Cisco aci

What is Cisco ACI?

What is Cisco ACI?

Cisco ACI (Application Centric Infrastructure) is a software-defined networking solution, designed to help organizations manage complex environments by delivering network automation—increasing operational efficiencies. Organizations use Cisco ACI to improve security for on-premises, private cloud, public clouds, and data centers.

Cisco ACI integrates software and hardware; the hardware for Cisco ACI is based on the Cisco Nexus 9000 family of switches; and the software and integration points that include: Additional Data Center Pod, Data Center Policy Engine, and Non-Directly Attached Virtual and Physical Leaf Switches.

Cisco ACI utilizes a declarative control system where end users can specify what they want the end result to be and the network devices interpret it and do what they need to return that result in regards to application policy infrastructure. ACI in the data center is a holistic architecture with centralized automation and policy-driven application profiles that apply to the ACI fabric. Application Centric Infrastructure delivers software flexibility with the scalability of hardware performance.

« Back to Glossary Index
Sours: https://sciencelogic.com/glossary/cisco-aci

The Benefits of Cisco ACI in the Data Center

In 2013, Cisco released their Software Defined Networking (SDN) solution for the data center known as Cisco Application Centric Infrastructure (ACI). For many years, the networking industry has been asking for an approach to configuring networking devices more efficiently than having to individually configure each and every router and switch.

Cisco’s release of ACI is the SDN solution to automate networking moves, additions and changes in the data center. The adoption rate of ACI in the industry in the first four years has been quite impressive.

An ACI implementation consists of the following three types of hardware components that work together to create the entire ACI fabric:


  • Spines: A group of Cisco Nexus 9000 switches work together to connect to all the leafs.

  • Leafs: As many as 300 Nexus 9000 switches are cabled to the spines as uplinks. The leafs also provide all connectivity into the ACI fabric for servers, bare metal or hypervisors, firewalls, load balancers and other routers and switches for external connectivity.

  • APIC: The Cisco Application Policy Infrastructure Controller (APIC) is the central brain for any ACI solution. The APICs are three or five servers in a fault tolerant cluster that provide the point of management, network performance monitoring and automate network provisioning.


Instead of managing many different data center switches, the entire ACI solution functions like a giant switch and router combined into one logical device. As an analogy to the existing Cisco Nexus 7000 switch:

  • The spine switches act like fabric cards that create the backplane.

  • The leafs are like the line cards for external connectivity.

  • The APICs act like the supervisor modules.


While the Nexus 9000 switches provide the physical networking component, ACI can also reach into the following products to configure and automate software networking within the hypervisors:

  • VMware ESXi

  • Microsoft Hyper-V

  • OpenStack


The Nexus 1000v virtual switch has also been enhanced into the new Cisco Application Virtual Switch (AVS) to add full ACI support and functionality with advanced telemetry features.

Additionally, a growing ecosystem of Cisco ACI partners are adding their products such as firewalls, load balancers, SSL offload engines, intruder prevention systems, network taps and a growing list of networking products to add to the overall intelligence of a Cisco ACI solution.  As a result, Cisco has been expanding the global market share of ACI installations at an ever increasing rate.

Global Knowledge recommends reviewing our Cisco Network Programming and Cisco Data Center training options for next steps.

Sours: https://www.globalknowledge.com/us-en/resources/resource-library/articles/the-benefits-of-cisco-aci-in-the-data-center/
  1. Harmon pro
  2. German shepherd head svg
  3. Youtube drama 2021
  4. Soviet ushanka ww2

What is Cisco Application Centric Infrastructure (ACI) Security?

How Does Cisco Application Centric Infrastructure (ACI) Work?

Cisco ACI is an SDN solution that defines its network infrastructure based upon network policies. To make this possible Cisco has created the ACI Fabric OS, which is run by all systems within the ACI network. This shared OS makes it possible for the various switches within the ACI network to translate policies into infrastructure designs.

Cisco Application Centric Infrastructure (ACI) Architecture

A Cisco ACI environment is built with two main components:

 

  • Cisco Application Policy Infrastructure Controller (APIC): APIC is the SDN controller for Cisco ACI. It creates the policies that define the data center’s network infrastructure.
  • Nexus 9000 Switches: Nexus 9000 switches use the ACI Fabric OS to communicate with APIC and create infrastructure based on policies. They can be either Spine (distribution) or Leaf (access) switches.

 

All endpoints, including APICs, connect to the network via Leaf switches. These Leaf switches are connected together using Spine switches in the backend.

 

Using these components, ACI can be deployed under a variety of different models. This includes support for on-site, cloud-based (including public, private, and hybrid clouds), and SD-WAN edge environments. This enables organizations to use policy-based network management throughout their corporate WANs.

Key Features and Benefits of ACI

Cisco ACI enables organizations to easily create a software-defined data center, which provides several benefits, including:

 

  • Flexibility: With a SDN solution like Cisco ACI, all of an organization’s network infrastructure is implemented as code. This makes it easy to update configurations to meet evolving business needs.
  • Consistent Infrastructure: Cisco ACI abstracts away the details of the underlying infrastructure. This makes it easier to design and configure network environments.
  • Automation and Orchestration: Cisco ACI makes heavy use of automation to develop network infrastructure based on network policies. This makes changes easy to make and increases scalability.
  • Support for Hybrid Environments: Cisco ACI supports both on-prem and cloud-based infrastructure, making it possible to deploy ACI environments across multiple different environments.

Augmenting Cisco ACI Security with Check Point

Cisco ACI provides a number of built-in security solutions. A partnership with Check Point enhances these protections to provide advanced threat prevention for ACI environments.

How Cisco ACI Integrates with Other Products

Cisco ACI is built using the Cisco ACI Open Ecosystem. This Open Ecosystem is designed to provide a number of different options for connecting third-party tools to Cisco ACI, including:

 

  • Open APIs: Cisco ACI’s APIs are open, enabling other products to connect and interact with a Cisco ACI environment.
  • Jointly-Certified Solutions: Cisco has partnered with over 65 technology providers to build an SDN ecosystem. These joint solutions are certified by each organization, and information is provided by both parties to ensure compatibility of pre-built solutions.
  • Service Chaining: Cisco ACI solutions support service chaining, enabling organizations to build the solutions that they need to meet their networking and security requirements.

Check Point CloudGuard and Cisco ACI

Check Point CloudGuard Network Security provides consistent policy management and enforcement of advanced security protections, is automatically deployed and dynamically orchestrated into software-defined data center environments. CloudGuardfor Cisco ACIprovides industry-leading security for ACI environments. CloudGuard provides the following capabilities to improve customers’ Cisco ACI security:

 

  • Cloud Network Visibility and Visualization: CloudGuard implements microsegmentation for ACI environments, providing deep insight into both north-south and east-west traffic flows. This granular visibility aids in understanding data flows within a corporate network and enforcing corporate security policies.
  • Advanced Threat Prevention: CloudGuard’s advanced threat prevention capabilities combine a full security stack – including a firewall, intrusion prevention system (IPS), antivirus, and anti-bot protections – with secure remote access, threat extraction and sandbox-based threat emulation .
  • Automation and Orchestration: Cisco ACI enables network infrastructure to be defined based upon network policies. The integration between Check Point CloudGuard and Cisco ACI means that an organization can automatically insert and provision CloudGuard security gateways into ACI environments for security policy enforcement.
  • Policy and Compliance Enforcement: CloudGuard receives context from Cisco’s APIC, which enables policy information defined within the ACI environment to be used to quickly define security policies. These security policies can then be easily enforced in ACI using CloudGuard gateways.
  • Data Protection: CloudGuard’s integration with ACI enables it to apply data loss prevention (DLP) to ACI environments. This helps to protect an organization’s sensitive data from being lost or stolen.
  • Centralized Security Management: Using CloudGuard with ACI enables the security of the ACI ecosystem to be monitored and managed from the same console as the rest of an organization’s network infrastructure. This makes it easier for security analysts to detect and respond to potential threats within their public, private and on-prem networks.

 

Check Point and Cisco’s integrated solution enables organizations to easily create and secure a software-defined data center and improves Cisco API security. To learn more about this solution, check out this webinar. For more information about securing your cloud-based infrastructure, schedule a discussion with a cloud security expert. Also, you’re welcome to sign up for a free demonstration to see the power of Cisco ACI and CloudGuard for yourself.

Sours: https://www.checkpoint.com/cyber-hub/cloud-security/what-is-cisco-application-centric-infrastructure-aci-security/

 

Cisco ACI solution

Cisco® Application Centric Infrastructure (Cisco ACI®) is part of our intent-based networking framework to enable agility and resiliency in the data center. It captures higher-level business and user intent in the form of a policy and translates this policy into the network constructs necessary to dynamically provision the network, security, and infrastructure services.

Built on top of the industry-leading Cisco Nexus® 9000 platform, Cisco ACI uses a holistic, systems-based approach, with tight integration between hardware and software and between physical and virtual elements, an open ecosystem model, and innovative Cisco Application-Specific Integrated Circuits (ASICs) to enable unique business value for modern data centers.

Cisco ACI is the industry’s most secure, open, and comprehensive Software-Defined Networking (SDN) solution.

Cisco ACI enables automation that accelerates infrastructure deployment and governance, simplifies management to easily move workloads across a multifabric and multicloud framework, and proactively secures against risk arising from anywhere. It radically simplifies, optimizes, and expedites the application deployment lifecycle.

Modern data centers are dynamic. IT operations must meet the expectation of quality of service business needs in a rapidly changing environment. Cisco ACI transforms IT operations from reactive to proactive with a highly intelligent set of software capabilities that analyzes every component of the data center to ensure business intent, guarantee reliability, and identify performance issues in the network before they happen.

As application usage gets more pervasive across the enterprise network, IT professionals are looking to build solutions for consistent policy and encryption from the campus to the data center. For example, Cisco ACI integrations with Cisco® Software-Defined Access (SD-Access) /Cisco DNA Center and Cisco SD-WAN allow customers to automate and extend policy, security, assurance, and insights across their entire networking ecosystem.

Benefits

To keep up with the massive influx of data and the increased demands on the network for speed and agility, networking professionals are learning to broker, connect, build, and govern their networks not only in the data center, but also across a vast multicloud landscape.

Cisco Application Centric Infrastructure (Cisco ACI) was built to simplify the IT infrastructure and operations by automating the network, providing pervasive security, and, if required, accelerate businesses to move to a multicloud environment.

With Cisco ACI, customers can manage complexity, maximize business benefits, and deploy workloads in any location, small and large, on premises and remote, in private and public clouds, satellite data centers, and 5G-enabled telecom edges.

With Cisco ACI, you can build a better network anywhere.

Cisco ACI differentiated business benefits

Figure 1.               

Cisco ACI differentiated business benefits

Digital transformation and business resiliency

Applications are at the center of the drive to modernize traditional businesses and the foundation of their digital transformation. The current discussion is about how applications have changed the very nature of data – how the data is generated, how it is analyzed, and how it is delivered. These are fundamentally new classes of applications that need to be considered in order to enhance the overall resiliency and agility of a business. These new applications have the following characteristics. They are.

●     Modular and distributed across the enterprise. Applications follow the data. Now organizations need—and can get—data from everywhere, from every device and at any time to answer questions about their markets and customers. As a result, monolithic applications are dissolving rapidly into interconnected agile microservices that are delivered through a variety of virtual and physical workloads, including containers, across the entire enterprise.

●     Built continuously and rapidly. The decentralization of application development enables companies to build new applications and services at vastly faster speeds and greater scales than were possible in the old centralized, “waterfall development” methods. Today, new applications are custom built, are updated by the minute, and often have a shelf-life of only a few days.

●     Increasingly ML-enabled, AI-powered. The emergence of AI-powered and Machine Learning (ML)―enabled applications for both business and consumer use will lead to a whole new world of connected, intelligent, and automated devices that are deployed everywhere.

The main benefits of Cisco ACI include the following:

Accelerate network operations

A flexible and yet highly available network that allows agile application deployment within a site, across sites, and across global data centers while removing the need for complex Data Center Interconnect (DCI) infrastructure.

●     Operational simplicity, with common policy, management, and operation models across application, network, and security resources

●     Centralized network management and visibility with full automation and real-time network health monitoring

●     Seamless integration of underlay and overlay

●     Open northbound APIs to provide flexibility for DevOps teams and ecosystem partner integration

●     A cloud-ready SDN solution

●     Common platform for managing physical and virtual environments

●     Automation of IT workflows and application deployment agility

Securely expand to multicloud

●     Create business continuity and provide disaster recovery

●     Inherent security with a zero-trust whitelist model and innovative features in policy enforcement, microsegmentation, and analytics

●     Integrated security with Cisco security products and ecosystem partners

●     Consistent security posture at scale across a multicloud environment

Deliver superior application experience

●     Single policy and seamless connectivity across any data center and public cloud

●     Through any hypervisor, for any workload, at any location, using any cloud

●     Cloud automation enabled by integration with vRealize, Azure Pack, OpenStack, OpenShift, Kubernetes, and Cisco UCS® Director

●     Open APIs and a programmable SDN fabric, with 65+ ecosystem partners

Cisco ACI building blocks

Cisco ACI and architectural solutions are built with the following building blocks:

●     Cisco Application Policy Infrastructure Controller (APIC)

●     Cisco Nexus 9000 Series spine and leaf switches for Cisco ACI

Cisco ACI building blocks

Figure 2.               

Cisco ACI building blocks

Cisco Application Policy Infrastructure Controller (APIC)

The infrastructure controller is the main architectural component of the Cisco ACI solution. It is the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring. The APIC appliance is a centralized, clustered controller that optimizes performance and unifies the operation of physical and virtual environments. The controller manages and operates a scalable multitenant Cisco ACI fabric.

The main features of the Cisco APIC include the following:

●     Application-centric network policies

●     Data-model-based declarative provisioning

●     Application and topology monitoring and troubleshooting

●     Third-party integration

◦    Layer 4 through Layer 7 (L4-L7) services

◦    VMware vCenter and vRealize

◦    Microsoft Hyper-V, Microsoft System Center Virtual Machine Manager (SCVMM), and Azure Pack

◦    Open vSwitch (OVS) and OpenStack

◦    Kubernetes

●     Image management (spine and leaf)

●     Cisco ACI inventory and configuration

●     Implementation on a distributed framework across a cluster of appliances

●     Health scores for critical managed objects (tenants, application profiles, switches, etc.)

●     Fault, event, and performance management

Cisco Nexus 9000 series spine and leaf switches for Cisco ACI

Cisco Nexus 9300 and 9500 platform switches support Cisco ACI. Organizations can use them as spine or leaf switches to take full advantage of an automated, policy-based, systems management approach.

Cisco Nexus 9000 Series Switches include modular and fixed 1, 10, 25, 40, 50, 100 and 400 Gigabit Ethernet switch configurations that are designed to operate either in NX-OS mode for compatibility and consistency with the current Cisco Nexus switches (using Cisco NX-OS Software) or in ACI mode to take full advantage of Cisco ACI application-policy-based services and infrastructure automation features. This dual-function capability provides customers with investment protection and ease of migration to Cisco ACI through a software upgrade.

New features in Cisco ACI Release 5.2 include the following

●     APIC cluster connectivity to fabric over Layer 3 network

◦    Supports deployment of APIC clusters in remote locations (for example, a DMZ network) and connects the clusters to the fabric (spine and leaf) over an IP network

◦    Provides flexibility and improves ease of deployment

●     Software maintenance upgrade support

◦    Capability to upgrade APIC or a fabric switch using a patch

◦    Provides flexibility and improves usability of the product

●     Support for back-to-back link between remote leaf pairs

◦    East-west traffic between nodes behind a pair of remote leafs now can leverage the physical links between the remote leaf pairs instead of hair-pinning

◦    Improves ease of deployment and TCO

●     Endpoint Security Group (ESG) enhancements

◦    Provides support for additional classifiers (MAC and VM tags)

◦    Provides tag-selector support, which enables migration of EPGs to ESGs

◦    Improves ease of use and deployment

●     Policy based routing enhancements

◦    Provides support for PBR on L3Out

◦    Provides dynamic MAC learning on Layer 3 PBR

◦    Provides inter-EPG contract support on L3Out with permit, deny, and PBR actions

◦    Improves ease of use and deployment

The controller framework enables broad ecosystem and industry interoperability with Cisco ACI. It enables interoperability between a Cisco ACI environment and management, orchestration, virtualization, and L4-L7 services from a broad range of vendors.

Cisco ACI deployment models

Cisco ACI consists of the following architectural solutions:

●     Cisco ACI MultiPod

●     Cisco Nexus Dashboard Orchestrator

●     Cisco Cloud ACI

◦    Cloud ACI extended to AWS and Microsoft Azure

◦    Cloud-only solutions

◦    Cisco Cloud APIC

◦    Cisco Cloud Service Router (CSR) 1000v Series

◦    Cisco Nexus Dashboard Orchestrator

●     Cisco ACI Physical Remote Leaf

●     Cisco ACI Mini Fabric

Cisco ACI MultiPod

Cisco ACI MultiPod is part of the “single APIC cluster/single domain” family of solutions; a single APIC cluster is deployed to manage all the different ACI networks that are interconnected. These separate ACI networks are called “pods,” and each of them looks like a regular two-tiers spine-leaf topology. The same APIC cluster can manage several pods, and, to increase the resiliency of the solution, the various controller nodes that make up the cluster can be deployed across different pods.

Cisco ACI MultiPod

Figure 3.               

Cisco ACI MultiPod

Cisco Nexus Dashboard Orchestrator

The Cisco Multi-Site Orchestrator (MSO) has become the Nexus Dashboard Orchestrator. The Nexus Dashboard Orchestrator provides a single point of provisioning for multiple Cisco ACI fabrics operating in a coordinated way. When this solution is combined with the latest networking enhancements of Cisco ACI, organizations can manage extension network elements such as Virtual Routing and Forwarding (VRF) instances, bridge domains, and subnets across multiple fabrics. It enables centralized policy and security controls across geographically distributed fabrics and very large scaled-out fabrics with automation and operations from a common point, allowing for a global cloudscale infrastructure.

The main features of Cisco Nexus Dashboard Orchestrator include the following:

●     Single point of administration for multiple Cisco ACI fabrics

●     Capability to map tenants, applications, and associated networks to specific availability domains within the Cisco ACI multisite

●     Change control across multiple fabrics, allowing staging, testing, and if required, clean backout of any policy changes

●     Automatic configuration and management of fabric network interconnects across an IP backbone

Cisco Nexus Dashboard Orchestrator

Figure 4.               

Cisco Nexus Dashboard Orchestrator

Cisco Cloud ACI

Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI) is a comprehensive solution for simplified operations, automated network connectivity, consistent policy management, and visibility for multiple on-premises data centers and public clouds or multicloud environments. The solution captures business and user intents and translates them into native policy constructs for applications deployed across various cloud environments. It uses a holistic approach to enable application availability and segmentation for bare-metal, virtualized, containerized, or microservices-based applications deployed across multiple cloud domains. The common policy and operating model drastically reduces the cost and complexity of managing multicloud deployments. It provides a single management console to configure, monitor, and operate multiple disjoint environments spread across multiple clouds. Cisco Cloud ACI is available on AWS and Microsoft Azure; future availability for Google Cloud has been announced.

What’s new in Cloud ACI for Cisco ACI Release 5.2:

●     Brownfield VNet import on Azure: This feature will enable Azure Cloud customers to view existing brownfield VNets from within the Cloud APIC purview and connect their greenfield VNets to the brownfield VNets imported into Cloud ACI.

●     AWS Transit Gateway Connect: Using this feature, customers will be able to auto-configure their AWS Transit Gateway Connect through a Cloud APIC to support dynamic routing between Cisco Cloud Service Routers (CSRs) and AWS Transit Gateway.

●     Private IP Address for Cloud APIC and CSRs on AWS: This will enable customers to deploy their Cloud ACI solution with a private backbone network between their on-premises and AWS data centers.

●     VNet Peering across Azure Active Directories: This feature enables operational flexibility for customers who want to use multiple Azure subscriptions to manage their application segments within Azure cloud.

Cisco Cloud ACI

Figure 5.               

Cisco Cloud ACI

Cloud-only solutions

Cisco offers, with a Cisco Cloud ACI, a cloud only approach, which uncouples the solution from the on-premises data center and allows you to securely connect and segment workloads not only in the public cloud, but also across public clouds.

Cisco Cloud ACI: required components

●     Cisco Cloud APIC

Manage multiple cloud regions and Cisco Cloud Services Routers (CSR) 1000v Series from a single instance of Cisco Cloud APIC and enable consistent policy, security, and operations through secure interconnect for a multicloud environment.

●     Cisco Nexus Dashboard Orchestrator

Responsible for provisioning, health monitoring, and managing the full lifecycle of Cisco ACI networking policies and stretched tenant policies across Cisco ACI sites around the world, both on premises and in the cloud. It is the single source of truth for policies.

●     Cisco Cloud Services Router 1000v Series

Cloud ACI uses the Cisco Cloud Services Router (CSR) 1000v Series as the cloud router for connectivity between on-premises and cloud environments.

Cisco ACI Physical remote leaf

With Cisco ACI Physical Remote Leaf, customers can place a regular leaf switch in a remote/satellite location and connect back to the spine switch in the main (on-premises) location and, in turn, extend Cisco ACI policy into the remote/satellite location. By doing so, customers can also take advantage of all the benefits of the Physical Remote Leaf, from diverse interfaces to superior performance and scale and built-in encryption.

Cisco ACI Physical Remote Leaf

Figure 6.               

Cisco ACI Physical Remote Leaf

Cisco ACI Mini fabric

With the introduction of Cisco Mini ACI Fabric, customers can now leverage an optimized Cisco ACI solution for their small-scale deployments. This solution comprises APIC-CLUSTER-XS (one physical and two virtual controllers) along with two spines and a minimum of two and a maximum of four leaves.

Cisco ACI Mini Fabric

Figure 7.               

Cisco ACI Mini Fabric

Cisco Nexus Dashboard

Cisco Nexus Dashboard provides a single automation platform to access operational services and tools for the data center and network. Using the Cisco Nexus Dashboard platform, customers can deploy Cisco Nexus Dashboard Orchestrator (NDO), Cisco Nexus Dashboard Insights, and Cisco Nexus Dashboard Data Broker. The Cisco Nexus Dashboard becomes even more of a collaborative focal point with the inclusion of operations-critical, third-party applications and tools. From the Nexus Dashboard, you can cross-launch any of the sites’ controllers, including APIC, Cloud APIC, and Cisco Data Center Network Manager (DCNM) fabrics, which drives the adoption of cloud-native application practices. Cisco Nexus Dashboard provides the following benefits.

●     Easy to use

◦    Customizable role-based UI view to provide a focused view on network operators use cases

◦    Single Sign-On (SSO) for a seamless user experience across operation services

◦    Single console for health monitoring and quick service turnup

●     Easy to scale

◦    High availability, scale-out operations from a single dashboard

◦    Scale use cases, leveraging flexible deployment options

◦    Operations that span across on-premises, multicloud, and edge networks

●     Easy to maintain

◦    Seamless integration and lifecycle management of operational services

◦    Onboarding and managing of operational services across on-premises, cloud, or hybrid environments

◦    Single point of integration for critical third-party applications and tools

Cisco Nexus Dashboard

Figure 8.               

Cisco Nexus Dashboard

Cisco Nexus Dashboard Insights

Cisco Nexus Dashboard Insights gives customers the ability to monitor and analyze their fabric in real time to identify anomalies, to provide root-cause analysis and capacity planning, and to accelerate troubleshooting. By tracking historical context, collecting and processing hardware and software telemetry data, and correlating customer designs with Cisco best-practices, customers can get excellent visibility and awareness of issues affecting their environment and take corrective actions. Nexus Dashboard Insights is a microservices-based application designed to be hosted on Cisco Nexus Dashboard.

Cisco ACI Anywhere: popular integrations

Utilize Cisco Infrastructure-as-Code (IaC) integrated solutions with HashiCorp and Red Hat Ansible

Infrastructure as Code (IaC) is an innovative approach to building application and software infrastructure with code. IaC enables automated provisioning and management of the full technology stack by translating manual, repetitive tasks into reusable, robust, and distributable code. IaC relies on practices that have been successfully used for years in software development, such as versioning, automated testing, release tagging, continuous delivery, etc.

Cisco Data Center Network (DCN) IaC solutions cover integrations with common third-party tools from HashiCorp and Ansible. These solutions enable customers to empower application services to define network and security requirements at the infrastructure layer in an automated and fully synchronized manner. With this approach, you can embrace a DevOps model by accelerating applications deployment and optimize network compliance in a safe and predictable manner.

Benefits of IaC

●     Scalability and reliability

●     Automation and agility

●     Higher ROI and lower TCO

Cisco ACI and Cisco SD-WAN integration

Cisco offers an ACI and SD-WAN integration for branch offices (network edge). This is an integral component of customers’ cloud journey, which requires secure, policy-driven interconnects between the data center and branch offices that are a cost-efficient alternative to provisioning dedicated connections. Through this integration, customers can now automate a WAN path selection between the branch office and the on-premises data center based on application policy.

For example, traffic from a stock trader in a branch office in Chicago can be automatically sent over the fastest possible WAN link to access the trading application hosted in a data center in New York, based on the application policies and SLAs configured.

Cisco ACI to Cisco SD-WAN integration

Figure 9.               

Cisco ACI to Cisco SD-WAN integration

Cisco ACI and AppDynamics integration

Digital transformation is a complex team effort across business and IT, requiring end-to-end application management and awareness. AppDynamics® provides IT teams the application-layer visibility and monitoring required in an intent-based architecture to validate that IT and business policies are being implemented across the network. Cisco ACI and AppDynamics integration provides dynamic correlation between application and network constructs. This combined solution provides high-quality application performance monitoring, richer diagnostic capability for application and network performance, and faster root-cause analysis of problems, with fast triage, sent quickly to appropriate team members – for example, does a given problem pertain to an application or to the network?

Cisco ACI and AppDynamics integration

Figure 10.           

Cisco ACI and AppDynamics integration

This integration does the following:

●     Dynamically maps the application and service components to the Cisco ACI network elements, thus providing a shared view of the application and infrastructure across teams

●     Provides a dynamic view of application use in the infrastructure for the network operations team

●     Provides a cross-launch for application teams to correlate network and application fault and performance data

●     Baselines application health status in AppDynamics by correlating the Cisco ACI network health and faults

Customers are on a continuous quest to correlate application service-level management with infrastructure monitoring. This new integration will significantly reduce the time it takes to identify and troubleshoot end-to-end application performance issues.

Cisco ACI and Cisco SD-Access integration

Hyper-distributed applications and highly mobile users, increased cybersecurity threats, and increased regulatory requirements make network segmentation a must for reducing risk and achieving better compliance. Policy integration between Cisco ACI and Cisco SD-Access allows the marrying of Cisco ACI’s application-based microsegmentation in the data center with Cisco SD-Access’s user-group-based segmentation across the campus and branch. This integration automates the mapping and enforcement of segmentation policy based on the user’s security profile as they access resources within the data center. It enables security administrators to manage segmentation seamlessly from end to end, user to application. A common and consistent identity-based microsegmentation capability is provided from the user to the application.

Cisco ACI and Cisco SD-Access integration

Figure 11.           

Cisco ACI and Cisco SD-Access integration

As a result of this integration, the attack surface is greatly reduced, and any unauthorized or suspicious access to resources and potential threats can quickly be controlled and remediated. The solution is fully qualified for up to 25,000 Cisco SD-Access campus users, with plans to expand scale as needed by our customers.

Cisco ACI and ServiceNow

Enterprises are increasingly embracing a multicloud strategy to deliver applications with the intent to accelerate innovation and reduce costs. However, this strategy brings in its wake inherent challenges in application agility and security. Enterprises demand business services to be up and running rapidly to serve their end users. End users often demand that IT departments quickly and flexibly offer services that can help them get their jobs done. This goal leaves many IT teams struggling to maintain the business services needed to help ensure that end users remain productive. Some of the challenges they face in helping ensure the uptime of critical business services include:

●     A manual service mapping process that can take weeks or months, depending on service complexity

●     Lack of correlation between infrastructure changes and the business services they support

●     Disconnected infrastructure tools and portals for change management and troubleshooting

●     Inefficient root-cause analysis for service outages as a result of inaccurate service maps

Cisco Application Centric Infrastructure (Cisco ACI) integration with ServiceNow automates the discovery, application to business service mapping, firmware management, and provisioning of the Cisco ACI fabric from the ServiceNow instance.

Integrating Cisco ACI with ServiceNow delivers visibility and automation from the application tier down to the physical infrastructure, improving the speed and efficiency of IT provisioning, management, and troubleshooting, including

●     Faster troubleshooting and root-cause analysis

●     Improved operational efficiency

●     Reduced TCO

Cisco ACI and Kubernetes Anywhere

Cisco ACI is designed to offer policy-based automation, security, mobility, and visibility for application workloads regardless of whether they run on bare-metal servers, hypervisors, or Linux containers. The Cisco ACI system-level approach extends the support for Linux containers by providing tight integration of Kubernetes, a popular container orchestration platform, and the Cisco ACI platform.

This integration allows Cisco ACI to provide a ready-to-use, secure networking environment for Kubernetes. The integration maintains the simplicity of the user experience in deploying, scaling, and managing containerized applications while still offering the controls, visibility, security, and isolation required by an enterprise.

The Cisco ACI and Kubernetes solution offers the following benefits:

●     Flexible approach to policy

●     Automated, integrated load-balancing services

●     Secure multitenancy

●     Visibility and telemetry information

Kubernetes anywhere integrated with Cisco ACI

Figure 12.           

Kubernetes anywhere integrated with Cisco ACI

Cisco ACI Open Ecosystem

Table 1.           Features of the Cisco ACI Open Ecosystem

Feature

Description

Third-party integration enabled by open APIs

Avoid vendor lock-in and expand choice and flexibility to build your own data center solution

Jointly certified software solutions with ecosystem partners

Employ a best-in-class SDN ecosystem with more than 65 technology partners, with partners publishing a certification matrix to guide customers to install and upgrade compatible software versions

L4-L7 service integration through service chaining

Deploy multivendor service graphs with a Cisco ACI integration mode of your choice to meet your operational and organizational needs

These L4-7 integrations are supported through NB REST API with respective ADC/firewall vendors or applications on Cisco ACI App Center

Cisco ACI App Center

Cisco ACI applications help you get the best applications for Cisco ACI in an efficient way. The Cisco ACI App Center:

●  Accelerates innovations related to the Cisco ACI open ecosystem

●  Enables Cisco internal partners, customers, and third-party developers to add value to Cisco ACI networks

●  Allows customers to efficiently extract value from their networking investments

Cisco Capital

Flexible payment solutions to help you achieve your objectives.

Cisco Capital® makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.

For more information

Use the following links for additional information:

●     Cisco ACI Overview

●     Cisco APIC Data Sheet

●     Cisco Nexus 9000 Series Switches Data Sheet

●     Cisco Cloud ACI Overview

●     Get Cisco Cloud ACI on AWS

●     Get Cisco Cloud ACI on Microsoft Azure

●     Cisco ACI Multi Site White paper

●     Cisco ACI Remote Leaf

●     Case Studies

●     Walkthrough Demonstrations

●     Download Cisco ACI software

●     Cisco Nexus Dashboard

●     Cisco ACI ROI Calculator

 

 

 

Sours: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/solution-overview-c22-741487.html

Aci cisco

.

.

Similar news:

.



383 384 385 386 387