Cisco Blogs


Cisco Blog > SP360: Service Provider

Video Security Everywhere: From Creation to Consumption

Not that long ago, life was much easier. Video was delivered in a linear managed path and there was a well-defined process – from content creation to distribution to consumption – with distinct roles for content creators and service providers. Video infrastructure was largely isolated and used unique technologies designed for broadcast video delivery.

This model also made security much more straightforward. Video content was protected using encryption and conditional access integrated in the set-top box.

But today, life is getting more complex. IP and cloud based delivery allows service and content providers to meet customers’ demands, but it’s also more challenging to secure.

Untitled

In this open environment, service and content providers need to protect their entire network from new vulnerabilities, stopping attackers from stealing video content, services and confidential data. At the same time, they need to retain full flexibility to deliver the services customers want – security should not be an inhibitor but an enabler.

Cisco delivers a Read More »

Tags: , , , ,

Avoid Wild Light Sabers & See How Pulsant Delivers Cloud Services Faster With ACI (Case Study)

Lightsaber_blue_(with_shimmering_aura)

Being fast is important this time of year.

X–Wing Fighters in “Star Wars: The Force Awakens” are fast.

Avoiding that overly excited light saber wielding fan in line requires you to be fast.

Holiday shoppers are snatching up deals fast.

Retailers with transaction spikes need to add infrastructure capacity fast.

Your customers want their IT Infrastructure services fast…and Application Centric Infrastructure (ACI) helps deliver that speed.

This IDC report shows how Pulsant – a UK based IT Infrastructure Services Provider – delivers services fast with ACI. It also quantifies the returns on that speed and other benefits. In some ways, their story is like that of many customers – they need to deliver IT services faster, they need to do more with less…you know the drill. And if you are using ACI, you also know how to address those issues. If not, take a couple minutes and check out the report. In it, Martin Lipka, Head of Connectivity Architecture at Pulsant, addresses a number of interesting issues and IDC helps to quantify them. Check out how Pulsant is:

  • Onboarding customers faster with the “simplified automation” ACI provides
  • Growing its customer base without needing to add a commensurate number of network engineers
  • Reducing the frequency of misconfigurations and improving the security of its services

In the report, Martin explains how “automation and repeatable processes enabled by Cisco ACI have benefited his company by reducing the time needed to provision network resources and speeding up deployment cycles.” For example, “Pulsant needed an average of 7–14 days before moving to Cisco ACI to deliver a bespoke cloud service to a customer, whereas it now needs only 2–3 days.” At the back end, when those services are no longer needed, “the network process of decommissioning a customer and cleansing the configuration has gone from taking hours to seconds thanks to Cisco ACI’s built-in automation.”

ACI helps Pulsant deliver services fast. ACI also delivered a return fast – ROI analysis showed a payback period of under 7 months.

In summary, if you are looking to deploy services fast, tear them down fast, get a return fast – check out the report and check out ACI.

And, oh yeah, as a public safety message, please let’s not swing those light sabers too fast tonight. May the force be with you…

Photo courtesy of commons.wikimedia.org

Tags: , , , , , ,

Top 3 Ways New ACI Innovations Improve Your Data Center

Yesterday, Cisco announced a new software release for ACI. If you are looking to automate IT, or build out your cloud environment, and want to do so in an open fashion that provides a lot of flexibility – then you’ll probably be interested.

Why? The new ACI release:

  1. Makes managing and securing your cloud environment easier;
  2. Provides openness, expanding customer choice; and
  3. Delivers operational flexibility

OK, so what does this actually mean?

  1. Makes managing and securing your cloud environment easier

Three of the most popular cloud management tools include Microsoft Azure Pack, OpenStack and VMware vRealize. Earlier this year, we announced Windows Azure Pack ACI integration. With this new ACI release, we integrate ACI with OpenStack and vRealize, as well. (More details are here.) So this means that if you need to, say, provision a virtual workload in vCenter, ACI automagically orchestrates things to match computing resources and networking infrastructure.  So, you can enjoy the policy based automation and all the other benefits of ACI regardless of which of these tools you use to manage your cloud environment.

This also means OpenStack users can now create and manage their own virtual networks, extending ACI policy directly into the hypervisor with a hardware-accelerated, fully distributed OpenStack networking solution – the only one available that integrates both physical and virtual environments.

To more easily and completely secure these environments, the new release provides micro-segmentation support for VMware VDS, Microsoft Hyper-V virtual switch, and bare-metal endpoints. Essentially, this means more granular enforcement of security policies.   These can be based on numerous different criteria relevant to attributes associated with the network, e.g. IP address, or the virtual machine, e.g. VM identifier, Name, etc. There are additional capabilities that can, for example, disable communication between devices within a policy group (intra EPG, for those more familiar with ACI) – useful in thwarting lateral expansion of attacks.

  1. Provides openness, expanding customer choice

Piggybacking off some comments above, it’s worth noting that since ACI’s inception, one of its differentiators has been the ability to integrate physical servers as well as virtual machines, and to apply policy consistently across them. Well, now there’s a new kid on the block, as the industry observes an increasingly popular trend to use containers as another way of operating applications.   As part of this announcement, we are extending ACI support to include Docker containers, in addition to VM’s and bare metal servers. This is done by using Project Contiv, which is an open source project that has a Docker network plugin allowing, among other things, automatic configuration of Docker hosts to integrate with ACI. Check out details on this video and/or this white paper. Network Computing commented here, that:

“Given all the hubbub in the industry over Docker, ACI’s new Docker container support is noteworthy.”

Another way this new release is driving openness and providing more choice for customers is around L4-7 services. ACI now supports service insertion and chaining for any service device.  So, customers can leverage their existing model of deploying and operating their L4-L7 device, while automating the network connectivity. This is in addition to, not instead of, the device package model, which provides for more comprehensive ‘soup to nuts’ automation. Speaking of which, as part of this announcement, several new partners also joined the ACI Ecosystem. This video provides some insight into how some of them automate your applications.

  1. Delivers operational flexibility

The new release has a number of tools that create more flexible operating environments. A quick rundown includes the multi-site app, which enables policy-driven automation across multiple datacenters, providing enhanced application mobility and disaster recovery. In short, this means you can run ACI in 2 different data centers, and extend the policy across them. Other tools provide the ability to do configuration rollback, as well as NX-OS Style CLI. This is for the CLI junkie that wants to run the entire ACI fabric as a single switch. There are some other cool nuggets in here as well, like a heat map that provides real-time visibility into system health.

Clayton Weise, Director of Cloud Services at KeyInfo, summed it up best when he said:

“ACI is the direction we’re going to go because it gives us the best flexibility.” (Read the entire Network World story here.)

In summary, this new release adds capabilities that will help you more effectively manage and secure your cloud environment, as well as leverage the benefits of both openness and operational flexibility.

 

 

 

 

 

 

 

Tags: , , , , , , , , , , , , ,

Executing on Our Vision and Strategy: The Future of Networking for an Application Centric World

We shared our vision for the future of networking over a year and a half ago.

Today, we continue to execute on our vision and strategy. Our customers and partners continue to derive the value of these innovations to the fullest potential.

We are extending our leadership in SDN with the most complete solution portfolio today, driving choice in automation and programmability for our customers. Solutions based on open APIs, standards and a broad ecosystem for three approaches: programmable networks, programmable fabrics and a turnkey approach with Cisco Application Centric Infrastructure (ACI).

Cisco ACI continues its focus on three primary areas: (1) automation through policy; (2) consistent support for physical, virtual and containers; and (3) open, standards-based with embedded security. Add a centralized pane of management, scale, and a broad and deep ecosystem, and you have 1100+ satisfied customers, and the 2015 Best of Interop in SDN category (my sales plug…).

The future of networking is here. We’ve created an infrastructure that is hypervisor agnostic, with the most advanced security enforcement capabilities on the market today. Manage your entire fabric with a familiar user interface. And manage policy across any endpoint group – physical, virtual, and containers with a consistent security posture.


Read More »

Tags: , , , , , ,

CCIE : ITD and RISE in CCIE Data Center

ITD and RISE are now part of CCIE Data Center:

https://learningnetwork.cisco.com/community/certifications/ccie_data_center/written-exam-v2/exam-topics

Intelligent Traffic Director (ITD) is a hardware based multi-terabit layer 4 load-balancing, traffic steering and services insertion solution on the Nexus 5k/6k/7k/9k series of switches.

Domain Written Exam (%) Lab Exam (%)  
1.0 Cisco Data Center L2/L3 Technologies 24% 27% Show Details
2.0 Cisco Data Center Network Services 12% 13% Hide Details
2.1 Design, Implement and Troubleshoot Service Insertion and Redirection

  • 2.1.a Design, Implement and Troubleshoot Service Insertion and Redirection for example LB, vPATH, ITD, RISE

2.2 Design, Implement and Troubleshoot network services

  • 2.2.a Design, Implement and Troubleshoot network services for example policy drivenL4-L7 services
3.0 Data Center Storage Networking and Compute 23% 26% Show Details
4.0 Data Center Automation and Orchestration 13% 14% Show Details
5.0 Data Center Fabric Infrastructure 18% 14% Show Details
6.0 Evolving Technologies 10% N/A Show Details

 

To learn about RISE (Remote Integrated Services Engine), please see: http://www.cisco.com/go/rise

To learn about ITD (Intelligent Traffic Director), please see: http://www.cisco.com/go/itd

http://blogs.cisco.com/datacenter/itd-load-balancing-traffic-steering-clustering-using-nexus-5k6k7k9k

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,