Reid Purvis Rob Tappenden Microsoft Cloud meets Cisco ACI CLD23 4 Executive Sponsorship Multi-year investments and commitment in Microsoft and Cisco technology integration focused on compute, network, management Research and Development Unified Computing System (UCS) Application Centric Infrastructure (ACI) CSR 1000V Nexus 1000V & Windows Server 2012 InterCloud Fabric CVDs for Microsoft Fast Track Solutions Consistent Across virtual and physical infrastructures Open Interoperable, API Secure Automated, compliant Agile Faster, application centric Cisco and Microsoft together deliver: New cloud services for tenants and their enterprise applications A new operational model Policy-driven infrastructure A clear evolutionary path Increased Agility For Virtual Devices Faster configuration and provisioning of virtual devices Partial Solution Embedded support only for virtual devices Operational Complexity Two networks No Traffic Visibility Limited troubleshooting Limited Scale Centralised gateways, sub-optimal traffic flow Physical and Virtual Resources Overlay - Virtual Devices Physical Resources Two Networks Advantage Disadvantage Gateway One Integrated Network for Physical and Virtual Resources Overlay - Virtual Devices Physical Resources Two Networks Gateway Advantage Highest Agility Consistent policy across physical and virtual Open Multi-hypervisor/vendor support Operational Efficiency Single network Deep Traffic Visibility Simplified analysis and troubleshooting Highly Scalable Integrated gateways, optimised traffic flow Industry Leading Partnerships Application Centric PolicyOpen EcosystemACI Fabric/Nexus 9000 Application Centric Infrastructure Rapid Deployment of Applications onto Open Networks with Scale, Security and Full Visibility Subject Matter Experts Define Policies 1 Network SME Security SME Application SME 2 Policies Used To Create Application Network Profile Templates 3 Automated policy configuration across the infrastructure Life cycle management for day 1, day 2 operations 4 Multi DC WAN and Cloud StorageL4L7 Services ComputePhysical Networkin g Hypervisor s and Virtual Networkin g Physical Networking Compute L4L7 Services Storage Multi DC WAN and Cloud Azure Pack Tenant/ Admin APIC Admin (Basic Infrastructure) 6 4 ACI Fabric 1 Application Network Profile WebAppDB Firewall Load Balancer App Profile Xxxxxxxxxx Xxxxxxx xxxxxxxxxxxxxx x Push Policy On Leaf Where EP Attaches 7 Push Network Profiles To The Cisco APIC 2 Get VLANS Allocated For Each EPG 3 Create VM Networks 4 Create Application Policy 1 Instantiate VMs 5 Indicate EP Attach To Attached Leaf When VM Starts 6 ACI 1 APIC Plugin SCVMM Plugin Azure Pack Hypervisor OpFlex Agent We b App We b App DB We b DB Server 1 Server 2 Server 3 View full fabric topology. Displays all spine / leaf and APIC connectivity details Aggregation of end point group health, including: end points contexts bridge domains ports VLAN / VXLAN that are relevant to that particular application health state. Application behind firewall and Load balancer is having performance issues. Firewall and Load balancers are virtual. Wizard quickly draws a logical topology as well as pinpoint virtual port channel (VPC) issue. Application running in datacenter needs to access outside and having issues. Used the tool to see a logical topology and identify the issue i.e. packet drops at the interface ARCHITECTDESIGN COMPUTE Service Request STORAGE SECURITYNETWORK Application Available APPAPP F/W L/B WE B L/BL/B DBDB APP F/W ADC WEB ADC DB Policy Automation Application Policy Language Common Policy Framework and Platform for All It Teams APPLICATION COMPUTE NETWORK CLOUD STORAGE SECURITY CENTRALIZED AUTOMATION Audit, Detect, Mitigate EMBEDDED IN ACIINVESTMENT PROTECTION FirePOWER Now Integrated with ACI Validated for Deployment in PCI Compliant Networks POLICY DRIVEN Physical & Virtual Automated Protection to Cover the Attack Continuum Level of Segmentation/Isolation/Visibility VLAN 1 VXLAN 2 VLAN 3 Network centric Segmentation by VLAN DEV TEST PROD Segment by Application Lifecycle PRODUCTION POD DMZ SHARED SERVICES Basic DC Network Segmentation Per App-tier / Service Level Micro-Segmentation WEB APP DB FeaturesShared NetworkTenant Private Network Isolated Networks Firewall Shared DHCP Shared Load Balancer Shared Services Public Internet Access Private Address Space Private DHCP Server WEBWEB WEBWEB APPAPP APPAPP Finance Tenant DBDB MONGO DB Shared Services Tenant DHCPDHCP DNSDNS ACI Common services LBLB FWFW Tenant Private Network Shared Network WEBWEB WEBWEB APPAPP APPAPP DevTest Tenant /1 6 APPAPPAPPAPP Finance Tenant DHCPDHCP DNSDNS ACI Common services LBLB FWFW WEBWEB WEBWEB APPAPP APPAPP DevTest Tenant /1 6 WEBWEBWEBWEB WEBWEBWEBWEB DBDB MONGO DB Shared Services Tenant /2 4 Get Consistent Control of your Infrastructure. Build Microsoft Cloud Data Centers on Open Architectures. Achieve a New Level of Infrastructure agility. Bring a Powerful Application-Centric Approach to Security. Resources: Solution Brief - Cisco Application Centric Infrastructure Integration with MicrosoftCisco Application Centric Infrastructure Integration with Microsoft White Paper - Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure PackCisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Video Demo Solution Integration with Cisco ACI and Microsoft Windows Azure PackSolution Integration with Cisco ACI and Microsoft Windows Azure Pack Video Microsoft SVP Brad Anderson talks about Cisco ACI and Microsoft Cloud OSMicrosoft SVP Brad Anderson talks about Cisco ACI and Microsoft Cloud OS Web Continue your Ignite learning path Visit Microsoft Virtual Academy for free online training visit https://www.microsoftvirtualacademy.com Visit Channel 9 to access a wide range of Microsoft training and event recordings https://channel9.msdn.com/ Head to the TechNet Eval Centre to download trials of the latest Microsoft products