Cisco Routing Earned Two New Certifications

– December 21, 2016 – 0 Comments

The year is about to end, but the hard work of our labor keeps on bearing fruits. From several customer successes at the beginning to Best of Interop mid-year, and now, we’re wrapping up 2016 with two more industry certifications for Cisco Routing platforms: the MEF Carrier Ethernet 2.0 and Miercom Performance Verified.

One Shall Reap What One Sows

What we sow are our relentless commitment to and delivery of network innovations. In return, we reap the attainments of successes by our customers using our innovations. Throughout the year, we witnessed many business transformations enabled by our products and solutions. Many even co-celebrated their wins with us on stage at Cisco Live. See a few highlights for 2016 below. (For a comprehensive list of innovations in Enterprise Network, see Prashanth Shenoy’s blog Cisco DNA Ushers a New Era.)

Early on, Patrick Drew, Network Infrastructure Manager, shared how Huntington Bank migrated to Bank of the Future with Cisco Intelligent WAN. Results: 66% cost avoidance and high availability up to 100%. Branch manager’s accolade: “Teller application is running great!” View Huntington Bank session video and presentation.

At Cisco Live Las Vegas, Sean Wang, University of British Columbia Network Architect, leveraged network virtualization to deploy virtual firewall and load balancer across a campus of 400 hectares and 200 locations. Sean simplified and scaled the university network up to 10G, automated configurations, and achieved GO GREEN status. View UBC session video and presentation.

Along the way, our innovations were recognized. Also in Las Vegas, we won Best of Interop in several categories:

1. Cisco Enterprise NFV, the first branch virtualization solution for enterprise;
2. Cisco Flexible Radio Assignment, an intelligence-driven, real-time capacity management feature available on Cisco Aironet Wireless Access Points; and
3. Cisco FirePOWER Next Generation Firewall (NGFW), the first threat-focused, fully integrated NGFW with unified policy management.

About two weeks ago, two customers, Under Armour and Adobe, shared how they successfully extended applications to public clouds using Cisco Cloud Services Router 1000V and Transit Virtual Private Cloud solution on AWS. We hit record highs in terms of number of registrations and attendance capacity for this webinar. If you missed the session or wasn’t able to login due to capacity limit, watch it on-demand here and test try CSR1000V for free.

And Now, Two New Certifications

MEF Carrier Ethernet 2.0. It is an industry program that certifies compliance with Carrier Ethernet 2.0 standards. Our enterprise and carrier-class routers, the ISR 4000 Series and ASR 1000 Series, got certified among a selected few. Networking Equipment Manufacturer (NEM) goes through an independent lab test of 634 test cases in order to attain such certification. When using an MEF CE 2.0 certified product, customers can rest assure that:

  • A-level of services are provided with certified equipment/software.
  • Test burden for their organization is reduced.
  • Compatibility with other vendors in mixed deployment environment is assured.
  • Certified equipment will operate within the published specs for functionality and accuracy.

Miercom Performance Verified. Miercom independent lab test attests to the reliability of network product’s claimed performance. This is even more important for software product in the cloud than hardware product. In a shared resource environment like a public or private cloud, load-balancing among virtual machines and virtual network services requires not only high availability, but also horizontal scaling. These capabilities ensure businesses can spin up or down services on-demand (agility) and elastically scale as the application needs expand (flexibility). Following the footstep of the ISR 4000 Series, our Cloud Services Router 1000V is now Miercom Performance Verified for public and private cloud environments.

Some highlights from the CSR1000V Miercom report.

  • Using just one or two virtual CPUs (vCPUs) per virtual machine (VM), CSR 1000v delivers outstanding throughput performance – up to physical limit of 20 Gbps on x86 Server and up to 5 Gbps on Amazon Web Services.
  • The latest CSR 1000v software we tested delivers up to 40 percent better throughput than the previous version 3.17.
  • Benefits to using CSR 1000v became apparent in all scenarios tested – including quick implementation, flexibility, hypervisor agnostic, and IOS XE’s familiar configuration and diagnostics tools.

Not so shabby for 2016, wouldn’t you say? Stay tuned. In 2017, we have many new innovations and even more customer successes to share. Meanwhile, happy holidays to you and yours.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

The Year of Network Innovations – Cisco DNA Ushers a New Era

– December 20, 2016 – 0 Comments


Whatever word you choose to describe 2016, boring won’t be one of them. From changes in political arenas across the globe to beloved public figures passing away to the Chicago Cubs winning the World Series and ending 108 straight seasons of losing. The last year has been anything but ordinary.

It’s been an extraordinary year at Cisco too.

The biggest news of 2016 was the March introduction of Cisco Digital Network Architecture (DNA). Quite simply, Cisco DNA revolutionizes the way you deploy and manage your network for the digital era through a software-driven architecture focused on automation, security, and analytics.

How does DNA make things simpler? Automation is one way. By using the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) your operations are streamlined through automating tasks and creating consistent workflows and policies across your network.

Keeping your data secure is the most important job you have. Cisco DNA allows for Network as a Sensor (NaaS) and Network as an Enforcer (NaaE) through services such as Cisco Identity Service Engine (ISE) and StealthWatch. Think of it as the network becoming an end-to-end sensor that proactively detects and stops threats across all segments.

Whether it’s sports or the entertainment industry or business or even politics, the reason why people are successful in these industries is because they know the numbers. Cisco DNA provides you with easy-to-understand analytics through solutions such as Cisco Connected Mobile Experiences (CMX). This gives you the insights from your network to make faster business decisions based on customer behavior or what your employees are doing.

It’s true that your hardware and software should work well together, but that sort of symbiosis doesn’t always provide the most freedom. With DNA, Cisco has reimagined the network architecture by allowing virtualization to take center stage. Enterprise Network Functions Virtualization (E-NFV) allows you to move fast and start up software instances of network functions wherever you need it. This is a huge time-saver because you don’t have to buy, deploy and test proprietary hardware appliances.

What does that all mean though? Customers that have deployed the Cisco DNA solutions have seen key improvements such as:

  • A five-Year ROI of 402% and a nine-month payback period with an average of $48K annual benefits (per 100 users)
  • 42% faster WAN branch deployments
  • 17% faster delivery of applications
  • 28% more efficient IT networking staff teams

This isn’t just about us tooting our own horn, the industry has embraced Cisco DNA.

“DNA and its focus on software represents a significant realignment of Cisco’s approach to the network and is a nod to the rapid changes businesses are undergoing.”—Jeffrey Burt, eWEEK

“Ultimately, Cisco DNA is a game changer, and one that will likely elicit a response from key infrastructure players and solution providers.” – Rohit Mehra, IDC

Our customers have responded to the overall Cisco message as well. This past year has seen an overabundance of customer success stories that show how DNA is helping our customers accelerate their digital transformation.

Besides DNA, Cisco has released a number of truly revolutionary products – all of which form the infrastructure foundation on which the DNA solutions run on.

The year saw the extension of the 802.11ac Wave 2 access point family into a cohesive, all-purpose solution that covers the needs of your organization—no matter the size—and your outdoor network. Read all about the release of the Cisco Aironet 2800 Series and 3800 Series Access Points, the Cisco Aironet 1810 Series Office Extend and Aironet 1810w Series Access Points and the Cisco Aironet 1560 Series Outdoor Access Points.

Included in those access points are cutting edge features such as CMX Virtual Beacon, Flexible Radio Assignment and CMX Cloud.

Switching saw a release of products that will future proof your network for the next decade and more. Designed to provide higher performance, better scalability and enhanced hardware-enabled features, these switches are ready to take advantage of the 802.11ac Wave 2 revolution.

If you missed any of these launches, check out Cisco Catalyst Supervisor 6T for Catalyst 6K Series, Catalyst Supervisor 8L-E for Catalyst 4K Series, Cisco Catalyst 3650-Mini or the Cisco Catalyst 2960L.

It was a big year for enterprise routers as a multitude of new products, including branch virtualization and OS container innovation made their way to the field. From a price- and performance-optimized branch router to DC-class WAN aggregator, each platform offers a digital-ready and application-centric foundation for your enterprise network.

Here’s a year worth of new products distilled into a few links: ISR 4221, Multi-carrier LTE 2.5, WAAS 6.2R, UCS-E 6-core blade server, ASR 1000 RP3, ASR 1001-X, ASR 1001-HX, ASR 1002-HX, ASR 1006-X and ASR 1009-X. On the virtualization front, we introduced industry’s first Enterprise NFV solution for the branch followed by App Hosting on IOS XE for Cisco, homegrown, or 3rd party lightweight applications.

What’s in store for 2017? I can’t say anything right now, but I invite you all to stay tuned and see what surprises we have in store for you in the next 12 months.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Top 5 U.S. Digital City Builds Data Center Brain Trust on Cisco ACI

– December 16, 2016 – 0 Comments

Digital transformation is a driving force in changing the market dynamics and competitive landscape for businesses across all vertical segments.  Businesses can’t wait for IT and long budget approvals to get in the game – and neither can local and state governments that must meet the increasing demands of citizens who want quicker and easier access to public services.

While the public sector may not seem like the most progressive when it comes to technology, cities at the state to global levels are leapfrogging into the digital era and raising the bar for public services.

Take Durham County in North Carolina, home of renowned Research Triangle Park, Duke University, and hails as one of the fastest growing counties in the United States serving a diverse population of county residents and businesses. Durham County’s mission is to serve its citizens and employees through engagement and collaboration by offering innovative applications and services across public safety, health, social services and administrative functions.

With a Smart City mindset and need for a digital infrastructure foundation, Durham County made its government vision a reality with Cisco’s pioneering SDN and data center technology (See related news release: Durham County Upgrades Data Center Network with Cisco ACI to Speed New Services and Applications for County Residents, Businesses, and Employees).  At the heart of it all is Cisco ACI, which enabled the County to build a state-of-the-art, automated application-centric data center.  With Cisco ACI, its Information Services & Technology (IS&T) staff can now spend less time managing the network, and more time creating innovative applications that make its local government more efficient and secure. Now, residents have quicker and easier access to public services, which helps meet the County’s accountability goals.  For example, residents can send in photos and documents to the County via a mobile app from marriage licenses to utility bills, saving time, energy and cost and fosters a green environment.

At the Gartner Data Center Summit in Las Vegas last week, Durham County took the stage with Cisco showcasing its public sector model leveraging SDN. “We selected ACI because we trusted it would become the brain of our data center,” said Seth Price, Sr. Network Manager at Durham County.

Taking it to the next level, Durham County currently has an initiative underway called OpenDurham. County developers and citizens can create applications with openAPIs for residents and businesses, fostering collaboration, engagement and openness in the community.

Price closed Gartner’s session with “…..It’s an exciting time to be a network engineer, and there is more time to innovate even at the local government level.” If a local government can reap the benefits of Cisco ACI, go digital and save taxpayer dollars, think of the potential opportunities for enterprises and big businesses. Learn more about Application Centric Infrastructure (ACI) and How Cisco ACI delivers business outcomes.





Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Nexus 7000 Innovations: Data Center Interconnect, Enhanced Scale, Enhanced Security and Investment Protection

– December 13, 2016 – 0 Comments

Digital transformation is a multi-trillion dollar global initiative that is placing enormous pressure on IT to move faster and manage the increasing diversity in the types of users, apps, and locations needed just to support their businesses’ bottom line. As a result, developers will create thousands of new enterprises apps that demand the utmost in scale and security without sacrificing performance.

Cisco’s unmatched portfolio of networking solutions as well as integrated, converged, and hyperconverged platforms is a key element of success in the Digital era. The completeness of this portfolio with its foundation built on the Nexus family enables sustained differentiation against point product networking providers and proprietary, single-vendor public clouds.

Today Cisco is bolstering this data center networking portfolio by introducing new innovations on Nexus 7000 and Nexus 7700 Series Switches. The new Nexus 7000 M3 Series 1/10G and 40G modules, and the Nexus 7700 M3 Series 100G modules along with the already shipping Nexus 7700 M3 Series 1/10G and 40G modules enhance scale, security and enable Seamless Datacenter Interconnect (DCI) Options while preserving the investment.DCI Webinar

The new modules are also compatible with previous generation Supervisors, Fabric and I/O modules, which allows customers to incrementally and systematically enhance the feature set of their Nexus 7000 and 7700 Series switches. Through these advancements, the Nexus 7000 family addresses the requirements of various designs, cabling, and environmental requirements and is ideal for DCI, DC core and Campus core deployment scenarios.  ( Please check release notes for specific modules that are compatible )

Nexus 7000 M3 48-Port 1/10G CardNexus 7000 M3 24-Port 40G CardNexus 7700 M3 12-Port 100G Card

Highlighted features of the new Nexus 7000 modules include:

  • Large Tables (routing, MAC, and ACL) and Deeper Buffers enable you to deploy the Nexus 7000 with M3 Series modules in more places in the network – DC Interconnect, DC Core, and Campus Core.
  • Next generation ASIC with advanced parser capabilities provides efficient interworking between various encapsulation technologies – VXLAN, OTV, VLAN, etc.
  • 256 Bit hardware based Encryption (MACsec) – provides Line rate encryption for securely interconnecting DC.

Foundational elements of the Cisco ASAP Data Center architecture, the Nexus 7000 make it possible for our customers to convert their IT infrastructures into engines of both digital and IT transformation.

To learn more about the Cisco Nexus 7000 Series Switches, a major component of Cisco ASAP Data Center story, please register here to attend the upcoming webinar:

For more info:

Attend this webinar: Dec 15th, 10 AM PST.

DCI Webinar

Tony Antony
Sr. Marketing Manager


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Cisco UCS S-Series and the Benefits of Storage Profiles

– December 12, 2016 – 0 Comments

The new UCS S-Series storage server leverages the automation and programmability of UCS management to provide greater levels of efficiency and flexibility.

Guest Blogger: Craig Ashapa, Technical Marketing Engineer

Last month Cisco introduced the new Cisco UCS –S-Series S3260 supported by a new release of UCS Manager. The S-Series features a very modular architecture, and it can support up to 600 TB of HDD storage and 90 TB SSD flash. To be honest, there are a couple of storage servers in the market that provide similar scalability, but none of them have the unique advantages of policy-based automation and integration with the broad UCS management partner ecosystem.   Active data and data intensive workloads require the ability to carve up storage resources and manage them more dynamically. That’s why UCS management combined with the S-Series provides significant benefits for your organization

Automating Data Intensive Compute and Storage

When you are trying to provision significant amounts of storage and compute resources and achieve what we call “Data Unstored”, you need the efficiencies of automation and programmability. Active data requires the ability to manage resources rapidly and consistently. We introduced Storage Profiles in earlier releases of UCS Manager, but the S-Series really leverages the power of this functionality.

I wanted to help you understand the benefits of Service Profiles and how they differ from traditional disk geometry/volume creation methodologies, so I created this new demo video.

Click on Image to Start the Demo Video


Stepping You Through the Demo

The demo starts with an introduction of the UCS S3260, then it goes through several steps:

  • Bringing the S3260 under UCSM management
  • Chassis template and profile creation and association, including firmware package and disk zoning
  • Server pool creation
  • Storage Profile and Disk Group Policy creation
  • Boot policy creation using a storage profile boot LUN
  • Service Profile Template creation consuming storage profile, boot policy, and server pool
  • Service Profile creation for 20 servers using a Service Profile Template
  • Display 20 Service Profiles/Servers being created in parallel with the local disks being configured

If you are familiar with all the steps required to provision storage and compute without Service Profiles, you will realize the advantages of using UCS management to automate this process and provide you with programmatic control of the resources. Storage Profiles provide a systematic way to automate the steps for provisioning Disk Groups, RAID Levels, LUNs, boot drives, hot spares, and other related resources. They are used in combination with Service Profile Templates to map the associations between logically defined storage resources and servers.


If you’d like to learn more about the UCS S3260, click here.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Unleashing IT – Evolution of the Data Center

– December 12, 2016 – 0 Comments

We are pleased to share this newest edition of Unleashing  IT  which talks about how next generation UIT V5 Iss4 coverdata centers are drivers of business transformation, orchestration, and success.  It contains 6 thought leader  articles and 2 customer stories providing unique perspectives on business challenges and solutions employing state of the art Cisco technology.

Why Data Centers Are More Important Than Ever introduces the importance of a consistent policy model for analytics, simplification, automation, and protection in the ASAP data center.

A DVR For Your Data Center explains what happens when you capture  every packet and every flow in your entire data center and add analytics with machine learning to deliver application dependency mapping and establish zero-trust operations by combining Tetration and ACI.

Finding The Right Home For Your Applications discusses how to model and application’s characteristics and policy requirements to deploy and manage them in the data center and cloud environments best suited to optimize price and performance for the business.

Software-Defined Networking Just Got Better talks about how ACI extends policy-driven automation up the cloud stack and uses a common policy model to accommodate any L4-L7 service for firewall, intrusion detection, and load balancing services.

Protecting Users Beyond the Firewall shares how customers are using Cisco Umbrella and CloudLock to protect users and data in cloud applications that are directly accessed from mobile devices outside the data center network.

Easier, Better Security With Micro-Segmentation introduces how Cisco automates configuration and enforcement using group-based management to secure applications, devices, and users in and out of the data center.

Hyperconverged Infrastructure, Hyper Efficient Operations details how a company enables rapid growth and deliver excellent user experiences using a next-gen data platform.

Building A “Field Of Dreams”  talks about how a service provider assembles a powerful cloud platform to transition from a network integrator to becoming a DevOps facilitator.

I hope you enjoy reading it and share the publication with your colleagues.  Just share the link:


To Learn More:


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Cisco ACI Partner Ecosystem Packs a Punch – 65 Partners and Growing

– December 8, 2016 – 0 Comments

When it comes to leadership in the SDN marketplace, clearly there is one winner. And that is, Cisco ACI. The proof is in customer momentum numbers. Cisco ACI has 2700+ ACI customers and a rapidly growing ecosystem of 65 technology partners. ACI ecosystem partners come from a broad spectrum of L4/L7, Security Management and Orchestration, Analytics, Operations Monitoring and Compliance, Service delivery, and other categories addressing a broad set of use-cases and buying center requirements.

In this blog, I intend to give an overview of our major L4-7 ecosystem partner solutions, the new innovations, a quick discussion on what to look forward to in 2017, and how customers can benefit deploying the solution.



Before I continue on, I would like to thank my colleagues, Ahmed Dessouki and Asha Hegde, (Insieme Business Unit), our colleagues at the Cisco Security Business Unit, and our ecosystem partners for providing their contributions in this blog.

Cisco ACI with Cisco Security

Cisco continued to enhance and extend security integration with ACI throughout 2016. The ASA device package, available since the introduction of ACI, received updates to improve policy automation capabilities while development began for Cisco’s advanced threat protection solutions: Firepower NGIPS and Firepower Threat Defense NGFW. Highlights include:

  • TrustSec support in the ASA device package to simplify policy management by enforcing policy based on Security Group Tags (SGT)
  • Rapid Threat Containment for ACI to instruct APIC to quarantine offending devices when a threat is detected
  • Offering customers ASA deployment flexibility by adding support for Service Management Mode integration with the ASA Fabric Insertion device package. This allows organizations to benefit from automated firewall services insertion without disrupting the way ASA(v) policy is managed
  • Integrating advanced threat protection with the FirePOWER (NGIPS) and Firepower Threat Defense (NGFW) device packages. The device packages will support the Service Manager Mode so security service insertion is automated by APIC and security policy management is maintained by the Firepower Management Center. These are currently in Beta with a release target of Q1 CY17.

In 2017, we’ll add support for additional use cases with Rapid Threat Containment for ACI and will improve policy automation and simplicity by allowing FirePOWER/Firepower Threat Defense policy to be defined using ACI constructs like EPGs.


Cisco ACI with A10 Networks

The integration of A10 Networks Thunder Application Delivery Controllers with Cisco ACI provides organizations with rich application services in a shared, multi-tenant environment. This integration can be leveraged to dynamically provision advanced L4-L7 application services, and to ensure that SLAs and security requirements are consistently met. The Thunder ADC platform can help customers to deliver secure, responsive, and always-on experiences to their users from their data center applications and networks. A10 Thunder and Cisco ACI integration enables customer choice with Thunder hardware, virtual, and bare metal form factor integration.

The integrated solution has been generally available (GA) since 2014, and since GA, A10 has focused on enhancing the solution with additional features. This year, A10 enhanced the service policy mode with complete ADC on-device capabilities, including support for, device clustering and data path redundancy, WAF, Layer-3 virtualization and multi-tenancy, and various deployment modes. In 2017, A10 will implement the service manager mode through the A10 aGalaxy centralized management system. This will both further simplify and provide advanced ADC deployment capabilities. A10 will also integrate its security offerings into the ACI environment.


Cisco ACI with Avi Networks

The Avi Vantage Platform, a software-defined application services product with separate central control & distributed service delivery, is integrated with the L4-7 Service insertion framework of ACI. In 2016, several multinational organizations deployed the joint ACI-Avi solution in production. In addition, the solution was enhanced with support for ACI Service Manager Mode, application services across different VRFs, and single arm deployment of load balancers with traffic accessible by ACI L3 routed mode.

2017 will see continuing advancements and differentiation in performance and resilience with features such as BGP route health injection for elastic scale-out and policy based routing for advanced traffic flow. These will enable further automation of customer environments with software-defined networking across the entire stack.


Cisco ACI with Check Point

Check Point vSEC for CISCO ACI offers industry leading advanced security protections against malware and zero-day attacks as well as advanced cloud network integration for modern day data-center infrastructures. Certified by Cisco for ACI, vSEC automates provisioning and simplifies deployment of Check Point’s advanced threat prevention security in next generation data centers built on Cisco ACI technology. Together, Cisco and Check Point provide a powerful solution that gives customers proactive protection from cyber threats as well as, complete traffic control as well as full threat visibility, logging and reporting of both physical and virtual data center environments. The joint solution forms the foundation of a dynamic application delivery architecture, where comprehensive security protections seamlessly follow workloads to accelerate application deployment while lowering the costs and complexities of securing private clouds.

vSEC for Cisco ACI, released in July 2016, delivers comprehensive threat prevention, automated security provisioning (insertion) supporting both go-thru (L2) and go-to (L3) service insertion models, automated and dynamic security policies with auto-discovery of Cisco ACI cloud objects (endpoint groups), import and usage of EPG objects in security policy for ease of provisioning and enabling fine-grained micro-segmented security policy, complete threat visibility, policies and logs that leverage cloud objects, control, centralized and unified management. The joint integrated solution uses the Service Manager integration Mode for both physical, multi-tenant and virtual security gateways – Network Policy Mode is also supported. In 2017, Check Point will add deeper integration with ACI environments, support for tagging/auto-quarantining of infected hosts as well as enhanced PBR support (policy based redirect) alleviating a lot of unnecessary topology and configuration changes to EPGs, dynamic peer routing capabilities, multi-site/multi-pod support, and Check Point apps in Cisco AppCenter.


Cisco ACI with Citrix

We are very excited to deliver on yet another innovative and differentiated solution to our growing base of customers, integration between Citrix NetScaler Management and Analytics System (MAS) with Cisco ACI. This solution is also referred to as Service Manager Mode/Hybrid Mode. Simply put this mode enables customers to perform network automation through the Application Policy Infrastructure Controller (APIC), while delegating the rich and detailed L4-L7 configuration to NetScaler MAS, which acts as a Device Manager in the APIC. In addition to the Service Policy Mode/Managed Mode, Network Policy Mode/Unmanaged Mode and the new offering of Service Manager Mode/Hybrid Mode, customers now have the choice of pacing their journey towards application centric automation.

The Cisco ACI-MAS framework enables consumption of physical, virtual, multi-tenant and containerized NetScaler’s through APIC as part of the application workflow. We look forward to delivering continued customer success with further differentiated solutions in the near future, specifically around hybrid cloud with Cisco Cloud Center, Private Cloud with Microsoft AzurePack, micro-services deployments, and integration with Cisco Tetration Analytics platform.


Cisco ACI with F5

F5 released F5 iWorkflow earlier in June 2016, which presents F5 network services provisioning to Cisco APIC in a very flexible and dynamic fashion. F5’s iWorkflow enables cloud and DC admins to dynamically define the F5 device package based on F5 iApps technology. Different flavors of device package can be generated dynamically based on required L4-L7 policies, thereby providing cloud & application teams the option of integrating F5 BIG-IP in Service Manager Mode. F5 iWorkflow acts as the F5 Service Device Controller. Through self-service catalogues, iWorkflow tenants deploy highly-configurable and administrator-defined application services templates, a.k.a F5 iApps. Deploying services as a template approach provides the tenant an abstraction from device-centric operational complexity.

The benefits of such abstraction, and simplification, are twofold: (1) greatly reducing the learning-curve for deployment staff unfamiliar with complex application delivery services, and (2) simplifying the integration of application-delivery policy into 3rd party management and orchestration systems. As F5 and Cisco march on together, we’d be looking at continuously improving and evolving the service catalog experience and extending to other integration points as well, such as Cisco Cloud Center (a.k.a CliQr) and more.


Cisco ACI with Fortinet

FortiGate Connector for Cisco ACI provides the automation and programmable application services to build software-defined infrastructure where policy enforcement across all workloads is consistent and segmented intelligently. Cisco ACI, together with Fortinet’s FortiGate Next Generation firewall, allows enterprises and cloud service providers to respond rapidly to business demands by enabling automatic provisioning and insertion of dynamic L4-L7 security and network services.

The solution debuted in 2015. In 2016, we further embraced more FortiGate models to ACI ecosystem from midrange to high end firewall appliances. There are also additional supported features (IPv6 Policy Configuration, Firewall Port Forwarding (Destination NAT or DNAT), APIC Dynamic EPG Notification, Monitor FortiGate Devices (Health) Status, and FortiGate Device Packet Statistics on physical port. Service Policy Mode has been introduced in 2016 and we can look forward to supporting FortiManager centralized management, dynamical routing protocol BGP, Proxy Policy and SSL/SSH Inspection in 2017.


Cisco ACI with Palo Alto Networks

Palo Alto Networks® Next-Generation Firewall (NGFW) integration with Cisco® ACI™ enables advanced security to keep pace with the dynamic workloads within application-centric infrastructure. Palo Alto Networks device package for Cisco® ACI™ enables the APIC to configure both physical and virtualized form factor Palo Alto Networks next-generation firewalls via PAN-OS® Restful APIs. With new enhancements to the device package introduced recently, customers can now leverage high availability, multiple virtual systems, and aggregate interfaces on the physical firewalls and layer 2 support.

With the rich firewall feature set available through the integration, customers can do seamless service insertion of Palo Alto Networks next-generation firewall as a service, gain granular visibility and control of application traffic and leverage advanced threat prevention features, including, application-level segmentation, security policy enforcement that complements application centric nature of ACI, prevent known and unknown threats from both an inbound and lateral movement perspective , centrally manage with Panorama™ and automate security to keep pace with new or changing workloads.


Cisco ACI with Radware

As businesses move towards SDN infrastructures, they are finding the need to manage the benefits of these cloud architectures – agility and elasticity. Agility is the ability to change applications quickly and easily. Elasticity enables on-demand resourcing to scale resources based on client demand. It is essential that the network can deliver these services and application delivery controllers (ADC) are a key technology to enable these services.

Radware’s ADC, the Alteon NG platform, offers full integration with Cisco’s ACI architecture and APIC through Cisco’s Service Manager, the Alteon NG ADC can be used to deliver the agility and elasticity that ACI customers are looking for. Radware’s ADC technology enables the load balancing and scaling of services in addition to the protection of application layer services through web application firewall (WAF) and DDoS protection solutions. The ADC is a core technology required to enable the benefits of ACI architecture and Radware is committed to integrating their solutions into Cisco’s offerings.



The momentum is going strong with ACI ecosystem, and several new technology partners are in the process of coming on board. There are lots of exciting ACI innovations on the menu to benefit customers. The Cisco App Center is one of them which extends the openness, and programmability of Cisco ACI and enables our technology partners to run custom built Apps to serve customer needs.

We look forward to delivering continued customer success with further differentiated solutions in the near future, specifically around hybrid cloud with Cisco Cloud Center, micro-services deployments, integration with Tetration Analytics platform, and the ability to demo most, if not all, of the solutions mentioned in this blog on Cisco dCloud.

Related Links:

L4-L7 Compatibility List Solution Overview

vSEC for Cisco ACI Product page

Cisco Partner Marketplace – Check Point vSEC for Cisco ACI

Changing the game with Cisco ACI and NetScaler MAS Integration – Customers benefit from full L2-L7 Automation and Native Operational Flexibility

Large MNC Company simplifies operations with Cisco ACI and Avi Networks

Cisco ACI builds strong momentum with Security, Monitoring and Orchestration ecosystem Partners

YRC Freight achieves Business transformation with Cisco ACI and Citrix NetScaler

Cisco ACI – F5 iWorkflow solution talk of the show at F5 Agility

Choice and Flexibility in deploying L4-L7 services with Cisco ACI and Cisco Cloud Center


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Time is one of the best gifts one can receive

– December 5, 2016 – 1 Comment

In several parts of the world December 6 is a day that especially children look forward to:  It’s St. Nicholas Day and children hope to be on St. Nicholas’ good side to receive a small gift. If you want to read more about the different activities to celebrate St Nicholas Day, you can learn more about it on Wikipedia. Numerous stories, some miraculous, are told about Nicholas, and often IT professionals are tasked to do work that borders on miracles or at least a many good stories can be told.

Now one of the best gifts anyone can give or receive is the gift of time. As we all know most IT professionals spend their waking (and non-waking) hours to keep the lights on. This is to both to stay out of trouble (fewer troubleshooting tickets is good) and to have more time to respond to and deliver on business needs (not responding in a timely fashion to line of business and developers is bad).

If you are an IT professional you know that to free up time in your day to day work, network programmability and automation is crucial for being on the right (good) side of your customers.  To help you with achieving that we released a few months ago a whitepaper on Network Programmability and Automation with Cisco Nexus 9000 based on Cisco NX-OS, where we talked about the concept of the “data center strategy” becoming a “critical part of business strategy overall”.

Today, more than ever, the ways and means of IT deployment can make the difference between an efficient, successful organization and an inefficient one. That is because today’s apps and services support increasing numbers of business operations and create competitive differentiation in many industries. However, the resulting proliferation of apps and their underlying infrastructure is placing increasingly greater burdens on IT staff, demanding more from IT than ever before. One of the major burdens is the management complexity and the time required, which is considerable when you factor in what’s involved in configuring, deploying, and managing this infrastructure.

In addBook Coverition if you are looking to gain a deeper understanding of Network programmability and automation, or still looking for a (St Nicholas) gift Ciscopress has the right book for you with ‘Programming and Automating Cisco Networks: A guide to network programmability and automation in the data center, campus, and WAN’.

You can check it out from the Ciscopress online store. And while the best things in life are for free you can find scripts and codes for Cisco NX-OS on this website.


In case you are looking for some additional gift ideas: Give yourself a pass for Cisco Live Berlin 2017 with an Early Bird Fee registration until Dec 19, 2016, and from our colleagues at Cisco DevNet, check out their Gift Guide.

Enjoy the reading, and the time saved by applying what you learned.

Klaus @schwegler_k

Image Source: Pixabay


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.


  1. Klaus -
    Automation will obsolete jobs. Mark my word. Cisco programmability is old world. Those selling Old brick and mortar gear like The one you are promoting will have to answer for their decisions soon. It is a shrinking base.


Top 5 Takeaways from the London Gartner Data Center Conference 2016

– November 30, 2016 – 0 Comments

London Financial Centre

London Financial Centre

Over the past few years, I’ve attended Gartner’s Data Center Conference in London (see 2013, 2014, and 2015 !). As always, it was a very informative couple of days with some surprises, and one or two “I knew that would happen” moments – we’ll I like to think that anyway.  Here are my top 5 observations – it’s not an exhaustive list, just what I found particularly interesting.

(1) Containers – and Is Your Network Ready

At conferences,  you can judge how “trendy” and/or (more importantly) how relevant topics are by the numbers of people attending particular sessions.  Containers were the #1 topic of interest using my un-scientific metric!  The question “Is your network ready for containers and hyper-converged” was a key question being discussed.

(2) SDN – At the “Trough of Disillusionment”

I’m not surprised.  Sorry SDN fans.  And there was only one or two sessions in the conference that had any significant SDN discussion (see my unscientific metric in #1 above!)  Too much of the SDN hype ignored business relevance and more than a few jumped on the hype bandwagon.  I blogged about my concerns back in 2013 and discussed the “hammer to crack a nut” approached being used by some vendors.  [If you are unfamiliar with Gartner’s “Hype Cycle” and associated terminology, see here for a definition.  Also check out the position of SDN in the networking hype cycle].

(3) Case Study of the Conference: Standard Life with Cognizant

I love real-life case studies, esp when the real challenges are openly acknowledged:  we all know projects never go 100% smoothly. I did have a laugh (sorry!) when the presenters (including a former colleague of mine) discussed how the unforeseen closure of the Forth Road Bridge in Scotland at the turn of this year led to a 6 week delay in their migration project.  “How?”, you may ask?  Well it turns out the team were reliant on a new fibre connection being put in for their new data center, and the Forth Road Bridge closure resulted in all roadworks (including digging cables in) being halted.   Ouch!

(4) DevOps: It’s About the Organizational Change

As expected, DevOps, a favourite topic of mine, was covered in a number of places.  ~from discussions, I can see that DevOps is delivering results in many organizations, but, according to one conference presentation, “80% of the risks associated with attaining DevOps program objectives will stem from how organizational change is managed”.  As is all to often usual, it’s not about the technology, it’s more about people and process.

(5) Will IoT Restore IT Function Relevance to the Business?

In my view Internet of Things (IoT) presents a huge opportunity for the IT function to be even more relevant to their business unit stakeholders. With the technical insights from IoT, there are transformation opportunities available to innovative organizations to exploit digital capabilities.  One example arose from a UK Police Force IT Manager.  The upcoming 4G-based Emergency Services Network (see video below) gives the opportunity to have digital “body cams” on each police officer.  However the data storage requirements (e.g. 50 years holding for evidence) could result in many more petabytes of storage being required for video captured, which is a challenge for their IT organization needs to plan for.

So what do you think?  What are your views on the above? Finally, if you were at the conference, or are attending next week’s US event, I’d love to hear what your top takeaways were.  You can find out more of my key takeaways by browsing my Twitter feed from the past week.



Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

Under Armour & Adobe: What do they have in common?

– November 30, 2016 – 0 Comments

One is a sport apparel retailer while the other is a software company. “What can they possibly have in common?” you may ask. Both have a common IT goal, and that is to extend their enterprise network to AWS cloud, but for very different business outcomes. And both accomplished their goal using the same solution: Cisco Cloud Services Router 1000V.

Did you know? Up to 70% of CIOs stated they need cloud solutions to better respond to business needs (Source: 2015, CIO Insight). For that reason, cloud adoption between 2015 and 2016 grows exponentially with as much as 71% of organizations choosing the hybrid cloud approach. See Chart I below.

Chart I: Respondents Adopting cloud – 2016 vs. 2015
Chart I: Respondents Adopting Cloud

What are top 3 cloud adoption challenges?
When it comes to extending the enterprise network to the cloud, there are many factors to consider – see Chart II below.

Chart II: Cloud Challenges 2016 vs. 2015
Chart II: Cloud Challenges 2016 vs 2015

Security, no doubt, is among the top. One out of every three organizations shared ensuring a secure connection between the on-prem enterprise network and public and private cloud environments as a top challenge. There are several reasons why.

  1. Inconsistent VPN and firewall policies between on-prem enterprise network and different cloud environment;
  2. Limited connection reliability, e.g. not all cloud solution can support high scale; and
  3. Non-unified network topologies make management and operations error-prone.

Next on the list is integration. With the LAN, WAN and data center network, each having its own set of internal and external network/IP address, management interface/tools and different quantity and set of network services, operations quickly become onerous due to lack of centralization and standardization. The complexity increases multifold when multiple types of on-prem and cloud infrastructure come into the picture. For example, do I have VMWare ESXi, RHEL KVM, Ubuntu KVM, Citrix Xen, and/or Microsoft Hyper-V? And how do they work with Amazon AWS, Microsoft Azure, or any cloud? Quick answer: it should not matter.

Last but not least is the user experience. When the network is confined within an enterprise WAN perimeter, policy enforcement can be automated based on business priorities. Once connected to the cloud, how would network services that were once innate on-prem such as QoS, WAN and application optimization, and firewall be deployed, managed and scaled?

Learn from Under Armour and Adobe
This December, two enterprise customers, Under Armour and Adobe, will share with us their cloud strategy successes in a webinar. Each will highlight its goal, network environments, desired business outcomes, and the chosen solution. Here’s an overview.

UA logoUnder Armour, Inc. – a multi-billion American sports clothing and accessories company
Its goal: New IT model – a service broker for Line of Business

  • Enable the Application/Marketing/Financial team’s growth
  • Curve the organic growth of ungoverned Shadow IT resources
  • Provide an agnostic platform that facilitates Standard Operating Procedure
  • Augment application owner’s security controls
  • Have visibility to address issues proactively

Adobe logoAdobe Systems, Inc. – a multinational computer software company
Its goal: Adobe Digital Marketing Cloud

  • Provide a comprehensive marketing solution
  • Enable marketers to measure, personalize and optimize digital experiences
  • Attain agility and workload mobility


Tue, 6 Dec 2016 10:00 AM – 11:00 AM PT (and on-demand)
Join us and learn

  • How Cisco helped simplify Under Armour’s and Adobe’s security management while keeping connectivity costs under control
  • Best practices for monitoring and analyzing application security and performance in the cloud
  • How to implement consistent network policies across hybrid environments

Nick Matthews, Partner Solutions Architect, Amazon Web Services
Fan Yang, Technical Marketing Engineer, Cisco
Carl Coles, Network Architect, Adobe Systems
Patrick Duroseau, Sr. Director Global Infrastructure, Under Armour


Test drive the solution yourself in your own environment with a free trial for 30 days on AWS. Cisco CSR 1000V is a complete multiservice cloud networking platform for all deployment types: physical, virtual, and cloud.

Key Benefits:

  1. Consistent operations across on-prem network and multi-cloud environments with familiar Cisco IOS-XE software;
  2. Support VMware ESXi, RHEL KVM, Ubuntu KVM, Citrix Xen, Microsoft Hyper-V;
  3. Infrastructure agnostic operations means freedom of choice, no dependency on any specific server or virtual switch;
  4. Elastic scalability with licensing flexibility: throughput up to 10gbps, up to 1000+ connections, and up to 8 virtual CPUs, pay only for what you need; and
  5. Programmable with NetConf/Yang, RESTConf and SSH/Telnet for automated provisioning, management and monitoring.


Leave a comment

We’d love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.