Big corporations think big! When IBM takes on a project, you can bet that it will be global in its proportions. But called upon to revamp the networking of 250 branch offices of a multinational company, even IBM knew that it had a mammoth task on its hands. A task that could easily have taken hundreds of engineers doing lots of manual work that could be time-consuming and error prone. However, drawing on their previous experiences, IBM chose to utilize automation in order to save money and time.
The first task was to set up an SD-WAN solution linking each branch with the main campus. Each of the branches would have network connectivity through both an internet and an MPLS connection. The second task was to deploy virtualized network services in each of the branches. Servers within each branch would run virtualized routers and firewalls that would control access between the WAN and the branch LAN. Almost all branches would have redundant systems, which meant setting-up as many as 450 such servers.
Go global with network automation
Faced with this challenge, IBM turned to Cisco’s Digital Network Architecture (DNA) and DNA Center. They chose Cisco’s Enterprise Network Compute System (ENCS) as their appliance. ENCS is a compute appliance family designed for a virtualized, Software-Defined Branch (SD-Branch) network architecture.
To solve the deployment problems, IBM first defined a provisioning template within DNA Center. Using DNA Center’s open APIs, they wrote a custom Python script to retrieve this template and clone it across branches. The script then customizes each instance with its unique set of IP addresses, VLAN structure, etc. It also creates all the virtual network functions (VNFs) including virtual ISR with MPLS and internet connections, and virtual ASA, and chains them all together within ENCS.
The script accomplishes all of this programmatically, dramatically reducing deployment time while also reducing the risk of minor differences between sites that can cause problems later.
“The challenge before us was to deploy virtualized networking services on 250 sites using 450 appliances for a global customer,” said Markus Voegele, Network Architect at IBM, “It was clear that the only way we were going to be able to do this was to use automation. We found that Cisco DNA Center had the native capability to deploy and configure this set up, and with its support for open APIs, we were able to control this deployment through an application we wrote for the purpose. With simple Python scripts, we were able to deploy VLANs, virtual routers, virtual firewalls within ENCS servers at the sites, and link these together to form a service chain. Deploying and provisioning new sites, for us, is now as easy as choosing an option on a menu.”
Watch Markus demonstrate the solution.
With its application, IBM shows how easy it can be to accomplish tasks on a global scale, which could easily take several months to complete manually. They have very effectively leveraged the capabilities of DNA Center and its open APIs and combined them with network virtualization. They have fully automated a process that is typically very expensive, time consuming, and challenging to implement.
Read this white paper from IDC to see how you can leverage network as an open platform and create new revenue opportunities.
I want to implement OTV in my network with the ASR routers. But as usual, I am testing and studying it in my VIRL lab first. First of all, there is no ASR in VIRL. I am using CSR instead. I am assuming that the behavior would be the same between the ASR a...
I’m looking for a way to explicitly allow certain VLANS to be routable. In this example I would like VLAN 25&35 to talk but 25 cannot communicate with another vlans. I would like to apply the rule to VLAN 35 that way I don’t have to r...
Dear Team,I am planning to purchase the Cisco VPN router RV042. please help me to answering the below question. 1.> I have 100 Mbps internet connection in my office. if i purchase the this VPN router how much bandwidth i will get through the VPN ....
Hello thereAlthough it's not a new topic, but I think there is a need to clarification. Could someone please inform us about ISR 4000 different licenses ? - We know technology licenses ( Sec, AX, ...) are all RTU, right?- What about performance (Thro...
Cisco Digital Network Architecture Center Modules (Design Module)Part.3In this article, we are going to talk about the Cisco Digital Network Architecture Center design Module.Cisco DNA Center gives us the flexibility and scalability to configure mult...