Data Centre and DNA Campus
Fabric Integration
Victor Moreno, Distinguished Engineer
BRKACI-2220
Agenda
Introduction
Introduction to ACI and DNA Campus Fabric
•
• Multi-level Policy and Management Architecture
•
• Policy abstractions in ACI and DNA Campus Fabric
• Control and Data Plane Interworking
• Conclusion
Icon Legend
APIC-EM Enterprise Network Controller
Identity Services Engine (ISE)
DB
Scalable Groups
(User and Application)
SDA Controller (APIC-EM + ISE)
APIC Data Center Network Controller
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multi-level Switching Fabric
Architecture
Switching Fabric Trends
Complex
Security Concerns
Mobility
Reactive
Operational Simplicity
Reduce the Attack Surface with
Segmentation and Access
Control
Any IP anywhere
Pervasive L2 and L3 forwarding
Operational Visibility and Streaming
Telemetry
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Switching Fabrics
Mobility
Collaboration
Security
Branch
Endpoints
Secure Segmentation
• Coarse Segmentation into Virtual Networks
• Flexible User/Device Grouping
• Fine Grain Segmentation into device
Groups
Mobility
• Any IP anywhere
• Wired and Wireless
• Layer 2 and Layer 3 services
Policy Driven
• Simplification of Intent
• Policy defines relationships between
Groups of devices
• Defines segmentation and security
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
What exactly is a Fabric?
Virtual Networks
Virtual Network
Overlay Control Plane
Encapsulation
Edge Device
Edge Device
Hosts
(End-Points)
Mobility
Segmentation
Manageability
Underlay Network
Underlay Control Plane
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public