F5 BIG-IP and Cisco ACI IntegrationNetwork Service Orchestration and Insertion

Jeffrey Wong - Solution Architect

F5 Networks

February, 2015

© F5 Networks, Inc 2

Agenda

• State of IT

• ACI Overview

• F5 Synthesis Overview

• ACI L4 –L7 Service Insertion Overview

• F5 Device Package Release 1.1.0 Details and Integration with Cisco ACI

• Workload Migration from Traditional Networks to Cisco ACI

• F5 BIG-IQ Integration with Cisco ACI

How Are We Doing?

?IT impedes growth IT spends too muchor,

Deploy this Much?

But, need this?

Deploy this Much?

But, need this?

4

How much IT will You need ?

What if IT was On-Demand? Would that be “Cloud” ?

The on-going “IT pain”

• High cost, heterogeneous systems

• Redundant functionality

• Lack of agility to innovate

• Slow time to market

• Rising maintenance costs

• Rising regulatory and compliance costs, multiplied by:

• Heterogeneous systems

• Geographic expansion / local laws

• Falling IT Budgets

5

What

Happen

ed

?

• Separation of IT areas / buying-centers / silos preventing IT to move at the speed demanded by the business

• Focus changed from Consolidation to Automation

• Business owners and Apps Developers started to go straight to public cloud to meet agility and demand. Security and Data Sovereignty arise.

• Operations become further relevant. Shift from “what it does / how it works” to “how to use / how to consume it”.

DevOps

What is ACI?

Application Oriented Policy = Operational Simplicity

Introducing: Application Centric Infrastructure (ACI)

Apps + Infrastructure

Physical + Virtual + ContainersOpen + Secure

On-Premises + Cloud

© F5 Networks, Inc 10

Control & Audit Connectivity

(Security – Firewall, ACL, …)

IP Address, VLAN, VRF

Enable Connectivity

(The Network)

Application Requirements

IP Addressing

Application Requirements

Application Specific Connectivity

Dynamic provisioning of

connectivity explicitly defined for

the application

Application RequirementsApplication RequirementsRedirect and Load Balance Connectivity

IP Address, VLAN, VRF

ACI directly maps the application

connectivity requirements onto the

network and services fabric

Why Networks are ComplexOverloaded Network Constructs

© F5 Networks, Inc 11

Network-Centric to application-centricTwo types of language

NETWORK LANGUAGE

• VLAN

• IP Address

• Subnets

• Firewalls

• Quality of Service

• Load Balancer

• Access Lists

APPLICATION LANGUAGE

• Application Tier Policy and

Dependencies

• Security Requirements

• Service Level Agreement

• Application Performance

• Compliance

• Geo Dependencies

• Etc.

© F5 Networks, Inc 12

Application Policy Model and Instantiation

All forwarding in the fabric is managed through the application network profile

• IP addresses are fully portable anywhere within the fabric

• Security and forwarding are fully decoupled from any physical or virtual network attributes

• Devices autonomously update the state of the network based on configured policy requirements

DB Tier

Storage Storage

Application

Client

Web Tier App Tier

Application policy model: Defines the

application requirements (application

network profile)

Policy instantiation: Each device

dynamically instantiates the required

changes based on the policies

VM VMVM

10.2.4.7

VM

10.9.3.37

VM

10.32.3.7

VMVM

APIC

© F5 Networks, Inc 13

WAN

Firewall

ADC from Web

Connect to DB

Connect to App

High Priority

APPLICATION

REQUIREMENTS

WEB APP DB

DBWEB APPF/W

ADCADC

ACI understands and speaks APPLICATION Needs

DIRECTLY MAP TO ACI NETWORK PROFILES

NETWORK

REQUIREMENTS

© F5 Networks, Inc 14

OPEN RESTFUL APIS

CENTRALIZED POLICY MODEL

OPEN SOURCE

CONTROLLER

APIC

ACI building blocksnext generation nexus—TRADITIONAL NETWORKS

POLICY MODEL

ACI>_>_

50% SIMPLER CODE BASE

FUTURE PROOF UPGRADABLE

TO ACI

PROGRAMMABILITY AND AUTOMATION

NETWORK VIRTUALIZATION

SUPPORT

RESILIENCY: IN SERVICE PATCHING,

UPGRADE, FAST RESTART

ACI BUILDING BLOCKSFUTURE PROOF—SOFTWARE UPGRADABLE TO ACI

NEXUS 9500 and 9300INNOVATIONS IN SOFTWARE HARDWARE AND SYSTEM DESIGN

PRICE POWER EFFICIENCYPROGRAMMABILITYPORT DENSITYPERFORMANCE

OPTIMIZED NX-OS

F5 Synthesis Overview

© F5 Networks, Inc 16

Impact on Data Center Architecture: Applications

MICRO-ARCHITECTURES

Each service is isolated and requires its own:• Load balancing

• Authentication / authorization

• Security

• Layer 7 Services

• May be API-based, expanding services required

API DOMINANCE

Proxies are used in emerging API-centric architectures • API versioning

• Client-based steering

• API Load balancing

• Metering & billing

• API key management

More applications needing services

Service A Service C

Service B Service D

More intelligence needed in services

API v1

API v2

© F5 Networks, Inc 17

High-Performance Services Fabric

Network [Physical • Overlay • SDN]

Virtual Edition Chassis Appliance

Data Plane

Programmability (iRules / iApps / iControl)

Control Plane Management Plane

© F5 Networks, Inc 18

F5 and Cisco ACI Joint Solution Benefits

ACI Fabric

Programmability (iRules / iApps / iControl)

Data Plane Control Plane Management Plane

F5 Synthesis Fabric

Virtual Edition Appliance Chassis

F5 DEVICE PACKAGE FOR APIC • Preserves richness

of F5 Synthesis offering.Ease of integration due to rich programmability

• Existing F5 Physical and Virtual appliances, topologies integrate seamlessly with Cisco ACI

• Maintains operational best practices & offers faster provisioning of workflows

• Automated L4-L7 application service insertion

• Accelerated application deployments with scalableL4-L7 services

• Application agility & significant reduction in operating costs

© F5 Networks, Inc 19

F5 and Cisco ACI Integration – Latest AdditionAnnouncing APIC and BIG-IQ Integration Early Availability

Virtual Edition Appliance Chassis

BIG-IQ

APIC to BIG-IP Integration Model Phase 1(Shipping)

APIC to BIG-IQ Integration Model Phase 2 (Early Availability Now, FCS Q2 CY15)

BIG-IP

Customers have choice to leverage Cisco APIC to BIG-IP or through BIG-IQ Integration Models

ACI Fabric

F5

Syn

the

sis

Fa

bric

© F5 Networks, Inc 20

Choosing F5 BIG-IP for Cisco ACISupports 11.4.1 and above, Platform Independent

4000 series 10000 Series5000 Series 7000 Series

Good, Better, Best Platforms

11000 Series

5Gbps3Gbps1Gbps200M25MVIPRION 2400

VIPRION 4480 VIPRION 4800

F5 physical ADCsHigh-performance with specialized and

dedicated hardware

Physical ADC is best for:• Fastest performance

• Highest scale

• SSL offload, compression, and DoS mitigation

• An all F5 solution: integrated HW+SW

• Edge and front door services

• Purpose-built isolation for application delivery

workloads

Physical + virtual =

hybrid ADC infrastructureUltimate flexibility and performance

Hybrid ADC is best for:• Transitioning from physical to

virtual and private data center to

cloud

• Cloud bursting

• Splitting large workloads

• Tiered levels of service

F5 virtual editionsProvide flexible deployment options for

virtual environments and the cloud

Virtual ADC is best for:• Accelerated deployment

• Maximizing data center efficiency

• Private and public cloud deployments

• Application or tenant-based pods

• Keeping security close to the app

• Lab, test, and QA deployments

Physical HybridVirtual

2000 series*

10GbpsVIPRION 2200

1600 series*

ACI L4 –L7 Service Insertion Overview

© F5 Networks, Inc 22

Traditional Network Service InsertionChallenges

Configure firewall rules as

required by the application

Configure Network to insert Firewall

Configure firewall

network parameters

Configure Load Balancer as

required by the application

Configure Load Balancer

Network Parameters

Configure Router to steer

traffic to/from Load Balancer

Service insertion takes days

Network configuration is time consuming and error prone

Difficult to track configuration on services

Service Insertion In traditional Networks

Server

vFW

Switch

Router

FW

Router

LB

© F5 Networks, Inc 23

APIC L4 – L7 Service Integration

APPLICATION NETWORK PROFILE

Traditional3-TierApplication

WEBWEB WEB WEB

APPAPP APP APP

DBDB DB DB

F/WADC

ADC

TENANT (HR)

NETWORKING POLICYCONNECTIVITY FOR THE TENANT L2-L3

TROUBLESHOOTING POLICYSPAN, ERSPAN ETC

MONITORING POLICYEVENTS, SNMP

APPLICATION PROFILE (3 TIER APP)EPGS ARE DEFINED HERE

endpoint Group (EPG) – collection of bare metal servers, VMs, vNICEx: WEB EPG - all web servers (bare metal or VMs) are grouped into this EPGEx: APP EPG - all APP servers (bare metal or VMs) are grouped into this EPG

SECURITY POLICY (POLICY DECISION IS DONE HERE)FILTERS, QOS, TRAFFIC STEERING

Contract – services between the WEB and APP EPG (web graph, HTTP graph) Ex: APP is a provider and WEB is the consumer Define services within a contract: FW, ADC in this example ADC defined

L4-L7 SERVICES POLICYDEFINE L4-L7 SERVICE POLICY

Service Graph (Ex: WEB graph utilizes L7 SLB)Logical Device Cluster

© F5 Networks, Inc 24

F5 Device Package: Definition

APIC requires a Device Package to communicate with service devices.

A Device Package is a zip file containing two parts: Device Specification (xml): The configuration of

the APIC is represented as an object model

consisting of a large number of Managed Objects

(MOs). A Device type is defined by a tree of MOs

with a Meta Device (MDev) at the root.

DeviceScript (py): The integration between

the APIC and a Device is performed by a

DeviceScript, which maps APIC events

function calls defined in Device Script

Device Script

APIC

Configuration through UI or North Bound

APIsDevice

PackageBIG-IP

Physical or VE

EPG level L4-L7 config

Service Graph Function Node level L4-L7 config

Python

iControl /

SouthBound

API

Device Specification

<dev type= “f5”>

<service type= “slb”>

<param name= “vip”>

<dev ident=“210.1.1.1”

<validator=“ip”

<hidden=“no”>

<locked=“yes”>

© F5 Networks, Inc 25

Service Graph: DefinitionAbstract graph concept mapping to Service Graph

• Service graph is an ordered set of functions between a set of terminals e-g; Firewall Function, Load balancer Function

• A function has one or more connectors

• Network connectivity like VLAN/VNID tag is assigned to these connectors

Functions rendered on the same device

• A function within a graph may require one or more parameters

• Parameters can be scoped by an EPG or an application profile or tenant context

• Parameter values can be locked from further changes

Service Graph: “web-application”

Func: SSL offload

Func: Load Balancing

Func: Firewall

Connectors TerminalsTerminals

Firewall paramsPermit ip tcp * dest-ip <vip> dest-port 80Deny ip udp *

SSL paramsIpaddress <vip> port 80

Load-Balancing paramsvirtual-ip <vip> port 80 Lb-aglorithm: round-robin

EXT

EXT EXT EXT

EPG - EXT

WEB

WEB WEB WEB

EPG - WEB

Consumes Provides

© F5 Networks, Inc 26

F5 Service Insertion

Ext

Users

EPG EXT

Web

Server

EPG WEB

Ap

plic

atio

n

Con

str

uct

Node

inst

inst

…

firewall

inst

inst

…

ADC: Virtual Server

graph

….

start endstage

1 ….. stage

N

Concrete Device Concrete Device

Logical Device Cluster

ProvideConsumeWeb Farm provide services to External Users;Policy Contract defines relationship betweenWeb Farm and Users

Users assign to EPG EXTWeb Farm assign to EPG WEBUsers accessing the Web Servers

Service Graph Insertion at the Policy Contract Subject level

Service Graph contains Function Nodes, Virtual Server is a Function Node

F5 BIG-IPs are Concrete Devices belong to a Logical Device Cluster that enables ADC as aFunction Node within a Service Graph

F5 Device Package Release 1.1.0 Details and Integration Cisco ACI

© F5 Networks, Inc 28

F5 and Cisco ACI Integration Models

Virtual Edition Appliance Chassis

BIG-IQ

APIC to BIG-IP Integration Model

APIC to BIG-IQ Integration Model

BIG-IP

ACI Fabric

F5

Syn

the

sis

Fa

bric

© F5 Networks, Inc 29

F5 ACI Device Package 1.1.0 is now Released!Supports ACI FCS+3 version 1.0(2m)

• vCMP support (New with 1.1.0)

• Dynamic endpoint attach and detach (New with 1.1.0)

• Supports any BIG-IP LTM physical and virtual form factor running version 11.4.1 and above

• Device package can be downloaded from downloads.f5.com at no cost

• Does not require any new module installation on the BIG-IP

• Can leverage BIG-IQ as device management

• iRules (custom defined) that reside in common partition can be called by APIC

• BIG-IP is licensed and OOB management configured prior to APIC integration

• Supports Active / Standby High Availability model per APIC logical device cluster

© F5 Networks, Inc 30

F5 Device Package 1.1.0 Supported Functions

Functions

• Virtual Server Layer 4 Server Load balancing

Layer 4 SLB with SSL offload

Layer 7 Server Load balancing

Layer 7 SLB with SSL offload

• Microsoft SharePoint

Parameters under Virtual Server

• Configuring Global and Tenant Self IP addresses

• Configuring Global and Tenant static routes

• Device Counters

• Server Pools

• TCP Optimizations (WAN/LAN/Mobile)

• HTTP optimization

• HTTP Security (Application protocol security)

• TCP connection multiplexing (One Connect)

• Validators and Creation of tenant OneConnectprofiles

• iRules

• Validators and Creation of tenant acceleration profiles

• SNAT Pool management

More than 80% of F5 customers use the L4 SLB / L7 SLB / MSFT SharePoint / SSL offload hence 1st release targets these use cases

Device Package 1.1.0 continue to support the same L4 – L7 service functions as 1.0.0 with additional support of vCMP and dynamic endpoint attach/detach

© F5 Networks, Inc 31

F5 Device Package 1.1.0: vCMP Guests Support

In release 1.1.0; in vCMPHA configuration, both vCMP guests must reside on the same vCMP host

vCMP (Virtual Clustered Multiprocessing) is F5 purposed built hypervisor, allow multiple virtual ADC instances, called vCMP guests, reside on the same vCMP host

Using vCMP guests as L4-L7 Devices when creating Logical Device Cluster

vCMP guest 1 and 2 mgmt. IP

vCMP host mgmt. IP

© F5 Networks, Inc 32

F5 Device Package 1.1.0: Dynamic endpoint attach/detachPool members, which consider endpoint in ACI fabric, once “attached to” OR “detach from” an EPG; APIC will send notification to BIG-IP to add or remove this pool member

Eable AttachementNotification

Internal Connector, which tied to the provider EPG, assign to the WEB servers = pool members in F5 LTM Pool

Under Graph Template, function node ADC has two logical interfaces: external and internal

© F5 Networks, Inc 33

F5 Device Package 1.1.0: Dynamic endpoint attach/detach

BIG-IP Pool has no pool members

vCMP host mgmt. IP under device config as well

No need to define pool members when adding configurable parameters to the service graph template

© F5 Networks, Inc 34

F5 Device Package 1.1.0: Dynamic endpoint attach/detach

After receiving attach notification from APIC, BIG-IP add members to pool

Same for endpoint detach

Assign provider EPG (Web) to the servers

© F5 Networks, Inc 35

Terminology: APIC Tenant Single Context / BIG-IP Partition

A function node identifies a set of network service functions that are required by an application

Tenant is a container for policies (filters, contracts, bridge domains and application profiles)

BIG-IP partition is equivalent to a single context ACI tenant

BIG-IP Virtual Server is equivalent to service graph function node

© F5 Networks, Inc 36

Device Package Feature: Referencing iRules

APIC can reference iRules that resides in BIG-IP Common partition

BIG-IP is responsible for iRules management, including creation / modification / validation

© F5 Networks, Inc 37

F5 supports TRUE Multiple Graph Multiple Tenancy

• Multiple Virtual Servers for different applications in the different BIG-IP partitions/APIC Tenants, sharing the same device

• Partition created by APIC inside BIG-IP is prefixed by the apic,”_” tenant-id to represent the partition in F5 (for ex : apic_5437)

• F5 demonstrate true multi-tenancy using different partitions for each tenant in APIC

• Each partition has been assigned individual route domain for L3 separation

• Virtual Servers created by APIC inside BIG-IP is prefixed by the apic,”_” tenant_id”_”graph (for ex : apic_5437_3456)

Client EPG

App EPG 1Virtual

Server 1

APIC partition: apic7890

Route Domain N

Virtual Server 2

App EPG 2

Tenant N

Client EPG

App EPG 1Virtual

Server 1

APIC partition: apic2345

Route Domain B

Virtual Server 2

App EPG 2

App EPG 1Virtual Server 1

APIC partition: apic1234

Route Domain A

Virtual Server 2 App EPG 2

Tenant B

Tenant A

Single BIG-IP physical

Client EPG

© F5 Networks, Inc 38

F5 BIG-IP + Cisco ACI Integration Options

Cisco ACI + F5 BIG-IP without service insertion (using EPG)

Cisco ACI + F5 BIG-IP Integration using L4 – L7 service insertion using service graph

Mixed Mode: same BIG-IP connects to ACI fabric with and without L4-L7 service insertion

All the above Integration Options support 1-Arm / Inline; Physical / Virtual in HA deployment

Contract Contract

Ext EPG

Web EPG

BIG-IP EPG

BIG-IP phylink to ACI

fabric

ACI Fabric

Contract with L4-L7 Service Insertion

Ext EPG

Web EPG

BIG-IP phylink to ACI

fabric

No BIG-IP EPG required

ACI Fabric

Contract

APIC partition

Contract with L4-L7 Service Insertion

APIC partition

Common or BIG-IP

partition

ACI Fabric

Common or BIG-IP partition

Workload Migration from Traditional Networks to Cisco ACI

© F5 Networks, Inc 40

Migration: Physical Topology

BIG-IP Platform

VIP Traditional VIP ACI

Traditional Network

ACI Fabric

F5 DEVICE PACKAGE FOR APIC

CISCO ACE

CBA

WEB

BIG-IP PlatformBIG-IP Platform

© F5 Networks, Inc 41

Migration: ApproachVIP Traditional ACI VIP

CBA

Step 1:

• Bring up BIG-IP in ACI fabric

• Create Application Server

• ACI L4-L7 service insertion with BIG-IP

VIP Traditional ACI VIP

CBA Step 2:

• Add ACI VIP to Traditional Pool

ACIVIP

WEB

WEB

C BAACIVIP

WEB

C BA

WEB

Step 3:

• Move Servers

Step 4:

• Update DNS or GTM

• Remove ACI VIP From Traditional Pool

VIP Traditional

VIP Traditional

ACI VIP

ACI VIP

Clients access

Traditional Network VIP

Expanding workload to ACI fabric

Moving workload from

traditional network to

ACI

Completing workload

migration to ACI

Clients now access ACI VIP

© F5 Networks, Inc 42

Migration: Logical Diagram

Client

Traditional

Network

VIP

DNS

14

2

Server

(Node)

Server Pool

ACI

VIP

3

Server

(Node)

Server

(LTM #2 VIP)

Server

(Node)

Server Pool

Server

(Node)

5

Client

DNS

1

2ACI

VIP

Server

(Node)

Server Pool

Server

(Node)

Server

(Node)

3

Wiki.mycorp.com = Traditional VIP

Wiki.mycorp.com = ACI VIP

F5 & Cisco Joint Whitepaper: http://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/guide-c07-733816.pdf

F5 BIG-IQ Integration with Cisco ACI

© F5 Networks, Inc 44

F5 and Cisco ACI Integration Models

Virtual Edition Appliance Chassis

BIG-IQ

APIC to BIG-IP Integration Model

APIC to BIG-IQ Integration Model

BIG-IP

ACI Fabric

F5

Syn

the

sis

Fa

bric

© F5 Networks, Inc 45

F5 is Industry Leader in Application Delivery

How can we provide full set of F5 functionality to ACI environment that is “application” focused?

F5 has an extensive library of iApps for deploying applications

© F5 Networks, Inc 46

What are iApps?

An iApps is an application-centric configuration template:

• User answers a few questions about deploying an application

• iApps translates answers into a set of configuration options

• iApps can touch almost all BIG-IP functionality

• iRules, profiles, monitors, security policies, and much more …

• There are many F5-provided iApps:

• HTTP, Sharepoint, Exchange, VMware View, …

• Users can build their own iApps

© F5 Networks, Inc 47

Using BIG-IQ to bring iApps to APIC

ACI Fabric Virtual Edition Appliance Chassis

BIG-IQ Device

Package

Device Package

F5 Device Package Release 1.1.0 Deployment Model

BIG-IQ Integration with Cisco ACI

1

2

4a

BIG-IQ integration with APIC

1 - BIG-IP expose iApps to BIG-IQ

2 - BIG-IQ create custom device package

3 - Admin import BIG-IQ device package to APIC

4a - APIC sends iApp config to BIG-IQ -> BIG-IP

4b - APIC sends Device config to BIG-IP

BIG-IP integration with APIC

1 - Download device package from F5

2 - Admin import device package to APIC

3 - APIC sends config to BIG-IP directly

downloads.f5.com

3

32

4b

1

F5

Syn

the

sis

Fa

bric

Device Package

F5

Configuration{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': {(5,

'DestinationNetmask',

'Netmask1'): {'state': 1,

'transaction': 0,

'ackedState': 0, 'value':

'255.255.255.255'}, (5,

'DestinationPort', 'port1'):

{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': '80'

BIG-IQ Device

PackageF5 iApps

Config{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': {(5,

'DestinationNetmask',

'Netmask1'): {'state': 1,

'transaction': 0,

'ackedState': 0, 'value':

'255.255.255.255'}, (5,

'DestinationPort', 'port1'):

{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': '80'

F5 Device

Config{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': {(5,

'DestinationNetmask',

'Netmask1'): {'state': 1,

'transaction': 0,

'ackedState': 0, 'value':

'255.255.255.255'}, (5,

'DestinationPort', 'port1'):

{'state': 1, 'transaction': 0,

'ackedState': 0, 'value': '80'

© F5 Networks, Inc 48

Reference Material• F5 and Cisco ACI Solution Overviewhttp://www.f5.com/pdf/solution-center/cisco-aci-overview.pdf

• F5 SDAS and Cisco ACI Solution Brief http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/unified-fabric/solution-brief-c22-730004.html

• Cisco Application Policy Infrastructure Controller (APIC)http://www.cisco.com/c/en/us/products/cloud-systems-management/application-policy-infrastructure-controller-apic/index.html

• F5 BIG-IP LTM and Cisco ACI Integration white paperhttp://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-732413.pdf

• Cisco Validated Design (CVD) on F5 BIG-IP LTM and Nexus 9000 (Standalone)http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/BIG-IP-LTM/CiscoVMDCwithF5_BIG-IP_LTM_WhitePaper.pdf

• F5 BIG-IP: Workload Migration from Traditional Networks to Cisco Application Centric Infrastructurehttp://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/guide-c07-733816.pdf

• Follow us on Twitter @f5Networks Official F5 Networks Channel

For YourReferencei

© F5 Networks, Inc 49

DevCentral F5 User CommunityOver 180,000 Members in 191 Countries and Growing!

References

• Wikis

• API/SDK Documentation

Resources

• Sample Code

• Tech Tips

• Forums

• Podcasts

• Blogs

Tools and Frameworks

• iRule Editor

• iControl SDK

• .NET, Java, Python,

Powershell, ...

• VMware vSphere Management

Plug-in

• Microsoft SCOM Monitoring Pack

Key Takeaways

If I can be of further assistance please contact me:

Jeffrey Wong (j.wong@f5.com)

• F5 Software Defined Application Services (SDAS) vision perfectly aligns with Cisco’s Application

Centric Infrastructure

• How Cisco ACI solves network services insertion challenges

• How F5 BIG-IP LTM integrates into Cisco ACI architecture

• Key benefits of BIG-IP / ACI model:

Multi-Tenancy, Multi-Graph Support

Use Case Focus

Automation Ready

Application level visibility and monitoring

• F5 iApps Integration with Cisco ACI using BIG-IQ bringing application requirements to ACI policy

Visit F5 at Cisco Live 2015 in Melbourne

• Date: 18 – 20 March

• Booth: Stand P1

• You can also attend one of our Theatre sessions to learn more:

• Wednesday 18 Mar 11:50 AM - 12:20 PM – Partner Theatre 1

• Thursday 19 Mar 12:20 PM - 12:50 PM – Partner Theatre 2