Cisco Brings Secure BYOD Solutions to a City Near You; Celebrates Cisco BYOD Thursdays

Can you imagine life without your iPhone? Your Android?  Your tablet?  I get uncomfortable just thinking about having to use a phonebook to look up a number, or a map to get somewhere, or a desktop machine to read email.   Luckily, our employers are beginning to understand our dependence on personal devices.  As our dependence increases, the challenge for our employers is also increasing to implement simple, secure, effective BYOD solutions so we can productively use these devices in the work environment.   We have seen an uptake of organizations announcing their plans for a Bring Your Own Device (BYOD) strategy. To keep moving the dialogue forward on how to make sure organizations are prepared for BYOD,   Cisco will be launching a “BYOD Thursday’s” blog series and BYOD roadshows.

For the BYOD Solution Days Roadshow,  Cisco switching, wireless, security, desktop virtualization and collaboration subject matter experts will travel across the country to demonstrate, using real-life scenarios, how organizations can successfully address the BYOD challenge.  The link below provides complete information on dates, locations and registration.

BYOD Solution Days:  September 12 – November 14

Attendees will learn:

  • How to effectively use the Cisco BYOD Smart Solution for mobile device freedom without compromising your network.
  • Technical design considerations for successful implementation of secure mobility initiatives.

Spaces are filling up fast so be sure to click the links above to see when we’ll be in your city and register today. We hope to see you there!  And keep on the lookout for our “BYOD Thursday’s” posts moving forward.

Cisco Unified Computing System and Microsoft Windows Server 2012: Get the Most Complete Solution

Microsoft Windows Server 2012 is a huge step forward in Microsoft’s evolution and provides an industry-leading platform for virtualization that can provide the foundation both for on-premise private clouds and for host-provided public clouds in support of Microsoft workloads such as Exchange, SQL Server, and SharePoint.

The main new features of Windows Server 2012 include:

• Virtualization for a heterogeneous environment with industry-leading capabilities for Microsoft Windows and Linux workloads

• Enhanced manageability, supporting large-scale server management with the same simplicity as single-server management

• Capability to run any application in any cloud using a common feature set for both on and off-premises deployment.

Windows Server 2012 delivers tremendous server virtualization capabilities and a flexible cloud platform with enhancements in the Microsoft Windows Server 2012 operating system as well as many enhancements in Hyper-V. Our Cisco UCS server platform — which is certified for Windows Server 2012 — in combination with the Cisco Nexus 1000V Series and Cisco Data Center VM-FEX provides an optimal platform for Microsoft Windows Server 2012 Hyper-V deployments, enabling organizations to take full advantage of the Microsoft Windows Server 2012 Hyper-V capabilities and also to extend them through integrated Cisco solutions.

In the area of solutions we have been working with our strategic storage partners EMC and NetApp to bring to market Microsoft Fast Track validated private cloud and System Center 2012 reference architectures with EMC VSPEX for Hyper-V and with FlexPod with Microsoft Private Cloud.  These solutions integrate computing, networking, management, and storage resources to provide a unified data center architecture that delivers outstanding performance for your business applications.

Finally on the infrastructure management side of the house, Cisco’s Microsoft Windows PowerShell integration between Cisco’s UCS Manager and Microsoft System Center 2012 helps enable organizations to use a single, unified approach for managing all aspects of a Microsoft and Cisco solution.  

At Cisco many people have been quite busy working on preparing our various Windows Server 2012 capabilities — be it with UCS, Nexus, UCS Manager, or our hardware certification. The results of this work we feel enable Cisco to deliver an optimal infrastructure for your Windows Server 2012 deployments. For more information on our investments in Microsoft’s Windows Server 2012 visit:

Tags: , , , , , ,

Cisco CVD’s on VSPEX…Giddy ‘UP!

Cisco CVD’s are published…Giddy up!

Cisco Solution for EMC VSPEX…the overview

Yesterday Cisco and EMC announced new milestones in our collaboration on IT Transformation with VCE Vblock and with EMC VSPEX Proven Infrastructures.  The announcement includes two new Cisco Validated Designs (CVD) along with aligned channel partner incentives and customer support for VSPEX.  Through these advancements, and a decade long partnership, Cisco and EMC are working closer than ever together to accelerate IT transformation and the journey to the cloud.

3 Paths to the Cloud

Cisco and EMC together offer customers a flexible set of choices.  We refer to it as the three paths to the cloud.  The choice is fairly simple. 

* Implement a customized design with best of breed products.

* Purchase a pre-integrated converged infrastructure with VCE Vblock System.

* Install a validated, easy to deploy reference architecture with Cisco Solutions for EMC VSPEX.










 What is VSPEX?

VSPEX is a reference architecture approach for IT solutions that have been tested and validated.  These solutions are available exclusively through channel partners and comprise EMC’s award-winning storage systems and next generation backup products along with Cisco’s industry leading Unified Computing and Fabric.  Today we have published 9 reference architectures specifically designed for two use cases; server virtualization and end user computing.

What did Cisco publish?

Cisco just published two new CVD’s for VSPEX for the server virtualiztion use case.  A Cisco Solution for EMC VSPEX for VMware vSphere 5.0 Architectures and the Cisco Solution for EMC VSPEX for Microsoft Hper-V Architectures.  The VSPEX solutions integrate computing, networking, and storage resources to provide a unified data center framework that delivers outstanding results.  The solution designs are flexible and can be easily scaled, optimized for a variety of workloads and mixed applications, and have been developed to address the business needs of our customers. 

There is a really easy way to find them.  Just go to   This link will take you directly to the CVD’s. 

Cisco CVD’s are Scalable, Reliable, Predictable

Cisco Validated Designs consist of systems and solutions desgined, tested, and documented to facilitate faster, more reliable, and more predictable deployments.  Cisco customers and our partners have come to trust Cisco Validated Designs.  Cisco Validated Design Guides are comprehensive, design and implementation guides. The validated systems and solutions have undergone thorough architectural design development and lab testing, and provide guidance for the introduction of new technologies, emerging architectures, or the enhancement of the customer’s network.

The bottom line?  You can get to production sooner because we do the testing in our labs. 

“CVD’s are unique to Cisco.  Most of our competitors have nothing like it nor do they have the array of products to even demonstrate a process similar to CVD.” – Mike Rau, VP Cisco Enterprise Sales

The CVD’s are available today!  In subsequent posts I will take a closer look at each CVD.  In the interim check them out. 

 Giddy Up!  Let’s go VSPEX!

 What do CVD’s mean to you?  Join the conversation.

 For more information


Tags: , , ,

OK, Now What?

 ”Each success only buys an admission ticket to a more difficult problem.”

— Henry Kissinger

Following the early successes with network programmability,  the natural question that arises is “where do we go form here?”  Certainly some good things have been accomplished, but in many ways the real work is just beginning. David Ward just posted some musings on where we go next with programmatic interfaces for the network–its a good read and I encourage you to check it out.

Tags: , , , ,

Cisco in VMware’s Rapid Desktop Program: A Cost-Effective Approach to Deploy VDI at the Branch and for SMBs

As enterprises continue to address their business needs for BYOD, security and compliance they’ve increasingly adopted virtual desktops. However, most enterprises continue to struggle to move beyond a pilot phase when addressing how to scale desktops across their wide-area networks to branch offices without potentially compromising application performance and, ultimately, productivity. 

It turns out that small & medium businesses (SMB) are just as eager to deploy virtual desktops as enterprises. A recent study found that more than 60 percent of SMBs plan to roll out or evaluate desktop virtualization this year. SMBs are keen on moving data off end points and into the data center where information can be more efficiently and securely managed. For SMBs, one major hurdle remains: the cost of implementation per desktop.

The good news is that both enterprise and SMB customers can look to their existing Cisco platforms for cost-effective answers. The widely deployed Cisco Integrated Services Router Generation 2 (ISR G2) continues to re-define the capabilities of a router. In fact, calling a Cisco ISR G2 a router is somewhat misleading, because it not only routes network traffic, it can also serve as an IP PBX, a public-switched-telephone network (PSTN) connection, a WAN accelerator, a secure remote access connector, and … the list continues.

The most notable addition to the Cisco ISR G2 is the newly announced Cisco Unified Computing System (UCS) E-Series Server modules, offering enterprise grade x86-based servers that fit right into our trusty Cisco ISR G2, and allow businesses to converge their networking, computing and virtualization at the branch into one consolidated platform that can host multiple applications, including VDI.

Cisco and VMware have begun working together on VDI support on the UCS E-Series, and through the VMware Rapid Desktop Program, the two companies have validated that branches and SMBs can host 15-30 virtual desktop sessions using the Cisco ISR G2 “Office-in-a-box” with VMware View hosted on the Cisco UCS E-Series.  Organizations benefit as they can move their virtual desktop infrastructure closer to their end users to optimize application response time and improve end user performance.  IT can also save time as they can remotely manage, patch and back up users from one central location. The beauty of this deployment is that customers can integrate this capability into a device already running in most branch offices and delivering multiple services, so the installation should be quick and the footprint doesn’t increase.

This week at VMworld San Francisco, Cisco experts are showcasing this technology at our booth, 1213. VMware’s Chief Technology Officer, Steve Herrod, also gave a shout-out on the value of this solution for our joint customers during his keynote. If you didn’t make it to VMworld, you can always watch this short video (below) and hear directly from our technical experts  on how this solution works and can help your enterprise branch or SMB accelerate your migration to virtual desktops.

Tags: , ,

Burning Man Versus VMworld – The Incomplete List

This weekend marked the migration of people to and from San Francisco – VMworld2012 attendees were headed to SFO while Burners were heading out to Black Rock City. Knowing people in both camps, I thought it’d be fun to do a little comparison list.  Thirteen ways to look at Burning Man versus VMworld — acronyms, bacon, clothing and more.

Burning Man




Know Your Acronyms


Rare for breakfast


Your favorite v0dgeball team’s name.



Business casual to jeans, NOT optional

Playa dust!


Private, Public, Hybrid

You could get hit with embers if you run a little too close when the man burns.

Dangerous Communal Events

Don’t let your bum fall asleep sitting through too many keynotes.

Facemask, water, food

Don’t forget

ID, mobile devices, appropriate chargers

Can’t wait for the temple burn!

Excited for

Super Sessions: Cisco’s Unified Data Center Architecture: Innovations for a World of Many Clouds, Tuesday 3-4p Moscone S. Room 103

Altered states


Virtual States

Gas masks

Filtration systems are important for

Colocation facilities

Code Alpha? Serious dust storms ahead, proceed at your own risk

Know the code: αβ

Beta Code? Barely tested code, proceed at your own risk




Your camp

Meetup spots

Cisco Booth 1213

Your network may happen to go down, and you may not know for a few days.  Oops!

The Network

Your network can get better if you happen to visit our booth & ask to see the CSR1000v and the UCS-E Series demos

 Given this incomplete list of 13, what others would you add?

Tags: , , , , ,

Security Policies Made Easy in New Virtual Network Management Center 2.0

As VMworld swings into high gear on a bright Monday morning in San Francisco (well it promises to be bright, once the sun comes up here), we continue our series on the virtualization product updates we are unveiling this week (see earlier news on the new Nexus 1000V and the ASA Cloud Firewall). One of the exciting new components of our Nexus 1000V virtualization stack is the Cisco Virtual Network Management Center (VNMC) 2.0, part of the Intelligent Automation portfolio.

VNMC 2.0 is a template-driven policy management tool that is now bundled with Cisco Virtual Security Gateway (VSG) and Cisco ASA 1000V Cloud Firewall. This new release now has expanded capabilities to configure the security of your virtual cloud environment. Because VNMC 2.0 is such a step up from prior releases, and fewer people are familiar with its functionality, this is going to be a bit longer of a post than usual (but with lots of screen shots).

Let’s take a look at some of the key VNMC features and how it works with the two virtual firewalls:

Resource Objects for ASA 1000V

Cisco VNMC abstracts the devices it manages. As part of provisioning, devices are configured to point to Cisco VNMC for policy management. Cisco VNMC discovers all devices and lists them under the Resources pane. In addition to the ASA 1000V, the Resources pane has other resources such as Cisco VSGs, VSMs, and VMs.

VNMC screen shot

Adding and Configuring Edge Firewalls

In Cisco VNMC, a logical edge firewall object for a tenant must be created in the Managed Resources pane. The Edge Firewall object type refers to the ASA 1000V and represents a logical instance of the ASA 1000V. This object defines the inside and outside interfaces and allows device profiles and edge device profiles to be applied to the ASA 1000V. In addition, edge security profile for the outside interface is applied here.

Creating and Applying Edge Device Profiles

Multiple ASA1000V instances can use the same edge device profile. This profile type contains policies that are unique to the ASA 1000V only; for example, the DHCP server, routing policies, VPN device policies that are not applicable to Cisco VSG, or other devices.

Creating and Applying Edge Security Profiles

Edge Security Profiles include policies that can be applied to port profiles or VMs. Most of the firewall policies are defined in this type including ACLs, NAT, VPN and so on. Edge security profiles can also be applied to outside interfaces of the ASA 1000V. In this case, the policies are applied to traffic from sources that do not have a security profile attached. Typically, edge security profile is used on the outside interface of the ASA 1000V to define permit ACLs.

Site-to-Site IPsec VPNs

A site-to-site VPN connects networks in different geographic locations. The ASA 1000V supports IPsec site-to-site connections (called tunnels) to Cisco or third-party peers. The supported protocols for IPsec site-to-site tunnels are IKEv1 and IKEv2 using a pre-shared key.

In Cisco VNMC, the VPN configuration is divided into two sections: Device configuration and Interface configuration. Device configuration must be done using Edge Device Profile – IKE configuration and tunnel-group peer configuration.

Interface configuration must be configured under Edge Security Profile — crypto map configuration is considered an interface configuration.

Centralized Device Administration using device profiles

Device profiles include policies that are global, regardless of the type of appliance. The same device profile can be shared between Cisco VSG and the ASA 1000V. This profile type contains policies like NTP server, syslog server, etc.

These are a comprehensive set of features, but needless to say this isn’t a complete list of VNMC’s capabilities. For more information, please check out our product page and the more in-depth materials. If you’re at VMworld 2012 in San Francisco, we hope you’ll come check out VNMC at the Cisco booth! We’ll be performing demos there so you can check out the full suite of security features first-hand.

And remember, if you are around #VMworld this week, give us a shout out on twitter using Cisco hash tag #ciscovmw or to me @gkinghorn.

Tags: , , , , , , ,

Meet Intelligent Automation at VMworld this Week!

Welcome to San Francisco for one the most exciting events of the year!

Here’s a short blog post that will help you connect with the Intelligent Automation team at VMworld and learn about new solution developments and releases. In particular, you will be interested to see a brand new demo featuring Virtual Network Management Center 2.0. VNMC is a centralized device and security policy management software, which works together with Cisco Virtual Security Gateway (VSG) and the Cisco ASA 1000V firewall to manage security on Nexus 1000V virtual switch series.

Other Intelligent Automation and Unified Management demos offered in booth #1213 include:

Cisco Intelligent Automation for Cloud
Network Services Manager

And make sure you mark your calendar to attend one of these theater presentations to learn more about what Cisco can offer your organization:
• Cisco Intelligent Automation for Cloud
This session will discuss how Cisco Intelligent Automation for Cloud enables IT to move from manual to flexible automated provisioning of physical and virtual resources, while maintaining existing processes and governance, increasing IT efficiency.
Monday, August 27 10:30am Cisco booth

Virtual Network Management Center (VNMC)
Take a sneak peak into what will be covered in this session.
Tuesday, August 28 11:00am Cisco Booth #1213

Learn How Cisco Built its Own Private Cloud
Join this session to learn about the challenges Cisco IT has solved by implementing cloud management and orchestration technology to provide internal private cloud services.
See presentation here.
Tuesday, August 28 11:30am Cisco Booth #1213

Automated Network Services Provisioning for Multi-Tenant Data Centers
Learn how Network Services Manager enables customers to organize their network resources into a flexible multi-tenant infrastructure that integrates the network with their existing IT operational tools and processes. See presentation here.
Tuesday, August 28 1:30pm Cisco Booth #1213

In addition, several sessions are being offered to highlight the robust ecosystem of technology and channel, cloud partners that build and deliver an end-to-end cloud solution. Cisco believes that jointly with our partners we can help deliver complete Cloud solutions based on individualized customer preferences. Learn how by joining us for one or all of these short presentations:

Getting Started on your Cloud Journey with Presidio
Join this session to learn how Presidio, one of Cisco’s largest technology partners, can help you build a private cloud and prepare for a hybrid cloud model by deploying IaaS with Cisco UCS, Intelligent Automation for Cloud and VMware.
View presentation here.
Wednesday, August 29, 12:30 – 12:50pm in booth #1213.

• Vblock Cloud Management with Cisco Intelligent Automation for Cloud
Tuesday, August 28 4:30pm VCE Booth #1109

• VCE Users group at the Hilton Union Square
Tuesday, August 28 3:00pm

• Join us at the rPath booth #2441 for the unveiling of the Enterprise Cloud Adoption Framework: Cisco IA + UCS and rPath deliver standardized infrastructure for optimized application delivery.

As an example of how Cloud Automation capabilities are further strengthened through partnerships, Nimsoft provides end-to-end monitoring of software, virtual and hardware infrastructure of Cisco IA for Cloud based clouds. You will be hearing more on this development in upcoming industry events… We’d love to speak with you and further understand your cloud automation roadmap, so stop by and talk to our experts!

Never get enough bacon? Join Bacon, Social Media and fellow VMworld attendees for a one-of-a-kind meet and greet where bacon abounds:

Tuesday, August 28, 9-11 pm: #vBacon tweetup

Stay tuned on Twitter by searching for #ciscovmw and following @CiscoIA.

We’re looking forward to meeting you!

Tags: , , , , , , ,

Vblock Systems Management: Choice and Interoperability Matter

Jeramiah Dooley, Guest Blogger  @jdooley_clt:

Jeramiah Dooley brings more than 17 years of technology experience to the VCE Office of the CTO.  Previously he was the global SME for Service Provider business development, multi-tenancy and vCloud Director design as part of the VCE Corporate Engineering Group.  Prior to joining VCE, he was the Director of Engineering at Peak 10, a service provider based in Charlotte, NC, where directed the overall strategy, design and development of the Managed Services and cloud platforms. 

Hello from VMworld! VCE is excited to be here with all things we have going on ( If you’ve been following along your head is probably spinning with all of the announcements from VMware and all of the other companies in their ecosystem.

One of the themes from both VMware and VCE has been the idea of pushing value up the stack, particularly in the Management, Operations and Orchestration spaces.  This has long been a topic of interest for customers looking at purchasing Vblock systems, but with so many choices, and so many tools that can be leveraged, they have been asking how all the parts fit together to solve their business challenges.

One of the ongoing VCE efforts has been to provide customers with the tools and expertise that allow them to manage and operate a Vblock system with the same efficiency and value with which they purchase, implement and support one.  In support of that, VCE and Cisco are proud to announce a new joint design and demonstration that integrates multiple tools, concentrated around the flagship Cisco Intelligent Automation for Cloud product.

Unlike lower-level tools, automation is an effort that always starts on the business process side of the house.  This means that when done right, Orchestration and Automation can be incredibly powerful tools, but it also means that it requires the input of multiple teams to get to that point.  Orchestration is truly a horizontal, cross-silo endeavor, and in many cases it takes multiple tools working together to achieve the ROI that customers are looking for.  Where the VCE model, and the relationship between VCE and Cisco, really shines is being able to put together very powerful tools, integrate them on top of the best hardware available and accelerate that ROI.

For this design, we have put together a number of tools that we commonly see customers evaluating in order to give an end-to-end solution.  These components include:

  • Cisco Cloud Portal
  • Cisco Process Orchestrator
  • VCE Vblock Series 300
  • VMware vCloud Director
  • VMware vCenter Configuration Manager
  • VMware vCenter Server and Orchestrator
  • VMware vCenter Operations
  • VMware Hyperic

Graphically, the pieces can be represented like this:

As part of the demo, we built a number of standard business processes that we wanted to show customers.  These are based on real-world examples of what companies are doing with Vblock systems, and were selected to show the breadth of the solution.  The processes include:

  • Creation of a new user/resource consumer
  • Provisioning of an initial virtualized cluster, and deployment of initial vApp
  • Deployment of subsequent vApps by an existing user
  • Deployment of physical, bare-metal servers
  • Dynamic scaling of existing vApp based on increased workload
  • Removal of existing user and cleanup of resources

As you can see, each of these workflows are things that happen on a regular basis inside an enterprise operations team.  They are all prime candidates for this kind of automation, helping to drive standardization, improved QA, improved performance and reduce the time to deploy and maintain services.

Under the covers, the thing that is allowing Cisco and others to be able to drive efficiency with the customer at the software layer is the Vblock systems that have been deployed.  Having a known, consistent, standardized platform to work with allows Cisco, VMware, EMC, CA, BMC, Cloupia and other ITSM and orchestration partners to be able to start building relevant workflows for customers right away, rather than having to discover and build connectors for individual elements.

Providing more programmatic ways to manage the infrastructure besides just talking directly to the element managers is a key part of the VCE systems management strategy going forward, as our sessions and demos at VMworld show.  Giving a customer’s choice of orchestration and operation tools, the ability to see the entire Vblock in context rather than as a collection of individual elements will open up new ways for customers and partners to focus on and tackle business process challenges.  The era of infrastructure for the sake of infrastructure is over, and any efforts that aren’t aligned to the business and able to show value are quickly being pushed out of organizations.

Converged, programmable, standardized, repeatable, efficient and scalable are the ways that this new era of enterprise IT is defined, and VCE is proud to partner with Cisco to demonstrate one way those attributes can be leveraged to their fullest.

Tags: , ,

ASA 1000V Cloud Firewall Now Available to Secure Multi-tenant Data Centers

Virtualization news continues to move to the forefront as we head towards the start of VMworld in San Francisco. Last week we unveiled the upcoming Nexus 1000V 2.1 major release here. Perhaps the biggest news on the virtual security front is the availability last week of the ASA 1000V Cloud Firewall (download a free trial here). We’re also announcing special introductory pricing on the ASA 1000V of $1,995 per CPU, which also includes our new Virtual Network Management Center (VNMC) 2.0. Other promotional pricing bundles are available as well.

We’re excited about the ASA 1000V because it brings virtually all the features of our physical ASA appliances to virtual environments, providing greater consistency across the physical, virtual and cloud domains, however your applications are deployed. The ASA 1000V will primarily be deployed to protect tenants in a multi-tenant cloud environment with traditional edge security services including VPN, NAT, attack prevention and DHCP. This will complement our Virtual Security Gateway (VSG) firewall which has greater visibility to VM-specific policy attributes, and will be used to isolate VM-VM traffic within a tenant. But since there’s still a lot to do prepping for this week’s activities, like #v0dgeball, I’ll wrap up here and let Jimmy Ray from TechWiseTV share some of his thoughts on ASA 1000V and VSG (and remember, if you are around #VMworld this week, give us a shout out on twitter using Cisco hash tag #ciscovmw or to me @gkinghorn).:

Tags: , , , ,