Enterprise Platform as a Service

Enterprise PaaS with Puppet and Chef

In a previous Cisco Data Center blog, we announced our configuration management accelerator for cloud to enable organizations to move beyond monolithic golden templates into a dynamic TOSCA-modeled application design canvas.  Cisco Intelligent Automation for Cloud (IAC) has been working for months with PuppetLabs and OpsCode (Chef) and has had multiple successful customer proof-of-concept deployments.

The Cisco configuration management accelerator provides customers with a substantial improvement over the manual process of building and implementing multiple golden templates to build multi-tier application stacks.  The application stack is now described, and the description drives implementation.  Changes to the description apply to all future instances, and can even update running instances in continuous delivery scenarios.  The benefit is that the description becomes the master plan and machines are consistently and automatically constructed from that master plan without intervention by IT.  Software defines the application configuration.

Cisco’s cloud accelerator approach is true to an open philosophy that provides customers with a choice of solutions – not locking them into a single hypervisor, configuration tool, solution path, or even hardware selection.   The configuration management accelerators follow directly in the footsteps of our multi-cloud accelerator released last year.  That accelerator enabled Cisco IAC to provision, orchestrate and manage VMware vCloud Director, Amazon EC2, and OpenStack.  It has also been extended by customers to include Hyper-V, Azure and Rackspace through the preplanned extensibility built into it.

Our strategy has been to do the same for configuration management.  Tools like Altiris and System Center Configuration Manager have been working on the configuration management space for well over a decade through heavyweight configurator tooling.  Newer platforms like Puppet, OpsCode Chef, CFengine, Ansible, Salt and others are moving to more descriptive terms, and are putting these into a code repository where they are stored, versioned, forked, and used to configure running systems.  It’s an historical software-development paradigm applied to defining compute and application components of the datacenter.

This release of our configuration management accelerator will support Puppet and Chef and is designed to be extensible for other configuration tooling, and we are talking to some partners about adding to it quickly.  We chose Chef and Puppet for the first release because of their leadership in the software-defined application configuration space.  Let me give an example that illustrates why we are doing it this way:  Cisco IT chose to go with Puppet for our internal deployment, but what happens if Cisco acquires a company that had made a significant investment in Chef?  Cisco has been known to buy companies Even if your organization isn’t as prolific an acquirer as Cisco, it just takes one acquisition to make managing software configuration standards across the post-merger company a nightmare.  Or it could simply be that one of your department likes to use Python scripts despite the fact that you’ve deployed and evangelized Chef.  So we designed our solution to be able to use either. 

Or both simultaneously

…In the same virtual datacenter

We didn’t think that an acquisition of a repository of configuration definitions, or a decision to change between configuration tools, should completely destroy the value of the investment already made in the prior platform.

As mentioned above, Cisco IAC’s configuration management accelerator

Application Stack Canvas Image

Application Stack Canvas

uses TOSCA-based models to define whole application stacks, including the networking connectivity between virtual machines.  To make this easy to use, we are bringing out a new drag-and-drop graphical interface to aid in authoring these high-level application models that can be ordered through Cisco’s industry-leading service portal.  

But this accelerator is not just about configuration.  There’s a process to consider here.

It starts when IAC automatically inspects the Chef and Puppet repositories for available system blueprints.  A cloud administrator can view these and approve them for use in application stacks.  Once approved, the blueprints are available to application stack designers as icons to drag into the canvas shown in the screenshot above.  During this creation phase, the stack designer can place constraints around parameters so that some can be safely exposed to the end users while others are completely hidden and determined programmatically.  Cisco IAC streamlines and automates the vetting and approval process and once approved, blueprints are released to end users for their consumption.

The end result is that whole application stacks become simple items to safely order from our industry-leading service catalog.

But aren’t those blueprints a lot of work to write?

In a session at VMworld this week, VMware mentioned vCAC integration with Puppet and PuppetForge as a source of configuration images.  Out of the gate, their users will have access to thousands of Puppet scripts built by the community, which sounds fantastic, and absolutely validates the approach we took.  We just have a different perspective on relevance.  The public repositories (PuppetForge, Github, etc.) make their respective tools viable because these repositories are the key to not having to author everything from scratch.  At the same time, only the simplest and probably least valuable blueprints can be downloaded from a public repository and used without modification.  Does it have the right parameterization?  Does it make assumptions about the available LDAP directory that are not valid in your environment?  Did the author gracefully handle error cases that are unique to your environment?  Often not.  Our focus has been on the enterprise internal repositories rather than the public ones.  The enterprise’s repository is the superset of its own blueprints plus the relevant, customized ones downloaded from the public repositories.  In other words, the enterprise repository will likely not have as many blueprints as Github, but will have the ones that matter to the enterprise.  IAC’s solution inspects one or more enterprise repositories (remember the corporate acquisition point), and exposes services based on those blueprints via the process I described earlier.  The result is that only the relevant subset of the applications available from the public repositories show to the stack designers and end users, without thousands of “noise” items.

Oh, yeah.  Hardware.

Cisco is still a major hardware company, and our customers still care about hardware in addition to virtualized infrastructure.  Puppet and Chef have no problem configuring bare-metal servers, so why should the cloud management platform?  IAC already does bare metal as well as virtual for IaaS.  Furthermore, in between virtualized network devices, you will usually find physical network devices on which multi-tier applications depend.  As our customers’ cloud environments grow in usage, they grow in how dynamically they need to change.  Preprovisioning physical network and storage resources for virtualized cloud use cases gets to be a much bigger job when users are ordering more than just virtual machines, so automated physical provisioning becomes more critical.  The application stack models may not have an awareness of the physical or virtual nature of the hardware, but the provisioning platform better know what to do when consuming the TOSCA models.  If the application stack requires physical provisioning, IAC will do it.  Our customers would expect no less from us.  We expect no less from ourselves.


Tags: , , , , , , , , , , ,

Cisco’s Policy Enforcement Solution Delivers

Whether you need to support BYOD work practices, or provide more secure access to your data center resources, the Cisco Identity Services Engine (ISE) can help. With this all-in-one enterprise policy control platform, you can reliably enforce compliance, enhance infrastructure security, and simplify service operations.

Cisco’s leading One Policy Solution—the Identity Services Engine (ISE)—now delivers even greater capabilities.

Join us next Thursday September 5 to learn about the solution’s newest enhancements—now available with its 1.2 release. The Identity Services Engine provides a comprehensive solution to manage and maintain network access and policies—ensuring consistent enforcement across wired, wireless, and VPN networks. Register today!

During this online event, you will learn about the new features that provide increased scalability, reliability, and ease-of-use for guest access and BYOD on-boarding. You will hear from customers who have already deployed the 1.2 release. And we will discuss how the enhancements provide significantly greater capabilities than solutions available from competing vendors.

Mark your calendars and join us for this informative event. Register today!

Tags: , , , , , , , ,

Cisco UCS in an application centric world

Over the past few months I have been blogging about Cisco UCS in the context of various trends in the IT industry.

  1. Cisco UCS in an industrialized world
  2. Cisco UCS in a world with lotsa data
  3. Cisco UCS in the world of open source computing
  4. Cisco UCS in a world with windows
  5. Cisco UCS in a converged world
  6. Cisco UCS is a cloudy world
  7. Cisco UCS in a social world
  8. Cisco UCS in a mobile world

One thing is clear — IT world is changing and at a pace much faster than we have ever known.  It seems appropriate to culminate the series in the world of applications.  All entities, big and small ultimately want their data center infrastructure to run applications.  They could be collaboration applications for internal use or with partners.  The applications could be developed in house or could be commercial off the shelf (COTS). Some of the applications can provide the firm a competitive edge in the market – think recommendation engine used by Amazon.  At the end of the day the application is providing a valuable service.  With the advent of the Internet of Everything (IOE), there are many sources of data and connections that applications have to consider while delivering the service.

Imagine the Amazon recommendation engine taking into account your location and the temperature from a gauge near you.  Assuming that application services are delivered from a data center, the application must also be cognizant of the different access mechanisms, desktop computers, laptop computers, tablets and mobile phones. The rate of change in these new technologies is brisk.  As these rapid changes take place, Cisco offers Application centric infrastructure to ease the transitions.  Read Cisco CTO, Padmasree Warrior’s blog on this.

Cisco UCS with SingleConnect technology provides the compute platform for Application Centric Infrastructure. We plan on bringing you a series of events around Cisco UCS Management to leverage the intelligence in the network fabric to meet the demands of today’s dynamic applications.. These events could take the form of user community meetings, virtual community meetings or trade shows and roadshows. These events will show you how UCS Management lets you accomplish data center infrastructure initiatives and application initiatives.  It could be basic server management to disaster recovery, for infrastructure initiatives. It can range from UCS management for a simple web server application to UCS management for a complex mission critical SAP deployment.  Let us know what is top on your mind and we will help in any way we can.

We started with a google hangout introducing the Cisco UCS Management portfolio including the UCS Manager, UCS Central and UCS Director.  On Sept 5 at 8 AM Pacific we will air a hangout on tips and tricks for managing UCS Infrastructure with Microsoft PowerShell.  If you have an installation of Microsoft tools and applications in your data center you do not want to miss this.


Tags: , , , ,

Limitations of a Software-Only Approach to Data Center Networking

I want to address some questions about VMware’s NSX virtual networking announcement that have been asked of us by the media and social Web commentators in the past few days. Specifically, they have asked  why Cisco did not announce support for NSX and whether the announcement changes the long-standing strategic relationship between our two companies.

First, let me be clear: VMware is an important partner to Cisco, and we expect to continue our close collaboration around private cloud and desktop virtualization.  As we outlined yesterday in a joint news release about Cisco and VMware’s mutual customers, thousands of organizations rely on our combined innovation in their businesses each and every day and I look forward to continued success in this area.

While we share a common vision for private cloud and desktop virtualization, there are significant differences in our visions over the future of networking.

Network virtualization is important. We both agree on that. In fact, over the past several years, we have delivered game-changing innovations in this area particularly with the Nexus 1000v and more recently with NFV solutions, both of which are key elements of the Cisco ONE portfolio. Today, more than 6,000 Nexus 1000v customers benefit from the flexibility delivered by our virtual networking technology.

However, a software-only approach to network virtualization places significant constraints on customers.  It doesn’t scale, and it fails to provide full real-time visibility of both physical and virtual infrastructure.  In addition this approach does not provide key capabilities such as multi-hypervisor support, integrated security, systems point-of-view or end-to-end telemetry for application placement and troubleshooting.  This loosely-coupled approach forces the user to tie multiple 3rd party components together adding cost and complexity in day-to-day operations as well as throughout the network lifecycle.  Users are forced to address multiple management points and maintain version control for each of the independent components.  Software network virtualization treats physical and virtual infrastructure as separate entities, and denies customers a common policy framework and common operational model for management, orchestration and monitoring.

Cisco has a different strategy and that is embodied in the Application Centric Infrastructure.  Application Centric Infrastructure (ACI) is an innovative secure architecture that delivers centralized application-driven policy automation, management and visibility of physical and virtual networks.  It’s built upon a fabric foundation that delivers best-in-class infrastructure by combining hardware, software and ASIC innovations into an integrated system.

The architecture provides a common management framework for network, application, security and virtualization teams — making IT more agile while reducing application deployment time.  It’s built for multi-tenancy ensuring proper isolation and detailed telemetry of SLAs across different consumers of the infrastructure while also providing a consistent security policy across both physical and virtual applications.  ACI allows IT teams to offer a public cloud experience and economics to their customers while maintaining the associated SLAs and performance requirements for the most demanding business applications.  It’s an open programmable architecture with a comprehensive set of APIs that enables the broadest ecosystem of datacenter management and L4-7 services.  Finally, ACI enables comprehensive investment protection by leveraging existing IT teams’ skillset and infrastructure to lower overall TCO.

I recently wrote a blog post about how Network Virtualization is a Different to Server Virtualization as we think about the next chapter of networking.  It’s key to remember that underutilized compute resources created the opportunity for server virtualization. Underutilization is not a problem in the network. In fact, server virtualization is pushing the limits of today’s network utilization and driving demand for higher port counts, application and policy-driven automation, and unified management of physical, virtual and cloud infrastructures in a single system.  Businesses today are looking for more from their investments as they turn on new services and applications more quickly, in a way that is easier to manage and that can scale with applications needs.

We believe that delivering those benefits requires the flexibility of software coupled tightly with the performance and scalability of hardware and ASICs. That’s what we’re delivering with our Application-Centric Infrastructure vision and throughout the entire Unified Data Center portfolio.

Stay tuned for some exciting news from us in this area in the next few months.

Tags: , , , , , ,

#EngineersUnplugged S3|Ep10: Community Architecture (3 Ways You Can Join)

In this week’s Engineers Unplugged, we talk technology from a different angle–community. How can you join your community of peers to learn, grow your career, and stay on top of the latest in this ever-changing tech landscape? Listen in as Josh Atwell (@josh_atwell) and Gurusimran Khalsa (@gurusimran) talk about their experiences as co-hosts on #vBrownBag.

Great tips on how to maximize the time you spend on social media and professional development, there are many ways to give back. This unicorn they drew is not one of them.

#vBrownBag's Josh Atwell and Gurusimran Khalsa with their community unicorn.

#vBrownBag’s Josh Atwell and Gurusimran Khalsa with their community unicorn.

Welcome to Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)
  2. Subscribe to the podcast here: engineersunplugged.com
  3. Follow the #engineersunplugged conversation on Twitter
  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
  5. Practice drawing unicorns

As this episode airs, we are on the ground at VMworld2013. Please drop by the #vBrownBag space or follow @vbrownbag to learn the latest. Thanks for joining our community here at Engineers Unplugged.

Tags: , , , , , , , ,

The Next Paradigm Shift: Application-Centric Infrastructure (ACI) gets ready to rumble

True Innovators are not easy to find. In fact, people who build next-generation innovations and succeed are certifiably rare. Repeat successes with these innovations are rarer still. Hatricks are legendary. Anything beyond is best relegated to a rarefied stratospheric atmosphere and dismissed as fiction.

Fortunately for us at Cisco, one need not look too far for such innovators. The team of Mario Mazzola, Prem Jain, Luca Cafiero and Soni Jiandani (affectionately called by some in the industry as the MPLS team) has both the reputation as well as the track-record of not just building world-class innovations, but for successfully converting them into multi-billion dollar global businesses within the Cisco fold.   So, when they stop to talk about networking, a subject which they know a thing or two about, most people find it worth their while to listen up.

For those who’ve followed Cisco and particularly the switching and data center business, their handiwork is visible across Cisco’s switching  (Catalyst, Nexus, MDS switching) as well as compute solutions (UCS).  However, entrepreneurs cannot just rest on their laurels. They thrive on the next big challenge. So, when Cisco’s investment in Insieme network s was announced with this leadership team, there was considerable interest and excitement all around.

Needless to say there has been significant media, customer and analyst interest over the past 18+ months. So back in June, we took the opportunity to share the vision of Application Centric Infrastructure (ACI) when we had the largest gathering of Cisco customers, industry analysts and the media under one roof at Cisco Live!, Orlando.  During that time,  I also got to sit down for a “Fireside chat with Soni Jiandani, that you can watch here, where she talks about the vision for this new architectural approach, the design philosophy, limitations of current approaches with traditional networking and 1st generation SDN solutions, and  benefits customers can expect from infrastructure that is application-centric.

Fast forward now, this week at VMworld has proved to be quite interesting. Cisco is 2013 global diamond sponsor for VMworld and we’re collaborating on several areas together.  But with some of the networking related announcements from VMware, naturally, we’ve had all sorts of questions thrown at us. Some were from sections of the media community looking for headline material. Others were more genuine coming in from informed journalists, bloggers, investors, analysts and of course customers.  Many focused on our relationship with VMware.

Suffice to say, we have a great relationship with VMware, and plenty of strategic areas we’re jointly working on. When it comes to server virtualization solutions there has been a natural synergy. The partnership has been mutually beneficial for both companies. Customers like it. Likewise, the VCE partnership has been consistently delivering compelling customer value. That leaves just the networking piece. It is no secret that we share differing viewpoints on the best approach to deliver network solutions, particularly in the area of network virtualization in the data center. So, in that domain, we would compete.

Ironically, VMworld also created renewed interest in Cisco’s vision of Application Centric Infrastructure, and there were genuine asks t to learn more about this topic:

–          New application demands and how do they impact Infrastructure?

–          Vision of Application Centric Infrastructure? What customer pain points does it solve?

–          How does ACI compare with NSX and SDDC vision from VMware?

–          Will Cisco focus on software as well? Is this SDN or something different?

–          Role of OpenStack and ACI fit? What use-cases do they address?

–          Why is integration required between physical and virtual? Would a pure overlay solve the problem?

Some of these questions (paraphrased), were posed to Soni, as she sat down with the Wikibon and Silicon Angle team at VMworld this week. The candid conversation included insights into the approach that Cisco and Insieme team have been pursuing, as well as insights into broader landscape and competitive dynamics. The video is about 20 minutes long, but it captures the problem statement and Soni contrasts different industry approaches quite well.

I can only see this conversation becoming more exciting, as the vision of Application Centric Infrastructure gradually becomes a reality. There are not many in the industry that can make a transformative vision like this come to life. It requires a lot of the right building blocks. Fortunately, Cisco has a considerable footprint in, as well as knowledge of both physical and virtual networking. It has a strong foundation in network services and in Security. Its growth in servers has been nothing short of jaw-dropping. We also hit #1 market share in cloud infrastructure this year. A number of standards-initiatives are being led. New fabric innovations like Dynamic Fabric Automation have been announced with the current portfolio. There is a rich ecosystem of strategic partners that continues to grow. A company-wide initiative with the Cisco Open Network Environment (Cisco ONE) has grown roots. And most important, Cisco has a customer base that cuts across different segments and provides valuable insights.

So, wouldn’t it be great if we could leverage all these assets and accomplishments and take it to the next level — to lay the foundation for the next-phase of data center transformation? And while doing that, wouldn’t it be great, if this approach only delivered on all the promises being made by a pure software-defined data center, but went beyond? Like, way beyond?

No doubt, the application-centric infrastructure initiative is an ambitious one. But it is also where opportunities lie ahead for us as an industry and it is where customers want us to go. The journey has already begun.

We had indicated availability of solutions starting 2H 2013.  Fall starts in a few weeks time..

Fasten your seat belts!

Tags: , , , , ,

Introducing Cisco SingleConnect Technology


When customers talk about why they like UCS they often sum it up in very concise terms. “It makes things a lot easier,” is a common refrain. But if you ask a Cisco technologist what’s good about UCS you’ll get a much more lengthy reply, probably more than you wanted to hear. :) That’s because when anyone fully describes all of the innovations in the solution, “under the covers,” so to speak, which conspire to bring about UCS benefits, they quickly find themselves reciting a rather long list of complex advancements. As I spend time in our booth at VMworld this week I hear both of these accounts of UCS. The long (how it rocks) and the short (why it rocks.)  As luck would have it, some intrepid UCS product marketers have taken it upon themselves to bridge this yawning gap in the UCS lexicon.

First, remember that UCS is an outcome of starting with a clean sheet of paper and designing a system to rectify all the random acts of system architecture that had come before it. It’s also an outcome of a completely revolutionary way of approaching computing: not from the perspective of the constituent technologies but from the perspective of fusing them all together. UCS was expressly designed to eliminate the DIY integration that customers have been faced with for years. It was designed for a world of virtualization, automation and cloud. Fundamentally, UCS was designed to connect all the dots.

With the connections in mind, we’re introducing a technology ingredient brand into the UCS lexicon: Cisco SingleConnect Technology.

SingleConnect is a term intended to encapsulate the aggregated benefits of several key UCS technology components as they relate to server connectivity: Cisco Fabric Interconnects, Fabric Extenders, Virtual Interface Cards and Virtual Machine Fabric Extender Technology (VM-FEX.) Related technologies like the Nexus 1000v suite and Cisco’s virtualized network services also come into view when we talk about connecting physical and virtual servers in the data center.

Each of these deeply sophisticated products plays a specific role, but taken altogether they create an elegant result: a simplified, uniform and extremely powerful connectivity model for servers and virtual machines. SingleConnect is way for us to describe how all of these together result in one connection for:

• LAN, SAN, and systems management

• Rack servers and blade servers

• Physical servers and virtual machines

SingleConnect, very simply, is the easiest, most intelligent and efficient way to connect and manage computing in the data center.

SingleConnect is Easy: UCS is a “wire once and walk away” solution that eliminates many of the traditional time-consuming, manual and error-prone tasks required to connect servers and virtual machines in the data center. UCS with SingleConnect is self-integrating, with automated and dynamic configuration of server I/O and networking components over a common connection. UCS centralizes administration, eliminating dozens of switching and server management points found in traditional environments while radically reducing cable management complexity.

SingleConnect is Efficient: SingleConnect Technology combines three network layers into one: top of rack, blade chassis and hypervisor switching. It also combines LAN, SAN and server systems management networks on a single fabric. Modular fabric extenders deliver capacity from a centralized fabric interconnect (single point of management) to as many as 160 servers, replacing all the Ethernet and FibreChannel switches typically deployed in much smaller server increments. Server I/O adapters (NICs, and HBA’s) are consolidated onto a single Virtual Interface Card, eliminating cost and simplifying administration.

SingleConnect is Intelligent: SingleConnect technology creates a virtualization-aware system, providing seamless VM mobility and advanced security capabilities for multi-tenant environments. I/O capacity is dynamically allocated across physical and virtual machines in the system in accordance with QOS policies, eliminating the need for manual administrator intervention and simplifying troubleshooting. Deterministic, low latency switching delivers industry leading bare metal and virtualized performance for traditional multi-tier application environments and cloud workloads alike.


Cisco SingleConnect Technology is not a specific product or feature, it is a way to describe how a deliberate roadmap of innovation solves against one of the oldest computing problems in the data center: “how do I connect all this stuff together?”

With SingleConnect!

If you’re at VMworld in San Francisco this week, stop by the Cisco booth and we can give you demo of how SingleConnect brings it all together.

Tags: , , , ,

Solve My Business Problems, Accelerate Growth, and Oh yeah, Keep the Lights On?

IT and Alexander the GreatAre you an IT manager feeling the pressure to be “innovative” while still responsible for keeping the lights on? And what does it actually mean to be “innovative” in Enterprise IT?  Isn’t it just about the technology?

Today’s IT managers are not only responsible for making technology decisions, they are becoming increasingly responsible for using the network to deliver on business priorities, help solve business problems, and accelerate growth.

Whether it is headlines such as, “Today’s CIO Needs to Be the Chief Innovation Officer“ from an HBR blog, or the continued threat of Shadow IT, the pressure is on IT organizations to demonstrate their value beyond just “keeping the lights on”.

Recent Gartner reports have predicted that IT organizations will lose 5% of their budget to their respective Lines of Businesses (LOB) annually and that 90% of technology spending will occur outside of IT by 2020.

Why is this spending shift happening?  Businesses are facing increasing pressure to move quickly and with more “X as a service” available, a simple credit card can enable instant cloud storage, applications, and even networking in the organization without IT knowledge.

This changeover was the main topic of discussion at the Nemertes 360 Navigator conference in early August.  The conference theme was “Innovation in the Age of Enterprise Technology”.  Discussions went beyond budget loss to how IT can use technology and processes to create business value within their company – potentially attracting more funding.

Let’s look at what we learned about innovation during this conference:

Innovation works best when there are both technology AND process changes.  The iPhone was an innovative product but the ability to quickly and easily download apps from the Apple App Store is what really helped the iPhone achieve its global success.    Johna Till Johnson, President and Founder  of Nemertes, cited an example from Alexander the Great to further this concept of the need for technology and process to change in tandem.  Alexander the Great leveraged a new extra-long weapon, called a sarissa, to gain an advantage during war.  But the weapon was easily duplicated by enemies, and alone,  didn’t make the difference. It was the flexible battle phalanx formation that Alexander’s troops mastered, combined with the new weapon that led to success on the battlefield.Formal

Successful companies have a formal innovation program in place. When it comes to innovation in the workplace, Nemertes research shows that successful companies have a formal innovation program in place – yet 50% of companies don’t have one. Innovation programs reward employees for coming up with new ideas and pioneering new ways of doing business.  Companies who reward innovation stay ahead of and lead the curve; companies who don’t usually end up playing catch-up.

The conference also showcased examples of how different companies built innovation into their IT department’s tight, “keep the lights on” schedules:

  1. In many cases, the IT team teamed up with a senior level business partner in HR, Marketing or Finance to discuss how to use the network to solve problems. This senior level business partner would then become the sponsor and evangelist for innovation in IT.  Nemertes found that 55% of companies have a VP or higher responsible for innovation.
  2. One financial organization shared a very popular practice at their company called an “Innovation Jam”.  For two weeks, the IT organization leaves their normal positions to team up with a business unit to brainstorm and solve a problem using technology.  The last Innovation Jam yielded three solutions for the problem and each was implemented and sponsored by the business unit.  Now the IT organization has a backlog of motivated IT staff and eager business units to sponsor these sessions ongoing.

Although these are great examples of how IT innovates, there are still challenges:

Complexity:  IT managers need to continually stay abreast of new technologies, multiple network transport systems (SP, enterprise network or cloud), multiple devices, explosions of applications, Big Data and analytics in addition to the myriad of technologies that vendors like Cisco provide to them daily.   There just isn’t enough time in the day to stay on top of it all and still maintain five 9s reliability.

Operating structure:  In this Nemertes report, Robin Gareiss, EVP and Founder of Nemertes Research, says: “IT leaders must define a new operating model that allows for innovation and adapts to the changes in the business climate and in the demand for services. Not only does this shift change the way business leaders view IT, it also alters the organizational structure of IT itself.”

Participants at the conference agreed that one part of IT may need to focus on keeping the lights on, while another group specializes in working closely with business stakeholders to innovate and solve business problems.

What are your experiences with Innovation in IT? What are your challenges in both Innovating and “Keeping the Lights On?”   Have you explored how IT can have key role in corporate Innovation? Leave a comment or email me at dpare (at) cisco.com.

Tags: , , ,

ONE + ONE = 6: New Math for Enterprise Programmability

In my previous 3-part blog series I discussed the challenges in the Enterprise WAN and relevancy of SDN in overcoming these challenges and how Cisco ONE Enterprise Networks Architecture addresses these WAN challenges. In this blog post I will discuss how Cisco ONE (Open Network Environment) and ONE Enterprise Networks Architecture fit together. In a following blog, I will discuss how Cisco ONE Enterprise Networks Architecture provides six significant benefits to enterprises through programmability. ONE + ONE = 6 is the new math for Enterprise programmability!

Cisco ONE

Cisco ONE (Open Network Environment)

Cisco ONE is a comprehensive, Cisco wide solution (not just data center) approach to making networks more open, programmable, and application-aware. There are numerous blogs, and videos about Cisco ONE that can be found here. As a brief summary, Cisco ONE comprises of 3 pillars that provide a programmable approach to both physical and virtual infrastructure:

  • Platform APIs: Programmatic access to network infrastructure begins with APIs that can access the entire end-to-end network infrastructure. OpenFlow, onePK and CLI are examples of such APIs.
  • Controllers & Agents: This pillar provides the automated provisioning of network services and applications. A Controller, that is open sourced with OpenDaylight, is at the heart of this pillar and interacts with agents embedded on network infrastructure elements and enables automated provisioning, orchestration and access to network wide analytics.
  • Virtual Overlays: Any comprehensive, end-to-end network environment increasingly includes virtualized infrastructure. Cisco ONE provides multiple ways of seamlessly connecting the physical and virtual infrastructure.

You can find a lot more detail on Cisco ONE here.


Cisco ONE Enterprise Networks Architecture

I covered the details of the Cisco ONE Enterprise Networks Architecture in my earlier blog. To quickly summarize the 3-layered architecture is show below and each of the layers described.


Cisco ONE Enterprise Networks Architecture

Cisco ONE Enterprise Networks Architecture

  • Network Element Layer:  The Cisco ONE Enterprise Networks Architecture is built upon a foundation of distributed intelligent and programmable network devices across the end-to-end infrastructure. Supporting various APIs such as OpenFlow, onePK and CLI, this layer provides programmatic access to the entire enterprise network.
  • Control Layer: With the Cisco ONE/XNC Controller at the heart of this layer, the Cisco ONE Enterprise Networks Architecture delivers speed and ease of provisioning across the entire Enterprise network. This eliminates the per-device provisioning and vastly improves the speed and accuracy of adding new services consistently across the network. The Control Layer also offers advanced analytics across the entire Enterprise network, LANs and WAN, through open APIs. The real-time analytics data is available for any applications to use as well as for IT to monitor and diagnose any network issues.
  • Network-Aware Application Layer: Cisco ONE Enterprise Networks Architecture enables applications and services to be network-aware by abstracting away the network in the Control Layer and making advanced network analytics available to the applications. Applications and services can now be smart about the network conditions, access network wide intelligence from the Control Layer through open APIs, and deliver an optimal user experience, securely, while simplifying IT operations.


Cisco ONE and ONE Enterprise Networks Architecture

Now, the obvious question is: how does the Cisco ONE Enterprise Networks Architecture fit with Cisco ONE? And what the benefits to Enterprises from such a comprehensive approach to network-wide programmability enabled through an architecture that has a high degree of openness?

First, let’s see how the three pillars of Cisco ONE apply to the Cisco ONE Enterprise Networks Architecture and Cisco’s Enterprise portfolio.

  • Platform APIs: Cisco ONE Enterprise Networks Architecture supports platform APIs such as OpenFlow, onePK and CLI. The Cisco Enterprise portfolio across the branch and campus are the components of the Network Elements Layer and support these platform APIs.For example the Catalyst switches and the ISR routers support OpenFlow and onePK APIs.
  • Controllers & Agents: The Cisco ONE/XNC Controller (see a demo here) enables automated provisioning, orchestration and access to network wide analytics across the enterprise. With topology abstraction, the ONE Controller provides provisioning of network services such as QoS and ACLs consistently across the wired and wireless networks. We have new and exciting announcements on the ONE/XNC Controller for enterprise segment coming soon at major events, InterOp NY 2013 and others.
  • Virtual Overlays: In the enterprise portfolio, Cisco offers the Cloud Services Router (CSR 1000V) a virtual router that provides a full-fledged IOS-XE secure routing functionality to enable enterprises to easily extend into the cloud: private or public/hybrid clouds. With support for onePK and RESTful APIs, the CSR1000V offers programmability to virtual infrastructure that is consistent with the programmability for physical infrastructure. Just virtualizing a router is not the same as programmability or SDN, being able to provide programmatic access through APIs to gather network intelligence and allow for automated provisioning are what it means to adhere to the concepts of SDN.


With this high degree of support for Cisco ONE programmability and openness, the Enterprise portfolio is continually adding open access to new products and old providing strong investment protection.

OK, so now it is clear how Cisco ONE Enterprise Networks Architecture and the Cisco Enterprise portfolio fit into the overall Cisco ONE solutions. What are the additional benefits that Enterprises can expect with the Cisco ONE Enterprise Networks Architecture? How is ONE + ONE = 6?

I will cover these 6 benefits and the new Enterprise programmability math: ONE + ONE = 6, in the next blog.


Thanks for reading and please comment on any and all aspects. I look forward to your comments. Stay tuned for the next blog post.


Tags: , , , , , , , ,

Learn about Cisco’s Data Center and Cloud Management Software at #VMworld


This has been an exciting year for the Cisco Data Center and Cloud Management team – and we’ll be featuring several recent data center software innovations at VMworld this week. You won’t want to miss our new demos of Cisco UCS Director (formerly Cloupia), Cisco Intelligent Automation for Cloud (Cisco IAC), and Cisco Prime Network Services Controller (formerly Virtual Network Management Center) in the Cisco booth!

You can also stop by the VCE booth to learn about unified infrastructure and cloud management for Vblock, with UCS Director and Cisco IAC – we’ll have presentations in both the Cisco and VCE theaters. And in either the Cisco booth or the NetApp booth, you can learn about UCS Director for managing your FlexPod.

As you’ll see below, Cisco Prime Network Services Controller is a key component in several demos in the Cisco booth, including the new Nexus 1000V InterCloud and Dynamic Fabric Automation. You can read more about Prime Network Services Controller at VMworld in this blog post.

Schedule 1:1 meetings with Cisco executives or ping @CiscoUM (Cisco Unified Management) on twitter for an informal meet up. We’d be happy to connect you with one of our management software experts.


  • Cisco UCS Director for Converged Infrastructure Management. See the latest version of the powerful Cisco UCS Director solution for managing both physical and virtual infrastructure in your FlexPod, Vblock, or VSPEX environments.  You can also see a demo of UCS Director integrated with Cisco Intelligent Automation for Cloud (IAC).  Showcasing: UCS Director and IAC. New demo!
  • Cloud Management for Multi-Cloud and DevOps Solutions.  Cisco Intelligent Automation for Cloud now provides solution accelerator kits that enable you to integrate with multiple cloud environments (e.g. VMware vCloud, OpenStack, Amazon Web Services), and with Puppet and Chef for configuration management. Showcasing: Intelligent Automation for Cloud. New demo!
  • Cloud Networking Services with the Nexus 1000V. Demonstrates vPath integration with Citrix VPX and Imperva WAF, with Prime Network Services Controller. Showcasing: Nexus 1000V and Prime Network Services Controller. New demo!
  • Hybrid Cloud Networking with Nexus 1000V InterCloud. See how to build a highly secure hybrid cloud environment, providing Layer 2 networking connectivity from your  enterprise data center to a public cloud environment, with Nexus 1000V InterCloud. Showcasing: Nexus 1000V InterCloud and Prime Network Services Controller. New demo!
  • Simplify, Optimize and Automate with Dynamic Fabric Automation. Find out how Dynamic Fabric Automation simplifies both physical server and virtual machine deployments in your data center, with automated network provisioning. Showcasing: Prime Data Center Network Manager and Prime Network Services Controller. New demo!

And make sure you join us for our theater presentations to learn from the Cisco Unified Management product experts — every day this week at VMworld. See below for the schedule.



Go Beyond IaaS with Cisco Intelligent Automation for Cloud

5:00 – 5:20pm, Location: Cisco booth

Cisco Dynamic Fabric Automation: Simplified DC Network Operations

6:00 – 6:20pm, Location: Cisco booth


Cisco IAC Provides Cloud Management on Vblock Systems

1:45 – 2:05pm, Location: VCE booth

Transform Cloud Automation with VCE, Cisco, and EMC

4:00 — 4:20pm, Location: Cisco booth

Cisco Unified Cloud Management

4:40 – 5:10pm, Location: VMworld Solutions Theater

Go Beyond IaaS with Cisco Intelligent Automation for Cloud

5:30 – 5:50pm, Location: Cisco booth


UCS Director for Vblock Systems Management

1:45 – 2:05pm, Location: VCE booth

FlexPod Infrastructure Management and UCS Director

3:30 – 3:50pm, Location: Cisco booth

Enabling ITaaS through Cisco Domain Ten

4:30 – 4:50pm Location: Cisco booth

Prime Network Services Controller: Deploying Cloud Network Services

5:00 – 5:20pm, Location: Cisco booth

Transform Cloud Automation with VCE, Cisco and EMC

4:00 – 4:20pm, Location: Cisco booth


Unified Infrastructure Management with Cisco UCS Director

11:30 – 11:50pm, Location: Cisco booth

Cisco Dynamic Fabric Automation: Simplified DC Network Operations

12:00 – 12:20pm, Location: Cisco booth

Cisco IAC and UCS Director Provide Unified Management for Vblock 

1:45 – 2:05pm, Location: VCE booth

Make sure you follow us on twitter at @CiscoUM – and feel free to reach me at @Carolinamfdz if you have any questions. I look forward to seeing you at the show!

Tags: , , , , , , , , , , , ,