Cisco Blogs
Share

Executing on Our Vision and Strategy: The Future of Networking for an Application Centric World

- December 3, 2015 - 3 Comments

We shared our vision for the future of networking over a year and a half ago.

Today, we continue to execute on our vision and strategy. Our customers and partners continue to derive the value of these innovations to the fullest potential.

We are extending our leadership in SDN with the most complete solution portfolio today, driving choice in automation and programmability for our customers. Solutions based on open APIs, standards and a broad ecosystem for three approaches: programmable networks, programmable fabrics and a turnkey approach with Cisco Application Centric Infrastructure (ACI).

Cisco ACI continues its focus on three primary areas: (1) automation through policy; (2) consistent support for physical, virtual and containers; and (3) open, standards-based with embedded security. Add a centralized pane of management, scale, and a broad and deep ecosystem, and you have 1100+ satisfied customers, and the 2015 Best of Interop in SDN category (my sales plug…).

The future of networking is here. We’ve created an infrastructure that is hypervisor agnostic, with the most advanced security enforcement capabilities on the market today. Manage your entire fabric with a familiar user interface. And manage policy across any endpoint group – physical, virtual, and containers with a consistent security posture.


Extending cloud automation and security

Security remains top of mind for our customers.

With our latest software release for ACI, we extend beyond ACI’s current policy segmentation capabilities. Now we are delivering micro-segmentation functionality for VMware vDS, Microsoft Hyper-V virtual switch and bare-metal endpoints, allowing for:

  • Hypervisor-agnostic granular endpoint security enforcement
  • Workload isolation within the same policy group (Intra-EPG endpoint isolation)
  • Quarantine compromised or rogue end points based on virtual machine attributes (such as VM name, Guest OS, etc.) and/or network attributes (IP/MAC, etc.) – preventing security threats from moving laterally within the data center
  • Dynamic enforcement of forwarding and security policies that track workload mobility

On the cloud automation front, we’ve expanded our support for full policy-based cloud automation tools with VMware vRealize Automation and OpenStack deployments. And ACI policy is now extended directly to the hypervisor using open standards-based OpFlex on Open vSwitch (OVS). In fact, Sungard Availability Services provides a highly scalable OpenStack-based cloud platform offering managed network services using Cisco ACI and Group-Based Policy.

Broader ecosystem support and operational flexibility

Customers continue to tell us they want flexibility. An open system that allows them to work the way that best fits their business needs.

We lead the industry with over 47 ecosystem partners for ACI. We welcome four new members focused on expanding complete application and cloud services for ACI deployments: Apprenda, KillerIT, One Convergence and ScienceLogic. By taking advantage of ACI’s southbound and northbound APIs, they can all deliver greater business benefits to their customers.

Cisco extends policy automation from physical bare-metal and virtual environments to Docker containers by launching Cisco ACI integration with Linux container networking. This powerful integration is a natural fit with policy and the lifecycle of containers: as containers elastically scale out an application, Cisco ACI seamlessly enables policy and contracts across the whole network fabric to add and remove configuration. The policy is enforced on the hardware, and its resources are optimized, matching the container networking lifecycle.

Adding container networking integration allows Cisco ACI to be the enabler between multi-hypervisors, bare-metal, L4 to L7 services, orchestrators and now containers. To learn more about enabling container networking through policy with ACI, please read Integrate Cisco ACI with Docker Containers or watch our video Cisco ACI Integration with Docker.

We heard you. To provide more flexibility for customers who need it, we are now introducing two modes in GUI: Basic and Advanced. Our customers have told us they are impressed with the simplicity and flexibility in Basic mode for doing all configurations – like associating VMM domains to ports – as well as the graphical view.

We added flexibility to perform any operation through NX-OS style CLI leveraging APIC as single point of management – providing a single switch view for the entire ACI Fabric.

And given the strong interest from our customers, we are also delivering a VM-based ACI simulator to use as a tool to plan out their ACI deployments and future upgrades.

Enhanced application mobility and disaster recovery

As we stated in our vision one and a half years ago, we are now delivering consistent policy driven automation across multiple data centers to enable application mobility and disaster recovery.  The new Multi-site app in ACI toolkit delivers policy synchronization – bidirectional – between multiple data centers to enable application mobility and disaster recovery for our customers.

For those of you using Open NX-OS, we are pleased to announce the launch of the Open NX-OS Developer Community. This site is a one-stop solution to access all of the Open NX-OS Open Source resources and connect with programmability experts across the globe to quickly build highly automated and programmable networks.

It’s time. What are you waiting for? See how Cisco ACI can solve so many of your problems. From network administrators to cloud teams, application teams to security teams – our ACI vision delivers results.

Stay tuned…we have an exciting roadmap ahead for 2016! And as always, we are listening.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

3 Comments

  1. It is a very exciting time indeed! These announcements confirm Cisco's commitment to ACI, we asked for features and Cisco responded.

  2. These are all hugely encouraging developments as far as I can see, addressing concerns from the early adopters and competitive analysis alike. For me, the real exciting times come when we enable the wider enterprise for the same policy application and provide access and security end-to-end. It strikes me that with ISE and APIC-EM we're almost there!

  3. Soni, thanks for the update on ACI; the latest product news is very encouraging. You asked "What are you waiting for?" -- Traditional IT organizations have a significant re-training requirement as their IT environment evolves towards software-defined everything. What's the outlook for ACI-related professional services demand in 2016, or Cisco training and skills certification? My Point: SDN seems like it's still in the early-adopter stage of market development. What's your thoughts?