Sign In Register
2G/3G/4G
5G & Beyond
6G
AI/Automation
Broadband
Fixed Wireless Access FTTX Wi-Fi
Cable Tech
10G DOCSIS CCAP Cable Business Services The Bauminator
Climate Change
Digital Divide
Digital Infrastructure
Any Haul/X-Haul DCI
IoT
Open RAN
Optical/IP
Routing/Switching
OSS/BSS/CX
Private Networks
Regulatory/Politics
Satellite
SD-WAN
Security
Semiconductors/Network platforms
Service Provider Cloud
Services
Test & Measurement
The Core
The Edge
Video/Media
Regions
Asia Africa Europe India Middle East
Industry Show News
MWC Insider Guide Big 5G Event
Events
RAN Evolution Digital SymposiumAPAC Digital SymposiumThe Programmable Telco Digital SymposiumBig 5G EventSoftware unhEATS the World Digital Symposium
Events Archives
Digital Event Archives Edge Computing Digital Symposium Cable Next-Gen Technologies & Strategies Digital Divide Digital Symposium
Microsites
White Papers
Leaders In:
Leaders In Edge Leaders In Pluggable Optics Leaders In Cloud Leaders In 5G Orchestration
Heavy Reading Analysts
Market Leader Programs
Cloud Native 5G Core Operator Survey Bridging the Digital Divide 5G Network Slicing Operator Survey Open, Automated & Programmable Transport 5G Transport: A 2021 Heavy Reading Survey The Journey to Cloud Native Coherent Optics at 400G, 800G, and Beyond
Webinars
Upcoming Webinars Archived Webinars 5G Webinars Live Learning Webinars
Light Reading Video
Telecom Innovators Showcase
Light Reading Audio
Light Reading Podcast Executive Spotlight Q&A
Communities
The 5G Exchange LR Asia Broadband World News Connecting Africa Telecoms.com Women In Comms
News & Views Events Leading Lights Awards About Us Advertise With Us Newsletter Signup
x
Newsletter Signup Sign In Register
Automation

The Anatomy of Automation: Q&A With Cisco's Roland Acra

From the Founder
Automating the data center

SS: How have you gone about bringing automation to life inside the data center?

RA: The first manifestation of automation in the data center was Cisco's Application Centric Infrastructure (ACI) intent-based networking framework. Before ACI we built things like network forwarding paradigms, access control and policy implementations around this static view of where the applications were on the network. You knew that behind this Ethernet port was the database, behind this other one was a web server or what have you -- and you manually created your policy based on this information.

The problem with doing things that way is that today's applications are much more fragmented; they have a multi-point footprint, and it changes over time because of virtualization and containerization. What we think of as a database at ten in the morning might have nine VMs implementing it on three servers, but by noon it will probably peak to 23 VMs on a whole bunch of other servers. And yet we still want our policy to follow that mobile, nomadic and elastic workload.

So, this was the genesis of ACI, which replaces this model with a programmatic paradigm that allows users to define a contract that they want to initiate with their network; one which defines which applications can talk to what databases; issues those instructions to the network using the kind of abstractions that an application developer is familiar with; and goes on to ensure that the network continues to enforce that policy regardless of whether the database expands, shrinks, or moves around because of things like containers.

And that's the genesis of ACI. Simply, it's a new, expressive language for you to declare what you would like the network to do for you, and we've had a ton of success with that. Today we have upwards of 4,000 customers with big ACI fabrics.

Step two happened about a year ago, when we brought Tetration Analytics to market. The purpose of Tetration is to answer the questions that came up when customers implemented ACI and realized that, while it was wonderful to be able to define intent on the network, they lacked the level of visibility into what was running where in their data centers to be able to take advantage of it and formulate their intent in the first place.

So, that's what Tetration does: delivering broad, pervasive visibility. Not a single packet gets missed. Not a single communication element gets missed across all the applications that are running. More importantly, it automatically creates the intent, expressed as a white list of what is allowed, using this pervasive visibility and behavioral observation of the applications over the network as well as within their host operating system. It does an amazing amount of work by sitting there and listening to what the network is doing, and what workloads are doing, teed up through observation and machine learning.

So, this is a new concept. Increasingly the industry is using the term "intent-based networking." And there are lots of definitions. To me, in the data center, intent-based networking is about creating the ability for programmers to formulate what they would like the network to do for them in way that is expressive, that a programmer relates to. A coder, not a network admin.

But Tetration is more than that. It gives you the whole life cycle of everything running in your data center; the inventory and footprint [of the applications]; how these change over time; how they talk within each cluster to one another, and how they talk across clusters; it gives you graphs of connectivity on who's calling who when, on which port, and in which direction; and ultimately it results in a suggested white list that you, with ultimate human agency, correct or agree with, or complement with context that we can't infer from observation of telemetry, and then lock it down as your unique policy, and make sure that it is honored and enforced in a way that the network can support.

And the exciting thing is that Tetration works both with Cisco switches, at line speed, if you happen to have a Cisco nexus switching network, or via a software agent that travels with the workload regardless of underlying switching infrastructure. This means it can work in a Cisco environment, a non-cisco environment, or where you have a mix. And it can work in a cloud infrastructure, so customers can use it with Amazon or Azure or whatever.

SS: Which means you can get the benefits of this whether you have your own private cloud or whether you're transitioning across a public cloud?

RA: That's right. Or if you're straddling both, which is often the case.

SS: A hybrid cloud.

RA: That's right; a multi-cloud footprint. And this is really where the majority of our customers are today. They like some attributes of Amazon, they like some attributes of Google or Azure, but there's a lot that they continue to do on premise, and they don't want to have a fragmented policy and compliance model. They're saying "I have to prove that my consumer data was treated with the utmost care... we can't have an Equifax situation. I want to prove that I've protected the databases from not talking to strangers or not being exposed to more connectivity than they have to."

We're moving on from how we used to build IP networks, and enterprise networks, which was "anything goes," with one or two exceptions. Today, the prevailing model for security and for compliance -- known as "zero trust" -- is to say "Nothing goes, except where I open the veins for the blood to flow through." The new paradigm is "don't talk to strangers."

Next page: Hand me my Kevlar jacket

Previous Page
2 of 3
Next Page

EDUCATIONAL RESOURCES
sponsor supplied content
White Paper: Build Accurate Traffic Matrices with Demand Deduction
White Paper: Learn Best Practices for Core Network Capacity Planning
Case Study: Automating Multivendor Networks to Improve Network Robustness and Reliability
Success Story: How Telefonica Improved Repair Time and Time to Market with Cisco NSO and Crosswork
White Paper: Capitalize on the Economic Benefits of Network Automation
White Paper: Automate Your Certification Process to Onboard in Hours, not Days
Research Study Results: Service Providers save 50-70% in costs with Automation and Orchestration
Simplify Your Network Cybersecurity Compliance Verification and Reporting with Cisco Crosswork Trust Insights
e-Book - Transforming Telecommunications with Intelligent Automation
Use Case: Sprint Automates 50 Business Processes within 6 Months
Educational Resources Archive
More Blogs from From the Founder
So Long, & Good Luck With That

After almost two decades at Light Reading, it's time for a different optical adventure.

Tackling Transition: Q&A With John Chambers

John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.

Advancing the Telco Cloud: Q&A With VMware's Shekar Ayyar

Light Reading founder Steve Saunders talks with VMware's Shekar Ayyar, who explains why cloud architectures are becoming more distributed, what that means for workloads, and why telcos can still be significant cloud services players.

8 Things We Didn't Know About Telecom Automation Until Last Week

Light Reading's recent Automation Everywhere conference provided invaluable guidance and insights for network operators figuring out their automation strategies.

Ngena Fits Network Form to NFV Function

Ngena's global 'network of networks' solves a problem that the telecom vendors promised us would never exist. That doesn't mean its new service isn't a really good idea.

More
FEATURED VIDEO
UPCOMING LIVE EVENTS
RAN Evolution Digital Symposium
April 6-4, 2023, Virtual Event
APAC Digital Symposium
April 25-27, 2023, Virtual Event
The Programmable Telco Digital Symposium
May 10, 2023, Virtual Event
Big 5G Event
May 15-17, 2023, Austin, TX
Software unhEATS the World Digital Symposium
May 23, 2023, Digital Symposium
5G Orchestration & Service Assurance Digital Symposium
June 6-8, 2023, Digital Symposium
Cable Next-Gen Europe Digital Symposium
June 21, 2023, Digital Symposium
OpenRAN North America
December 6-7, 2023, New York City
All Upcoming Live Events
UPCOMING WEBINARS
March 30, 2023 Taking the next step with Wi-Fi 6E
April 4, 2023 RAN Evolution Digital Symposium - Day 1
April 6, 2023 RAN Evolution Digital Symposium - Day 2
April 11, 2023 5G, from connectivity pipe to Network-as-a-platform: A transformative approach to designing, deploying and operating Modern 5G multi-cloud networks from core-to-edge
April 12, 2023 B2B 5G: Lessons learned from Huawei’s path to monetization
April 12, 2023 Harnessing the Power of Location Data
April 13, 2023 Ready, set, automate: Delivering 5G services in the hyper-convergence era
April 20, 2023 SCTE® LiveLearning for Professionals Webinar™ Series: Getting A Fix on Fixed Wireless
April 20, 2023 13 Million DDoS Attacks – What You Need to Know
April 24, 2023 APAC Digital Symposium - Day One
April 26, 2023 Developing achievable SLAs for 5G Private Networks
April 26, 2023 APAC Digital Symposium - Day Two
Webinar Archive
PARTNER PERSPECTIVES - content from our sponsors
Embrace F5.5G and stride to Green 10Gbps By Kerry Doyle
How Carriers can Boost B2B Services Growth By Kerry Doyle
How HKBN Transforms from a Telco Operator to an ICT Powerhouse By Kevin Casey
Intelligent IP Networks Open Vast Value-add Possibilities for Carriers By Kerry Doyle
WBBA Director General: Creating a Roadmap for Broadband Advocacy By Pedro Pereira
All Partner Perspectives
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE