Application Centric Infrastructure (ACI) Includes Strong Ecosystem for Security and Network Services
When Cisco designed the concept of an Application Centric Infrastructure, we knew it wouldn’t reach its full potential without drawing in a very comprehensive ecosystem in a number of areas. Perhaps the most impressive aspect of our announcement was the breadth, quality and scope of the data center infrastructure vendors that we aligned so quickly with our ACI vision and that contributed their perspectives to the launch, and will be contributing key solutions to Cisco’s infrastructure-wide vision.
Yesterday, I blogged about the role of application controllers, network monitoring solutions, WAN optimization, firewalls, etc. have in setting up application networks, provisioning applications, and how the ACI policy model incorporates these security and services solutions. I wanted to follow up that post with some highlights from the support we received from some of our ACI ecosystem vendors in this area, that incorporate ACI policy support into their security, application delivery controller, load balancing and other solutions.
Abishek Chauhan, CTO, NetScaler Product Group, at Citrix posted a nice blog on how Citrix will integrate ACI into NetScaler application delivery controllers, and recounted how much synergy Citrix and Cisco have developed in multiple areas in the past year. Abishek sums up the product integration story nicely:
A collaboration between Citrix and Cisco can allow the Cisco Application Policy Infrastructure Controller (APIC) to become the control and automation framework with Citrix NetScaler providing several of the application services.
APIC enables a policy-driven service insertion solution that automates the step of routing network traffic to the right services based on application policies. The automated addition, removal, and reordering of services allows applications to quickly change without needing to rewire, reconfigure or relocate resources and services. This is policy that evolves with the application in a topology and location independent fashion.
Citrix NetScaler works in the APIC environment in an integrated manner providing Layer 4-7 services such as load balancing, application acceleration, optimization, and application security.
Detailed solution brief for Citrix and ACI is here.
John McAdam, chief executive officer of F5 Networks, had this to say about ACI and how they see it integrating and benefiting their Synthesis architecture for software defined application services (SDAS):
“Cisco’s Application Centric Infrastructure approach provides our joint customers with greater IT agility and data center automation. The application policy model is aligned with our customers’ business objectives and with F5’s approach towards both application-aware networking and open, programmable fabrics. By integrating F5 Synthesis into the Cisco ACI fabric, we could support accelerated application deployment and enhanced visibility with best-in-class application delivery services for both physical and virtual applications.”
F5’s Lori McVittie also contributed a great blog post where she touches on the ACI service insertion technology I talked a bit about yesterday, as well as the benefits for customers of the integration of Synthesis and ACI:
Cisco ACI provides a groundbreaking service insertion framework that allows automated service injection, network stitching and orchestration that reduces the complexity and brittle nature of traditional architectures. The Application Policy Infrastructure Controller (APIC) provides centralized service automation and policy control for network and F5 Software Defined Application ServicesTM (SDAS) delivered via F5 SynthesisTM.
An integration of APIC and F5 Synthesis, could help IT organizations to deliver application centric, service enabled network and application service automation in existing and next-generation data centers. A joint solution would support virtual workload mobility and continuous delivery of applications without compromising on consistent, scalable network and application services.
Detailed solution brief for F5 and ACI is here.
It was a pleasure for Symantec to join John Chambers on stage in New York today for Cisco’s Application Centric Infrastructure (ACI) and Nexus 9000 series launch. ACI represents a big step forward for our industry, enabling IT to automate provisioning of applications down to the network layer, and monitor the health of those applications from the infrastructure up – all through a single pane of glass.
Point solutions can’t do the job anymore. An infrastructure-wide architectural approach is required for a new generation of applications and data center services. Our customers need protection and integration at every part of the chain. What we’re sharing today will solve a growing problem for organizations that need to ensure the safe and successful flow of information in this new application-centric networking and datacenter environment.
At Symantec, we’re driven by a simple vision: free and safe flow of information that drives people, businesses, and governments forward. And we’re relentless about protecting this information. It’s simple: we live in a world where information fuels progress – and if we can’t protect our information, we risk losing everything. Cisco’s ACI is well-aligned with that vision and a great opportunity for us to further our vision with customers.
Another critical partnership area for ACI is in network monitoring and analytics.
Emulex posted a blog this week on how ACI complements their line of network monitoring and recording products:
The benefits of the ACI approach is to better align fabric automation with application and business policies, and to extend the application policy model to network, security, application, compute, and storage.
As a valued Cisco ecosystem member, Emulex network monitoring and recording products are aligned with the ACI vision, to provide solutions that bring network visibility back from obscurity. With the ability to monitor 100 percent of all network traffic and NetFlows, our solutions allow network and security teams to intelligently gather the information needed to troubleshoot network and application performance issues, identify vulnerabilities in security compliance and security breaches, so that they can be addressed quickly, while determining the root cause of those issues.
Splunk, another infrastructure monitoring and analysis solution also posted a blog on ACI. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data.
This is a great day for computer networks! Today, Cisco announced their new Application Centric Infrastructure, which consists of a new Nexus 9000 switch product line, the Application Policy Infrastructure Controller (APIC), and major enhancements to their NX-OS embedded operating system. If you want to read between the lines of the press releases, the terms you need to understand are “open” and “ecosystem”. It’s these terms that are most interesting to us at Splunk, and help to paint a picture showing how our technologies and Cisco’s can combine in the future.
So let’s parse things a bit to help you understand how Open and Ecosystem will lead to greater operational intelligence for your data center. Open is about accessibility and about visibility. With the advent of ACI, you will be able to tie business objects, like an application or a service, in a very dynamic and programmable fashion, to the low-level network constructs like VLANs and firewall rules that used to be walled off by the traditional silos seen in almost every IT organization.
You can tell the policy controller (using your favorite scripting language or devops configuration management tool) “my web service requires these network services”. And Splunk, as a part of the Ecosystem of partners who are working with Cisco, will help you derive greater value and efficiency in your datacenter. Of course, we’ll do that by combining ACI, which gives you that tight coupling between applications and the network, with our platform to turn machine data into operational intelligence.
The ACI ecosystem also includes partners that represent converged infrastructure platforms, hypervisor vendors, orchestration stacks, enterprise applications and more. And we expect the whole ecosystem will be expanding from launch now, going forward. The partners that have traditionally been securing, optimizing and monitoring applications, already with a very application and application services-oriented approach, to provide the strong endorsement for ACI and how quickly they aligned with our vision is very telling for how successful we expect ACI will be in the future.
I’ll be back posting next week with more details on the virtual network edge in ACI and the Application Virtual Switch (AVS). Stay tuned…
Watch a partner video montage here: