Why your Datacenter Infrastructure should be Policy Defined

Similar documents

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

Enabling Application Aware Networks The Next Generation Data Centre with Citrix NetScaler & Cisco Nexus. Ralph W. Lorkins Lead Systems Engineer

Federated Application Centric Infrastructure (ACI) Fabrics for Dual Data Center Deployments

Unleash the power of Cisco ACI and F5 Synthesis for Accelerated Application deployments. Ravi Balakrishnan Senior Marketing Manager, Cisco Systems

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

The New Datacenter Network: Furthering Holistic Data Solutions. Cindy Borovick Program Vice President, Enterprise and Datacenter Networks IDC

AVI NETWORKS CLOUD APPLICATION DELIVERY PLATFORM INTEGRATION WITH CISCO APPLICATION CENTRIC INFRASTRUCTURE

Cisco and Citrix Solution

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack

Delivering Managed Services Using Next Generation Branch Architectures

The Advantages of Cloud Services

Cisco Application Centric Infrastructure. Silvo Lipovšek Sistemski inženjer

Installation Guide Avi Networks Cloud Application Delivery Platform Integration with Cisco Application Policy Infrastructure

Security in the Software Defined Data Center

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

A Look at the New Converged Data Center

VMware NSX A Perspective for Service Providers part 2

Cisco Cloud Architecture for the Microsoft Cloud Platform

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Aligning Applications and Connectivity to Enable Fast And Safe Cloud Computing Derrick Loi, May 2015

Microsoft Private Cloud

Securing the Virtualized Data Center With Next-Generation Firewalls

Virtualization, SDN and NFV

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

White Paper. SDN 102: Software Defined Networks and the Role of Application Delivery Network Services. citrix.com

Software-Defined Networks Powered by VellOS

Spotlight On Backbone Technologies

How Network Virtualization can improve your Data Center Security

Building Scalable, Open, Programmable and Application Centric Data Center with Cisco ACI. 林瑝錦 / Jerry Lin Cisco Systems 2015 July

WHAT S NEW & COOL. Zenoss Service Dynamics 5 February 2015

Virtualized Hadoop. A Dell Hadoop Whitepaper. By Joey Jablonski. A Dell Hadoop Whitepaper

May 13-14, Copyright 2015 Open Networking User Group. All Rights Reserved Not For

Software Defined Network (SDN)

How To Build A Software Defined Data Center

Assessing the Business Value of SDN Datacenter Security Solutions

VMware for your hosting services

Operationalize Policies. Take Action. Establish Policies. Opportunity to use same tools and practices from desktop management in server environment

Zenoss for Cisco ACI: Application-Centric Operations

Thank you for joining us today! The presentation will begin shortly. Thank you for your patience.

Cisco ACI and F5 LTM Integration for accelerated application deployments. Dennis de Leest Sr. Systems Engineer F5

I D C T E C H N O L O G Y S P O T L I G H T. I m p r o ve d S c a l a bility, Orchestration, and Au t o m a t i o n

Cloud, SDN and the Evolution of

2013 ONS Tutorial 2: SDN Market Opportunities

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

SOFTWARE DEFINED NETWORKING

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

Software Defined Networking (SDN) Software Defined Security

Flexible SDN Transport Networks With Optical Circuit Switching

2016 Spring Technical Forum Proceedings

Orchestrating Software Defined Networks (SDN) to Disrupt the APT Kill Chain

Software Defined Environments

EMA Radar for Private Cloud Platforms: Q1 2013

Cisco Network Services Manager 5.0

Limiting the Spread of Threats: A Data Center for Every User

Software Defined Networking (SDN)

Virtual Machine Manager Domains

Introduction to Virtualization. Paul A. Strassmann George Mason University October 29, 2008, 7:20 to 10:00 PM

Group-Based Policy for OpenStack

SOFTWARE-DEFINED NETWORKS

Netzwerkvirtualisierung? Aber mit Sicherheit!

Intel Service Assurance Administrator. Product Overview

Palo Alto Networks. Security Models in the Software Defined Data Center

locuz.com A comprehensive orchestration tool for setting up private and hybrid clouds

Intel IT Cloud 2013 and Beyond. Name Title Month, Day 2013

EVOLVED DATA CENTER ARCHITECTURE

Software Defined Networks

Cisco Intelligent Automation for Cloud

Getting Real with Policies for Software Defined Infrastructure. Manish Dave Principal Engineer, Intel IT

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

SDN Applications in Today s Data Center

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Data Center Security That Accelerates Your Business

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

SDN PARTNER INTEGRATION: SANDVINE

Business Values of Network and Security Virtualization

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Presented by Philippe Bogaerts Senior Field Systems Engineer Securing application delivery in the cloud

Empowering Private Cloud with Next Generation Infrastructure. Martin Ip, Head of Advanced Solutions and Services Macroview Telecom

Evolving the Data Center Critical Cloud Success. A Light Reading Webinar Sponsored by

Network Services in the SDN Data Center

From SDN to SDC. Requirements for the Next Generation Cloud. Lisboa, Junho 2014

Speeding Up Business By Simplifying the Data Center With ACI & Nexus Craig Huitema, Director of Marketing. Session ID PSODCT-1200

Cisco dan. Beograd, Srbija 1.april TOMORROW starts here.

An Application-Centric Infrastructure Will Enable Business Agility

Cloud Security Axians Carrier & Broadband Days. Christof Jungo C1, Public (Axians Carrier Days) September 15 Darmstadt

Open Networking User Group SD-WAN Requirements Demonstration Talari Test Results

Private Cloud Management

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start?

Delivering Cloud Services Transformation : Plan > Build> Assure> Secure. Stephen Miles Vice President, Solution Sales, APJ

APPLICATION DELIVERY IN OPENSTACK WITH AVI NETWORKS

A Nemertes Research Conference The Application Delivery Sea Change: Will IT Wash Away?

Transcription:

Why your Datacenter Infrastructure should be Policy Defined Dr. Markus Hofmann DC Specialist Application Centric Infrastructure mahofman@cisco.com 30.9.2015

Why Automation is Key in the DC Agility Cloud-like self-service consumption of IT Better usage of resources Better Service Levels through QoS enforcement Improved Security and Compliance by reducing operational risks Shift people workload from fire fighting to proactive work

How to automate complex systems?

Controlling Complexity - Design it for Automation They should want to be here Most IT Service providers are here Speed Capacity Security Fly-by-wire Auto Pilot Automated Solutions

How to automate complex systems of complex systems?

Two approaches to Control Systems IMPERATIVE CONTROL DECLARATIVE CONTROL Good enough for fairly complex systems of simple sequential tasks Centralized Intelligence Air traffic control tells where to take off from, but not how to fly the plane Distributed Intelligence

How to automate a datacenter End-User Service Catalogue High-Level IT Prozess- Automation Need Infrastructure Need Infrastructure API Standard Infrastructure-Service-Catalogue How do we control the airplanes? Physical + Virtual Infrastructure- Automation

Infrastructure The workflow automated datacenter Define Workflo w Manage Exceptions Control Workflow Execution The nasty part Analyze SLAs

Infrastructure The Policy Defined Datacenter Eliminate the nasty terms from the equation Define Policies Manage Exceptions Apply Policies Analyze SLAs You have to TRUST the (auto-)pilot!!

SIM Card Identity for a phone UCS Service Profile Identity for compute Service Profile Network Policy Storage Policy Compute Policy ACI Application Profile Identity for the network

Group Based Policies in Openstack Watch out: can you trust the pilot?

The automated DC with policy based infrastracture definition End-User Service Catalogue High-Level IT Prozess- Automation Need Infrastructure Need Infrastructure API Standard Infrastructure-Service-Catalogue Physical + Virtual

Application Centric Infrastructure Open API s, Complete Automation & Application Focused Controller Policy Model Nexus 9000 APIC Open restful APIs Centralized policy model Open source Applications Centric Infrastructure

Application Centric Infrastructure Policy-basierte Netzwerk-Konfiguration Applikationen Dev Health Score Systems Telemetry 82 % 25 Packets dropped APPLICATION CENTRIC POLICY APIC Latency Isolation Netzwerk

Enhance DC security: Network-based stateful Firewall with contracts Contract WEB APP Physical + virtual Wire-speed Zero Management Microsegmentatio n in the network: Zero CPU cycles on host No exposure to infected hosts

ACI Supports Flexible East-West Security Models L4 Stateful Security L4-7 Visibility and Control ACI Services Graph Servers (Physical or Virtual) Firewall at Each Leaf switch L4-7 Security Services (physical or virtual, location independent) L4 Distributed Stateful Firewall L4 Stateful Firewall Attached to Every Server Port Line Rate Policy Enforcement Policy Follows Workloads L4-7 Security Via ACI Service Graph Advanced Protection with NGFW, IPS/IDS, DDoS Services Insertion Sizing at Scale-Enabled via Pool and ACI Dynamic Redirection L4-7 Security Policy Applied Consistently for Any Workload

Enhanced Compliance and Full Day-0 Auditability ACI is PCI certified Common Criteria and FIPS certification in H2CY15 Auto-Documentation Prove compliance at any point in time Policy = Configuration guaranteed Full audit: who did what and when Backup and Restore full DC configuration End-Point-Tracking Determine what was on network at any time

Application Centric Infrastructure Solution Overview ACI Ecosystem Partners Automation Hypervisor Management OVM Enterprise Monitoring Systems Management Orchestration Frameworks Application Network Profile APIC Centralized Policy Management Open APIs, Open Source, Open Standards TURN-KEY OPEN Fabric Physical Networking Hypervisors and Virtual Networking Compute L4 L7 Services Storage Multi DC WAN and Cloud Nexus 7K End Points Physical & Virtual Nexus 2K Integrated WAN Edge

Scorecard for 6 Quarters of Shipment: Nexus 9K Customers Globally ACI Customers Globally Ecosystem Partners

www.cisco.com/go/aci