Co-Authored by David Keith, Senior Marketing Manager – Cisco Cloud Networking
In the quest for agility, flexibility and TCO optimization, Data Center customers are increasingly looking to adopt new multicloud technologies to meet their ever-growing business demands. The boundaries of Data Centers are effectively getting redefined from geographically fixed locations to distributed Hybrid and Multi Cloud environments. This has in turn uncovered the need for network modernization in the form of Multi-Cloud networking.
Modernization of networking infrastructure is happening at an unprecedented rate and Cisco is at the forefront of this market trend. Multi-Cloud networking poses its unique challenge due to disparate APIs across Cloud providers, Cloud specific network constructs, multiple Underlay options with considerations for scale, performance and cost. Customers want a solution which solves their Intra-Cloud, Inter-Cloud and Hybrid Cloud networking challenges in a consistent manner. A need for automated, policy-based solution for connectivity, visibility and troubleshooting across this disparate environment is apparent.
Introducing the Cisco Cloud Network Controller, formerly known as Cisco Cloud APIC.
The Cisco Cloud Network Controller solution has now expanded the Multi-Cloud networking capabilities to VXLAN fabrics thus addressing a broader range of use-cases for On Premises Data Center to Cloud connectivity. This capability delivers on our vision to have a unified Cloud Networking solution with common networking framework for expanding into any On Premises and Public Cloud Data Center.
We have renamed the Cisco Cloud Application Policy Infrastructure Controller (cAPIC) to Cisco Cloud Network Controller to better reflect the generic nature of the solution. The Cisco Cloud Network Controller has evolved its capabilities to connect and automate Multi Cloud networks in a flexible deployment model independent of the type of On Premises fabric that customers are running in their Data Centers.
The following are the net new capabilities supported by the solution, while still connecting to ACI fabrics:
- Support for connectivity and common segmentation between NDFC fabrics and Public Clouds
- Support for managing Brownfield VPCs and Cloud networks
- A new flexible routing and security model which decouples network connectivity from Policy Based Security Group rule management
- Consistent EVPN based connectivity between AWS, Azure and Google Cloud
This marks a big step forward in our Hybrid Cloud capabilities and enables our customers to deploy the solution in flexible ways.
Cisco Cloud Network Controller empowers organizations to securely connect their applications across any cloud. Utilizing native cloud constructs, the solution enables automation that accelerates infrastructure deployment and governance, simplifies management to easily connect workloads across the multifabric, multicloud framework. The Cisco Cloud Network Controller vision is to support enhanced observability, operations, and troubleshooting across the entire Hybrid Cloud network.
Flexible deployment options let organizations configure routing separately from security. This allows enterprises to leverage Cisco Cloud Network Controller to connect their resources, while security is governed by separate teams.
The Cisco Cloud Network Controller along with Nexus Dashboard Orchestrator supports a variety of deployment models to align to diverse customer environments and use cases, including:
- Cloud only
- Hybrid with on-premises Cisco Application Centric Infrastructure (ACI)
- Hybrid with on-premises Cisco Nexus Dashboard Fabric Controller (NDFC)
- Cloud only with connectivity to branch and other external routers
This solution runs natively in public clouds (AWS, Azure and Google Cloud) to provide automated connectivity, network policy translation, and enhanced visibility of workloads in the public cloud. It not only provides visibility into customer’s exiting brownfield Cloud networks but also has workflows to import the network configuration and start managing the brownfield networks. This provides a simplified path for customers to onboard the solution and get started with other use-cases.
The solution is designed to address many use cases, as it is flexible and has open API’s, however, here are some of the key uses we see customers utilizing the solution for:
- Intra-cloud connectivity
Cisco Cloud Network Controller enables organizations to build Intra-cloud networks in minutes by automating cloud-native routing and gateways. Customers can use the solution to build intra-region and Inter-Region connectivity between VPCs. The solution enables following functionalities for customers:
- Extend segments across regions
- Automate route propagation across virtual networks
- Automate L4-L7 service insertion
- Inter-cloud connectivity
Cisco Cloud Network Controller lets organizations significantly reduce the time to build inter-cloud networks, to extend their network across clouds. It supports secure connectivity between clouds, with consistent security and segmentation. The solution supports following features:
- Automate route propagation across clouds
- Extend routing domains and segments across Clouds
- Automate L4-L7 service insertion
- Hybrid cloud connectivity
With Cisco Cloud Network Controller, organizations can build hybrid cloud networks quickly, extending their network across on-premises and public clouds. The solution supports following capabilities:
- Automate Overlay connectivity for different types of Underlays
- Extend routing domains and segments between On Premises and Cloud sites
- Enable consistent networking and visibility between On Premises and Cloud
- External network connectivity
Cisco Cloud Network Controller lets organizations support external network connectivity to branch office, SDWAN fabric and other external routers using standard IPSEC connectivity. This enables
- Standards-based IP connectivity to any network
- Secure connectivity to external network spanning datacenters and branches.
- L4-L7 service insertion
Cisco Cloud Network Controller supports L4-L7 service insertion in hybrid cloud environments, with consistent security and segmentation. It lets organizations:
- Automate firewall and load balancer insertion
- Automatically update routing and security policy to insert L4-L7 services
- Integrate with third-party L4-L7 services and cloud native L4-L7 services
- Brownfield VPC onboarding
Cisco Cloud Network Controller supports brownfield virtual private cloud (VPC) onboarding. Cloud Network Controller allows you to copy configurations from the existing TGW, cloning route tables, and creating new security group (SG) rules. This enables following functionalities:
- Safe and fast migration and rollback
- Ability to use Cloud Network Controller with brownfield environments
Once the brownfield VPCs are imported, the system will start managing the route tables, connectivity for these VPCs.
Solution building blocks
Cisco Cloud Network Controller is a key component of the Multi-Cloud Networking solution and enables automation of connectivity, policy enforcement, and health monitoring and lifecycle management of Cisco Catalyst 8000V cloud routers
The solution includes the following building blocks:
To sum it up
Cisco will continue to deliver on its vision for Hybrid and Multi-Cloud networking. The current capabilities of Cisco Cloud Network Controller are a step forward in the direction of this vision. We will keep adding more operational capabilities and connectivity options as we move forward in this journey.
Take a deeper dive to learn more via the links in our Resources area below.