SlideShare uma empresa Scribd logo

Programmable ASICs Key to Hardware Innovation in SDN Era

Robb Boyd
Robb Boyd

Why trade performance for flexibility when you can program your network with new protocols and capabilities at wire speed? In this workshop learn how ASICs are made, why flexible silicon is critical to the future of networking and what you can do with Cisco’s next-generation UADP 2.0. Resources: Watch the related TechWiseTV episode: http://bit.ly/2fiqH1f Watch the TechWiseTV: New Era in Networking playlist: http://bit.ly/2jpoRjB

Tecnologia
1 de 85
Baixar para ler offline
Programmable ASICs: Why Hardware Matters in the Age of SDN and Virtualization Special Guests: September 13th, 2017 Peter Jones | Principal Engineer, Enterprise Networks Dave Zacks | Distinguished Engineer, Enterprise Networks
Dave is a Distinguished System Engineer, and has been with Cisco for 17 years. As a DSE within the Enterprise Networks Architecture team, Dave works primarily on capabilities and solutions that are anywhere from 12 to 36+ months out, helping to define these projects and then assisting as they progress towards and through design, development, and solution introduction. Dave has a strong background in, and focus on, customer requirements, and integrating these into the products and solutions Cisco builds. Dave has a special interest in Flexible Hardware and Fabric architectures. Dave Zacks Distinguished System Engineer dzacks@cisco.com @DaveZacks By Way of Introduction …
Peter Jones Principal Engineer petejone@cisco.com @petergjones By Way of Introduction … Peter is a Software Principal Engineer, and has been with Cisco for over 10 years. Peter works on System Architecture (ASIC, hardware & software) for Cisco Campus switching, with extensive experience with the Catalyst 3850 / 3650 platform as well as the UADP ASIC. As well, Peter is heavily involved in the standardization of 2.5G / 5G BASE-T Ethernet as NBASE-T Alliance chair and in IEEE 802.3.
Cisco DNA and the Importance of Network Innovation
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Innovation in the network
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Source: Forrester Source: Open Compute Project Time IT spends on operations80% CEOs are worried about IT strategy not supporting business growth57% Network Expenses Deployment Speed 0 10 100 1000 Computing Networking Seconds 0 100% CAPEX OPEX 33% 67% The Need for Agility Changing Enterprise Requirements © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Advanced Persistent Threats Devices per Person 3.64 Mobile world requires access to everything everywhere Mobility Devices per Admin 100K Agility and New Consumption Models Cloud IoT Things Connected 7.5BUnmanned devices growing at rapid pace Enterprise Trends Driving Digital Transformation
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Users, Device and IOT Segmentation Enabling Seamless Mobility Secure Connectivity to the Cloud Setting Up End-End Security VLAN 1 VLAN 2 VLAN 3 WAN Branch A VLAN 1 Branch A VLAN 3 Remote VLAN 2 HQ ACL 1 ACL 2 ACL 2 ACL 3 Traditional Networks Cannot Meet the Demand
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Security Automation Analytics Virtualization Cloud Service Management Programmable Physical and Virtual infrastructure Principles Insights and Experiences Automation and Assurance Security and Compliance Open API Driven ProgrammableSD-Access and Assurance Catalyst 9000 DNA Center Encrypted Traffic Analytics Software Subscription Licensing | DNA Advisory, Technical, Support Services Cisco Digital Network Architecture Overview
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public You Need a Network that Drives Your Digital Business Hardware Centric Flexible Hardware, Software Driven Manual Automated Piecemeal Security Integrated Security Network Monitoring Analytics & Insights Traditional Network Digital-Ready Network Cisco is Rewriting the Network Playbook
Visibility into traffic and threat patterns Who, What, When, Where, How Translate Business Intent to Network Policy Automate the management and provisioning millions of devices instantly NETWORK. INTUITIVE. THE Machine learning at scale to provide increasing intelligence Predictive performance and assurance The more you use, the wiser it gets Built on Cisco DNA
Cisco DNA and the Importance of Network Hardware
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public EISG Architecture Team David Goeckeler Cisco SVP, Security and Networking Cisco Live Las Vegas 2016 Innovation in the network ASICs are a pillar of Cisco innovation …
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Let’s Talk About ASICs
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public What is an ASIC? “An Application Specific Integrated Circuit is an integrated circuit customized for a particular use, rather than intended for general purpose use…”
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why talk ASICs?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Created and Worn by TAM DELL’ORO @DellOrorGroup CLUS 2017
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Advanced, Multi-Core, Feature-Rich Routing Silicon QFP QuantumFlow Processor Fully Programmable Scalable Advanced on-chip QoS Secure Extensible Architecture Operational Uniformity New Foundational Capabilities Speed of Innovation Velocity Foundation for Virtualization Platform for the Future IOS-XE The Evolution of IOS Taking the Proven Strengths of IOS to the Next Level UADP Unified Access Data Plane Flexible, Programmable, High-Performance Switching Silicon Fully Programmable Scalable Advanced on-chip QoS Secure Extensible Architecture “People that are really serious about software should build their own hardware” 100% Cisco-developed Flexible Silicon – Unlocking the Power of DNA at Hardware Speeds Hardware and Software Building on a Strong Foundation
Quick Primer – How Networking Silicon is Designed and Built
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public How is an ASIC built?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Then, it starts with coding… Verilog VHDL Synthesis Process Converts code into logical gate constructs (Netlist) ASICs – From Definition to Deployment
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Then, it starts with coding… Verilog VHDL Synthesis Process Converts code into logical gate constructs (Netlist) Floor planning Floor Planning & Placement Arrange and interconnect constructs, connect power, minimize crosstalk, etc… ASICs – From Definition to Deployment
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Imprint design on Silicon Wafer
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Discrete transistor MOSFET (metal oxide semiconductor field effect transistor) FinFET (fin field effect transistor) NAND gate NOR Gate Universal Gates XOR Gate AND Gate OR Gate NOT Gate XNOR Gate … which can be used to build any of the other logic gates … … mostly used @ 22nm and above … mostly used @ 16nm and below … which, when we put millions of them together on a silicon die, produce a chip!
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Discrete transistor MOSFET (metal oxide semiconductor field effect transistor) FinFET (fin field effect transistor) NAND gate NOR Gate Universal Gates XOR Gate AND Gate OR Gate NOT Gate XNOR Gate … which can be used to build any of the other logic gates … … mostly used @ 28nm and above … mostly used @ 22nm and below UADP 1.1 191M gates UADP 2.0 270M gates Catalyst 3850 mGig Catalyst 9300, 9400, 9500
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public We put a man here … … using this … Apollo Guidance Computer … which was built from nothing but that … 4100 ICs, each of which contained a single 3-input NOR gate In other words … we put a man on the moon with less than 10,000 transistors … It takes 7.46 billion transistors to route your packets! With the appropriate security, segmentation, QoS, encryption, fragmentation, etc, etc … Fun Fact!
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public We are talking transistors… and how many we can pack in an ASIC die … “The number of transistors incorporated into a chip will approximately double every 18 - 24 months …” “Moore’s Law” - 1975 Transistor Width measured in Nanometers Nanometer = One Billionth of a Meter
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public A human hair is ~100,000 nanometers in width A Perspective
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Red blood cell (7,000 nm) rises to 10th floor Empire State Building = 1454 feet to tip = 443 meters ONE NANOMETER – less than 1/4th of an inch! … about the same thickness as three pennies on this scale … … and we build transistors measured in nanometers … How SMALL is SMALL? Single human hair ~ 100,000 nm … and then we come to this little pinprick over here …
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Use of smaller technology leads to benefits … Lower Price Lower Power Higher Performance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ASIC Re-Spin (if needed)
Overview – The Importance of Flexible Silicon
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why Does Cisco Develop Our Own Silicon?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why Does Cisco Develop Our Own Silicon? Simpler Deployment Options Better Insight and Optimization Increased Security Most Appropriate Scalability Flexibility and Investment Protection via Programmability
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Traditionally the ASIC processing pipeline is FIXEDIPv4 IPv6 Traditional Fixed ASIC Processing Pipeline
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public … and has challenges handling NEW PROTOCOLS … MPLS Traditional Fixed ASIC Processing Pipeline
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flexibility in Networking … … disconnect with traditional fixed ASIC processing …. Evolution of Business Industry Trends – SDN
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public So where can Flexible ASICs help us? The Big Question …
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public DNA Flexible Infrastructure – Programmable ASIC Silicon
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flex Rewrite Programmable ASICs deliver FLEXIBILITY … Flex Parser Flexible, Programmable Processing Pipeline GRE If IPv7 were invented tomorrow … ... we could probably handle it via the Programmable Pipeline! Flex Counters Stage 1 Stage 2 Stage 3 Stage n IPv4 IPv6 VXLAN MPLS IPv7 Flexible ASIC Processing Pipeline
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flex Rewrite Flex Parser Programmable ASICs provide support for TUNNELLING …IPv4 … a task at which Cisco’s Programmable, Flexible ASICs excel! Tunnelled traffic requires RECIRCULATION … IPv4VXLAN High-performance, low-latency recirculation path … Flex Counters Flexible, Programmable Processing Pipeline Stage 1 Stage 2 Stage 3 Stage n Flexible ASIC Processing Pipeline
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 3550 Circa 2003 60M transistors 47,226 lines of code Catalyst 3750 Circa 2008 210M transistors 86,220 lines of code Catalyst 3850 Circa 2013 1300M transistors (Latest version: 3 BILLLION transistors) 1,490,000 lines of code Catalyst 9300 / 9400 / 9500 – 2017 New! UADP 2.0: 7.46B transistors! 2,160,000 lines of code All Cisco-developed silicon Driving the benefits of vertical integration – Hardware and software working together! Just like some other famous examples … ASICs – From Definition to Deployment
Network Innovation – Flexible Switching Silicon … UADP – Unified Access Data Plane
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Latest version – 7.46 BILLION transistors
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Parse depth of 256 Bytes 15 programmable stages Up to 250 frames across stages at one time…Ability to handle current and future protocols – extremely flexible and capable Excellent for encapsulations, which often need recirculation UADP provides an unparalleled degree of Flexibility in an Access Switch UADP Designed for Flexibility
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Parse depth of 256 Bytes 15 programmable stages Up to 250 frames across stages at one time… Underlay Outer,IP,Header Outer,MAC,Header UDP$Header VXLAN$Header Overlay Inner,(Original),IP,Header Original,Payload Inner,(Original),MAC,Header 14#Bytes (4#Bytes#Optional) Ether# Type 0x0800 VLAN#ID VLAN#Type 0x8100 Source'MAC Dest.'MAC 48 48 16 16 16 Src VTEP MAC Address Next6Hop MAC Address 20#Bytes Dest.&IP Source&IP Header# Checksum Protocol#0x11#(UDP) IP#Header Misc.#Data 72 8 16 32 32 Dst RLOC IP Address Src RLOC IP Address 8"Bytes Checksum"0x0000 UDP"Length VXLAN&Port Source&Port 16 16 16 16 UDP&4789 Hash"of"inner"L2/L3/L4"headers"of"original"frame." Enables"entropy"for"ECMP"load"balancing. 8"Bytes Reserved VN#ID Segment#ID VXLAN"Flags"RRRRIRRR 8 16 24 8 Allows#16M# possible#VRFs Allows#64K# possible#SGTs VXLAN as a protocol had not even been invented when UADP 1.0 was designed … Yet UADP forwards VXLAN in hardware, at high performance in IOS-XE 16.3+ … thanks to Flexibility! in VXLAN is a complex protocol …
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP Unparalleled Functionality
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public GRE ERSPAN CAPWAP MPLS VXLAN VXLAN-GPE*, NSH*, and more… Current, and Possible Future, UADP Use Cases * Not Committed
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 9300 / 9400 / 9500 Enabled by UADP 2.0
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 First Generation of UADP ASIC Catalyst 3850 Copper Catalyst 3650 Catalyst SFP Fiber 1G/10G Ethernet 240G Stacking Capacity 6MB Packet Buffer 128 Bit Encryption 24K Netflow Records 56G Bandwidth First Flexible, Programmable ASIC designed for Campus
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 3850 Multigigabit Catalyst 3850 SFP+ Catalyst 3650 Multigigabit 1G/10G/40G Ethernet 240G Stacking Capacity 6MB x2 Packet Buffer 256 Bit MACSEC Encryption 24K x2 Netflow Records 160GE Bandwidth Catalyst 3650 Mini Dual Core Running @ 500MHz 1588 IEEE Enhanced Performance, Capabilities & Security UADP 1.1 First Generation of UADP ASIC with Enhancements
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 1.3B Transistors 1G/10G Ethernet 240G Stacking 24K Netflow 56G Bandwidth UADP 1.1 3B Transistors 1G/10G/40G Ethernet 160GE Bandwidth Dual Core 500MHz 1588 IEEE UADP 2.0 7.46B Transistors Up to 64K x2 Netflow Records Shared Lookup Up to 240GE Bandwidth Up to 2X to 4X Tables UADP – Programmable ASIC Family
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 1.3B Transistors UADP 1.1 3B Transistors UADP 2.0 7.46B Transistors One transistor for everyone in India … One transistor for everyone in India, China, US & Canada … One transistor for Everyone in the world! Or Looked At Another Way …
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 9300 Catalyst 9400 Catalyst 9500 Stackable Access Modular Access Fixed Aggregation Built on Cisco’s Innovative UADP ASIC & Open IOS-XE Catalyst 9000 Family Overview
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Up to 32MB Packet Buffer Up to 64K x2 Netflow RecordsEmbedded Microcontrollers Shared Lookup Up to 240GE Bandwidth Up to 384K Flex Counters Up to 2X to 4X forwarding + TCAM Universal Deployments Adaptable Tables Enhanced Scale/Buffering Multicore resource share Investment Protection Flexible Pipeline UADP 2.0 Next Generation of ASIC Innovation
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Stage #17 Flex Parser IGR Stage #.. Stage #.. Stage #2 Stage #1 Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Stage #8 Flex Parser EGR Stage #.. Stage #.. Stage #2 Stage #1 TCAM/ SRAM 17 Ingress Stages 8 Egress Stages Flex Parser 256 B Flex Parser 256 B Final Decision on Packet’s Future Final Decision on Packet’s Future Ingress Programmable Pipeline Egress Programmable Pipeline At each stage, 2 simultaneous lookups UADP 2.0 – Ingress and Egress Processing Stages, Detail
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Ingress Programmable Pipeline Punt Flex Parser IGR NF SPAN VXLAN L3/L2 FIB Lookup Table Lookup Table Lookup Table ACL MCast Lookup Table Lookup Table Lookup Table QOS Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table SPAN Flex Parser EGR Stage #.. Sec MPLS Policy Egress Programmable Pipeline TCAM/ SRAM Flexible Look up Tables (Shared Across Cores) Programmed to understand VXLAN Programmed to understand MPLS ASIC Micro Code Software Features VXLAN MPLS NG Protocol UADP 2.0 – Microcode Programs the Pipelines
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64 B Line Rate (Upto 240 Gbps) Up to 300 Mpps Switching Capacity Minimal added latency with Recirculation (1/2 us) Downlinks + Uplinks 64 B Frame BW – 56G/ASIC CPU Recirculation Expandable Recirculation BW UADP 2.0 – Performance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Table Sizes Can be Tailored to Support Multiple Use Cases Collapsed Core- WAN Template Aggregation Template Core-Border Template L3 & NAT Mix of L2/L3 Capabilities L3 & Cross Domain Policy Flexible ASIC Templates SRAM / TCAM § MAC § IPv4/IPv6 § VACL § PACL § RACL § SGACL § QoS § NAT § SPAN § CoPP Customized table size for each function based on the place in the network Client Scale Access-Edge Template SRAM FIB (48K) SGT (16K) IGMP (32K) Host (32K) MCAST (16K) MAC (80K) Internal Resources TCAM SEC ACL (18K) Tunnels (1K) NAT (2K) QoS ACL (18K) Others Internal ResourcesLISP (1K) SRAM TCAM FIB (64K) SGT (32K) IGMP (16K) Host (32K) MCAST (48K) MAC (32K) Internal Resources SEC ACL (18K) Tunnels (1K) NAT (16K) QoS ACL (3K) Others Internal Resources LISP (1K) Core-Border Template 64K 16K 32K 32K 48K 8K 64K Access-Edge Template UADP 2.0 Turns Catalyst 9000 into a Swiss Army Knife Flexible ASIC Table Allocations
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public What does all of this mean for me?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Programmable Hardware equals FLEXIBILITY ADAPTABILITY Enabling Network Evolution – a critical requirement for DNA
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Want to double- click? BRKARC-3467 Cisco Live US 2017, Las Vegas 90 minutes of awesome silicon geekery with Dave and Peter – this session, ++
Network Innovation – Leveraging Flexible Silicon for Encrypted Traffic Analytics (ETA)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Network Threats are Evolving to Leverage Encryption
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Providing Security While Maintaining Privacy! Encrypted Traffic Non-Encrypted Traffic How do you Analyze threats without decrypting traffic flows? Can We Actually Solve This?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public • End to end confidentiality • Channel integrity during inspection • Adapts with encryption standards Malware in Encrypted Traffic Is the payload within the TLS session malicious? Malware Detection and Visibility without Decryption • Audit for TLS policy violations • Passive detection of Ciphersuite vulnerabilities Cryptographic Compliance How much of my digital business uses strong encryption? Encrypted Traffic Analytics
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Initial Data Packet IPHeader TCPHeader TLS Header Ciphersuites TLS version SNI (Server Name) Initial Data Packet(s) Certificate Organization Issuer Issued Expires TLS field (in ClientHello) Inference Offered Cyphersuites Browsers prefer heavy weight and more secure encryption algorithms, Mobile applications prefer efficient encryption Extensions Client: I support crypto! Server: I support that crypto, and I’m me! Client: Take this secret and let’s encrypt! Server: Your secret looks good; let’s encrypt! Client/Server: encrypted data! Initial Data Packet (IDP)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public TimeFlow Start Sequence of Packet Lengths and Times Malware Behavior Network Behavior Communication with command control server Sequence of packet lengths Write to the disk Time interval between packet Sequence of Packet Lengths and Times (SPLT)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Bestafera Self-Signed Certificate Data Exfiltration C2 Message Google Search Initial Page Load Page Refresh Autocomplete Detecting Malware by Behavior IDP, SPLT, and Machine Learning
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Want to double- click? BRKCRS-1560 Cisco Live US 2017, Las Vegas Deep dive into what makes ETA tick – with Sarav Radhakrishnan, DE
Network Innovation – Leveraging Flexible Silicon for Software-Defined Access
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Separation of the Forwarding and Services Planes Overlay encapsulation Fabric Underlay is the Forwarding Plane • Connects Network Devices • Leverages existing topologies • Simple, best-practice deployment Fabric Overlay is the Services Plane • Connects Users and Devices • Leverages standard technologies • Address Independent End-to-End Policy Overlay control plane Underlay Overlay Employee Supplier Devices Cisco Flexible Silicon allows for Flexibility – Key to Supporting the Evolution to Network Fabrics DNA Flexible Infrastructure Supporting Fabric Evolution – and Software-Defined Access
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 1. Control-Plane based on LISP 2. Data-Plane based on VXLAN 3. Policy-Plane based on TrustSec Key Differences • L2 + L3 Overlay -vs- L2 or L3 Only • Host Mobility with Anycast Gateway • Adds VRF + SGT into Data-Plane • Virtual Tunnel Endpoints (No Static) • No Topology Limitations (Basic IP) SD-Access Components Quick Recap
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Automation App Policy Infra Control (APIC-EM) Identity & Policy Identity Services Engine (ISE) Assurance Network Data Platform (NDP) Employees Virtual Network Group 1 Group 2 IoT Virtual Network Group 3 Group 4 Contextual Visibility and Troubleshooting Policy Mobility with no Topology Dependence SD-Access Fabric Stretched Subnets SD-Access Solution At-a-Glance
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM ISE NDP § Control-Plane Nodes – Map System that manages Endpoint to Device relationships § Fabric Edge Nodes – A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric § Identity Services – External ID Systems (e.g. ISE) are leveraged for dynamic Endpoint to Group mapping and Policy definition § Fabric Border Nodes – A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric Identity Services Intermediate Nodes (Underlay) Fabric Border Nodes Fabric Edge Nodes § DNA Controller – Enterprise SDN Controller provides GUI management and abstraction via Service Apps, that share information DNA Controller § Analytics Engine – External Data Collectors (e.g. NDP) are leveraged to analyze Endpoint to App flows and monitor fabric status Analytics Engine C Control-Plane Nodes BB § Fabric Wireless Controller – A Fabric device (WLC) that connects Wireless Endpoints to the SDA Fabric Fabric Wireless Controller Campus Fabric A Strong Foundation, Enabled by Cisco Flexible Silicon! SD-Access Roles – Supported by Flexible Silicon
Monday (June 26) Tuesday (June 27) Wednesday (June 28) Thursday (June 29) 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:00 - 2:30 PM 4:00 - 5:30 PM TECCRS-2700 (1) Solution TECCRS-2700 (2) Solution BRKCRS-2811 (1) External Connect BRKCRS-2811 (2) External Connect BRKEWN-2020 Wireless BRKCRS-3811 Policy BRKCRS-2812 Migration BRKDCN-2489 DC Integration BRKCRS-2813 Monitor & T’shoot BRKCRS-2814 Assurance TECCRS-2700 80 SD-Access Cisco Live US 2017 – Sessions Map https://www.ciscolive.com/online/connect/search.ww
Summary – Cisco Flexible Silicon, A Strong Foundation for DNA
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Critical Role of Flexible Silicon
From the Hardware … … to the Software and Protocols, with Integrated Security … to the Whole Solution … Cisco Innovations – In Hardware, Software, and Solutions – Tie It All Together “From the Gates – to the GUI” Hardware, Software, and Solutions Innovation All the Way Up the Stack Integrated Security
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public https://vimeo.com/155635184 https://vimeo.com/205048279 Cisco Enterprise ASICs Discussion with Dave Zacks and Peter Jones Cisco Live Berlin 2016 Programmable ASICs for Cisco Catalyst Switches with Muhammad Imam Cisco Live Berlin 2017 http://www.cisco.com/c/m/en_us/training-events/events- webinars/webinars/techwise-tv/214-programmable-asics.html Cisco Flexible Silicon Want to Know More?
Thank you for watching!

Recomendados

Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...Cisco Russia
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics Robb Boyd
 
Cisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is nowCisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is nowCisco Canada
 
Accelerating incident response in organizations of any size
Accelerating incident response in organizations of any sizeAccelerating incident response in organizations of any size
Accelerating incident response in organizations of any sizeCisco Canada
 
Cisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Connect Toronto 2017 - Security Through The Eyes of a Hacker
Cisco Connect Toronto 2017 - Security Through The Eyes of a HackerCisco Canada
 
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...
Cisco Connect Toronto 2017 - Accelerating Incident Response in Organizations...Cisco Canada
 
Новая эра корпоративных сетей с Cisco Catalyst 9000 и другие инновации для ма...
Новая эра корпоративных сетей с Cisco Catalyst 9000 и другие инновации для ма...Новая эра корпоративных сетей с Cisco Catalyst 9000 и другие инновации для ма...
Новая эра корпоративных сетей с Cisco Catalyst 9000 и другие инновации для ма...Cisco Russia
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Canada
 

Mais conteúdo relacionado

Mais procurados

Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Canada
 
Cisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Canada
 
Brkarc 2035-cat-9 k
Brkarc 2035-cat-9 kBrkarc 2035-cat-9 k
Brkarc 2035-cat-9 knasiapsi
 
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Canada
 
Putting firepower into the next generation firewall
Putting firepower into the next generation firewallPutting firepower into the next generation firewall
Putting firepower into the next generation firewallCisco Canada
 
Cisco Catalyst 9000 Switching Family
Cisco Catalyst 9000 Switching FamilyCisco Catalyst 9000 Switching Family
Cisco Catalyst 9000 Switching FamilyMobeen Khan
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Canada
 
Cisco Connect Toronto 2018 dc-aci-anywhere
Cisco Connect Toronto 2018 dc-aci-anywhereCisco Connect Toronto 2018 dc-aci-anywhere
Cisco Connect Toronto 2018 dc-aci-anywhereCisco Canada
 
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simpleCisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simpleCisco Canada
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Canada
 
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Canada
 
Cisco Connect Halifax 2018 Accelerating incident response in organizations...
Cisco Connect Halifax 2018 Accelerating incident response in organizations...Cisco Connect Halifax 2018 Accelerating incident response in organizations...
Cisco Connect Halifax 2018 Accelerating incident response in organizations...Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Canada
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Canada
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Canada
 
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...Cisco Canada
 
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attackCisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attackCisco Canada
 
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...Cisco Canada
 
Cisco Connect Halifax 2018 Putting firepower into the next generation firewall
Cisco Connect Halifax 2018 Putting firepower into the next generation firewallCisco Connect Halifax 2018 Putting firepower into the next generation firewall
Cisco Connect Halifax 2018 Putting firepower into the next generation firewallCisco Canada
 
Enterprise-Grade Trust: Collaboration Without Compromise
Enterprise-Grade Trust: Collaboration Without CompromiseEnterprise-Grade Trust: Collaboration Without Compromise
Enterprise-Grade Trust: Collaboration Without CompromiseRobb Boyd
 

Mais procurados (20)

Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
 
Cisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of AttackCisco Connect Vancouver 2017 - Anatomy of Attack
Cisco Connect Vancouver 2017 - Anatomy of Attack
 
Brkarc 2035-cat-9 k
Brkarc 2035-cat-9 kBrkarc 2035-cat-9 k
Brkarc 2035-cat-9 k
 
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
 
Putting firepower into the next generation firewall
Putting firepower into the next generation firewallPutting firepower into the next generation firewall
Putting firepower into the next generation firewall
 
Cisco Catalyst 9000 Switching Family
Cisco Catalyst 9000 Switching FamilyCisco Catalyst 9000 Switching Family
Cisco Catalyst 9000 Switching Family
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
 
Cisco Connect Toronto 2018 dc-aci-anywhere
Cisco Connect Toronto 2018 dc-aci-anywhereCisco Connect Toronto 2018 dc-aci-anywhere
Cisco Connect Toronto 2018 dc-aci-anywhere
 
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simpleCisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simple
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
 
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
 
Cisco Connect Halifax 2018 Accelerating incident response in organizations...
Cisco Connect Halifax 2018 Accelerating incident response in organizations...Cisco Connect Halifax 2018 Accelerating incident response in organizations...
Cisco Connect Halifax 2018 Accelerating incident response in organizations...
 
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
 
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
 
Cisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attackCisco Connect Halifax 2018 Anatomy of attack
Cisco Connect Halifax 2018 Anatomy of attack
 
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...
Cisco Connect Ottawa 2018 data center - protecting your data with Cisco hyp...
 
Cisco Connect Halifax 2018 Putting firepower into the next generation firewall
Cisco Connect Halifax 2018 Putting firepower into the next generation firewallCisco Connect Halifax 2018 Putting firepower into the next generation firewall
Cisco Connect Halifax 2018 Putting firepower into the next generation firewall
 
Enterprise-Grade Trust: Collaboration Without Compromise
Enterprise-Grade Trust: Collaboration Without CompromiseEnterprise-Grade Trust: Collaboration Without Compromise
Enterprise-Grade Trust: Collaboration Without Compromise
 

Semelhante a Programmable ASICs Key to Hardware Innovation in SDN Era

Cisco Digital Network Architecture Deeper Dive From The Gates To The Gui
Cisco Digital Network Architecture Deeper Dive From The Gates To The GuiCisco Digital Network Architecture Deeper Dive From The Gates To The Gui
Cisco Digital Network Architecture Deeper Dive From The Gates To The GuiCisco Canada
 
Cisco Connect 2018 Philippines - software-defined access-a transformational ...
Cisco Connect 2018 Philippines - software-defined access-a transformational ... Cisco Connect 2018 Philippines - software-defined access-a transformational ...
Cisco Connect 2018 Philippines - software-defined access-a transformational ...NetworkCollaborators
 
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Canada
 
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...Nur Shiqim Chok
 
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...NetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...Nur Shiqim Chok
 
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...Nur Shiqim Chok
 
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...NetworkCollaborators
 
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...NetworkCollaborators
 
Cisco Connect 2018 Vietnam - Cisco meraki
Cisco Connect 2018 Vietnam - Cisco meraki Cisco Connect 2018 Vietnam - Cisco meraki
Cisco Connect 2018 Vietnam - Cisco meraki NetworkCollaborators
 
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...Nur Shiqim Chok
 
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...Nur Shiqim Chok
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessCisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessNetworkCollaborators
 
Elastic Cloud Enterprise @ Cisco
Elastic Cloud Enterprise @ CiscoElastic Cloud Enterprise @ Cisco
Elastic Cloud Enterprise @ CiscoElasticsearch
 
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...Cisco Software Defined Access - новая архитектура для корпоративных кампусных...
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...Cisco Russia
 
How to be a Network Engineer in a Programmable Age
How to be a Network Engineer in a Programmable AgeHow to be a Network Engineer in a Programmable Age
How to be a Network Engineer in a Programmable AgeHank Preston
 
Convert Altera Xilinx FPGA to BaySand mcFPGA
Convert Altera Xilinx FPGA to BaySand mcFPGAConvert Altera Xilinx FPGA to BaySand mcFPGA
Convert Altera Xilinx FPGA to BaySand mcFPGAEBBM, Inc.
 
Cisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutCisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutSarmad Ibrahim
 
IPv6IntegrationBestPracticesfinal.pdf
IPv6IntegrationBestPracticesfinal.pdfIPv6IntegrationBestPracticesfinal.pdf
IPv6IntegrationBestPracticesfinal.pdfCPUHogg
 

Semelhante a Programmable ASICs Key to Hardware Innovation in SDN Era (20)

Cisco Digital Network Architecture Deeper Dive From The Gates To The Gui
Cisco Digital Network Architecture Deeper Dive From The Gates To The GuiCisco Digital Network Architecture Deeper Dive From The Gates To The Gui
Cisco Digital Network Architecture Deeper Dive From The Gates To The Gui
 
Cisco Connect 2018 Philippines - software-defined access-a transformational ...
Cisco Connect 2018 Philippines - software-defined access-a transformational ... Cisco Connect 2018 Philippines - software-defined access-a transformational ...
Cisco Connect 2018 Philippines - software-defined access-a transformational ...
 
ISE-CiscoLive.pdf
ISE-CiscoLive.pdfISE-CiscoLive.pdf
ISE-CiscoLive.pdf
 
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
 
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
[Cisco Connect 2018 - Vietnam] 2. lam doan software-defined access-a transf...
 
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
Cisco Connect 2018 Vietnam - Software-defined access-a transformational appro...
 
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
[Cisco Connect 2018 - Vietnam] Lam doan software-defined access-a transform...
 
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...
[Cisco Connect 2018 - Vietnam] Cisco connect 2018 sanjay - cisco sda v1.0-h...
 
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...
Cisco Connect 2018 Indonesia - software-defined access-a transformational ap...
 
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...
Cisco Connect 2018 Malaysia - software-defined access-a transformational appr...
 
Cisco Connect 2018 Vietnam - Cisco meraki
Cisco Connect 2018 Vietnam - Cisco meraki Cisco Connect 2018 Vietnam - Cisco meraki
Cisco Connect 2018 Vietnam - Cisco meraki
 
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...
[Cisco Connect 2018 - Vietnam] Jeff chua hn - print - cisco connect 2018 (ha...
 
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...
[Cisco Connect 2018 - Vietnam] Jeff chua hcm print - cisco connect 2018 (hc...
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessCisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined Access
 
Elastic Cloud Enterprise @ Cisco
Elastic Cloud Enterprise @ CiscoElastic Cloud Enterprise @ Cisco
Elastic Cloud Enterprise @ Cisco
 
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...Cisco Software Defined Access - новая архитектура для корпоративных кампусных...
Cisco Software Defined Access - новая архитектура для корпоративных кампусных...
 
How to be a Network Engineer in a Programmable Age
How to be a Network Engineer in a Programmable AgeHow to be a Network Engineer in a Programmable Age
How to be a Network Engineer in a Programmable Age
 
Convert Altera Xilinx FPGA to BaySand mcFPGA
Convert Altera Xilinx FPGA to BaySand mcFPGAConvert Altera Xilinx FPGA to BaySand mcFPGA
Convert Altera Xilinx FPGA to BaySand mcFPGA
 
Cisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutCisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handout
 
IPv6IntegrationBestPracticesfinal.pdf
IPv6IntegrationBestPracticesfinal.pdfIPv6IntegrationBestPracticesfinal.pdf
IPv6IntegrationBestPracticesfinal.pdf
 

Mais de Robb Boyd

TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...
TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...
TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...Robb Boyd
 
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design Considerations
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design ConsiderationsTechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design Considerations
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design ConsiderationsRobb Boyd
 
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6Robb Boyd
 
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...Robb Boyd
 
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6Robb Boyd
 
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series Switches
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series SwitchesTechWiseTV Workshop: Application Hosting on Catalyst 9000 Series Switches
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series SwitchesRobb Boyd
 
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security Robb Boyd
 
Technical Overview of Cisco Catalyst 9200 Series Switches
Technical Overview of Cisco Catalyst 9200 Series SwitchesTechnical Overview of Cisco Catalyst 9200 Series Switches
Technical Overview of Cisco Catalyst 9200 Series SwitchesRobb Boyd
 
The Enhanced Cisco Container Platform
The Enhanced Cisco Container PlatformThe Enhanced Cisco Container Platform
The Enhanced Cisco Container PlatformRobb Boyd
 
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlex
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlexTechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlex
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlexRobb Boyd
 
TechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN SecurityTechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN SecurityRobb Boyd
 
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless Controller
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless ControllerTechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless Controller
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless ControllerRobb Boyd
 
Protect Kubernetes Environments with Cisco Stealthwatch Cloud
Protect Kubernetes Environments with Cisco Stealthwatch CloudProtect Kubernetes Environments with Cisco Stealthwatch Cloud
Protect Kubernetes Environments with Cisco Stealthwatch CloudRobb Boyd
 
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIs
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIsIncredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIs
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIsRobb Boyd
 
Infrastructure Solutions for Deploying AI/ML/DL Workloads at Scale
Infrastructure Solutions for Deploying AI/ML/DL Workloads at ScaleInfrastructure Solutions for Deploying AI/ML/DL Workloads at Scale
Infrastructure Solutions for Deploying AI/ML/DL Workloads at ScaleRobb Boyd
 
TechWiseTV Workshop Q&A: Cisco UCS C4200
TechWiseTV Workshop Q&A: Cisco UCS C4200TechWiseTV Workshop Q&A: Cisco UCS C4200
TechWiseTV Workshop Q&A: Cisco UCS C4200Robb Boyd
 
TechWiseTV Workshop: Cisco UCS C4200
TechWiseTV Workshop: Cisco UCS C4200TechWiseTV Workshop: Cisco UCS C4200
TechWiseTV Workshop: Cisco UCS C4200Robb Boyd
 
TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 Robb Boyd
 
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google CloudTechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google CloudRobb Boyd
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANRobb Boyd
 

Mais de Robb Boyd (20)

TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...
TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...
TechWiseTV Workshop - Q&A - Cisco Catalyst 9600: Deep Dive and Design Conside...
 
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design Considerations
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design ConsiderationsTechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design Considerations
TechWiseTV Workshop: Cisco Catalyst 9600: Deep Dive and Design Considerations
 
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop - Q&A - Cisco Catalyst 9100 Access Points for Wi-Fi 6
 
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...
TechWiseTV Workshop - Q&A - Application Hosting on the Cisco Catalyst 9000 Sw...
 
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6
TechWiseTV Workshop: Cisco Catalyst 9100 Access Points for Wi-Fi 6
 
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series Switches
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series SwitchesTechWiseTV Workshop: Application Hosting on Catalyst 9000 Series Switches
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series Switches
 
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security
TechWiseTV Workshop 314 - Q&A Cisco SD-WAN Security
 
Technical Overview of Cisco Catalyst 9200 Series Switches
Technical Overview of Cisco Catalyst 9200 Series SwitchesTechnical Overview of Cisco Catalyst 9200 Series Switches
Technical Overview of Cisco Catalyst 9200 Series Switches
 
The Enhanced Cisco Container Platform
The Enhanced Cisco Container PlatformThe Enhanced Cisco Container Platform
The Enhanced Cisco Container Platform
 
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlex
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlexTechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlex
TechWiseTV Workshop: Improving Performance and Agility with Cisco HyperFlex
 
TechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN SecurityTechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN Security
 
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless Controller
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless ControllerTechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless Controller
TechWiseTV Workshop: Cisco Catalyst 9800 Series Wireless Controller
 
Protect Kubernetes Environments with Cisco Stealthwatch Cloud
Protect Kubernetes Environments with Cisco Stealthwatch CloudProtect Kubernetes Environments with Cisco Stealthwatch Cloud
Protect Kubernetes Environments with Cisco Stealthwatch Cloud
 
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIs
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIsIncredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIs
Incredible Compute Density: Cisco DNA Center Platform: Digging Deeper with APIs
 
Infrastructure Solutions for Deploying AI/ML/DL Workloads at Scale
Infrastructure Solutions for Deploying AI/ML/DL Workloads at ScaleInfrastructure Solutions for Deploying AI/ML/DL Workloads at Scale
Infrastructure Solutions for Deploying AI/ML/DL Workloads at Scale
 
TechWiseTV Workshop Q&A: Cisco UCS C4200
TechWiseTV Workshop Q&A: Cisco UCS C4200TechWiseTV Workshop Q&A: Cisco UCS C4200
TechWiseTV Workshop Q&A: Cisco UCS C4200
 
TechWiseTV Workshop: Cisco UCS C4200
TechWiseTV Workshop: Cisco UCS C4200TechWiseTV Workshop: Cisco UCS C4200
TechWiseTV Workshop: Cisco UCS C4200
 
TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000
 
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google CloudTechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google Cloud
TechWiseTV Workshop: Q&A Cisco Hybrid Cloud Platform for Google Cloud
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WAN
 

Último

UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 

Último (20)

UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 

Programmable ASICs Key to Hardware Innovation in SDN Era

  • 1. Programmable ASICs: Why Hardware Matters in the Age of SDN and Virtualization Special Guests: September 13th, 2017 Peter Jones | Principal Engineer, Enterprise Networks Dave Zacks | Distinguished Engineer, Enterprise Networks
  • 2. Dave is a Distinguished System Engineer, and has been with Cisco for 17 years. As a DSE within the Enterprise Networks Architecture team, Dave works primarily on capabilities and solutions that are anywhere from 12 to 36+ months out, helping to define these projects and then assisting as they progress towards and through design, development, and solution introduction. Dave has a strong background in, and focus on, customer requirements, and integrating these into the products and solutions Cisco builds. Dave has a special interest in Flexible Hardware and Fabric architectures. Dave Zacks Distinguished System Engineer dzacks@cisco.com @DaveZacks By Way of Introduction …
  • 3. Peter Jones Principal Engineer petejone@cisco.com @petergjones By Way of Introduction … Peter is a Software Principal Engineer, and has been with Cisco for over 10 years. Peter works on System Architecture (ASIC, hardware & software) for Cisco Campus switching, with extensive experience with the Catalyst 3850 / 3650 platform as well as the UADP ASIC. As well, Peter is heavily involved in the standardization of 2.5G / 5G BASE-T Ethernet as NBASE-T Alliance chair and in IEEE 802.3.
  • 5. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Innovation in the network
  • 6. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Source: Forrester Source: Open Compute Project Time IT spends on operations80% CEOs are worried about IT strategy not supporting business growth57% Network Expenses Deployment Speed 0 10 100 1000 Computing Networking Seconds 0 100% CAPEX OPEX 33% 67% The Need for Agility Changing Enterprise Requirements © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
  • 7. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Advanced Persistent Threats Devices per Person 3.64 Mobile world requires access to everything everywhere Mobility Devices per Admin 100K Agility and New Consumption Models Cloud IoT Things Connected 7.5BUnmanned devices growing at rapid pace Enterprise Trends Driving Digital Transformation
  • 8. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Users, Device and IOT Segmentation Enabling Seamless Mobility Secure Connectivity to the Cloud Setting Up End-End Security VLAN 1 VLAN 2 VLAN 3 WAN Branch A VLAN 1 Branch A VLAN 3 Remote VLAN 2 HQ ACL 1 ACL 2 ACL 2 ACL 3 Traditional Networks Cannot Meet the Demand
  • 9. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Security Automation Analytics Virtualization Cloud Service Management Programmable Physical and Virtual infrastructure Principles Insights and Experiences Automation and Assurance Security and Compliance Open API Driven ProgrammableSD-Access and Assurance Catalyst 9000 DNA Center Encrypted Traffic Analytics Software Subscription Licensing | DNA Advisory, Technical, Support Services Cisco Digital Network Architecture Overview
  • 10. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
  • 11. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public You Need a Network that Drives Your Digital Business Hardware Centric Flexible Hardware, Software Driven Manual Automated Piecemeal Security Integrated Security Network Monitoring Analytics & Insights Traditional Network Digital-Ready Network Cisco is Rewriting the Network Playbook
  • 12. Visibility into traffic and threat patterns Who, What, When, Where, How Translate Business Intent to Network Policy Automate the management and provisioning millions of devices instantly NETWORK. INTUITIVE. THE Machine learning at scale to provide increasing intelligence Predictive performance and assurance The more you use, the wiser it gets Built on Cisco DNA
  • 14. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public EISG Architecture Team David Goeckeler Cisco SVP, Security and Networking Cisco Live Las Vegas 2016 Innovation in the network ASICs are a pillar of Cisco innovation …
  • 15. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Let’s Talk About ASICs
  • 16. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public What is an ASIC? “An Application Specific Integrated Circuit is an integrated circuit customized for a particular use, rather than intended for general purpose use…”
  • 17. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why talk ASICs?
  • 18. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Created and Worn by TAM DELL’ORO @DellOrorGroup CLUS 2017
  • 19. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Advanced, Multi-Core, Feature-Rich Routing Silicon QFP QuantumFlow Processor Fully Programmable Scalable Advanced on-chip QoS Secure Extensible Architecture Operational Uniformity New Foundational Capabilities Speed of Innovation Velocity Foundation for Virtualization Platform for the Future IOS-XE The Evolution of IOS Taking the Proven Strengths of IOS to the Next Level UADP Unified Access Data Plane Flexible, Programmable, High-Performance Switching Silicon Fully Programmable Scalable Advanced on-chip QoS Secure Extensible Architecture “People that are really serious about software should build their own hardware” 100% Cisco-developed Flexible Silicon – Unlocking the Power of DNA at Hardware Speeds Hardware and Software Building on a Strong Foundation
  • 21. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public How is an ASIC built?
  • 22. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Then, it starts with coding… Verilog VHDL Synthesis Process Converts code into logical gate constructs (Netlist) ASICs – From Definition to Deployment
  • 23. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Then, it starts with coding… Verilog VHDL Synthesis Process Converts code into logical gate constructs (Netlist) Floor planning Floor Planning & Placement Arrange and interconnect constructs, connect power, minimize crosstalk, etc… ASICs – From Definition to Deployment
  • 24. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Imprint design on Silicon Wafer
  • 25. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Discrete transistor MOSFET (metal oxide semiconductor field effect transistor) FinFET (fin field effect transistor) NAND gate NOR Gate Universal Gates XOR Gate AND Gate OR Gate NOT Gate XNOR Gate … which can be used to build any of the other logic gates … … mostly used @ 22nm and above … mostly used @ 16nm and below … which, when we put millions of them together on a silicon die, produce a chip!
  • 26. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Discrete transistor MOSFET (metal oxide semiconductor field effect transistor) FinFET (fin field effect transistor) NAND gate NOR Gate Universal Gates XOR Gate AND Gate OR Gate NOT Gate XNOR Gate … which can be used to build any of the other logic gates … … mostly used @ 28nm and above … mostly used @ 22nm and below UADP 1.1 191M gates UADP 2.0 270M gates Catalyst 3850 mGig Catalyst 9300, 9400, 9500
  • 27. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public We put a man here … … using this … Apollo Guidance Computer … which was built from nothing but that … 4100 ICs, each of which contained a single 3-input NOR gate In other words … we put a man on the moon with less than 10,000 transistors … It takes 7.46 billion transistors to route your packets! With the appropriate security, segmentation, QoS, encryption, fragmentation, etc, etc … Fun Fact!
  • 28. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public We are talking transistors… and how many we can pack in an ASIC die … “The number of transistors incorporated into a chip will approximately double every 18 - 24 months …” “Moore’s Law” - 1975 Transistor Width measured in Nanometers Nanometer = One Billionth of a Meter
  • 29. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public A human hair is ~100,000 nanometers in width A Perspective
  • 30. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Red blood cell (7,000 nm) rises to 10th floor Empire State Building = 1454 feet to tip = 443 meters ONE NANOMETER – less than 1/4th of an inch! … about the same thickness as three pennies on this scale … … and we build transistors measured in nanometers … How SMALL is SMALL? Single human hair ~ 100,000 nm … and then we come to this little pinprick over here …
  • 31. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Use of smaller technology leads to benefits … Lower Price Lower Power Higher Performance
  • 32. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
  • 33. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ASIC Re-Spin (if needed)
  • 35. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why Does Cisco Develop Our Own Silicon?
  • 36. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Why Does Cisco Develop Our Own Silicon? Simpler Deployment Options Better Insight and Optimization Increased Security Most Appropriate Scalability Flexibility and Investment Protection via Programmability
  • 37. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Traditionally the ASIC processing pipeline is FIXEDIPv4 IPv6 Traditional Fixed ASIC Processing Pipeline
  • 38. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public … and has challenges handling NEW PROTOCOLS … MPLS Traditional Fixed ASIC Processing Pipeline
  • 39. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flexibility in Networking … … disconnect with traditional fixed ASIC processing …. Evolution of Business Industry Trends – SDN
  • 40. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
  • 41. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public So where can Flexible ASICs help us? The Big Question …
  • 42. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public DNA Flexible Infrastructure – Programmable ASIC Silicon
  • 43. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flex Rewrite Programmable ASICs deliver FLEXIBILITY … Flex Parser Flexible, Programmable Processing Pipeline GRE If IPv7 were invented tomorrow … ... we could probably handle it via the Programmable Pipeline! Flex Counters Stage 1 Stage 2 Stage 3 Stage n IPv4 IPv6 VXLAN MPLS IPv7 Flexible ASIC Processing Pipeline
  • 44. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Flex Rewrite Flex Parser Programmable ASICs provide support for TUNNELLING …IPv4 … a task at which Cisco’s Programmable, Flexible ASICs excel! Tunnelled traffic requires RECIRCULATION … IPv4VXLAN High-performance, low-latency recirculation path … Flex Counters Flexible, Programmable Processing Pipeline Stage 1 Stage 2 Stage 3 Stage n Flexible ASIC Processing Pipeline
  • 45. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 3550 Circa 2003 60M transistors 47,226 lines of code Catalyst 3750 Circa 2008 210M transistors 86,220 lines of code Catalyst 3850 Circa 2013 1300M transistors (Latest version: 3 BILLLION transistors) 1,490,000 lines of code Catalyst 9300 / 9400 / 9500 – 2017 New! UADP 2.0: 7.46B transistors! 2,160,000 lines of code All Cisco-developed silicon Driving the benefits of vertical integration – Hardware and software working together! Just like some other famous examples … ASICs – From Definition to Deployment
  • 47. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Latest version – 7.46 BILLION transistors
  • 48. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
  • 49. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Parse depth of 256 Bytes 15 programmable stages Up to 250 frames across stages at one time…Ability to handle current and future protocols – extremely flexible and capable Excellent for encapsulations, which often need recirculation UADP provides an unparalleled degree of Flexibility in an Access Switch UADP Designed for Flexibility
  • 50. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Parse depth of 256 Bytes 15 programmable stages Up to 250 frames across stages at one time… Underlay Outer,IP,Header Outer,MAC,Header UDP$Header VXLAN$Header Overlay Inner,(Original),IP,Header Original,Payload Inner,(Original),MAC,Header 14#Bytes (4#Bytes#Optional) Ether# Type 0x0800 VLAN#ID VLAN#Type 0x8100 Source'MAC Dest.'MAC 48 48 16 16 16 Src VTEP MAC Address Next6Hop MAC Address 20#Bytes Dest.&IP Source&IP Header# Checksum Protocol#0x11#(UDP) IP#Header Misc.#Data 72 8 16 32 32 Dst RLOC IP Address Src RLOC IP Address 8"Bytes Checksum"0x0000 UDP"Length VXLAN&Port Source&Port 16 16 16 16 UDP&4789 Hash"of"inner"L2/L3/L4"headers"of"original"frame." Enables"entropy"for"ECMP"load"balancing. 8"Bytes Reserved VN#ID Segment#ID VXLAN"Flags"RRRRIRRR 8 16 24 8 Allows#16M# possible#VRFs Allows#64K# possible#SGTs VXLAN as a protocol had not even been invented when UADP 1.0 was designed … Yet UADP forwards VXLAN in hardware, at high performance in IOS-XE 16.3+ … thanks to Flexibility! in VXLAN is a complex protocol …
  • 51. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP Unparalleled Functionality
  • 52. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public GRE ERSPAN CAPWAP MPLS VXLAN VXLAN-GPE*, NSH*, and more… Current, and Possible Future, UADP Use Cases * Not Committed
  • 53. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 9300 / 9400 / 9500 Enabled by UADP 2.0
  • 54. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 First Generation of UADP ASIC Catalyst 3850 Copper Catalyst 3650 Catalyst SFP Fiber 1G/10G Ethernet 240G Stacking Capacity 6MB Packet Buffer 128 Bit Encryption 24K Netflow Records 56G Bandwidth First Flexible, Programmable ASIC designed for Campus
  • 55. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 3850 Multigigabit Catalyst 3850 SFP+ Catalyst 3650 Multigigabit 1G/10G/40G Ethernet 240G Stacking Capacity 6MB x2 Packet Buffer 256 Bit MACSEC Encryption 24K x2 Netflow Records 160GE Bandwidth Catalyst 3650 Mini Dual Core Running @ 500MHz 1588 IEEE Enhanced Performance, Capabilities & Security UADP 1.1 First Generation of UADP ASIC with Enhancements
  • 56. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 1.3B Transistors 1G/10G Ethernet 240G Stacking 24K Netflow 56G Bandwidth UADP 1.1 3B Transistors 1G/10G/40G Ethernet 160GE Bandwidth Dual Core 500MHz 1588 IEEE UADP 2.0 7.46B Transistors Up to 64K x2 Netflow Records Shared Lookup Up to 240GE Bandwidth Up to 2X to 4X Tables UADP – Programmable ASIC Family
  • 57. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public UADP 1.0 1.3B Transistors UADP 1.1 3B Transistors UADP 2.0 7.46B Transistors One transistor for everyone in India … One transistor for everyone in India, China, US & Canada … One transistor for Everyone in the world! Or Looked At Another Way …
  • 58. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Catalyst 9300 Catalyst 9400 Catalyst 9500 Stackable Access Modular Access Fixed Aggregation Built on Cisco’s Innovative UADP ASIC & Open IOS-XE Catalyst 9000 Family Overview
  • 59. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Up to 32MB Packet Buffer Up to 64K x2 Netflow RecordsEmbedded Microcontrollers Shared Lookup Up to 240GE Bandwidth Up to 384K Flex Counters Up to 2X to 4X forwarding + TCAM Universal Deployments Adaptable Tables Enhanced Scale/Buffering Multicore resource share Investment Protection Flexible Pipeline UADP 2.0 Next Generation of ASIC Innovation
  • 60. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Stage #17 Flex Parser IGR Stage #.. Stage #.. Stage #2 Stage #1 Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Stage #8 Flex Parser EGR Stage #.. Stage #.. Stage #2 Stage #1 TCAM/ SRAM 17 Ingress Stages 8 Egress Stages Flex Parser 256 B Flex Parser 256 B Final Decision on Packet’s Future Final Decision on Packet’s Future Ingress Programmable Pipeline Egress Programmable Pipeline At each stage, 2 simultaneous lookups UADP 2.0 – Ingress and Egress Processing Stages, Detail
  • 61. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Ingress Programmable Pipeline Punt Flex Parser IGR NF SPAN VXLAN L3/L2 FIB Lookup Table Lookup Table Lookup Table ACL MCast Lookup Table Lookup Table Lookup Table QOS Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table Lookup Table SPAN Flex Parser EGR Stage #.. Sec MPLS Policy Egress Programmable Pipeline TCAM/ SRAM Flexible Look up Tables (Shared Across Cores) Programmed to understand VXLAN Programmed to understand MPLS ASIC Micro Code Software Features VXLAN MPLS NG Protocol UADP 2.0 – Microcode Programs the Pipelines
  • 62. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64 B Line Rate (Upto 240 Gbps) Up to 300 Mpps Switching Capacity Minimal added latency with Recirculation (1/2 us) Downlinks + Uplinks 64 B Frame BW – 56G/ASIC CPU Recirculation Expandable Recirculation BW UADP 2.0 – Performance
  • 63. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Table Sizes Can be Tailored to Support Multiple Use Cases Collapsed Core- WAN Template Aggregation Template Core-Border Template L3 & NAT Mix of L2/L3 Capabilities L3 & Cross Domain Policy Flexible ASIC Templates SRAM / TCAM § MAC § IPv4/IPv6 § VACL § PACL § RACL § SGACL § QoS § NAT § SPAN § CoPP Customized table size for each function based on the place in the network Client Scale Access-Edge Template SRAM FIB (48K) SGT (16K) IGMP (32K) Host (32K) MCAST (16K) MAC (80K) Internal Resources TCAM SEC ACL (18K) Tunnels (1K) NAT (2K) QoS ACL (18K) Others Internal ResourcesLISP (1K) SRAM TCAM FIB (64K) SGT (32K) IGMP (16K) Host (32K) MCAST (48K) MAC (32K) Internal Resources SEC ACL (18K) Tunnels (1K) NAT (16K) QoS ACL (3K) Others Internal Resources LISP (1K) Core-Border Template 64K 16K 32K 32K 48K 8K 64K Access-Edge Template UADP 2.0 Turns Catalyst 9000 into a Swiss Army Knife Flexible ASIC Table Allocations
  • 64. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public What does all of this mean for me?
  • 65. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Programmable Hardware equals FLEXIBILITY ADAPTABILITY Enabling Network Evolution – a critical requirement for DNA
  • 66. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Want to double- click? BRKARC-3467 Cisco Live US 2017, Las Vegas 90 minutes of awesome silicon geekery with Dave and Peter – this session, ++
  • 68. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Network Threats are Evolving to Leverage Encryption
  • 69. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Providing Security While Maintaining Privacy! Encrypted Traffic Non-Encrypted Traffic How do you Analyze threats without decrypting traffic flows? Can We Actually Solve This?
  • 70. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public • End to end confidentiality • Channel integrity during inspection • Adapts with encryption standards Malware in Encrypted Traffic Is the payload within the TLS session malicious? Malware Detection and Visibility without Decryption • Audit for TLS policy violations • Passive detection of Ciphersuite vulnerabilities Cryptographic Compliance How much of my digital business uses strong encryption? Encrypted Traffic Analytics
  • 71. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Initial Data Packet IPHeader TCPHeader TLS Header Ciphersuites TLS version SNI (Server Name) Initial Data Packet(s) Certificate Organization Issuer Issued Expires TLS field (in ClientHello) Inference Offered Cyphersuites Browsers prefer heavy weight and more secure encryption algorithms, Mobile applications prefer efficient encryption Extensions Client: I support crypto! Server: I support that crypto, and I’m me! Client: Take this secret and let’s encrypt! Server: Your secret looks good; let’s encrypt! Client/Server: encrypted data! Initial Data Packet (IDP)
  • 72. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public TimeFlow Start Sequence of Packet Lengths and Times Malware Behavior Network Behavior Communication with command control server Sequence of packet lengths Write to the disk Time interval between packet Sequence of Packet Lengths and Times (SPLT)
  • 73. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Bestafera Self-Signed Certificate Data Exfiltration C2 Message Google Search Initial Page Load Page Refresh Autocomplete Detecting Malware by Behavior IDP, SPLT, and Machine Learning
  • 74. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Want to double- click? BRKCRS-1560 Cisco Live US 2017, Las Vegas Deep dive into what makes ETA tick – with Sarav Radhakrishnan, DE
  • 76. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Separation of the Forwarding and Services Planes Overlay encapsulation Fabric Underlay is the Forwarding Plane • Connects Network Devices • Leverages existing topologies • Simple, best-practice deployment Fabric Overlay is the Services Plane • Connects Users and Devices • Leverages standard technologies • Address Independent End-to-End Policy Overlay control plane Underlay Overlay Employee Supplier Devices Cisco Flexible Silicon allows for Flexibility – Key to Supporting the Evolution to Network Fabrics DNA Flexible Infrastructure Supporting Fabric Evolution – and Software-Defined Access
  • 77. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 1. Control-Plane based on LISP 2. Data-Plane based on VXLAN 3. Policy-Plane based on TrustSec Key Differences • L2 + L3 Overlay -vs- L2 or L3 Only • Host Mobility with Anycast Gateway • Adds VRF + SGT into Data-Plane • Virtual Tunnel Endpoints (No Static) • No Topology Limitations (Basic IP) SD-Access Components Quick Recap
  • 78. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Automation App Policy Infra Control (APIC-EM) Identity & Policy Identity Services Engine (ISE) Assurance Network Data Platform (NDP) Employees Virtual Network Group 1 Group 2 IoT Virtual Network Group 3 Group 4 Contextual Visibility and Troubleshooting Policy Mobility with no Topology Dependence SD-Access Fabric Stretched Subnets SD-Access Solution At-a-Glance
  • 79. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM ISE NDP § Control-Plane Nodes – Map System that manages Endpoint to Device relationships § Fabric Edge Nodes – A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric § Identity Services – External ID Systems (e.g. ISE) are leveraged for dynamic Endpoint to Group mapping and Policy definition § Fabric Border Nodes – A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric Identity Services Intermediate Nodes (Underlay) Fabric Border Nodes Fabric Edge Nodes § DNA Controller – Enterprise SDN Controller provides GUI management and abstraction via Service Apps, that share information DNA Controller § Analytics Engine – External Data Collectors (e.g. NDP) are leveraged to analyze Endpoint to App flows and monitor fabric status Analytics Engine C Control-Plane Nodes BB § Fabric Wireless Controller – A Fabric device (WLC) that connects Wireless Endpoints to the SDA Fabric Fabric Wireless Controller Campus Fabric A Strong Foundation, Enabled by Cisco Flexible Silicon! SD-Access Roles – Supported by Flexible Silicon
  • 80. Monday (June 26) Tuesday (June 27) Wednesday (June 28) Thursday (June 29) 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:30 - 3:30 PM 4:00 - 5:30 PM 8:00–10:00 AM 1:00 - 2:30 PM 4:00 - 5:30 PM TECCRS-2700 (1) Solution TECCRS-2700 (2) Solution BRKCRS-2811 (1) External Connect BRKCRS-2811 (2) External Connect BRKEWN-2020 Wireless BRKCRS-3811 Policy BRKCRS-2812 Migration BRKDCN-2489 DC Integration BRKCRS-2813 Monitor & T’shoot BRKCRS-2814 Assurance TECCRS-2700 80 SD-Access Cisco Live US 2017 – Sessions Map https://www.ciscolive.com/online/connect/search.ww
  • 82. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Critical Role of Flexible Silicon
  • 83. From the Hardware … … to the Software and Protocols, with Integrated Security … to the Whole Solution … Cisco Innovations – In Hardware, Software, and Solutions – Tie It All Together “From the Gates – to the GUI” Hardware, Software, and Solutions Innovation All the Way Up the Stack Integrated Security
  • 84. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public https://vimeo.com/155635184 https://vimeo.com/205048279 Cisco Enterprise ASICs Discussion with Dave Zacks and Peter Jones Cisco Live Berlin 2016 Programmable ASICs for Cisco Catalyst Switches with Muhammad Imam Cisco Live Berlin 2017 http://www.cisco.com/c/m/en_us/training-events/events- webinars/webinars/techwise-tv/214-programmable-asics.html Cisco Flexible Silicon Want to Know More?
  • 85. Thank you for watching!