Introducing Cisco Prime Network Services Controller 3.2

The Cisco Prime Network Services Controller team is pleased to announce the availability of 3.2 release. This release incorporates a number of new features and functionalities to build virtual data centers (VDCs) with various network topologies. Follow this link to download the software and documentation.

Designed for multi-tenant cloud deployments, Cisco Prime Network Services Controller offers scalable, and automation-centric management for virtualized data center and cloud environments.  The Cisco Prime Network Services Controller is a virtual appliance that provides centralized device and policy management of virtual networking services. It provides a unified northbound API (XML payload over HTTPS) to allow the creation of dynamic data center that includes switching, routing, fire-walling and load-balancing functions.

Cisco Prime Network Services Controller is built on an information-model architecture in which each managed device is represented by its subcomponents (or objects), which are parametrically defined. It also uses Services profiles for model-based configuration of virtual devices policies. A service profile is a collection of device policies and configuration templates that can be predefined and applied on demand at the time of virtual appliance instantiation or later. Cisco Prime Network Services Controller enables

• Flexible and simple mechanism to managing virtualized infrastructure using Cisco VSG, Cisco ASA 1000V, Cisco CSR 1000V virtual services as well as Citrix’s NetScaler virtual load balancers (NetScaler VPX and NetScaler 1000V)
• Cisco InterCloud for virtual machine (VM) workload management and migration between the enterprise data center (private cloud) and public clouds
• Cisco VSG, Cisco ASA 1000V, Cisco CSR 1000V, NetScaler VPX and NetScaler 1000V services in Dynamic Fabric Automation (DFA) solution

Let’s take a look at some of the key Cisco Prime Network Services Controller 3.2 features:

Multi-hypervisor support

The Cisco Prime Network Services Controller platform can support multiple virtual machine managers through their APIs and support multiple hypervisor types: Microsoft Hyper-V and VMware vSphere.

In a VMware vSphere environment, Cisco Prime Network Services Controller integrates with VMware vCenter and supports the following services:

• Compute Firewall (Cisco VSG)
• Edge Firewall (Cisco ASA 1000V)
• Edge Router (Cisco CSR 1000V)
• and Load Balancer (Citrix NetScaler VPX / NetScaler 1000V)

In a Microsoft Hyper-V environment, Cisco Prime Network Services Controller integrates with Microsoft SCVMM and supports Compute Firewall using Cisco VSG. In both vSphere and Hyper-V environments, compute firewall rules can be defined using virtual machine context e.g. VM Name, Port Profile Name etc.

Virtual Switching

Prime Network Services Controller manages multiple Nexus 1000V Distributed Virtual Switches (DVS) and allows to instantiate, track and manage the lifecycle of a layer-2 segment (port-profile) on the Nexus 1000V, based on VLAN or VXLAN (Bridge Domain) as shown below. 

 

Service chaining and binding

Prime Network Services Controller allows provisioning of Nexus 1000V vPath based virtual services chaining (Service Path) and binding on the Nexus 1000V port-profile as shown below.

As indicated below, Compute Firewall (VSG), Edge Firewall (ASA 1000V) and Load Balancer (NetScaler 1000V) services can be chained in this release.

Virtual Network Services Instantiation

Cisco Prime Network Services Controller supports virtual network services instantiation from a managed image. In order to instantiate the network service, we first need to import the service image.

A compute firewall (VSG), an edge firewall (ASA 1000V), an edge router (CSR 1000V), and a load balancer (NetScaler VPX or NetScaler 1000V) can be instantiated for a tenant using Cisco Prime Network Services Controller GUI as well as northbound API. In order to meet the tenant scale needs, multiple instances of these virtual devices can be instantiated on demand.

For example, a virtual edge router (CSR 1000V) brought up out of band can be assigned to a tenant or can be instantiated using the Prime Network Services Controller GUI wizard as shown below.

 

Policy driven framework

Cisco Prime Network Services Controller provides a multi-tenant policy-driven framework with configuration models for load balancing, routing, fire-walling and switching (including services stitching).

Cisco InterCloud

Cisco InterCloud is a solution for extending enterprise data centers into a public cloud environment. It is used to extend layer 2 network to the public cloud securely and to migrate/deploy virtual machines from Enterprise/private cloud to public cloud. Cisco Prime Network Services Controller instantiates InterCloud Extender in private cloud and InterCloud Switch in public cloud and provisions a secure tunnel between them to extend layer 2 network from enterprise to public cloud.

Once the tunnel is deployed and operational, Prime Network Services Controller allows to instantiate workloads in public cloud or migrate workloads from enterprise to public cloud. Prime Network Services Controller provides a centralized GUI for controlling workloads deployed in enterprise/private cloud and public cloud.

Northbound API

Every part and function of the Prime Network Services Controller GUI is driven through a robust northbound API. Using this northbound API, Cisco Prime Network Services Controller integrates with our cloud management solution, Cisco Intelligent Automation for Cloud (IAC), as well as with Cisco UCS Director for infrastructure management. It can also be integrated with third-party systems like CloudStack and other cloud management tools. Through integration with Cisco Prime Network Services Controller, Cisco Intelligent Automation for Cloud (IAC) 4.0 provides out-of-the-box templates to automate the deployment of virtual network services (including load balancers, firewalls and routers) adhering to Cisco’s Virtualized Services Architecture (VSA).

Services integration in Dynamic Fabric Automation (DFA)

Cisco Dynamic Fabric Automation (DFA) is a set of innovations under Cisco Unified Fabric that delivers fabric optimization, management, and automation capabilities. Cisco DFA brings a superior level of integration that allows IT administrators to simplify operation and bring up new services quickly with end-to-end fabric visibility, which results in increased agility and lower operating costs.

Cisco Prime Network Services Controller is a critical component of Cisco DFA solution for tenant network services orchestration. It interoperates with Cisco Data Center Network Manager (DCNM) to allow network services in DFA providing ability to dynamically create virtual data centers for cloud providers. Prime Network Services Controller supports Compute Firewall (Cisco VSG), Edge Firewall (Cisco ASA 1000V), Edge Router (Cisco CSR 1000V), and Load Balancer (Citrix NetScaler VPX and NetScaler 1000V) services in the DFA solution. In DFA solution, multiple Prime Network Services Controller instances can interoperate with a single instance of DCNM to meet the required scale needs.

In summary, this blog provided a high level overview of the features introduced in Cisco Prime Network Services Controller 3.2. For more in-depth information, please check out the product page. You can also follow Unified Management at @CiscoUM or me at @RangaCM for up to date information on Cisco Prime Network Services Controller.