Next wave of data center innovation
Application Centric Infrastructure
Jarut N. ([email protected])
DC Product Sales Specialist
Strategic Role of
the Network in the
App Economy
“…78%
Network is even more critical to delivering
applications than a year ago.”
Cisco Global IT Impact Survey
Data Center Network: Trends and Challenges
25% CAGR—Big Data1
“Can you look
into my application
Performance ..NOW?”
75% Bare Metal2
“..I need to move
workloads to the
cloud…NOW!.”
1 Cisco Global Cloud Index
*2 IDC Worldwide Virtual Machine 2013-2017 Forecast
*3 InformationWeek 2013 Virtualization Management Survey
45% Multi-Hypervisor3
“…I need to roll
out new security
policies NOW…”
Introducing: Application Centric Infrastructure
Applications - Infrastructure
Physical - Virtual
Open - Secure
Policy: Operational Simplicity with Investment Protection
Programmable DC Networking for The Next Decade
Shipping
Now!
Performance, Scale: Fastest 40G Platform
Nexus 9000
1/10/40/100G*
1011
0010
Open Source / APIs / Standards
Python, Power Shell, Puppet, Chef …
15% Better Power and Cooling
2.8X Better Reliability
Standalone / ACI Ready
*100G Ready
$ Multi-million Savings 40/100G on Existing Cables
Application Centric Infrastructure Vision
Rapid Deployment of Applications onto
Networks with Scale, Security and Full Visibility
NEXUS 9500 AND 9300
APPLICATION CENTRIC
POLICY
ACI
CONTROLLER
Application Policy Infrastructure Controller
Embracing SDN and Going Beyond
Available
this
Quarter!
POLICY: Centralized Application-Level Policy
Centralized Point of
Management
VISIBILITY: System-Wide Visibility, Telemetry, Health
OPENESS: Open Source / APIs / Standards
SECURE: Security and Performance @ Scale
EXTENSIBLE: Hypervisors, L4-7, Storage, Compute
Applications and The Network
Application
Requirements
Map existing
Networks into
Groups
WEB
APP
WAN
LB to App
Connect to App
Firewall
Connect to DB
High Priority
WEB
APP
VLAN 100
Map
Application
and Service
Chains
F/W
ADC
DB
QOS
WEB
WEB
WEB
DB
ACLs
Layer 3
WEB
DB
APP
ADC
APP
APP
APP
DIRECTLY MAP TO ACI NETWORK PROFILES
DB
DB
DB
Operational Simplicity — Physical, Virtual and Cloud
TENANT
APPLICATION
Health
Score
Health
Score
Systems
Telemetry
Latency
0
Packets
dropped
25
0 0 0 7
Packets
dropped
0 0 0 6
Isolation
Systems
Telemetry
Latency
Isolation
APP
APP VISIBILITY
MOBILITY
INFRASTRUCTURE DESIGN EFFORT
Performance
Security
Availability
Scale
IT Organization
Compute
Team
Application
Team
Storage
Team
Web
App Tier
Physical,
Virtual Servers
Firewall
Web Security
Appliance
Application
Delivery
Controller
SWITCH
VLAN
IP
QoS
ACLs
ADC
Services
Rules
Network
Team
Web
cache
VIRTUALIZED
SERVICES
VLAN
IP
QoS
ACLs
Security
Team
DB Tier
Physical, Virtual Servers
Storage
Physical
Servers
Firewall
Firewall
Intrusion
Detection
Intrusion
Detection
Application
Delivery
Controller
Application
Delivery
Controller
Storage
Firewall
Firewall
FIREWALL
Security
Policy
VIRTUALIZED
SERVICES
VLAN
IP
QoS
ACLs
FIREWALL
Security
Policy
VIRTUALIZED
SERVICES
VLAN
IP
QoS
ACLs
WHAT IF ENTIRE PROCESS WERE AUTOMATED
Application
Model
Demands
and Resources
Infrastructure
Design
Performance
Security
Availability
Scale
Single Transaction
Applications Changes Move to Production in One-Step
Provisioning
ANY APPLICATION ANYWHERE – PHYSICAL AND VIRTUAL
SLA
QoS
Security
Avail.
Balancing
F/W
ADC
WEB
APIC
ADC
APP
APPLICATION
NETWORK PROFILE
API
NETWORK LEAFS (9396)
INTEGRATION
VIRTUAL NETWORK ACCESS
Cisco UCS
Cisco UCS
Cisco UCS
Cisco UCS
DB
Open: Choice and Investment Protection
OPERATIONAL MODELS
APPLICATION
RICH ECOSYSTEM
1. Scripting/Languages
Hypervisors
RESTful APIs, Python etc.
SECURITY
NETWORK
L4-L7 Services
2. IT Automation
Management
Automate
3. OpenSource
OpFlex
4. Integrated ACI Approach
CLOUD
Security
Storage
Operational Choice—Service Provider, Enterprise, Commercial
EPGs & ACI bring true network abstraction, as needed
Traditional Network Model
VLAN 100
10.10.10/24
VLAN 200
10.10.20/24
Apps Coupled
to Location
Visibility At Network or
VLAN Level
Application Centric Infrastructure
Apps Decoupled
from Location
App 1
10.10.10/24
EPG 200
Visibility At App or Group
Level
10.10.20/24
EPG 100
VLAN 300
10.10.30/24
VLAN 400
10.10.40/24
ACL-based Policy Per
Interface
Policy Between Groups
No Address Independence
or Policy Mobility
Complete Address
Independence & Policy
Mobility
EPG 100 App 2
EPG 200
EPG 300
10.10.30/24
EPG 400
10.10.40/24
\SAP landscape + HANA & ACI Application Network Profiles
EPG BOBJ
BOBJ
BOBJ
BOBJ
BOBJ
EPG BW
BW
EPG ERP
BW
ERP
EPG HANA
Existing
Database
HANA
HANA
HANA
HANA
ERP
VIDEO – ACI Demo
ACI + IOT
Application-Centric Networks
What is an Application as seen by the network?
 More than just a VM or Server
 It’s the End Points of the Application
+
 The Application’s L2 – L7 Network Policies
+
 The Relationship between these End Points and their Policies
Application Network Profile
Web Tier
End Points
External
Network
App Tier
End Points
DB Tier
End Points
QoS
QoS
QoS
Service
Service
Service
application-centric network policy
Filter
Filter
Filter