The Future of Work is Here – and it’s Hybrid

We are excited to be announcing a new blog channel for Cisco – we don’t do this often but believed it was necessary to have a space to tell stories that cut across people, technology, and spaces in one place. In this “Future of Work” channel we’ll be highlighting trends, solutions, and any relevant and interesting topics with a goal of making your journey to great work experiences faster, easier, and more rewarding.

Next week will be our Cisco Live USA event, starting on June 4, 2023 . Whether you are attending in-person in Las Vegas or digitally,we’ll talk about the Future of Work in various sessions and showcase technology solutions live, both in our partner areas and the Cisco Solution Showcase.

One of the big questions we wondered about last year at Cisco Live was the extent to which “hybrid work” – as in the flexibility to work remotely or in the office – was truly here to stay, or if employees would all come back to the office?

The data indicates that – at least in the USA – that about 30% of work days are being taken at home.

[Source: WFH Research January 2023]

Based on this we’re confident that there will be remote workers, at least for the foreseeable future. Employers are also now starting to make the connection between great hybrid work experiences, achieving corporate sustainability goals, reducing real estate space needs, and the role technology plays in it all going forward. This means investing in the right security, collaboration tools, and network to ensure that teams are empowered no matter where their members are located.

Source: cisco.com

Continue reading

Deliver the Experience Your Customers Want with a Data-Informed Hybrid Work Strategy

Introduction: The Evolution of Hybrid Work

While hybrid work is not a new concept, it continues to evolve as we gather more information about employee work preferences and customers’ workplace and real estate goals. At Cisco, we leverage the insights gained from our own hybrid work environments, including our offices and collaboration centers, to shape our approach. In this blog, we will focus on two of our Hybrid Work building pillars—supporting hybrid work and digitizing real estate—and how data plays a vital role in optimizing workspaces. The remaining pillars, corporate sustainability and employee health and wellness, will be covered in our next blog.

The four pillars and corresponding data points for our latest Hybrid work office transformation in Atlanta

Support Hybrid Work: Designing Spaces that Matter

Even as employees return to the office post-pandemic, companies are reconfiguring their real estate portfolios to align with their return-to-work strategies. Cisco has been proactive in reimagining the workplace by investing in collaborative hubs and, in some cases, downsizing office spaces to prioritize other areas.

Toronto & Chicago

Our hybrid work journey began with the design of an innovation center in Toronto, aimed at inspiring innovation and investment in Digital Transformation. This office, although constructed before the pandemic, marks some of our first steps in creating smart and collaborative workspaces. By leveraging a single converged network powered by Power over Ethernet (PoE) technology, we connected people, processes, and data, enhancing productivity and optimizing energy usage. Over time, we made adjustments to the space based on insights gathered, including downsizing the overall floorplate. Today, the Toronto office serves as a studio to educate people on the hybrid work journey.

In Chicago, our office layout was designed to accommodate a pre-pandemic work environment, with employees spending more time in the office. The majority of the layout was dedicated to “me” spaces (70%), such as personal offices and individual workstations, while the remaining portion focused on “we” spaces (30%) to foster collaboration. This office serves as a showcase for Cisco’s technology and collaboration devices, furthering our hybrid work journey.

Penn1 & Atlanta

Throughout each these projects and our work -from-home experiment during the pandemic, we collected significant data to inform our future space designs. A 2021 Cisco Employee Survey revealed that 81% of our employees preferred to work outside the office for 3 to 5 days per week, with office visits primarily driven by learning and collaboration needs.

Armed with these valuable insights, we incorporated these findings into our subsequent major office transformations, including PENN1 in NYC and our latest office in Atlanta. In these locations, we purposefully designed specific spaces such as hot desks, huddle rooms, and collaboration areas to align with the identified trends and utilization patterns of our offices. Each of these offices were meticulously configured with layouts and technology to enhance productivity and collect valuable data for ongoing support of hybrid work. At both, Penn1 and Atlanta, our commitment to hybrid work is evident in the deliberate reduction of space to meet workforce capacity, utilization of collaboration technology, video-enabled environments, prioritization of collaboration spaces over individual workstations, and the elimination of personal offices.

The PENN1 office follows a 30% “me” space to 70% “we” space ratio, which is the opposite of what our pre-pandemic offices were designed for. With the development of our latest office in Atlanta, the ratio of “me” to “we” spaces is now 10% to 90%. This clear shift reflects our data and observations on how people now utilize office space. Hybrid work means going to the office to collaborate with others, rather than focusing on individual tasks. The choices we made in our office designs demonstrate our dedication to creating environments where teams can thrive, engage in meaningful learning, collaborate seamlessly, and drive innovation.

Digitize Cisco Real Estate: Leveraging Data for Smarter Workspaces

Building on the previous section, we now explore how data and analytics have shaped Cisco’s decision-making process in creating workspaces that promote collaboration, learning, and productivity. By harnessing insights from various sources, we have been able to optimize the physical environment to align with employee needs and preferences. Here are a few examples of how data and analytics have guided our hybrid work approach.

Cisco Video End Points

Analyzing data from Cisco Video End Points revealed that the average meeting size consisted of 3.7 in-person participants and 2.5 remote participants. Armed with this information, we intentionally designed small collaboration rooms, quiet spaces, and huddle rooms that cater to smaller groups. This approach fosters frequent and effective collaboration within a more intimate setting.

Cisco Spaces

Cisco Spaces is the core of our Hybrid Work strategy, acting as the foundation that brings everything together. It transforms flat floor plans into dynamic and interactive 3D maps, helping us to better understand and strategize for space utilization. We continuously collect data around the clock from our collaboration devices, networking devices, and third-party devices, enabling us to gain valuable insights in real time. This data empowers us to make informed decisions across the many areas of space design, safety, sustainability, and employee health and wellness. Whether it’s reimagining the layout of a room or helping facilities know what rooms to clean based on occupancy, this data provides us with the insights drive an impactful and informed hybrid work practice.

Room Design

By utilizing data from Cisco Spaces, we identified a popular room layout at Penn1—a semi-open space with a high-top bar, low-profile seating, and limited power outlets. This configuration unexpectedly became a preferred spot for employees, encouraging focused collaboration and reducing distractions. Analyzing room utilization data through Cisco Spaces allowed us to recognize the demand for such spaces, leading us to implement similar designs in our latest office in Atlanta.

Employee Data

Industry standards revealed that employees typically visit the office to learn, collaborate, and socialize. This knowledge greatly influenced our space design, resulting in dedicated areas at Penn1 and Atlanta that cater to these functions. From large, connected rooms for training and workshops to smaller breakout rooms for collaboration, our spaces are purposefully designed to support these activities based on employee data.

By leveraging the power of data and analytics, Cisco has made informed decisions about space utilization, room design, and meeting configurations. This optimization not only enhances the physical environment but also ensures that our spaces align with the needs and preferences of our employees, facilitating a seamless transition into the hybrid work model.

You Can Be Next: Translating Data into Action

Now that we have discussed how data informs our approach to hybrid work, you may be wondering how to begin implementing your data-driven strategy. At Cisco, we recognize that smart buildings and hybrid work environments require a network of trusted partners to design, build, implement, and iterate — partners just like you. To get started on developing a data-first approach to hybrid work, consider the following options as your next steps:

1. Schedule a tour: Visit our new offices in Atlanta or PENN1 in NYC to witness firsthand the data-driven approach we have adopted and how it can benefit your customers. If you are an existing partner, reach out to your Product Marketing Manager (PMM) today.

2. Virtual tour: If an in-person visit is not possible, take a virtual tour of PENN1 to preview the capabilities of our smart building approach.

Together, let’s leverage data to create actionable insights and shape the future of hybrid work. By creating workspaces that employees want to return to, buildings that provide the necessary data to adapt to changing needs, and environments that foster sustainability and innovation, we can deliver the experience that both customers and employees desire.

Remember, the future of work is hybrid, and data is the key to unlocking its full potential. Together, we can create workspaces that inspire productivity, collaboration, and success. Let’s embrace the power of data and embark on this exciting journey toward a more connected, smart, and flexible work environment.

Source: cisco.com

Continue reading

Customer Journeys to the Cloud with Cisco and Amazon Web Services (AWS)

Charles Darwin once stated, “It is not the strongest of the species that survives, nor is it the most intelligent of the species that survives. It is the one that is the most adaptable to change.”

The cloud has become one of the key components of the digital transformation process. As a leading provider of hybrid cloud solutions, Cisco can provide customers with effective cloud transformation assistance. This blog explains how Cisco software solutions on AWS can assist customers at every stage of cloud transformation.

Cisco and AWS strategic partnership accelerates cloud transformation

Cisco and AWS have partnered to simplify and accelerate businesses’ journey to the cloud using Cisco software solutions on AWS. Those solutions simplify connectivity, security, and observability, helping customers address common cloud-based use cases.

The AWS marketplace currently offers a variety of selectable Cisco software solutions to cloud customers. Cisco supports AWS cloud customers throughout their cloud transformation journey, with most solutions being Software as a Service (SaaS). Cloud customers can use a number of these solutions to complete the cloud transformation process effectively.

AWS cloud framework for customers includes four stages

Let’s begin with a high level, conceptual view of the AWS Cloud Migration Framework. As shown in Figure 1, AWS offers their customers a four-stage cloud migration.

Figure 1  Four-Stage AWS Cloud Migration Framework

Stage 1: Assess

The objective of this stage is to plan the cloud transformation by performing business case development, discovery of infrastructure and application components, and cloud planning.

Stage 2: Mobilize

This stage focuses on the preparation of cloud infrastructure components—including landing zones for application onboarding, landing zones, connectivity to the cloud, and security.

Stage 3: Migrate and Modernize

This stage involves either migrating the current applications to the cloud as they are or modernizing them to cloud-native services like microservices. This is done using any of the 7R customer migration methods: Repurchase, Re-architect, Re-factor, Re-host, Relocate, Retain, and Retire.

Stage 4: Operate and Optimize

In this final stage, the application will be operated on the cloud. Monitoring and optimizing cloud applications are among the steps taken during this stage.

Throughout their cloud transformation journeys, customers can select to use industry-leading solutions like Cisco software from AWS co-selling or the AWS marketplace, depending on their needs and requirements.

Cisco solutions support the cloud migration journey from beginning to end

As part of the AWS Cloud Migration Framework, Cisco cloud solutions pillars are mapped to each stage of the AWS cloud journey. Cloud Assess, Cloud Connect, Cloud Secure, Cloud Observe and Operate are included in this process. The diagram in Figure 2 below illustrates this in more detail.

Figure 2  Cisco Cloud Solutions Pillars

The top half of Figure 2 illustrates the AWS Migration framework. In the lower half of the diagram, Cisco solutions pillars Assess, Connect (Cloud Connectivity), Secure (Cloud Security), and Observe and Operate (Cloud Observability) are mapped to the AWS Migration Framework. Additionally, it illustrates the use cases that are supported by Cisco’s solution pillars.

With Cisco solutions, customers can achieve secure cloud transformation

Known for its outstanding networking, security, and observability capabilities, Cisco solves customer challenges in the cloud by providing secure connectivity, securing the cloud, and providing full stack observability solutions with visibility into applications, infrastructures, and business metrics.

In any initial cloud phase, Cloud Planning and App Discovery are among the first use cases for the phases that verify and assess the cloud. Cisco Intersight Workload Optimizer (IWO) and AppDynamics (AppD) are the most commonly used tools to address those use cases.

Cisco supports the customer journey towards cloud adoption based on primarily on three key pillars–Cloud Connectivity, Cloud Security, and Cloud Observability–to ensure a safe, secure, and effective adoption of clouds. (See Figure 3.)

Figure 3  Cisco Solutions for Key Cloud Use Cases

Cloud Connectivity: The Cisco Cloud Connectivity pillar includes a number of use cases–such as Multi-Cloud Connectivity, SASE, Hybrid Cloud SDN and WAN Insights –that enable customers to connect to the cloud successfully and securely, either from their data center or from the edge. In response to customer requirements, Cisco offers multiple solutions like Meraki SD-WAN, Viptela SD-WAN, Nexus Dashboard, and Cloud Network Controller. Those options help to connect and operate hybrid environments securely.

Cloud Security: A successful cloud journey requires foundational protection of the infrastructure, zero trust access (ZTA), application security, and secure services edge (SSE). Cisco offers a full range of security solutions for cloud transformations, including solutions specifically tailored to meet the needs of the customer. Those solutions ensure a secure cloud environment for the customer. There are a number of Cisco Secure Software portfolios, including Cisco Secure Firewall, Duo, Umbrella, Secure Workload, and many others.

Cloud Observability: In order to scale and reimagine applications and improve the user experience, observeability is a crucial element throughout the cloud journey. By utilizing AppD, ThousandEyes, and IWO, Cisco offers industry-leading solutions for Full Stack Observability, which help enable the customer to monitor hybrid and modern applications, provide a digital customer experience, map application dependencies, optimize hybrid costs, and optimize application resources.

In summary…

Due to its solution integration capabilities, Cisco is a one-stop shop for cloud customers when it comes to cloud networking, cloud security, cloud observability, and hybrid work. Cloud customers and partners can address those cloud use cases through Cisco software solutions like IWO, AppDynamics, ThousandEyes, Duo, Umbrella, Viptela SD-WAN, Meraki SD-WAN, Secure Firewall, Panoptica, Intersight Service Mesh Manager (SMM), and more. AWS offers those Cisco software solutions through their co-sell program and marketplace, leveraging their strategic partnership with Cisco.

Source: cisco.com

Continue reading

Cisco Secure Firewall on AWS: Build resilience at scale with stateful firewall clustering

Organizations embrace the public cloud for the agility, scalability, and reliability it offers when running applications. But just as organizations need these capabilities to ensure their applications operate where needed and as needed, they also require their security does the same. Organizations may introduce multiple individual firewalls into their AWS infrastructure to produce this outcome. In theory, this may be a good decision, but in practice—this could lead to asymmetric routing issues. Complex SNAT configuration can mitigate asymmetric routing issues, but this isn’t practical for sustaining public cloud operations. Organizations are looking out for their long-term cloud strategies by ruling out SNAT and are calling for a more reliable and scalable solution for connecting their applications and security for always-on protection.

To solve these challenges, Cisco created stateful firewall clustering with Secure Firewall in AWS.

Cisco Secure Firewall clustering overview

Firewall clustering for Secure Firewall Threat Defense Virtual provides a highly resilient and reliable architecture for securing your AWS cloud environment. This capability lets you group multiple Secure Firewall Threat Defense Virtual appliances together as a single logical device, known as a “cluster.”

A cluster provides all the conveniences of a single device (management and integration into a network) while taking advantage of the increased throughput and redundancy you would expect from deploying multiple devices individually. Cisco uses Cluster Control Link (CCL) for forwarding asymmetric traffic across devices in the cluster. Clusters can go up to 16 members, and we use VxLAN for CCL.

In this case, clustering has the following roles:

Figure 1: Cisco Secure Firewall Clustering Overview

The above diagram explains traffic flow between the client and the server with the insertion of the firewall cluster in the network. Below defines the roles of clustering and how packet flow interacts at each step.

Clustering roles and responsibilities 

Owner: The Owner is the node in the cluster that initially receives the connection.

◉ The Owner maintains the TCP state and processes the packets. 

◉ A connection has only one Owner. 

◉ If the original Owner fails, the new node receives the packets, and the Director chooses a new Owner from the available nodes in the cluster.

Backup Owner: The node that stores TCP/UDP state information received from the Owner so that the connection can be seamlessly transferred to a new owner in case of failure.

Director: The Director is the node in the cluster that handles owner lookup requests from the Forwarder(s). 

◉ When the Owner receives a new connection, it chooses a Director based on a hash of the source/destination IP address and ports. The Owner then sends a message to the Director to register the new connection. 

◉ If packets arrive at any node other than the Owner, the node queries the Director. The Director then seeks out and defines the Owner node so that the Forwarder can redirect packets to the correct destination. 

◉ A connection has only one Director. 

◉ If a Director fails, the Owner chooses a new Director.

Forwarder: The Forwarder is a node in the cluster that redirects packets to the Owner. 

◉ If a Forwarder receives a packet for a connection it does not own, it queries the Director to seek out the Owner.  

◉ Once the Owner is defined, the Forwarder establishes a flow, and redirects any future packets it receives for this connection to the defined Owner.

Fragment Owner: For fragmented packets, cluster nodes that receive a fragment determine a Fragment Owner using a hash of the fragment source IP address, destination IP address, and the packet ID. All fragments are then redirected to the Fragment Owner over Cluster Control Link.  

Integration with AWS Gateway Load Balancer (GWLB)

Cisco brought support for AWS Gateway Load Balancer (Figure 2). This feature enables organizations to scale their firewall presence as needed to meet demand.

Figure 2: Cisco Secure Firewall and AWS Gateway Load Balancer integration 

Cisco Secure Firewall clustering in AWS

Building off the previous figure, organizations can take advantage of the AWS Gateway Load Balancer with Secure Firewall’s clustering capability to evenly distribute traffic at the Secure Firewall cluster. This enables organizations to maximize the benefits of clustering capabilities including increased throughput and redundancy. Figure 3 shows how positioning a Secure Firewall cluster behind the AWS Gateway Load Balancer creates a resilient architecture. Let’s take a closer look at what is going on in the diagram.

Figure 3: Cisco Secure Firewall clustering in AWS

Figure 3 shows an Internet user looking to access a workload. Before the user can access the workload, the user’s traffic is routed to Firewall Node 2 for inspection. The traffic flow for this example includes:

User -> IGW -> GWLBe -> GWLB -> Secure Firewall (2) -> GLWB -> GWLBe -> Workload

In the event of failure, the AWS Gateway Load Balancer cuts off existing connections to the failed node, making the above solution non-stateful.

Recently, AWS announced a new feature for their load balancers known as Target Failover for Existing Flows. This feature enables forwarding of existing connections to another target in the event of failure.

Cisco is an early adaptor of this feature and has combined Target Failover for Existing Flows with Secure Firewall clustering capabilities to create the industry’s first stateful cluster in AWS.

Figure 4: Cisco Secure Firewall clustering rehashing existing flow to a new node

Figure 4 shows a firewall failure event and how the AWS Gateway Load Balancer uses the Target Failover for Existing Flows feature to switch the traffic flow from Firewall Node 2 to Firewall Node 3. The traffic flow for this example includes:

User -> IGW -> GWLBe -> GWLB -> Secure Firewall (3) -> GLWB -> GWLBe -> Workload

Source: cisco.com

Continue reading

Vacations and IT Operations: Save Time with the Right Tools

You have just used an online travel aggregator site to plan your summer vacation. The day of your trip arrives, you’re exhausted before you even set foot on the beach. Getting to the airport, boarding the first of two flights, making a connecting flight, and picking up luggage all wear you out. Your goal is the beach, but to get to it you’ll spend considerable time on tactical, non-value add, operational logistics.

Relax. You’re a smart traveler – Your TSA Clear approval saves you that long queue at the security checkpoint. Your Platinum travel partner membership gives you priority check-in for your flight and hotel. These tools shorten the time to get to the beach while allowing flexibility in planning your schedule. Wish you could have something similar, to manage your IT operations? Stick with me.

Where ITOps Teams Lose Time

As an IT manager, you’re expected to make sure your company is providing an outstanding digital experience that’ll drive revenue and growth. That’s the end goal. But to get there you’ll have to support your DevOps team through not just the development process but the ongoing application lifecycle. Multiple tasks to get to your goal, like getting to the beach, likely wear down your team, from deploying infrastructure, figuring out how to deploy and manage containers for cloud-native apps, and making your best estimate at provisioning resources in the public cloud. Task switching between tools and learning Kubernetes takes away valuable time and slows down service delivery. A missed flight connection is like a missed task, and something you want to avoid.

Simplify deployment and delivery, anywhere

Intersight bridges the gap between ITOps and DevOps

Cisco Intersight can help you move faster and more reliably, bridging the divide between dev teams and LoB with operations, and changing the perception of IT from a “necessary cost center” to an innovation driver. From one dashboard, you can:

◉ Add resources to your virtualized datacenter.

◉ Set up a new off-the-shelf application for your users.

◉ Stand up a Kubernetes cluster at the edge in just a few clicks.

◉ Provide multi-cloud resources for your developers to deploy code.

◉ And more

Managing and deploying all physical and virtual infrastructure and supporting any workload type (VMs, K8s in VMs, bare metal K8s, serverless) in one place saves your teams from switching tools. The user-friendly automation of Intersight with API-based integration gives your internal customers flexibility to use the resources the way they want.

Integrate with DevOps to accelerate application delivery

Intersight integrates with cloud providers and supports an ecosystem of 3rd party tooling

Intersight brings together the tools your IT Operations knows and integrates with tools your dev teams are using. As an open, cloud-neutral platform it integrates with cloud providers and supports an ecosystem of third-party tooling, so your internal customers can continue using the platforms and software of their choice—without disruption.

The result? Your team can move faster and expose with IaC plans that your developers are used to working with or orchestrating across every infrastructure and workload aspect of your Intersight-managed environment while managing risk and governance. And with open API support, you can extend and integrate with ITSM tools or 3rd-party endpoints for more control.

Accelerate service delivery and flexibility with Cisco Intersight

You know how to minimize the headaches that stand between you and the beach. Now you can apply smarter ways of working to deploy and support business critical applications. Get out of the business of managing management products and focus on accelerating delivery for line-of-business.

Source: cisco.com

Continue reading

Intersight Workload Optimizer: How to Tame the Public Cloud

In this installment, we’re going to focus on public cloud optimization, which differs slightly from its on-premises counterpart. In an on-premises data center, infrastructure is generally finite in scale and fixed in cost. By the time a new physical server hits the floor, the capital has been spent and has taken a hit on your business’s bottom line. In this context, on-premises optimization means maximizing utilization of the sunk cost of capital infrastructure (while still assuring performance of the workload, of course).

In the public cloud, however, infrastructure is effectively infinite. Resources are generally far more elastic and often paid for out of an operating expenditure budget rather than a capital budget. In this case, cloud optimization means minimizing cloud spend, and the burden of maximizing hardware utilization falls to the cloud provider. Minimizing cloud spend proves to be a daunting exercise for cloud administrators given the public cloud’s vast array of instance sizes and types (over 400 in Amazon Web Services alone, as shown in Figure 1: Amazon Web Services instance types, all with slightly different resource profiles and costs, and with new options and pricing changing almost daily. At scale, selecting the ideal instance type, size, term, etc. for every workload at every moment in order to assure performance and minimize spend is arguably an impossible task for a human, but is an ideal use case for the IWO decision engine.

Figure 1: Amazon Web Services instance types

Taking action in the public cloud

So let’s take a look at the types of real-time actions IWO offers for public cloud optimization. In Figure 2, starting on the Cloud tab of the main Supply Chain screen, we see a number of widgets on the right with actionable information – Pending Actions, Top Accounts, Necessary Investments, Potential Savings, etc.

Figure 2: Supply Chain view of the Public Cloud and Pending Actions widget

Clicking on “Show All” in the Top Accounts widget, we see a list of all our public cloud accounts and subscriptions in a hierarchical table, as shown in Figure 3.

Figure 3: Public cloud account details table

Clicking on one of the green action buttons on the right, we see the current pending actions for a specific account, as shown in Figure 4.  There we see a number of storage volume actions highlighted, some relating to performance needs, others to recoup savings due to over-provisioning (i.e. you can move to a cheaper tier of storage and still assure performance).

Figure 4: Action Center table with details on specific pending storage actions for a given account

In this specific example, a keen-eyed reader might notice something curious about the two performance actions at the top of the list: even though the actions are being taken to provide more IOPS (moving from 160 to 3000 IOPS) to assure performance, the cost impact is actually lower.  That’s right – these actions are providing more performance for less cost! While maybe not entirely common, this example shows just how quirky the plethora of options are in the public cloud, and how difficult it can be for humans to avoid leaving money on the table. (This example is also non-disruptive and reversible, as noted in the table, with the ability to execute immediately with the click of a button.  (What’s not to like?)

Clicking on the Scale Virtual Machines tab in the Action Center list, we see the current pending actions to rightsize our VMs, as shown in Figure 5.

Figure 5: Action Center table with details on specific pending VM actions for a given account

Clicking on the details button in the first row takes us to the Action Details window providing us clear data behind the decision, as well as the expected outcome of the action from both a performance and a cost perspective, as shown in Figure 6. We can also conveniently run the action with a single button click, right from the dashboard interface.

Figure 6: Action Details for a specific VM scaling action

This detailed information is available for every action IWO recommends, across all workloads in all cloud accounts. Choosing the right action, with even just a handful of workloads, is difficult for a human. Getting it right across many tens, hundreds, or thousands of workloads spread across multiple accounts in multiple clouds in real time is a problem that IWO is uniquely positioned to solve.

Reserved instances: rent or lease?

To further complicate matters for a cloud administrator, you have the option of consuming instances in an on-demand fashion — i.e., pay as you use — or via Reserved Instances (RIs) which you pay for in advance for a fixed term (usually a year or more). RIs can be incredibly attractive as they are typically heavily discounted compared to their on-demand counterparts, but they are not without their pitfalls.

The fundamental challenge of consuming RIs is that you will pay for the RI whether you use it or not. In this respect, RIs become more like the sunk cost of a physical server on-premises than the intermittent cost of an on-demand cloud instance. One can think of on-demand instances as being well-suited for temporary or highly variable workloads, analogous to a car-less city dweller renting a car: usually cost-effective for an occasional weekend trip, but cost-prohibitive for long-term use. RIs are akin to leasing a car: often the right economic choice for longer-term, more predictable usage patterns (say, commuting an hour to work each day).

When faced with a myriad of instance options and terms, you are generally forced down one of two paths: 1) only purchase RIs for workloads that are deemed static and consume on-demand instances for everything else (hoping, of course, that static workloads really do remain that way); or 2) pick a handful of RI instance types — e.g., small, medium, and large — and shoehorn all workloads, static or variable, into the closest fit. Both methods leave a lot to be desired.

In the first case, it’s not at all uncommon for static workloads to have their demand change over time as app use grows or new functionality comes online. In these cases, the workload will need to be relocated to a new instance type, and the administrator will have an empty hole to fill in the form of the old, already paid-for RI (see examples in Figure 7).

Figure 7: Changes in workload demand can trigger numerous cascading decisions for RI consumption

What should be done with that hole? What’s the best workload to move into it? And if that workload is coming from its own RI, the problem simply cascades downstream. The unpredictability of such headaches often negates the potential cost savings of RIs.

In the second scenario, limiting the RI choices almost by definition means mismatching workloads to instance types, negatively affecting either workload performance or cost savings, or both. In either case, human beings, even with complicated spreadsheets and scripts, will invariably get the answer wrong because the scale of the problem is too large and everything keeps changing, all the time, so the analysis done last week is likely to be invalid this week.

Thankfully, IWO was developed to understand both on-demand instances and RIs in detail through native API target integrations with popular public cloud providers like AWS and Azure. IWO capabilities are constantly receiving real-time data on consumption, pricing, and instance options directly from the cloud providers, and combining such data with the knowledge of applicable customer-specific pricing and enterprise agreements to determine the best actions available at any given point in time.

Figure 8: Detailed inventory information and purchase actions for RIs

Not only does IWO technology understand current and historical workload requirements and an organization’s current RI inventory (see above), but it also has the capability to intelligently recommend the optimal consumption of existing RI inventory and additional RI purchases to minimize future spending. In Figure 9, we have a Pending Action to buy 13 RIs which would take the RI coverage up to the horizontal black line in the chart.  Most of the area under the blue and turquoise curves, representing the workload resource requirements, would be covered by RIs – everything below the black line.  The peaks above the black line would be covered by on-demand purchases. While you could purchase enough RIs to cover all the area under the curve, this is not the most cost-effective option to meet workload demand.

Figure 9: Details supporting a specific RI purchase action

Continuing with our car analogy, in addition to knowing whether it’s better to rent or lease a car in any given circumstance, IWO can even suggest a car lease (RI purchase) that can be used as a vehicle for ride-sharing. IWO can fluidly move on-demand workloads in and out of a given RI to achieve the lowest possible cost while still assuring performance.

In short, IWO has the ability to understand the optimal combination of RI purchases and on-demand spending across your entire public cloud estate, in real-time.

Cloud Migration Planning

Finally, because IWO uses the same underlying decision engine for both the on-premises and public cloud environments, it can bridge the gap between them. The process of migrating VM workloads from on-prem to the public cloud can be simulated in IWO’s planning module and will allow the selection of specific VMs or VM groups to generate the optimal purchase actions required to run them, as shown in Figure 10.

Figure 10: On-prem to public cloud workload migration planning results

These plan results offer two options: Lift & Shift and Optimized, depicted in the blue and green columns, respectively. Lift & Shift shows the recommended instances to buy, and their costs, assuming no changes to the size of the existing VMs. Optimized allows for VM right-sizing in the process of moving to the cloud, which often results in a lower overall cost if current VMs are oversized relative to their workload needs. Software licensing (e.g., bring- your-own vs. buy from the cloud) and RI profile customizations are also available to further fine-tune the plan results.

Have your cake and eat it too

IWO has the unique ability to apply the same market abstraction and analysis to both on-premises and public cloud workloads, in real-time, enabling it to add value far beyond any cloud-specific or hypervisor-specific, point-in-time tools that may be available. Besides being multi-vendor, multi-cloud, and real-time by design, IWO does not force you to choose between performance assurance and cost/resource optimization.

Source: cisco.com

Continue reading