Cisco Blogs


Cisco Blog > Data Center and Cloud

Security Policies Made Easy in New Virtual Network Management Center 2.0

August 27, 2012 at 5:00 am PST

As VMworld swings into high gear on a bright Monday morning in San Francisco (well it promises to be bright, once the sun comes up here), we continue our series on the virtualization product updates we are unveiling this week (see earlier news on the new Nexus 1000V and the ASA Cloud Firewall). One of the exciting new components of our Nexus 1000V virtualization stack is the Cisco Virtual Network Management Center (VNMC) 2.0, part of the Intelligent Automation portfolio.

VNMC 2.0 is a template-driven policy management tool that is now bundled with Cisco Virtual Security Gateway (VSG) and Cisco ASA 1000V Cloud Firewall. This new release now has expanded capabilities to configure the security of your virtual cloud environment. Because VNMC 2.0 is such a step up from prior releases, and fewer people are familiar with its functionality, this is going to be a bit longer of a post than usual (but with lots of screen shots).

Let’s take a look at some of the key VNMC features and how it works with the two virtual firewalls:

Resource Objects for ASA 1000V

Cisco VNMC abstracts the devices it manages. As part of provisioning, devices are configured to point to Cisco VNMC for policy management. Cisco VNMC discovers all devices and lists them under the Resources pane. In addition to the ASA 1000V, the Resources pane has other resources such as Cisco VSGs, VSMs, and VMs.

VNMC screen shot
Read More »

Tags: , , , , , , ,

Good post on cloud journeys: crawl, walk, run

Cloud is a journey. This post discusses our approach to crawl, walk and run.

A cloud architecture has multiple facets and requirements, a key part of which is the need for cloud orchestration and provisioning, coupled with a self-service end user portal.  Let’s call this “Cloud Automation” for now.  If you are designing and/or building a cloud, then, part of your work will be to deliver a cloud automation solution to deliver on that promise.  How do you plan to go about that?  One approach is to define your extensive list of requirements, based upon your business needs and current capabilities, and go about building out that solution.

Another approach is what I’ll call “Crawl Walk Run”.  The incremental approach.

Post is here.

Cloud is a change to the operational model: a change in behavior, accounting, process and people. You can’t do it overnight. Trying to deliver every service doesn’t work.

It’s very important to set a roadmap of where you want go with your cloud services so you don’t get stuck in the VM Azores — this is where all the focus is on VM provisioning and then you deploy technology that does that. And only that.

You need that roadmap of services and a technology platform that supports your vision. Even if all you first is crawl.

 

Tags: , , , , , , ,

Crawl, Walk and Run Your Way to Cloud Automation

August 8, 2012 at 6:54 am PST

Stretching the Olympic theme of my previous blog, where I used the analogy of a 100m sprinter and his backup team to introduce the new Cisco Intelligent Automation for Cloud Deployment Services, I’d like to now discuss how to roll out new cloud projects in the data center.  Thinking again about  a team of Olympic champions -- and the Team GB (Great Britain) cycling team, illustrate this principle so well -- with their fabulous winning streak, not least the incredibly exciting keirin event win by my countryman Sir Chris Hoy (yes, fellow Scot, however that’s where the association ends :-) ).  Such teams don’t often win with a “big bang” all-at-once, approach.  Their training and successes usually builds incrementally, over several years and phases.  

In the case of Team GB Cycling, they have developed from  practically “also rans” in 1998 to consistent world beaters in Beijing 2008 and now London 2012.  They have improved incrementally, event by event, year by year, demonstrating incremental successes as they went along, to be world beaters.  In essence, they have used an approach we in Cisco sometimes call “Crawl, Walk, Run”, illustrating the progress to success.  From my experience over the past 25 years in IT, there are big lessons here for IT project delivery.  Let’s use a Cloud Automation project as an example.

Read More »

Tags: , , , ,

The Road to PaaS. What’s Post-IaaS – Network thoughts

Recently, I wrote an article on PaaS for IT BusinessEdge entitled the road PaaS, understanding your post IaaS options.  Here’s an excerpt.

The Road to PaaS

PaaS is an enticing proposition that has generated a lot of market buzz.

But PaaS forces tradeoffs and it shouldn’t be seen as a one-size-fits-all proposition.

To understand, I like to draw the distinction between what I call “Silicon Valley PaaS” and “Enterprise PaaS.” The majority of the discussion in the market today revolves around the Silicon Valley PaaS pattern, which is a truly abstracted “black box” approach to software platforms.

This form of PaaS exposes a set of standardized services to which you write your applications, completely sheltering developers from the underlying complexity below the PaaS abstraction.

It makes a lot of sense for brand-apps built with modern frameworks like Python and Ruby in greenfield development environments that are highly standardized.

The basic premise of the post is that PaaS for an enterprise is VERY different from PaaS for a Silicon Valley start up. And nowhere is it more  different than in the network requirements.

The PaaS customer is a developer who will code an application, use the underlying services offered by the PaaS stack, such a database, storage, queueing, etc.  The developer deploys the code, selects a few options and code is live.

So what’s going on with the network? Well, the PaaS layer will need to auto-scale, fail-over and deliver performance at some level. It may need it’s own domain as well. That PaaS layer will need to talk to underlying network services such as firewalls, switches, etc.  That PaaS really needs access to infrastructure models that deliver network containers to whatever PaaS abstraction the PaaS layer has.

Hard enough to do when all the containers are the same, as it would be in a Silicon Valley PaaS offering.

It doesn’t work with the existing enterprise platforms.  This is a big opportunity for innovation

Tags: , , , , , , ,

Accelerate from the Starting Blocks with Cisco Intelligent Automation for Cloud

July 27, 2012 at 5:39 am PST

As the London 2012 Olympics kicks off today, the 100m sprint event will be one I’ll definitely be watching on TV.    And with Cisco as the Official Network Infrastructure Supporter for London 2012 - an event that is generating huge excitement here in Cisco UK and Ireland as well as Cisco globally, let me use an Olympics analogy to illustrate how Cisco Services helps you accelerate deployment of our recently announced Cisco Intelligent Automation for Cloud Starter Edition, described in excellent detail by my good colleagues Wayne Green and Jason Schroedl.

The Acceleration is in the Preparation

The Acceleration is in the Preparation

While the 100m sprint will (hopefully!) be won in a sub-10 second time, without doubt the winner will have taken much, much longer in preparation.  Like all the Olympic sports, the 100 sprint is an event where the participants will have prepared for several -- if not many --  years.  They are at the top of their game.   As I learned recently in a seminar at our Cisco Scotland office with Olympic medal winners Roger Black and Steve Backley, what is maybe not so visible is that they all have an extensive team behind them, helping them deliver that fantastic time.  And despite their own expertise, commitment and talent, they will have called on specialist expertise -- physios, expert trainers, even sports psychologists -- to help them accelerate from those starting blocks and over that finishing line in record time.  And for those competitors participating for the first time in such a major event, this background team will be all the more important in helping them develop their race plan.

So now onto cloud automation, and how Cisco Services can -- in an analagous manner -- help you accelerate from the starting block with Cisco Intelligent Automation for Cloud Starter Edition ….

Read More »

Tags: , , , , , ,