cisco digital network architecture (dna) with apic-em
TRANSCRIPT
The Network Enables Business Transformation
Cisco Digital Network Architecture (DNA) with APIC-EM
2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Digital Transformation is Moving IT to the Boardroom
UPS My ChoiceDelivery Control
Personalized Service
Customer ExperiencePhysical and Virtual
RFID Content
Workforce EfficiencyWIP Inventory and
Part Tracking
American ExpressPersonalized Service
Through Mobile
2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Starbucks AppsOrder AheadSkip the Line
3© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
…And Creating New Priorities for Digital Organization
Simplify / Automate Processes
Faster Time to MarketLeaner Operations
Empower Workforce Efficiency and Innovation
Increased ProductivityBetter Retention
Personalize Customer/ Citizen Experience
Increased LoyaltyGreater Insight
IoTMobility Analytics CloudMobile traffic will Exceed
wired traffic by 2017IoT Devices will triple by 2020
75% of companies planning to or investing in Big Data
80% of organizations will primarily use SaaS by 2018
4© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network
A New Infrastructure for the Digital Organization
5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network Requirements for the Digital Organization
5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Insights &Actions
Drive Business Innovations
Security & Compliance
Real-time & Dynamic Threat Defense
Automation& Assurance
Speed, Simplicity and Visibility
Cisco Digital Network Architecture (DNA)
6© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Evolution of Networking Software
Virtualization
Secure
ControllersCommon
Policy Portability Standards
Analytics
Open APIs Cloud
ISVs
How does this come together?
How do I build applications?
How do I ensure security?
How do I achieve speed &
simplicity?
7© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Digital Network Architecture
Principles
Cloud Enabled
AutomationAbstraction & Policy Control
from Core to Edge
Open & Programmable | Standards-Based
Open APIs | Developers Environment
Network Enabled ApplicationsCollaboration | Mobility | IoT | Security
Insights& Actions
Automation& Assurance
Security & Compliance
Benefits
VirtualizationPhysical & Virtual Infrastructure | App Hosting
AnalyticsStructured Data,
Contextual Insights
8© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What’s New: Cisco DNA Innovations
New!
Enterprise NFVBranch Service VirtualizationControlled Availability March 2016
New!
New!
Available on DNA-Ready Infrastructure through Cisco ONE Software
APIC-EM Automation PlatformCompletely New PlatformAvailable Now
Base Automation: Plug and PlayAvailable Now
Policy Services: IWAN App & Easy QoSAvailable Now | March 2016, respectively
CMX CloudPresence Analytics and ConnectAvailable Now, US only, Apr 2016 for ROW
DNA Automation - APIC-EM
10© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Too many manual processes
Change/Config managementdifficulties
Maintenance Window inhibits new technology implementation
Provisioning difficulties
Drivers for SDN40%
36%
29%
28%
11© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simplication
Higher Agility
Lower OPEX
How do we solve the problem….Cisco SDN Led Management
Business Intent
Programmability
Automation
12© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
NetworkAutomation
and Simplification
Network Having Greater
Application Awareness
These goals are shapingour SDN strategy
13© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
APIC
EMEnterprise Module(Catalyst, ISR, ASR, Nexus 7k*, 6k*, 5k*,
WLAN, NfV*)
DCData Center
(Nexus 9000)
APIC
Application Policy Infrastructure ControllerApplication Centric Infrastructure (ACI) User Centric Infrastructure (UCI)
13
*limited in EFT2 and CA
14© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
APIC-EM similarity to SmartphoneThe APIC-EM has:
A strong base platform for SDN use cases
It has build in App’s (eg QoS, ACL, Policy etc)
It offers an API to be used by ISV & App’s can be developed by many
One App example – Jabber / Unified communication integration
14
15© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
NetworkElements
Controller
Applications
Allow Protocol/APIchoice while
maintaining stackintegrity
Flexible “Programmable” Interfaces
• CLI• SNMP• Web UI*• NETCONF*• XML*• RESTconf*• Openstack*• OpenFlow*
• Web UI• YANG• REST API
APICEM
15
* Future Options
16© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Controller ArchitectureHigh Level
Network Element Layer
Policy Infrastructu
reAutomation
Network Information Database
North Bound APIs
South Bound APIs
SECURITY COLLABORATION ORCHESTRATIONSERVICES WAN
CLI, NetConf, REStConf, Openflow……
CLI Provides Investment Protection
17© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Runs on x86 HW (single ISO now)
Hypervisor Agnostic
Single Touch Point - Fast & Easy Install
Policy Based Service Management
Role Based Access Control
Auto Scale Service Model
Highly Available
Seamless Upgrade
APIC-EM
18© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What is a Business Policy…
Who What Where When
Endpoints
To and From
Access to Resources
Monitoring
Scope
Location
Time Based
Event Triggered
19© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Policy Examples…. Engineering Group (Who: From)
Engineering Applications (Who: To)
Laptop (Who: Device Type)
Permit (What: Action)
Properties: priority level - high, trust level – high (What: Action Properties)
Tom (Who: From)
Netflix(Who: To)
Permit (What: Action)
Properties: priority level – Low, trust level – low (What: Action Properties) Cafetaria (Where: Location)
11AM-1PM (When: Time)
20© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Protocol agnostic SB abstraction layer
Network Programmer
App Services
Policy Manager
REST API’s
App Services
App Services
App Services
Protocol agnostic SB abstraction layer
Network Programmer
App Services
Policy Manager
REST API’s
App Services
App Services
App Services
Automation Across Greenfield & Brownfield
Software Downloads
1538Customers117
Deployments running up to
2500 sites
APIC EM with IWAN App allows us to save 40% in annual circuit costs while adding in desperately needed intelligence to our application routing metrics.
Devices (show icons)
Cisco IWAN
ControllerScale and resiliency enabled with elastic platform and controller clusters
APIC EM
Cisco PnP
Cisco Easy QoS
3rd Party App
3rd PartyApp
Proven out-of-box support for a broad set of of devices
Growing Ecosystem: 50+ partners
Integrated monitoring and troubleshooting for apps
Protocol agnostic SB abstraction layer
Network Programmer
App Services
Policy Manager
REST API’s
App Services
App Services
App Services
Network Elements
Applications
Dan Schiefer, San Diego Court – IT, Sep 11, 2015
Network Plug-n-Play
22© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Device On-boarding – Customer Challenges
Central Staging Facility Site-1
• Install OS• Install base
config
Network
Admin
Installer
Customer, Partner
Operational Challenges
For end-site Installation
Direct Costs•Pre-staging & Shipping costs
•Travel costs
Security•3rd party not secure•Rogue devices
Time/Productivity•Manual process •Shipping , Storage, Travel
Complexity•Configuration errors•Different products, IOS Releases
Pre-staging Shipping to End site Techy Installer at site
23© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simple & Secure & Consistent device onboarding Network Plug-n-Play
Simple, Secure & Consistent device on-boarding for Enterprise platforms
Zero-Touch provisioning of Campus & Branch deployments
GUI Based workflows Robust Discovery Mechanisms for all
deployment types (DHCP, DNS, Mobile App, USB)
Cloud Redirect Service for automated branch deployments (Roadmap)
Switches(Catalyst)
Routers (ISR/ASR) Wireless AP
SUDI based device authentication CA based server (APIC-EM)
authentication Secure HTTPS based image &
configuration downloads No configuration access to Installer Unplanned device workflow – Admin
claims device
Support for end-to-end Enterprise platforms – Switches, Routers, AP
Consistent workflows for all platforms Backward compatible w/ Smart-Install
(Switches Only) Integrated w/ PI3.x workflows
SecureSimple Consistent
24© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network Plug and Play - Components
PnP AgentRuns on Cisco® switches, routers, and wireless access points
Automates the deployment process
1
2
4
PnP ServerCentral server - APIC-EM
Manages sites, devices, images, licenses
Provides northbound REST APIs
PnP ProtocolRuns between Agent and Server
Open schema
PnP Helper AppDelivers bootstrap status and troubleshooting checks
3
25© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Python
Cisco APIC EM: PnP ServerUser Interface and REST API
APIC-EM API
PnP REST API
Customer’s Existing Automation Framework
Automation Framework(i.e. Python script, configuration generator)
Device Repository and Database
Cisco® DevicesCatalyst®, ISR, ASR, Access Points
Enterprise Applications and Orchestration Layer
Network PnP Application UI
IWAN App
Topology Discovery
Pre-provisioning Ad-hoc and unclaimed devices
CLI, PnP Protocol
REST API
PnP Service APIC-EM Controller
PnP Server
PnP & APIC-EM Programmable Interface
User Interface
26© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
PnP Server Discovery Options
Switches (Catalyst®) Routers (ISR, ASR) Wireless Access Points
1
2
3
4
5
DHCPServer
DNSServer
DHCP with options 60 and 43PnP string: 5A1D;B2;K4;I172.19.45.222;J80
DNS lookuppnpserver.localdomain ---- 172.19.45.222 (PnP Server)
Cloud re-direction - roadmap (Q4CY2015)https://devicehelper.cisco.com/device-helper re-directs to 172.19.45.22(PnP Server)
USB-based bootstrapping
Manual - using the Cisco® Installer AppiPhone, iPad, Android
PnP Agent
27© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network-PnP: Pre-provisioning Workflow
PnP-Agent PnP-Agent
Device Authentication
Installer
N-PnP app on APIC-EMDownload
Image & Config
Admin
EM
DHCPServer
DNSServer
N-PnP App pre-provisioned w/ device SR#
Configure device discovery• DHCP Option-43• or DNS
Secure Deployment
• Installer powers-on devices• Devices securely downloads
Image & Configuration
OR
DiscoveryPre-provision
EM
1 2 3
28© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Summary
Solution Summary Benefits
Cisco® Network PnP is a simple, highly secure, and scalable automated network device deployment solution
The agent is supported on end-to-end Cisco IOS®
Software products The Cisco APIC-EM is the central server for the solution Programmability: The APIC-EM allows scripting (REST API)
to automate server workflows Python server reference implementation in DevNet:
Give link here Open-source protocol available: Customers and partners can
adapt the PnP server into their own processes or build their own server based on open protocols (The schema is proprietary, even if using XMPP)
No pre-staging of devices Unskilled installer at remote sites GUI-based workflows Highly secure and scalable
DNA Easy QoS
30© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Customers are endeavoring to increase employee productivity though the effective and innovative use of collaborative applications
• Collaboration Quality of Experience should be seamless, regardless of platform, media or location
• The foremost barrier to enabling QoS/QoE is complexity, as end-to-end designs need to be comprehensive and cohesive
Customer Challenges
31© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS Solution
Wireless APTrust Boundary
PEP4Q (WMM)
Catalyst 3650Trust Boundary
PEP2P6Q3T
Catalyst 45001P7Q1T
Catalyst 65001P3Q4T1P7Q4T2P6Q4T
…
Nexus 7700F3: 1P7Q1T
WLCPEP
ASR/ISRsMQC
Catalyst 2960-XTrust Boundary
PEP1P3Q3T
Wireless APTrust Boundary
PEP4Q (WMM)
EM
Applications can interact with APIC-EM via Northbound APIs, informing the network of application-specific and dynamic QoS requirements
Southbound APIs translate business-intent to platform-specific configurations
Network Operators express high-level business-intent to APIC-EM EasyQoS
33© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS GUIStep 1: Select a Scope for Policy Application
34© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS GUIStep 1: Select a Scope for Policy Application
35© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS GUIStep 2: (Optional) Change Application Business-Relevance
36© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS GUIStep 3: (Optional) Add Custom Applications
37© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What Do We Do Under-the-Hood?Apply RFC 4594-based Marking / Queuing / Dropping Treatments
Application Class
Per-Hop Behavior
Queuing &Dropping
Application Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV
Real-Time Interactive CS4 (Optional) PQ Cisco TelePresence
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Signaling CS3 BW Queue SCCP, SIP, H.323
Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Best Effort DF Default Queue + RED Default Class
Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, iTunes, BitTorrent, Xbox Live
38© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Establish Trust Boundaries and Policy Enforcement Points (PEPs)
• The Trust Boundary is the point where Layer 2 or Layer 3 markings are accepted or rejected• The Policy Enforcement Point (PEP) is the edge where classification and marking policies are enforced
• The PEP may or may not be the same as the trust boundary• Multiple PEPs may exist for different types of network devices
Trust BoundaryRouter
PEPSwitch
PEP
EasyQoS will deploy:• Wired and wireless trust boundaries at the network edges• Policy Enforcement Points at the network edges as well as at
strategic locations (where extended classification technologies may be available)
Guiding Mandate:Each device will be configured to express the business-intent with maximum fidelity to the best of its capabilities
39© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Deploy End-to-End DSCP-Based Queuing Policies
EM
EasyQoS will seamlessly interconnect all types of hardware and software queuing models to achieve consistent and compatible end-to-end treatments aligned with the expressed business-intent
40© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Dynamic QoS Workflow
41© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• No need to open a wide UDP port-range in your trust boundary, making your network more secure
• No Need for DPI at the edge
• Classification becomes application-aware, yet lightweight• Support wireless & BYOD devices without client software upgrades• Supports brownfield deployments
Business Value of Dynamic QoS
42© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS GUIStep 4: (Optional) Enabling Dynamic QoS
43© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Dynamic QoS WorkflowPart 1: Proceeding Voice/Video Call
EM
CUCM signals APIC-EM of a proceeding call via a Northbound Rest APIAPIC-EM acknowledges the flow and assigns a Flow-IDAPIC-EM deploys dynamic ACLs for voice and/or video
to the specific switch ports hosting the endpoints
ip access-list extended VOICE permit udp host 10.1.1.1 eq 18578 host 10.2.2.2 eq 17333ip access-list extended VIDEO permit udp host 10.1.1.1 eq 31199 host 10.2.2.2 eq 24141
ip access-list extended VOICE permit udp host 10.2.2.2 eq 17333 host 10.1.1.1 eq 18578ip access-list extended VIDEO permit udp host 10.2.2.2 eq 24141 host 10.1.1.1 eq 31199
POST /api/v0/fms/flow:{"srcIPAddress":"10.1.1.1","dstIPAddress":"10.2.2.2","srcPort":31999,"dstPort":21141,"mediaType":"video","qosClassName":"conversational.video.avconf.aq", "averageBandwidth":0, "peakBandwidth":0,"appid":"CUCM","codec":"H.264”}
{"response":{"data":"success","flowId":"bc8727b7-76d0-4bac-94b9-fa6b76a1a803"},"version":"0.0"}
44© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Dynamic QoS WorkflowPart 2: Terminating Voice/Video Call
EM
CUCM signals APIC-EM to delete the Flow-ID of a terminating callAPIC-EM removes the dynamic ACLs for voice and/or video
from the specific switch ports hosting the endpoints
ip access-list extended VOICE no permit udp host 10.1.1.1 eq 18578 host 10.2.2.2 eq 17333ip access-list extended VIDEO no permit udp host 10.1.1.1 eq 31199 host 10.2.2.2 eq 24141
ip access-list extended VOICE no permit udp host 10.2.2.2 eq 17333 host 10.1.1.1 eq 18578ip access-list extended VIDEO no permit udp host 10.2.2.2 eq 24141 host 10.1.1.1 eq 31199
DELETE /api/v0/fms/flow/bc8727b7-76d0-4bac-94b9-fa6b76a1a803
45© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Summary
Solution Summary Benefits
Cisco® EasyQoS is a simple, highly secure, and scalable automated network QoS policy deployment solution
EasyQoS is business-intent driven, requiring network operators only to confirm which applications are relevant to their business, while abstracting all platform-specific implementation details
Cisco APIC-EM is the central controller which supports Northbound APIs that can interface with applications (via REST APIs) and also Southbound APIs to translate application requirement to platform-specific configurations
EasyQoS deploys industry-standard best-practices via Cisco Validated Designs
Provides end-to-end orchestration of QoS Simple and easy to deploy Works for and both greenfield and brownfield deployments Business-intent driven End-to-End provisioning done in minutes Reduces time to onboard new applications and allows SLA
compliance Provides dynamic, lightweight and accurate application-
aware classification Support wireless & BYOD devices without client software
upgrades
46© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
EasyQoS– Supported Platforms (GA+1)Platform-Families
Catalyst 2K(2960-S, 2960-X)
Catalyst 3K(3560CG, 3560-X, 3750-X)
Catalyst 3650/3850
Catalyst 4K(Sup 7E, Sup8E, 4500-X)
Catalyst 6500—Sup2T & 6880-X
AireOS WLC(2500, 5500, 8500, WiSM2)
ISR (ISR G2 / ISR 4400)
ASR 1000
47© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
APIC-EM Integration with PI
48© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• PI 3.0 uses the PnP and PKI service from the APIC-EM via Rest API calls
• With this integration, all the actions are driven from PI – no need to logon to the APIC-EM GUI for PnP or PKI
• Add APIC-EM as a server within PI (Administration APIC-EM Controller)
PI integration with APIC-EMPnP and PKI
Enter the APIC-EM Admin Credentials to Rest API
Calls
Enable the APIC-EM Global Setting for PnP
and PKI
49© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Data CenterBranch
Internet
MPLS
3G/LTE
ISR
PnP/PKI Workflow
49
• Connect Internet and MPLS cables• Insert PnP bootstrap USB stick• Power up ISR
Router PnP agent starts “call-home”
2
Power On!
1
4
3
APIC-EM PnP pushes new IOS if needed
• Network wide settings have been defined• Datacenter has been configured• Application policies have been set
APIC-EM PnP calls PKI service to push a PKI 509.X certificate
APIC-EM
PnP/PKI
DMZ
HTTP Proxy
Cisco IOS®
PKI Cert
Prime Infrastructure
Rest APIs
50© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Data CenterBranch
Internet
ISR
IWAN Workflow after the Router is managed by PI
50
• IWAN config is applied• Hybrid WAN tunnel come up
1Admin starts the IWAN workflow then push IWAN templates to new router
MPLS
DMZ
ASR 1KMPLS
Internet
Prime Infrastructure
2
• Prime generates device configuration based on current policy settings/network-wide settings
• Config is pushed to device line by line:o DMVPNo Routingo Front Door VRFo AVC (NBAR2)o 8 Class QoSo PfRo MPLS QoS translationo Start net flow collection o Start Syslog exporting
Config policies….SSH
Monitor
• Prime generates IWAN config• Prime pushes config to device
51© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
System of record vs. System of changePrime Infrastructure APIC - EM
System of Record System of Change
• Policy definition• Historical reporting on
events & performance• Configuration archive• Troubleshooting workflows• Capacity Trending • Predictive Analytics
• Policy enforcement• Discovery (for change)• Topology (for change)• PnP• Network state monitoring• Device abstraction• Network Control
Customizable Templates Guided Workflows
Full CLI Access
Massive SimplificationPolicy AutomatedNO CLI Changes
52© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Enterprise ManagementConsolidation of Licensing / Features
Enterprise Management 3.xSDN Management for the Enterprise
Lifecycle Assurance Basic Apps Solution Apps
Cisco Prime Infrastructure 3.0
APIC-EMController
Network Management Application Centric Policy Based Management
53© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Enterprise Management BenefitsSDN Management End-to-End• Integrated and simplified management of Routers, Switches and Wireless• Monitoring all network elements, from Branch/Campus to the Data Center, reducing
number of tools required to manage the network
Management Simplicity and Automation• Integration with Controller (APIC-EM) for Plug and Play• Policy Driven workflows & templates for managing the network• Automated monitoring of application and Proactive alerting based on abnormal behaviors
Reduces Operational and Capital Costs• Simplified Management reducing need for multiple solutions• Rapid device deployment and management through consolidated architecture• Single licensing structure providing access to Prime Infrastructure (Lifecycle &
Assurance) and APIC-EM (Foundation & Solution Apps)
Cisco One
55© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DNA Offers Mapping
Cisco DNA Delivered through Cisco ONE Software
Advanced Applicatio
n
Foundation
Available on DNA-Ready Infrastructure through Cisco ONE SoftwareISR 4000 | ASR 1000 | Catalyst 6800 | Catalyst 4000-E | Catalyst 3850 | Catalyst 3650 | Aironet 802.11ac | Meraki
Cisco ONE Packaging
Connected Mobile Experiences (CMX)
Network as a Sensor / Enforcer
Pervasive Mobility
Experience
Converged Branch
Intelligent WAN
Virtual Branch
Unified Threat Management
56© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco ONE Simplifies Software Purchasing
Cisco ONE Foundation: core networking, management, automation, embedded security
Cisco ONE Advanced: enhanced automation, service assurance, adv. configuration, etc.
Cisco ONE Full Suite: Foundation + Advanced
Select your Software Capabilities
1Pick your platform
2 Choose Purchasing Model
3
ISR/ASR Router Virtual Router Catalyst Switch Wireless Controller Virtual Wireless Controller Access Points
License Model: Perpetual Subscription
Contract: Transactional Volume Purchase
Purpose Built Applications | Ongoing Innovation | License Portability & Flexibility
General availability of subscription & volume purchase to be announced
Demo