16.1 release - Cisco
Transcript of 16.1 release - Cisco
16.1 release
Technical Capabilities
Distributed
Database
Maximizes Scale,
Separation of state
Information from process
Object/Eve
nt Tracing
Easier Troubleshooting &
Debugging
Application
Platform
Deploy Containers, Run
on X86,
Developer/Operator
Views
Selective
Sensors
Pervasive Security
Across the Network
Control &
Data Plane
Separation
Enables Scale & Best of
Breed Deployment
Polaris Architecture
Object/Event Tracing
Conditional
Debugging based on
IP or MAC generates
a UUID
Filtering Logs with
UUID reveals only
relevant debug
messages
Polaris#debug platform condition ?both Simultaneous ingress and egress debugegress Egress only debugfeature For a specific featureingress Ingress only debuginterface Set interface for conditional debugipv4 Debug IPv4 conditionsipv6 Debug IPv6 conditionsmac Debug MAC conditionsmpls Debug MPLS conditionsstart Start conditional debugstop Stop conditional debug
Polaris#debug platform condition
Application PlatformConfiguration
Management
Network
Monitoring
Network
Analytics
Kernel Support for Multiple Containers
exist in Polaris Phase-I
Depending on the Platform Capabilities,
Apps can run in Containers
netconf/restconf/yang/rest-api Interfaces
Life Cycle ManagementIOSIOS
OS/LinuxOS/Linux
IOSIOS
NW DevicesNW Devices
OS/LinuxOS/Linux
NW DevicesNW Devices
ContainerContainer
Cisco Signed apps “Open Packages”
Cisco + 3rd-party packages
AVC will be available
for
Wired & Wireless
Different Levels
of Application
Recognition
Application Recognition Techniques
Pre Defined Apps
on
DNS-AS Server
Jabber, Lync,
Cisco Telepresence, etc.
DNS-AS &
Server
Based
Signaling
1500 Apps – initial
few packets
NBAR2 with
Socket
Caching
(Performance
Optimized)
Full NBAR2
with
DPI
1500 Apps
Leveraging the
work from Routing
Platforms
Mostly on Routers,
Deep Packet
Inspection
12
• DNS is pervasively used - why not have those servers provide App Metadata?
• Use the TXT record of DNS servers for police metadata and then let router or switches snoop client DNS request and request an Authoritative Answer from the DNS server
Using DNS as an Authoritative Source (DNS-AS)
BR
DNS Server
AVC Framework & CLI
AVC Technique can vary
from platform to platform,
depending on the system
capabilities. However,
Framework and CLI
remains the same
What do we have in Polaris Phase 1 (16.1)?
Sub Package Upgrade
for WCM
WebUI
Day0, Day1Faster Device Onboarding
Radioactive Tracing for
Wired & WirelessSmart Licensing
Targeted for 16.2
MACSEC
CISP/NEAT
SGT over FNF
Feature Parity with 3.7*
Targeted for 16.3
CTS Dot1X
Critical Auth
Deprectated
Medianet
Flexlink
Traces
Path
Quickly
Administrator Cisco SupportLicense Service
Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved.