Cisco Instant Access

Sascha Ulfig

Netzwerk geht auch einfach

Consulting Systems Engineer

20. November 2014

2 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Keine sich wiederholenden Tätigkeiten mehr

Die IT verwendet zu viel Zeit für sich wiederholende Aufgaben auf Access Switches

28% Monitoring,

Troubleshooting

19% Security

Konfiguration

18% Installation,

Konfiguration, Tests

14% Software Updates

Quelle: Forrester Consulting, 2012

Cisco Instant Access Einfache Installation

2

3 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

94 Switches im Software Image- und Konfigurationsmanagement 188 Access Trunks/Port-Channels 4032 User Ports Pro Switch: Spanning-Tree / Loop Prevention FHRP Tuning Multicast Tuning (PIM / IGMP) Routing Protocol Tuning Security (z.B. 802.1X) Control-Plane Policing Quality of Service 94 Separate Konfigurationen für SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname

Klassischer Layer-2 oder Layer-3 Campus Hohe administrative Komplexität

SiSi SiSi

SiSi SiSi SiSi SiSi SiSi SiSi SiSi SiSi

Building 1 Building 2 Building 3 Building 4

Core

3

4 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Cisco Catalyst Instant Access

Trennung der Control-Plane von der Data-Plane Eine Control-Plane für Distribution & Access Layer

SiSi SiSi

4

Software Defined Networking “…In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications…”

Source: www.opennetworking.org

Verteilte Data-Plane Catalyst 6848ia

EINE Control-Plane

Catalyst 6500/6800

5 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Supervisor 2T WS-X6904-40G 6880-X

6500-E 6807-XL

•  10G SFP+ Uplink Ports •  POE & POE+ Support •  Integriertes Stacking Modul

Catalyst 6800IA

Catalyst 6500/6800

VS

Catalyst 6800ia Catalyst 6800ia Catalyst 6800ia Catalyst 6800ia

FEX 101 FEX 102 FEX 103 FEX 104

Cisco Catalyst Instant Access Auf einen Blick…

6 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Supervisor 2T WS-X6904-40G 6880-X

6500-E 6807-XL

•  10G SFP+ Uplink Ports •  POE & POE+ Support •  Integriertes Stacking Modul

Catalyst 6800IA

Catalyst 6500/6800

VS

Catalyst 6800ia Catalyst 6800ia Catalyst 6800ia Catalyst 6800ia

Config on Parent: interface Port-channel101 switchport mode fex-fabric fex associate 101 interface Port-channel102 switchport mode fex-fabric fex associate 102 interface GigabitEthernet101/1/0/1 switchport mode access switchport access vlan 101 interface GigabitEthernet102/1/0/1 ip address 102.1.1.1 255.255.255.0 ipv6 address 2013:102:1:1:1::1/96

FEX 101 FEX 102 FEX 103 FEX 104

Cisco Catalyst Instant Access Auf einen Blick…

7 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Catalyst Instant Access Client Portfolio C6800IA-48FPD C6800IA-48FPDR C6800IA-48TD C3560-CX

PoE/PoE+ ✗ ✓ 48 ports, 740W

✓ 48 ports, 740W

✓

12 ports, 240W

Down Link Ports 48x1G Cu 48x1G Cu 48x1G Cu 12x1G

Uplink Ports 2x10G SFP+ 2x10G SFP+ 2x10G SFP+ 2x10G SFP+ (for IA mode) , 2x1G Cu

FEX ID 12 ! 42/25* 12 ! 42/25* 12 ! 42/25* 42/25*

Access Ports Scalability Heute: 1000 ! 2000/1200* 1000 ! 2000/1200* 1000 ! 2000/1200* 300-500*

Stack 3!5 3!5 3!5 0

Dual Power Supply ✗ ✗ ✓ ✗ Standalone Mode ✗ ✗ ✗ ✓

FCS December

2014

* New Scale with IOS 15.2(1)SY targeted for January 2015. First value for 6880-X, second value for SUP2T.

8 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Switch#sh run | sec template or show Template interface all template IA_TEMPLATE switchport mode access switchport access vlan 100 switchport nonegotiate switchport port-security source template IA_TEMPLATE2 template IA_TEMPLATE2 spanning-tree portfast edge Switch(config)#int range g101/1/0/1-3 Switch(config-if-range)#source template IA_TEMPLATE Switch#sh run int g101/1/0/1 interface GigabitEthernet1/1 switchport source template IA_TEMPLATE End Switch#sh derived-config int g101/1/0/1 interface GigabitEthernet1/1 switchport switchport access vlan 100 switchport trunk allowed vlan 1 switchport mode access switchport nonegotiate switchport port-security spanning-tree portfast edge

Demnächst für Instant Access: Interface Templates

•  Template mit “template <templatename>” definieren

•  Mit “source template <templatename>” Template an Interface oder anderes Template binden

•  “show running interface <intf>” zeigt nur

noch das Template Mapping an

•  Mit “show derived-config interface <intf>” kann vollständige Config dargestellt werden

•  Änderung des Templates ändert ALLE Interfaces, welche damit assoziiert sind

Easy to Use

NEW with IOS

15.2(1)SY

9 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Catalyst Instant Access Campus Dramatische Reduktion der Komplexität

Core

Building 1 Building 2 Building 3 Building 4

5 Switches im Software Image- und Konfigurationsmanagement Pro Switch: Spanning-Tree / Loop Prevention FHRP Tuning Multicast Tuning (PIM / IGMP) Routing Protocol Tuning Security (z.B. 802.1X) Control-Plane Policing Quality of Service 5 Separate Konfigurationen für Routing, Security, CoPP, SNMP, NTP, TACACS, Banner, vty, VLAN DB, Mgmt IP/GW, Hostname

Instant Access

9

10 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Cisco Catalyst Instant Access Zusammenfassung Ø  “Single Point of Management”

Ø Vereinfachte Installation und Konfiguration

Ø Plug and Play Provisionierung

Ø KEIN Software Image Management im Access

Ø Cat6500 Features durchgängig auf Distribution und Access

Netzwerk Vereinfachung Reduzierung der “Total Cost of Ownership” 10

11 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Connect | Berlin 20.–21. November 2014

Muninder Sambi – Director Product Management Anupam Upadhyaya – Manager Product Management

Himanshu Mehra – PM Engineering, Catalyst Plattform

Jens Demmer – Manager Product Management Jo Kern – Manager Product Management

Peter Provart – Business Dev. Manager, EBG EMEAR

Matthias Falkner – Distinguished Engineer Carlo Terminiello – CSE, EBG EMEAR

James Weathersby – Manager Technical Marketing

Alan Cottom – Technical Marketing Engineer

Enterprise Networking Raum: PS OG 1

Security Raum: PS EG 3

13:00

APIC-EM – SDN im Enterprise Markus Harbeck

Consulting Systems Engineer Cisco

AMP everywhere - warum es darauf ankommt Volker Marschner

Consulting Systems Engineer Cisco

13:30

SDN – Paradigmenwechsel für Netzwerke und Datacenter Steffen Winkler

Solution Manager Netzwerkumfeld Computacenter AG & Co oHG

Einführung in Cloud Managed Networking Christian Goldberg

Cloud Networking Systems Engineer Cisco

14:00

Instant Access - Netzwerk geht auch einfach Sascha Ulfig

Consulting Systems Engineer Cisco

Internet of Things... Let's Not Forget Security Please! Eric Vyncke

Distinguished Systems Engineer Cisco

14:30

Netzwerk Virtualisierung - Netzwerktrennung im LAN und WAN Sascha Ulfig

Consulting Systems Engineer Cisco

Akamai Connect Lorenz Jakober

Sr. Product Marketing Manager Akamai

15:00

Cisco Threat Centric Security Solutions Holger Unterbrink

Consulting Systems Engineer Cisco

DPDHL Branch of the Future Concept Zvezdan Schoppmann

Head of Technology Innovation Management DPDHL

15:30

Prime Infrastructure Lothar Müller

Berater & Service Ingenieur EnBW Netze GmbH

Skyconnect, eine globale WAN Plattform „moving to iWAN“ Markus Vögele

Senior Systems & Design Engineer Lufthansa Systems AG

Thank you.