The proliferation of cloud applications continues to transform traditional architectures and traffic patterns, driving a need for organizations to re-architect their network. And now, with the emergence of applications at the edge for IoT control, firewalling, intrusion prevention, network monitoring, telemetry, and analytics, the network needs to be ready for applications hosted anywhere. The Catalyst 9000 series of switches running Open IOS-XE ushers in the new era of intent based networking that not only enables consistent secure access from edge to the cloud, but also enables hosted applications at the edge. The platform uses X86 based CPU with up to 1TB of local storage options to offer a container based application hosting environment.
The initial software release on Catalyst 9000 switches uses the container environment to provide a sand-boxed (or decoupled) execution space called guest-shell for running on-box python. The application hosting capability could potentially enable a variety of new use cases across different verticals. These capabilities will be unlocked in future software releases. The nature of applications that can be hosted is flexible and varies from Cisco offered apps to partner apps to apps developed by customers. Here are some of the interesting use-cases that can be enabled:
Analytics: Analytics is quickly gaining traction as a mechanism to deliver assurance and new business outcomes. Many of these outcomes rely on network and application telemetry. What better place to generate this telemetry than the network itself? A collector application running locally on the switch can collect end user/device telemetry data and TLS meta data. The collector can perform data pre-processing like filtering, aggregation and indexing before streaming the data securely to a data-platform. Processing data locally can significantly reduce the WAN bandwidth and optimize the storage thereby CAPEX required on data-platforms.
Server-less compute: Edge compute helps non-stop operation and control of IoT devices connected to the cloud. It aids verticals like manufacturing where low and deterministic latency is required for real-time control loops. Moreover, IoT control centers hosted in Cloud environments benefit from an on-prem gateway function such as those offered by AWS Greengrass and Azure IoT Hub. These gateways can be hosted on the switch which removes the need for on-prem local compute in the enterprise environments.
Security: With billions of unsophisticated IoT devices connecting to enterprise network, these devices must be classified and appropriate network posture implemented to maintain network security. A distributed micro-services based approach can create a scalable device profiling and firewalling solution.
IT Operations: Every network admin relies on packet capture for monitoring and troubleshooting the network. Traditionally, operators have relied on span to troubleshoot end-user connectivity problems. Packet capture applications can now be hosted on the Catalyst 9000 switches with an API/UI based approach for selecting the desired traffic. Moreover, up to 1TB of local SSD storage is now available to save the resulting pcap files. This saves time and money for an operator troubleshooting real time network issues.
Cisco will provide variety of tool sets that aid application development to promote these business outcomes and support the developer community. Developers can use Dockers Software Defined Environment (SDE) for application development and seamlessly deploy it on the Catalyst 9000 switches. The application has full access to all the programmability capabilities already available on open IOS-XE including the rich model driven APIs, streaming telemetry, CLI and SNMP. Cisco will also provide developers with app hosting SDK to get API access to the switch data plane.
Finally, Cisco DNA-Center will also offer the full lifecycle management for these hosted applications. The goal is to provide an intuitive UX for enterprise-wide provisioning and subsequent versioning of the application; including knobs for the administrator to secure the app hosting environment by limiting access to switch resources on a per application basis.
We at Cisco are very excited about the wide range of possibilities that can now be harnessed by network operators, application developers and DevOps teams, who can leverage the strength of Open IOS-XE to run applications utilizing the underlying x86 CPU of Catalyst 9000 series switches.
Sandra Rivera, SVP/GM of Network Platforms Group, Intel, rightly commented,
"The Intel® Xeon® processor D family of System on a Chip and the Cisco Catalyst 9000 switches push the edge of ‘what is possible’ with the ecosystem for containers and application hosting on a common platform."
This massive evolution of our switching products with Catalyst 9000 series, highlights the strength of Cisco innovation and openness of our platforms – it’s time to make the switch!
Join me on July 11, 2017 from 8:00-9:39am PT, for a deep-dive into the Catalyst 9000 series. Join the Enterprise Networks track of the Cisco Customer Connection program and then register for the briefing. Looking forward to your attendance! www.cisco.com/go/ccp
I purchased cisco virl yesterday and was testing a lab on it. I noticed that I couldn't save configs on the fly. for example, I was testing HSRP configurations and proceeded to test the failover to the other peer in the group by shutting down the primary ...
Working on a stack of new Catalyst 9200L-24P-4G switches. This is the first time with this model and am beyond frustrated at this point as none of the documentation seems to work. Currently, all 4: Switch Ports Model SW Version ...
Hi, I can't find SNMP OID for cisco 3850 stack status. To be honest I can't find any IOD's. Because SNMP WALK gives me range .1.0.8802.1.1.2.....But snmp navigator does not know this OID's. How can I determine what each oid means?
Dear , I am facing an issue with connectivity for ipsec vpn with fortigatesee below sh run crypto isakmp policy 10hash md5authentication pre-sharegroup 2crypto isakmp key xxxx address xxxxx!!crypto ipsec transform-set MYSET esp-des esp-md5-hmacm...