compute and management - cisco · iaas hyperflex compute/storage hyperflex network aci nexus 9k...
TRANSCRIPT
© 2017 Cisco and/or its affiliates. All rights reserved.
• UCS Manager 3.2.(3)• HyperFlex 3.0• Cisco Intersight Essentials
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved.
Big items:• Spectre/Meltdown microcode updates for M3/M4/M5 (Except EX platforms)
UCS Manager 3.2(3)
Additional M5 Server Support• S3260 M5• C220 M5 NVMe SKUs• C240 M5 NVMe SKUs• C480 M5 NVMe SKUs
Diagnostics & Enhancements• End to End Diagnostics Support for M5 C-Series Servers
• Enhanced Chassis FW Install, Install Wizards.• Prepare for FW Install – Mass “Staging” Updates for Chassis and Servers in Parallel – Only updates in advance, no activations.
ExpectedMarch 16th
© 2017 Cisco and/or its affiliates. All rights reserved.© 2017 Cisco and/or its affiliates. All rights reserved.
Same Chassis: New M5 Server Node
• Dual M5 CPUs: Choice of Intel Scalable Processors SKUs: • 4110 (2.1/8C), 4114 (2.2/10C),
5118(2.3/12C), 6132 (2.6/14C), 6138 (2.0/20C), 6152 (2.1/22C)
• 14 DIMMs Slots: 2 Slots 3D Xpoint Ready• 16G, 32G, 64G
• Storage Controller: Choice between• HBA Passthrough with Dual LSI 3316
Chip and IT Firmware• RAID Controller with Dual LSI 3316 Chip
and MegaRAID Firmware
• Dual 7MM NVMe On board• New Intel Cliffdate 4501 with Capacity
points: 500G, 1TB and 2TB
• 1G Host Management Port
Target FCS
Q1CY18
PID: UCS-S3260-M5SRB
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco HyperFlex 3.0Stretch Cluster
64 nodescale
Logical Availability Zones
© 2017 Cisco and/or its affiliates. All rights reserved.
• 64 node clusters• Support for up to 64 node clusters (32 HX converged, 32 compute-only)
• New limits applicable for Hybrid & All Flash clusters
• M4 & M5 node support with mixing of M4 & M5 nodes within a cluster
• Same rules for compute-only nodes still apply
Node Scaling Options in HXDP 3.0
H X D A T A P L A T F O R MIOVisor
IOVisor
IOVisor
IOVisor
....
....
....
Up to 32 HX nodes
Up to 32 compute nodes
IOVisor
IOVisor
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
• Cluster Scale With High Availability
• Increased resiliency without added manageability overhead
• How does it work?• HX nodes grouped into logical
“availability groups” (N/A for compute nodes)
• HXDP never places 2 copies of the data in the same availability group
• Clusters with LAZ can survive > 2 simultaneous node failures without data loss or loss of availability
• Tolerate more independent failures
Logical Availability Zones (LAZ)
H X D A T A P L A T F O R M
Availability Grp 1
Availability Grp 2
IOVisor
IOVisor
IOVisor
IOVisor
Availability Grp 3
IOVisor
IOVisor
IOVisor
IOVisor
IOVisor
IOVisor
IOVisor
IOVisor
IOVisor
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
Disaster Avoidance Zero RPO Automated DR Maximum Uptime
HyperFlex Stretched Cluster Cloud Scale Data Platform
Power Mission Critical Apps with
Site-BSite-A
HX Data Platform
DBAPPAPPDB
Synchronous Replication
SSDSSDSSDSSDSSDSSD
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
HyperFlex Stretched Cluster ZERO RPO ! NEAR ZERO RTO!
Site-B
VM VM VM VM
VM VM VM VM
10Gbps /5ms R
TT
Site-A
3rd site Configuration Support
ü Single Stretched Cluster across 2 sites
ü Symmetric Configuration ü Site to host a “Witness
Server” (small VM)
ü 8 HX nodes on each site
IO Pathü Active-Active sites – VMs
Active on each siteü VM Read IOs served locally ü VM Write IOs Sync-Writes
across sitesü 2x copies on each site
HA Operations
ü Recover from a Site failure ü Recover from a Local failure ü Failover of VM ü vMotion of VMü Split Brain handling
Managementü Cross site Cluster creationü Non disruptive online rolling
upgradeü Site awareness in HX Connectü Site specific Alarm and Events
on a single Dashboard
100
Mbp
s/ 2
00 m
s
100 Mbps/ 200 ms
Witness Server
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
vCenter
• Single vCenter for both sites
• Need credential during cluster creation
• Can be on either site or 3rd site
• Can be a VM
• Configure independently for HA as required
UCSM:
• Need UCSM credentials for both sites
• Two separate FI Domains (not automatically synchronized)
VLAN
• IP addresses for nodes on both sites
• Stretched VLANs across both sites
Witness
• Access to 3rd Site to host witness VM
• IP address and connectivity for the witness VM
HyperFlex Stretched Cluster Network & Infrastructure: Supported Configurations & Prerequisites
ü 10Gbps (dedicated), 5ms RTT latency
between the 2 active sites
ü 100 Mbps, 200ms RTT latency between
the active sites & witness site
ü FI based configuration
ü Existing FIs are supported
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco HyperFlex 3.0Virtualization and Cloud
Cisco ContainerPlatform
Microsoft Hyper-V
© 2017 Cisco and/or its affiliates. All rights reserved.
Microsoft Hyper-V Support
Integrated Management • Manage Hyper-V hosts from familiar SCVMM, Hyper-V manager,
and PowerShell• Automate HX operations using HX REST API• Leverage HX Connect UI (HTML5) for HX management
Enterprise workloads, Validated solutions• Citrix VDI deployment (XenDesktop and XenApp)• Microsoft SQL, Exchange, Sharepoint etc.• Oracle & other mission critical apps• Backup vendor integrations
Industry Leading Foundation• Log Structured Filesystem & Data services designed for HCI• Highly scalable, resilient, scale-out SMB3 file server protocol• Fully Data distributed, No Data locality
Windows Server with Hyper-V• Windows Server 2016 Datacenter• HX220 M5 and HX240 M5: Hybrid-Flash & All-Flash• Microsoft native failover clustering, checkpoint (snapshots), replica
support, AD support
CRTLVM
CRTLVM
CRTLVM
VM VM VM VM VM VM VM VM VM
HyperFlex Data Platform
© 2017 Cisco and/or its affiliates. All rights reserved.
Controller VM Architecture with Hyper-V
SMB Client SMB Client SMB Client
Controller VM
I/Ovisor
StorFSrunning
SMBserver
SMBproxy
Controller VM
I/Ovisor
StorFSrunning
SMBserver
SMBproxy
Controller VM
I/Ovisor
StorFSrunning
SMBserver
SMBproxy
HX Datastore
HyperFlex Data Fabric for Microsoft Hyper-V
App VM
VHDX App VM
VHDX App VM
VHDX
App VM
VHDX App VM
VHDX App VM
VHDX
App VM
VHDX App VM
VHDX App VM
VHDX
SMB file share
Windows Server 2016 Windows Server 2016 Windows Server 2016
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
Executing on Cisco and Google Open Hybrid Cloud Solution
On Prem/Colo Data Center Google Cloud
Google Cloud Platform
Google Kubernetes Engine
Existing Services
Apps | Data
Private Cloud infrastructureCisco Container PlatformFor HyperFlex
CloudApps
Istio: Hybrid CloudService Management
ConsistentEnvironment
Networking | Security | Private Cloud Infrastructure | Consumption ManagementCSR 1000v, ACI, Stealthwatch Cloud, HyperFlex, Cisco Container Platform, Contiv, CloudCenter,
AppDynamics
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Container Platform for HyperFlex
IaaSHyperFlex
Compute/StorageHyperFlex
Network ACINexus 9k standalone
On prem KubernetesCisco Container Platform
Container NetworkingContiv/Contiv-ACI, CNI
drivers
Container StorageHyperFlex Flex driver
Turnkey Kubernetes• Simple & Seamless Day0 &
DayN K8S operations integrated into HyperFlex
• HyperFlex IaaS
Enterprise Storage • Scale-out, HA Filesystem• Data protection, efficiency
and resiliency
Enterprise Networking & Security • Multi-tenant architecture,
Micro-segmentation, Security policies
Common Platform for Legacy & Modern Apps• Co-existence of VMs and
containers on same platform
DevOps Ready IT • Enable developer agility
with IT & security policies• Avoid Shadow IT
Turnkey Appliance for Enterprise Kubernetes
Cisco Container Platform
Single vendor Support• Fully supported by Cisco
Global TAC• Single throat to choke for
entire stack
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Container Platform Architecture
• Deploy Kubernetes clusters on HyperFlex IaaS (VMware)
• Container Networking (Contiv / ACI)
• Persistent Storage (Flex Driver
• Layer-4 and Layer-7 Load Balancing
• High Availability
• Authentication with Active Directory
• Role Based Access Control
• Communication between containers and external VMs / BMs
• UI – Harmony Kubernetes, API
• Security (Policies, Encryption)
• Add / remove Kubernetes nodes
• Lifecycle Management (OS Updates, Kubernetes Upgrades)
• Monitoring (Prometheus)
• Logging (EFK)
Kubernetes-as-a-Service
Setup ManageConsume
© 2017 Cisco and/or its affiliates. All rights reserved.
• Containers Persistent Volume Support for HyperFlex
• New HyperFlex Kubernetes FlexVolume Driver
• Developers Volumes Self-service
• HyperFlex Data Performance and Resiliency
HyperFlex 3.0 Flex Volume DriverVirtualization and Cloud Native Innovations
K8s Node VM
KubeletHX FlexVolumeDriver
SW iSCSI Initiator
private host-only vswitch
ESXi vmkernel interface
iSCSILUN
File
HX Iscsi Proxy
HX Controller VM
vswitch-hx-storage-data
NFS Datastore
HX ESXi Node
API
HX 3.0
© 2017 Cisco and/or its affiliates. All rights reserved.
Contiv – Networking for Cisco Container Platform
100% Open Source The Most Powerful Container Networking Fabric L2, L3, Overlay or ACI Rich Policy Model
DevOps IT Admin
Any NetworkingAny Platform
Any Infrastructure
ACI integration
Container, VM,BM
LDAP/RBAC
Application Intent
Rich Policy
Connectivity
© 2017 Cisco and/or its affiliates. All rights reserved.
Automation / Orchestration
One Interface, One API
Multi-SiteOperations
HyperconvergedRemote / Branch / Edge
Cisco Intersight
Performance
Purpose built Management Tools
© 2017 Cisco and/or its affiliates. All rights reserved.
SaaS-Delivered
UCS CentralGlobal Resource Pooling and Policy Management
UCS DirectorInfrastructure-as-a-Service and Orchestration
Third Party Infrastructure
UCS Manager & IMC
Unified Element Management
Policy-Based Automation
Intersight
Intersight
Consumption ModelsCisco hosted
Service provided, customer hosted
© 2017 Cisco and/or its affiliates. All rights reserved.
Customer Benefits: Greater Simplicity
Unified ManagementSingle pane of glass, consistent operations model and experience for managing all systems and solutions
Recommendation EngineEmbedded recommendation platform with insights sourced from across Cisco installed base and tailored to each customer
SaaS/SubscriptionHosted management will free customers from care/feeding of management tools and eliminate upgrade dependencies
Enhanced Support ExperienceHosted platform allows Cisco to address issues platform-wide and experience extends into TAC supported platforms
ProgrammabilityEnd to end programmability with native API, SDK’s and popular DevOps toolsets will enable customers to consume natively
No-Impact TransitionIMC/UCSM/HX embedded connector will allow customers to start consuming benefits without forklift upgrade
© 2017 Cisco and/or its affiliates. All rights reserved.
Intersight: Initial Release
IMC Policy FrameworkHyperFlex Cloud Installer
Deployment
Fault Alerting Platform Inventory
Dashboard
HF/FW CompatibilityUpgrade Checks
Platform Compliance
Cloud ConnectorsSupportability
Telemetry Data Collection
Cisco IMCUCS Manager and HXDP
UI Launch
SaaS Subscription
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Intersight: Licensing Tiers
Base Edition (Free License)
• Supports Cisco UCS and HyperFlex Systems
• Global monitoring of health and inventory status
• User customizable dashboard• Tagging and basic search• Context launch of element
managers (UCS Manager, IMC, and HyperFlex Connect)
• HyperFlex Installer – quickly deploy clusters
Essentials Edition• All the functionality of the Base Edition
• Simplified server setup and policy-based configuration with service profiles
• Firmware management with scheduled updates
• Detailed inventory and server actions• Advanced global search and detailed
inventory• HCL compliance check and upgrade
recommendations (coming soon)• Remote management and virtual
Keyboard-Video-Mouse (vKVM) (coming soon)
© 2017 Cisco and/or its affiliates. All rights reserved.
• Feature Tier and access• Base Edition – Included with each UCS Server purchase
• No orderable part number. Simply go to https://www.intersight.com and log in using your cisco.com user ID.
• Essentials Edition – Base plus additional feature sets• Available in one-year, three-year, and five-year subscription periods.• Volume discounts are available for customers ordering more than 1000 server subscriptions at the same time.• Cisco Smart Accounts and Smart Licensing are mandatory for Essentials.
Intersight Ordering Information
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Intersight – License MigrationNo
Customer has installed
Migration to Cisco Intersight
Comments
1 IMC Supervisor Essentials Commercial $ credit for exchanging IMC-S Purchase Order / Licenses for Intersight adoption
2 UCS Central
3 UCS Director
4 C1-Foundation/ECS Perpetual
5 C1-ECS-IAAS Subscription
© 2017 Cisco and/or its affiliates. All rights reserved.
For more info …Cisco Smart Accounts:https://www.cisco.com/c/en/us/buy/smart-accounts.html
Setup Cisco Smart Account for your customer, if they don’t have one:https://webapps.cisco.com/software/company/smartaccounts/home?route=module/accountcreation
Cisco Smart Licensing:https://www.cisco.com/c/en/us/buy/smart-accounts/software-manager.html
© 2017 Cisco and/or its affiliates. All rights reserved.
Intersight Innovations
§ Cloud-based datacenter management§ Global / Multi-Site / Data Center, Edge§ Recommendation Engine§ Real-time analytics & Machine Learning§ Forecasting
Cloud Managed
DevOps
§ Continuous integration§ Continuous delivery - services are added
with no disruption to the customers§ Continuous monitoring
© 2017 Cisco and/or its affiliates. All rights reserved.
Maa
SC
usto
mer
Si
tes
Cisco Intersight: Management-as-a-Service
Stand-AloneUCS C-Series
HyperFlex
Cisco Intersight(SaaS or On-Prem)
Data Center 1 Data Center 2Branch A Branch N
Policy BasedOrchestration
API Driven,DevOps Enabled
Secure andCompliant
ConnectedTAC
App Store
UCS S-SeriesUnified
Computing System
Device Connector
Device Connector
Device Connector
Device Connector
Device ConnectorDevice
Connector
HyperFlex
UCSMini
Telemetry& Analytics
© 2017 Cisco and/or its affiliates. All rights reserved.© 2017 Cisco and/or its affiliates. All rights reserved.
Device Connectors
UCS & HX become SaaS Enabled
© 2017 Cisco and/or its affiliates. All rights reserved.
Intersight Connection to Element Managers
A very light and autonomous piece of software allowing:• Communication with the Intersight
portal, wherever the portal is.• Capability of inserting tasks / calls
against the infrastructure (UCS Manager, Cisco IMC Software, HyperFlex, UCS Director) via the pluggable / extensible framework
Key Features• Bundled with Firmware• Embedded Product Feature• Secure Communications• Self Updated• Autonomous Check-In
UCSManager
ElementManagement
Cisco Intersight
Unique Customer InstanceTwo-factor Authentication
US Fabric Interconnect(All Servers)
IMCSoftware
ElementManagement
C-Series Servers(Standalone)
HXConnect
ElementManagement
HyperFlex(Under UCS Manager or Edge)
© 2017 Cisco and/or its affiliates. All rights reserved.
Device Connector reports current version each startup If Intersight determines an upgrade is needed, UpgradeRequest is created with the desired versionDevice performs upgrade• Only attempted if device is currently connected• Only impacts Device Connector – Infrastructure, Server, or HyperFlex
FW/SW remains user controlled and is not automatically updated
Intersight polls DeviceRegistration to determine upgrade success
Device Connector Upgrades
© 2017 Cisco and/or its affiliates. All rights reserved.
Device Connector Availability
Cisco HyperFlex: - HX v2.5.1 (or later)
Cisco UCS Manager: - UCSM v3.2 (or later)
Standalone C-Series: (M5 Servers):- IMC Software v3.1 (or later)
Standalone C-Series M4 Servers & S-Series: - Availability: Release in Planning
Cisco UCS Director - Availability: Release in Planning
© 2017 Cisco and/or its affiliates. All rights reserved.
• Deploy from anywhere!• No need for existing infrastructure or
OVA setup• Latest version always available• Reusable policy for rapid & consistent
deployment• Simple ramp-up of large HX projects
with simultaneous background deployment
• Download latest OVA from Cisco.com
• Deploy on existing infrastructure
• Run single cluster deployment
HyperFlex Installer User Experience
© 2017 Cisco and/or its affiliates. All rights reserved.
§ HX Edge on M5 � GA Now§ Dedicated or Shared LOM§ 1GbE Single switch or dual switch§ Nested VC option
§ HX w/FI on M4/M5 � Coming Soon
§ HX Edge on M4 � When M4 DC is available
§ Newly Manufactured Systems � GA Now
§ Field Re-imaged Systems � Coming Soon
HyperFlex Installer
q Configured network switchq Pre-install checklistq Claim HX nodes
Compatible Hardware
Pre-Requisites
Compatible Configurations
© 2017 Cisco and/or its affiliates. All rights reserved.
Standalone Management for UCS C-Series Servers
© 2017 Cisco and/or its affiliates. All rights reserved.
UCS Standalone Management SimplificationCisco Intersight Core Features and Functionality
Familiar Capabilities from IMCS Cisco Intersight Enhanced Functionality
• Platform Hardware Inventory• Hardware Health Status• vKVM Launcher (Incl. vMedia)• Firmware Inventory + Management• Call-Home (Email Alerting)• Cisco Smart Call Home• Policy/Profile Based Framework• C-Series + HX Standalone Only
UCS CentralGlobal Resource Pooling and Policy Management
UCS DirectorInfrastructure-as-a-Service and Orchestration
Third Party Infrastructure
UCS Manager
Unified Element Management
Policy-Based Automation
HyperFlex Connect
Hyperconverged Management
IMC SupervisorPolicy Management and
Remote vKVM
IMCStandalone
C-Series, S-Series
Cisco UCS: Programmable Infrastructure
© 2017 Cisco and/or its affiliates. All rights reserved.
UCS Standalone Management SimplificationCore Differences – IMC Supervisor vs Intersight
Cisco IMC Supervisor Cisco Intersight
• On-Premise Virtual Appliance• Feature / appliance upgrades require user
intervention and downtime• Fixed bundle licensing – 1000 servers max per
appliance• REST XML API• Database backup / redundancy requires
multiple appliances and manual intervention
• Cloud-based centralized management• Features and upgrades pushed through
the cloud to streamline availability• SaaS / Subscription based model
licensing – Smart Licensing support• RESTFUL JSON API (OpenAPI)• Cloud based redundancy -
autonomously• Cisco HyperFlex Installation• Customizable dashboards• Telemetry Data Collection /
Recommendation Engine
© 2017 Cisco and/or its affiliates. All rights reserved.© 2017 Cisco and/or its affiliates. All rights reserved.
Intersight API§ UCS Management Ecosystem
§ Intersight Extensible Architecture
© 2017 Cisco and/or its affiliates. All rights reserved.
Integrations
Current Cisco UCS Ecosystem
Third Party Integrations
Cisco UCS Tools
UCS Director UCS PerformanceManager
Cisco Tools
Customization
Customer Tools and Portals
API
UCS ManagementPolicy and Model Driven Infrastructure
UCS Mini
UCS S-SeriesUCS C-SeriesStorage
HyperFlex SystemsHyperconverged
UCS B-SeriesServers
© 2017 Cisco and/or its affiliates. All rights reserved.
Single Endpoint for Management/Monitoring
Servers Network
Devices
Storage
Silos of Manual Element Management
Intersight
Restful OpenAPI
Configuration Management/Monitoring
ServersServers
StorageStorage
Network
DevicesNetwork
Devices
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco and 3rd Party Infrastructure
Intersight Portal
Extensible ArchitectureAdvanced Integrations
UCS HWConnector
(XML/REST)(BU / Cust. / 3rd party)
PartnerDevelopedConnectors
Inventory & Alerting
OrchestrationSecurity
& Authentication
New Connectors
Open Connector Framework
Example: Tools and SDKRestful OpenAPI
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Intersight Model Browser & Swagger SpecVersioned API Downloadable Swagger Spec
Run queries in model browser
Search
Description & Detail
© 2017 Cisco and/or its affiliates. All rights reserved.
https://github.com/CiscoUcs/intersight-python- Generated by Intersight “Swagger Specs”
- Install instructions
- Example Usage- (add users, claim devices, etc.)
Intersight Programmability and SDKs
© 2017 Cisco and/or its affiliates. All rights reserved.© 2017 Cisco and/or its affiliates. All rights reserved.
SecurityEnsuring data is transmitted and stored securely
© 2017 Cisco and/or its affiliates. All rights reserved.
Key Features in Intersight Security Architecture
Use of industry standard security protocols
Encryption of all data
Compliance with Cisco security and data handling standards
Starship security architecture
© 2017 Cisco and/or its affiliates. All rights reserved.
Stand-AloneUCS C-SeriesHyperFlex
Intersight Enhanced Security• Ensuring Connections• Durable websocket is used after initial
connection• Two factor authentication when claiming a
device: serial number and claim code• During subsequent transfers: identify,
authenticate, and authorize
• All communication from device is outbound• Device initiates connection• No inbound connections are needed
HTTPS/TLSStarship and device in syncwith latest security updates
Intersight
© 2017 Cisco and/or its affiliates. All rights reserved.
• Intersight uses an Out of Band Management Architecture to separate management data from IT production network and application data
• No disruption to customer’s IT production if Intersight connection is interrupted• Only management network accessible data (e.g., device configuration and usage)
is stored in Intersight• All sensitive data (e.g., passwords) stored in encrypted format• Application workload data does not pass through to Intersight
Management Network Separation
© 2017 Cisco and/or its affiliates. All rights reserved.
HTTPS (port 443) or proxy
Outbound Initiated Only (from Browser)
HTTPS (port 443) or proxy
Outbound Initiated Only (from Browser)
Intersight Device/Browser Connectivity
1. Operations/Administration
Off Premise
1. Account Setup/Creation
2. Device Claiming
3. Operations/Administration
Customer Premise
Fabric Interconnect Device Connector
C-series (IMC) Device Connector
HX Device Connector
Tier
-1, S
AS70
type
II /
SSAE
16 C
ertif
ied
Dat
acen
ters
Cloud Portal
FIPS 140-2ISO 27001HIPAAPCI (Level 1)
User Accesshttps://ucs-starship.com• cisco.com used to create a
Starship account• Becomes the “root” user• Invite other cisco.com users
• User can only be “root” for one Intersight instance
Device Access• DNS required - must resolve
svc.ucs-connect.com• Intersight always provides CA
signed x509 certificate• Two Factor Authentication for
device claim• Device Serial Number• Device Claim Code
Device Traffic
Certificate Authority (CA) Signed Certificate
User Browser Traffic
Certificate Authority (CA) Signed Certificate
TLS v1.1 (or higher)
HTTPS (port 443)
Outbound Initiated
Only (from Browser)
© 2017 Cisco and/or its affiliates. All rights reserved.
Features available if devices cannot communicate with Intersight:• Users can still access the local management and productions networks• All UCS policies and settings continue to be enforced• Local user authentication remains unaffected• Local configuration tools (e.g., UCS Manager) remain available
When Intersight portal is unreachable, services that are temporarily unavailable:• Global configuration and diagnostic tools provided by Intersight are unavailable• Some usage statistics are stored locally until the connection is re-established, at
which time they are pushed to Intersight• Intersight Web UI and APIs are unavailable
Local Management Availability
© 2017 Cisco and/or its affiliates. All rights reserved.
• Categorized/reviewed by Cisco InfoSec• Encryption methods, retention, and Cisco Employee access • Customer data not used in testing/non-production environments
Data Stored in Intersight
Data Type Cisco Internal access to data
How is Data Obtained?
User modify directly?
Retention Policy*
Customer contact information
Automated processes Cisco.com account profile
Yes Indefinite
Browser Configuration/Cookies
Automated processes Browseraccess, account login
No 90 days, session cookies cleared on logout
Telemetry/System Configuration
TAC, Engineering, Product Management (after data sanitization)
Device Connector
No 90 days, summary information kept longer
© 2017 Cisco and/or its affiliates. All rights reserved.
• Intersight meets or exceeds InfoSec’s requirements applying to numerous Industry Standards including the following:• PCI DSS• HIPAA• ISO 27001• FIPS 140-2• FedRAMP*
• Reports of Compliance available upon request*
Intersight Standards Compliance/Certifications
*Contact the Intersight product management team for specifics on Security related certifications
© 2017 Cisco and/or its affiliates. All rights reserved.
Cisco Intersight Roadmap
Tech Preview
Future >> CI/CD PipelineJuly 2017
Host Online Firmware UpdatesCisco
Intersight
Health dashboard Detailed InventoryC-Series ConfigurationHyperFlex InstallerTAC Integration
M4 Standalone Server Support
UCSM Policy Framework
HyperFlex Expansion & Upgrades
OS DeploymentTAC Proactive
Analysis
Q4 CY17
© 2017 Cisco and/or its affiliates. All rights reserved.
Kommende arrangementer
https://www.cisco.com/c/da_dk/training-events/seminars.html