BRKARC-2014NFVBrnach

.pdf
Branch Virtualization The Evolving NFV Landscape Matt Bolick - Technical Marketing Engineer BRKARC-2014
Branch Service Virtualization Motivations UCS E-Series Open Service Containers Enterprise NFV Enterprise Network Compute System Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The Lean Branch Office Balancing IT Efficiency and User Experience All servers local No reliance on WAN Complexity, high cost Service guarantees Full - Service Branch Data Center/ Cloud WAN/Internet Branch Office BRKARC-2014 5
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The Lean Branch Office Balancing IT Efficiency and User Experience No local servers Full reliance on WAN Simplicity, low cost No service guarantees Serverless Branch Data Center/ Cloud WAN/Internet Branch Office All servers local No reliance on WAN Complexity, high cost Service guarantees Full - Service Branch Data Center/ Cloud WAN/Internet Branch Office BRKARC-2014 6
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The Lean Branch Office Balancing IT Efficiency and User Experience No local servers Full reliance on WAN Simplicity, low cost No service guarantees Serverless Branch Data Center/ Cloud WAN/Internet Branch Office Lean Branch Data Center/ Cloud WAN/Internet Branch Office 4-5 local servers Full reliance on WAN except for mission-critical applications All servers local No reliance on WAN Complexity, high cost Service guarantees Full - Service Branch Data Center/ Cloud WAN/Internet Branch Office BRKARC-2014 7
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public The Lean Branch Office Balancing IT Efficiency and User Experience Lean Branch Data Center/ Cloud WAN/Internet Branch Office 4-5 local servers Full reliance on WAN except for mission-critical applications BRKARC-2014 8
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Motivation for Virtualization in the Branch Physical Branch Long, Expensive Roll-Outs Under Utilization Inflexibility Virtualized Branch Service Agility Efficient Resource Utilization Opex Savings BRKARC-2014 9
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Increase revenue by accelerating delivery of new and differentiated services Provide on-demand service delivery through customer self-service portals Reduce Op-Ex & time-to-service from months to weeks NFV Benefits Reduction of network elements to manage & deploy Operational efficiencies through virtualization Service Elasticity & Automated Network Operations Deployment of best-of-breed Reduce upfront Cap-Ex Improve Asset Utilization Enterprise Service Provider BRKARC-2014 10
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Levels of Network Function Virtualization Integrated Services ISR4K + Service Containers (KVM/LXC) Native ISR Services + NFV Flexibility Reliability with Open Service Hosting Integrated Services with Dedicated Server ISR4K + UCS C/E Series Native ISR Services + NFV Hardware Separate Administration Domains Fully Virtualized Branch General Purpose X86 Compute Full Service Virtualization Best-of-Breed Service Options
UCS E-Series
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco End-to-End Solution Cisco UCS B-Series and C-Series for Data Center; UCS E-Series for Branch Location-Suitable Form Factors, Consistent Device Management Cisco UCS ® B- and C-Series This unified compute platform offers infrastructure consolidation in the data center. These servers offer innovative virtualization, memory, provisioning, I/O, and management capabilities. Cisco ® UCS E-Series Servers This residual compute platform offers all-in-one device convergence that facilitates centralization of branch applications into the data center. WAN/Internet Branch Office Data Center/Cloud Address WAN-induced performance, availability, and compliance challenges. Consolidate Infrastructure Centralize Applications Support User Experience BRKARC-2014 14
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco UCS E-Series DC-class Servers Cisco ® UCS E160D Double-Wide Service Module VMware, Hyper-V, Citrix certified Intel E5 6 core processor 96GB DRAM Cisco UCS E180D Double-Wide Service Module VMware, Hyper-V, Citrix certified Intel E5 8 core processor 96GB DRAM Cisco UCS ® E140S Service module VMware, Hyper-V, Citrix certified Intel E3 4 core processor 16GB DRAM Performance Scalability Cisco UCS ® E160S Single-Wide Service module VMware, Hyper-V, Citrix certified Intel Broadwell 6 core processor 32GB DRAM USB 3.0 & 10Gb Interface Intel Broadwell Intel Ivy Bridge Intel Ivy Bridge Intel Ivy Bridge BRKARC-2014 15
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco UCS E-Series Network Compute Engine Cisco ® UCS EN140N NIM network compute module Virtualization enabled Network compute applications - FirePower, vWAAS Cisco UCS EN120S Service module VMware and Hyper-V certified Network compute applications - FirePower, vWAAS Cisco UCS ® EN120E Enhanced HWIC Virtualization enabled Network compute applications - FirePower , vWAAS Performance Scalability Supported on ISR-G2 Supported on ISR4000 BRKARC-2014 19
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco UCS E-Series Servers Support Model Hardware Support Provided by Cisco Cisco UCS ® E - Series hardware supported under ISR G2 SMARTnet ® at no additional cost Hypervisor and OS supported by hypervisor and OS vendor ISR Cisco ® UCS E - Series Server Module Hypervisor Supported by Cisco SMARTnet Attached to ISR G2 Supported by OS / hypervisor vendor Purchased separately BRKARC-2014 21
KVM Hosting on IOS-XE Routers ISR 4K, ASR1K, CSR1Kv
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Application Hosting Spectrum Different models for different application needs. BRKARC-2014 25 Native Process Very Tight Integration Best Performance LXC Strict Kernel Requirements Good performance with some security Docker Emerging Industry Standard Future Support KVM Any OS Complete separation Linux host OS normally - Type 2 hypervisor Type 1 Hypervisor Service Module Only VMWare, HyperV, Zen...
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public LXC Strict Kernel Requirements Good performance with some security Docker Emerging Industry Standard Future Support Linux Containers Application Hosting Spectrum BRKARC-2014 26
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public LXC Strict Kernel Requirements Good performance with some security KVM Any OS Complete separation Linux host OS normally - Type 2 hypervisor Cisco Service Containers Application Hosting Spectrum BRKARC-2014 27
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public KVM Any OS Complete separation Linux host OS normally - Type 2 hypervisor Open Service Containers Application Hosting Spectrum BRKARC-2014 28
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Linux OS KVM/LXC IOS-XE Software Architecture IOSd Control Plane Cisco Apps (WAAS, Snort) Customer and 3 rd Party Applications Platform - Specific Data Plane AppNav Internal Services Blade (UCS ® E - Series) External Services Blade (UCS) Virtual Ethernet BRKARC-2014 31
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco ISR 4400 Series Architecture Control Plane (1 core) and Services Plane (3 cores) Data Plane (6 or 10 cores) Multigigabit Fabric FPGE ISC SM-X NIM Service Plane (control plane CPU) KVM - Hypervisor Service Container Service containers live here: 75% CPU IOS - XE 25% CPU BRKARC-2014 32
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco WAAS Improve application performance and user experience Virtual WAAS Application acceleration from Private/Virtual Private Cloud VMWare ESX/ESXi and UCS deployments Agile, elastic, multi-tenant deployment vCM: common virtualized management for physical/virtual WAAS ISR-WAAS on ISR 4K Integrated on platform Full Feature Parity Software on-demand provisioning No fork lift upgrade WAAS Appliance Application acceleration Virtual blades in branch offices Scalable platforms for range of deployments BRKARC-2014 34
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Introducing Product Overview Open source intrusion prevention system for real-time traffic analysis Lightweight threat defense for price sensitive customers Integrated in ISR 4K service container IPS/IDS functionality with an IOS IPS look and feel BRKARC-2014 35
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public StealthWatch Learning Network-SLN HQ ISE SCA Branch 1 Branch 2 DLA ISR DLA ISR Distributed Learning Agent Data collection. Netflow, DPI (control and data plane, local states) Analytics and Learning Edge Mitigation programmed/autonomous (police, shape, recolor, redirect) etc.) G2 -> UCS-E blade 4K -> container-based SLN Control Agent Orchestration and interaction with remote DLAs Advanced visualizations Centralized policy Security Management Private/Public Network Network Edge Admin Reputation IoCs ThreatGRID PCAP/Honeypot Context ISE pxGrid BRKARC-2014 37
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Common Open KVM Use Cases General purpose virtual machine with custom and open-source troubleshooting tools. (Wireshark, Speedtest, etc.) Troubleshooting VM Common network functions such as Print Server, Domain Controller, File Storage, etc. Network Functions Network Analysis and Application Performance Monitoring without a dedicated probe. Analytics Augment the capabilities of the host platform in some way. (Custom encryption, business- based routing, specialized API interface) Device Customization BRKARC-2014 38
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ThousandEyes View Across Internal and External Networks Hosting / SaaS Provider 3 App Delivery: Website, CDN, DNS, ISP 4 Internet Security: DNS, BGP, DDoS Enterprise Agents Branch Data Center Internet Consumers Cloud Agent 1 Network Ops: WAN, VoIP, DCs 2 Cloud Migration: SaaS and IaaS BRKARC-2014 40
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ThousandEyes Troubleshoot, Monitor, Resolve Hop-by-hop path visualization from monitoring agents to cloud hosted or internal services Actively monitor and troubleshoot any network including branch offices, data centers Visualize network and application performance to detect trends and anomalies BRKARC-2014 41
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public STORAGE POWER & COOLING SERVER NETWORK DATABASE CLOUD USER EXPERIENCE APPLICATION MONITOR Predictive Analytics SLA Compliance Dashboards & Reporting Intelligent Alerts VIRTUALIZATION BIG DATA MAINFRAME A unified view and architecture to manage your internal and external infrastructure . CA Unified Infrastructure Management Unified IT Monitoring Providing Broad Coverage BRKARC-2014 42
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UIM Reference Architecture KVM Relay Hub KVM Polling Robot ISR 4400/4300 KVM Relay Hub KVM Polling Robot ISR 4400/4300 KVM Relay Hub KVM Polling Robot ISR 4400/4300 Location 1 Location 2 Location 3 Servers w/Robots Network Infrastructure Servers w/Robots Network Infrastructure Servers w/Robots Network Infrastructure UIM CORE UIM Portal UIM DB UIM Primary HUB Recommended Probe Technologies included with ISR UIM OVAs: CDM/RSP SNMPC UCS URL Response Net Connect DNS Response XenApp e2e appmon Virtual Image Requirements: Relay Hub: 1 CPU - Quad Core, 8GB Memory. Redhat/CentOS 6 or 7. Polling Robot: 1 CPU - Quad Core, 8GB Memory. Redhat/CentOS 6 or 7. BRKARC-2014 44
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Network Discovery, Operation and Management Open application built without any Cisco involvement. Terrific option for low-footprint branch management. Ned.io - Open Source Service Container http://www.nedi.ch/running-nedi-on-a-cisco-router/ BRKARC-2014 45
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Open Service Container Support Model Linux OS KVM/LXC IOSd Control Plane WAAS Customer and 3 rd Party Applications Platform - Specific Data Plane Virtual Ethernet Cisco Support: Call TAC and they'll help you out. BRKARC-2014 62
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Open Service Container Support Model Linux OS KVM/LXC IOSd Control Plane WAAS Customer and 3 rd Party Applications Platform - Specific Data Plane Virtual Ethernet Third Party & Community Support: TAC will redirect you. Cisco Devnet Provides: Community support for developers Documentation Developer Tools Access to Cisco Engineers Sample open source VMs Share open source projects Examples from Cisco Engineers BRKARC-2014 63
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public More Information Cisco DevNet Online community for developers Direct access to Cisco Engineers and Product Teams Repository of how-to guides, best practices and sample code This will be the primary source for Service Container information and sample OVAs Due to Cisco support requirements, VMs will not be posted to Cisco.com directly. Keep an eye out for a Service Container Hackathon with fabulous prizes! https://developer.cisco.com/site/kvm BRKARC-2014 65
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Links WAY MORE INFO: What the Heck is a Service Containers? (blog) http://cs.co/9006BnlDC An Introduction to Service Containers (Presentation) http://cs.co/9005BnlD7 Fundamentals of Service Containers (Techwise Video) http://cs.co/9004BnlDA Wireshark on the Catalyst 4500 http://cs.co/9002BnlD4 Virtual Service Container Config Guide (NXOS &IOSXE) http://cs.co/9001BnlDN BRKARC-2014 66
Enterprise NFV
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public What We Are Announcing DNA Advisor Program Learn | Measure | Assess TrustSec | ISE | Umbrella Wifi | Firepower 2100 ENCS | NGFWv | 3 rd Party Partners DNA Services Advisory | Implementation | Managed | Technical DNA Security DNA Virtualization BRKARC-2014 69
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Different Solutions for Different Folks Cisco Enterprise NFV and Secure Agile Exchange Enterprise NFV Secure Agile Exchange Designed for Branch Environments Co-Location and Data Center Primarily Turnkey Solutions Primarily Bespoke Deployments Familiar Look-and-Feel to existing branch hardware, and interfaces. Ethernet only with a generic server architecture. ENCS 5400 looks like an ISR CSP 2100 looks like a UCS-C BRKARC-2014 70
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public DNA Virtualization for the Branch Building on Enterprise NFV Central Orchestration and Management APIC-EM | ESA Cisco & 3 rd party VNFs Rich Network Services NFV Infrastructure Software (NFVIS) ISR 4K + UCS-E, UCS-C, ENCS SW Intelligence over HW Platform Freedom of Choice Simple to design, provision and manage Flexibility and freedom of choice Hardware optimized for Enterprise NFV Enterprise Network Compute System(ENCS) Consistent services you can trust NEW BRKARC-2014 72
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Enterprise NFV Network services in minutes, on any platform Cisco Enterprise NFV Network services in minutes, on any platform BRKARC-2014 73
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Enterprise Service Automation Seamless integration with APIC-and Prime Infrastructure Create branch architecture profiles based on Business Intent Intent derived by intelligent template selection based on CVD questions Internet access characteristics Bandwidth Wireless ESA proposes suitable templates BRKARC-2014 75
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ASAv / FTDv vWAAS vWLC ISRv Best-of-breed Trusted Services from Cisco Consistent Software Across Physical and Virtual High performance Rich features End-to-end support Proven software Leader in Gartner MQ #1 unit shipped Superior caching with Akamai Connect Survivability and scale Consistency across the data center and switches Built for small and medium branches Comprehensive protection Full data-center-class featured functionality Designed for NFV Cost-effective with NFV New! BRKARC-2014 76
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Packaged for NFVIS Branch-Specific Features Branch-Specific Pricing Look-and-feel of an ISR 4000 Not available separately Cloud and VDC Deployments Aggregation Use-Cases Flexible Pricing & Packaging Virtual ASR 1000 Series Available on multiple platforms ISRv and CSR Integrated Services Router - Virtual Cloud Services Router BRKARC-2014 77
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Packaged for Branch Network Services Enterprise NFV Infrastructure Software (NFVIS) Network Hypervisor Enables segmentation of virtual networks Abstract CPU, memory, storage resources VNF deployment and update VNF status and monitoring Zero Touch Deployment Automatic connection to PnP server Secure connection to the orchestration system Easy day 0 provisioning Life Cycle Management Provisioning and launch of VNFs Failure and recovery monitoring Stop and restart services Dynamically add and remove services Service Chaining External connectivity and to other services Multiple service access options No hardware offload with UCS Open API Programmable API for service orchestration REST and NETCONF API BRKARC-2014 78
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Freedom of Choice Cisco Intelligent Branch Virtual Router Virtual Services UCS C-Series Enterprise NFV Physical Router Virtual Services 4000 Series ISR + UCS ® E-Series Traditional Physical Router Cisco ® 4000 Series ISR Cisco ONE License Portability Investment Protection Access to Ongoing Innovation Virtual Router Virtual Services Enterprise Network Compute System (ENCS) BRKARC-2014 82
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ENCS 5400 Series 6, 8, or 12-Core Intel Xeon-D 16 - 64 GB DRAM 8 Integrated LAN Ports with Optional UPOE Network Interface Module for LTE & legacy WAN Dedicated Board Management Controller 2 HDD or SSD RAID 0 & 1 Internal M.2 Storage USB 3.0 Storage 2 Onboard Gigabit Ethernet ports with SFP Optional Hardware RAID Controller Integrated Power Supply Optional Hardware Crypto Module Hardware Acceleration for VM Traffic (SR-IOV) BRKARC-2014 83
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 2.0 5 1.9 4 1.5 3 2 1.0 1 0 ISRv Note: No hard limit on number of VNFs. CPU oversubscription is not recommended for production environments. ENCS 5400 Series - Chassis Options ENCS5412 12-Core ENCS5408 8-Core ENCS5406 6-Core CPU Clocking GHz Throughput ratio VNFs BRKARC-2014 84
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Services for Enterprise NFV Cisco Enterprise NFV Advise and Implement Service Cisco Solution Support for Enterprise NFV Customized Design Validated Solution Accelerated Adoption Reduced Risk Primary Point of Contact Deep Solution Expertise Coordinates Between Key Vendors Manages Case to Resolution NEW NEW BRKARC-2014 85
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Retail Banking 200 Locations Multiple Applications & Functions Multiple Internal Groups Customer Story Enterprise NFV Goals: 1. Refresh 2. Consolidate 3. Flexibility 4. Bonus: Future-proof
Large Retail Chain 500+ Locations Evolving Applications & Functions Opex Focused Customer Story Enterprise NFV Goals: 1. Simplify Deployments with PnP & Template Provisioning 2. Longevity 3. Flexibility 4. OpEx Savings
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Managed Service Provider Hundreds of End Customers Large Service Portvolio Long Time to Deploy New Services Customer Story Enterprise NFV Goals: 1. Accelerate Service Adoption 2. OpEx Savings 3. API Integration BRKARC-2014 89
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Best in Class NFV, SD-WAN and Physical & Virtual Platforms Flexibility at Every Level Expertise Hardware & Software Designed to work together by the Experts in Branch Networking Services to Tackle any Problem Why Cisco for Enterprise NFV BRKARC-2014 90
Enterprise NFV How-To Videos http://cs.co/90018ueoV Enterprise Routing TME Pirate Video https://www.youtube.com/user/CSCORouting Enterprise NFV on Cisco.com https://www.cisco.com/go/enfv For More Information
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Enterprise Networks Joins Customer Connection Program Virtual Customer User Group Program 19,000+ Members Strong Who can join : Cisco customers & partners Private online community to connect customers with peers & Cisco's Enterprise Networking product teams Monthly technical & roadmap briefings via WebEx Opportunities to influence product direction New member thank you gift * & badge ribbon when you join in the Digital Arcade Other CCP tracks : Security & Collaboration Join in World of Solutions Digital Arcade Customer Connection stand Learn about CCP and Join New member thank-you gift* Customer Connection Member badge ribbon Join Online www.cisco.com/go/ccp Come to Digital Arcade to get your new member gift* and ribbon * While supplies last BRKARC-2014 92
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Complete Your Online Session Evaluation Don't forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations BRKARC-2014 93
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Lunch & Learn Meet the Engineer 1:1 meetings Related sessions 94 BRKARC-2014
Q & A
Thank You
Uploaded by JusticeLeopard1749 on coursehero.com