Data traffic has grown dramatically in the recent years, leading to increased deployment of network service appliances and servers in enterprise, data center, and cloud environments. To address the corresponding business needs, network switch and router architecture has evolved to support multi-terabit capacity. However, service appliance and server capacity remained limited to a few gigabits, far below switch capacity.
ITD (Intelligent Traffic Director) is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 7xxx series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed. ITD provides order of magnitude CAPEX and OPEX savings for the customers. ITD is available on Nexus 7000/7700 series in NX-OS 6.2(8) or later. It is available for demo on Nexus 5k/6k. ITD is much superior than legacy solutions like PBR, WCCP, ECMP, port-channel, layer-4 load-balancer appliances.
As a Cloud Architect, I’ve had the privilege to work with CTOs and CIOs across the globe to uncover the key factors driving Business Continuity and Workload Mobility across their cloud infrastructures. We’ve worked with enterprises, large and small, and service providers to answer their top five concerns in our new Business Continuity and Workload Mobility solution for the Private Cloud.
1) Can you provide business continuity, workload mobility, and disaster recovery for my unique mix of applications, with lower infrastructure costs and less complexity for my operations teams? Yes.
2) Can you provide a multi-site design that reduces business outages and costly downtime, allowing my critical applications to be more secure and available? Yes.
3) Can my operations teams perform live migrations of applications across sites while maintaining user connections, security, and stateful services? Yes.
4) Does your multi-site solution allow me to utilize idle standby capacity during “normal” operations, and reclaim that capacity as needed during an outage event? Yes.
5) Can your Cisco Validated Design greatly reduce my deployment risks and simplify my design process, saving my business significant time, money, and resources? Yes.
A Proven Multi-site Design, Built on the Most Widely Deployed Cloud Infrastructure
We addressed each of these pain points as we designed, built, and validated our new multi-site business continuity and workload mobility solution. Our multi-site solution is built upon Cisco’s cloud foundation, the Virtual Multi-service Data Center (VMDC) that’s been deployed at hundreds of the world’s top enterprises and service providers. In our latest VMDC release, we’ve extended our cloud design to support multi-site topologies and critical use cases for private cloud customers. This validated design simply connects regional and long-distance data centers within your private cloud to address some critical IT functions, including:
application business continuity across data center sites;
stateful workload mobility across data center sites, will maintaining user connections and security;
application disaster recovery and avoidance across data center sites; and
application geo-clustering and load balancing across data center sites.
Choose the Cloud Infrastructure that Fits Your Unique Business Needs
The VMDC Business Continuity and Workload Mobility solution (CVD Design Guide) is grounded in the reality of today’s cloud environment, providing different design choices that match your applications needs. We realize there is no “one size fits all” cloud design, that’s why we support both physical and virtual resources, multiple hypervisors and storage choices, and security compliant designs with industry certifications like FISMA, PCI, and HIPPA.
Key Factors Driving Business Continuity and Workload Mobility in the Private Cloud Read More »
I am Soni Jiandani, SVP of Marketing for Cisco’s Insieme Business Unit. Together with a team of veteran leaders and engineers, we continue to disrupt markets to drive industry transformation. Our latest disruption is focused on leapfrogging Software Defined Networks (SDN) with a holistic approach to the future of networking: Application Centric Infrastructure, or ACI for short.
My blog is timed with announcing the shipment of ACI – namely the Application Policy Infrastructure Controller (APIC) with ACI mode for the Nexus 9000. But this is not a corporate sales blog. My intent is to foster an open discussion about the future of the networking industry.
ACI: A key enabler to driving fast IT
We have spent the past few years to gather the best and the brightest engineering minds focused on one simple goal: to design an infrastructure for our customers that meets the needs of applications today and in the future. These applications require dynamic, agile, fast, secure, scalable, reliable infrastructure that is automated as a native, baseline requirement.
ACI goes beyond SDN to help customers deliver business outcomes and not just network device programmability. That’s part of the reason over 175 customers signed up to trial the APIC during the hardware beta. Now Cisco ACI will start shipping to Data Centers worldwide on July 31! (See Soni’s blog)
From when we first announced the Vision for an Application Centric Infrastructure at Cisco Live Orlando in 2013, it’s been extremely exciting to see customers and ecosystem partners support this new operational model for centrally configuring, automating and operating network and security infrastructure.
The application model for abstracting network infrastructure requirements and policies really does address the operational needs of the infrastructure and application teams. That was by design, as Insieme’s engineering team worked with the leading cloud infrastructure customers of the world and our Cisco IT organization to incorporate their operational and application needs. In fact, IDC published a powerful report to confirm the ACI related 3 year OpEx savings forecast at Cisco’s IT Elastic Infrastructure Services (CITEIS), one of the largest data center environments in the world. Read the IDC Business Value Brief on Cisco ACI to learn more.
With the production APIC, customers can now begin running production applications on ACI. For insights into why our customers are deploying ACI, we spoke with the leaders of two world-class IT companies that are aggressively rolling out ACI within their own corporate IT.
Symantec IT is an early adopter of ACI and Sean Doherty (VP of Alliances Offerings, Symantec) spoke recently with Shashi Kiran (Senior Director, Cisco) about automating their IT infrastructure with ACI. About the Symantec IT environment, Sean said, “Some applications have been through the Physical to Virtual cycle and others are placed on clouds. We are looking to move those into a more modern agile environment. The ACI is providing the infrastructure to build out that new environment…”. Sean added that ACI helps in significantly accelerating the detection and remediation of security issues with business critical applications. Check out this YouTube video interview for the full story.
Representing another user adopting ACI, NetApp’s CTO Jay Kidd spoke recently about the ACI project in their global development lab. He said this is a large scale deployment covering 2300 racks of equipment wired end-to-end with 40G capacity with Nexus 9000. Talking about the lab, Jay stated, “One of the beauties of the (Nexus) 9K is the ability to gracefully transition and combine 10Gig and 40Gig together in the same infrastructure. Then with ACI, being able to build up these profiles for the applications or the test scenarios for those applications, store them, provision them dynamically. Anything we can do to make it easier for our developers to use this DevOps private cloud, we think will speed up the time to market and ACI is big part of that”. The Lab can spin up thousands of Virtual Machines per hour with an aggregate capacity of running well in excess of a million VMs at a given time. You can listen to Jay’s eloquent explanation on YouTube here.
Our Cisco sales teams have a great way to help Cisco customers to begin their own ACI deployments with the new ACI Starter Bundles. An ACI Starter Bundle (Fig 1) has everything you need to create an ACI POD including a resilient cluster of three APICs, two fixed or modular spine switches, eight 40G optics, and two or four leaf switches depending on which of the four bundles are selected.
Figure 1 ACI Starter Bundles include an APIC Cluster with 3 APICs and 8 40G AOC optics
#1 Two Fixed Spine Switches, Four Leaf Switches with 192 Ports
#2 Two Fixed Spine Switches, Four Leaf Switches with 384 Ports
#3 Two Modular Spine Switches, Two Leaf Switches with 96 Ports
#4 Two Modular Spine Switches, Two Leaf Switches with 192 Ports
Cisco customers can use ACI Starter Bundles 1 or 2 as policy appliance for flexible/ granular network virtualization and secure isolation in conjunction with their existing base of Nexus 2000 to Nexus 7000 (Fig. 2)
Figure 2 ACI Starter Bundles #1 or #2
ACI Starter Bundles #1 or #2 can also be used to scale out a UCS converged infrastructure solution such NetApp FlexPod and VCE VBlock. (Fig. 3)
Figure 3 Scale out UCS Converged Infrastructure Solutions
ACI Starter Bundles #3 or #4 can be used as a starting point to scale out private clouds with secure multi-tenancy since they are based upon the more expandable modular chassis. (Fig. 4)
When used in conjunction with the just released Application Virtual Switch, AVS, the APIC provides centralized policy based control and automation for any application composed of any number of server tiers containing any number of virtual or physical servers. These ACI starter bundles enable customers to begin ACI deployments for testing or production operations. The simple fixed price licensing for a set of leaf ports, 48 or 96, means there is no penalty for running lots of VMs per server vs. bare metal servers. (Fig 5) Customers can predict the cost of running their software defined network infrastructure.
Figure 5 No per VM Tax with ACI licensing
Contact your Cisco account manager to learn how the cost of an ACI POD is less than the cost of those dedicated x86 hardware gateways required with leading pure software overlay approaches. ACI delivers more scale, security, and performance at a fixed predictable cost with documented TCO benefits.
Many of our ecosystem partners announced at Cisco Live that they would be shipping their ACI Device Packages when Cisco’s APIC enters FCS. The following joint solutions have passed rigorous interoperability testing conducted jointly by the vendor’s and Cisco’s engineering teams in our own ACI testing lab. These partners demonstrate ACI’s open ecosystem for service integration, investment protection for existing ADC networks, and the benefits of a centralized control point for L2-L3 network and L4-L7 service policy coordination and automation.
Cisco ASA security and Cisco ACI solution: Customers can now deploy Cisco ACI with Cisco ASA and its ACI Device Package to provide automated, policy-based security provisioning, management, and security policy updates, for firewall, intrusion prevention, and more.
Citrix NetScaler and Cisco ACI joint solution: Customers can use the APIC to coordinate the Citrix NetScaler’s ADC unique application insights for optimized service delivery with ACI’s network automation and obtain end-to-end telemetry and visibility for service-aware applications and tenants.
Embrane and Cisco ACI joint solution: With the APIC and Embrane’s ACI Device Package, ESM automates the deployment and lifecycle management of Embrane’s network virtual services as well as those from Cisco ASA, Sourcefire, and Citrix.
F5 Synthesis and Cisco ACI joint solution: Customers can accelerate application deployment by automating insertion of SSL offload and L4-L7 SLB services using F5’s ACI Device Package and the Cisco APIC.
We are publishing interviews with the analysts, the leading practitioners that are hands on with ACI in August in an exciting ACI special edition of Unleashing IT. I’ll share the link for you here in a few weeks.
Today, we had some great news to share on Data Center and Cloud Networks. The Cisco ACI solution portfolio was orderable on July 1 and starts shipping July 31. This includes the four ACI starter bundles detailed above. For details on today’s exciting new Nexus switches announcement, please visit this blog -- Nexus Flexibility Eases Transitions.
Atos Societas Europaea (SE) is a global leader in IT services with 77,000 employees in 52 countries worldwide. Cisco has a strong partnership with Atos in several areas including data center, cloud, and collaboration – and they are a customer of multiple Cisco solutions.
In particular, there is a division of Atos that provides managed services for North American companies. This division of Atos offers a broad range of services for their enterprise customers including new employee onboarding, provisioning smartphones and tablets, requesting Cisco WebEx accounts, provisioning of physical servers and virtual machines for data center operations, and more.
To meet the IT service needs of their large customer base, Atos needed to speed up the service delivery process and serve more customers without adding additional IT staff. According to Atos’ manager of process automation, Kert Gilpin, “We measure success by how much we can reduce service requests by email or phone and how quickly we can fulfill requests. To continue growing, we needed to automate IT service requests. We wanted to deliver IT as a Service.”
Now, thanks to Cisco Prime Service Catalog, Atos is serving more customers, faster, with the same size IT staff. Cisco Prime Service Catalog provides the one-stop shop for Atos customers to request a broad range of IT services (with more than 1,700 service options and configurations). From 2010 through 2013, Atos used the service catalog to process more than 1.5 million IT service requests from it’s customers – including more than 250,000 approvals for more than 260,000 users.
On the front-end, employees at each customer can log into Cisco Prime Service Catalog’s web-based portal interface for self-service access to their organization’s available services. On the back-end, Cisco Prime Service Catalog is integrated with the customer’s existing systems to automate provisioning for each service request. Some of the most commonly requested services in the Atos catalog include:
Server setup or decommissioning: Cisco Prime Service Catalog can be integrated with the customers’ data center infrastructure automation tools to enable self-service provisioning. “Before, multiple people had to perform a manual task to provision a physical or virtual server,” Gilpin said. “Now we use Cisco Prime Service Catalog to automate approximately 50 tasks in the workflow, taking different actions depending on the conditions.”
Distribution of Windows software updates and patches: For this popular service, Atos integrates Cisco Prime Service Catalog with the customer’s Microsoft Systems Center Configuration Manager (SCCM) server. Employees receive an automated notification when software application upgrades are available. Then they just click to install the upgrade or patch.
Employee onboarding services: Through integration between Cisco Prime Service Catalog and their customers’ Oracle and PeopleSoft HR systems, Atos has automated new hire onboarding, transfers, terminations, leaves of absence, name changes, and changes between contractor and employee status.
This combination of self-service ordering and automation is powerful – with real and tangible benefits. “Automation means customer requests are fulfilled more quickly,” Gilpin said. “The request is generally complete in minutes, compared to days or weeks when we manually provisioned services. And our IT team now has more time for activities that provide value to our customers.”