Technology Horizons
-
Innovation and investment focus for the next 2 years
Lee Kok
Keong
Consulting Systems Architect
Cisco Systems
kklee@cisco.com
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
•
Budget Constraints
•
Asset Management
•
Speed of Change in Technology
•
Qualified Personnel and Management
•
Aging population of COBOL staff
•
Conflicting Priorities on Projects
•
Customer Privacy Issues
•
Internal Security
•
Extending
DECNet
•
Business Line Expansion
•
Technical
Divide
•
External
Access to Internal Data
•
Technology for Labor Substitution Path
•
Internal Understanding of Technology
•
Control versus Creativity
Consumer IT driving Business IT
External Intrusion Threats
Speed of technological Transition
Customer Expectations for Access to
Data
Customer Verification/Identification
Customer Knowledge of Technology
Industry Competition
Outsourcing/
Insourcing
Stability of Some Industry Sectors
Internet Viability/Universal Connectivity
Industry
Professionalism/Skill
Market/Economy Concerns
Analysts’ Expectations
Regulation and Legal Challenges
Continuing Improvements in
Technology
Patent Standards/Infringements
Cisco Confidential
3
© 2010 Cisco and/or its affiliates. All rights reserved.
•
Smart devices outsold PC
•
Windows 8 adds ARM microprocessor support
•
3G
/
LTE
finally taking off
–
no, not video
-
call, but data
•
Mobile Technology
–
LTE
, IP
-
RAN,
WiFi
Offload
•
IPv6
•
Virtualization
–
Network, Storage, Compute, Desktop
•
Commercial Cloud is taking off (finally)
•
Service Providers transforming their business model
•
National effort in building high speed broadband
Cisco Confidential
4
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
© 2010 Cisco and/or its affiliates. All rights reserved.
Is my end users embracing these changes
How does it change their behavior, interactions with our services
How does it affect security/regulatory policies
How can we capitalize/take control on these changes
How does it help in addressing new requirement/Cost control
How long is the runway to get there
How do we build expertise around these changes
Fundamental Change to Application delivery
Fundamental Change to IT infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
People
Process
Quality
Management
Cost
Management
Federated
CMDB
Infrastructure
Management
Service
Delivery
SLA
Management
Tools
Management
Dashboard
Chargeback
Customer
Portal
Cloud Service Orchestration
++
++
++
++
++
++
++
++
++
++
Data Center
IP/
MPLS
/Internet
3G
/
LTE
IPv6
Network
Virtual
Apps
VDI
Virtual
Apps
Thin
Client
Virtual
Apps
Mobile
Client
OS
OS
OS
End Points
Cisco Confidential
7
© 2010 Cisco and/or its affiliates. All rights reserved.
Great Benefits…but also New Challenges
Infrastructure
Per
-
Virtual Machine services required
Network, storage virtualization
New emphasis on Security, Trust,
QoS
Organization
Breaks Current Organizational Model
Reduces Visibility into ‘Hidden’ Resources
Requires Continuous Availability/Provisioning
New Paradigm
Virtual Machine is the New “Atomic Unit”
Dynamic Movement of
VMs
/ Applications
New Options:
Clouds
, Workload Portability
Cisco Confidential
8
© 2010 Cisco and/or its affiliates. All rights reserved.
Virtualization
–
it’s not new
•
VM
/CMS
–
VM
stands for Virtual Machine
•
Used in IBM mainframe System/370, System/390
•
First release 1972
•
Control program is called a Hypervisor
–
provides full virtualization of
system I/O
•
Each mainframe runs hundreds of thousands of
VMs
1972
Cisco Confidential
9
© 2010 Cisco and/or its affiliates. All rights reserved.
Modern Day Virtualization
-
Reduces
CapEx
/
OpEx
through Consolidation
Typical
Consolidation: 10:1
Typical Cost Savings:
•
Reduce H/W and
OpEx
costs
•
Reduce energy costs
•
Reduce provisioning time up
•
Save
$
/ yr per server workload
Aggregates Servers, Storage
and Network
—
Foundation for
Internal and External Cloud
Infrastructure
Virtualization
Decouples software from
hardware
Encapsulates Operating
Systems and applications into
“Virtual Machines”
Cisco Confidential
10
© 2010 Cisco and/or its affiliates. All rights reserved.
Scaling DC Bandwidth with
FabricPath
Example: 2,048 X
10GE
Non
-
blocking Server Design
•
16X
improvement in bandwidth performance
•
From 74 managed devices to 12 devices
•
2X
+ increase in network availability
•
Simplified IT operations
Traditional Spanning Tree Based Network
FabricPath
Based Network
2, 048 Servers
8 Access Switches
64 Access Switches
2, 048 Servers
Blocked Links
4
Pods
Network Fabric
Cisco Confidential
11
© 2010 Cisco and/or its affiliates. All rights reserved.
1.
vMotion
moves
VMs
across
physical ports
—
the network
policy must follow
vMotion
2. Must view or apply
network/security policy to
locally switched traffic
3. Need to maintain segregation
of duties while ensuring non
-
disruptive operations
Port
Group
Server Admin
Network
Admin
Security
Admin
Server
Admin
Cisco Confidential
12
© 2010 Cisco and/or its affiliates. All rights reserved.
Virtual
Network
Management
Center
(VNMC)
Virtual Security Gateway
-
Compare this to traditional 3
-
Tier enterprise design
VM
context aware rules
Context aware
Security
Establish zones of trust
Zone based
Controls
Policies follow
vMotion
Dynamic, Agile
Efficient, Fast, Scale
-
out SW
Best
-
in
-
class
Architecture
Security
team manages security
Non
-
Disruptive
Operations
Central
mgmt, scalable deployment,
multi
-
tenancy
Policy Based
Administration
Virtual
Security
Gateway
(
VSG
)
XML API, security profiles
Designed for
Automation
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
IP/
MPLS
/Internet
3G
/
LTE
IPv6
Virtual
Apps
VDI
Virtual
Apps
Thin
Client
Virtual
Apps
Mobile
Client
OS
OS
OS
People
Process
Quality
Management
Cost
Management
Federated
CMDB
Infrastructure
Management
Service
Delivery
SLA
Management
Tools
Management
Dashboard
Chargeback
Customer
Portal
Cloud Service Orchestration
++
++
++
++
++
++
++
++
++
++
Data Center
Network
End Points
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
O
V
Overlay
-
A solution that is
independent of the infrastructure
technology
and services, flexible over various inter
-
connect
facilities
Transport
-
Transporting services
for
layer 2 and layer 3
Ethernet and IP traffic
Virtualization
-
Provides
virtual stateless multi
-
access
connections
,
which can be further partitioned
into VPNs, VRFs,
VLANs
T
OTV delivers a virtual L2 transport over any L3 Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
Data Center
A
Data Center
B
OTV
Ethernet Extension
Any Transport
LD
VMotion
A significant advancement for virtualized environments by simplifying and
accelerating long
-
distance workload migrations
Cisco Confidential
16
© 2010 Cisco and/or its affiliates. All rights reserved.
•
Today: IP Address = Identity + Location bundled together
•
LISP decouples Identity (Host IP) from Location (Gateway IP)
•
ID to Location mappings are kept in an ‘out
-
of
-
band’ Directory
•
Traffic is routed in the core based solely on location
Traffic is IP in IP encapsulated
•
LISP Benefits
I
nternet & Intranet Scalability
Reduction of Routing Table IP state
Flexible Routing Policy
Prefix Portability
Seamless Mobility
VPN
semantics (multi
-
tenancy)
IPv4
/
IPv6
co
-
existence
Directory
Resolution & Registration
Data Path
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
Asia Pacific area has run out of
IPv4
address
-
New connections have to be put on
IPv6
It’s not about the technology
-
it’s about Business Continuity
-
it’s about compliance
What is your
IPv6
transition plan ?
How does it affect your IT infrastructure ?
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
IPv4
Addresses
Population
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
•
Government agencies should expect their users, partners, and remote
employees to have a
mix of connectivity
Public IPv4
-
only
Public IPv4 and IPv6
Shared IPv4
-
only
Shared IPv4 and IPv6
IPv6 only
Every agencies must be ready for this mix
(it cannot select the Service Providers of its end users)
The days of one public IPv4 for each Internet user are over
.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
IPv6
Internet
IPv4
Internet
Subscriber
Network
IPv6 Access
Network
ISP
dual stackCore
IPv4 over IPv6
Automatic Tunnel:
DS
-
Lite
PE
PE
CPE
NAT44 or PRR
NAT44
IPv4 Access
Network
IPv4 core
Subscriber
Network
PE
CPE
Translator: NAT444
P
NAT44
NAT44
IPv6 Access
Network
ISP
dual stack Core
Subscriber
Network
PE
CPE
Translator: AFT
PE
NAT64
ISP
Dual stack Core
IPv4 Access
Network
Subscriber
Network
PE
CPE
Automatic Tunnel:
6RD or L2TP
6rd RG
6rd BR
P
6RD or L2TP
Dual stack
Access/Core
Subscriber
Network
PE
CPE
Dual Stack: IPv6 Native
(Dual Stack)
The idea of crossing a bridge is
–
to get to the other end
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
Ref : http://sixy.ch/
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
22
IP/
MPLS
/Internet
3G
/
LTE
IPv6
Virtual
Apps
VDI
Virtual
Apps
Thin
Client
Virtual
Apps
Mobile
Client
OS
OS
OS
People
Process
Quality
Management
Cost
Management
Federated
CMDB
Infrastructure
Management
Service
Delivery
SLA
Management
Tools
Management
Dashboard
Chargeback
Customer
Portal
Cloud Service Orchestration
++
++
++
++
++
++
++
++
++
++
Data Center
Network
End Points
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
Network
Eng
:
•
How do I troubleshoot
Access problem?
•
How do I separate
device issues from network
and policy issues?
•
How do I ensure user
experience?
Applications Team:
•
How do I ensure consistent App experience on
all
devices?
•
How do we troubleshoot App vs. Network vs. Device
problems?
•
How do we ensure Application interoperability?
Security Ops
:
•
How do I protect my network
and data assets from
unauthorized access, malware,
attacks, DLP, device
loss/theft, etc.?
•
Which users are using what
devices? How
do I implement
multiple security policies
per user, device, etc.?
Compliance Ops:
•
How do I ensure
corp
compliance (SOX, HIPAA,
etc.)?
Network
Ops
:
•
What devices are on my
networks?
•
Which users are using
what devices?
What apps are being
accessed?
•
What are the real
-
time app
perf
metrics?
Endpoint Team:
How and what do I support?
How do I handle asset
management
?
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
24
Smartphones and Tablets
at Cisco, July 2011
40%
32%
Platform
July
2010
July 2011
iPhone
5,895
17,337
22%
40%
iPad
677
5,933
2%
14%
BlackBerry
14,910
13,917
55%
32%
Android
209
3,822
1%
9%
Others
5,433
2,049
20%
5%
Total
27,124
43,058
Cisco’s total mobile device count
grew 59% in 12 months
.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
25
Tablet based devices
8,017 iPads
10.9% Growth
27.9%
of users today have > 1
device
(24.2% in Aug)
85,460
Windows
PC’s
16,000
Apple Mac’s
7,175
Linux Desktops
2000 (Pilot)
Desktop Virtualization
Desktop Landscape
12,617
BlackBerry Devices
-
3.2% Growth
6,534
Android Devices
22% Growth
20,078
iPhones
5.3% Growth
2,632
Other Devices
4.7% Growth
Mobile Smartphone Devices
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
26
Taking
BYOD
heads on
Broad Mobile Support
•
Fixed and semi
-
fixed platforms
•
Mobile platforms
Persistent Connectivity
•
Always
-
on connectivity
•
Optimal gateway selection
•
Automatic hotspot negotiation
•
Seamless connection hand
-
offs
Next
-
Gen Unified Security
•
User/device identity
•
Posture validation
•
Integrated web security for
always
-
on security (hybrid)
•
Clientless and desktop virtualization
Corporate
Office
Mobile
User
Home
Office
Secure,
Consistent
Access
Voice, Video, Apps, Data
Wired
Cellular/
Wi
-
Fi
Wi
-
Fi
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
27
Connect to
Connection
Broker
1
Thin
Client
Zero Client
Smartdevices
Identify
target
VM
2
Start
target
VM
4
Query for
user policy
3
Display Protocol
Authentication
Connection Broker
Active Directory
Virtual
Infrastructure
Management
5
Return
VM
to
endpoint
Virtual Infrastructure
Connect
VM
to
endpoint
6
7
Successful
connection
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
28
Consolidation, Virtualization, Automation
1960
1980
2000
2010
Business Agility
Mainframes
SNA
/
DecNet
/
IPX
Client/
Server
COMPUTE
EVOLUTION
NETWORK
EVOLUTION
Storage
Consolidation
WEB 2.0
IPv6
BYOD
Data Center
Consolidation
Data Center
Virtualization
TCP/IP
Internet
1. Consolidation
2. Integration
3. Virtualization
4. Automation
Data Center
Networking
Thank you.
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Comments 0
Log in to post a comment