cisco connect toronto 2017 - simplifying cloud adoption

CiscoConnect

Simplifying Cloud Adoption with CiscoRonnie ScottTechnical Solutions Architect

12-Oct-2017

The World of Many Clouds

Private Cloud

SDN Controller

Automation / Orchestration

Data Center 1

Leaf Leaf Leaf

Spine Spine Spine Spine

Border Border

Data Center 2Spine Spine Spine Spine

Leaf Leaf Leaf Border Border

Data Center Interconnect

Defining the Hybrid Cloud

Cloud Management Platform

Public Cloud

Community Cloud

Private Cloud

Policy

Cloud computing is a model for enabling ubiquitous,

convenient, on-demand network access to a shared pool of

configurable computing resources (e.g., networks, servers,

storage, applications, and services) that can be rapidly

provisioned and released with minimal management effort or

service provider interaction.

NIST Cloud Computing Definition

convenient, on-demand network access to a (e.g., networks,

servers, storage, applications, anshared pool of configurable

computing resourcesd services) that can be rapidly

The Cost Benefits

HW/SW Costs Licencing Costs

Maintenance Costs

Environmental Costs Support Costs

Low Utilization Costs Money

5 10 15 20 25 30 35 40 45 50

Public

Private

Legacy

So Do Value-Added Cloud Services

5 10 15 20 25 30 35 40 45 50

Public

Private

Legacy

Redundant

Gauranteed

Reduced Complexity = Increased ReturnSaaS

• No Infrastructure

• No Management

• No Helpdesk

• Universal Access

Reduced Complexity = Reduced ControlSaaS

• Who Owns Your Data?

• What Customization Is Available?

• How Much Help Is Their Helpdesk?

• What Security Do They Offer?

• Can You Repatriate Data?

• What Is Their SLA?

Account Sprawl

ITFinance

ProcurementSales

Manufacturing

Utilise Existing Resources

• Idle Resources Are Cheaper Than Any Cloud

Building the Private Cloud

IT as a Service IaaS | PaaS | SaaS | XaaS

Flexible Consumption Models

CONSOLIDATIONVIRTUALIZATION

HYBRID CLOUDS

POLICY DRIVENAUTOMATION

TRADITIONAL DATA CENTER

We are here

CLOUD-READY DATA CENTER

Build The Foundation

Private Cloud

Element ManagerData Center 1

Leaf Leaf Leaf

Border Border

“How do I automate and orchestrate the network?”

Automation

Orchestration

Two approaches to Control Systems

Air traffic control tells where to take off from, but not how to fly the plane

Baggage handlers follow sequences of simple, basic instructions

IMPERATIVE CONTROL DECLARATIVE CONTROL

“Cisco UCS provides a true single point of management, simplifying orchestration”

Subject Matter ExpertsDefine Policies

UCS: Embedded AutomationIntegrated, Policy-Based Infrastructure Management

Policies CreateService Profile Templates

Clone Templates toCreate Service Profiles

Associate Service Profiles to Configure Hardware

Uplink port configuration, VLAN, VSAN, QoS, and EtherChannels

Server port configuration including LAN and SAN settings

Network interface card (NIC) configuration: MAC address,VLAN, and QoS settings;host bus adapter HBA configuration: worldwide names (WWNs), VSANs, and bandwidth constraints;and firmware revisions

Unique user ID (UUID), firmware revisions,and RAID controller settings

Service profile assigned to server, chassis slot, or pool

NetworkSME

ServerSME

StorageSME

Leaf / Spine Forwarding

Spine Spine SpineSpine

PacketSent

Lookup NextHop

Encapsulate &forward

Decapsulate &Deliver

ServiceLeaf

BorderLeaf

Campus Network

Controller

Software Defined Networks – ACI

ADC APP DBF/WADC

HYPERVISORHYPERVISOR HYPERVISOR

Automate and Orchestrate - UCS Director

Policy-Driven Provisioning

VMsComputeNetwork Storage

Tenant

BTenant

CTenant

Virtualized and Bare-Metal

Physical Compute

B CANetwork and Services

VM VM BareMetal

BRKPCA-2020

Private Cloud

Element ManagerSDN Controller

Deliver a Cloud Experience

Data Center 1

Leaf Leaf Leaf

Border Border

TCP: *,443 C

Provisioning Automation

Self-Service Catalog

Application-Centric Infrastructure

Self-Describing Packaging Manageability Fault-Tolerant Self-Optimizing

Application Developers Cloud Orchestration DC Resources

AutomationPacks

DEPLOYCLICKMODEL

WEB APP

Consuming the "Right" Cloud

Cost Security DRAvailabilityTimeliness

Scalability Performance RepatriationComplianceSupport

Defining Application Priorities

Cisco's Cloud Tools

Defining Application Linkages

• Application Team Knowledge

• Network AnalysisTetration

• Cloud Management ToolsCisco Cloud Center

Define Network Relationships

Security

Dependencies

Application

Service Offering

Service

Service Category

(Service Owner)

Create Application Dependency Map – Tetration

Use CiscoTetration Analytics™outcome to generate

white-list policies

Infrastructure-CentricCloud-Specific workflows and ScriptsLabor /Services Intensive

UniqueScript /

Workflow

Application-Centric

Cloud-Agnostic

Low TCOUniqueScript /

Workflow

UniqueScript /

Workflow

Script-Based Application Profile-Based

Create Application Profiles – CloudCenter

DataCenter

DEPLOY

MANAGE

Public Cloud

PrivateCloud

One Integrated Platform

Lifecycle Management

New and ExistingApplications

Reduce to to valueto provision VM or Application

Enable governance on policies and sharing across business units

Control application development costs across SDLC

Cisco Services for CloudCenter

CloudCenter Deployment

Configure CloudCenter

Model Application Profile

Analyze Environment Readiness

Configure Governance

& Policy

Deploy and Validate

Cloud Based Network Function Virtualization

• CSR 1000v

• ASAv

• NGFWv

• Meraki vMX100

• ACI Anywhere

Performance Validation

User Applications Code Infrastructure

AppDynamics: End-to-End Application Intelligence

AppDynamics

Fast Time To ValueAutomated map and correlation

Unified VisibilityEUM, APM, Infrastructure

Contextual & ActionableBusiness Transactions

AppDynamics: Highly Correlated Data ModelThe Business Transaction Enables Unifying and Strategic Context

“Before AppDynamics, we were paramedics, but with AppDynamics we are brain surgeons.”

Server UserSession

Network

Database AppCode

Business Transaction BusinessMetrics

INFRAInfrastructure

Visibility

EUMEnd User Monitoring

APMApplication

Performance Management

Cisco Workload Optimization Manager Automated Decision Engine determines workload placement and scaling by matching resource demands to available supply.

• Deploys in <20 minutes

• Performance analysis in 1 hour

• Full demand profile in 72 hours

Automatable Upsizing

Continuous VM resource monitor

Add CPU or Memory to running VM – no reboot or downtime required

Targeted Rightsizing

Track historical VM resource utilization

Reduce CPU or Memory allocated to a VM – during maintenance downtime

Fundamental Capabilities: Scaling

Data Center

Moves workloads, assures performance, increases density

Placements abide by business or license constraints.

Placement in public cloud based on best cost, while assuring performance.

Placements abide by business, license, or data sovereignty constraints.

Fundamental Capabilities: Placement

Use Cases

Data Center Modernization

Data Center Optimization

Hybrid Cloud Optimization

Cloud Security

Cisco Cloud Security

UmbrellaSecure Internet GatewaySecure access to the internet

wherever users go, even off VPN

CloudlockCloud Access Security Broker

Secure users, data, and apps across SaaS, PaaS, and IaaS

Users Data Apps

SAAS / PAAS / IAAS

Umbrella InvestigateThreat intelligence

View relationships between malware, domains, and IPs across the internet

UmbrellaStart blocking in minutes

Easiest security product you’ll ever deploy

Signup1

2 Point your DNS

3 Done

Investigate: the most powerful way to uncover threats

Console

SIEM, TIP

Key points

Intelligence about domains, IPs, and malware across the internet

Live graph of DNS requests and other contextual data

Correlated against statistical models

Discover and predict malicious domains and IPs

Enrich security data with global intelligence

domains, IPs, ASNs, file hashes

Cisco Cloudlock addresses customers’ most critical cloud security use cases

Discover and Control

User and EntityBehavior Analytics

Cloud Data Loss Prevention (DLP) Apps Firewall

Cloud Malware

Shadow IT/OAuth Discovery and Control

Data Exposures and Leakages

Privacy and Compliance Violations

Compromised Accounts

Insider Threats

CASB – API Access (cloud to cloud)

ADMINOAUTH

ACCESS

Public APIsADMINOAUTH

ACCESSAuthorized

Cisco NGFW / Umbrella

ManagedUsers

ManagedDevices

ManagedNetwork

UnmanagedUsers

UnmanagedDevices

UnmanagedNetwork

Conclusion

Understand Your Customer Expectations

• Simplified User Portals

• Rapid Delivery Times

• Cost Effective Infrastructure

• Strong Security

• Flexible Access Models

Private Cloud

Element ManagerSDN Controller

Become More Cloudy

Data Center 1

Leaf Leaf Leaf

Border Border

Leverage All Available Resources

Private Cloud

SDN Controller

Data Center 1

Leaf Leaf Leaf

Border Border

Private Cloud

SDN Controller

Data Center 1

Leaf Leaf Leaf

Border Border

Private Cloud

SDN Controller

Data Center 1

Leaf Leaf Leaf

Border Border

Put Security Everywhere

Thank you.

cisco connect toronto 2017 - simplifying cloud adoption

Technology

whitepaper - simplifying analytics adoption in enterprise

simplifying clutter

simplifying complexity

algebra: simplifying algebraic expressions, expanding...

simplifying science

simplifying rti

simplifying fraction

tools for simplifying tools for simplifying soa soa

simplifying marriage

simplifying radical expressions simplifying radicals...

simplifying fractions

simplifying equations

simplifying electricity

simplifying the devops adoption...

simplifying surgery

simplifying cloud adoption

simplifying the integration of processing elements in...

simplifying cocoon

simplifying security for cloud adoption - defining your game...

simplifying stats