Showing posts with label ACI. Show all posts
Showing posts with label ACI. Show all posts

Thursday, May 30, 2019

F5 intros app for Cisco ACI

F5 Networks introduced an app to that combines L2-3 network connectivity with L4-7 application services within Cisco ACI environments.

The F5 ACI ServiceCenter app, which is available through Cisco’s ACI App Center, enhances visibility and control throughout the network and application stack.

It enables joint customers to deploy, configure, and customize application services in ACI environments quickly via declarative APIs. Together, F5 and Cisco engineering teams have built a number of use cases that utilize F5’s broad range of availability, networking and security services, making it uniquely beneficial, easier, and more effective for users to deploy and consume the companies’ technologies together.

“Technology collaboration between F5 and Cisco is a clear win for joint customers,” said Calvin Rowland, SVP of Business Development at F5. “Building on previous partnership efforts, the F5 ACI ServiceCenter app gives organizations the ability to elegantly develop and enhance application and network deployments with a software-defined approach. More broadly, joint efforts like this are emblematic of the ways the two companies integrate capabilities for advanced automation and orchestration throughout the L2-7 stack.”

Wednesday, November 21, 2018

Status update on Cisco ACI - 5th anniversary - 1 min video



Ish Limpakeng provides an update on Cisco ACI (application centric infrastructure) -- its SDN framework for the data center.

Cisco ACI has just passed its 5th anniversary.

https://youtu.be/3FtRxjOuWeM


Sunday, March 13, 2016

Cisco ACI Anchors NTT Docomo's NFV Rollout

Cisco confirmed that its Application Centric Infrastructure (ACI) is being used to support the NFV capabilities recently rolled out in  NTT DOCOMO commercial LTE network. DOCOMO serves over 70 million mobile customers in Japan. Financial terms were not disclosed.

“DOCOMO is working to provide our customers with high-quality telecommunications services that address the increasing demands of data,” said Seizo Onoe, Executive Vice President and Chief Technology Officer, NTT DOCOMO  INC. “We are pleased that we have built an NFV system employing Cisco's SDN solution ACI for our network infrastructure.  We look forward to working with Cisco to build an ecosystem for the mobile network industry.”

“Cisco Systems is proud to expand our relationship with DOCOMO through a co-development model for NFV deployments,” said Soni Jiandani, Senior Vice President of Cisco. “In order to meet the needs of our customers, we continue to offer the broadest choice of SDN solutions in the market. Taking advantage of Cisco ACI innovations for NFV, DOCOMO is able to lead the industry in the rapidly changing environment of mobility services.”

ACI is Cisco Systems next-generation SDN solution incorporating application profiles for the integrated management of virtualized network functions, whether the functions are deployed purpose-built hardware, physical servers, virtual servers, or container-based micro-services. The ACI solution is comprised of Cisco Nexus 9000 switches, a policy controller called the Cisco Application Policy Infrastructure Controller (APIC), and the ACI operating system.

http://www.cisco.com

NTT DOCOMO Deploys NFV with NEC in Commercial Network

NEC confirmed that NTT DOCOMO has deployed its NFV solutions, including virtualized Evolved Packet Core (vEPC) and a Virtual Network Function Manager (VNF Manager), in its commercial networks.

On March 9, DOCOMO started providing its commercial mobile communication service by using the NFV technologies.

The vEPC virtualizes the functions of a LTE core network, including the Mobility Management Entity (MME), the Serving Gateway (S-GW), and the Packet Data Network-Gateway (P-GW). A VNF Manager from Netcracker, a wholly owned NEC subsidiary, handles lifecycle events, such as creation, activation, termination and update of virtualized Network Functions (VNF).

"I'm delighted that we have developed and deployed NFV with NEC and other leading vendors in the NFV domain. To maximize benefit of NFV, DOCOMO expects to virtualize many other key components of its mobile network, aiming to eventually establish a fully virtualized network. I'm convinced that our multi-vendor NFV is the first step toward our goal," said Mr. Seizo Onoe, Executive Vice President and Chief Technology Officer, NTT DOCOMO.

"We are delighted to contribute to DOCOMO's successful deployment of network virtualization technologies for their commercial networks," said Mr. Shunichiro Tejima, Executive Vice President, NEC Corporation. "With this success, NEC will further expand commercial deployment of NFV based solutions globally, which enable telecom operators to introduce innovative services to the market more quickly and efficiently."

http://www.nec.com/en/press/201603/global_20160311_02.html

Wednesday, March 2, 2016

Cisco Sets Digital Network Architecture as its Platform of the Future

Cisco unveiled its Digital Network Architecture (DNA) for transforming business with the power of analytics driven by programmable networks, cloud applications, open APIs, and virtualization.  The Cisco DNA aims to extend the company's data center-based, policy-driven Application Centric Infrastructure (ACI) technology throughout the entire network: from campus to branch, wired to wireless, core to edge.  

Cisco DNA is built on five guiding principles:

  • Virtualize everything to give organizations freedom of choice to run any service anywhere, independent of the underlying platform – physical or virtual, on premise or in the cloud.
  • Designed for automation to make networks and services on those networks easy to deploy, manage and maintain – fundamentally changing the approach to network management.
  • Pervasive analytics to provide insights on the operation of the network, IT infrastructure and the business – information that only the network can provide.
  • Service management delivered from the cloud to unify policy and orchestration across the network - enabling the agility of cloud with the security and control of on premises solutions.
  • Open, extensible and programmable at every layer – Integrating Cisco and 3rd party technology, open API’s and a developer platform, to support a rich ecosystem of network-enabled applications.

“The digital network is the platform for digital business,” said Rob Soderbery, SVP for Enterprise Products and Solutions, Cisco.  “Cisco DNA brings together virtualization, automation, analytics, cloud and programmability to build that platform.  The acronym for the Digital Networking Architecture – DNA – isn’t an accident. We’re fundamentally changing the DNA of networking technology.”

The first deliverables of Cisco DNA include:

DNA Automation:  APIC-Enterprise Module (APIC EM) Platform


  • APIC-EM Platform:  A new version of Cisco’s enterprise controller has been released. Cisco claims 100+ customer deployments running up to 4000 devices from a single instance.  The company is adding automation software that removes the need for staging for pre-configuration or truck roll-outs to remote locations. The Plug and Play agent sits on Cisco routers and switches and talks directly to the network controller. A new EasyQoS service enables the network to dynamically update network wide QoS settings based on application policy.
  • Cisco Intelligent WAN Automation Services: This service automates IWAN deployment and management, providing greater WAN deployment flexibility and allowing IT to quickly configure and deploy a full-service branch office with just 10 clicks.  IWAN automation eliminates configuration tasks for advanced networking features, and automatically enables Cisco best practices, application prioritization, path selection and caching to improve the user experience.
  • DNA Virtualization:  Evolved IOS-XE is a network operating system optimized for programmability, controller-based automation, and serviceability. The new OS provides open model-driven APIs for third party application development, software-defined management, application hosting, edge computing and abstraction from the physical infrastructure to enable virtualization.   It supports the Cisco Catalyst 3850/3650, ASR 1000 and ISR 4000 today, and will continue to be expanded across the Enterprise Network portfolio.

    Evolved Cisco IOS XE includes Enterprise Network Function Virtualization (Enterprise NFV) that decouples hardware from software and gives enterprises the freedom of choice to run any feature anywhere. This solution includes the full software stack - virtualization infrastructure software; virtualized network functions (VNFs) like routing, firewall, WAN Optimization, and WLAN Controller; and orchestration services - to enable branch office service virtualization.
  • DNA Cloud Service Management:  CMX Cloud provides business insights and personalized engagement using location and presence information from Cisco wireless infrastructure.  With CMX Cloud enterprises can provide easy Wi-Fi onboarding, gain access to aggregate customer behavior data, and improve customer engagement. 

Thursday, December 3, 2015

Cisco Adds ACI Security Features and Docker Support

Cisco announced a new software release for its Application Centric Infrastructure (ACI) that adds microsegmentation for both physical (bare metal) applications and multivendor virtualized applications (VMware VDS, Microsoft Hyper-V). New features extend ACI across multi-site environments to deliver policy-driven automation across multiple data centers. The update also adds support for Docker containers through contributions to open source.

Cisco said its ACI now supports automated service insertion for any third party layer 4-7 service and cloud automation tools like VMware vRealize Automation and OpenStack, including open standards-based Opflex support with Open vSwitch (OVS).

“Customers tell me that only five to ten percent of their networks are automated today,” said Soni Jiandani, SVP at Cisco. “They are eager to adopt comprehensive automation for their networks and network services through a single pane of management, while improving security for east-west traffic, multi-cloud traffic and bare metal applications in a consistent manner. Policy-based automation, consistent network security and central compliance support are critical for IT efficiency, business agility, and competitive advantage. Several ACI customers have achieved full automation of the network and are focusing on automation across their Layer 4-7 network services, security and application groups as the next step.”

Cisco ACI Software Release highlights:

Docker Container Support: Cisco delivers support for both physical and virtual endpoints, and now extends support for Docker container endpoints through integration with the Cisco Application Policy Infrastructure Controller (APIC) and Project Contiv. Project Contiv is an open source project defining infrastructure operational policies for container-based application deployment. ACI’s unified policy model enforces policy via endpoint groups (EPG), a collection of network endpoints that includes a wide range of entities, including bare-metal servers, virtual machines, and containers.  Docker offers an open source platform for running distributed applications in Linux containers.

Enhanced security: Cisco ACI now provides micro-segmentation support for VMware VDS, Microsoft Hyper-V virtual switch, and bare-metal applications, which allows granular endpoint security enforcement. Customers can dynamically enforce forwarding and security policies and quarantine compromised or rogue end points based on virtual machine attributes (such as Name, Guest OS, VM Identifier) or network attributes (such as IP address.) Organizations can also isolate workloads within the same policy group. For example, communication between all endpoints within the same web tier can be disabled through policy-based automation, which prevents security threats from moving laterally within the data center.

Support for multiple data centers: Cisco ACI now delivers consistent policy-driven automation across multiple data centers to enable application mobility and disaster recovery through the new multi-site application in the ACI toolkit.

Cisco ACI now also supports service insertion and chaining for any service device, without the need for a device package for policy coordination with the Cisco APIC. Customers can now seamlessly configure and manage all their existing network services, while automating network services connectivity.

Increased operational flexibility: Additional software capabilities provide:  support for NX-OS style Command Line Interface (CLI) for APIC, Basic and Advanced GUI modes, Simple Network Management Protocol (SNMP) support for APIC, and trouble-shooting wizard enhancements such as Heat Map. General availability is Q4 CY 2015.

Cloud automation tools: Adding to its support for Microsoft AzurePack for private cloud, Cisco now offers full policy-based cloud automation with VMware vRealize Automation and also OpenStack deployments. Cisco is extending ACI policy directly to the hypervisor using Opflex on Open vSwitch (OVS). OpFlex provides the policy-based integration between OpenStack and APIC. These will be generally available in Q4 CY 2015.

ACI Ecosystem expands to 47 members: In addition to CliQr, DataTorrent, and Vnomic, four new members that expand complete application and cloud services for ACI deployments have joined the ACI ecosystem: Apprenda, KillerIT, One Convergence and ScienceLogic.

Cisco also noted that it now has over 5000 Nexus 9000 ACI-ready customers using its open platform.

http://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1732204


Monday, June 15, 2015

Cisco Advances its Application Centric Infrastructure

Cisco is rolling out a number of new Software-defined Networking (SDN) capabilities, including a major new software release for its Application Centric Infrastructure (ACI), new automation APIs for hyperscale data centers, and new Nexus data center switches. Cisco's pitch is that ACI provides a fully integrated SDN approach with a focus on security, centralized management, compliance, and an ability to scale quickly. The company is also working to build a deeper partner ecosystem.

Significantly, Cisco claims to be pulling away from its competitors in terms of programmable network installations.  The company now has over 2,600 Nexus 9K and ACI globally, with over 585 customers using its Application Policy Infrastructure Controller (APIC). Its ecosystem has expanded to 36 partners. Cisco also said its Nexus 3000 and Nexus 9000 portfolio grew 144 percent year-over-year, with over 1 million switch ports shipped.

In terms of its SDN strategy, the flagship ACI platform is not the only story. Cisco is also supporting customers building mega-datacenters who wish to implement programmability in their networks by means of open APIs and tools such as Puppet, Chef or Ansible.  Here Cisco is supporting a common NX-API model across its N2K-N9K switches.  Cisco is also offering 3rd-party controller support in its NK-N9K switches along with VxLAN-BGP EVPN capabilities. This enables software overlays for Nexus data center switches without implementing ACI.

However, Cisco argues that customers deploying its ACI can gain a significant ROI over implementing a "two-network" approach of white boxes + VMware NSX. At last week's Cisco Live! in San Diego, the company released cost comparison studies backing up its ACI claims.

In terms of ACI improvements, the latest version of software for ACI deployments centers on cloud management integration, enhanced multi-site support and improved operations. Some highlights:

  • Cisco supports hypervisors from VMware, Microsoft and Red Hat and provides comprehensive centralized virtual network automation and visibility with Cisco ACI
  • Microsoft Azure and System Center virtual network automation and transit fabric interconnect support
  • Expanded ACI stretched fabric support for multi-site data center deployment and disaster recovery use cases for up to 150 kilometers over DWDM, Pseudo wire and 40G dark fiber
  • CliQr, a new ACI ecosystem member, provides application dependency mapping and application deployment automation on ACI networks
  • Improved operational simplicity with heat maps, capacity planning and new simplified troubleshooting tools. 
  • Cisco NX-OS operating system extensibility support on Nexus 9000 switches with: object store and model-driven NX-API enhancements
  • Built in third party DevOps automation tools
  • Secure SDK enabling third party and custom application development running natively on NX-OS
  • A common programmatic approach using NX-API across the entire Nexus switch portfolio (Nexus 2000 through Nexus 9000 switches)
  • New Nexus 3200 Top of Rack switches for next generation 10G/25G/40G/50G/100G cloud data centers are available Q3CY15.
  • Nexus 3232C  delivers 128 ports of 25Gb or 32 ports of 100Gb
  • Nexus 3264Q delivers 64 ports of 40Gb
  • Now shipping: extension of standards-based fabric support with VXLAN BGP EVPN to the modular Cisco Nexus 9500 series switches
  • New Cisco Virtual Topology System (VTS) - a data center overlay provisioning and management system for stand-alone Nexus fabric, supports overlays across the entire Cisco Nexus switch portfolio (Nexus 2000 through Nexus 9000 switches.) VTS supports the BGP EVPN control plane for managing VXLAN overlays in the programmable fabric. It also integrates with cloud management systems such as OpenStack, using plug-ins for seamless integration and overlay automation.
  • Support for BGP-EVPN VXLAN provisioning.
  • Provisioning and management for existing environments by extending the BGP-EVPN fabric via software overlay
  • Integration with cloud management systems such as OpenStack


http://www.cisco.com

Monday, June 8, 2015

Cisco Targets "Security Everywhere," Intros Firepower 9300

Cisco is rolling out a "Security Everywhere" initiative aimed at embedding security throughout the extended network – from the data center out to endpoints, branch offices, and the cloud. The goal is pervasive threat visibility and control for enterprises and service provider networks. To get there, Cisco is adding more sensors to increase visibility; more control points to strengthen enforcement; and pervasive, advanced threat protection to reduce time-to-detection and time-to-response, limiting the impact of attacks.

Cisco is launching the following set of solutions across the entire networking portfolio:

Endpoints: With Cisco AnyConnect Featuring Cisco AMP for Endpoints, customers using the Cisco AnyConnect 4.1 VPN client now can easily deploy and significantly expand their threat
protection to VPN-enabled endpoints to continuously and retrospectively guard against advanced malware.

Campus and Branch: FirePOWER Services solutions for Cisco Integrated Services Rou
ters (ISR) provides centrally managed Next-Generation Intrusion Prevention System (NGIPS) and
Advanced Malware Protection (AMP) at the branch office integrated in the network fabric, where dedicated security appliances may not be feasible.

Network as a Sensor and Enforcer: Cisco has embedded multiple security technologies into the network infrastructure to provide broad threat visibility to rapidly identify users and
devices associated with anomalies, threats and misuse of networks and applications. New capabilities include:

o Broader Integration between Identity Services Engine (ISE) and Lancope StealthWatch: Enterprises can go beyond just mapping IP addresses to identifying threat vectors based
on ISE’s context of who, what, where, when and how users and devices are connected and access network resources. This provides greater contextual threat visibility with
StealthWatch for accelerated identification of threats.

o NetFlow on Cisco UCS: Extending Cisco’s network-as-a-sensor capabilities to the physical and virtual servers, customers now have greater visibility into network traffic
flow patterns and threat intelligence information in the data center.

Using the new embedded security capabilities, Cisco networks now have the ability to automate and dynamically enforce security policies. Customers can segment applications and
users throughout the network – across the extended enterprise to use policy to define which users can get which applications and what traffic can traverse the network then automate
security operations.

o TrustSec + ISE and StealthWatch Integration: StealthWatch can now block suspicious network devices by initiating segmentation changes, providing rapid response to identified
malicious activity. ISE can then modify access policies for Cisco routers, switches, and wireless LAN controllers embedded with TrustSec technology.

Hosted Identity Services provide a secure, 24/7, cloud-delivered service for the Cisco Identity Services Engine, a security policy management platform that unifies and automates secure
network access control. The new hosted service speeds time to deployment, supporting business growth and providing role-based, context-aware identity enforcement of users and devices permitted on the network, streamlining enterprise mobility experiences.

pxGrid Ecosystem: Eleven new partners have joined the pxGrid Ecosystem with the addition of several new ecosystem technology categories, including cloud security and network/application performance management. pxGrid is Cisco’s security context information exchange fabric that enables security platforms to share information to drive better threat detection, mitigation and overall security operations.

Cisco is also expanding advanced threat-centric protection for its Evolved Programmable Network (EPN), which is its open network architecture designed to advance the adoption of Software Defined Networking (SDN) and Network Functions Virtualization (NFV). Cisco’s new service provider security solutions include the following:

Cisco Firepower 9300 Integrated Security Platform is a carrier-grade, high-performance, scalable and modular multi-services security platform purpose-built for service providers, that
can scale security for increased data flows due to accelerated service demands and carrier class requirements.

Expanded Advanced Orchestration and Cloud Capabilities enable Cisco’s new security solutions to integrate with the Cisco architecture and third-party SDN/NFV solutions, as
well as Cisco’s Adaptive Security Appliance Virtual (ASAv) with Cisco’s Network Service Orchestrator (NSO) and Application-Centric Infrastructure (ACI). These orchestration and cloud capabilities also include open APIs for integration with orchestration, Operation Support Systems/Business Support Systems, and Cloud Security-as-a-Service solutions.

• Advanced features such as secure containers to accommodate future security services and applications. Additionally, Cisco ASA firewall and third-party DDoS mitigation from Radware
are currently supported, with additional capabilities planned for the second half of 2015.

http://www.cisco.com

Thursday, June 4, 2015

Avi Networks Integrates Cloud ADC with Cisco ACI

Avi Networks, a start-up based in Sunnyvale, California, has integrated its Cloud Application Delivery Controller with Cisco's Application Centric Infrastructure (ACI).

Avi Networks, which was founded by key engineers behind Cisco's Nexus data center platforms, offers a software-only load balancer that adopts the same approach taken by large cloud service providers, such as Amazon, Facebook and Google, in that it runs entirely on x86.  The hyperscale ADC separates the control plane from the data plane.  Avi is also bringing traffic analytics into its Layer 7 switching, enabling application flows to dynamically adapt to traffic conditions..

The newly announced integration with Cisco ACI establishes interoperability with the Cisco Application Policy Infrastructure Controller (APIC) using RESTful APIs. Avi use a common architecture as Cisco, including unified management and control planes, as well as the ability to scale data plane resources elastically, on-demand as application requirements dictate. The company says this approach provides end-users with better application delivery, security and load balancing, in addition to real-time visibility, monitoring, and integrated (inline) analytics of their on-premise and cloud-based applications.

“We are excited to announce the availability of the integration with Cisco ACI, which is one of the most important data center and cloud networking solutions,” said Umesh Mahajan, CEO of Avi Networks. “The Cisco ACI is a true application driven environment and it requires a complementary approach to application delivery to guarantee the proper end-user experience and application performance, which are fundamental for success in today’s era of cloud, mobile and virtualization technologies.”

“Cisco ACI has been built with a broad and deep ecosystem of partners to give our customers freedom of choice among vendors,” said Ish Limkakeng, VP, Cisco. “We are pleased to have Avi Networks join our ecosystem and to have them share our vision for automation and agility in the data center.”

Avi also cites its Inline Analytics capability as a key differentiator.  An inline analytics module integrated within the company's ADC aligns with the centralized and deep network infrastructure visibility available through the Cisco APIC solution.

http://www.avinetworks.com

  • Prior to co-founding Avi Networks in November 2012, Umesh Mahajan was VP/GM of Data Center Switching at Cisco, responsible for the Nexus 7000, MDS, NX-OS and DCNM families. Before that, he was Senior Director of Software Engineering at Andiamo, which was acquired by Cisco.  Avi's team also includes Murali Basavaiah (co-founder and Engineering Lead), who previously was VP Engineering at Cisco for NX-OS Software and Nexus 7000/MDS product; and Ranga Rajagopalan (Cheif Architect and CTO), who previously was Sr. Director of Engineering at Cisco and responsible for NX-OS systems/platform software for the Cisco Nexus 7000.

Thursday, April 30, 2015

Cisco Integrates ACI with FirePOWER Intrusion Prevention

Cisco is integrating its FirePOWER Next Generation Intrusion Prevention System (NGIPS) into its Application Centric Infrastructure (ACI) architecture.

The integrated ACI + firePOWER security solution, which will be available in June 2015, offers automated threat protection to combat emerging data center security threats. The idea is fine-grained control (including application level security), visibility and centralized automation all the way from infrastructure to the application level.

Cisco ACI also third-party ecosystem solutions from Check Point Software Technologies, Fortinet, Infoblox, Intel Security, Radware, and Symantec.

Cisco said ACI integration with FirePOWER NGIPS (including Advanced Malware Protection) provides security before, during and after an attack, enabling organizations to dynamically detect and block advanced threats with continuous visibility and control across the full attack continuum. These new security capabilities deliver unprecedented control, visibility and centralized security automation in the data center.

Cisco also announced that independent qualified security assessors have validated ACI for deployment in payment card industry (PCI) compliant networks. Managing and simplifying the scope of compliance can help reduce costs for these organizations.

http://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1628097

Wednesday, April 1, 2015

Cisco to Acquire Embrane for its ACI Software

Cisco announced its intention to acquire Embrane, a start-up offering a lifecycle management platform for application-centric network services.

Embrane, which is based in Santa Clara, California, offers a software platform for powering application-centric network services, including firewalls, VPN termination, server load balancers and SSL offload.

Cisco said the deal would enhance its ACI vision. The Embrane team will be joining the Insieme Business Unit.

http://blogs.cisco.com/news/cisco-announces-intent-to-acquire-embrane
http://www.embrane.com/


  • Embrane was co-founded by Dante Malagrinò and Marco Di Benedetto, both previously with Cisco.
  • In March 2014, Embrane, a start-up based in Santa Clara, California, raised $14 million in Series-C funding for its application-centric network services. The funding round was led by Cisco and included new Embrane investor Presidio Ventures, and participation from existing investors Lightspeed Venture Partners, New Enterprise Associates (NEA) and North Bridge Venture Partners.

Tuesday, January 27, 2015

F5 Tunes its BIG-IQ for Agile App Delivery and Cisco APIC

The newest version of F5 Networks' BIG-IQ intelligent management framework promises deeper collaboration between the network operations center and DevOps teams by centrally managing application delivery and by employing role-based access control (RBAC).

BIG-IQ offers both an innovative UI and RESTful APIs to centrally manage F5 BIG-IP devices and to control F5’s Local Traffic Manager, Advanced Firewall Manager, and Application Security Manager solutions. BIG-IQ’s use of iApps templates orchestrates Software Defined Application Services, both locally and in public and private clouds to increase business agility while eliminating many of the risks associated with managing point solutions individually. BIG-IQ provides a single point of integration between solutions from F5 and technologies from Cisco, VMware, Microsoft, and OpenStack.

Key capabilities include:

  • Manage Application Delivery Services: Role-based central management of application delivery functions across the network to increase agility with software-defined orchestration of application services.
  • Orchestrate Application Delivery in the Cloud: Enhanced connectivity and partner integration with expanded orchestration and management of cloud platforms via third-party developers, as well as improved customer experience via workflows and integrations.
  • Manage BIG-IP Devices: Manage physical and virtual BIG-IP devices and virtual edition licensing from a single pane of glass.
  • Manage Security: Centralizes security policy deployment, administration, and management, thereby simplifying firewall policy management and enabling stronger security.
  • Reduce Risk: Safer change management through simplified configuration and the removal of many of the administrative touch-points across multiple devices.
F5 BIG-IQ orchestration updates will also be available through the Cisco Application Policy Infrastructure Controller (APIC).

“F5 Synthesis and Cisco ACI can deliver industry-first integration with BIG-IP appliances and the BIG-IQ orchestration system. Cisco ACI and F5 joint solutions offer customers a choice depending on their preferences, operational models, and business needs. Customers can manage F5 BIG-IP appliances and Virtual Editions directly from the Cisco APIC controller for automated L4–7 service insertion and stitching,” said Soni Jiandani, SVP, Marketing, Cisco. “Joint F5 and Cisco customers will be able to integrate APIC with BIG-IQ for dynamic creation of APIC plug-ins based on existing iApps and iRules® configurations in their environments. Together, Cisco ACI and the F5 portfolio deliver true, rich application deployments while preserving customers’ L4–7 operational models, guaranteeing multi-tenancy and scale.”

https://f5.com/about-us/news/press-releases/f5-delivers-agile-application-delivery-and-management-in-new-big-iq

Friday, January 23, 2015

A10 Joins Cisco's ACI Ecosystem and Integrates its Thunder ADCs

A10 Networks has integrated its Thunder Application Delivery Controllers (ADCs) with Cisco's Application Centric Infrastructure (ACI) fabric.

The joint solution provides dynamic L4-L7 application networking services, enabling enterprises to automatically provision application delivery and security services with a significant increase in both allocation speed and business agility. The automated approach to networking services is based on application-specific policies that allow data center applications to dynamically scale on demand. Going forward, the solution will also support more advanced ADC and security functionality such as service chaining, WAF, SSLi and GSLB.

"Our vision to deliver on-demand, policy-based mechanisms for dynamic L4-L7 services in a cloud environment closely aligns with the streamlined application delivery cycles of the Cisco ACI common policy framework," said Raj Jalan, CTO of A10 Networks. "By combining A10 Thunder ADC and Cisco ACI solutions, we are able to provide enterprises with rich application delivery and security capabilities in a shared infrastructure."

Cisco ACI technology provides the ability to insert Layer 4 through Layer 7 services into the Cisco Application Policy Infrastructure Controller (APIC) via simplified definitions. The A10 APIC device package automates ACI service chaining and the insertion of physical, virtual, and hybrid A10 Thunder appliances. The device package has been rigorously tested by A10 Networks in Cisco ACI environments to offer rich L4-L7 network application services and templates as well as HTTP optimization services for Cisco's ACI fabric. The A10 device package uses open APIs and scripts that allow Cisco APIC to configure consistent automation and orchestration of Application Delivery Controller (ADC) services within the fabric required to deploy applications in a fast, highly secure and reliable manner.

"Rapidly evolving application paradigms and associated infrastructures require the seamless integration of application network services into today's data center fabrics," said Soni Jiandani, SVP, Marketing, Cisco. "The integration of Cisco ACI with the combined performance of A10 Networks' Thunder ADCs and ACOS operating system programmatic interfaces makes this scale and agility a reality."

http://www.a10networks.com/news/pr.php?id=1917848
http://www.cisco.com

Monday, January 12, 2015

Cisco Adds Check Point to ACI Partner List

Cisco has added the Check Point Next Generation Security Gateway to its ACI partner ecosystem.

Essentially, this means that Cisco's Application Centric Infrastructure (ACI) controller, APIC, can configure the application network to include the insertion and provisioning of Check Point virtual and physical security gateways as it does other Layer 4-7 application services and security appliances.

Cisco said the integration with Check Point Next Generation Security Gateway provides automated security provisioning and a full range of security protections and threat-prevention capabilities in a highly dynamic and agile Cisco ACI environment. Check Point Security Gateways can be deployed as physical or virtual solutions, providing advanced protection, including intrusion prevention system (IPS), application control, URL filtering, data protection, antivirus, anti-bot, and threat prevention capabilities.

 http://blogs.cisco.com/datacenter/aci-checkpoint


See also