Cisco Blogs


Cisco Blog > Data Center and Cloud

Cisco UCS M4 Compute Platforms: Performance That Matters

Part of last week’s UCS Grand Slam launch event last week in NYC was the announcement of three new compute platforms – Cisco UCS C220 M4, C240 M4, and B200 M4.  Today, Intel announced the new Intel Xeon E5 v3 family of CPUs that will power these new UCS platforms.  Hopefully, this week, now that the confetti has settled from our brand new groundbreaking products like the M-Series with System Link Technology, UCS Mini with the new UCS 6324 Fabric Interconnect, and the capacity-optimized C3160 Rack Server, we can highlight some updates to our core compute platforms.

Its easy to get caught up in the new platforms, they are the new vehicles to bring the benefits of UCS to new markets and at a scale that was previously impractical.  But it’s important to remember that the UCS two-socket blade and rack servers were the original foundational platforms to bring the benefits of UCS to the datacenter.  In fact, the predecessor’s to these products propelled UCS to some amazing accomplishments.

Accomplishment

So, let’s pull back the covers a bit more on these very capable foundational compute platforms that make up many of the building blocks for the enterprise datacenter.

First, when we began to design the latest version of each product, we set out to follow a few simple rules.  Principle of these was to understand what makes them so popular and enhance those elements.’  For example, the B200 M3 is the best-selling server blade in the product line mainly due to its amazing versatility and uncompromised feature-set, all while maintaining a half-width form factor.  Well, the UCS B200 M4 Blade Server is more of the same and then some.  It still delivers uncompromised features like the highest speed, core count and TDP CPUs, maximum memory with 24 DIMM sockets and industry-leading I/O with support for both 2nd and 3rd generation Cisco Virtual Interface Cards (VIC) at up to 80Gb/s of bandwidth per blade.  And, all of that can be done simultaneously, no compromise.

UCS B200 M4 Blade Server

UCS B200 M4 Blade Server

That was easy enough to deliver, but in order to enhance this platform, we looked at the use cases that it served and found the flexibility was the next pivot point for the B200 M4.  The addition of Cisco Flexible Storage to the B200 M4 means that now, customers can truly scale the storage subsystem to match their needs.  Today many UCS customers take full advantage of the true stateless computing and do not use local storage on the blade.  For those use cases, it may be appropriate to have no local disk, no local RAID controller and even no local disk bays.  Why pay for, power and cool what you do not use?  For still other applications, not only is local storage critical, but high performance SSD with an equally-high performing RAID controller with flash-backed write cache is needed.   This is where the Flexible storage subsystem shines.  Either extreme, and the points in between are covers and no compromises made elsewhere.

Another tenet of our design philosophy was to focus innovation where the use cases could take advantage of it.  Take the UCS C240 M4 Rack Server for example, its M3 predecessor has found a home in many enterprise workloads, but it main differentiation is its optimization around local storage and I/O.  To that end, the C240 M4 has enhanced storage flexibility features that include a modular RAID Controller with optional Flash-backed write cache, options for up to 24 SFF or 12 LFF front-accessible hot plug HDD / SSD, two additional SFF internal boot drives, and even support for two 2.5” PCIe flash devices in the front drive bays.

UCS C220 M4 Rack Server

UCS C240 M4 Rack Server

The I/0 capabilities are also significantly improved with up to six PCIe slots that can house up to two NVidia Kepler GPUs.  We also added an mLOM. This slot that is optimized for VIC or 3rd party network cards add to the embedded GbE NIC ports without using one of the six PCIe slots.  The C240 M4 is the ideal platform for I/O and storage intensive enterprise bare metal and virtualized workloads.

The new UCS C220 M4 Rack Server shares a similar compute engine with the ability to also support up to 18 cores per socket and 1.5TB of memory, but it offers an optimization around density without compromising the enterprise performance and feature-set.  So you get the same enterprise class power and versatility in a compact footprint.

UCS C220 M4 Rack Server

UCS C220 M4 Rack Server

These new platforms have already begun leaving their mark with four new world record benchmarks that are targeted toward showing real benefit when deploying workloads that bring tangible value to our customers on platforms that customers demand.  This is how UCS Servers deliver performance that matters.

Look for more information on UCS innovation in this space in the future.

Scaling Application Security with ITD

Ready to scale your enterprise beyond limits?  How about slashing a whole layer of datacenter infrastructure, saving piles of cash in the process?  Or perhaps you’re interested in simplifying your enterprise while adding features, or trying to speed things up without spending money.  Sound too good to be true?  Well, thanks to a new technology from Cisco, you can have your cake and eat it, too.

Cisco Intelligent Traffic Director (ITD) is poised to disrupt data center load balancing. Combined with best-in-class products, such as Imperva SecureSphere, organizations can deploy and manage massively scalable applications securely with unprecedented ease and cost effectiveness.

What is ITD?

Cisco recently released a new feature, Intelligent Traffic Director (ITD) for the Nexus 7k switches that promises to be a disrupting force in the world of load balancing.  There has been an exponential growth in data traffic in the recent years leading to a growth in the deployment of network service appliances in enterprise, datacenter and cloud environments. To address the corresponding business needs, network switch and router architecture has evolved to support multi-terabit capacity. However, service appliance capacity remained limited to few gigabits, an order of magnitude far below switch capacity.

Cisco Intelligent Traffic Director (ITD) is an innovative solution that tries to bridge performance gap between the switch and service appliance(s). It allows customers to deploy service appliance(s) from any vendor with no network or topology changes. With a few simple configuration steps on a Cisco Nexus 7000 / 7700 series switch, customers can create a service appliance cluster and deploy multiple appliance(s) to scale service capacity with ease. The servers or appliance(s) do not have to be directly connected to the Nexus switch.

Application Security
Gartner published a paper called Web Application Firewalls are Worth the Investment for Enterprises in Feb, 2014 that makes the case that “Firewalls and intrusion prevention systems don’t provide sufficient protections for most public-facing websites or internal business-critical and custom Web applications.” Gartner advises enterprises to use a Web Application Firewall (WAF) to protect critical external and internal applications from attacks and threats.

Like other service appliances, a WAF appliance benefits from ITD’s ability to manage large scale traffic loads. Imperva SecureSphere WAF works with ITD, and the combination provides highly scalable application security.

I mention SecureSphere because Imperva was positioned as the only Leader in the Gartner 2014 Magic Quadrant for Web Application Firewalls. Some key capabilities of the SecureSphere WAF are:

  • Block attacks with laser precision
    Accuracy is critical with application security. If you have false positives, you block customers; if you have false negatives, you let the bad guys in.
  • World-renowned application security research
    Security is constantly evolving. To get ahead and stay ahead in the continuous fight against threats, Imperva has a dedicated security research team, the Application Defense Center (ADC), which provides regular signature and policy updates, and up-to-date threat intelligence for Imperva SecureSphere.
  • Shut down malicious sources and bots
    Imperva’s ThreatRadar Reputation Services help detect bad actors using IP reputation feeds of known malicious sources, anonymizing services, phishing URLs, TOR (“The Onion Router”), as well as IP geolocation data.
  • Stop application DDOS and business logic attacks
    Business logic attacks include things like posting comment spam in forums and message boards, scraping web content, and disabling access to your website. All of this can reduce competitive edge, frustrate customers, and damage reputation.
  • Instantly patch website vulnerabilities
    It takes organizations an average of 6 months to patch an application vulnerability once it’s discovered. SecureSphere integrates with vulnerability scanners to virtually patch applications. This allows businesses to stay protected, and fix the vulnerability on their own timeline, thus reducing the window of exposure and the associated costs.
  • Gain forensics insights with customizable reports
    Graphical reports enable organizations to quickly analyze security threats and meet compliance requirements.
  • Speed up deployment without risk
    SecureSphere protects applications without impacting performance and without requiring extensive network changes. It offers flexible inline, non-inline, and proxy deployment options that meet organizations’ diverse requirements. SecureSphere’s Fail-Open capabilities combined with unique, transparent bridge mode saves time and labor with drop-in deployment that requires no changes to existing applications or network devices, and delivers multi-Gigabit throughput while maintaining sub-millisecond latency.

Scaling Application Security

Using ITD in VIP Mode to load balance provides a fast and economical way for organizations to provide highly scalable and available infrastructure.  By leveraging ITD, an enterprise can deploy a single IP address (the VIP), which is then load balanced across many SecureSphere WAFs, with each one protecting the back-end webservers. This is done right from the 7K – There’s no need for an external load balancer in the middle.

Why is this better than other Load Balancers?

By combining Cisco ITD and SecureSphere’s advanced capabilities to monitor and secure HTTP traffic, several key advantages are apparent:

  • Eliminates the need for external load balancers, freeing up large amounts of budget and resources
  • You get the advantages of a proxy-type load balancer (1 single VIP represents many webservers), but still get ‘fail-open’ bridges on WAFs
  • ITD proxies traffic without interfering with the TCP Source IP Address , allowing SecureSphere to leverage the source IP, User and Session details for blocking and alerting.
  • To work with SecureSphere, ITD requires no modification to HTTP Headers (e.g., X-Forwarded-For), which can break applications and slow down traffic

What does this mean for the future of high performance WAF deployments?

By teaming up the Cisco Nexus 7K with SecureSphere WAFs, organizations can cost effectively deploy scalable, high-availability  WAF farms to handle large amounts of traffic to webservers.  As the web traffic increases, WAFs can be seamlessly added to the pool to scale up with the enterprise. Since every port on the 7K can be used as a load balancer this provides the potential to scale up to multi-terabits of throughput to a SecureSphere WAF cluster.

In conclusion, ITD and SecureSphere provides simple, cheap, fast, scalable, and reliable security infrastructure. Sort of like having your cake, with icing, and cherries on top – and eating it, too.

Feedback or Query: For feedback, query or EFT/PoC/demo please email: ask-itd@external.cisco.com

ITD White paper:  At a glance

Configuration Guide: Config guide

 

Tags: , , , , , , ,

Cisco UCS: Powering Applications at Every Scale

September 8, 2014 at 3:04 pm PST

If you follow the news in the world of data center you probably noticed a small announcement from Cisco last week regarding the UCS portfolio…  :)

grandslam

To net it out in a simple way, I’ve been telling people that the trail of innovation that Cisco has been blazing with UCS  just got a lot wider.   That’s because this rollout is all about three key vectors that our customers have guided us to expand on:

Here’s a short recap on the event.  If you missed it, the replay is available here.

IMG_4762

Padma Warrior and Joe Inzerillo discuss how technology is transforming the #MLB fan experience.

We had a stellar lineup at the event in New York.   Our CTO, Padma Warrior, headlined and did a fantastic job setting the context for this wave of innovation in the frame of IoE and Fast IT.   Paul Perez followed, explaining the sea change occurring in the application landscape and the customer imperatives guiding development of the UCS platform.   Finally, Satinder Sethi stepped us through all the new technology we’ve added to the portfolio.  Frank Palumbo hosted the event for us in New York, and I think it’s no coincidence he was rewarded later in the day by a thrilling walk-off win by the Yankees.   Note that my last link there is to MLB.com, whose CTO, John Inzerillo, joined our event to share all the cool fan experience technology they’re developing.

I’d like to thank our #CiscoChampions for joining us at the event and bringing their unique and (trust me) unfiltered perspective to the news.   Another highlight for me was the opportunity to tour the MLB Advanced Media Center with Matt Eastwood of IDC who joined us in New York to moderate a panel on scale-out computing.  Matt, so sorry about the results of the Yankees/Red Sox game…it’s tough to overcome Palumbo-level karma.    Having several of our customers and partners at the event really rounded it out, making a special day for everyone that joined us in New York and in the streaming sessions.

Jim Leach (L) and panel of Cisco Champions

Jim Leach (L) and Tech Field Day panel of Cisco Champions.

To hit on all the details, the team has taken a divide-and-conquer approach here on the blog as well as youtube and our other social media venues.  In addition to the links above, here are some of the pieces you can check out to learn more.  Scanning the #USCGrandSlam hashtag on Twitter is another good way to take a look at the news and reactions.

Padma with panelists discussing Big Data in the IoE.

Padma with panelists discussing Big Data in the IoE.

Tags: , , , , , , , , ,

Cisco UCS Claims Four World Record Benchmarks with the Intel Xeon Processor E5 v3 Family

On September 8th, 2014 Cisco announced support for the Intel® Xeon® Processor E5 v3 product family on the Cisco Unified Computing System™ . Simultaneously, Cisco unveiled a significant expansion of the Cisco UCS portfolio based on the Intel® Xeon® Processor E5 v3 product family for cloud-scale computing and workloads at the enterprise edge. For additional details on the new Cisco UCS servers launch with the Intel® Xeon® Processor E5 v3 product family check the blog by Cisco CTO Padmasree Warrior “Introducing New Computing Platforms for the Internet of Everything”

On the same day as the Intel announcement, Cisco captured four World Records on industry benchmarks on Cisco UCS to highlight the way in which Cisco UCS can accelerate performance across the data center. As we know, there is no better way to compare performance than by using industry-standard benchmarks, and with FOUR new World Record benchmark performance results Cisco has demonstrated Cisco Unified Computing System’s outstanding performance and IT productivity across key data center workloads.

Cisco UCS World record Benchmark results announced this week includes:

  • SPECjbb®2013 MultiJVM- Number-one 2-socket server result for critical-jOPS Result:: Cisco UCS® C220 M4 Rack Server delivered  58,478 critical-jOPS and160,283 max-jOPS-  a 248 percent increase in critical-jOPS results compared to Cisco’s recent results with previous processor generations. Check out the Performance Brief and the detailed official benchmark disclosure report for additional information on the benchmark configuration.
  • SPEComp®G_base2012Number-one 2-socket server for SPECompG_base2012 Result: Cisco UCS C220 M4 delivered Java transactions at the rate of 160,283 concurrent Java operations per second (jOPS) and 58,478 concurrent critical jOPS on the SPECjbb®2013 benchmark. Check out the detailed benchmark disclosure report for additional information on benchmark configuration.
  • Oracle E-Business Suite Extra-Large Model Payroll- Number-one server Result: The Cisco UCS B200 M4 Blade Server delivered world-record results on the Payroll Extra-Large Model Benchmark, exceeding one million employees per hour with a score of 1,125,281 and outperforming the IBM Power System S824, setting the standard for performance on this benchmark. This result is an 11 percent improvement over the previous-generation Intel Xeon processor running on the same Cisco UCS server and a 3 percent improvement over the IBM Power System S824.The Cisco UCS B200 M4 Blade Server result of  1,125,281 employees per hour outperformed  all competitive solutions. Check out the Performance Brief and detailed official benchmark disclosure for additional information on the benchmark configuration.
  • Oracle E-Business Suite Large Model Order-to-Cash- Number-one server Result: The Cisco UCS B200 M4 Blade Server set up a world record on the Order-to-Cash workload with a result of 243,803 order lines per hour, outperforming the same server configured with previous-generation processors by 5 percent on the Order-to-Cash Large Model Benchmark, processing more than 11,000 more order lines per hour. Check out the Performance Brief and official benchmark disclosure report for additional information on the benchmark configuration.

It is interesting to note that although all vendors have access to same Intel processors, only Cisco UCS unleashes their power to deliver high performance to applications through the power of unification. The unique, fabric-centric architecture of Cisco UCS integrates the Intel Xeon processors into a system with a better balance of resources that brings processor power to life. Cisco’s results demonstrate the degree to which Cisco servers deliver the power of the new Intel Xeon processor E5 v3 family. Cisco UCS maximizes Intel innovations and with performance improved up to 145 percent since the last processor generation, you can count on both innovation and versatile performance from Cisco UCS servers.

Haswell results

Cisco UCS delivers versatility with performance leadership across a wide range of workloads, enabling customers to eliminate infrastructure silos historically driven by unique application needs. Todd Brannon sums up in his blog post Cisco UCS: Powering Applications at Every Scale

The architectural advantages of a single cohesive system optimized for virtualized environments coupled with the industry leading benchmark performance results  makes the Cisco Unified Computing System an “infrastructure platform of choice” to provide industry-leading performance in your data center. For additional information on Cisco UCS and Cisco UCS Integrated Infrastructure solutions please visit Cisco Unified Computing & Servers web page.

 Disclosure

  • The Java application performance improvement of 145 percent compared the critical-jOPS score of the Cisco UCS C220 M4 Rack Server with the Cisco UCS C240 M3 Rack Server, a SPECjbb2013 MultiJVM result that was available on February 5, 2014.
  • The parallel processing performance improvement of 39 percent compared the SPECompG_ peak2012 score of the Cisco UCS C220 M4 Rack Server with the Cisco UCS C240 M3 Rack Server, a result of that was available on September 13, 2013.
  • The batch processing performance improvement of 11 percent compared the Oracle E-Business Suite Benchmark results of the Cisco UCS B200 M4 Blade Server with the Cisco UCS B200 M3 Blade Server, a result that was available on September 10, 2013.
  • SPEC, SPECjbb, and SPEComp are registered trademarks of Standard Performance Evaluation Corporation. The benchmark results used to establish world-record status are based on those available at http://www.spec.org as of September 8, 2014.

Tags: , , ,

Migrating in Just Four Months to a World-Class Cloud

Ball Manufacturing is a world-class business manufacturing up to 100 millions cans a day during their peak season.  They have 14,500 employees and 10 plants worldwide.  When the contract with their previous provider was about to expire, they saw an opportunity to upgrade their operations by having Freudenberg IT (FIT) host their central systems.  The challenge: FIT would have only four months to deliver the entire cloud solution.

Klaus Dieckerhoff, VP IT and Services at Ball Packaging Europe, says, “Our contract with the previous provider was due and we were looking for alternatives to host the full set of Ball’s central systems.”  The most important points for Ball were the stability, flexibility, and scalability of their mission-critical environments.  They needed world-class data privacy and end-to-end security as well.

According to Horst Reichardt, CEO, Freudenberg IT, “FIT is a full IT service provider.  And Cisco Powered cloud services from FIT provide a scalable and resilient platform for Ball to focus on their business, freeing them from handling downtime, worrying about availability, or caring about how the hardware is running.”

“What we like about Freudenberg IT is that they are very competent with their environments,” says Dieckerhoff.  “They know exactly what they’re talking about, and on a technical level they’re very, very skilled.”

“Cisco actually helped us make our life simpler,” adds Christoph Linden, Director Platforms and Technology, Freudenberg IT.  “The platform they provide simplifies our way of providing and scaling our cloud infrastructure.  That means applications are available all the time, at the highest possible standards.”

Learn more about how Cisco Powered cloud and managed services can transform your business.