global vision. local knowledge. · apps license mgmt financial costing impact analysis business...
TRANSCRIPT
Cisco Forum KyivCountry • Day Month Year
Global vision.
Local knowledge.
Andrii OvrashkoSystems [email protected]
Cisco DNA Center
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Networking at the Speed of Digital Transformation
1 2017 Cisco Security report2 Cisco Complete VNI Forecast3 Cisco 2016 Mid-Year Cybersecurity Report4 Cisco Global Cloud Index Whitepaper
of organizations claim that strategic help aligning network initiatives to business priorities is the most important requirement from network consulting services
* Source: IDC, Worldwide Network Consulting Services Study, 2017, N=502
Business is More Reliant on the Network than ever
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Paradigm Shift in IT Operations
Source: Cisco Study Nov 2018 https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1951395
Dramatic Change in IT Operations as CIOs Embrace Analytics and Automation
• Race to Operational Maturity
Accelerating
• 88% of CIOs Identify Investing in IT
Operations as Key to Driving Preemptive
Practices and enhance Customer
Experience
• 65% of CIOs expect to increase budget
for optimizing and remediating IT
operations over the next 12 months
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
The Network. Intuitive.
Intent-based Network Infrastructure
DNA-Center
AnalyticsPolicy Automation
I N T E N T C O N T E X T
L E A R N I N G
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center: Design – Policy – Provision – Assure
Intent-based Network Infrastructure
DNA-Center
AnalyticsPolicy Automation
I N T E N T C O N T E X T
L E A R N I N G
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
The Network. Intuitive.Powered by intent. Informed by context.
Journey to intent-based networking
We are here
Digital—ready infrastructure
Secure foundation
Programmability
Virtualization
Analytics and assurance
Everything as a sensor
Telemetry Historical and real time
Policy-based automation
Business policy
Translation Segmentation
Machine learning and AI
Policy validation
Predictive Self-healing
Intent-based networking
Constantly learning
Constantly adapting
Constantly protecting
Scaling (via cloud)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center Scale Up – Hardware Appliances
PID Scale (Devices) Scale (Aps) Scale (Clients) Availability
DN1-HW-APL 1000 Devices (Switches/Routers/WLC)
4,000 25,000 EOS/EOL upcoming
DN2-HW-APL (New) 1000 Devices (Switches/Routers/WLC)
4,000 25,000 Imminent
DN2-HW-APL-L (New) 2000 Devices (Switches/Routers/WLC)
6,000 40,000* Ordering starts Dec/ Jan ‘19
DN2-HW-APL-XL (New) 6000 Devices (Switches/Routers/WLC)
14,000 100,000 Ironman timeframe**
** = In Planning* = In Testing
Note: members of a DNAC Cluster must be identical – except for DN1-HW-APL and DN2-HW-APL which can be combined in the same cluster
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Основные сценарии применения DNA Center
Автоматизация управления сетью
Мониторинг сети
Интеграция
Streaming Telemetry
iOS sensorsApp
monitoring
N-dimension
Health
SD Access PnPTemplate
editorQoS
Path Trace Topology Inventory API
ISE DDIService
Now
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Network Changes for Automation
Standard Change:
• Automated Change Request• No Approval Required• Fully owned by Network Engg
team with minimal to zero downtime
Non-Standard Change
• Require Approval by Change Board
• May require service disruption• Co-ordination with Application
team during change window
Settings Update (Syslog, NTP)
Password Update
Port Settings, VLAN changes
New device/site deployment
Software Update
New service/Update service
Network
Changes
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
What are Standard Network Changes ??
AAA Configuration
DNS/DHCP Servers
NTP Servers
Syslog Servers
Netflow Collectors
SNMP/SSH/Telnet
Interfaces Configuration
ACL’s
Dial Plans
Vrf
Routing Protocols
Tunnels/DMVPN
Security/Crypto
QOS
AVC
AAA Configuration
DNS/DHCP Servers
NTP Servers
Syslog Servers
Netflow Collectors
SNMP/SSH/Telnet
Interfaces Configuration
Spanning Tree
VLAN
Security/Crypto
QOS
AVC
AAA Configuration
DNS/DHCP Servers
NTP Servers
Syslog Servers
Netflow Collectors
SNMP/SSH/Telnet
SSID’s
RF
Security/Crypto
QOS
AVC
Routers Switches WLC’s
Standard Changes :
o No Approval Required
o Minimal to Zero Disruption
Non-Standard Changes :
o Requires Approval
o May require service
disruption
o May need co-ordination
with other teams (App,DC
etc) during change window
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Network/IT Processes & Systems
x-Domain Integration
Business & IT Efficiency
DNA Center Platform Elevating the Meaning of “Open” with 360 Degree Extensibility
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center Platform – APIs, Adapters, SDKs
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center Platform – Phase 1 Partner Solutions
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Southbound APIs & Collectors
.
Northbound APIs
AP
Is & C
on
necto
rsAP
IS &
Co
nn
ecto
rs Cross-Domain Integrations
CloudData
CenterSecurity Collab
DNA Center Platform
Intent-based Network Infrastructure
1
BusinessApps
License Mgmt Financial Costing
Impact Analysis
Business Intelligence
5
Network Apps
Advancedfunctions
Policy /Compliance
UC PerfMonitoring
End-User Monitoring
4
3Network / IT Process Integrations
Identity Services
IT ServiceMgmt
Network Services
2
DNA Center
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center Platform
DNA Center Platform
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center: Southbound – Device SDK1
Infrastructure
Physical | Virtual | Programmable | App Hosting
Device Pack SDK
SNMP
Netconf
CLI
• Discovery
• Inventory
• Topology
• Availability
• Command Runner
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center: Southbound – Device SDK1
Problem: DNA Center supports a vast range of Enterprise Routing, Switching and Wireless platforms out of the box (check release notes). But what if you need 3rd party or Cisco legacy device support ?
Solution: Use the Device SDK
1. Put DNA Center and Device into Lab
2. Deploy Device SDK on DevOps Station
3. Connect Device SDK to DNA Center
4. Create Device Package
- Specify Device- Phased Releases of Features / Functional Domain initial Scope: Discovery, Inventory, Topology,
basic Presence and Config- Develop Mappings
5. Develop Device Package
6. Build and Test Device Package
Infrastructure
Physical | Virtual | Programmable | App Hosting
DNA Center
1)
4)
3)
2)
5)
6)
Device SDK
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center – Device SDK – Functional Domains
• Inventory• Discovery• Topology• Availability• SNMP Polling
Visibility
• SWIM• Config Push• Config Archive• Config Change
detection• Compliance
Configuration
• Application• Access• Access Control
Policy
• Correlation• Alarm
Suppression• Root Cause
Assurance
• Client• End points• IoT Extensions
Extension
1
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Center – Device SDK – Current Scope1
Version 1.2.10 (September 2018)
Discovery
• Device identification based on defined configuration
Inventory
• Visibility of Device Details
• Visibility of Interface Details and Operational Status
Topology
• All Device-to-Device connections in network
Extension
• Command Runner: execute commands against device via DNA Center
Assurance
• Key performance metrics via SNMP (CPU, Memory, Temperature, ...)
• Calculate Device Health Score based on metrics
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
ITSM Integration
Integrate DNA Center into (1) event, (2)incident, (3) change, and (4) problem management ITSM processes
Integrate DNA Center into ITSM approval and pre-approval chains
Sync CMDB between DNA Center and ITSM tool
Link DNA Center with formal change and
maintenance window schedules
Guided Remediation, Intuitive IT Service Management
DNA Center
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Issue or Event
ITSM Event Problem Information forTroubleshooting
Change Request or Incident
• Incident: an event that is outside of the normal service operations and may have cause a disruption in IT service
• Change Request: a request for a change to an IT service
Definitions
ITSM System Perspective
Change Request
• Pre-planned changes in the network that require approvals such as Software Image Management automatically log a change request
• These change requests wait for approval complete notification before upgrading the image at a specific time provided by the ITSM
Incident• ITSM Assurance events of a certain level of severity log an incident• The parameters for which events log an incident are set by the user in
DNA Center
DNA Center Ecosystem: Streamlined Closed-Loop Operation
DNA Center proactively triggers action in real-time and enables end-to-end automated resolution. This results in uninterrupted and enhanced Network User Experience.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Assurance: WLC Crash and Reboot
WLC Crash and Reboot event in Assurance automatically creates an event in ServiceNow
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Assurance: WLC Power Failure
WLC Power Failure event in Assurance automatically creates an event in ServiceNow
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Automation: Software Image Management
SWIM Monitoring Bundle scans the system and automatically logs an Incident
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Ticket Enrichment
DNA Center APIs populate a ticket with additional information for troubleshooting
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco © 2018 Cisco and/or its affiliates. All rights reserved. Cisco
IT challenge
43% of IT time spent on troubleshooting
Data collection
Network operators spend 4x more time collecting data than analyzing while troubleshooting
Replication challenge
It’s impossible for IT to troubleshoot if they cannot replicate the issue or see it in real time
Slow resolution
Half of Wi-Fi issues take more than 30 minutesto resolve
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Network quality is a complex, end-to-end problem
* Both = Join/roam and quality/throughput
Access points
Local WLCs
Network services data center
Office site
Cisco ISE
Mobile clients
Cisco® Unified CM
Client firmware
AP coverage
WAN uplink usage End-user services
RF noise/interf
Cisco Prime®
Configuration
Authentication
WLC capacity
WAN
Client density
Affects join/roam
Affects quality/throughput
Affects both*
DHCP
Addressing
WAN QoS, routing, ...
100+ points of failure between user and appWith 50,000+ permutations!
What is the problem?
Where is the problem?
How can I fix the problem fast?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Event Processing
“Event processing is a method
of tracking and analyzing
streams of information about
things that happen (events),
and deriving a conclusion from
them.“
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
In This Environment, Context is Key
Devices Applications
Users Network
Time
Location
Rich Context Increase Business Productivity and Frees Up IT Time
Cisco Context
360-degree Visibility
Data Granularity
Historical, Real-time, Future
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Assurance
Telemetry and Sensors at SourceClients | Applications | Wireless | Switching | Routing
Network TelemetryContextual Data
Correlation Complex Event
ProcessingIssues Insights
Guided Remediation
Metadata extraction
Complex correlation
Steam Processing
001110101100110
1010110010
00101101
0110100
1101101
00101101
10101100110
101011000110011
Clients Baseline
Application Network
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Complex Event Processing (CEP)
“CEP is event processing that
combines data from multiple
sources to infer events or
patterns that suggest more
complicated circumstances.
The goal … is to identify
meaningful events”
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
The Cost of Troubleshooting
Typical troubleshooting issues for an enterprise network with 800 users (wired and wireless)
Issue/task DNA Center™ Traditional CLI SavingsOccurrences
per weekHours saved
per weekDays saved
per year
Traceroute Instantaneous 6 minutes 6 minutes 25 2.5 hours 15
Slow onboarding 2 minutes 17 minutes 15 minutes 20 5 hours 30
Device RPA failure Instantaneous 20 minutes 20 minutes 6 2 hours 12
Radio channel analysis 5 minutes 25 minutes 20 minutes 6 2 hours 12
Issue replication 5 minutes 65 minutes 60 minutes 2 2 hours 12
Site visit Not required 180 minutes 180 minutes 0.5 1.5 hours 9
Total: 15 hours 90
What would YOU do with 90 extra productive days per year?90
*RPA: Routing protocol adjacency failure
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco © 2018 Cisco and/or its affiliates. All rights reserved. Cisco
DNA Assurance
From: Raw Alarms (or no Data)
To: Correlated Insights
Right PlaceProblem Isolation
Right TimeTime Travel
From: Challenging Replication
To: When & Where it Happened
Right ActionGuided Resolution
From: Escalation and Slow Resolution
To: Guided Remediation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco © 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application Assurance
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Assurance of Business Critical Applications
Health of Business
Relevant Apps overtime
Table with the top N (filterable) applications:• Name• Heath• User count• Business class / Traffic class• Usage / Average Throughput• Perf (Loss, Latency, App Delay)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application health dashboard menu
Click to see Application
dashboard
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application Health Dashboard
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application Health Dashboard – Applications
Select applications by type and health
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application 360
Application health over time
Site application health details
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application experience in site
Application performance metrics
Click to view clients using the application
Select site to view
application
performance in site
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Clients using the application
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco © 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Client Application Experience
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application experience for a client
Application issues
Click on issue for details
Selected client
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Application Issues – Network Latency
In Client 360, raising Insights for excessive Network Latency Issue
The second charts details the issues in the Application Server causing the delay
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
Objective: Closing the Application Experience Loop
48
Defining the IntentExpressing Business-Level Intent
Validating the OutcomeDNA Assurance & Analytics
Quantitatively Correlating
the Delivered Outcome
with the Expressed Business-Intent
Delivering the IntentDNA Automation – App Policies
Translating Business Intent
into Network Policies and Transport
49
Determining Business RelevanceHow Important is an Application to Your Business?
Relevant IrrelevantDefault
• These applications directly support business objectives
• Applications should be classified, marked and treated marked according to industry best-practice recommendations
• These applications may/may not support business objectives (e.g. HTTP/HTTPS/SSL)
• Applications of this type should be treated with a Default Forwarding service
• These applications do not support business objectives and are typically consumer-oriented
• Applications of this type should be treated with a “less-than Best Effort” service
RFC 4594 RFC 2474 RFC 3662
50
What Do We Do Under-the-Hood?
Application
Class
Per-Hop
Behavior
Queuing &
Dropping
Application
Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV
Real-Time Interactive CS4 (Optional) PQ Cisco TelePresence
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Signaling CS3 BW Queue SCCP, SIP, H.323
Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Default Forwarding DF Default Queue + RED Default Class
Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, iTunes, BitTorrent, Xbox Live
Apply RFC 4594-based Marking / Queuing / Dropping Treatments
Irrelevant
Default
Relevant
51
What Do We Do Under-the-Hood?
Application
Class
Per-Hop
Behavior
Queuing &
Dropping
Application
Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV
Real-Time Interactive CS4 (Optional) PQ Cisco TelePresence
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Signaling CS3 BW Queue SCCP, SIP, H.323
Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Default Forwarding DF Default Queue + RED Default Class
Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, iTunes, BitTorrent, Xbox Live
Apply RFC 4594-based Marking / Queuing / Dropping Treatments
Irrelevant
Default
Relevant
52
Your Choice
ip access-list extended DNA-APIC_QOS_IN#VOICE__acl
remark XYZ1234
PERMIT TCP any host 2.2.2.2 eq 35601
ip access-list extended DNA-APIC_QOS_IN#BROADCAST__acl
remark dmp
PERMIT TCP any any eq 7777
ip access-list extended DNA-APIC_QOS_IN#MM_CONF__acl
remark zoom-meetings
PERMIT TCP any any eq 8801
PERMIT TCP any any eq 8802
PERMIT UDP any any eq 8801
PERMIT UDP any any eq 8802
remark cisco-collaboration
PERMIT UDP any any eq 69
ip access-list extended DNA-APIC_QOS_IN#MM_STREAM__acl
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco
As of May 2018:
• 700 + unique customers shipped DNA Appliances
• 300 + trials / deployments by end of Q3 FY18
(estimated from telemetry)Aviation
✓ Highest client count ~ 13,934
✓ Total of 632 APs deployed
• AP3700 and AP3800
• AP1810W as Sensor
✓ 3 WLC HA pairs (5520, 3504, 8540)
• 8.5.114.27 (8.5MR2 Eng Special)
✓ Size of venue: equivalent to 40 football fields
✓ Highest client count ~ 28,275
✓ Total of 1,514 APs deployed
• Mix of AP3800 & AP3700
✓ 1 WLC HA pair (2 x WLC8540)
• AireOS 8.5MR2
✓ Peak total concurrent throughput: 6.09 Gbps
Cisco Live Barcelona Mobile World Congress
DNA Center Shipments
DNA Center