What’s new in PI 2.2. and with SDN - Cisco€¦ · Prime Infra 2.2 will converge 1.x and 2.x Trains into single train (Expected Avail: Dec 2014) Direct Upgrade from 1.4 / 2.1 to

What’s new in PI 2.2. and with SDN

Thomas Gerneth

Cisco Confidential 2 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

APIC-EM similarity to Smartphone

The APIC-EM has:

§  A strong base platform for SDN use cases

§  It has build in App’s (eg QoS, ACL, Policy etc)

§  It offers an API to be used by ISV & App’s can be developed by many

§  One App example – Jabber / Unified communication integration

APIC EM


Network Elements

Controller

Applications

Allow Protocol/API choice while

maintaining stack integrity

Flexible “Programmable” Interfaces

•  CLI •  SNMP •  Web UI •  NETCONF •  XML •  onePK •  Openstack •  OpenFlow

•  Web UI •  YANG •  REST API

APIC EM


APIC-EM - Controller vs App

Cisco Confidential

APIC EM Elastic Services SAL

REST APIs

APIC EM Services

Inventory and Topology

Identity and Location

Application Awareness

Policy Translation

QoS Visualizer

Policy Management

ZTD Visualizer

ACL Visualizer

Controller Infrastructure

CLI

Advanced Topology Visualizer

Automated Provisioning

APIC EM Applications

Analysis and Compliance

Network Infrastructure Management

Addresses Scale Out

Requirements

Services for Day0/1 Applications

Day0/1 Applications

Addresses Low Programming

Tolerance

IWAN

APIC-EM Controller


SDN Controller – Overview OK that looks really ugly but wait a minute…

… all cars

•  Four wheels •  Steering wheel • Gas pedal •  Brake pedal

But complete different use-cases


EM Enterprise Module (Catalyst, ISR, ASR, Nexus 7k*, 6k*, 5k*,

WLAN, NfV*)

APIC

APIC Application Policy Infrastructure Controller

DC Data Center

(Nexus 9000)


Prime Infrastructure 2.2 Platform Enhancements


Prime Infrastructure 2.2

CUWN - 8.0 and 8.1 Support with

APs Topology

Wireless Wired Datacenter Platform

PI Operations Center

R/W API’s

UCS Server Assurance

Technology Packs

Nexus 9K Assurance

IPV6 Device Management

Converged Access – 3.6 and 3.7 with

APs QoS

Monitoring Support

Meraki AP Support Tech Pack

VM Support via Tech Pack

IWAN Configuration

Workflows

Maps Performance Improvements


Management Platform Security Enhancements

IPv6 Certification PSB and FIPS Certification

Updated Oracle Database

Updated Operating System

SCP/SFTP Updated libraries

Cer

tific

atio

ns

Pla

tform


Converged Menu Single Menu for All Operational Tasks


Network Topology Visualization Device & Site Connectivity


Additional Platform Features

•  Inventory and Device Grouping improvements Hierarchical Location Grouping, more flexible group definition

•  Management of network devices via IPv6

•  Plug & Play gateway “high availability” deployment option

•  New RW REST APIs Adding devices in bulk, managing wireless devices, provisioning WLANs

•  Native IE browser support (IE 10 & 11) No Chrome Plug-In needed

•  Improvements in Job handling Periodic jobs, copy run start option, stop/continue failure option, improved presentation of job results

•  Virtual IP for HA

•  Simplified OVA install

•  VMWare ESXi 5.5 support


Upgrade to 2.2

§  No inline upgrade support to PI 2.2

§  Recommended upgrade is through backup and restore

§  No need for license re-hosting as VUDI check is removed

Why no inline upgrade:

Upgraded platform (OS)

Upgraded database

Backup Prime Infrastruture •  PI 1.4 •  PI 2.1

Install PI 2.2 system •  New OVA install •  Install ISO on appliance

Apply PI licenses •  No re-hosting of

licenses


Cisco Prime Infrastructure – Operations Center Centralized Visualization Across Multiple PI Instances

Prime Infrastructure Console

Prime Infrastructure Instances

Network Data

Device Affinity

Network Data Network Data Network Data

Static Data

Fan Out Queries

Aggregation

Single Pane Monitoring

•  Unified Assets View •  Unified Alarms View •  Unified Clients views •  Consolidated Reports •  Consolidated Dashlets •  Consolidated Search


Tech Pack - Updates from CCO or direct upload

Downloading from CCO

Uploading directly


UCS Based Gen 2 Physical Appliance (1 of 2)

§  Current Prime Physical Appliance (Gen 1), PRIME-NCS-APL-K9 •  Four year old server platform and scheduled for EoS/EoL in Q2 CY2015 •  Will support up to and including PI 2.2 •  Customers can continue to order Gen1 Appliance until EoS (May 2015)

§  UCS based Physical Appliance (Gen 2), PI-UCS-APL-K9 (PRICING: Q1 CY15) •  Scheduled to launch in Q1 CY2015 and orderable in Q1 CY2015 •  ISO image for UCS Appliance will be available in Q1 CY2015 •  Requires PI 2.2 or higher

For scalability info please refer to Scalability Table


Prime Infrastructure – PI 1HCY2015 Release*

CUWN - 8.1 – ATE, MS Lync Topology - Logical

Wireless Wired Datacenter Platform

Alarm Flexibility

New User Interface

UCS Service Profiles

Configuration Compliance

Nexus - VXLAN

Complete IWAN support with APIC

EM Integration

Rogue and Client Management PfR Monitoring

AVC for Flex, Policy based AVC

Converged Access deployment Workflows

UCS-C, UCS-E Performance

*Roadmap – not committed yet

Multi-NAM /vNAM deployment


Prime Infra 2.2 Wireless Update


One Release for all Wireless Management

PI 1.x (1.3.x, 1.4.x)

PI 2.x (2.0, 2.1.x)

PI 2.2

•  Configuration and Monitoring for AireOS 7.4, 7.5, 7.6 and 8.0

•  Monitoring Support for 8.1 •  Up to MSE 8.0 •  ISE 1.2, 1.3


New Wireless Features

§  Policy Classification Engine

§  Client SSO

§  Bonjour configuration

§  PMIP V6 enhancements

§  IPv6 – clients and WLC

§  Sleeping Client

§  802.11w

§  PEAP/EAP-TLS on AP in Flex mode

§  Flex Connect Audit Support

§  FlexConnect VLAN Config (FlexConnect Groups)

§  DHCP Proxy in WLAN Config

§  Clean Air Express on AP 1600/AP1700

Full catch up 7.4, 7.5 and 7.6 features (parity with PI 1.4.x)


New Wireless Dashlets

•  Customize graph type •  Export dashlet to PDF

and CSV


AP Details

Top applications by bandwidth

Top clients by bandwidth

Client count on the AP over time

Channel Utilization over time

New AP Dashboard


Integrated Meraki Wireless Support •  Discovery of APs

•  Inventory of APs

•  Reachability of APs

•  Cross launch into Meraki dashboard •  No Wired in Phase 1

•  Technology pack on PI 2.2


Licensing News Prime Infra 2.2 will converge 1.x and 2.x Trains into single train (Expected Avail: Dec 2014)

Direct Upgrade from 1.4 / 2.1 to PI 2.2 (But NO inline upgrade)

Node Locking is REMOVED and Re-host Requirement REMOVED

New Licenses introduced for the following new products: - UCS Server Management - Prime Infrastructure Operations Center (w/ Upgrade license from WCS Navigator)

Gen 1 Phy. Appl. To support PI 2.2 Gen 2 Phy. UCS based Appliance is expected to be Avail Q1-CY2015

Support / Services Licensing is simplified Single SWSS part number to cover TAC, maintenance, minor and major upgrades; Mandatory 1 year


LMS Transition


LMS Feature Parity – Update Dec 2014

•  Topology (Physical) •  Grouping (Device) •  Syslog (0-7) •  IPv6 Device Mgmt •  Credential Profiles .

PI 2.2 (Dec 2014)

•  Topology (L2) •  Topology (Logical) •  Grouping (Port) •  Generic SNMP Trap Support •  Flexible Alarm Policy •  Custom Reporting •  Config Compliance – Baseline

Niihau (H1CY2015)

•  User Tracking •  Regulatory Compliance •  IPSLA Support

Lanai (H2CY2015)

•  Chassis View (a.k.a CiscoView)

•  3rd Party Device Support

Maui (H1CY2016)

Still in Planning (Not Committed)




Enterprise Stack for the Two Markets

APIC-EM

Common Controller Layer

IWAN Access Threat Defense

PRESCRIPTIVE STACK

..

Common UI/UX framework with modular, domain specific management apps and embedded service automation

Service Auto

Path Trace

Segmen-tation ..

For Commercial and Mid-Enterprise

Prime Infrastructure

Service Automation

CUSTOMIZABLE STACK

Separate Automation and Management layers

For Large Enterprise and GET


Path Trace – CA Release Results

28


APIC

Datacenter Management with Cisco Prime Infrastructure


Prime Infrastructure – Compute (Physical and Virtual)

• Server and VM availability

•  Interface KPI monitoring • CPU/Memory of Hosts

and VMs monitoring

• Visibility of Service Profile instances

• Attributes of the SP and Server instance its applied on

• Service Profile to Server/Host mapping

• Server and VM Details • Collect B and C series

Chassis hardware • Network - HBA, FI details,

Physical/ vFC/ vEthernet/Port Channel Interfaces

• Root Cause Analysis - Physical UCS fault-component mapping

• Hierarchical visualization and impact analysis

• Physical to Virtual mapping

Fault Identification

Inventory Collection

Performance Collection

Service Profiles

Green – PI 2.2 Red – DC Tech

Pack

Thank you.


UCS Server Management

1

See server status and their hierarchy

2 Server 360 allows us to see server inventory at one place


UCS Network and I/O ports


Virtual Inventory 1 Virtual Hierarchy 2 Exposes status and OS for every VMs that is running

Router Management with Cisco Prime Infrastructure


Network and Application Assurance

Router Management with Cisco Prime Infrastructure

Plug and Play (New device in

network) Discovery and

Inventory Configuration Archive and

SWIM

Fault Management

(Syslog and Trap Processing)

Performance Management

Configuration (Features: VPN, ACL, VLAN, etc)

ISR 800 Series

ISR G1 Series

ISR G2 1900 2900

3900 ISR 4300

4400 ASR 1000

Series

DM-VPN AVC –Visibility and Performance

Performance Routing

Quality of Service

Zone based firewall WAAS

Lifecycle Management

IWAN Management

Platforms Supported

Network Configuration and Health


IWAN Management with Prime Infrastructure


Intelligent WAN Solution Components

Branch

Internet

MPLS

Private Cloud

Virtual Private Cloud

Public Cloud

3G/4G-LTE

AVC

WAAS PfR

Transport Independent

•  Consistent operational model •  Simple provider migrations •  Scalable and modular design •  IPsec routing overlay design

•  Dynamic Application best path based on policy •  Load balancing for full utilization of bandwidth •  Improved network availability

Intelligent Path Control

•  Application visibility with performance monitoring

•  Application acceleration and bandwidth optimization

Application Optimization

•  Certified strong encryption •  Comprehensive threat defense •  Cloud Web Security for secure

direct Internet access

Secure Connectivity

41


WAN Designs Supported in Prime

Thank you.

Documents

What’s new in PI 2.2. and with SDN - Cisco€¦ · Prime Infra 2.2 will converge 1.x and 2.x Trains into single train (Expected Avail: Dec 2014) Direct Upgrade from 1.4 / 2.1 to