Bio: Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire software suite with an emphasis on F5 Synthesis and LineRate. She currently focuses on cloud computing, infrastructure, devops, data center architecture, and security-related topics. Lori has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Lori authored this Blog.
One of the most frustrating experiences a developer can have is when a deployment into production goes wrong. It doesn’t matter how much you test yourself or in QA, invariably something goes wrong in production. That’s usually because while traditional DEV and TEST (QA) environments closely mirror the application infrastructure that will be used in production, it does not – and cannot – mirror the network infrastructure. The complex web of application and network services that exist in a production environment have been too expensive and difficult to replicate. So developers and admins have had to cross their fingers and hope nothing goes wrong. And when it does? It’s back to the queue until the next change window opens.
One might surmise that if you could only test deployments in a real environment that such situations would effectively go away. But asking to test against real, live production network infrastructure is akin to Oliver Twist asking for “More, please” in Dickens’ famous novel.
This nightmare is not reserved for developers and operators. Imagine, if you will, a network or application service professional crafting the appropriate policies designed to scale, secure, and optimize your application. This is not a trivial task. Oh, certainly assigning IP addresses and even VLANs seems simple, but there’s so much more to “the network” than just basic networking. There’s the load balancing with its associated (and very much required) monitoring. There’s application and network firewalling, anti-malware and anti-virus scanning for systems that exchange large data sets. There’s optimizations for mobile and things that must be configured, routes between services, isolation policies and more. This isn’t a “give me an IP address and let’s be done with it” kind of process. It’s a complex dance involving multiple parties that requires collaboration and careful orchestration.
In the past there’s been no way to “test” such a complex interaction of services outside of production. It’s do or die, deploy or roll back. It’s no wonder it takes so long to move that app into production.
But things are changing, for the better. Virtualization and programmability of network and application service infrastructure is making it possible to test policies and configurations before production, in increasingly complex configurations. Whether it’s the use of virtual labs or virtual appliances, the need to support testing of network and application service infrastructure is being heard and answered.
This is critical, especially as these systems become more integrated and orchestrated. Consider the role of Cisco’s APIC, for example, in not only provisioning but configuring a variety of application services such as those We (F5) provide through BIG-IP and BIG-IQ. It’s important that those responsible for deploying the policies that scale, secure, and optimize apps are able to test the orchestration that will ultimately deliver the application’s needed services into production.
That’s why it’s exciting to see Cisco’s efforts around DevNet and in particular its sandboxes. The ability to test against real infrastructure before moving into the production environment is of significant value in reducing the time it takes to move through production and improving time to market for all manner of applications. Like our own DevCentral, Cisco’s DevNet efforts are designed to provide a community in which documentation, testing, example code, and support are all available when its needed, whether that’s at 2pm or 2am.
This support and ability to test is paramount as DevOps continues to make its way into the network and bring with it the benefits developers and operators have begun to enjoy: stability of infrastructure, consistency of policy, and speed of deployment. “The network” needs not only the methodologies DevOps brings but similar frameworks for testing and the application of continuous integration for those networking components that rely on integration to provide for deployment and administration of network and application services, such as Cisco and F5.
Sandboxes, documentation, examples, and virtual appliances all lend themselves to enabling DevOps to extend its reach into the deployment pipeline. By including critical network and application services as part of an extended CI/CD pipeline, organizations can enjoy the benefits of a more agile deployment pipeline.
Greater agility in the pipeline through community, testing, and support is as much a goal of our partnership with Cisco as the deployment experience offered by the integration between Cisco APIC and F5 solutions.
Check out the 2nd release of F5’s State of Application Delivery Report. This survey of over 3,000 global customers helps us better understand how organizations from a diverse cross-section of industries, departments and regions deliver applications and keep their data and users secure, in light of such IT trends as cloud computing, SDN and DevOps.
Tags: CI/CD, Cisco APIC, Cisco DevNet, devops, F5 BIG IP, F5 BIG IQ, F5 DevCentral
Cisco’s open ACI eco-system is gaining rapid momentum in Data Centers with more than 45 leading partners developing joint solutions addressing L4-L7 network and security service use-cases along with application stack automation. Just a few weeks ago we announced a major milestone in our journey, Cisco’s 1000th ACI customer.
Some of our customers have deployed the ACI-Fortinet joint solution. In this blog, I want to talk about the integration of Fortinet FortiGate Firewall with Cisco APIC. The integration of Cisco APIC and the Fortinet FortiGate solution provides customers several benefits:
- Consistency and transparency for workload security deployment across physical and virtual application environment.
- Single-pane-of-glass management from Cisco APIC with full visibility on security policy enforcement
- Predefined security policies are deployed on command and automated through complete application deployment lifecycle
Let me take you on a quick tour of some of the customer success stories.
Qbranch Case Study: Orchestrating FortiGate Security with Cisco ACI
European service provider Qbranch, part of Axians, and networking leader Cisco discuss the real-world challenges with manually provisioning firewalls and security policies, and how orchestration of Fortinet’s SDN Security framework with Cisco’s Application-Centric Infrastructure (ACI) can reduce costs and enable better service delivery in multi-tenant environments. Watch Video and Case study for details of the implementation.
Hosting Provider Zitcom Accelerates Time to Market with Cisco ACI and Fortinet
Zitcom, a premier partner-driven hosting company based out of Denmark is one of the early adopters of Cisco’s Application Centric Infrastructure (ACI). Watch Thomas Raabo, Network Operations Manager of Zitcom, share details about how Cisco ACI made Apps deployment easier, fostered collaboration between apps and network teams, and brought an overall agile application deployment environment.
There are several other customer stories featuring ACI-Fortinet solution, but I’d run out of time and space to list them all. For your easy reference visit http://www.fortinet.com/videos/index.html for more customer videos.
Let’s look in detail at the key capabilities of Fortinet-Cisco ACI solution and the benefits it brings to Data Center customers. Fortinet’s FortiGate firewall solution integrated into Cisco Application Policy Infrastructure Controller (APIC) delivers application-centric security automation in modern data centers. The solution provides automated and predefined policy-based security provisioning for next-generation firewall services. It enables location independent security services insertion anywhere in the network fabric through a single-pane-of-glass management. Cisco ACI – FortiGate solution architecture is shown below:
The joint FortiGate Integration with Cisco APIC has two major components:
- FortiGate device package for Cisco APIC
- FortiGate physical or virtual appliances
Now let us segue to the Fortinet Device package integration with Cisco APIC. The Device package integrates with Cisco APIC through open APIs and provides per-app, per-tenant L4-L7 policy configuration and dynamic service chaining and insertion. In addition, the integrated solution also allows exchange of intelligent telemetry information between Fortinet and APIC for application and tenant visibility.
The Fortinet Device Package for Cisco ACI comprises a device Model and a device Script. The Device Model defines the functions provided by FortiGate such as firewall inspection including IP reputation, web filtering, anti-virus, DNS filtering, SSH inspection, IPS, and DDoS etc., The Device Script provides the adapter functions required for FortiGate to communicate with APIC.
I am pleased to inform that we are also having a detailed Webinar, Oct 23, on the ACI-Fortinet joint solution topic, presented by subject matter experts from Cisco and Fortinet. Register Here.
Tags: Cisco ACI, Cisco APIC, FortiGate, Fortinet FortiGate
The Cisco ACI partner eco-system is growing rapidly. I was privileged to see prima-facie, at Cisco Live San Diego last month, the excitement surrounding AVI’s solution announcement with Cisco ACI and the growing customer interest. Though a late-comer to the ADC (Application delivery controller) market, AVI packs a punch to make customers and partners sit up and listen. What’s impressive is that, more than 20 customer deployments are already under way, both in private clouds and on premise Data Centers. In this blog, I want so share some of the key value-props and architectural benefits Cisco ACI-AVI joint solution brings to Application deployment in Data Centers.
The highly complementary nature of the AVI CADP (Cloud Application delivery platform) and Cisco ACI solution is achieved through a common architecture featuring unified management and control planes, as well as the ability to scale data plane resources elastically, on-demand as application requirements dictate.
The AVI solution integrates into Cisco ACI environments through RESTful APIs, providing end-users with holistic application delivery, security and load balancing, in addition to real-time visibility, monitoring, and integrated (inline) analytics of their on premise and cloud-based applications.
A simple architectural depiction will help understand how Cisco ACI and AVI Networks solution works.
The collaboration between Cisco and AVI Networks has delivered a highly integrated, L2–L7 solution that automates and simplifies the insertion, provisioning and scaling of key network services into a Cisco ACI fabric. The solution also delivers end-to-end visibility and analytics that provide actionable insights into application performance and the end-user experience, which are critical in modern data centers.
The Cisco ACI – AVI Networks CADP joint solution provides customers key benefits such as:
- Quick deployment with a high degree of automation
- Quick app provisioning with zero-touch L4-L7 service lifecycle management
- Full-stack L2-L7 visibility and closed-loop analytics
Stay tuned for more exciting news on the ACI-AVI solution front.
For more information visit,
Tags: ACI, ACI Open eco-system, AVI CADP, Cisco APIC
It is a back-back, double-header for me this weekend, as I head from an action-packed week in Orlando to exotic Edinburgh, Scotland for F5 Agility. F5 is Cisco’s premier partner and I can’t wait to be in the thick of action at the Edinburgh International Convention Centre next week. From “you are lucky to be there” to “WoWs”, I am fast becoming the envy of my friends at Cisco. For me personally, it is the second EMEA F5 Agility event, and last year I had a blast at the Bella Center, Copenhagen. These things aside, there is a lot for me to report about Cisco’s participation in this event.
You probably know F5 recently announced a new CEO. F5’s incoming CEO Manny Rivelo in his keynote themed around “Innovate, Expand and Deliver”, will take you on a tour of current market trends, how F5 has grown in market momentum under John McAdam’s tenure, the evolution of the F5 Platform from simple load balancer to ADC to support Cloud based business models, the growing importance of enterprise security, recent F5 acquisitions, and last but not the least the growing eco-system of Partners. I recommend getting started with Manny’s keynote. Manny is also hosting invitation only roundtables to key verticals Retail and financial earlier in the morning, same day. Following Manny, Dean Darwin, Marketing SVP of F5 will deliver F5’s forward looking vision. Dean’s session aligns well with Manny’s keynote in that he will address how to Innovate and continue to be a thought leader, Expand business models (like As A Service) and Deliver customer satisfaction and financial excellence.
There is plenty of excitement Cisco is bringing to this event centred around Cisco’s award winning SDN strategy, Application Centric Infrastructure (ACI) .
Cisco Exec Shashi Kiran is joining F5 Exec Calvin Rowland and fellow Cisco Exec Patrick Schmidt in a panel session May 20. For those of you not familiar with ACI, this panel session is a great opportunity to learn how Cisco and F5 are expanding their partnership, how their combined thought leadership is advancing the SDN landscape, and customer successes and momentum experienced by Cisco ACI, F5’s BIG IP & BIG IQ in the marketplace. The panellists are seasoned industry experts and I promise it will be a treat to the attendees.
If you somehow missed the panel session, there is room to cheer. Shashi is hosting a breakout session the next day, May 21, 11.30 local time. What’s unique about this Breakout Session? Well, you will get to not only hear Shashi eloquently walk you through the role of Cisco ACI in today’s Application-Oriented Economy, but also see customers and partners join him on stage and share their success stories with ACI. Shashi will discuss how emerging applications are placing huge demands on Data Center Infrastructure and how grossly unprepared they are to meet the same. Shashi will then introduce Cisco ACI, an open, scalable, programmable SDN solution that helps address these infrastructure challenges. Shashi will illustrate how Cisco’s open architecture enables seamless integration of F5 into ACI’s policy framework and how the joint solution brings unprecedented agility and end-end L2-L7 accelerated application delivery. Shashi’s breakout as I said earlier, also features a unique Customer and Partner segment towards the end. Martin Lipka from Pulsant corporation and Stefaan Hinderyckx from Dimension Data will join Shashi on stage to share their ACI experiences. How often do you get this comprehensive experience in a breakout session, one that is devoid of a sales pitch. Sounds great, doesn’t it?
That is not all. Cisco ACI brings you additional customer engagement opportunity in the solutions expo hall. We are featuring cool demos showcasing our joint solutions namely, ACI-BIG IP and ACI-BIG IQ on both May 20 and 21, during the entire duration of the expo hours. Stop by the Cisco demo booth to get a personal walk-through of our solution working. Our product experts are available to engage you in white-board type sessions and to compliment the demos, we also run short duration presentations in the Cisco theatre at periodic intervals. Should you desire, we are happy to meet you in 1-1 meetings, so let us know how we can enrich your experience at the event.
For all the hard work we all do at the event, there is plenty F5 offers to let us relax and enjoy. The evening event on May 20 allows attendees to step back to a time of knights and ladies, including one of Scotland’s most famous royals – Mary Queen of Scots.
Agility attendees will have the ability to see all that the castle has to offer, from Mons Meg, one of the largest cannons in the world, to the huge collection of weapons and armoury in The Great Hall, the Stone of Destiny and the Royal Palace Crown Jewels. Network with your fellow attendees while enjoying tasty food and drink, entertaining music, knowledgeable guides, and more are awaiting you on Wednesday 20th May.
I am eager to see you all in Edinburgh next week. There are some useful links for you to check out before your visit on how Cisco ACI and F5 work together on the innovation front.
Tags: Agility 2015 Edinburgh, Cisco ACI, Cisco APIC, F5 BIG IP, F5 BIG IQ
What attracts me to Orlando In the hot and humid month of May this year? There are numerous synergies from the Disney World to Orlando’s pristine nature that enhances my experience there. But the one I am really looking forward to this year is the Citrix Synergy 2015, a premiere event for Cisco Data Center Professionals and its Customers and Partners. After a hiatus of two years, I am happy to be back at this event, this time leading the Cisco Application Centric Infrastructure (ACI) strategy and showcase how ACI integrates with Citrix’s NetScaler, a market leading Application Delivery Controller (ADC) solution.
The theme this year at the event centers around software-defined workplace and how it enables companies find new ways to work better. Cisco ACI aligns very well with this theme given that ACI is a market leading software defined networking (SDN) solution.
Citrix Synergy Event 2015 is particularly exciting to me as our joint Cisco ACI and Citrix NetScaler solution has picked considerable customer momentum since its introduction into market last year. Woolworth, DU and several other top customers have given testimonials recently on their positive experiences with ACI-NetScaler joint solution, and I look forward to hearing more of these at this event. In addition, the visionary keynotes, technology training, access to industry’s top thought leaders and the customizable agenda and experience makes Citrix Synergy a valuable investment of my time year after year.
Where should you start? There is no better place than Mark Templeton’s keynote, to start the Synergy expereince. Mark kick-starts the proceedings on May 12 by sharing his unique perspectives on how Citrix is leading the transition to the “software-defined workplace” where true mobility transformation occurs, giving businesses and people new ways to work. Mark will cover areas of innovation across the Citrix portfolio, including product and solution updates with strategic partners like Cisco in virtualization, mobility, networking, cloud and more. Be ready for a few sneak peeks and surprises.
After the keynote, the world of solutions beckons you with a glittering collection of technology showcase from industry-leading vendors, and I want to welcome you to the Cisco booth #202 where it is action unlimited. This year we are offering solution demos and Mini-Theater presentations featuring Desktop virtualization, Networking and SDN, Mobility, and Cloud technologies to name the highlights.
Cisco ACI – Citrix NetScaler joint solution features prominently at the Cisco demo Pod and the Mini Theater this year. Stop by our booth and get a live demo from our experts, and learn how to automate deployment of NetScaler L4-L7 services using ACI policy framework. In fact, we can give you a modular walkthrough of the solution whether your interest centers around the ACI Fabric or Cisco APIC policy controller or Citrix NetScaler. In addition, we can provide you quick overview presentations at our Mini theater that runs round the clock. There will be daily presentations on the ACI-NetScaler joint solutions and I hope the theater experience will complement the insights you gain via demos. We also have white-boards to dive deeper into cross-architectural discussions, should you decide to explore further. There is never a dull moment at our Cisco booth this year as Cisco UCS with Citrix desktop virtualization, DAAS and Mobility demos offer a rich treat of latest in technology innovations from Cisco and its Partners. The Cisco Mini Theater also feature NetApp, Nimble and Nvidia partner presentations as Cisco and Citrix truly bring the best-of-breed solutions for different market segments so customers can choose specifically based on their Data Center needs.
There are other exciting engagement opportunities for you to explore ACI-NetScaler solution at the event. Check out Session SYN 212, “Update on NetScaler and Cisco Integration” on May 13, 11 AM at the Valencia Ballroom A. Raj Gulani, a power packed Citrix dynamo, will deliver this session and many of your questions about SDN, Application demands on infrastructure will get answered. So, I’d recommend this as a must-attend.
And my good friend Mike Brennan from my UCS marketing days is presenting at the Cisco sponsored session on the topic “Architecting your next generation workspace with Cisco & Citrix”. If you can spare an hour the afternoon of May 13, I’d suggest you attend this session in room W135B. Mike brings unique perspectives from a design and deployment perspective and has authored several Cisco CVDs on UCS-Citrix desktop virtualization solutions. If you somehow have to miss this timeslot, Mike is doing another breakout on May 14 with Rob Briggs at the Citrix sponsored session on the topic, “Architecting Innovation with Cisco and Citrix”. There are also hands-on Labs, Geek sessions, and Citrix Innovation awards for attendees to take advantage of to get a broad experience.
As I write this blog, I just learned that the Cisco APIC has been adjudged the “Best of Interop 2015” in the SDN category. It is very timely, and a fitting testimonial to compliment the rapid customer adoption of ACI. Cisco ACI-Citrix NetScaler has gained significant market traction and several customers in process of deploying the joint solution.
The Cisco ACI-Citrix NetScaler solution is a key pillar of the Cisco-Citrix strategic relationship. In the past year, the joint solution has recorded several milestones in the form of customer proof-points, customer deployments and endorsements and Open standards initiatives such as NSH and Opflex at the IETF. Citrix NetScaler is committed to a robust roadmap in evolving the solution with ACI and stay tuned for more news from us at future events.
In closing I want to touch on the entertainment scene. A customer appreciation event is scheduled for Wednesday May 13, at the Howl at the Moon Piano Bar and we look forward to seeing you there. The final night party on May 14, is another Citrix specialty as we all unwind, connect with friends, and experience an exclusive night for Synergy attendees only at Universal Studios Florida. I look forward to meeting you all in person next week.
Tags: Cisco ACI, Cisco APIC, Citrix NetScaler, Citrix Synergy, SDN