Cisco Blogs


Cisco Blog > Data Center

Composable Infrastructure Part 6: Understanding Infrastructure Options

Pathway OptionsThe IT industry is in a significant period of transition, and the infrastructure landscape has changed a great deal. There are many options today, and the number of options will grow over the next two years. Having more options can more lead to complexity and potential limitation.  As you assess your options you need more information and context, so you can make the right choices and avoid problems down the road.

Software defined infrastructure (SDI) has made it possible to create these new categories of products.  In addition to traditional rack and blade servers and SAN storage, there is converged infrastructure, hyper-converge infrastructure and now composable infrastructure. As you evaluate these new infrastructure options, one of the most important considerations is choosing the right management software to support these products.  You don’t want to add to complexity by creating islands of infrastructure that need to be managed separately.

Read More »

Tags: , ,

Microsegmentation with Cisco ACI

Modern data centers are under unrelenting attack. East-west traffic security breaches are happening every day. According to Cisco, 75 percent of all attacks take only minutes to begin stealing data but take longer to detect.   Once discovered, several weeks may pass before full containment and remediation are achieved. Today’s data centers require a variety of “tools” to deal with sophisticated attack vectors. Network segmentation is a proven tool deployed in data centers.

While the broad constructs of segmentation are relevant, today’s application and security requirements mandate increasingly granular methods that are more secure and operationally simpler. This has led to the evolution of “microsegmentation” to address the following:

  • Programmatically define segments on an increasingly granular basis allowing greater flexibility using attributes
  • Automatically program segment and policy management across the entire application lifecycle (deployment to de-commissioning)
  • Quarantine compromised endpoints and limit lateral propagation of threats
  • Enhance security and scale by enabling a Zero-Trust approach for physical, virtual and container workloads.

Cisco’s Application Centric Infrastructure (ACI) takes a very elegant approach to microsegmentation with policy definition separating segments from the broadcast domain.

Figure 1useg image

Read More »

Tags: ,

Part 2: Ten Learnings and Observations from the 2015 London Gartner Data Center Conference

Last week I attended the 2015 London Gartner Data Center conference.

Shadow IT - Addressing the Challenges with the Cisco Cloud Consumption Services

Shadow IT – Addressing the Challenges with the Cisco Cloud Consumption Services

In my first blog (part 1) on this event,  I covered some of my main learnings and observations, #1 .. #5:

  • Bi-modal IT,
  • Anti-fragility,
  • Shadow IT (and how Cisco Cloud Consumption Services can help you here, SDN, and
  • Software asset management,

Let’s now go on and discuss #6 … #10 … on topics from buzzwords, to SDx, and on to Scotch Whisky! Read More »

Tags: , , , , , , , , , , ,

ACI Applications Spotlight: Microsegmentation and New Application Partners

At Gartner’s Data Center Conference this year, everyone is talking about how Data Centers are evolving to meet the needs of mobile, social, Big Data, and cloud native applications. The Data Center, People, and Processes are the focus as IT organizations look at supporting their traditional core enterprise applications (Mode 1) and new cloud native (Mode 2) applications to become Digital Enterprises.  The organization transformation most often mentioned has been the integration of Development and Operations – creating DevOps processes, culture, and teams.

Applications, cloud, and security management stacks and architectures must evolve as well to support the needs of these distributed applications in distributed data centers.

Microsegmentation

To support cloud native and multi-tier applications, Cisco ACI takes an elegant approach to provide fine grained security with microsegmentation which uses policy-based automation for  enhanced security for east-west traffic within the data center. Its true value lies in its integration with application design and holistic network policy, and it interoperates transparently with a wide variety of hypervisor switches (VMware vSphere Distributed Switch (VDS), Microsoft Hyper-V virtual switch), bare-metal servers, L4-L7 devices, and orchestration platforms. Microsegmentation provides internal control of traffic within the data center and can greatly enhance a data center’s security posture. Cisco ACI is the only solution available today that enables true microsegmentation with the performance, scalability, and visibility that modern applications demand.

Application Leaders Embrace ACI

New ACI Ecosystem partners using the northbound open APIs of the Application Policy Infrastructure Controller in ACI allow the automation of entire application suites, Software-as-a-Service, and Platform-as-a-Service for application development teams creating applications to engage with their enterprise’s customers in new and valuable ways. These partners integrate or monitor applications, cloud management platforms, security and application policy across compute, network, and storage infrastructure for distributed applications.  Hear from some of these leaders directly in the video here.

app leaders embrace ACI Read More »

Tags: , ,

UCS M-Series and Citrix XenApp Bare Metal Deployments

If you are one of the 330,000 organizations using Citrix XenApp (or if you are considering it) you need to consider Cisco’s UCS M-Series modular servers.

What are M-Series modular servers? M-Series servers are composable infrastructure that disaggregates storage and networking from the CPU/memory complex allowing workloads to be optimally matched to resources. An ideal workload for the M142 compute cartridge is Citrix XenApp. The M142 cartridge has two Intel Xeon E3 servers meaning a single 2RU M4308 chassis has 16 servers!

Cisco recently published a CVD (Cisco Validated Design) for Citrix XenApp 7.6 on M-Series. A CVD is a tested, documented, reference architecture to provide a cookbook for customers. This allows customers faster, reliable, and predictable deployments.

Cisco UCS M-Series with Citrix XenApp 7.6 Physical Server Deployment features the Intel Xeon E3-1275L v3 processors with 32GB per server. Amazingly this modest processor / memory combination supports 60 remote desktop session users or 960 users in 2RU!

Read More »

Tags: , , ,