Cisco’s open ACI eco-system is gaining rapid momentum in Data Centers with more than 36 leading partners developing joint solutions addressing L4-L7 network and security service use-cases along with application stack automation. Just a few weeks ago we announced a major milestone in our journey, Cisco’s 1000th ACI customer.
Some of our customers have deployed the ACI-Fortinet joint solution. In this blog, I want to talk about the integration of Fortinet FortiGate Firewall with Cisco APIC. The integration of Cisco APIC and the Fortinet FortiGate solution provides customers several benefits:
- Consistency and transparency for workload security deployment across physical and virtual application environment.
- Single-pane-of-glass management from Cisco APIC with full visibility on security policy enforcement
- Predefined security policies are deployed on command and automated through complete application deployment lifecycle
Let me take you on a quick tour of some of the customer success stories.
Qbranch Case Study: Orchestrating FortiGate Security with Cisco ACI
European service provider Qbranch, part of Axians, and networking leader Cisco discuss the real-world challenges with manually provisioning firewalls and security policies, and how orchestration of Fortinet’s SDN Security framework with Cisco’s Application-Centric Infrastructure (ACI) can reduce costs and enable better service delivery in multi-tenant environments. Watch Video and Case study for details of the implementation.
Hosting Provider Zitcom Accelerates Time to Market with Cisco ACI and Fortinet
Zitcom, a premier partner-driven hosting company based out of Denmark is one of the early adopters of Cisco’s Application Centric Infrastructure (ACI). Watch Thomas Raabo, Network Operations Manager of Zitcom, share details about how Cisco ACI made Apps deployment easier, fostered collaboration between apps and network teams, and brought an overall agile application deployment environment.
There are several other customer stories featuring ACI-Fortinet solution, but I’d run out of time and space to list them all. For your easy reference visit http://www.fortinet.com/videos/index.html for more customer videos.
Let’s look in detail at the key capabilities of Fortinet-Cisco ACI solution and the benefits it brings to Data Center customers. Fortinet’s FortiGate firewall solution integrated into Cisco Application Policy Infrastructure Controller (APIC) delivers application-centric security automation in modern data centers. The solution provides automated and predefined policy-based security provisioning for next-generation firewall services. It enables location independent security services insertion anywhere in the network fabric through a single-pane-of-glass management. Cisco ACI – FortiGate solution architecture is shown below:
The joint FortiGate Integration with Cisco APIC has two major components:
- FortiGate device package for Cisco APIC
- FortiGate physical or virtual appliances
Now let us segue to the Fortinet Device package integration with Cisco APIC. The Device package integrates with Cisco APIC through open APIs and provides per-app, per-tenant L4-L7 policy configuration and dynamic service chaining and insertion. In addition, the integrated solution also allows exchange of intelligent telemetry information between Fortinet and APIC for application and tenant visibility.
The Fortinet Device Package for Cisco ACI comprises a device Model and a device Script. The Device Model defines the functions provided by FortiGate such as firewall inspection including IP reputation, web filtering, anti-virus, DNS filtering, SSH inspection, IPS, and DDoS etc., The Device Script provides the adapter functions required for FortiGate to communicate with APIC.
I am pleased to inform that we are also having a detailed Webinar, Oct 23, on the ACI-Fortinet joint solution topic, presented by subject matter experts from Cisco and Fortinet. Register Here.
Tags: Cisco ACI, Cisco APIC, FortiGate, Fortinet FortiGate
co-written with Richard Jacobik
Cisco recently started shipping the newest member to the UCS family – the storage-optimized UCS C3260 Rack Server. Data centers these days are bursting at the seams with unstructured data from new emerging applications and services. According to IDC, 80% of data is unstructured and continues to grow at a 16.2% CAGR. The ability for data centers to economically and rapidly ingest, index, analyze, and archive all this data is top of mind.
Cisco first introduced the C3000 family of storage optimized UCS rack servers in 2014 with the launch of the UCS C3160 rack server last fall. While on the surface the two servers models may look Read More »
Tags: Big Data, C3000, C3160, Cisco UCS, data center, data storage, object storage, software defined storage, Storage, storage server, UCS
NetApp’s annual technology conference takes place in Las Vegas next week and Cisco is excited to again be a diamond level sponsor for the event. Together, we will highlight Cisco and NetApp’s technology alignment, leadership, partnership and raise awareness of FlexPod solutions and momentum.
Cisco’s presence at the event will revolve around Cisco and NetApp’s joint integrated infrastructure platform – FlexPod. Based on Cisco UCS integrated infrastructure and NetApp storage systems, FlexPod simplifies and modernizes IT with continuous innovation, delivering unmatched application performance, broad support for any cloud strategy, and improved operational efficiency to accelerate data center transformation.
There will be numerous opportunities for customers and partners to engage with us throughout the week, including keynotes, boot camps, breakout sessions, Meet the Engineer sessions, booth demos and more. Attend a Cisco breakout session for a chance to win a Intel Compute Stick.
The highlight of the event will be the Cisco keynote given by Nick Earle, Senior Vice President, Cloud and Managed Services, on Monday, October 11th.
The comprehensive list of Cisco speaking sessions can be viewed here. Read More »
Craig Huitema blogged about Cisco’s SDN strategy and one of the key pillars is programmable networks. Cisco’s programmable networks is based on Nexus operating system NX-OS and our Robb Boyd from TechWiseTV covers it here and goes in more depth about NX-API REST (Object model) here and here.
Also go here if you missed our September 25th SDxCentral DemoFriday where we looked at use cases and demos related to NX-Toolkit and NX-API REST. Bottom line is to drive operational agility in the data center by enabling IT admins to manage Nexus switches as a Linux server with open interfaces and integrating DevOps tools.
One of the DevOps tools is Puppet. Integrating Puppet Enterprise agent is an integral part of programmable networks as I touched on it in my previous blog.
As we break lifecycle management into Day 0, 1, 2 and N to install, configure, optimize and upgrade the network to meet application and user requirements, Puppet plays a key role in each step.
Come and visit Cisco’s booth at PuppetConf October 7 – 9 to see demos and learn more about the integration of Puppet and its benefits on Day 0, 1, 2, and N. Also, visit our sponsor theater on Thursday, Oct 8 at 12:10 PM in the main exhibit hall as well as our breakout session Friday, October 9 at 2:30 PM. We will share how Cisco’s strategy of openness has helped the developer community.
To stay up to date on the latest version of the CiscoPuppet Module source code, visit this GitHub repository that allows network administrators to manage Cisco Network Elements using Puppet.
Tags: Cisco Nexus Switches, Cisco SDN, data center switching, devops, github, NX-API, NX-API REST, NX-OS, programmable networks, Puppet Labs
We made it…another successful Strata-Hadoop World show for Cisco’s Big Data & Analytics team. This year we had a few unique challenges – the Pope was leaving town when we arrived; then the UN General Assembly made traffic a bit more difficult than normal; finally towards week’s end the threat of ‘The Hurricane’ for the East Coast…
Cisco had an active presence at Strata this year with several newsworthy and interesting highlights:
• Introducing Cisco Data Preparation. Cisco Data Preparation (Data Prep) makes it easy for non-technical business analysts to gather, explore, cleanse, combine and enrich the data that fuels analytics. Read Kevin Ott’s Data Prep blog here. Read More »
Tags: Big Data, Cisco, Cisco Data Preparation, Cisco Data virtualization, Cisco UCS, Cloudera, Hortonworks, IBM, IBM BigInsights, Integrated infrastructure, Intel, MapR, nexus, Splunk, Splunk Enterprise, versastack