freshidea - Fotolia
Cisco's new ACI controller for AWS and Microsoft Azure makes managing network fabrics on the cloud providers consistent with the enterprise data center. However, companies already running applications on the two IaaS platforms could find converting to the ACI architecture challenging.
Cisco introduced this week several product enhancements meant to address the needs of enterprises with business applications running on the private data center, remote or branch offices and public clouds. The products introduced this week at Cisco Live in Barcelona included the cloud-based Cisco APIC controller, a small footprint HyperFlex system, and a SaaS version of CloudCenter for multi-cloud application management.
The new controller, called the cloud Application Policy Infrastructure Controller (cAPIC), has the most significant impact on networking. Introduced last October, Cisco formally unveiled cAPIC in Barcelona and lumped it together with the other technologies under the catchphrase Data Center Anywhere. Cisco plans to release the cAPIC by the end of June.
Within a public cloud, the most significant benefit of the Cisco APIC controller is making it possible to reuse security policies created for the data center. "I see security as a major driving factor for Cisco ACI in the cloud," said Jon Duren, a practice manager for data center networking at systems integrator World Wide Technology.
A network operator using Cisco's multisite ACI controller can take security policies that govern traffic flow and firewalls in data center subnets and, through cAPIC, map them to the cloud equivalents in AWS and Azure. Cisco plans to eventually make a version of cAPIC that will do the same for Google Cloud.
"[cAPIC] is essentially taking the same constructs that are already [in the cloud] and then just allowing you to get a one-for-one mapping based on policy," said Ryan Marsyla, strategic director of architecture at IT integrator Trace3. "I think Cisco is moving in the right direction for this without complicating the actual fundamentals of how AWS [and Azure] works."
Deploying cAPIC and connecting it to cloud resources is not difficult, systems integrators said. The difficulty is in converting what companies are currently using to manage network resources in the cloud into the ACI architecture.
"The complexity really comes in the variables of how the customer has architected their cloud," Duren said. "If they weren't architected using cloud best practices, then we may have to go in and assist the customer in helping reevaluate how they set up that network."
Marsyla described ACI as in its "infancy" in 2018. This year, however, he expects the pace of adoption to accelerate. That's because many companies using older Cisco switches in the data center today are turning to the Nexus 9000, which Cisco released in 2013 to support its then-new ACI, which stands for Application-Centric Infrastructure.
"[Cisco] has had 9K infrastructure out in the wild long enough to be able to wrap it into almost everyone's refresh cycles for network gear," Marsyla said.
Cisco's competitors in providing multi-cloud networking include VMware, Juniper Networks, Nuage, which is a Nokia company, and Big Switch Networks.
"A few years ago, the major data center networking vendors sought to persuade their enterprise customers to resist the embrace of public clouds," said Brad Casemore, an analyst at IDC. "Now they have come to realize that there's considerable value in helping customers manage and mitigate the complexity of multi-cloud networking."
CloudCenter Suite, HyperFlex Edge
While ACI distributes policies governing network traffic on IaaS providers, CloudCenter manages the application layer. The new CloudCenter Suite is available as a SaaS offering for managing multi-cloud workloads.
The software's new components include tools for monitoring cloud costs and providing workflow process orchestration and automation. The product also has a new administration console.
Cisco's new hyper-converged infrastructure platform, called HyperFlex Edge, is designed for running applications that serve remote and branch offices. Companies can deploy clusters of up to four nodes.
In other Cisco Live news, the company introduced the Catalyst IE3x00 Rugged Series and the Cisco IR1101 Integrated Services Router (ISR) for IoT. Cisco designed the ruggedized hardware for manufacturers, energy companies, transportation agencies and cities. An organization can manage and configure the products using the Cisco DNA Center software console, which is also used to manage Catalyst switches in the branch office.