1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

Enterprise Extension to the Public Cloud Nexus 1000V InterCloud + Cloud Services Router 1000V

Sutapa Bansal and Armin Rishi

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Why do Enterprises need the Public Cloud?

2

Burst from private cloud to public cloud for peak

workloads

Peak Workloads

Additional capacity for

workload upgrade or

migration

Upgrade/ Migration Dev/ Test

Dev/ test apps across private and public

cloud

Production

Dev/ Test

Analytics

Static

Content

Hosting

DR-as-a-Service from to reduce DR

complexity and cost

Disaster Recovery

Private

Cloud

Public

Cloud

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Program

Unique

APIs

Convert

Image Format

Reconfigure

Application

Insert

Custom

Tools

Recreate

Services

Validate

Operations Onboard

New

Monitoring

Use Cloud

Provisioning

Identify New

Security

Translate

Policies

Provider Cloud

Data Center Extension Challenges

Branch

WAN

Branch

VM VM VM VM

Enterprise Data Center/ Private Cloud

SECURITY

• Insecure Connection

• Limited Workload Protection

COMPLEXITY

• App Re-configuration

• Different Management Tools

INFLEXIBILITY

• Inconsistent Techniques

• No Visibility or Control

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Branch

WAN

Branch

Program

Unique

APIs

Convert

Image Format

Reconfigure

Application

Insert

Custom

Tools

Recreate

Services

Validate

Operations Onboard

New

Monitoring

Use Cloud

Provisioning

Identify New

Security

Translate

Policies

Nexus 1000V InterCloud

4

Nexus 1000V InterCloud Enabling Seamless Migration of Enterprise Apps to the Public Cloud

VM VM VM VM

Provider Cloud

Infrastructure Agnostic (Multi-Switch/ Hypervisor/ Cloud)

Seamless Hybrid Cloud

VM VM VM VM

Enterprise Data Center/ Private Cloud

Nexus-Based Hybrid Cloud Software Solution

L2 Services

Routing

Optimization

Firewall IDS

Centralized

VM Migration and

Management

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Branch

WAN

Branch

Program

Unique

APIs

Convert

Image Format

Reconfigure

Application

Insert

Custom

Tools

Recreate

Services

Validate

Operations Onboard

New

Monitoring

Use Cloud

Provisioning

Identify New

Security

Translate

Policies

Nexus 1000V InterCloud

L2 Services

Routing

Optimization

Firewalls IDS

5

Provider Cloud

Nexus 1000V InterCloud Secure Connectivity, Secure Workloads

V

M

V

M

V

M

V

M

Seamless Hybrid Cloud

VM VM VM VM

Enterprise Data Center/ Private Cloud

All data in motion is cryptographically isolated and encrypted

Enterprise owns the keys

Centralized

VM Migration and

Management

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Branch

WAN

Branch

Program

Unique

APIs

Convert

Image Format

Reconfigure

Application

Insert

Custom

Tools

Recreate

Services

Validate

Operations Onboard

New

Monitoring

Use Cloud

Provisioning

Identify New

Security

Translate

Policies

Nexus 1000V InterCloud

L2 Services

Routing

Optimization

Firewall IDS

6

Nexus 1000V InterCloud Enterprise Apps in the Hybrid Cloud

Provider Resources

Provider Ease Of Business

VM VM VM VM

Provider Agility

Seamless Hybrid Cloud

Provider Cloud

VM VM VM VM

Enterprise Data Center/ Private Cloud

Centralized

VM Migration and

Management

Enterprise Security

Enterprise Control

Enterprise Visibility

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Public Cloud Networking Challenges Lack of Consistency Creates Barriers to Adoption

7

Branch

ISR Branch ISR

Enterprise

Data

Center ASR

Provider Cloud

WAN

Branch

ISR

VPC/vDC

VPC/vDC

Security

• Inconsistent VPN/ Firewall Policies

• Error-prone Topology Changes

Integration

• Incomplete Network Services

• Different Management Tools

User Experience

• Indirect Traffic Path through DC

• No Traffic Optimization and QoS

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

Cloud Services Router 1000V Cisco IOS Software in Virtual Form-Factor

Server

Hypervisor

VPC/ vDC

OS

App

OS

App

CSR 1000V

Programmability

• RESTful APIs (leverages OnePK) for Automated Management

Term and Usage-based Licenses

• Elastic Capacity (10 Mbps -1 Gbps Throughput, 2 -16 GB RAM)

Single-tenant WAN Gateway

Small Footprint (1 to 4 vCPU)

IOS XE Cloud Edition

• Selected Features of IOS XE primarily for Cloud Use Cases

Infrastructure Agnostic

Server, Switch, Multi-Hypervisor (ESXi, KVM, Xen, AMI)

Enterprise-class Networking with Rapid Deployment and Flexibility

Virtual Switch

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Multi-Service Router for the Enterprise in the Cloud

Extending Enterprise WAN to External Clouds

9

Branch

ISR Branch ISR

Branch

ISR

Enterprise

Data

Center ASR

WAN

VPC/vDC

VPC/vDC

Provider Cloud

CSR

Integration

• NAT, HSRP, QoS, AVC

• IOS-XE CLI, Cisco Prime

Security

• IPSec VPN + Routing (DMVPN, ..)

• Firewall, ACL, AAA

User Experience

• Routing (BGP, EIGRP, Multicast, ..)

• AppNav, WCCP, QoS, AVC, IP SLA

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public

Nexus 1000V InterCloud + CSR 1000V Connect DC/ Branch/ Home securely to Public Cloud

10

Cloud Manager

GUI

Enterprise Data Center

Server + VMware ESXi

Nexus 1000V Switch

Virtual Machines

Nexus InterCloud

CSR 1000V

No

Access

Access

OK

Isolated InterCloud

L2 Extension

InterCloud securely extends L2 networks into public cloud, and isolates attached VMs from outside world

Cloud Manager GUI: Point-and-click migration of VMs to cloud, and CSR configuration

CSR acts as L3 gateway for VMs isolated with InterCloud. Inbound, Outbound, VPN, NAT, FW, etc.

11 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11