Cisco Blogs


Cisco Blog > The Platform

New Year, New Challenges, New Successes: SDN Bringing Agility, Security and TCO to Campus and Branch Networks

Before recently taking on a new role as Cisco’s vice president and general manager of Software-Defined Network (SDN) with the enterprise networking group, I served as the vice president and general manager of Cisco’s Unified Access portfolio and led the expansion of the Catalyst 2k, 3k and 4k series product line, which has seen a lot of growth and developed a strong customer base over the past couple of years. Cisco invests heavily in R&D for these products, and has introduced many innovations improving security, application visibility/control, energy savings and converged wired and wireless infrastructure over the past few years.

But as I shifted into my new role and looked back at some of the new Unified Access solutions we introduced alongside our system architecture, I saw a curious disconnect: in some cases, it was getting more difficult for our customers to quickly take advantage of our new innovations.                                                                                                         

At Cisco, we design products to make customers’ lives easier and more productive. Not to gather dust because they’re too hard to figure out!

And then it Hits Me…

The challenge that we faced is core to network architecture. Networks are inherently a distributed system. There are tremendous advantages to this architecture, especially scalability and resiliency – but a distributed network makes management and network-wide services more difficult to achieve. As a result, we forced a high degree of complexity on our customers to the point where they spent too much time configuring networks box-by-box without any way to get a holistic view of their network to manage higher-level policies in a centralized way.

From a product development perspective, we also made it difficult for ourselves. We had to develop services in a distributed manner when many of them would have benefitted from centralization. When those services, which are often tightly coupled with specific versions of an operating system (OS), require an update so does the entire OS. As network size has increased and will continue to increase with the Internet of Everything (IoE), OS upgrades and network services have become more laborious.

Most importantly, we didn’t take advantage of the fact that Cisco has more information about and experience in networking than anyone else in the world. We give customers all of the parts of the car, when in reality we should be giving them the car.

Doin’ it Right

There is a better approach. In my new role and with my background in software, I’m working with my team to use the knowledge and data that we’ve built over the years, to better help customers’ reap the benefits of our innovations in a way that addresses their business challenges and improves their network infrastructure.

The wheels are already in motion. When Cisco announced the Application Centric Infrastructure  (ACI) solution for data centers in November, we played some things close to the chest – including the fact that the core principles of that data center architecture are just as relevant to other domains, such as WAN and Access (or branch and campus networks).

Today Sunil Potti, vice president and general manager, Netscaler Product Group at Citrix, elaborates on the work we’re doing together from the data center to the WAN to the user, in his post: Delivering Mobile and Cloud Services Now Gets End-to-End Network Control.

Unveiling the Kimono

The next generation of IT services will be defined by speed, precision and agility. With the launch of our ACI, we’d already begun to help our customers simplify networking tasks, reducing costs, time and human error while significantly accelerating the deployment of new apps. The next step is to take this functionality and extend it to campus and branch environments while taking into account elements of these types of deployments that are unique. These are the design points for the introduction of the Cisco Application Policy Infrastructure Controller (APIC) Enterprise Module that we are announcing today at Cisco Live! Milan.

With this new solution, we’re redefining SDN (buzzword alert) for next-gen networks, masking network complexity for IT in the way graphic user interfaces did for consumers fleeing DOS. With the insertion of a new controller as the fundamental layer of the enterprise network architecture, we’re enabling customers to leverage intelligent functionality in our network devices as well as the unique ability to see the entire end-to-end network as a single entity.  However, we retain traditional network principles including distribution for resiliency/scale that have allowed networking to be so successful.

We are fundamentally up-leveling the manner in which applications and IT teams interface with the network, away from specific configuration changes on each network device to high-level policy (e.g. prioritize application A over applications B and C) for the network as a whole. This new solution enables our customers to automate many IT functions, such as configuration and QoS changes. I’ve had network operators literally cheer when they saw that the module can perform an ACL analysis to find bugs and identify issues at the click of a button, eliminating the painful, time consuming, manual process of looking through each device to locate an issue. Although the controller has a rich set of open, RESTful APIs, both Cisco and our partners are providing applications utilizing those APIs for networking teams that don’t have the resources to develop their own apps.  

Before I close, I need to thank my team who has stood by my side on this journey – and let’s not forget our partners with us for this launch, who have helped us to develop applications: Citrix, Glue Networks, Radware and Action Packed Networks. It’s going to be a wild ride and I’m pretty fired up about what’s in store over the next 12 months.

I’d love to hear your feedback about this new solution and the direction Cisco is moving. I’m off to Milan for a few days, but look forward to sharing more of my experiences with you.

Tags: , , , , , , , , , , ,

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments.


  1. Jeff, you said “Most importantly, we didn’t take advantage of the fact that Cisco has more information about and experience in networking than anyone else in the world.”

    Perhaps the solution is to increase Cisco employee incentives for cross-silo collaboration — particularly between the Product and Services teams.

    I believe that Cisco will need to acknowledge the various distinct market segments that will emerge for the evolution of networking as we know it. Case in point; large customers such as AT&T and Verizon (Facebook and Amazon in enterprise) will likely continue to closely align their SDN/NFV consideration with open hardware assessments — all are active in the Open Compute Project.

    In contrast, small and medium size companies will likely consider the advantages of SDN without the equal focus on bare metal platforms, because they have more modest investments in infrastructure. Granted, some vertical industry clusters may pursue a path that’s similar to the larger companies.

    Regardless, in each of these scenarios the role of Cisco professional services talent could be the deciding factor that wins the customer’s trust.

    My point: current deployments are still in the early-adopter stage of market development — and that’s why those new to SDN/NFV technology appreciate the “lessons learned” insights that can be gained by dealing with a full-service provider, such as Cisco.

    What’s your thoughts? Do you see an upside for more value-added offerings — beyond the current anticipated cost-savings debate about the promise of SDN/NFV technologies?

       1 like