ISE Deployment Staging
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKSEC-2430.pdf
Cisco Identity Services Engine (ISE)
An overview of Cisco ISE—includes highlights features and benefits
ise
Cisco Zero Trust Architecture
Cisco Zero Trust Architecture. Rob Bleeker. Technical Solution Architect Security ... ISE. AnyConnect. SD-WAN. Email Security. Next-Generation Firewall.
zero trust cisco connect vancouver
How Cisco Deployed ISE and Group Based Policies Throughout the
Raj Kumar: IT Architect. Bassem Khalife: IT Story Teller (@BJKhalife). BRKCOC-2018. How Cisco Deployed ISE and Group Based.
BRKCOC
Overview of Cisco ISE
OL-22972-01. 1. Overview of Cisco ISE. Cisco Identity Services Engine (ISE) is a next-generation identity and access control policy platform that.
ise overview
Introduction to ACI
Use Cisco Webex Teams (formerly Cisco Spark) configuration that is then programmed ... Overview. Inter-Site/Inter-Pod Network. ACI Leaf.
BRKACI
Building an Enterprise Access Control Architecture using ISE and
Cisco ISE Profiling overview. DS. DS. AnyConnect Identity Extensions (ACIDex) Device Sensor (DS). ACIDex. Feed Service. (Online/Offline). Endpoints send.
BRKSEC
BRKSEC-3432 - Cisco Live
your network with an identity aware secure access platform. Cisco ISE is plays an architectural role for many security solutions and is also one of the main
BRKSEC
Cisco Digital Network Architecture Solution Overview
Cisco® Digital Network Architecture is an open and extensible software-driven architecture that accelerates and simplifies your enterprise network
cisco dna overview
Cisco Switching Portfolio Update
8 juin 2021 Presentation Title Goes Here ... Each switch is given its minimum power budget ... SDA Architecture. Fabric Site. DNA-C. ISE. AD/LDAP ...
switching
Richard Watson, DC Systems Engineer
BRKACI-1000
Introduction to ACI
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco PublicCisco WebexTeams
Questions?
Use Cisco WebexTeams (formerly Cisco Spark)
to chat with the speaker after the sessionOpen the Cisco Events Mobile App
Install WebexTeams or go directly to the team spaceEnter messages/questions in the team space
How 1 2 3 4 5 3 cs.co/ciscolivebot#BRKACI-1000Agenda
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELIntroduction
Evolution of Data Centre
Networking & Management
What is ACI?
ACI Anywhere
Making the most of ACI
Where to go next
BRKACI-10006
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Spanning Tree
7BRKACI-1000
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Baremetal
Baremetal
Baremetal
Baremetal
Hypervisor
Hypervisor
Spanning-Tree
Layer-3
Layer-2
HSRP HSRP © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Simplified Spanning Tree with vPCs
8BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Replace Spanning Tree with FabricPath(MAC-in-MAC Encapsulation)9BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Replace Spanning Tree with VXLAN (MAC-in-IP Encapsulation)10BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Improved VXLAN Performance with BGP Control Plane (EVPN)11BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMEL US$60BSpent on Network Operations Labour and ToolsOpEx Spent on Network Changes
and TroubleshootingPolicy Violations
Due to Human Error
Network Changes
Performed Manually
95%70%75%
Source: McKinsey study conducted for Cisco in 2016BRKACI-100012
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public22% of all network
outages are caused by human error13BRKACI-1000
core-router#debugippacket © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELTraditional Automation
SDN is about providing a mechanism to automatically configure the network as a whole. Still deals with traditional networking constructs, Interfaces, VLANs, VRFs etc.Add a VLAN to these interfaces on these switches
Add a route to this VRF
Still a gap between the business requirements of the network and how those requirements are implemented and verified
Leaves room to misinterpret and misconfigure
Ideally need a network that is defined by the original IntentSoftware Defined Networking
15BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELIntent-Based Networking
Builds on traditional SDN capabilities
Activation
Starts with Business Requirements (i.e. the intent) and translatesinto device-specific configuration (i.e. policies)
Uses the policies to generate device-specific configuration that is then programmed (activation) though API
Feedback loop (assurance) to ensure that the intent has been realisedContinuously checked
What is the Intent of the Application?
Who the users, How they access the app, What Other services are required?Intelligent Automation & Assurance
16BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELStandard NXOS Open API
NetConf/ Yang Models
Large Ecosystem of partners
Extensible for homegrown tools with
LXC and Docker containers
..But takes time to setup & manageDo-It-Yourself / B.Y.O Automation
18BRKACI-1000
Single vendor simplicity
From build to ongoing support
Integrated Intent Based Networking
#CLMEL #CLMELRichard Watson, DC Systems Engineer
BRKACI-1000
Introduction to ACI
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco PublicCisco WebexTeams
Questions?
Use Cisco WebexTeams (formerly Cisco Spark)
to chat with the speaker after the sessionOpen the Cisco Events Mobile App
Install WebexTeams or go directly to the team spaceEnter messages/questions in the team space
How 1 2 3 4 5 3 cs.co/ciscolivebot#BRKACI-1000Agenda
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELIntroduction
Evolution of Data Centre
Networking & Management
What is ACI?
ACI Anywhere
Making the most of ACI
Where to go next
BRKACI-10006
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Spanning Tree
7BRKACI-1000
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Layer-2
Hypervisor
Hypervisor
Hypervisor
Hypervisor
Baremetal
Baremetal
Baremetal
Baremetal
Hypervisor
Hypervisor
Spanning-Tree
Layer-3
Layer-2
HSRP HSRP © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Simplified Spanning Tree with vPCs
8BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Replace Spanning Tree with FabricPath(MAC-in-MAC Encapsulation)9BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Replace Spanning Tree with VXLAN (MAC-in-IP Encapsulation)10BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELDC Network Evolution
Improved VXLAN Performance with BGP Control Plane (EVPN)11BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMEL US$60BSpent on Network Operations Labour and ToolsOpEx Spent on Network Changes
and TroubleshootingPolicy Violations
Due to Human Error
Network Changes
Performed Manually
95%70%75%
Source: McKinsey study conducted for Cisco in 2016BRKACI-100012
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public22% of all network
outages are caused by human error13BRKACI-1000
core-router#debugippacket © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELTraditional Automation
SDN is about providing a mechanism to automatically configure the network as a whole. Still deals with traditional networking constructs, Interfaces, VLANs, VRFs etc.Add a VLAN to these interfaces on these switches
Add a route to this VRF
Still a gap between the business requirements of the network and how those requirements are implemented and verified
Leaves room to misinterpret and misconfigure
Ideally need a network that is defined by the original IntentSoftware Defined Networking
15BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELIntent-Based Networking
Builds on traditional SDN capabilities
Activation
Starts with Business Requirements (i.e. the intent) and translatesinto device-specific configuration (i.e. policies)
Uses the policies to generate device-specific configuration that is then programmed (activation) though API
Feedback loop (assurance) to ensure that the intent has been realisedContinuously checked
What is the Intent of the Application?
Who the users, How they access the app, What Other services are required?Intelligent Automation & Assurance
16BRKACI-1000
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLMELStandard NXOS Open API
NetConf/ Yang Models
Large Ecosystem of partners
Extensible for homegrown tools with
LXC and Docker containers
..But takes time to setup & manageDo-It-Yourself / B.Y.O Automation
18BRKACI-1000
Single vendor simplicity
From build to ongoing support
Integrated Intent Based Networking
- cisco ise architecture overview ppt