For over a year, Cisco has been building a new type of network infrastructure by way of its spin-out effort Insieme. Insieme is now being rolled back into Cisco as the company formally announces its plans and product for Application Centric Infrastructure.
Cisco teased the market with some preliminary insight into Insieme in June of this year. Insieme is all about Application Centric Infrastructure (ACI), a network approach that is now being integrated into a new set of products from Cisco.
From a network hardware perspective, Cisco is launching a new Nexus 9000 switching family, which will be optimized for ACI. Cisco is also building an Application Policy Infrastructure Controller (APIC), which will act as the new policy engine for enabling ACI across the network.
Ish Limkakeng, VP at Cisco, told Enterprise Networking Planet that there has been a gap between the applications used by organizations and the networks they deploy.
“The application is the most important thing in your data center, and you should be defining application requirements and driving them through the infrastructure,” Limkakeng said.
Software Defined Networking (SDN) is one of the ways that networking vendors have tried to tackle the issue of application networking, though Limkakeng noted that SDN isn’t enough. ACI takes advantage of SDN concepts, including network virtualization and agility, as well as the use of a policy controller engine.
“I get asked a lot if Insieme is Cisco’s SDN story, and to me that’s not the right question. The question is, what problems are organizations trying to solve?” Limkakeng said. “We’re trying to go beyond SDN to the application layer, address the physical and the virtual, and doing it at scale.”
The new Nexus 9000 switch family is the cornerstone of Cisco’s ACI switching portfolio and includes both custom and merchant silicon. The first two Nexus 9000 switches will be the Nexus 9500 and the Nexus 9300.
The new switch will work in both a traditional NX-OS mode as well as in a new ACI mode. NX-OS is an operating system approach that network administrators are likely already familiar with. Cisco NX-OS debuted with the first Nexus switches back in 2008 as an alternative to Cisco’s IOS network operating system. Cisco has now enhanced NX-OS with a cleaner code base, more scalability and improved virtualization support.
“The reason why we have two modes of operation is so that customers can adopt as much, or as little, of ACI as they want,” Limkakeng said.
The APIC is the central point for policy configuration and management and does lifecycle management, including inventory and software updates. The APIC aims to simplify both physical and virtual infrastructure and provide full visibility, as well as automation and orchestration capabilities.
A key component of the ACI approach is the concept of application profiles. The application profiles define all the required policies associated with a given application, including connectivity, Quality of Service, and storage and compute resources. Limkakeng explained that with APIC, it doesn’t matter if the required profile components are physical or virtual.
“We normalize all of the access to the fabric so there is a common operational model,” Limkakeng said.
Application profiles and policy are defined inside the APIC and pushed across the network. Limkakeng explained that the policy is an integrated overlay on top of the VXLAN protocol (link to VXLAN info). APIC is software and at launch will be running on Cisco’s UCS server platform.
The ACI approach is complementary in many respect to Cisco’s existing open source networking and cloud efforts, including both the OpenStack cloud and the Open Daylight SDN controller.
“APIC is built for application data, and it then uses a lot of what we’re addressing with other controllers at Cisco, including OpenDaylight and Cisco ONE,” Limkakeng said.
In terms of a full ACI deployment, though, Limkakeng said that a network administrator might only need to deploy an APIC to have control for the applications and the network. In existing networks, policy is typically tightly coupled with the IP network address.
“If we can decouple that, we can overcome some of the obstacles, including having too many management protocols, security and improving QoS,” Limkakeng said.
Limkakeng explained that since the ACI approach defines policy separately from an IP address, ACI is explicitly defining how various components connect, which can improve the security policy
“So we have a routed network with full host mobility, and it makes the protocols within the fabric much simpler,” Ish said.
The Nexus 9000 products are now shipping, and Cisco plans for the APIC to be available in the first half of 2014.
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist