Reducing Cost with DNA Automation
1 like1,535 views
The document outlines Cisco's vision and strategy for digital transformation through its Digital Network Architecture (DNA), focusing on programmable hardware and simplified network management. It emphasizes the need for networks to adapt to increasing complexity, security challenges, and the growth of connected devices by leveraging automation, policy enforcement, and advanced technologies. Additionally, it discusses benefits such as improved business agility, enhanced security, and real-time insights for better decision making.
Reducing Cost with DNA Automation
- 1. Karl-Etienne St-Pierre & Nigel Gocan Systems Engineer Nov10, 2016 DNA Automation and Evolved Campus Networks
- 2. Cisco Vision, Strategy, & Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 3. Transform our customers’ businesses through powerful yet simple networks. Why How What Cisco’s Vision Cisco’s Enterprise Networking Vision Overview
- 4. Why do networks need to change?
- 5. *Cisco VNI Study 2012 of “things” are unconnected 99% … but could be! Traffic Growth 4X Transition to Cloud* Mobility Wi-Fi 50% of Traffic (Video over Mobile Devices)* The Network MUST Change to accommodate these trends Intelligent Device Growth 2.5/Person BYOD Programmable Simple Network Trends Connecting the Previously Unconnected, Growth, and Change
- 6. Overview – Enterprise Networks Today LOTS of Functionality … BUT LOTS of Complexity … Can we make Enterprise Networks simpler, with a similar – or greater – level of functionality?
- 7. Source: 2016 Cisco Study Policy Violations Due to Human Error Network Changes Performed Manually 95% OpEx spent on Network Visibility and Troubleshooting Traditional Networking CANNOT Keep Pace with the Demands of Digital Business …and Have multiple Operational Challenges 70% 75%
- 8. How can we change the way we do networking? Intelligent Programmable Simple
- 9. Strategy We create solutions built on intelligent networks that solve our customers' challenges Vision Change the way the world works, lives, plays, and learns Cisco Vision and Strategy
- 10. Unlock the Power that Exists in the Network through Abstraction, Automation, and Policy Enforcement Leverage the Power of Existing Distributed Systems Enable Network Wide Fidelity to an Expressed Intent (Policy) Cisco’s Enterprise Strategy Overview
- 11. Country Digitization is Improving Citizen Lives Increase The Country’s GDP, Reduce Spending and Create Jobs With A Cutting-edge Digital Foundation Employment & Social Inclusion Public Safety & Security Smart City Services Environmental Sustainability Innovation Opportunities GDP Growth Peace Keeping Cyber Security
- 12. Cisco Vision and Strategy Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 13. Insights & Experiences Drive Business Innovations Security & Compliance Real-time and Dynamic Threat Defense Automation & Assurance Speed, Simplicity & Visibility The Network Enables Digital Business Network Requirements for the Digital Organization Overview
- 14. Insights & Experiences Security & Compliance Automation & Assurance Drive Business Innovations Real-time and Dynamic Threat Defense Speed, Simplicity & Visibility • Visibility into Users behavior, Applications, Network performance • Customer has the elements to make decisions faster Abstraction layer • Abstraction, Intent, Policy Automation • Verification of Desired Result Assurance Wi-Fi Core WAN Cloud APIC EM Using the Network as a Sensor for security threats and then Enforce Compliancy through Segmentation Network Requirements for the Digital Organization Overview Intent Telemetry
- 15. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 16. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 17. vBranch IP NFVIS WAAS IPS vSwitch vBranch IP NFVOS WAAS IPS vSwitch Network Interface (UNI) PEP: Policy Enforcement Point Virtualization Physical & Virtual Infrastructure | App Hosting VPCEnterprise Fabric Encryption Encryption Encryption PEP Public Cloud VPC WAN Agg Apps Apps WAAS IPS WAAS IPS UNI AWS VPC Hosting and Hosted Network Functions
- 18. Advanced, Multi-Core, Feature-Rich Routing Silicon QFP QuantumFlow Processor Fully Programmable: leveraging the many features of IOS-XE with hardware performance Scalable: Massive number of CPU cores (40/64), abilityto cascade multiple QFPs = consistent high performance Advanced on-chip QoS: 100,000+ hardware-based queues, sophisticated traffic shaping and control Secure: linkage to high-performance crypto capability for secure WAN transport Extensible Architecture: ability to scale both up and down—the foundation for a long-lived family of high-performance, flexible routing silicon UADP Unified Access Data Plane Flexible, Programmable, High-Performance Switching Silicon Fully Programmable: excellent flexibility, ability to handle new encaps (VXLAN, GPE, etc.) – hardware speed, with software elasticity Scalable: Massive recirculation bandwidth and low recirculation latency provide excellent tunneling and services support for traffic flows Advanced on-chip QoS: client–level granularity, sophisticated bandwidth shaping, with integrated on-chip NetFlow for visibility Secure: integrated on-chip support for MACsec encryption (AES-128, CBC) Extensible Architecture: ability to scale both up and down – the foundation for a long-lived family of high-performance, flexible switching silicon Virtualization Physical & Virtual Infrastructure | App Hosting “People that are really serious about software should build their own hardware” 100% Cisco-developed programmable silicon: unlocking the power of DNA at hardware speeds Operational and Services Uniformity: Routing, Switching, and Wireless consistency New Foundational Capabilities: HA and operational leadership, state decoupling, net database… Speed of Innovation Velocity: “Code once and Re-use Many” across multiple places in the network Foundation for Virtualization: providing for network hosting and integration of virtualized functions (VNFs, containers) Platform for the Future: the “software stage” for the next wave of Cisco innovation… IOS-XE The Evolution of IOS Taking the Proven Strengths of IOS to the Next Level Building on a Strong Foundation of Hardware and Software Innovation
- 19. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 20. • Express Business Intent • Translate into device specific policy/configuration • Leverage Abstraction (the controller knows about the device specifics) • Automate the Deployment across the Network • Insure Fidelity to the Expressed Intent (keep everything in sync) User policy based on user identity and user-to-group mapping Employee (managed asset) Employee (Registered BYOD) Employee (Unknown BYOD) ENG VDI System PERMIT PERMIT DENY DENY DENY DENY DENY PERMIT PERMIT PERMIT PERMIT PERMIT Production Servers Development Servers Internet Access Protected Assets Source De-coupling of User Identity and Topology Much easier to translate business objectives to network functionality— Lowers TCO Configuration Controller-based AutomationToday Traditional Traditional Policy Traditional Policy Policy Policy based Configuration— Dynamic, able to be automated by the Controller Over time—Policy grows, static shrinks Automation Controller-Led Networking Deployment Evolution to a Policy Model
- 21. Any given “custom” configuration has a very high probability of not being tested exactly as deployed “individually—as a one off…” which introduces potential issues… Risk Bugs Uncertainty Problems Combinatorial Issues… Trust Automation Controller-Led Networking Deployment The automated configuration deployed by the controller will have gone through… • Joint development by the Cisco Product Teams, the Architects developing Best Practices, and the Controller Team – “Blessed Configurations” • Testing by Cisco’s Solution, System, and Devtest teams against the deployment use cases developed jointly, above • And will be deployed by 1000’s, with any unforeseen situations addressed ASAP due to widespread and standardized deployment Greatly increased probability of success Controller-Led Networking Bridging the Gap to Increased Success in Network Deployment and Use
- 22. Analytics Instrumentation Telemetry Correlation Measure and Adjust Click here to Correct Always Correct this way (and never ask me again) Applications Automated Deployment Network Endpoints Run Reports Discover user insights Deliver relevant content APIC EM Analytics Network Data, Contextual Insights Deploy, Report, Measure, Adjust, Repeat
- 23. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 24. Plug & Play CMX Business Analysis Branch TeleworkerCampus/HQ Telemetry Continuous Innovation Cloud-based Audits Cloud Connected Simplicity | Speed Branch TeleworkerCampus/HQ Hybrid Cloud AWS | Rackspace| Azure| Cisco Intercloud CSR1000V VPC / vDC vASA FTDv StrataWatch WAN Cloud Delivered Innovation | Insights Cloud Edge IaaS Scale | Flexibility Branch TeleworkerCampus/HQ Cloud-Enabled Networking Overview
- 25. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 26. jafrazie$ ssh admin@172.27.230.76 admin@172.27.230.76's password: cho# conf t Enter configuration commands, one per line. End with CNTL/Z. cho(config)# Task Oriented Human Friendly Easy To Replay No Special Tools Software Unfriendly Syntax/format changes No Common Data Model No Error Reporting Configuration Management Today
- 27. Other vendors… RESTCONF NETCONF gRPC Data Model Configuration Standard Device Specific Device Features Interface BGP QoS ACL … Operational Standard Device Specific Open Device Programmability Physical and Virtual Network Infrastructure AutomateSet Get Open Device Programmability Overview
- 29. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Insights & Experiences Automation & Assurance Security & Compliance Network-enabled Applications Cloud-enabled | Software-delivered Principles Cisco Digital Network Architecture (DNA) Overview
- 30. Cisco Vision and Strategy Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 31. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public Programmable Custom ASICs Industry Leading Wired & Wireless | Stacking | TrustSec | SDN Advanced Functionality Programmable Pipeline | Flexibility | Recirculation Optimized for Campus Integrated Stacking | Visibility | Security Future Proofed Long Life Cycle | Investment Protection ` Network Enabled Applications Collaboration | Mobility | IoT | Security Automation and Analytics Controller | Visible | Programmable | Open Virtualization Segmentation | L2 Flexibility Designed for Evolution Strong Foundational Capabilities | HA Converged Software Services + Driving Innovations Through Technology Investments Foundational Pillars For the Digital Network Architecture
- 32. Traditionally the pipeline is FIXED ASIC Processing Pipeline
- 33. ASIC Re-Spin (if needed)
- 34. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public Modify processing behavior without incurring re-spin ASIC Programmable Pipeline BRKCRS-2700 35© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
- 35. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public MPLS VXLAN LISP TRILL* SPB* and more… Possible Future UADP Use Cases * Not Committed BRKCRS-2700 36
- 36. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKCRS-2700 37© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
- 37. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKCRS-2700 38
- 38. Cisco Vision and Strategy Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 39. The Solution – Cisco Multigigabit Technology Powered by NBASE-T Delivers up to 5X Speeds in Enterprise without replacing Cabling Infrastructure 2.5-5G! Cat 5e Cables WiFi > 1G Multigigabit Switch Multigigabit Capable AP Is a game-changing technology allowing enterprise networks to evolve beyond 1G Enables 2.5 and 5 Gbps up to 100m on legacy cables Supports all PoE standards up to 60W Cisco Multigigabit with
- 40. 10G SFP+1G SFP 1/10G 1RU Aggregation Catalyst 4500-X • Fixed 10G Aggregation • 16p & 32p Base Units • 8 port 10G Network Module • Front-to-Back and Back-to-Front Fans and Power Supplies 1G 1RU Aggregation Catalyst 3850 1G Fiber • Fixed 1G Aggregation • Stackable • 12p and 24p SKU • 10G Network Module Catalyst 6880-X • Fixed Supervisor with 16 10G ports • Up to 4 x 16 port 10G Network Modules for 80 10G ports • Best-in-Class Core Feature-set • BGP, MPLS, VSS, Instant Access 1/10G 1RU Aggregation Catalyst 3850 10G Fiber • Fixed 10G Aggregation • 12p, 24p & 48p SKU • Stackable (12p/24p) • 10G & 40G Network Module 1/10G 5RU Core Catalyst 6840-X • Fixed 10G Core & Agg • 16p & 32p 10G SKU • 24p & 40p 10/40G SKU • Front-to-Back Fans and Power Supplies • Best-in-Class Core Feature-set • BGP, MPLS, VSS, Instant Access 1/10G 2RU Core & Agg. Catalyst Fixed Backbone PortfolioScale/Features NEW
- 41. Catalyst 3850 10G SFP+ Switches WS-C3850-24XS WS-C3850-12XS WS-C3850-48XS
- 42. Cisco Stackwise Virtual L2/L3Dist-1 Dist-2VSLSW-1 SW-2 Phase 1 - Aggregation Unified Control and Management plane Simplified L2/L3 network designs Inherits all proven VSS architectural benefits High-performance 10G Aggregation block Non-oversubscribe : o 96 x 10G Ports o 8 x 40G Ports Fully Distributed Forwarding Non-stop business communication with Cisco NSF/SSO Proven 1+1 HA architecture Next-gen In-service Software upgrade ready Etherchannel – up to 4p (8p future) Flexible design on all next-gen UADP based systems Elastic topology design – Hub/spoke, Ring, Chain Simplification across multiple network layers Based on next-gen OS – IOS XE Denali Rich IOS feature sets – L2/L3, Routing, Multicast, QoS, etc. ACTIVE HOT-STANDBY SW-1 WS-C3850-48XS | 96 x 10 Gigabit Ethernet | 8 x 40 Gigabit Ethernet Simple Scale Resilient Flexible Advance Distributed stacking will support 16.1 feature parity during FCS. Please check release notes for compete details.
- 43. Cisco Vision and Strategy Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 44. Use best-practices, policy- based provisioning across the network Look at the entire wired, wireless and WAN network that is managed as a single entity Quickly enable services by using open APIs across a services ecosystem Fabric Key Benefits Ensure Policy Compliance Find Any User or Device with a Network Search Launch Secure Services Faster Secure, Policy-based Segmentation & Automation Complete Network Control & Assurance Fast Easy Service Enablement Assure performance of mission-critical applications
- 45. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public A Fabric is an Overlay An “Overlay” is a logical topology used to virtually connect devices, built on top of an arbitrary physical “Underlay” topology. An “Overlay” network often uses alternate forwarding attributes to provide additional services, not provided by the “Underlay”. • GRE or mGRE • MPLS or VPLS • IPSec or DMVPN • CAPWAP • LISP • OTV • DFA • ACI Examples of Network Overlays What Exactly is a Fabric? BRKCRS-2700 46
- 46. Controller-based Management Fabric Orchestration and Visibility Single User Interface for Fabric Management Cisco Fabric Vision Underlay, Overlay, and Controller APIC- EM Programmable Overlay Connects Users and Devices to each other, w/ policy control Standards-based control plane (LISP) Standards-based data plane (VXLAN) Prescriptive Underlay Connects the network elements to each other Automated, standardized deployment and operation Leverages existing network topologies (not restricted to spine/leaf) Cisco Internal Use Only – Do Not Distribute Externally without NDA
- 47. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public Summary Benefits of Fabric Deployment in Networks Collabora on Security Endpoints APIC EM Branch Business Agility Automated Enterprise Consistent Policy Investment Protec on Integrated Mobility Analy cs 48
- 48. Cisco Vision and Strategy Digital Transformation Digital Network Architecture – Overview and Components DNA in Action – Programmable Hardware Catalyst platforms DNA in Action – Network Fabrics Summary Agenda
- 49. Automation Abstraction & Policy Control from Core to Edge Open & Programmable | Standards-Based Open APIs | Developers Environment Cloud Service Management Policy | Orchestration Virtualization Physical & Virtual Infrastructure | App Hosting Analytics Network Data, Contextual Insights Network-enabled Applications Cloud-enabled | Software-delivered New! Enterprise NFV Branch Service Virtualization Controlled Availability, March 2016 New! New! Available on DNA-Ready Infrastructure through Cisco ONE Software APIC-EM Automation Platform Completely New Platform Available Now Base Automation: Plug and Play Available Now Cloud version Controlled Availability, May 2016 Policy Services: IWAN App & EasyQoS Available Now | March 2016, respectively CMX Cloud Presence Analytics and Connect Available Now in US, April 2016 for ROW Available Now / Soon – Cisco DNA Innovations
- 50. Base Automation Immediate value to existing network Policy Services Active control for critical use cases: Network, Collaboration Advanced Security Network as a Sensor and Enforcer Complete Software Control End-to-end policy- based automation Digital Services Support lines of business: analytics, IoT Cisco ONE Foundation Cisco ONE Adv. Applications Cisco ONE ELA Cisco DNA – The Journey Starts Now