-id> </vedge-cloud> <ndu> <ndu-id>sdwan_nfvis_vedge_ndu</ndu-id> </ndu> </member-vnfs> </sdwan-site> </config> For Reference BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 71

For Reference NSO CLI sdwan-site Berlin { provider ProviderA; location { name Berlin; } infrastructure { type nfvis; nfvis { nfvis-serial FGL214280GK; shared-branch-office; branch-office UCPE1; device-on-boarding pnp-unmanaged; nfvis-device-name UCPE1; } } member-vnfs vedgecloudberlin { type vedge-cloud; username admin; password $8$WklAT9bhBkPWhUlj3Ja4E7DEPl7MYjuoYOsYlCtHW48=; ip 10.49.234.4; mask 255.255.255.0; gtw 10.49.234.254; day-0 { cfg-file vedge_day0_template.cfg; } vedge-cloud { system-ip 10.8.0.81; site-id 8; } ndu { ndu-id sdwan_nfvis_vedge_ndu; } } } BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 72

vedge-cloud Onboarding process NSO with the SDWAN-SITE Function Pack NSO PnP VNFM 5 Network Service Orchestrator (NSO) Core FP (vbranch) NFVIS vedge 6 Core FP (SDWAN-SITE) 7 8 1 3 9 2 4 vmanage Value added services provided by sdwan-site BranchInfra functionality Viptela callback activity 1) Upload vedge Certified Serial Numbers onto vmanage 2) Get the unclaimed vedge Cloud router list from vmanage 3) Instruct vmanage to: Create day0 template Attach day0 template (with variables) to an unclaimed vedge Cloud router Generate a Bootstrap Configuration file for the vedge Cloud router (UUID, Token, ). 4) Get Bootstrap Configuration file for the vedge Cloud router (cloud-init config file) which contains cloud-config (bootstraps) and cloud-boothook (day0) sections 5) VNFs instantiated and loaded with Bootstrap Configuration cloud-init file. Chaining of VNFs occurred if requested. 6) NFVIS notifies NSO vedge is alive 7) vedge to Viptela Control Plane Initial control communication 8) vmanage installs certificate into vedge Cloud router and sync up. vedge Cloud router is ready for configuration from vmanage 9) Poll vmanage to verify vedge Cloud router is in-sync BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 73

Configuring vedge Cloud router Viptela Control and Policy Elements 6) Initial control communication 7) Initial device configuration from vmanage 8) Full registration and configuration VNFM vedge NFVIS BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 74

Cisco SD-WAN Automation Stack VMS Portal/GUI 3 Network Service Orchestrator (NSO) Core FP (SDWAN-SITE) 2 1 Viptela vmanage Target customer customer has vedge appliances without a need for virtual CPE, service orchestration and OSS/BSS from Cisco FP Core FP (vbranch) vmanage NED NETCONF vmanage 1 2 Extended SD WAN Orchestration Target customer has virtual CPE s or when orchestration of other than vedge appliances are needed without a need for OSS/BSS from Cisco NETCONF Cisco Router ENCS NFVIS vedge Appliance cedge Appliance 3 Full Stack SD WAN Target customer has a need for Cisco OSS/BSS capabilities together with SD WAN BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 75

SDWAN MSP Management Options NSO/vManage Split NSO Single Entry Point OSS/BSS - VMS OSS/BSS REST/NETCONF REST REST/NETCONF SDWAN SITE CFP NSO vmanage NED REST vmanage Other CFP NSO vbranch CFP SDWAN CFP vmanage NED vbranch CFP NETCONF vmanage NETCONF NETCONF NETCONF Cisco Router ENCS NFVIS vedge Applianc e cedge Applianc e Cisco Router ENCS NFVIS vedge Applianc e cedge Applianc e vmanage and NSO Entry Point (REST APIs) vmanage improved with NSO (and vbranch, SDWAN, potentially SAE CFP) vmanage and/or NSO as potential entry point Reporting and Alerts NSO Single Entry Point SDWAN network wide Service Model that includes: - VNFs instantiation (including 3 rd party VNFs) and vedge activation - Controller instantiation - Device template definition - SDWAN policies definition - Topology definition BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 76

Short Term - NSO/vManage Split Gives Flexibility OSS / BSS or VMS REST/NETCONF Network Service Orchestrator (NSO) Core FP (vbranch) Core FP (SDWAN-SITE) REST NSO and vmanage run side by side in separate processes NSO and vmanage are integrated using APIs (a NSO NED using the vmanage REST interface) NETCONF REST vmanage NSO will communicate with all devices involved in the CFP for day0 and dayn configuration. vmanage will provide dayn configuration for vedge Cisco Router ENCS NFVIS vedge Appliance NETCONF cedge Appliance The vmanage UI will have to be extended with the appropriate CFP workflows and send API calls to NSO. BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 77

Conclusion

Enterprise NFV at Cisco Live Monday Tuesday Wednesday Thursday Friday BRKRST-2557 Hands-on Branch virtualization overview Cisco ENFV Solution 360 SD-WAN and NFV Orchestration for Managed Service Providers Advanced Virtualization SP Orchestration TECCRS-3006 Cisco Enterprise NFV Deep Dive and Hands-On Lab BRKARC-2014 Branch Virtualization The Evolving NFV Landscape BRKARC-2112 Deploy Network Services in Minutes on any Platform with Cisco Enterprise Network Functions Virtualization (NFV) Enterprise BRK-1997 Routing Underlay and NFV Automation with DNA Center BRKCRS-3447 Network Function Virtualization for Enterprise Networks

Want to learn and collaborate around NSO? The NSO Digital Ecosystem is a platform for collaboration for the entire NSO product suite and consist of two virtual places; the external* NSO DevNet and the internal** NSO Field Portal. The main purpose is to further improve NSO value by helping new and seasoned practitioners to drive NSO experiences and inviting customers to the Opportunities of NSO External (Open for all) www.cisco.com/go/nsodevnet Internal (Open for all Cisco) go2.cisco.com/nso-fp DevNet Public material targeting partners and customers DevNet open for all Selected Content Learning Labs open for all registered users Training material GitHub open for all Shared code NSO Developer Hub (Jive) open for all registered Cisco employees, Cisco partners & Cisco customers www.cisco.com/go/nsohub Community and main repository of content and Q&A NSO Field Portal (Internal Jive) Cisco Internal content and Q&A *Customer, Partner and Cisco **Cisco internal only BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 80

NSO at Cisco Live Design Clinics Opportunity for customers to ask questions without an appointment Located in The hub (Hall 6) Opening hours of The Hub: Monday: 8:00 19:30 Tuesday: 8:00 19:30 Wednesday: 8:00 19:00 Thursday: 8:00 18:30 Friday: 8:00 13:30 https://www.ciscolive.com/emea/activities/the-hub/ BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 81

More Information Network Service Orchestrator http://www.cisco.com/go/nso dcloud dcloud Home: http://dcloud.cisco.com SDWAN 4D Demo Search for: Cisco 4D SD-WAN (Viptela) BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 82

Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/. 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKRST-2557 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 85

Thank you