Friday, 3 September 2021

Cisco Catalyst 9100 series, much more than Wi-Fi connectivity

Cisco Catalyst 9100, Wi-Fi Connectivity, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Career, Cisco Preparation

Are you one of those people who, when entering a new building (such as a hotel, corporate office, stadium, hospital—literarily any building) the first thing you do is look up to spot the presence of an access point (AP)?

What? You don’t? You don’t know what you are missing!

Yes, I am one of those people. Call it professional deviation, but when entering a building I must check if there is a Wi-Fi signal, where the APs are located, what’s the AP brand, how have the access points been mounted, what type of antennas they us. Sometimes I even take pictures, but don’t tell anyone.

Ok, but even if you are not a human Wi-Fi sentinel like myself, I am quite sure that when you see an access point, you immediately think of a reliable, secure (and yes, hopefully free!) wireless connection. Today it is all about Wi-Fi 6, so you have even greater expectations, right?

I agree with you, the primary role of the AP is to provide reliable coverage and a secure connection, with the bandwidth needed for your devices and applications to work properly.

But what if I told you that there is much more than connectivity to a Cisco Access Point? Cisco has embedded so many cool innovations into the Catalyst Access Point that by the end of this blog, you will look at an access point in a totally different prospective.

When you think about it, the AP can do much more than just offer Wi-Fi connectivity: you have these intelligent network devices sitting in the ceiling  with a privileged view of people and things moving around. The APs are in the perfect spot to capture a lot of useful information beyond the client data packets. For example, getting the location of movable devices.

Cisco Catalyst 9100, Wi-Fi Connectivity, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Career, Cisco Preparation

The AP can act as a multi-protocol (multi-language) gateway, capable of enabling multiple wireless technologies. It can also open up a lot of interesting use cases in the IoT world, for example simplifying Retail management using integrated remote shelf labeling solutions.

We have built the Catalyst AP with this idea in mind: to make it a multi-function and multi-purpose platform for innovation. We do this first by embedding a dedicated, software programmable radios in the access point. The main purpose of this radio is to grab and analyze RF information so that the system can make intelligent decisions. Cisco brings the benefits of programmable hardware to the edge of the network: being programmable, it allows Cisco to introduce technology innovations without requiring a hardware refresh. For the Catalyst Wi-Fi 6 access points, the built-in programmable radio is called Cisco RF ASIC.

We then combine it with the Cisco IoX framework, bringing the possibility to load a Cisco or 3rd party containerized application directly on to the Catalyst AP in a completely automated manner. This combination of programmable hardware and embedded software capabilities is an industry first and allows Cisco to bring new innovative wireless solutions faster to market.

Cisco Catalyst 9100, Wi-Fi Connectivity, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Career, Cisco Preparation

Let’s look under the AP hood and understand the benefits of these innovations. The first focus of an Access Point is the Wi-Fi connectivity, so we built a  state-of-the-art Wi-Fi 6 AP with an awesome RF design capable of embedding ten different antennas in a small form factor. It’s actually 25% smaller and lighter than the previous models, allowing for easier mounting and even more pleasant aesthetics:

Cisco Catalyst 9100, Wi-Fi Connectivity, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Career, Cisco Preparation

But Cisco goes beyond the Wi-Fi standard in multiple ways; first, thanks to a close collaboration with device vendors (Apple, Samsung, and Intel), Cisco has embedded additional functionalities to make sure that these vendor devices have a better experience on a Cisco wireless network. Apple Analytics, Apple FastLane and Fastlane+, Samsung and Intel Analytics are some of the most recent examples of this partnerships. The insights Cisco gets from client devise are super critical for troubleshooting because they provide the client view of the RF network, which is usually different from the access points’ view.

With the introduction of the Cisco RF ASIC as a third dedicated radio, the wireless connectivity is optimized because this offloads all the heavy-duty work from the client-serving radios: resulting 25% increase in client performance is expected for all clients, not only Wi-Fi 6 clients. The dedicated programmable radio is continuously scanning and grabbing a lot of critical information about the RF environment, client onboarding, interferences and analytics in general. From there, it’s streamed efficiently and securely to the cloud and use Machine Learning (ML) and Artificial Intelligence (AI) in DNAC Assurance and DNA Spaces to make the data actionable. A clear example of this is Intelligent capture in DNAC Center Assurance which provides a new way of proactively troubleshooting the network.

This is going to save you and your team a lot of time, effort  and busy work.

Cisco Catalyst 9100, Wi-Fi Connectivity, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Career, Cisco Preparation

And finally, the AP can act as an IoT gateway, supporting multiple IoT protocols via software. A Cisco or third party APP can be installed directly on the AP in a fully automated fashion. This opens a lot of opportunities for. One example is an IoT gateway for remote shelf labelling that allows customer to save operational and capital expenses by not deploying a parallel IoT network.

So, I am sure you agree with me that a Cisco Catalyst Access Point is much more than just Wi-Fi connectivity; and next time you enter a building you will turn your head up and look for those great pieces of wireless innovation.

Source: cisco.com

Wednesday, 1 September 2021

Accelerate Data Lake on Cisco Data Intelligence Platform with NVIDIA and Cloudera

Cisco Data Intelligence Platform, Cisco Prep, Cisco Learning, Cisco Guides, Cisco Tutorial and Materials, Cisco Preparation, Cisco Career

The Big Data (Hadoop) ecosystem has evolved over the years from batch processing (Hadoop 1.0) to streaming and near real-time analytics (Hadoop 2.0) to Hadoop meets AI (Hadoop 3.0). These technical capabilities continue to evolve, delivering the data lake as a private cloud with separation of storage and compute. Future enhancements include support for a hybrid cloud (and multi-cloud) enablement.

Cloudera and NVIDIA Partnerships

Cloudera released the following two software platforms in the second half of 2020, which, together, enables the data lake as a private cloud:

◉ Cloudera Data Platform Private Cloud Base – Provides storage and supports traditional data lake environments; introduced Apache Ozone, the next generation filesystem for data lake

◉ Cloudera Data Platform Private Cloud Experiences – Allows experience- or persona-based processing of workloads (such as data analyst, data scientist, data engineer) for data stored in the CDP Private Cloud Base.

Today we are excited to announce that our collaboration with NVIDIA has gone to the next level with Cloudera, as the Cloudera Data Platform Private Cloud Base 7.1.6. will bring in full support of Apache Spark 3.0 with NVIDIA GPU on Cisco CDIP.

Cisco Data Intelligence Platform (CDIP)

Cisco Data Intelligence Platform (CDIP) is a thoughtfully designed private cloud for data lake requirements, supporting data-intensive workloads with the Cloudera Data Platform (CDP) Private Cloud Base and compute-rich (AI/ML) and compute-intensive workloads with the Cloudera Data Platform Private Cloud Experiences — all the while providing storage consolidation with Apache Ozone on the Cisco UCS infrastructure. And it is all fully managed through Cisco Intersight. Cisco Intersight simplifies hybrid cloud management, and, among other things, moves the management of servers from the network into the cloud.

CDIP as a private cloud is based on the new Cisco UCS M6 family of servers that support NVIDIA GPUs and 3rd Gen Intel Xeon Scalable family processors with PCIe Gen 4 capabilities. These servers include the following:

◉ Cisco UCS C240 M6 Server for Storage (Apache Ozone and HDFS) with CDP Private Cloud Base — extends the capabilities of the Cisco UCS rack server portfolio with 3rd Gen Intel Xeon Scalable Processors, supporting more than 43% more cores per socket and 33% more memory than the previous generation.

◉ Cisco UCS® X-Series for CDP Private Cloud Experiences — a modular system managed from the cloud (Cisco Intersight). Its adaptable, future-ready, modular design meets the needs of modern applications and improves operational efficiency, agility, and scale.

Cisco Data Intelligence Platform, Cisco Prep, Cisco Learning, Cisco Guides, Cisco Tutorial and Materials, Cisco Preparation, Cisco Career

CDIP is designed for hybrid clouds to help customers address the needs of modern apps and extensible data platforms. They can further accelerate their AI/ML and ETL workloads on their data lake with GA of Apache Spark 3.0 enabling GPU-accelerated workloads powered by NVIDIA RAPIDS data science libraries in the CDP Private Cloud Base 7.1.6.

The NVIDIA RAPIDS suite of open-source software libraries gives you the freedom to execute end-to-end data science and analytics pipelines entirely on GPUs. RAPIDS uses NVIDIA CUDA and exposes GPU parallelism to accelerate ETL and machine-learning workloads. NVIDIA RAPIDS Accelerator for Apache Spark leverages GPUs to accelerate data processing in Apache Spark 3.0 using the RAPIDS libraries. This allows users to run existing Apache Applications ten times faster with no code changes.

On the AI/ML side, NVIDIA GPUs integrates with libraries like TensorFlow and PyTorch to accelerate the training of Neural Networks for various use cases, such as Computer Vision and Natural Language processing, on a single GPU node or on multiple nodes, reducing the training time from weeks to days (or hours). This saves our customers valuable time.

The Cisco, NVIDIA, and Cloudera three-way partnership brings our joint customers a much richer data lake experience through solution technology advancements, validated designs, and it all comes with full product support.

Source: cisco.com

Tuesday, 31 August 2021

Everything You Need to Study for the Cisco 200-201 CBROPS Exam

The 200-201 CBROPS: Understanding Cisco Cybersecurity Operations Fundamentals exam is associated with Cisco CyberOps Certification. Passing this exam satisfies a part of the requirements for earning the Cisco CyberOps certification. The exam is intended to assess the candidates’ skills and expertise concerning security concepts, security monitoring, host-based analysis, security policies & procedures, and network intrusion analysis. It’s important to expand skills in these skill areas before sitting for this exam. There are no former prerequisites needed to opt for the Cisco 200-201 CBROPS exam. Though, the applicants should understand all the topics included in the exam syllabus before taking this certification exam.

Important Information on Cisco 200-201CBROPS Exam

Cisco 200-201 CBROPS is a 120-minute exam comprising 95-105 questions that need to be finished in 120 minutes. To register for the exam, visit the Pearson VUE website and log in to your account and schedule your exam. The exam is available in the English language. You must prepare thoroughly for this Cisco exam to ensure your success.

The 200-201 CBROPS exam includes a broad range of topics classified under five domains. Each of these topics has a list of subtopics with their comprehensive sections. It’s suggested that you go through their details before taking the exam. The objectives incorporated in this Cisco certification exam are mentioned below:

  • Network Intrusion Analysis
  • Security Monitoring
  • Security Policies and Procedures
  • Security Concepts
  • Host-Based Analysis

Applicants should pay close attention to the percentage of the exam topics as they indicate the weight of questions that may be exacted from each of them. You’ll find the breakdown of each domain on the exam webpage. The learners should also take time to read other related topics as the questions may be administered from the areas not covered in these objectives.

Help Your Career with Cisco CyberOps Associate 200-201 Exam

Tips for Successful 200-201 CBROPS Exam Preparation

Studying and preparing are important to success in exams. And now that you know what to expect from the actual 200-201 CBROPS, let’s see how you can enhance your understanding and pave your path to success:

1. Take Advantage of Official Training Resources

The official training course offered by Cisco for the 200-201 exam is the Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) v1.0. It is instructor-led training, in which the applicants have the chance to learn from Cisco certified instructors how to avoid security breaches and retain their organization’s systems updated. Moreover, this course is accessible in the classroom or virtual modes. Furthermore, if your schedule is too busy, you can go for the e-learning version.

2. Gain Practical Experience

Practical experience can help you acquire skills and techniques you may not get from the books or training courses. If you become familiar with the TCP/IP and Ethernet networking, your chances of passing the actual Cisco 200-201 CBROPS exam with a good score improve considerably. Moreover, you can obtain prior experience in working with the Windows operating systems and Linux. Additionally, understanding the basic networking security concepts will give you a comparative strength over other applicants.

3. Set Yourself Up for Success with 200-201 CBROPS Practice Tests

Practice tests will help you identify your knowledge and preparation level. Practice tests for Cisco 200-201 CBROPS exam can be found on third-party websites. By performing practice tests, you learn how to deal with the tricky questions and the topics on which you require to concentrate more. Moreover, practice tests will help you strengthen your self-confidence as you know what to expect in the actual Cisco 200-201 exam.

4. Join an Online Community

Joining online study groups and online communities proves to be really helpful throughout your exam preparations. They help you learn from the experience of experts. You can also ask and solve your doubts. The professionals give valuable perceptions for you to obtain this certification.


Enjoy the Successful CyberOps Career with Cisco 200-201 CBROPS Certification

Conclusion

As you can see, if you want to pass the Cisco 200-201 on the first attempt, you have everything for it. You only require to use authentic study materials and prepare with dedication. So, your Cisco Certified CyberOps Associate certification is almost in your hand. All the Best!

Monday, 30 August 2021

Cisco Nexus Data Broker Now an App on Nexus Dashboard and Ready for Enterprise Networks

Cisco Nexus Data Broker has seen tremendous success and traction with data center customers since its inception. Our customers really liked the idea of using the same Nexus Data Center switch for building the packet broker network for their monitoring needs. They didn’t need to invest in additional skill development to manage purpose-built packet broker appliances. They could streamline the procurement and availability of spares and stock in their inventory. And they benefited from a much lower price point compared to the purpose-built packet broker appliances.

Data Broker Controller as an App on Cisco Nexus Dashboard

I am very excited to announce the next stage in evolution of Nexus Data Broker. Let’s start with the name change. We are changing the name to Nexus Dashboard Data Broker or Nexus Dashboard Data Broker. Why change the name? With the latest release, we have made the Data Broker Controller application available as an app on Cisco Nexus Dashboard (Figure 1).  

Cisco Nexus Data Broker, Cisco Enterprise Networks, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning, Cisco Preparation
Figure 1. Nexus Dashboard and Nexus Dashboard Data Broker

When you go into Cisco DC App Store, you will find the Cisco Nexus Dashboard Data Broker app to download and install. We are in the process of making all Day 2 applications run as services on top of the Nexus Dashboard platform and we did this with Nexus Data Broker. This new model of Data Broker Controller software distribution and run time .

There’s no need to download additional software from a download center for the first or future upgrades. The Nexus Dashboard Data Broker app is like a smartphone app, installed and upgraded directly from the Nexus Dashboard in the app store.

Nexus Dashboard Data Broker for Enterprise Networks


With the newest release of Nexus Dashboard Data Broker, we are expanding the scope of Nexus Dashboard Data Broker to enterprise network deployments, including campus and branch locations.  You can create a copy of the traffic using test access point (TAP) or switched port analyzer (SPAN) from Cisco Catalyst to Nexus Dashboard Data Broker solution (Figure 2). We have simplified the deployment of the Nexus Dashboard Data Broker solution for enterprise networks further by automating the SPAN configuration from the Nexus Dashboard Data Broker Controller via Cisco DNA Center or directly on Cisco Catalyst switches. I am really excited about extending the benefits of Nexus Dashboard Data Broker to enterprise networks.

Cisco Nexus Data Broker, Cisco Enterprise Networks, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning, Cisco Preparation
Figure 2. Nexus Data Broker for Enterprise Networks

Introducing Cisco Nexus 3550-F Fusion Layer 1 as TAP in Nexus Dashboard Data Broker Solution


Another exciting new capability we’re announcing is the addition of Cisco Nexus 3550-F Fusion Layer 1 platform as a TAP device (Figure 3). With it you can use the TAP functionality provided by the Nexus 3550-F Fusion switch with complete automation of TAP configuration from the Nexus Dashboard Data Broker Controller GUI.

Cisco Nexus Data Broker, Cisco Enterprise Networks, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning, Cisco Preparation
Figure 3. Automation of TAP Provisioning from the Nexus Dashboard

GUI and Usability Enhancements

Finally, I would like to mention the usability and user interface enhancements made to the newest Nexus Dashboard Data Broker Controller 3.10.1 release. The GUI is completely redesigned with the latest and greatest GUI framework and architecture, aligned with Nexus Dashboard and Nexus Dashboard services. This redesigned GUI framework lays the foundation for further enhancements and alignment in the areas of topology and other GUI screens (Figure 4).

Cisco Nexus Data Broker, Cisco Enterprise Networks, Cisco Exam Prep, Cisco Tutorial and Materials, Cisco Guides, Cisco Learning, Cisco Preparation
Figure 4. New GUI for Nexus Dashboard Data Broker Dashboard

Sneak Peek into Upcoming Releases


What’s next in the pipeline for Nexus Dashboard Data Broker in the next 6-9 months? We will focus on further improving the user interface and the user experience by upgrading the topology to the blueprint and framework provided by Nexus Dashboard. We will also focus on increasing the scale to support more source ports and tool ports to meet ever-increasing demand.

Try It, You’ll Like It


If you are already a Nexus Dashboard Data Broker user, I invite you to try the new 3.10.1 release and see the enhancements for yourself. If you are not a current user, I strongly believe that we have a great product that solves your packet brokering needs at a very attractive price point and I invite you to evaluate the product for your packet broker infrastructure.

As always, we are standing by to provide you with the necessary resources to make your deployment successful and to listen to your feedback for further product improvements.

Source: cisco.com

Saturday, 28 August 2021

Classic Smart Licensing vs Smart Licensing Using Policy (SLUP)

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides, Cisco Certification, Cisco Career

Customer requirements are keep changing, and Cisco is focusing more on network to be more software-focused and less hardware-dependent. Cisco Smart Licensing supports this vision by software license management. Smart Licensing is a flexible software licensing model that simplifies the way you activate and manage licenses across your organization.

Smart Licensing simplifies the way customers activate and manage licenses across their organization in below ways:

◉ License flexibility: Licenses are not node-locked to hardware, so customers can easily pool license entitlements and move them around freely through their network as needed.

◉ Easy activation: Smart Licensing establishes a pool of software licenses that can be used across an entire organization; no Product Activation Keys (PAKs) are needed for registrations.

Why Smart-Licensing Using Policy?

Though Cisco supports various deployment mechanism for tracking and reporting of License usage, yet it was not easily adaptable for all kinds of deployments. There were feedback and requirements from few customers, to make Smart Licensing more favourable for adoption.

Some of the challenges are:

◉ With SL Registration – Devices has to be always connected to the Internet to reach CSSM which is a deployment concern

◉ On-Prem Satellite server introduce more cost to deployment and maintenance

◉ SLR facilitates only air-gapped networks

◉ Any deployments that do not support either of these models, have to run their devices in Unregistered/Eval expired state, even after licenses are purchased.

Because of the above challenges, this brings to me to next section, that is Smart Licensing Using Policy.

What’s Smart Licensing Using Policy?

Smart Licensing took a major step towards simplifying the way customers activate and manage their Enterprise Networking devices. Smart Licensing Using Policy now provides a simpler and more flexible deployment method. 

Cisco Prep, Cisco Learning, Cisco Tutorial and Material, Cisco Guides, Cisco Certification, Cisco Career

All enterprise networking products such as the Catalyst 9000 series switches, routing platforms (ASR1K, ISR1K, ISR4K), Cisco Catalyst 9800 Series Wireless Controllers, IOT routers and switches support Smart Licensing Using Policy.

Benefits of Smart Licensing Using Policy


1. Smart Licensing using Policy eliminates Day 0 deployment friction (device on-boarding).

◉ Device just works out of box and enabling immediate value for Cisco customers.

◉ Since there is no evaluation mode at device boot, device registration before use of device is not required.

2. Smart Licensing using Policy complies with customer’s security policies, eliminating risk.

◉ Connectivity of the device to the internet is not required for software compliance.

◉ Utility/tools available to report license consumption periodically for online customers; For offline customers, utility available to upload reports offline.

3. Smart Licensing using Policy reduces OPEX costs.

◉ Customer network operation success is not tied to the software procurement process. In classic Smart Licensing, Day0 must be 100% accurate for network to deploy, which adds opex costs.

Thursday, 26 August 2021

Latest Cisco 200-301 Certification Exam Sample Questions and Answers

Cisco CCNA Exam Description:

This exam tests a candidate's knowledge and skills related to network fundamentals, network access, IP connectivity, IP services, security fundamentals, and automation and programmability. The course, Implementing and Administering Cisco Solutions (CCNA), helps candidates prepare for this exam.

Cisco 200-301 Exam Overview:

Application Aware Networking with Cisco SD-WAN

Part 2: Optimizing Application Experience

As applications are migrating to the cloud and being offered either as Software-as-a-Service (SaaS) or built as cloud native infrastructure, the network must become more application aware, programmable, and intelligent to deliver the best experience to users. My previous blog post discussed how Cisco Software-Defined WAN (SD-WAN) provides seamless connectivity to applications from anywhere. This blog post explores how applications can take advantage of and work cooperatively with the network to obtain a higher quality of experience through network policy, telemetry, and other features that promote security, reliability, and efficiency.

Application Experience with Cisco SD-WAN

Most enterprise are using SaaS applications for their day-to-day operations and adopting many different cloud environments as their IT infrastructure for business-critical applications. Organizations can custom-select different cloud services for specific functions and to take advantage of flexibility, performance, agility, and cost savings.

These SaaS applications are being consumed by a diverse set of devices, locations, and types of users who are constantly on the move. Enterprises face numerous challenges in terms of automation and management of this multifaceted environment. Meanwhile, application and user requirements are continuously and rapidly evolving. Traditional methods of planning and rollout may not meet current needs. What’s required is a network that is self-learning, aware, and adaptable to address application requirements dynamically and in real-time.

As enterprise application data traverses the internet and encounters congestion, packet loss and high latencies can occur. This results in a sub-optimal experience for users. Cisco SD-WAN, with advanced App Aware Routing based on network and application health telemetry, provides intelligent path selection and policy enforcement. These contribute to an optimal application experience by adopting to the changing needs of an application based on a user’s location, health of the network, and health of the application. Cisco SD-WAN provides best performing SLA for all types of traffic bound to cloud or to on-prem networks.

Application Optimization and Experience for SaaS

Figure 1. Multi Path SaaS Access with Cisco SD-WAN

To provide the most optimal SaaS application experience, the SD-WAN fabric must first classify the application, select the best SaaS point of presence (PoP) to serve users, and then decide the most optimal path to the selected PoP that meets the SLA needs of the user.

Example: Microsoft Office 365 Application Suite Experience


Network Based Application Recognition (NBAR) is used to classify distinct URLs for different applications. Applications can be mapped based on different traffic precedence or sensitivity. Typically, applications are categorized into Optimize, Allow, or Default categories. But with end-to-end telemetry using Application Infused Path Feedback (AIPF) an SD-WAN controller can use telemetry imported from Microsoft to optimize applications more granularly based on best path selection logic.

Figure 2. Transforming User Experience with Microsoft – Cisco SD-WAN Telemetry

The SD-WAN fabric continuously monitors the performance of alternate paths to SaaS and selects the best path based on the performance and network metrics such as loss, latency, etcetera. Here’s how application aware networking with Cisco SD-WAN works.

Step 1: DNS requests to the SaaS applications are sent on all available WAN paths

Figure 3. Cloud Access to SaaS Services with Dual DIA.

Step 2: DNS resolution for the configured SaaS application is completed on all possible path options.

Figure 4. Cisco SD-WAN SaaS adoption options.

Step 3: Periodic HTTP pings to the configured cloud onramp a SaaS application on each Direct Internet Access (DIA) circuit and probe for loss and latency. The best path selected is based on defined policies. When none of the paths are considered optimal, Cisco has added support for the user to either select the suboptimal path (best of worst) or redirect traffic elsewhere. This action is also based on defined policies.

Step 4: Quality of experience is calculated based on loss, latency, and perceived user experience as determined by telemetry data exchanged with SaaS applications.

At the heart of the enhanced application experience is the ability to combine application health perceived by the users in conjunction with the current health of the network as observed by the SD-WAN fabric to select the best path to Office 365.

Example: Application Experience of a Cloud Hosted Application in Google Cloud Platform


One of the fundamental questions of application aware networking is how network application developers can program the network to meet application needs. Cisco has developed a solution working closely with the Google Cloud Platform (GCP) team to allow DevOps teams to denote the traffic profile of an application using Google Cloud Service Directory, which can Inform vManage to set up a network policy to meet an application’s requirements in a programmable manner.

Different traffic profiles can be associated with different services as needed. Application teams deploy Kubernetes workloads with metadata annotations, properly classifying application services according to certain traffic profiles (e.g., video streaming or VoIP). The integration of service directory with Google Cloud Identity and Access Management (IAM) ensures that only those on the application team with the appropriate permissions can modify the traffic profile for a service.

Figure 5. Cisco Google Application Optimization Workflow

Step 1: Application team adds metadata annotation to a workload deployment.

Step 2: -Monitoring engine runs in the Kubernetes cluster and actively monitors the deployed services and publishes the metadata to the service registry.

Figure 6. Containers with Meta Data Annotations published in Service Directory

Step 3: vManage on the SD-WAN side connects to the service registry and periodically polls to keep track of updates regarding the services exposed. SD-WAN policies can be updated when changes are detected.

Step 4: SD-WAN application policy is created and maps the service-associated metadata into the detailed SD-WAN policies programmed by NetOps in the SD-WAN controller. The policies are dynamically updated based on metadata annotations published and polled periodically via the service registry.

These simple four steps allow an application developer to express the needs of the application in a programmable manner. The controller then sets up policies for the SD-WAN fabric to meet the application requirements.

Source: cisco.com