Hybrid cloud networks are calling – Cisco Nexus Dashboard has the answer

The scale and complexity of modern enterprise infrastructure environments are exploding as workloads become pervasive and infrastructure becomes more hybrid and distributed across data centers, edge, and public cloud resources. Recent events have put the importance of successful network operations at the forefront. Through a barrage of obstacles, today’s resilient and successful organizations are modernizing and automating their network operations to stay ahead of the curve. Their destination? Hybrid Cloud — and by a vast majority.

According to IDC research, 55% of organizations currently have hybrid cloud and use it as a framework to deploy applications where scale-out architecture and high availability networks are needed. Another 29% reported not having a hybrid cloud, but they planned to create one within a year. And by 2025, 70% of organizations will modernize their applications based on drivers like data security, organizational flexibility and agility, and productivity gains versus drivers like IT cost savings.

To solve hybrid cloud application complexity, your IT needs to focus on automating application infrastructure management. This includes the many personas involved in configuration, provisioning, lifecycle operations, and orchestration of cloud and hybrid datacenter environments. But scaling applications into hybrid cloud also increases the cost of managing thousands of distributed devices, containers, and network services. These elements require more knowledge and more time to troubleshoot the many interconnected parts using multiple purpose-built solution tools and methods.

To be successful, it’s critical to have the visibility and insights into your network wherever your data is created with consistent network and policy orchestration across multiple data centers —whether on-premises, in the cloud, or at the edge. At Cisco, we know that for any move to the hybrid cloud lifecycle journey, there is an uncompromising need for a centralized approach to manage network capabilities. Cisco’s Nexus Dashboard is our newest cloud networking platform innovation to help with this very problem. With its One View presentation of all your hybrid cloud network sites, your IT operators can use a single agile platform, to operate all their network infrastructure in a single place. How many split personas (NetOps, DevOps, SecOps, and CloudOps) do you have? Cisco Nexus Dashboard bridges all the tools needed by each persona with a flexible operational model for all use cases on a single platform.

Figure: Cisco Nexus Dashboard: Centralized hybrid cloud networking platform

We listened, here are the recent innovations that you asked for:

Bolster Cloud Neutral Support

Recent innovations include expansion to the hybrid cloud with added support for Google Cloud, simplifying network management across multiple public cloud sites. Nexus Dashboard is available in the AWS and Azure marketplaces and will also be featured in the Google Cloud marketplace.

Improved Intelligence and Site Management

Key new features support air gap environments, provide simplification of experience such as reduced app downtime due resource challenges when upgrading an app or installing by determining whether you have enough resources etc. The dashboard will predetermine the resources needed for the app and environment to run smoothly.

With air gap support, customers that are not connected to Cisco Cloud can utilize insights advisory features to better identity risks to their infrastructure and get decrypted updates on PSIRTS, EOS/EOL, field notices etc. Syslog support as well as customization and personalization features are newly available with the interface.

Decreased Dependence on Physical Hardware

Additional scale improvements are being implemented with the virtual form factor of Nexus Dashboard, where additional physical hardware is not required to run the Nexus Dashboard in your environment. Please refer to the Nexus Dashboard datasheet for more details.

End to End Visibility

External devices such as firewalls and integrations such as vCenter – offer broader visibility, correlated telemetry and deeper insights beyond the core network. For end-to-end visibility, it is imperative to additionally understand where exactly the problem truly lies, which allows for quick remediation. L4-L7 and cross-domain integrations are a key strategy to gain comprehensive visibility. With the new vCenter integration, the Insights function can incorporate virtualized workload data such as hypervisor name, VM name, VM health into telemetry. This will enable visibility across silos, into the virtualized environments and enable faster MTTR for customers by correlating network events and application issues.

The Insights function is also able to enable optimal network and application performance and ensure continuous availability with recent AppDynamics SaaS support.

Considering recent news of companies that have implemented changes resulting in outages, we’d like to emphasize that pre-change validation with upgrade assist are key capabilities of the Insights function. It’s a critical capability that evaluates configuration changes before they are deployed to allow IT Ops to make changes with confidence. This removes unintended consequences that take down applications and/or the network. I encourage you to check out these Nexus Dashboard capabilities.

Which performance zone is right for you?

Customers have different reasons as to operate in the various performance zones (be it OKRs, metrics, speed of the business or foundational capabilities) in terms of the people, process, and technology alignment.

With the Nexus Dashboard, we are helping customers figure out where in the network infrastructure automation journey they are. Then help them in their journey to move their performance zone from reactive, to proactive and then to optimizing and the visionary self-healing, self-driving, and self-diagnostic networks.

Source: cisco.com

Continue reading

The SASE story: How SASE came to be, and why it has quickly become the default architecture

Secure Access Service Edge (SASE) has quickly become one of the hottest topics related to cloud, networking, and security architectures. As Cisco engineers, we have seen hesitation and confusion among some customers on what SASE really means. We hope to answer most of those questions here.

What is SASE, and how is it related to the Cloud Edge, Zero Trust, and SD-WAN? SASE has positively impacted how we run our IT organization, and how we envision Enterprise IT customers will run theirs. To accurately explain what SASE is, and why SASE came to be, we must look at the evolution of how data is stored and transported within an enterprise.

Our journey started inside the data center

A decade ago, many of us lived in a data Center-centric world, and security was simpler to implement.  Here at Cisco, we were moving data inside the four walls of our data centers, and  we assumed complete trust. The corporate office, the MPLS circuits between sites, and the Cisco data centers were all within a trusted environment, which enabled us to meet our security and compliance requirements.

Move to hybrid cloud and hybrid work

However, while many enterprises still focus on data center-centric applications for their core business needs, the world is shifting towards cloud-based application development. This enables faster and more efficient deployment of software and services to meet ever-changing business needs.

IT organizations have also shifted from a model of only managed devices (PC or laptop) for use within the trusted corporate network to allowing users to work on multiple devices from just about anywhere. The emergence of BYOD (Bring Your Own Device) as well as remote work had already been gaining traction in the industry over the past few years, and this trend significantly accelerated with the onset of the COVID-19 pandemic. Now, employees are expected to be able to work from anywhere, and any device. Combined with the distribution of resources across on-prem networks and the cloud, Hybrid Work presents a significant security problem as business users and application providers are no longer fully controlled by the IT organization.

To address security concerns in the interim, network architects designed a model where all user/cloud interactions were routed back, or backhauled, through a data center — i.e. the trusted entity — prior to being redirected to the cloud application. While meeting the security needs, this model has performance and cost challenges.

Arriving at SASE

To improve security and efficiency, a SASE-like architecture was developed internally by Cisco IT. The model we used for the architecture provides every user with a security profile tailored to their access privileges and uses a Zero-Trust approach to identify and authenticate users and devices before allowing a direct connection between the cloud and the access edge.

Ultimately, SASE is the convergence of networking and security functions in the cloud to deliver reliable, secure access to applications, anywhere users work. The Cisco SASE model works by combining SD-WAN for network, with cloud-based security capabilities such as Secure Web Gateway, Firewall as a Service, Cloud Access Security Broker, and Zero Trust Network Access into one, single, integrated cloud service.

CloudPort and the evolution of SASE at Cisco

Cisco’s SASE journey started with CloudPort, which was a hardware-based, on-prem, self-managed Cloud Edge platform, delivered at Colocation data centers around the world. While CloudPort provided a single platform that delivered network and security, it also brought cost challenges, used a traditional perimeter security, and required both agility to scale up/down as well as specialized skillsets.

To address these challenges, we first modernized the on-prem CloudPort solution, and put in motion a plan to move from on-prem to as a service or hosted SASE capabilities. The Customer Zero team, which deploys emerging technology in real life environments to provide critical feedback to the BU early in the product lifecycle, created a strategy to move to SASE, testing do-it-yourself and as-a-service models. The findings from the Customer Zero internal testing have guided our external offering strategy.

During this testing period, Cisco IT has moved from a ‘do-it-yourself’ model to a Cisco hosted/managed solution.

Source: cisco.com

Continue reading

“Powering Hybrid Work” in Financial Services

The question that I get asked most often by financial services CXO’s is “how do we move beyond just ‘supporting’ Hybrid Work to ‘powering’ Hybrid Work with the right technology stack so that we can address the challenges of attracting and engaging an evolving workforce and keep the organization moving forward in an agile and sustainable way.”

Throughout the pandemic, financial services firms have been prioritizing health and safety of their employees by implementing hybrid work whilst abiding by guidelines and regulations. However, not everyone has had success with their “hybrid work” deployments. Those that have got it right to some extent are realizing the benefits

A large number of financial services firms have struggled to implement “an optimum workable hybrid work model”. The challenge is they have tried to retrofit “remote work implementations” with technology upgrades and add-on’s as guided by their many different technology partners.

Hybrid Work in the context of financial services can be defined as an employee centric, business transformative approach that designs the work experience around and for the employee, wherever they are. It empowers employees to work onsite, offsite, and move between locations with uniform access to all the business tools and resources in a highly secure, compliant and efficient manner thus promoting inclusiveness, engagement, and well-being for all employees while driving employee performance, business productivity and talent retention.

While a future-proofed technology stack is a critical pillar of the hybrid work model, getting Hybrid Work to work also requires reimagining current and emerging operating models and optimizing them such that employee engagement, experience and well-being is enhanced while financial services delivery just keeps getting better with more delighted customers.

Financial services firms that have their operating models reimagined/transformed to support the hybrid work model have the first mover advantage of becoming fully resilient businesses, ready to weather any storm.

A “Hybrid Work Powered” operating model for financial services firms should at the least have the  following 5 characteristics :

1. INCLUSIVE – offering equal experiences for everyone. Enables firms to provide a work environment where every employee can participate fully and be seen and heard equally.

2. FLEXIBLE – adapting to any work style, role, and environment. Enables employees spread across different office locations, types (home etc.), time zones and even countries, working at different hours have access to flexible tools that can address their different needs while adapting to their work styles, roles, and devices.

3. SUPPORTIVE – focusing on safety, empathy, and well-being.  Enables firms to promote a supportive mindset throughout every level of the organization thus ensuring that employees are comfortable with ways of working and feel safe, secure, supported, included, and cared.

4. SECURE – being secure by design, private by default.  Enables employees to have worry-free access to reliable and secure connectivity and secure app experiences thus ensuring all team members can work and collaborate with confidence anywhere they choose to work and have consistent, uninterrupted access to the required applications.

5. MANAGED – delivering modern infrastructure, frictionless administration. Enables IT teams to operate and manage the complex and dynamic hybrid work environment, using an approach known as full-stack observability which delivers optimized user experiences and enhanced enterprise technology management.

To get “hybrid work to work”, financial services firms need to reimagine/transform their operating models to deliver the key characteristics mentioned earlier and not just depend on “retrofitting” their existing IT stacks with hybrid work enabled “siloed” products.

Investing in a “future-proofed hybrid work technology stack” such as Cisco’s “secure-by-design*” Hybrid Work Solution Technology Stack enables financial services firms to reimagine/transform their operating model thus moving past “supporting” to “powering” Hybrid Work in a highly secure and compliant manner by empowering workers to work from anywhere, at home or in the office while also providing a positive outcome for every business sponsor and stakeholder (HR, Facilities, IT etc.) who are involved in defining and implementing the financial services firms hybrid work strategy.

Source: cisco.com

Continue reading

Streamlining Connectivity for a Multi-Region Hybrid World

Multi-region cloud deployments create complexity

The combination of a hybrid cloud migration and the long-term needs of a hybrid workforce are shining a spotlight on the need for consistently secure, high quality access to on-demand compute resources.

Requirements for low latency across geographically distributed workloads, resiliency, and compliance with data privacy regulations are driving organizations towards multi-region deployments in the cloud. While this can be done manually by using VPC peering and static routes, management complexity increases with scale and can be error-prone. To make networks streamlined and scalable, organizations need a dynamic and central way to manage their multi-region deployments.

Multi-region cloud deployments: complex, manual static routes and VPC peering

All the hybrids: cloud and work

Cisco Meraki has a globally-proven cloud platform that unifies secure SD-WAN, Access, and IoT technologies—empowering enterprises to deliver high quality hybrid work experiences. The platform allows secure and optimized SD-WAN connectivity to hybrid cloud environments, including AWS, in just three clicks. This Meraki SD-WAN capability is delivered through MX appliances that are available in physical and virtual (vMX) form factors where the latter can be spun up within AWS. Remote workers can also easily connect to vMX appliances in hybrid clouds with a dedicated teleworker appliance or via Cisco AnyConnect.

For customers making this investment into cloud platforms, there are a few ways they can use Meraki to accelerate their cloud journey with AWS. Specifically, for multi-region deployments, Meraki SD-WAN offers deep integration into the newly launched AWS Cloud WAN service and AWS Transit Gateway to significantly streamline workflows to connect users to their cloud resources. For organizations looking to connect their on-prem sites to workloads across regions, we also announced support for AWS Outposts at AWS re:Invent 2021 in December.

Meraki SD-WAN and AWS Transit Gateway

First, the Meraki vMX integration with AWS Transit Gateway lets customers extend their SD-WAN fabric to AWS workloads in an automated manner using AWS Quickstarts.

Dynamic routes and VPC peering with Meraki SD-WAN and AWS Transit Gateway

◉ The architecture consists of a SD-WAN VPC with two vMXs deployed in different availability zones to achieve a highly available architecture.

◉ In addition, a Transit Gateway (TGW) is deployed to extend connectivity to workload resources across different regions. The SD-WAN VPC is linked to the TGW via a VPC and customers can leverage their existing workflows to connect their workload VPCs to the Transit Gateway.

◉ On the Meraki Dashboard, each vMX is configured as a Hub to the branch sites and statically advertises all of the subnets available in Amazon AWS into Auto VPN.

◉ Finally, an AWS Lambda function is used to monitor the state of the vMX instances and update the SD-WAN VPC and the Transit Gateway route tables for the Auto VPN routes with the appropriate vMX as the next hop.

Meraki SD-WAN and AWS Cloud WAN

AWS recently launched AWS Cloud WAN at AWS Re:Invent. Cisco Meraki is one of the first partners to integrate with the new service. Cloud WAN is AWS’s managed wide area networking (WAN) solution that makes it easy for customers to build, manage, and monitor their global networks across the AWS backbone.

Organizations with Meraki SD-WAN can leverage the new AWS Cloud WAN service to extend their SD-WAN fabric across the unified AWS global network.

Meraki vMX integrates with AWS Cloud WAN to allow admins to define a multi-region, segmented, dynamically routed global network with intent-driven policies. This allows organizations to scale across different regions without worrying about managing the complexity of peering.

Dynamically routed global network with Meraki SD-WAN and AWS Cloud WAN

Instead of having to manage peering connections between different AWS Transit Gateways across multiple regions, a single Cloud WAN core network is deployed that spans across multiple regions with the following:

◉ Core Network Edges (CNE), deployed in each region of the core network

◉ Two segments, one for SD-WAN overlay and one for the customer workloads.

◉ Core Network Policy (CNP), which defines the global configuration of the core network

◉ The SD-WAN VPC and the workload VPCs are connected to the core-network as VPC attachments.

Multi-tenancy and Scale using AWS Outposts

Customers also need a secure way to connect their on-prem sites to workloads across different regions in the cloud. Using Meraki’s vMX solution, customers can easily extend their SD-WAN fabric to their public and private cloud environments.

Customers also need a secure way to connect their on-prem sites to workloads across different regions in the cloud. Using Meraki’s vMX solution, customers can easily extend their SD-WAN fabric to their public and private cloud environments.

AWS recently announced new Outposts Server Form Factors at AWS Re:Invent and Cisco Meraki will be one of the first launch partners to support the 2U servers with vMX (coming soon).

Customers looking for edge computing and even datacenter computing can leverage vMX on Outpost with the benefit of a fully managed infrastructure with native AWS APIs and the simplicity and security of Meraki.

Without Outposts, customers need to procure and manage multiple hardware for compute and networking making management cumbersome and difficult.

If you’re investing in a multi-cloud architecture and need a more scalable, flexible, and manageable SD-WAN fabric, we encourage you to learn more about the Meraki platform. Meraki combines SD-WAN with Wi-Fi, access switching, and IoT on a cloud-native platform that reduces the complexity of building a hybrid cloud architecture.

Source: cisco.com

Continue reading

Simplify Hybrid Cloud Networking with Cisco Nexus Dashboard

Simplicity is the ultimate sophistication.  – Leonardo da Vinci

For IT, complexity is the antithesis of agility. However, with the increased demand for remote healthcare, distance learning, hybrid work, and surging dependence on online retail, there is an urgent shift to hybrid and cloud-native applications to keep up with the necessary digital transformations—thus adding complexity.

Hybrid cloud is now the reality for nearly all enterprises. Workloads are distributed across on-premises, edge, and public clouds. However, seamless operations of hybrid cloud applications across distributed environments needs to address stringent location-dependent requirements such as low latency, regional data compliance, and resiliency. Adding to the complexity is the additional need for governance—compliance, security, and availability—to which networking teams need to adhere. The need for visibility and insights closer to where data is created and processed—on-premises, cloud, and at the edge—is also critical.

Hybrid Cloud Networking Challenges

 

How does an operations’ team deal with this complex new hybrid cloud networking reality? They need three operational capabilities:

◉ Obtain a unified correlated and comprehensive view of the infrastructure.

◉ Gain the ability to respond proactively across people, process, and technology silos.

◉ Deliver speed of business, without increasing operating costs and tool-sprawl.

It is a multidimensional challenge for IT to keep applications and networks in sync. With the ever-increasing scope of the roles of NetOps and DevOps, an automation toolset is needed to accelerate hybrid cloud operations and securely manage the expansion from on-prem to cloud.

Flexible Hybrid Cloud Networking with Cisco Nexus Dashboard

Cisco Nexus Dashboard 2.1, the newest of Cisco’s cloud networking platform innovations, will help IT simplify transition to hybrid applications using a single agile platform. Besides bridging the gap in tooling, one of the major capabilities of the Nexus Dashboard is enabling a flexible operational model for different personas—NetOps, DevOps, SecOps, and CloudOps—across a plethora of use cases.

Cisco Nexus Dashboard: One Scalable, Extensible Platform Across Global Hybrid Infrastructure

Conventionally, operators relied on disjointed tools for specific functions across connectivity, visibility, and security. With multiple capabilities being natively integrated into the Cisco Nexus Dashboard, as well as 3rd party services, Cisco is simplifying the overall experience for IT.

Operators can now manage their hybrid cloud network infrastructure with ease from a single automation and operations platform, Cisco Nexus Dashboard—whether they are running Cisco Application Centric Infrastructure (ACI) or Cisco Nexus Dashboard Fabric Controller (NDFC) in their hybrid cloud infrastructures.

New innovations with Nexus Dashboard 2.1 include availability on AWS and Azure marketplaces; Nexus Dashboard One View, which provides a single cohesive view of all the sites being managed and the services installed across Nexus Dashboard clusters; advanced endpoint analytics; scalable connectivity through Nexus Dashboard Orchestrator (NDO); Nexus Dashboard Insights (NDI); Nexus Dashboard Data Broker (NDDB) service; and many more capabilities. Let’s look at five capabilities of Cisco Nexus Dashboard 2.1 that are delighting customers.

1. Hybrid Cloud Connectivity at Scale with Nexus Dashboard Orchestrator

New hybrid cloud capabilities include support for Google Cloud—in addition to AWS and Azure integrations—and connectivity automation capabilities to enable new use cases, such as:

◉ External Connectivity: Cloud VPCs/VNet to external devices (branch router, SD-WAN edge, colocation routers, or on-prem routers)

◉ Hybrid Cloud Connectivity: Automate connectivity for GCP, AWS, and Azure clouds and on-premises ACI sites using BGP and IPSec

◉ Stitching connectivity: Cloud VPCs/VNET, On-Prem VRFs, including route management

Connectivity is established by BGP peering and IPSec tunnels connecting the cloud site’s Cloud Services Routers (CSR) or Google Cloud’s Native Cloud Router, to the external devices. Once connectivity is established, IT can enable route leak configurations to allow subnets from the external sites to establish connectivity with the cloud site’s VPCs/VNETs.

2. Change Management Workflow with Nexus Dashboard Orchestrator

In a modern enterprise IT team, there are typically multiple personas involved from design to deployment. The design team (Designer Persona) can create and edit the Nexus Dashboard Orchestrator templates and send them to the deployment team (Approver/Deployer Persona) for approval. The deployment team reviews and approve templates ahead of a change management window and queues the templates for deployment during the actual change management window.

Starting with the latest version, Nexus Dashboard Orchestrator 3.4(1) release, a structured persona-based change management workflow provides additional operational flexibility. Three personas for template management—Designer, Approver, and Deployer roles—are available. An admin can assume one of these roles or a combination of them.

◉ Designers: Create and edit template application policies and sends them to Approvers for review and approval.

◉ Approvers: Review the templates and either approves for deployment or rejects the proposed changes and sends it back to the Designer to update the template based on comments.

◉ Deployers: Deploys templates or initiates a rollback to previous version of template.

When Approvers review the templates, they have a GitHub-style “diff view” to clearly compare the before and after changes so they can easily review, approve, reject, and comment on the template differences.

Deployers have two additional new capabilities for effective change management operations:

◉ Configuration preview: Preview of the exact configuration—XML Post and graphical views—that will be deployed to the sites so the Deployer can decide to proceed or abort deployment commit.

◉ Template versioning / rollback: Each template is automatically versioned during save or deploy, giving the Deployer the ability to rollback to previous template versions. During rollback the Deployer can see the GitHub style diff between two versions and decide to proceed with the rollback.

Since Nexus Dashboard Orchestrator change management is fully API based, IT can integrate the workflow with in-house tools currently in use.

3. Unify Hybrid Cloud Operations with Nexus Dashboard One View

With Nexus Dashboard 2.1, IT can operate their distributed environment across multiple clusters from a single focal point of control, with the ability to span visibility into fabrics. The scale out architecture adapts to growing operational needs while the One View capability provides a single pane of glass experience, with support for Single Sign On (SSO) and Role Based Access controls (RBAC). This enables operators to consume insights, advisory, and assurance stack as a unified offering to address prevention, diagnosis, and remediation.

Cisco Nexus Dashboard One View

 

Nexus Dashboard 2.1 takes visibility of network traffic up a notch with support for flow drops, giving IT the ability to identify packet drops in the network as well as the location and reasons. Flows impacted due to events in a switch like buffer, policer, forwarding drops, ACL drops, policer drops, etc. are identified using Flow Table Events (FTE).

Cisco Nexus Dashboard Data Broker

In addition, Cisco Nexus Dashboard Data Broker (NDDB) is a one of the newest Nexus Dashboard service that facilitates visibility by filtering the aggregated traffic and forwarding traffic of interest to the tools for analysis. It is a multi-tenant-capable solution that can be used with both Cisco Nexus and Cisco Catalyst fabrics.

4. Predictive Change Management with Nexus Dashboard Insights

IT can now predict the impact of the intended configuration changes to reduce risk.

◉ Test and validate proposed configurations before rolling out the changes

◉ Proactive checks to prevent compliance violations, while minimizing downtime and Total Cost of Ownership

◉ Continuous assurance to address compliance and security posture

Predictive Change Management with Nexus Dashboard Insights

5. Nexus Dashboard APIs: Automation and Operational Agility for NetOps and DevOps

Cisco Nexus Dashboard now enables a rich suite of services through APIs for third-party developers to build custom apps and integrations. Nexus Dashboard APIs enable automation of intent using policy, lifecycle management, and governance with a common workflow. For example, IT can consume ITSM and SIEM solutions with ServiceNow and Splunk apps available through Nexus Dashboard.

The HashiCorp Terraform and Red Hat Ansible modules published for Nexus Dashboard enables DevOps, CloudOps, and NetOps teams to drive infrastructure automation, maintain network configuration as code, and embed the infrastructure config as part of the CI/CD pipeline for operational agility.

Our Customers Love Nexus Dashboard, and You Will Too!

As a unified, simple to use automation and operations platform, Cisco Nexus Dashboard is the focal point that customers such as T-Systems can use to build, operate, monitor, troubleshoot, and manage their hybrid cloud networking infrastructure.

Are You Ready for Simplicity?

In IT operations, network automation is the key to simplify hybrid cloud complexity, meet KPIs, and increase ROI. Incorporating the needs of NetOps, DevOps, SecOps and CloudOps for full lifecycle operations is table stakes to make this a reality. The latest updates to Cisco Nexus Dashboard deliver the simplicity expected by IT operations teams to become a trusted partner in their digital transformation journey.

Source: cisco.com

Continue reading

Accelerate Data Lake on Cisco Data Intelligence Platform with NVIDIA and Cloudera

The Big Data (Hadoop) ecosystem has evolved over the years from batch processing (Hadoop 1.0) to streaming and near real-time analytics (Hadoop 2.0) to Hadoop meets AI (Hadoop 3.0). These technical capabilities continue to evolve, delivering the data lake as a private cloud with separation of storage and compute. Future enhancements include support for a hybrid cloud (and multi-cloud) enablement.

Cloudera and NVIDIA Partnerships

Cloudera released the following two software platforms in the second half of 2020, which, together, enables the data lake as a private cloud:

◉ Cloudera Data Platform Private Cloud Base – Provides storage and supports traditional data lake environments; introduced Apache Ozone, the next generation filesystem for data lake

◉ Cloudera Data Platform Private Cloud Experiences – Allows experience- or persona-based processing of workloads (such as data analyst, data scientist, data engineer) for data stored in the CDP Private Cloud Base.

Today we are excited to announce that our collaboration with NVIDIA has gone to the next level with Cloudera, as the Cloudera Data Platform Private Cloud Base 7.1.6. will bring in full support of Apache Spark 3.0 with NVIDIA GPU on Cisco CDIP.

Cisco Data Intelligence Platform (CDIP)

Cisco Data Intelligence Platform (CDIP) is a thoughtfully designed private cloud for data lake requirements, supporting data-intensive workloads with the Cloudera Data Platform (CDP) Private Cloud Base and compute-rich (AI/ML) and compute-intensive workloads with the Cloudera Data Platform Private Cloud Experiences — all the while providing storage consolidation with Apache Ozone on the Cisco UCS infrastructure. And it is all fully managed through Cisco Intersight. Cisco Intersight simplifies hybrid cloud management, and, among other things, moves the management of servers from the network into the cloud.

CDIP as a private cloud is based on the new Cisco UCS M6 family of servers that support NVIDIA GPUs and 3rd Gen Intel Xeon Scalable family processors with PCIe Gen 4 capabilities. These servers include the following:

◉ Cisco UCS C240 M6 Server for Storage (Apache Ozone and HDFS) with CDP Private Cloud Base — extends the capabilities of the Cisco UCS rack server portfolio with 3rd Gen Intel Xeon Scalable Processors, supporting more than 43% more cores per socket and 33% more memory than the previous generation.

◉ Cisco UCS® X-Series for CDP Private Cloud Experiences — a modular system managed from the cloud (Cisco Intersight). Its adaptable, future-ready, modular design meets the needs of modern applications and improves operational efficiency, agility, and scale.

CDIP is designed for hybrid clouds to help customers address the needs of modern apps and extensible data platforms. They can further accelerate their AI/ML and ETL workloads on their data lake with GA of Apache Spark 3.0 enabling GPU-accelerated workloads powered by NVIDIA RAPIDS data science libraries in the CDP Private Cloud Base 7.1.6.

The NVIDIA RAPIDS suite of open-source software libraries gives you the freedom to execute end-to-end data science and analytics pipelines entirely on GPUs. RAPIDS uses NVIDIA CUDA and exposes GPU parallelism to accelerate ETL and machine-learning workloads. NVIDIA RAPIDS Accelerator for Apache Spark leverages GPUs to accelerate data processing in Apache Spark 3.0 using the RAPIDS libraries. This allows users to run existing Apache Applications ten times faster with no code changes.

On the AI/ML side, NVIDIA GPUs integrates with libraries like TensorFlow and PyTorch to accelerate the training of Neural Networks for various use cases, such as Computer Vision and Natural Language processing, on a single GPU node or on multiple nodes, reducing the training time from weeks to days (or hours). This saves our customers valuable time.

The Cisco, NVIDIA, and Cloudera three-way partnership brings our joint customers a much richer data lake experience through solution technology advancements, validated designs, and it all comes with full product support.

Source: cisco.com

Continue reading

Revolutionize how you manage application resources across any environment

The business, application and infrastructure landscape has been changing rapidly over the last few years and even faster this year. Gone are the days where a handful of monolithic applications were running in a single datacenter fully managed by a central team – simpler days.  IT teams are now required to use a diverse set of environments, distributed technologies, architectures, platforms and tools to manage the critical IT resources required to keep their apps running no matter where they reside.

The job of managing all this complexity around how user experiences are delivered through applications is now beyond human scale and has big implications for IT teams and businesses including; application performance issues, time wasted in war rooms and fighting fires, underutilized infrastructure, public cloud overprovisioning, and cost overruns.

According to an Insight IT Modernization survey conducted by IDG, more and more organizations are dealing with similar challenges and realizing  the need for simplifying and streamlining their IT operations to be successful. 67% of survey respondents believe that business transformation efforts cannot proceed effectively without IT modernization.

In order to confront this complexity and ensure success in this new world, organizations are focusing on IT modernization projects in terms of quality of service, cost efficiency, availability, customer experience and more time for innovation

Source: IDG Insight IT Modernization 2020 Survey

But how can this be achieved?

IT modernization means optimizing operating models

To streamline processes and efficiently balance application performance and cost, the only choice is to automate resource management and decisions for workload placement and optimization.  But deciding what workloads to run on which platform, making real-time changes as required to ensure optimal performance and cost across any environment, monitoring and troubleshooting with minimum disruption, are all tasks that take time and resources. And as complexity increases, more and more human resources are required.

This is where AIOps comes in.

To optimize an environment end-to-end, you need access to a constant stream of telemetry data from dozens, hundreds, perhaps thousands of sources. Correlating and continuously analyzing all this data with an intelligent real-time decision engine to understand how everything fits together now and in the future is the way forward. A new generation of open tooling is required to connect all the dots and offer the insights and automated actions to stay ahead of demand, stay ahead of problems, and respond to new projects with confidence.

Rethink Cloud Operations

Recognizing these challenges, Cisco unveiled a new vision for the evolution of Cisco Intersight last month, detailed in a blog by Kaustubh Das, VP/GM of Cisco’s Cloud & Compute group. Cisco Intersight is a modular cloud operations platform that brings together IT teams, tools, infrastructure, and apps and helps operations personnel visualize, optimize, and orchestrate apps and infrastructure, wherever they are.  Delivering on this vision, we are happy to announce that we have released Cisco Intersight Workload Optimizer, the first in a series of powerful new Intersight solutions designed to simplify cloud operations.

Intersight Workload Optimizer (IWO) radically simplifies application resource management at scale to prevent application performance issues while reducing cost. It continuously optimizes critical resources resulting in efficient use of infrastructure whether on premises or in public clouds. It removes the guesswork from ongoing operations and planning for growth.

Turning data into action

IWO accomplishes all this through its AI-enabled decision engine that proactively matches workloads to the resources they need in real-time, using a process of data abstraction, analysis, and automation across the stack. It understands workload interdependencies, resource consumption, and costs from infrastructure to applications.  It leverages telemetry data from a broad third-party ecosystem across a range of endpoints including hypervisors, compute platforms (including Cisco UCS and Cisco HyperFlex), container platforms, public clouds, applications and more, to deliver intelligent recommendations for where to place and how to size and scale resources.

As a result, Intersight Workload Optimizer establishes a common control plane for resources across hybrid cloud environments, helping IT teams to navigate and automate the dynamic resource trade-offs and relevant decisions needed to balance application performance and cost.

After the metrics from registered endpoints have been collected in a common database and normalized into an abstracted model, AI-assisted analysis is done on an ongoing basis in real-time to provide proactive recommendations to right-size resources and recommend or automatically take action as required. This enables smooth operations and ensures a good digital experience for the consumers of any application.

Optimize hybrid cloud deployments

With distributed, multicloud applications becoming a common use case, IWO takes away the pain of having to monitor and manage individual cloud platforms with cloud-specific tools. IWO can provide recommendations on workload placement as well as on types of instances including “spot” or Reserved Instances (RI’s), databases, storage, and other application components. It can also recommend and take actions such as dynamically scaling or shutting down workloads, always optimizing based on performance and cost.

Manage Kubernetes at scale

Kubernetes has become the de facto standard for container orchestration. However, for IT teams, Kubernetes has introduced an additional layer of complexity with a new environment that needs configuring and monitoring on top of existing infrastructure platforms. Intersight Workload Optimizer complements and augments existing Kubernetes capabilities for ongoing day 1 and day 2 operations with the ability to do container right-sizing, pod “move”/rescheduling, cluster scaling, and scenario planning for Kubernetes deployments.

Integration with APM tools

Intersight Workload Optimizer has enhanced integrations with 3rd party Application Performance Management (APM) solutions, including Cisco AppDynamics. The result is deeper visibility, insight and actions based on the relationship between apps and associated infrastructure, leading to even smarter resourcing decisions that are tied back to the actual application user experience. The integration provides a single source of truth for application and infrastructure teams to work together more effectively, avoiding finger pointing and late-night war rooms.

A “Hands-off” Operational Model

By applying the same set of abstraction-analysis-automation principles for any technology in IWO’s broad, third party ecosystem and for all layers of the application and resource stack, IWO is able to deliver powerful capabilities that simplify day-to-day operations for IT team members (sysadmins, v-admins, production and integration teams, cloud architects and DevOps teams etc) in an organization.

Leveraging its agentless architecture that is modularized and delivered as a Service, Intersight Workload Optimizer can rapidly expand any supported ecosystem to meet our customers’ evolving needs, however and wherever they operate. It can truly provide a closed-loop operating model based on extensive and deep visualization between applications and infrastructure, powered by AI, analytics, and automation.

Continue reading

From Data Center to Cloud, Guidance for Managing Data Everywhere

As enterprises react to rapid changes in business models driven by macro-events, digital transformation, and redistribution of both the workforce and the workloads, agility and resiliency in IT solutions and services are a key differentiator for success. Whether application workloads reside in the cloud, at the edge, or on-prem, the data center needs to be optimized for performance, reliability, and user experience as business and operational needs evolve.

Data center and cloud networking agility provide the ability to react quickly to changes and goes way beyond traditional measurements of speeds and feeds. Agility depends on being able to manage the network fabric holistically with emphasis on higher-level infrastructure orchestration platforms, automation tools, programmability through APIs, and end-to-end visibility through deep analytics with machine learning.

With the many permutations of cloud and data center infrastructures that exist in the global market, IT has a wealth of vendor options to evaluate for network solutions that match the needs of their enterprise and cloud data centers. Fortunately, there are analysts and technology journalists to help sift through the flood of data with independent research. What are the critical capabilities that set leaders of network infrastructure and management apart from followers? Let’s look at some of the capabilities that Gartner uses to evaluate data center and cloud networking solutions.

2020 Gartner Critical Capabilities for Data Center and Cloud Networking

The capabilities for optimizing data center and cloud networking—from hardware to network operating systems to management solutions—are all drivers of agility and business resiliency. In particular, Gartner highlights three use cases that are top of mind for many enterprise IT teams for evaluating data center networking solutions:

1. Enterprise Refresh/Build-Out Use Case. Includes switch hardware, Network Operating System (NOS), management, and automation integrations.

2. Agility Boost Use Case. Based on management platform independence, automation, hyper-converged infrastructure integrations, and public cloud integrations.

3. DevOps Driven Organization Use Case. Day 1 and Day 2 automation and data center platform integrations.

These capabilities, among others, build a foundation for managing data center resources for modern enterprises facing continuous change. For example, Gartner predicts that “by 2023, 10% of enterprises will fully integrate data center networking activities into CI/CD pipelines, up from nearly zero in early 2020”, with DevOps driving the development of applications critical to business. For these applications to run successfully under high demand, organizations will need increased insight and automation into managing Day 2 operations for data center and hybrid-cloud operations. In the 2020 Magic Quadrant for Data Center and Cloud Networking report, Gartner highlights Cisco’s strengths and cautions as a Magic Quadrant Leader.

◉ With solid products and a large and global installed base, Cisco offers depth and breadth of features that covers nearly all usage scenarios, including advanced routing and ultra-low-latency switching.

◉ Cisco has a roadmap to deliver increasing levels of analytics and automation to satisfy emerging customer requirements for a more autonomous and self-healing network.

◉ Cisco Network Insights improves Day 2 operational activities such as troubleshooting, reporting, and bug scrubs, and integrates with both Application Centric Infrastructure (ACI) and Data Center Network Management (DCNM) controllers.

Six Years of Positioning as a Gartner Magic Quadrant Leader in Data Center and Cloud Networking

2020 marks the 6th consecutive year that Gartner positions Cisco in the Leaders Quadrant for Data Center and Cloud Networking. This year Gartner included Cloud Networking in addition to the traditional on-prem data center offerings and we believe Cisco was named a Leader given our proven multi-cloud architecture. Gartner evaluated Cisco data center and cloud switches, NOS as well as Cisco Application Centric Infrastructure (ACI), Data Center Network Management (DCNM), and Data Center Network Assurance and Insights Suite.

*Source: Gartner Magic Quadrant for Data Center and Cloud Networking, June 30, 2020

Continue reading

Cloud vs. Hybrid Collaboration. Which is Right for You?

Understanding Cloud and Hybrid Collaboration Solutions

The world is changing, and the way organizations collaborate and communicate is now different. In-office meetings or traveling to meet with colleagues or customers have been replaced with video conferencing solutions. Organizations are relying on collaboration tools to get their work done, whether they are working from home, in-office or on the go.

Most businesses have a mix of hardware, software and data centers that have been added over time. It is important to look deeper and understand the solutions you currently have available and the changes required to prepare for your new collaboration solution. It will be valuable to define your company’s needs and the capabilities required to best serve your employees and customers and make a decision on the necessary hardware and software required for the transition.

The Right Collaboration Solution with Cisco Webex 

The right collaboration solution accelerates the pace of business and increases productivity and engagement within your workplace and allows you to attract and retain the best talent. Cisco Webex provides a single, unified platform integrating all your collaboration needs to deliver a simple, intelligent, and delightful experience for customers. Our platform enables you to call, meet and message from one single application.

Webex integrates seamlessly into many industry-leading applications, allowing your team to keep their current workflow without missing a beat. Our integrated solution provides complete collaboration without compromising your convenience, security, and privacy. We provide flexible deployments giving you the option to take advantage of our cloud or hybrid collaboration solutions based on your business needs.

Cloud Collaboration Deployments

Cloud Collaboration deployments allow customers to move their resources, data storage, applications, servers and networks to the cloud. Cloud deployments have been proven to be secure, reliable and cost-effective. More and more organizations are moving their infrastructure to the cloud because cloud collaboration solutions provide lower upfront costs, less maintenance, and reduced infrastructure requirement, with the option to scale up and down as needed. They also enhance team collaboration and increase employee productivity and engagement.

With cloud video conferencing, your system can be up and running in minutes, allowing you to connect with your colleagues and customers with high-quality audio and video. Users are able to seamlessly communicate face to face, while administrators have an easier way to manage and provide effective collaboration.  Video conferencing solutions transform your meeting experience and provide you with the freedom to communicate effectively with multiple locations and collaborate with remote stakeholders.

Capabilities You Can Trust 

Cisco Webex provides a modern and easy to use interface to meet, call and message and it seamlessly integrates with your current workflow and applications. Cisco Webex delivers powerful AI and machine learning capabilities across the Webex portfolio. With capabilities such as voice intelligence, real-time transcription, People Insights, Facial Recognition, and Webex Assistant, Cisco Webex helps teams work smarter and better, no matter where they are. Administrators can take advantage of the intuitive, single-pane-of-glass management portal with real-time actionable insights to scale up and down, and provision, administer and manage their Cisco Webex services. Our built-in security and compliance requirements provide you with strong encryption, compliance visibility, and control while collaborating inside and outside your organization.

Hybrid Collaboration Deployments

Moving to the cloud does not have to be an all or nothing solution. Many organizations have made significant on-premises investments and they leverage the hybrid approach, transitioning some systems to the cloud while continuing to run others on their on-premises infrastructure. Hybrid deployments allow you to make the transition to the cloud at the pace suitable for your organization while maximizing your existing investments. According to Nemertes Research, “Hybrid enables organizations to adopt cloud strategically, delivering less disruption and faster access to specific capabilities like meetings and team collaboration from the cloud.”

About the Best Migration Path for Your Business

Cisco Webex allows customers to select the best migration path suited for their business needs and goals. Our flexible deployments enable customers to connect to the Webex Cloud and take advantage of the latest cloud innovations while protecting their existing investment and infrastructure. Cisco Webex Cloud is secure, reliable and highly available with unmatched performance.

The Webex Cloud is built and optimized for real-time media, with a global network that is engineered for effective meetings. It provides greater quality, reliability, and security that is impossible to achieve on the open and public internet.

Continue reading

ACI Anywhere Now Extending From On-Premises to AWS Cloud

Cisco is pleased to announce availability of a brand-new solution, Cisco Cloud ACI on AWS. This solution automates management of end-to-end connectivity and enforcement of consistent network security policies for applications running in on-prem data centers and AWS public cloud regions.

Decentralized Data Means Cloud Growth

Enterprises, large and small, are expanding to the cloud to build applications that engage their customers. And their developers and IT teams must manage their private and public cloud environments.

IDC expects spending on cloud IT infrastructure to grow at a five-year compound annual growth rate (CAGR) of 11.2%, reaching $82.9 billion in 2022, and accounting for 56.0% of total IT infrastructure spend. Public cloud data centers will account for 66.0% of this amount, growing at an 11.3% CAGR. Spending on private cloud infrastructure will grow at a CAGR of 12.0%*.

Due to this massive shift in the decentralization of data, increasing cloud acceptance, and move to hybrid environments, businesses need a network that can empower the data center to go securely anywhere. Innovation should only be limited by imagination, not technology. Cisco’s ACI Anywhere with Cloud ACI is the bridge.

Multicloud Doesn’t Need to Mean Complexity

As the adoption of multicloud strategies grow, the industry is demanding consistent policy, security, and visibility everywhere, with a simplified operating model. IT organizations are challenged to maintain governance, compliance, agility, flexibility, and TCO optimization for legacy, virtualized, and next-generation applications across multiple on-premises sites and clouds.

Highly complex operational models today are the result of diverse and disjointed visibility and troubleshooting capabilities, with no correlation across different cloud service providers. There are multiple panes of glass to configure, manage, monitor, and operate these multicloud instances. And there are inconsistent segmentation capabilities today across hybrid instances that pose security, compliance and governance challenges.

Cisco Cloud ACI Extends ACI Capabilities from On-premises to Public Cloud

Cisco ACI delivers control and visibility based on application network policy. With the next phase, Cisco ACI extends this policy-driven automation from on-premises to public cloud instances.

Cisco Cloud ACI runs natively in public clouds and delivers the following key capabilities:

Automated and secure hybrid connectivity through unified management. Through a single pane of glass (ACI Multi-Site Orchestrator), users can configure inter-site connectivity, define policies, and monitor the health of network infrastructure across hybrid environments. Inter-site connectivity includes (i) An underlay network for IP reachability (IPsec VPN over the Internet, or through AWS Direct Connect*) and (ii) an overlay network between the on-premises and cloud sites that runs BGP EVPN as its control plane and uses VXLAN encapsulation and tunneling as its data plane.

Enable consistent security posture, governance, and compliance through a common policy abstraction. Cisco ACI on AWS uses group-based network and security policy models.Cloud ACI translates ACI policies into cloud-native policy constructs. The logical network constructs of Cisco ACI (tenants, VRFs, endpoint groups (EPGs), and contracts etc) translate into AWS networking constructs (user accounts, Virtual Private Cloud (VPC), and security groups, plus security group rules and network access-control lists etc.). This enables consistent network segmentation, access control, and isolation across hybrid deployments.

Enable elasticity for resources across on-premises data center and public cloud. Enable secure workload mobility and preserve the application policies, network segmentation, and identity of the workload (IP mobility*).

Facilitate workload migration across hybrid environments. Enable secure workload mobility and preserve the application policies, network segmentation, and identity of the workload (IP mobility*).

Enable business continuity and disaster recovery. Allow organizations to maintain or quickly resume mission-critical applications using a back-up and recovery site in the public cloud.

What makes Cisco’s Cloud ACI different and relevant for you

Cloud ACI provides a common policy abstraction and consumes AWS public APIs to deliver policy consistency and segmentation. As such, Cloud ACI is not confined to bare-metal instances in AWS and does not require deployment of agents in cloud workloads to achieve segmentation.

With Cisco ACI, customers can carry all their network and security policies across data centers, colocations, and clouds. Cisco ACI automates cross-domain service chaining of application traffic across physical and virtual L4-L7 devices to scale, and seamlessly integrates bare-metal servers, virtual machines, and containers under a single policy framework.

Cisco ACI also has the industry’s broadest tech-partner ecoysystem and integrates with a variety of solutions ranging from Cisco AppDynamics, CloudCenter to F5, ServiceNow, Splunk, SevOne, and Datadog. Customers can leverage widely adopted tools such as Terraform and Ansible to achieve end-to-end workflow-based automation. AWS customers can tap into the rich cross-silo insights through ACI integrations with AWS technologies like Amazon CloudWatch* and Amazon Simple Notification Service (Amazon SNS)* to fine tune the network for better throughput, latency, path selection, security and cost optimization.

Have ACI Anywhere with Cloud ACI on AWS

As the industry’s most deployed, open SDN platform, Cisco delivers advanced capabilities on AWS and simplifies multicloud deployments with Cisco Cloud ACI. With the Cloud ACI architecture, customers and analysts see the benefit of seamless layer-in policy consistency, operational simplicity and the flexibility to leverage services offered by public clouds.

“ESG Research validates that companies are increasingly adopting a hybrid cloud approach to deliver the best service for their customers. In fact, many are adopting a Multicloud policy” says Bob Laliberte, Practice Director and Senior Analyst with the Enterprise Strategy Group. “However, these distributed compute environments create significant management complexity. Cisco ACI Anywhere, and more specifically, Cloud ACI on AWS is helping to consolidate and simplify management across the on-premises data center and the popular AWS cloud environment, something that we expect will be well received by all market segments.”

Continue reading