Are you facing some, or all, of these challenges?
-Host Mobility (w/o stretching VLANs)
-Network Segmentation (w/o implementing MPLS)
-Roles-based Access Control (w/o end-to-end TrustSec)
-Common Policy for Wired and Wireless (w/o multiple tools)
Using Cisco technologies already available today, you can overcome these challenges and build an evolved Campus network to better meet your business objectives.
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Reducing Cost with DNA Automation
1. Karl-Etienne St-Pierre & Nigel Gocan
Systems Engineer
Nov10, 2016
DNA Automation and Evolved Campus Networks
2. Cisco Vision, Strategy, & Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
3. Transform our customers’ businesses
through powerful yet simple networks.
Why
How What
Cisco’s Vision
Cisco’s Enterprise Networking Vision
Overview
5. *Cisco VNI Study 2012
of “things” are unconnected
99%
… but could be!
Traffic Growth
4X
Transition to Cloud*
Mobility
Wi-Fi 50%
of Traffic
(Video over Mobile Devices)*
The Network
MUST Change
to accommodate these trends
Intelligent
Device Growth
2.5/Person
BYOD
Programmable
Simple
Network Trends
Connecting the Previously Unconnected, Growth, and Change
6. Overview – Enterprise Networks Today
LOTS of Functionality …
BUT
LOTS of Complexity …
Can we make Enterprise Networks
simpler, with a similar – or greater –
level of functionality?
7. Source: 2016 Cisco Study
Policy Violations
Due to Human Error
Network Changes
Performed Manually
95%
OpEx spent on
Network Visibility and
Troubleshooting
Traditional Networking CANNOT Keep Pace with the Demands of Digital Business
…and Have multiple Operational Challenges
70% 75%
8. How
can we change the way
we do networking?
Intelligent
Programmable
Simple
9. Strategy
We create solutions built on
intelligent networks that
solve our customers'
challenges
Vision
Change the way the world
works, lives, plays, and learns
Cisco
Vision and Strategy
10. Unlock the Power that Exists
in the Network through
Abstraction, Automation,
and Policy Enforcement
Leverage the
Power of Existing
Distributed Systems
Enable Network Wide
Fidelity to an Expressed
Intent (Policy)
Cisco’s Enterprise Strategy
Overview
11. Country Digitization is Improving Citizen Lives
Increase The Country’s GDP, Reduce Spending and Create Jobs With A Cutting-edge Digital
Foundation
Employment &
Social Inclusion
Public Safety
& Security
Smart City Services
Environmental
Sustainability
Innovation Opportunities
GDP Growth
Peace Keeping
Cyber Security
12. Cisco Vision and Strategy
Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
13. Insights &
Experiences
Drive Business
Innovations
Security &
Compliance
Real-time and Dynamic
Threat Defense
Automation
& Assurance
Speed, Simplicity
& Visibility
The Network Enables Digital Business
Network Requirements for the Digital Organization
Overview
14. Insights &
Experiences
Security &
Compliance
Automation
& Assurance
Drive Business
Innovations
Real-time and Dynamic
Threat Defense
Speed, Simplicity
& Visibility
• Visibility into Users behavior,
Applications, Network performance
• Customer has the elements
to make decisions faster
Abstraction layer
• Abstraction, Intent, Policy Automation
• Verification of Desired Result Assurance
Wi-Fi Core WAN Cloud
APIC EM
Using the Network as a Sensor for
security threats and then Enforce
Compliancy through Segmentation
Network Requirements for the Digital Organization
Overview
Intent Telemetry
15. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
16. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
18. Advanced, Multi-Core,
Feature-Rich Routing Silicon
QFP
QuantumFlow Processor
Fully Programmable: leveraging
the many features of IOS-XE with hardware
performance
Scalable: Massive number of CPU cores
(40/64), abilityto cascade multiple QFPs =
consistent high performance
Advanced on-chip QoS: 100,000+
hardware-based queues, sophisticated traffic
shaping and control
Secure: linkage to high-performance crypto
capability for secure
WAN transport
Extensible Architecture:
ability to scale both up and down—the
foundation for a long-lived family of
high-performance, flexible routing silicon
UADP
Unified Access Data Plane
Flexible, Programmable,
High-Performance Switching Silicon
Fully Programmable:
excellent flexibility, ability to handle
new encaps (VXLAN, GPE, etc.) –
hardware speed, with software elasticity
Scalable: Massive recirculation bandwidth and
low recirculation latency provide excellent
tunneling and services support for traffic flows
Advanced on-chip QoS:
client–level granularity, sophisticated
bandwidth shaping, with integrated
on-chip NetFlow for visibility
Secure: integrated on-chip support
for MACsec encryption (AES-128, CBC)
Extensible Architecture:
ability to scale both up and down –
the foundation for a long-lived family of
high-performance, flexible switching silicon
Virtualization
Physical & Virtual Infrastructure | App Hosting
“People that are really serious about software should build their own hardware”
100% Cisco-developed programmable silicon: unlocking the power of DNA at hardware speeds
Operational and Services Uniformity:
Routing, Switching,
and Wireless consistency
New Foundational Capabilities:
HA and operational leadership, state
decoupling, net database…
Speed of Innovation Velocity:
“Code once and Re-use Many” across
multiple places in the network
Foundation for Virtualization: providing
for network hosting and integration of
virtualized functions
(VNFs, containers)
Platform for the Future:
the “software stage” for the
next wave of Cisco innovation…
IOS-XE
The Evolution of IOS
Taking the Proven Strengths
of IOS to the Next Level
Building on a Strong Foundation
of Hardware and Software Innovation
19. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
20. • Express Business Intent
• Translate into device specific policy/configuration
• Leverage Abstraction (the controller knows about the device specifics)
• Automate the Deployment across the Network
• Insure Fidelity to the Expressed Intent (keep everything in sync)
User policy based on user identity
and user-to-group mapping
Employee
(managed asset)
Employee
(Registered BYOD)
Employee
(Unknown BYOD)
ENG VDI System
PERMIT
PERMIT
DENY
DENY
DENY
DENY
DENY
PERMIT
PERMIT
PERMIT
PERMIT
PERMIT
Production Servers Development Servers Internet Access
Protected Assets
Source
De-coupling of
User Identity and Topology
Much easier to translate business
objectives to network functionality—
Lowers TCO
Configuration
Controller-based AutomationToday
Traditional Traditional
Policy
Traditional
Policy Policy
Policy based Configuration—
Dynamic, able to be automated by the Controller
Over time—Policy grows, static shrinks
Automation
Controller-Led
Networking Deployment
Evolution to a Policy Model
21. Any given “custom”
configuration has a very high
probability of not being tested
exactly as deployed
“individually—as a one off…”
which introduces
potential issues…
Risk Bugs
Uncertainty Problems
Combinatorial Issues…
Trust
Automation
Controller-Led Networking Deployment
The automated configuration deployed by the controller will have gone through…
• Joint development by the Cisco Product Teams, the Architects developing
Best Practices, and the Controller Team – “Blessed Configurations”
• Testing by Cisco’s Solution, System, and Devtest teams
against the deployment use cases developed jointly, above
• And will be deployed by 1000’s, with any unforeseen situations
addressed ASAP due to widespread and standardized deployment
Greatly increased
probability of success
Controller-Led Networking
Bridging the Gap to Increased Success in Network Deployment and Use
22. Analytics
Instrumentation Telemetry Correlation
Measure and Adjust
Click here to Correct
Always Correct this way
(and never ask me again)
Applications
Automated Deployment
Network
Endpoints
Run Reports
Discover user insights
Deliver relevant content
APIC EM
Analytics
Network Data, Contextual Insights
Deploy, Report, Measure, Adjust, Repeat
23. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
25. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
26. jafrazie$ ssh admin@172.27.230.76
admin@172.27.230.76's password:
cho# conf t
Enter configuration commands, one per line. End with CNTL/Z.
cho(config)#
Task
Oriented
Human
Friendly
Easy To
Replay
No
Special
Tools
Software
Unfriendly
Syntax/format
changes
No Common Data
Model
No Error Reporting
Configuration Management
Today
27. Other vendors…
RESTCONF NETCONF gRPC
Data Model
Configuration
Standard
Device
Specific
Device Features
Interface BGP QoS ACL …
Operational
Standard
Device
Specific
Open Device Programmability
Physical and Virtual Network Infrastructure
AutomateSet Get
Open Device Programmability
Overview
29. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Insights &
Experiences
Automation
& Assurance
Security &
Compliance
Network-enabled Applications
Cloud-enabled | Software-delivered
Principles
Cisco Digital Network Architecture (DNA)
Overview
30. Cisco Vision and Strategy
Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
38. Cisco Vision and Strategy
Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
39. The Solution – Cisco Multigigabit Technology
Powered by NBASE-T
Delivers up to 5X Speeds in Enterprise without replacing Cabling Infrastructure
2.5-5G!
Cat 5e Cables
WiFi > 1G
Multigigabit
Switch
Multigigabit
Capable AP
Is a game-changing technology
allowing enterprise networks to
evolve beyond 1G
Enables 2.5 and 5 Gbps up to
100m on legacy cables
Supports all PoE standards
up to 60W
Cisco Multigigabit with
42. Cisco Stackwise Virtual
L2/L3Dist-1 Dist-2VSLSW-1 SW-2
Phase 1 - Aggregation
Unified Control and
Management plane
Simplified L2/L3
network designs
Inherits all proven VSS
architectural benefits
High-performance 10G
Aggregation block
Non-oversubscribe :
o 96 x 10G Ports
o 8 x 40G Ports
Fully Distributed
Forwarding
Non-stop business
communication with
Cisco NSF/SSO
Proven 1+1 HA
architecture
Next-gen In-service
Software upgrade ready
Etherchannel – up to 4p
(8p future)
Flexible design on all
next-gen UADP based
systems
Elastic topology
design – Hub/spoke,
Ring, Chain
Simplification across
multiple network
layers
Based on next-gen OS
– IOS XE Denali
Rich IOS feature sets –
L2/L3, Routing,
Multicast, QoS, etc.
ACTIVE HOT-STANDBY
SW-1
WS-C3850-48XS | 96 x 10 Gigabit Ethernet | 8 x 40 Gigabit Ethernet
Simple Scale Resilient Flexible Advance
Distributed stacking will support 16.1 feature parity during FCS. Please check release notes for compete details.
43. Cisco Vision and Strategy
Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
44. Use best-practices, policy-
based provisioning across the
network
Look at the entire wired,
wireless and WAN network
that is managed as a single
entity
Quickly enable services by
using open APIs across a
services ecosystem
Fabric Key Benefits
Ensure Policy Compliance
Find Any User or Device
with a Network Search
Launch Secure
Services Faster
Secure, Policy-based
Segmentation &
Automation
Complete Network
Control & Assurance
Fast Easy Service
Enablement
Assure performance of
mission-critical applications
46. Controller-based Management
Fabric Orchestration and Visibility
Single User Interface for Fabric Management
Cisco Fabric Vision
Underlay, Overlay, and Controller
APIC-
EM
Programmable Overlay
Connects Users and Devices to each
other, w/ policy control
Standards-based control plane (LISP)
Standards-based data plane (VXLAN)
Prescriptive Underlay
Connects the network elements to each other
Automated, standardized deployment and operation
Leverages existing network topologies
(not restricted to spine/leaf)
Cisco Internal Use Only – Do Not Distribute Externally without NDA
48. Cisco Vision and Strategy
Digital Transformation
Digital Network Architecture – Overview and Components
DNA in Action – Programmable Hardware
Catalyst platforms
DNA in Action – Network Fabrics
Summary
Agenda
49. Automation
Abstraction & Policy Control from
Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Cloud Service Management
Policy | Orchestration
Virtualization
Physical & Virtual Infrastructure | App Hosting
Analytics
Network Data,
Contextual Insights
Network-enabled Applications
Cloud-enabled | Software-delivered
New!
Enterprise NFV
Branch Service Virtualization
Controlled Availability, March 2016
New!
New!
Available on DNA-Ready Infrastructure through Cisco ONE Software
APIC-EM Automation Platform
Completely New Platform
Available Now
Base Automation: Plug and Play
Available Now
Cloud version Controlled Availability, May 2016
Policy Services: IWAN App & EasyQoS
Available Now | March 2016, respectively
CMX Cloud
Presence Analytics and Connect
Available Now in US, April 2016 for ROW
Available Now / Soon – Cisco DNA Innovations
50. Base
Automation
Immediate value to
existing network
Policy
Services
Active control for critical
use cases: Network,
Collaboration
Advanced
Security
Network as a Sensor
and Enforcer
Complete
Software Control
End-to-end policy-
based automation
Digital
Services
Support lines of business:
analytics, IoT
Cisco ONE Foundation Cisco ONE Adv. Applications Cisco ONE ELA
Cisco DNA –
The Journey Starts Now