Cisco Blogs

Cisco Blog > Data Center

Thinking Bigger! Cisco + IBM – Collaboration of giants brings industry-leading solution for big data analytics

In December 2014, we announced VersaStack, an integrated infrastructure reference solution for enterprise applications that combines technologies from Cisco and IBM. Further extending this partnership, today we are announcing support for IBM BigInsights for Apache Hadoop on our Cisco UCS Integrated infrastructure for Big Data – an industry-leading platform widely adapted for enterprise big data application deployments. The joint solution encompasses disruptive innovations in Cisco UCS and the robust and industry-compatible Apache Hadoop distribution from IBM. This solution can be installed as a standalone Hadoop cluster with powerful analytical tools or can be integrated into existing VersaStack deployments that will benefit from a common fabric and unified management capabilities to deliver the deepest possible insight into your data to help you gain a sustainable competitive advantage.

We are also announcing the availability of Cisco Validated Design (CVD) that provides step by step design guidelines comprehensively tested and documented to help ensure faster, more reliable and predictable deployments at lower total cost of ownership.


  • Combines innovations from Cisco UCS such as programable infrastructure with best of open source software with enterprise-grade capabilities in IBM BigInsights for Apache Hadoop
  • Designed and optimized for common use cases, pre-tested, pre-validated and fully documented by Cisco and IBM engineers to ensure dependable deployments that can scale from small to very large as workload demands
  • Provides enterprises with extensive platform management and data visualization capabilities and integration of  big data with other information solutions to help enhance data manipulation and management tasks
  • Brings the power of SQL to Hadoop at the performance and scale ever than before accelerating data science and analytics leveraging SQL – arguably the most beautiful programming language – and integration with business applications to access data stored in HDFS and HBase with JDBC and ODBC
  • Deep technical expertise, global resources, and world-class support and services from Cisco, IBM and partners

This solution is built on Cisco UCS infrastructure using Cisco UCS 6200 Series Fabric Interconnects and Cisco UCS C-Series Rack Servers optimized for IBM BigInsights for Apache Hadoop with scalability to thousands of nodes with Cisco Nexus 9000 Series Switches:

IBM BigInsightsonUCS

For more information, please visit:


Follow me on Twitter: for real time updates.

Tags: , , , , , ,

Cisco ACI – A Hardened Secure Platform With Native, Built-in Security

This blog has been developed in association with  Javed Asghar, Insieme Business Unit

The Cisco ACI Platform consists of the Cisco APIC controller and Nexus 9000 series switches connected in a spine/leaf topology in a CLOS architecture configuration. All management interfaces (REST API, web GUI and CLI) are authenticated in ACI using AAA services (LDAP, AD, RADIUS, TACACS+) and RBAC policies which maps users to roles and domain.
The ACI fabric is inherently secure because it uses a zero trust model and relies on many layers of security: Here are the highlights:

  • All devices attached to the ACI fabric use a HW-based secure keystore:
    – All certificates are unique, digitally signed and encrypted at manufacturing time
    – The Cisco APIC controllers use Trusted Platform Module (TPM) HW crypto modules
    – The Cisco Nexus 9000 series switches use Trust Anchor Module (TAM) to store digitally signed certificates
  • During ACI fabric bring-up or while adding a new device to an existing ACI fabric, all devices are authenticated based on their digitally signed certificates and identity information.
  • Downloading and image bootup:
    – All fabric switch images are digitally signed using RSA-2048 bit private keys
    – When the image is loaded onto an ACI fabric device, the signed image must always be verified for its authenticity using hardware rooted Cisco Secure Boot
    – Once the verification is complete “only then” the image can be loaded onto the device
  • The ACI fabric system architecture completely isolates management vlan, infrastructure vlan and all tenant data-plane traffic from each other. (The Cisco APIC communicates in the infrastructure VLAN (in-band))
  • The infrastructure VLAN traffic is fully isolated from all tenant (data-plane) traffic and management vlan traffic.
  • All messaging on infrastructure vlan used for bring-up, image management, configuration, monitoring and operation are encrypted using TLS 1.2.
  • After a device is fully authenticated, the network admin inspects and approves the device into the ACI fabric.

These are various layers of security built into ACI’s architecture to prevent rogue/tampered device access into the ACI fabric.

Please stay tuned for a blog posting by Praveen Jain (ACI Engineering VP) which will cover the APIC and Fabric security is more detail in coming weeks

Praveen Jain’s recent blogs:
New Innovations for L4-7 Network Services Integration with Cisco’s ACI Approach

Micro-segmentation: Enhancing Security and Operational Simplicity with Cisco ACI

Network Security Considerations

Additional Information:
The Cisco Application Policy Infrastructure Controller 


Tags: , , , , ,

An Overview of Network Security Considerations for Cisco ACI Deployments

Security continues to be top of mind with our customers and frequently comes up with customers who are evaluating new architectures. I have been in the networking industry for over two decades involved in multi-billion dollar product lines like Catalyst 5K/6K, MDS-9000, Nexus-7K, UCS, and now with Application Centric Infrastructure (ACI). I don’t claim to be a security expert by any means, but have gained good insight into what’s important based on numerous conversations with customers over the years thereby allowing me to write about it with some degree of authority.

That said, security is a very broad topic and there are myriad products in the industry to deal with the various types of attacks that infrastructure and applications are exposed to today. For purposes of this blog, I will focus on the network security aspects and how they intersect with Cisco ACI.

Read More »

Tags: ,

Part 2: Why not Initiate a “Save to Invest” Program for your Data Center?

Two weeks ago, in my previous blog, I invited you to consider ways in which you could initiate a “Save to Invest” program for your data center. That is, how can you save money from your current data center spend, in order to re-invest it into currently un- or -under-funded areas of your data center. Thanks to those of you reading who made some comments on Part 1 – good points were raised!

Last time, I discussed my first 3 tips, as follows:

(1) Identify, Turn Off and Remove Idle Servers

(2) Identify Un-used Enterprise Software Applications: Reduce Your Software Costs

(3) Get Rid of Dead Weight – Execute a Server Refresh


Save Some Money for Your Data Center!

Save Some Money for Your Data Center!

Let’s now discuss two additional savings, which in fact can in many cases result in even larger financial savings:

(4) Optimize your Software Licensing, and

(5) Avoid un-budgeted spend – Critical if you have an Unlimited License Agreement (ULA)

Read More »

Tags: , , , , , , , , , , , , ,

Cisco and Platfora Delivering on the Promise of Enterprise Scale Analytics

Analytics will continue to take center stage as the volume of data generated by embedded systems increases and vast pools of structured and unstructured data within and outside the enterprise are analyzed.  — Gartner

Big Data will continue to be important, but it’s critical to first understand how businesses can quickly gather relevant insights from their big data. The value is in unlocking key takeaways from the data because these insights can be used for agile decision-making and faster time-to-market approaches. Discovering better business insights quickly requires the combination of software and hardware that is optimized for speed, scale, and flexibility. And that is exactly what you get when you combine Platfora and Cisco UCS.

When Platfora runs on Cisco UCS, business analysts can find these patterns in minutes or hours rather than months. For example, our joint customer was able to identify exactly what factors impacted their customer experience using the Platfora solution which was deployed in 1/10th the time and cost of traditional approaches.

Platfora enables users to analyze petabytes of data at scale and leverages the latest cutting-edge technologies such as Spark and YARN (MapReduce 2.0). The Platfora end-to-end platform replaces the need for ETL, Data Warehousing, and BI tools. And the combination of Platfora and UCS ensures that there are no performance, scalability, or TCO tradeoffs as we add new data discovery joint use cases. This joint solution is truly designed for enterprise-scale analytics.

Read More »

Tags: , , , , , , , ,