Takeaways from Cisco Live 2019 – An Engineer’s Perspective

JUL 01, 2019

By David Law, Trace3 Practice Architect – Software Defined Infrastructure

Can you say intent-based networks three times fast?


If it wasn’t apparent by now, CiscoLive! 2019’s main theme was all about DNA Center (DNAC), as evidenced by the opening keynote by Chuck Robbins and David Goeckler, Cisco clearly is betting big on DNA. This year, greater emphasis was on AI/ML incorporated within DNAC. The new features such as “correlated insights”, highlight some of the new capabilities, this new capability harkens to SNMP, but on steroids. From a SNMP perspective, one could set up OID threshold/thresholds to notify you of a potential issue (i.e. High CPU/Memory, etc.). DNA center could automate this without the need to identify what the offending process/processes are and creating a fix automagically (in theory). At this time, it’s not comprehensive, but it’s certainly something to keep an eye on, as this could encroach on legacy network management systems over time. DNAC can extend from the traditional Enterprise Network realm, to more IoT use cases as evidenced by a good portion of support for the Industrial Ethernet family (IE), clearly Cisco is thinking much bigger…With new scalability numbers at 100,000 connecting clients and 18,000 network devices — scale is there, for the majority of customers. I really like seeing the continued investment in the IE line up where respective verticals such as manufacturing, oil and gas, utilities, and smart cities will continue to expand with DNAC capabilities, albeit the integrations right now are not complete. When the full suite is supported, coupled with a fully functional edge compute portfolio (that’s currently missing), it will be a compelling story.

Last observation on this topic regarding the use of AI/ML; Cisco presented the idea of predicting success rates to upgrade cycles by giving you a risk score. This is created from all the data Cisco has collected in the cloud, based on historical data and their experience, as well as what features are enabled. Based on that, Cisco would give you a score and risk percentage identifying if an upgrade will impact a production system — could we one day say goodbye to a good ole bug scrub….? Nah, not in the immediate future.

Cisco is clearly putting a lot of focus on intent-based networks (DNAC), and the Cognitive Network, so what about the Data Center space? Let’s take a look…

Here a Container, there a Container…

If you’ve been under a rock, you wouldn’t know Kubernetes (K8S) is the new mainstreamed hotness everyone is talking about or playing with, but very few have production scale implementation/implementations in the traditional enterprise. K8S can give enterprises the ability to create a cloud native substrate, with workload mobility, to add to the ever-present hybrid cloud story. Containers and the management of containers are akin to what the hypervisor was to the enterprise, paired with the concept of Linux distributions (distros), as it seems everyone now has a K8S distro.

Cisco is continuing to invest in their Container Platform {(Cisco Container Platform) CCP} CCP like most K8S distros, it does the heavy lifting for maintaining compatibility, governance, and patching easing the burden of administration. For those that would like to leverage additional policy driven frame works like ACI, you can integrate directly into CCP’s Container Network Interface (CNI) for policy application. If that’s not your bag, one can use Calico or Contiv.

CCP also implements appropriate security features and best practices such as container hardening, frequent internal vulnerability scanning, support for TLS 1.3 (preview), K8S Auth, Cert Manager, Encrypted secrets, Secure Multi-tenancy etc.

When you add this up, it’s a lot for enterprises to keep up with – this is where I see value for customers who want to evaluate K8S and want Cisco integration. To be fair, most K8S distros have governance, compatibility and so on. I would like to see CCP improve on those Cisco native integrations; in the past implementing these integrations was a challenge, perhaps the new releases will address that. Speaking of releases, Cisco is leveraging CI/CD, with new versions being pushed out approximately every couple of weeks. I’m looking forward to seeing how CCP progresses. The bottom line, if you are looking to leverage ACI and Hyperflex integration, CCP is your Huckleberry.

On the ACI front, ACI Anywhere looks to have some legs with Cloud ACI for AWS. I expect support for Azure (very soon) and GCP down the road. Cisco Cloud ACI automates configuration of end-to-end connectivity between on-premises Cisco ACI and AWS. The magic to Cloud ACI is that it essentially acts as a translator for AWS and ACI, an example of this is in AWS a VPC (Virtual Private Cloud) would translate for a VRF (Virtual Routing and Forwarding) instance in ACI, or ACI terms EPG is equal to a security group in AWS. One thing to consider, this solution does need Cisco Multi-site Orchestrator (MSO) and Cisco CSR1kvs’, we will lab this up and report back on how this integration plays out. Finally, Cisco is adding support for Terraform! I’m excited to see this added and now one can get after it with Terraform to provision APIC and Cloud ACI – this is a great add for Cisco.

Cisco is continuing to push beyond the horizon, breaking out of the traditional manufacture shell to develop and deliver Intent-Based Networks, Cognitive Networks, Policy Based Distributed Container Networking, to security and more, while continuing to layer in AI/ML into the portfolio. Cisco is a top strategic partner and our team puts a tremendous amount of time in to ensure we can deliver as evidenced by the 2018 Cisco Summit awards we received: West Partner of the Year, West Architecture Excellence Partner of the Year, Americas Data Center Partner of the Year, and Software Partner of the Year for Central Region. The awards are great… but the real win is helping our customers achieve successful outcomes through people, process, and technology.

Want to know more? Hit us up!



Leave a Reply

Your email address will not be published. Required fields are marked *