Next wave of data center innovation Application Centric Infrastructure Jarut N. (jnakaram@cisco.com)

DC Product Sales Specialist

“…78%

Strategic Role of the Network in the App Economy

Network is even more critical to delivering

applications than a year ago.” Cisco Global IT Impact Survey

Data Center Network: Trends and Challenges

“Can you look

into my application

Performance ..NOW?”

“..I need to move workloads to the cloud…NOW!.”

“…I need to roll out new security policies NOW…”

45% Multi-Hypervisor3 75% Bare Metal2 25% CAGR—Big Data1

1 Cisco Global Cloud Index

*2 IDC Worldwide Virtual Machine 2013-2017 Forecast

*3 InformationWeek 2013 Virtualization Management Survey

Policy: Operational Simplicity with Investment Protection

Applications - Infrastructure Physical - Virtual Open - Secure

Introducing: Application Centric Infrastructure

Shipping

Now!

Nexus 9000 1/10/40/100G*

Performance, Scale: Fastest 40G Platform

$ Multi-million Savings 40/100G on Existing Cables

2.8X Better Reliability

15% Better Power and Cooling

Open Source / APIs / Standards

Python, Power Shell, Puppet, Chef … 1011 0010

Programmable DC Networking for The Next Decade

*100G Ready

Standalone / ACI Ready

Application Centric Infrastructure Vision

Rapid Deployment of Applications onto

Networks with Scale, Security and Full Visibility

ACI

APPLICATION CENTRIC

POLICY CONTROLLER NEXUS 9500 AND 9300

Application Policy Infrastructure Controller Embracing SDN and Going Beyond

POLICY: Centralized Application-Level Policy

SECURE: Security and Performance @ Scale

VISIBILITY: System-Wide Visibility, Telemetry, Health

OPENESS: Open Source / APIs / Standards

EXTENSIBLE: Hypervisors, L4-7, Storage, Compute

Centralized Point of Management

Available

this

Quarter!

Applications and The Network

Application

Requirements

WAN

Firewall

LB to App

Connect to DB

Connect to App

High Priority

WEB APP DB

Map existing Networks into Groups

WEB APP DB

VLAN 100 QOS ACLs Layer 3

DIRECTLY MAP TO ACI NETWORK PROFILES

Map Application and Service Chains

WEB APP DB F/W

ADC ADC

APP APP APP WEB WEB WEB DB DB DB

APP MOBILITY APP VISIBILITY

Operational Simplicity — Physical, Virtual and Cloud

TENANT APPLICATION

Latency

Isolation

Systems

Telemetry 0 Packets

dropped

Health

Score

Latency

Health

Score

Isolation

Systems

Telemetry 25 Packets dropped

0 0 0 7 0 0 0 6

DB Tier Web App Tier

Performance Security Availability Scale

Physical

Servers

Physical,

Virtual Servers

Physical, Virtual Servers

Firewall

Firewall

Application Delivery Controller

Intrusion Detection

Application Delivery Controller

Firewall

Web Security Appliance

Firewall

Firewall

Application Delivery Controller

Intrusion Detection

Storage

Web

cache Storage

IT Organization

Compute

Team

Network

Team

Security

Team

Storage

Team

Application

Team

VIRTUALIZED

SERVICES

VLAN

IP

QoS

ACLs

ADC

Services

Rules

SWITCH

VLAN

IP

QoS

ACLs

FIREWALL

Security

Policy

VIRTUALIZED

SERVICES

VLAN

IP

QoS

ACLs

FIREWALL

Security

Policy

VIRTUALIZED

SERVICES

VLAN

IP

QoS

ACLs

INFRASTRUCTURE DESIGN EFFORT

Compute

Team

Network

Team

Security

Team

Storage

Team

Provisioning

WHAT IF ENTIRE PROCESS WERE AUTOMATED

Application

Model

Demands

and Resources

Infrastructure

Design

Applications Changes Move to Production in One-Step

Performance

Security

Availability

Scale

Single Transaction

VIRTUAL NETWORK ACCESS

NETWORK LEAFS (9396)

ANY APPLICATION ANYWHERE – PHYSICAL AND VIRTUAL

Cisco UCS Cisco UCS Cisco UCS Cisco UCS

ADC APP DB F/W

ADC WEB

SLA

QoS

Security

Avail.

Balancing APPLICATION

NETWORK PROFILE

API

INTEGRATION

APIC

WAN

Firewall

LB to EPG 2

Connect to EPG 3

Connect to EPG

2

High Priority

EPG1 EPG2 EPG3

OPERATIONAL MODELS

RESTful APIs, Python etc.

OpFlex

1. Scripting/Languages

2. IT Automation

3. OpenSource

4. Integrated ACI Approach

Open: Choice and Investment Protection

RICH ECOSYSTEM

Hypervisors

L4-L7 Services

Management

Security

Storage

Operational Choice—Service Provider, Enterprise, Commercial

CLOUD

SECURITY NETWORK

APPLICATION

Automate

EPG 100 EPG 200

App 1 App 2

10.10.40/24

10.10.30/24

10.10.20/24

10.10.10/24

VLAN 400

10.10.40/24

VLAN 300

10.10.30/24

VLAN 200

10.10.20/24

VLAN 100

10.10.10/24

Apps Coupled

to Location

ACL-based Policy Per

Interface

Visibility At Network or

VLAN Level

No Address Independence

or Policy Mobility

Apps Decoupled

from Location

Visibility At App or Group

Level

Policy Between Groups

Complete Address

Independence & Policy

Mobility

Traditional Network Model Application Centric Infrastructure

EPG 100

EPG 200

EPG 300

EPG 400

EPGs & ACI bring true network abstraction, as needed

EPG HANA

HANA HANA

HANA HANA

EPG BOBJ

BOBJ BOBJ

BOBJ BOBJ

EPG ERP

ERP ERP

EPG BW

BW BW

Existing

Database

\SAP landscape + HANA & ACI Application Network Profiles

VIDEO – ACI Demo

ACI + IOT

Application-Centric Networks What is an Application as seen by the network?

External

Network

App Tier

End Points

DB Tier

End Points

Web Tier

End Points QoS

Service

Filter

QoS

Service

Filter

QoS

Service

Filter

More than just a VM or Server

It’s the End Points of the Application

+

The Application’s L2 – L7 Network Policies

+

The Relationship between these End Points and their Policies

Application Network Profile application-centric network policy