Elevating the Role of SDN in the Cloud with Cisco ACI 2.0
ACI 2.0 – released earlier this month – delivers strong new SDN and Cloud capabilities. These enable Scale, Cloud Automation, Security & Analytics, as well as Optimized Operations. Yeah, I know that sounds kinda ‘buzzwordy’, but read on and you’ll get a sense for the power that ACI 2.0 delivers.
I’m posting this on behalf of Srini Kotamraju, who is Director of ACI Product Management within INSBU.
As technology megatrends go, both SDN and cloud computing are perhaps considered too mainstream to merit mentions in fashionable “top 10” lists these days. What is not in dispute are the massive investments companies of all sizes are making in both cloud services and SDN to modernize their data center infrastructure and operations. There has been less clarity in how these two technologies inter-relate, either as complementary or even competing approaches. We agree with this analyst and his view that implementing an effective SDN solution in the data center is the path to “cloud networking” that can support resources and services on a massive scale.
In fact, Cisco is delivering on this promise with our newest code release for the Cisco Application Centric Infrastructure (ACI 2.0) that includes a comprehensive set of new features and functionality in both infrastructure and operations. There are notable advancements in this code release across four categories: infrastructure scale, cloud automation, security & analytics, and optimized operations. The key, overarching benefit is that these new innovations will make it easier for our customers to use the Cisco ACI at greater scale to support their applications across both on-prem data center and cloud domains. By doing so, the connection between SDN and the cloud becomes even tighter, resulting in higher levels of efficiency in data center network and resource management. Here’s a brief overview of each:
Infrastructure Scale: Cisco ACI now supports multiple ACI fabrics under a single ACI policy domain, while providing domain isolation of control plane within the pod. Cisco ACI Multi-Pod is an ongoing evolution, which began with single pod, then to stretched fabrics where you could have a single fabric stretch over distance. By going to a multi-pod ACI fabric design, customers gain the benefit of increasing performance and capacity to massive scale with a single management point among the different pods. The flexibility of the multi-pod design opens up a number of deployment models and use cases.
Cloud Automation: Cisco ACI 2.0 also includes a number of cloud automation tools that enable customers to accelerate deployment of applications across multi-hypervisor virtual environments of their choice. Specifically, ACI is now interoperable with the latest tools from VMware automation and cloud management products including vRealize 7.0, OpenStack for VMware, and ACI Plugins for Floating IP, etc. For example, the vCenter plugin in ACI 2.0 is designed to simplify the installation and monitoring of resources between the Cisco ACI and VMware environments. This plugin gives users the ability to easily configure, monitor, and automate the management of ACI fabrics from vSphere environment.
Security & Analytics: Achieving greater levels of visibility throughout the entire infrastructure using better analytics perhaps remains a “holy grail” quest for any enterprise. Security is one, if not arguably the most important, use case of enhanced visibility – supported by the premise that one can’t secure what one can’t see.
Cisco is continuing to innovate in the security and analytics realms in ACI 2.0 with new features such as Copy Service, Port Security, and Permit Logging. Copy Service is a step up from traditional switch port analyzers (SPAN) in terms of making it easier to copying traffic for inspection and analysis through automated replication of target traffic flows, at a granular levels such as End Point Groups (EPG). Copy Service also offers real-time capabilities for troubleshooting, monitoring and analyzing. Permit Logging enables users to get deeper visibility into their traffic flows.
These new ACI features complement breakthrough Cisco innovation in the analytics space that we recently introduced through the Cisco Tetration Platform, which, of course, supports Cisco ACI environments. All of these security and analytics advancements will help ACI users better address their governance, risk management, and compliance (GRC) requirements. These GRC costs have been going up steeply in face of increased regulatory, security and other mandates. Better managing these costs and requirements has become mission-critical for any enterprise today.
Optimized Operations: Optimizing operations is perhaps the hallmark benefit for any SDN deployment that promises to improve data center efficiency and agility. Cisco ACI 2.0 is certainly no exception exemplified by new routing enhancements such as Policy-Based Redirection (PBR), Symmetric Multipath Load Balancing,Layer 3 Multicast and FCoE NPV. ACI policy automation now extends to WAN with OpFlex support for Nexus 7K and ASR 9K platforms, for automation of provisioning and exchange of tenant-specific information across Data Center and WAN infrastructure. In general, these new features simplify operations through more flexible deployment models at scale and by incorporating more automation.
In summary, ACI 2.0 delivers significant capabilities for automation and scaling data center, cloud-based infrastructure through a consistent policy framework. It intersects the capabilities of both SDN and the cloud, driving value in both environments. For more information about ACI 2.0 features please visit the ACI home page. ACI customers can download the latest software from the links – Cisco APIC 2.0(1m) and Cisco NX-OS 12.0(1m).