SlideShare ist ein Scribd-Unternehmen logo

DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and Maintain User Experience

Amazon Web Services
Amazon Web Services

A key component of Cisco hybrid cloud portfolio is Cloud Connect. In this session, we review how Cloud Connect solutions can securely extend your private networks into the AWS Cloud and ensure the application experience. The products we cover include the CSR1000v and vEdge with Umbrella integration. This session is brought to you by AWS Partner, Cisco.

1 von 32
Downloaden Sie, um offline zu lesen
Liad Ofek Director, Product management Cloud and Virtualization Networking Business Unit January 2018 Cisco Hybrid cloud : Cloud Connect
It’s a Hybrid cloud world Source: IDC CloudView, April, 2017, n=8,293 worldwide respondents, weighted by country, company size and industry Evaluating or using public cloud 85% Taken steps towards a hybrid cloud strategy 87% Plan to use multiple clouds 94% Among cloud users
Hybrid cloud Complexity Challenges “I need to…” FRAGMENTED COMPLEX NO DATA CONTROL “…securely extend private networks to public clouds” “…define and execute my cloud first strategy” “…protect my cloud applications, endpoints, and data” “…migrate to cloud and manage the full application lifecycle”
Cloud Adoption Journey-Key Activities & Pain Points FRAGMENTED COMPLEX NO DATA CONTROL SaaS SaaS SaaS SaaS SaaS SaaS SaaS Other Public Clouds IaaS AWS PaaS SaaS PrivatePrivate
Cisco Cloud Portfolio Multicloud Portfolio Cloud Connect Cloud Protect Cloud Advisory Cloud Consume
Cisco Cloud Portfolio — Objectives Hybrid Cloud Portfolio Cloud Connect Cloud Protect Cloud Advisory Cloud Consume Design, plan, accelerate, and de-risk your cloud migrations Deploy, monitor and optimize applications in cloud environments Securely extend your private networks into public clouds and ensure the application experience Protect cloud identities, direct-to- cloud connectivity, data, and applications including SaaS
Cisco Cloud Portfolio — Offers Cloud Consume Cloud Protect Cloud Connect Cloud Advisory Multicloud Portfolio Advisory Services • Cloud Migration • Cloud Connect • Cloud Protect • Cloud Consume (Delivered by AS/Cisco Partners) • CloudCenter • AppDynamics Cloud Consume Cloud Advisory • CSR 1000v • vEdge with Umbrella • Umbrella • AMP for Endpoints • Meraki Systems Manager • Cloudlock • Tetration Cloud Cloud Connect Cloud Protect
Cisco Cloud Portfolio — Implementation ▪ Faster implementation and time to value ▪ Lower risk ▪ Lower cost Design and Deployment Guides Hybrid Cloud Portfolio Cloud Connect Cloud Protect Cloud Advisory Cloud Consume • Best practices • Integrated design • Detailed implementation steps
Cloud Connectivity Challenges On-Prem Datacenters Remote Branches Public Cloud • Complexity & Dependency – Need a simple and scalable way to securely extend the private network across cloud environments • Inconsistent security policies between private & public- Need to apply consistent security policies • Performance and ambiguity for best path to reach the cloud – Need enhance application experience Applications Users Cloud Connect
Enterprise DC ASR1K Branch ISR4K Cloud Connect – CSR 1000V Securely extend the private network to the cloud from the Branch and DC with CSR1000v Extend routing to multi-VPC environment with CSR100v in Transit VPC Maintain application experience with QoS and AVC CSR1000v CSR1000v CSR1000v VPC VPC VPC VPC VPC
Enterprise DC ASR1K Branch Cloud Connect w/vEdge Cloud vEdge Cloud vEdgevEdge Internet Direct Cloud connectivity from a Branch with vEdge to vEdge Cloud Extend routing to multi-VPC environment with vEdgeTransit VPC Extend Cisco SD-WAN fabric to the cloud VPC VPC VPC VPC VPC
Branch Enterprise DC ASR1K Cloud Connect - vEdge and Umbrella vEdge Cloud vEdgevEdge Protecting your branch office users directly to your multi-cloud environment leveraging direct internet access(DIA), using vEdge and secure internet gateway (Umbrella) VPC VPC VPC VPC VPC InternetUmbrella
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Extend private network to cloud leveraging existing investments Consistent security policies across private and public cloud footprint Enhance and secure app experiences with visibility and path selection/optimization Centralized orchestration across the entire network including cloud Cisco Cloud Connect Benefits
Cisco Cloud Services Router (CSR) 1000V Cisco IOS XE Software in a Virtual Appliance Form-Factor Enterprise-class Networking with Rapid Deployment and Flexibility Server Hypervisor Virtual Switch OS App OS App CSR 1000V Software • Familiar IOS XE software with ASR1000 and ISR4000 Infrastructure Agnostic • Runs on x86 platforms • Supported Hypervisors: VMware ESXi, Linux KVM, Citrix Xen, Microsoft Hyper-V, Cisco NFVIS and CSP2100 • Supported Cloud Platforms: Amazon AWS, Microsoft Azure, Google Cloud Platform (Q3CY18), AliCloud Performance Elasticity • Available licenses range from 10 Mbps to 10 Gbps • CPU footprint ranges from 1vCPU to 8vCPU License Options • Term based 1 year, 3 year or 5 year • Smart License enabled Programmability • NetConf/Yang, RESTConf, Guest Shell and SSH/Telnet 14
Q: Where can I find the CSR on AWS? A: In the AWS marketplace! 1. Search for “Cisco” 2. Pick a flavor 15
Two deployment models VPC Application VPC Gateway • CSR deployed in application VPC • Provide IPSEC gateway for entire VPC • Need high availability Transit Hub Router • CSR deployed in dedicated Transit Hub, not in application VPC • High speed traffic routing for spoke VPC • High availability is built-in natively Transit Hub AZ1 AZ2 Application VPC VPC 16
CSR Cloud High Availability • No virtual IP as with HSRP, since AWS doesn’t allow multicast • BFD over GRE tunnel is enabled between two CSRs to detect failure • AWS Route Tables for app subnets are re-pointed to surviving CSR • Failure detection is automatic • CSR itself calls AWS API to adjust AWS Route Table routes • Sub-second failover VPC CSR Subnet App Subnet A App Subnet B Before HA Failover After HA Failover AWS REST API http://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/aws/b_csraws/b_csraws_chapter_0100.html BFD 17
Public Cloud Transit Routing Challenge • No transit routing capability • Don’t support across region peering A-B Peering B-C Peering Transit Routing NOT supported A-to-C-thru-B Full mesh Private DC … Backhaul2 See next slide VPC-A VPC-C VPC-B 18
Transit VPC Design • Dedicated VPC: Simplifies routing by not combining with other shared services. • CSR1000v Virtual Network Appliances: Provide dynamic routing and VPN network tunnels • Redundancy: Dynamic routing combined with multi-AZ deployment creates a robust network infrastructure. • VGW: VPC virtual gateways provide highly available connections to transit VPC virtual network appliances. BA C …... Direct Connect Or Internet Private DC Transit VPC Spoke VPC Other Provider Networks CSR1 CSR2 AZ1 AZ2 Across regions, accounts/subscriptions ASR VPCVPCVPC VPC
Traffic Segregation • Traffic segregation is built-in natively • Each Spoke VPC is represented as a different VRF in CSR • Routing is controlled through RT (Route Target) • Different VPCs can communicate by export/import same RT • Follow same mechanism to create customized VRF like on-premise VRF CSR1 MP-BGP On-Premise VRF CSR2 VPC-A VPC-B VPC-C Private DC VPC-C VRFVPC-B VRFVPC-A VRF
Scale Out Private DC Transit VPC DX/ER Internet ASR VPC CSR1 CSR2 CSR3 CSR4 …... • Add another pair of CSRs to scale out • Remote end (VGW) has multiple tunnels and do L3 ECMP (Equal Cost Multiple Path) • Elasticity as you go: monitor CSR real-time throughput and spin up new CSRs on demand.
Enterprise DC ASR1KBranch ISR4K Cisco Secure Agile Exchange • Leveraging the AVC (Application Visibility Control) on CSR1000V to visualize your application traffic • Sending application metric to central controller to ensure app experience • Automatically apply QoS policy when needed CSR1000v CSR1000v CSR1000v Don’t Let Public Cloud Become Your Blind Spot Netflow Collector
Prioritize Your Traffic with QoS Policy • AWS Infrastructure doesn’t acknowledge QoS value, however you can use it over Tunnel • Based on transport type (Direct Connect, VPC Peering, Public IP), shape different traffic to ensure app experience when link get over-subscribed Cisco ISR/ASR Corporate DC Co-Lo Direct Connect QoS IPSEC Tunnel
Integrated Security Features on CSR ACL VRF Zone Based Firewall Snort IPS Web Root URL Filtering Umbrella IPSEC Trust Sec Encrypted Traffic Analytics (ETA) Support Coming Transit Hub VPC Integrated Security • Low TCO by enabling security services • Built-in high availability with routing • Single device to manage routing and security CSR1 CSR2 24
Data Center Transit VPC AZ1 AZ2 App 1 (VPC1) App 2 (VPC2) App 3 (VPC3) Internet Employee Developer Guest Non-Compliant ✓ X ✓ ✓ X X ✓ ✓ X ✓ ✓ ✓ VPC1 Extend Trust Sec into AWS Transit VPC Simplifying Segmentation and Control Direct Connect Dynamic Route Peering Employee Tag Developer Tag Guest Tag Non-Compliant Tag X X ✓ ✓ ISE Identity & Access Control Policy Enforcement App 1 VPC2 App 2 VPC3 App 3 Control Access to spoke VPC’s based on SGT Tags and Policy Enforcement within the Transit VPC Hub CSRv’s • Control Traffic between VPC’s • Simplify Security Configurations • Scale Security Group Control • Single Control Point dev pro test ASR1K CSR1 CSR2
AWS CloudFormation • AWS technology to define cloud stacks via a JSON file • Comparable technologies in OpenStack (Heat) and Azure (RM Templates) • Can be used to create VPCs or launch EC2 instances into existing VPCs • For CSR, can be used to initially launch, and then also configure via user data • Most useful for Day 0 • Template for CSR in GitHub repository template AWS CloudFormation stack 26
• Guest Shell runs in a LXC container • It gives you native Linux Shell (Command) access to run customized scripts • Access to IOS-XE CLI, boot flash • Python is the language we support today • You can install AWS CLI and SDK to automate day-to-day jobs through scripts • EEM can be leveraged to create Crontab tasks calling Guest Shell scripts • https://github.com/CiscoDevNet/csr_aws_guestshell Guest Shell Network OS Guest Shell Open Application Container API Linux applications 27
Cloud Security with Cisco Umbrella Regional Data Center Remote Site ISP1 SD-WAN Fabric DNS Queries Data Center DIA • vEdge router intercepts client DNS queries - Deep Packet Inspection • DNS queries are forwarded to Cisco Umbrella DNS servers based on the data or application aware routing policies centrally defined on vManage - Target DNS servers list is defined under the service side VPN - Policy can pin DNS query for specific application (DPI based) to specific DNS server from the list • Cisco Umbrella enforces security policy compliance based on DNS resolution
Viptela Confidential29 Cloud onRamp for IaaS How it works Internet Branch DC MPLS Public Cloud (AWS & Azure) connectivity solution consumable through the vManage platform vManage Platform Public cloud credentials added to vManage vManage invokes instantiation of vEdge instances in users accounts & connects IaaS instances to vEdge GW VPN segments IaaS instances are discovered from users account in a region. User selects instances to operate on New instances can be discovered and mapped to VPN segments later Public Cloud Provider 1 Region 1 IaaS instances IaaS instances vEdge GW User defines vEdge gateway parameters and maps IaaS instances to VPN segments in the overlay vManage Cloud onRamp for IaaS app: A vManage application that orchestrates connectivity to IaaS instances across multiple cloud and multiple regions. Provides visibility into cloud instances. vEdge Cloud Router: A virtualized version of the vEdge router. Available on the AWS and Azure marketplace.
Viptela Confidential30 Cloud onRamp for SaaS Regional internet exit Branch with local DMZ Data Center/DMZ vFabric httping probes SaaS traffic primary SaaS traffic backup Cloud onRamp for SaaS Gateways: vEdge routers monitoring service availability to SaaS apps. vManage Cloud onRamp for SaaS app: A vManage application provides visibility into SaaS performance and availability from the branch. • User designates Cloud onRamp gateways which can be remote DMZs or local CPE (DIA case) • SLA metrics are computed by using httping based probes to the SaaS endpoint through the Cloud onRamp gateway • Per application SLA metrics include loss and latency • Application aware routing to SaaS end-point from gateway routers • Path experiencing better SLA for the application is chosen How it works Viptela Quality of Experience (vQoE) score: Provides visibility into application QoE based on realtime probes. vQoE information influences routing decisions on vEdge routers
Viptela Confidential31 Why Cloud Connect ? • Proven methodology – Transforming to deliver business outcomes based on adoption of capabilities via cloud technologies • Ease of management- Easy management and administration due to consistency of the solutions between on-premises and public cloud • Integrated Security - Most comprehensive security and networking features and services that leverage existing infrastructure • Seamless transition to cloud environments by extending enterprise grade networking & security from on-premises to cloud • Best-in-class SD WAN with security - Viptela with Umbrella • Best Network flow monitoring and threat analytics
Viptela Confidential32 • www.cisco.com/go/cloud. • https://www.cisco.com/c/en/us/solutions/cloud/hybrid-cloud-public- cloud.html?CAMPAIGN=cloud%2bstory&COUNTRY_SITE=us&POSITION=social %2bmedia%2bshare&REFERRING_SITE=blogs%2Ecisco%2Ecom&CREATIVE= cisco%2Bblogs%2Bto%2Bhybrid%2Bpublic%2Bcloud • Demo Videos - • https://www.youtube.com/channel/UCaOS_SEzOmqKZDOIupONssg Find out more :

Empfohlen

DEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceDEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
DEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudDEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudAmazon Web Services
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSAmazon Web Services
 
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...Amazon Web Services
 
SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWS SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWSAmazon Web Services
 
AWS Identity, Directory, and Access Services: An Overview
AWS Identity, Directory, and Access Services: An Overview AWS Identity, Directory, and Access Services: An Overview
AWS Identity, Directory, and Access Services: An Overview Amazon Web Services
 
SID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CASID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CAAmazon Web Services
 
Modernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSModernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSAmazon Web Services
 

Empfohlen

DEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceDEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
DEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudDEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudAmazon Web Services
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSAmazon Web Services
 
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...
Migrating to VMware on AWS as the First Step Towards the AWS Cloud (GPSCT206)...Amazon Web Services
 
SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWS SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWSAmazon Web Services
 
AWS Identity, Directory, and Access Services: An Overview
AWS Identity, Directory, and Access Services: An Overview AWS Identity, Directory, and Access Services: An Overview
AWS Identity, Directory, and Access Services: An Overview Amazon Web Services
 
SID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CASID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CAAmazon Web Services
 
Modernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSModernize your Microsoft Applications on AWS
Modernize your Microsoft Applications on AWSAmazon Web Services
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksIntroduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksAmazon Web Services
 
SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access ServicesAmazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 
An Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWSAn Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWSAmazon Web Services
 
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Amazon Web Services
 
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018Amazon Web Services
 
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Amazon Web Services
 
Digital Transformation | AWS Webinar
Digital Transformation | AWS WebinarDigital Transformation | AWS Webinar
Digital Transformation | AWS WebinarAmazon Web Services
 
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Amazon Web Services
 
ENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogAmazon Web Services
 
Using AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your ApplicationsUsing AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your ApplicationsAmazon Web Services
 
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Amazon Web Services
 
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%Amazon Web Services
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Amazon Web Services
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security BlueprintAmazon Web Services
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSAmazon Web Services
 
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with DynatraceDEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon Web Services
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Amazon Web Services
 
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Amazon Web Services
 
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWSAmazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksIntroduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksAmazon Web Services
 
SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access ServicesAmazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 
An Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWSAn Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWSAmazon Web Services
 
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Amazon Web Services
 
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018Amazon Web Services
 
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Amazon Web Services
 
Digital Transformation | AWS Webinar
Digital Transformation | AWS WebinarDigital Transformation | AWS Webinar
Digital Transformation | AWS WebinarAmazon Web Services
 
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Amazon Web Services
 
ENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogAmazon Web Services
 
Using AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your ApplicationsUsing AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your ApplicationsAmazon Web Services
 
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Amazon Web Services
 
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%Amazon Web Services
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Amazon Web Services
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSAmazon Web Services
 
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with DynatraceDEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon Web Services
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Amazon Web Services
 

Was ist angesagt? (20)

ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
 
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksIntroduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
 
SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 
An Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWSAn Intro to Building and Optimizing a Hybrid Cloud on AWS
An Intro to Building and Optimizing a Hybrid Cloud on AWS
 
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
Deep Dive into AWS X-Ray: Monitor Modern Applications (DEV324) - AWS re:Inven...
 
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
Driving Innovation with Serverless Applications (GPSBUS212) - AWS re:Invent 2018
 
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...
 
Digital Transformation | AWS Webinar
Digital Transformation | AWS WebinarDigital Transformation | AWS Webinar
Digital Transformation | AWS Webinar
 
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
 
ENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service CatalogENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
ENT304 Enabling Self Service for Data Scientists with AWS Service Catalog
 
Using AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your ApplicationsUsing AWS Purpose-Built Databases to Modernize your Applications
Using AWS Purpose-Built Databases to Modernize your Applications
 
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
 
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security Blueprint
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWS
 
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with DynatraceDEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with Dynatrace
 
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
 

Ähnlich wie DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and Maintain User Experience

Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Amazon Web Services
 
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWSAmazon Web Services
 
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdfShahedHasib1
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure IntegrationAmazon Web Services
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure IntegrationAmazon Web Services
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure IntegrationAmazon Web Services
 
Getting Started with VMware Cloud on AWS
Getting Started with VMware Cloud on AWSGetting Started with VMware Cloud on AWS
Getting Started with VMware Cloud on AWS2nd Watch
 
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptx
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptxNSX_Advanced_Load_Balancer_Solution_with_Oracle.pptx
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptxAvi Networks
 
VMworld 2016 Recap
VMworld 2016 RecapVMworld 2016 Recap
VMworld 2016 RecapKevin Groat
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůMarketingArrowECS_CZ
 
Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010solarisyourep
 
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
 
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
 
Self service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxSelf service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxsolarisyougood
 
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...Amazon Web Services
 
Hybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudHybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudAmazon Web Services
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Amazon Web Services
 
Clearing Cloud Confusion
Clearing Cloud ConfusionClearing Cloud Confusion
Clearing Cloud ConfusionOVH US
 

Ähnlich wie DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and Maintain User Experience (20)

Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
 
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
(NET208) Enable & Secure Your Business Apps via the Hybrid Cloud on AWS
 
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf
2017DellEMCForum-ConsistentCloudOperations-VMwareCloudonAWS-FV.pdf
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure Integration
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure Integration
 
Hybrid Infrastructure Integration
Hybrid Infrastructure IntegrationHybrid Infrastructure Integration
Hybrid Infrastructure Integration
 
Getting Started with VMware Cloud on AWS
Getting Started with VMware Cloud on AWSGetting Started with VMware Cloud on AWS
Getting Started with VMware Cloud on AWS
 
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptx
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptxNSX_Advanced_Load_Balancer_Solution_with_Oracle.pptx
NSX_Advanced_Load_Balancer_Solution_with_Oracle.pptx
 
Deep Dive: Hybrid Architectures
Deep Dive: Hybrid ArchitecturesDeep Dive: Hybrid Architectures
Deep Dive: Hybrid Architectures
 
VMworld 2016 Recap
VMworld 2016 RecapVMworld 2016 Recap
VMworld 2016 Recap
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
 
Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010Presentation v mware virtualization & cloud vision 2010
Presentation v mware virtualization & cloud vision 2010
 
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
 
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
 
Self service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxSelf service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsx
 
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...
Learn how CBT Nuggets securely connects VPCs in minutes with Juniper Networks...
 
Hybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudHybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS Cloud
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
 
Clearing Cloud Confusion
Clearing Cloud ConfusionClearing Cloud Confusion
Clearing Cloud Confusion
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Come costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSCome costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Come costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSCome costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWS
 

DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and Maintain User Experience

  • 1. Liad Ofek Director, Product management Cloud and Virtualization Networking Business Unit January 2018 Cisco Hybrid cloud : Cloud Connect
  • 2. It’s a Hybrid cloud world Source: IDC CloudView, April, 2017, n=8,293 worldwide respondents, weighted by country, company size and industry Evaluating or using public cloud 85% Taken steps towards a hybrid cloud strategy 87% Plan to use multiple clouds 94% Among cloud users
  • 3. Hybrid cloud Complexity Challenges “I need to…” FRAGMENTED COMPLEX NO DATA CONTROL “…securely extend private networks to public clouds” “…define and execute my cloud first strategy” “…protect my cloud applications, endpoints, and data” “…migrate to cloud and manage the full application lifecycle”
  • 4. Cloud Adoption Journey-Key Activities & Pain Points FRAGMENTED COMPLEX NO DATA CONTROL SaaS SaaS SaaS SaaS SaaS SaaS SaaS Other Public Clouds IaaS AWS PaaS SaaS PrivatePrivate
  • 6. Cisco Cloud Portfolio — Objectives Hybrid Cloud Portfolio Cloud Connect Cloud Protect Cloud Advisory Cloud Consume Design, plan, accelerate, and de-risk your cloud migrations Deploy, monitor and optimize applications in cloud environments Securely extend your private networks into public clouds and ensure the application experience Protect cloud identities, direct-to- cloud connectivity, data, and applications including SaaS
  • 7. Cisco Cloud Portfolio — Offers Cloud Consume Cloud Protect Cloud Connect Cloud Advisory Multicloud Portfolio Advisory Services • Cloud Migration • Cloud Connect • Cloud Protect • Cloud Consume (Delivered by AS/Cisco Partners) • CloudCenter • AppDynamics Cloud Consume Cloud Advisory • CSR 1000v • vEdge with Umbrella • Umbrella • AMP for Endpoints • Meraki Systems Manager • Cloudlock • Tetration Cloud Cloud Connect Cloud Protect
  • 8. Cisco Cloud Portfolio — Implementation ▪ Faster implementation and time to value ▪ Lower risk ▪ Lower cost Design and Deployment Guides Hybrid Cloud Portfolio Cloud Connect Cloud Protect Cloud Advisory Cloud Consume • Best practices • Integrated design • Detailed implementation steps
  • 9. Cloud Connectivity Challenges On-Prem Datacenters Remote Branches Public Cloud • Complexity & Dependency – Need a simple and scalable way to securely extend the private network across cloud environments • Inconsistent security policies between private & public- Need to apply consistent security policies • Performance and ambiguity for best path to reach the cloud – Need enhance application experience Applications Users Cloud Connect
  • 10. Enterprise DC ASR1K Branch ISR4K Cloud Connect – CSR 1000V Securely extend the private network to the cloud from the Branch and DC with CSR1000v Extend routing to multi-VPC environment with CSR100v in Transit VPC Maintain application experience with QoS and AVC CSR1000v CSR1000v CSR1000v VPC VPC VPC VPC VPC
  • 11. Enterprise DC ASR1K Branch Cloud Connect w/vEdge Cloud vEdge Cloud vEdgevEdge Internet Direct Cloud connectivity from a Branch with vEdge to vEdge Cloud Extend routing to multi-VPC environment with vEdgeTransit VPC Extend Cisco SD-WAN fabric to the cloud VPC VPC VPC VPC VPC
  • 12. Branch Enterprise DC ASR1K Cloud Connect - vEdge and Umbrella vEdge Cloud vEdgevEdge Protecting your branch office users directly to your multi-cloud environment leveraging direct internet access(DIA), using vEdge and secure internet gateway (Umbrella) VPC VPC VPC VPC VPC InternetUmbrella
  • 13. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Extend private network to cloud leveraging existing investments Consistent security policies across private and public cloud footprint Enhance and secure app experiences with visibility and path selection/optimization Centralized orchestration across the entire network including cloud Cisco Cloud Connect Benefits
  • 14. Cisco Cloud Services Router (CSR) 1000V Cisco IOS XE Software in a Virtual Appliance Form-Factor Enterprise-class Networking with Rapid Deployment and Flexibility Server Hypervisor Virtual Switch OS App OS App CSR 1000V Software • Familiar IOS XE software with ASR1000 and ISR4000 Infrastructure Agnostic • Runs on x86 platforms • Supported Hypervisors: VMware ESXi, Linux KVM, Citrix Xen, Microsoft Hyper-V, Cisco NFVIS and CSP2100 • Supported Cloud Platforms: Amazon AWS, Microsoft Azure, Google Cloud Platform (Q3CY18), AliCloud Performance Elasticity • Available licenses range from 10 Mbps to 10 Gbps • CPU footprint ranges from 1vCPU to 8vCPU License Options • Term based 1 year, 3 year or 5 year • Smart License enabled Programmability • NetConf/Yang, RESTConf, Guest Shell and SSH/Telnet 14
  • 15. Q: Where can I find the CSR on AWS? A: In the AWS marketplace! 1. Search for “Cisco” 2. Pick a flavor 15
  • 16. Two deployment models VPC Application VPC Gateway • CSR deployed in application VPC • Provide IPSEC gateway for entire VPC • Need high availability Transit Hub Router • CSR deployed in dedicated Transit Hub, not in application VPC • High speed traffic routing for spoke VPC • High availability is built-in natively Transit Hub AZ1 AZ2 Application VPC VPC 16
  • 17. CSR Cloud High Availability • No virtual IP as with HSRP, since AWS doesn’t allow multicast • BFD over GRE tunnel is enabled between two CSRs to detect failure • AWS Route Tables for app subnets are re-pointed to surviving CSR • Failure detection is automatic • CSR itself calls AWS API to adjust AWS Route Table routes • Sub-second failover VPC CSR Subnet App Subnet A App Subnet B Before HA Failover After HA Failover AWS REST API http://www.cisco.com/c/en/us/td/docs/routers/csr1000/software/aws/b_csraws/b_csraws_chapter_0100.html BFD 17
  • 18. Public Cloud Transit Routing Challenge • No transit routing capability • Don’t support across region peering A-B Peering B-C Peering Transit Routing NOT supported A-to-C-thru-B Full mesh Private DC … Backhaul2 See next slide VPC-A VPC-C VPC-B 18
  • 19. Transit VPC Design • Dedicated VPC: Simplifies routing by not combining with other shared services. • CSR1000v Virtual Network Appliances: Provide dynamic routing and VPN network tunnels • Redundancy: Dynamic routing combined with multi-AZ deployment creates a robust network infrastructure. • VGW: VPC virtual gateways provide highly available connections to transit VPC virtual network appliances. BA C …... Direct Connect Or Internet Private DC Transit VPC Spoke VPC Other Provider Networks CSR1 CSR2 AZ1 AZ2 Across regions, accounts/subscriptions ASR VPCVPCVPC VPC
  • 20. Traffic Segregation • Traffic segregation is built-in natively • Each Spoke VPC is represented as a different VRF in CSR • Routing is controlled through RT (Route Target) • Different VPCs can communicate by export/import same RT • Follow same mechanism to create customized VRF like on-premise VRF CSR1 MP-BGP On-Premise VRF CSR2 VPC-A VPC-B VPC-C Private DC VPC-C VRFVPC-B VRFVPC-A VRF
  • 21. Scale Out Private DC Transit VPC DX/ER Internet ASR VPC CSR1 CSR2 CSR3 CSR4 …... • Add another pair of CSRs to scale out • Remote end (VGW) has multiple tunnels and do L3 ECMP (Equal Cost Multiple Path) • Elasticity as you go: monitor CSR real-time throughput and spin up new CSRs on demand.
  • 22. Enterprise DC ASR1KBranch ISR4K Cisco Secure Agile Exchange • Leveraging the AVC (Application Visibility Control) on CSR1000V to visualize your application traffic • Sending application metric to central controller to ensure app experience • Automatically apply QoS policy when needed CSR1000v CSR1000v CSR1000v Don’t Let Public Cloud Become Your Blind Spot Netflow Collector
  • 23. Prioritize Your Traffic with QoS Policy • AWS Infrastructure doesn’t acknowledge QoS value, however you can use it over Tunnel • Based on transport type (Direct Connect, VPC Peering, Public IP), shape different traffic to ensure app experience when link get over-subscribed Cisco ISR/ASR Corporate DC Co-Lo Direct Connect QoS IPSEC Tunnel
  • 24. Integrated Security Features on CSR ACL VRF Zone Based Firewall Snort IPS Web Root URL Filtering Umbrella IPSEC Trust Sec Encrypted Traffic Analytics (ETA) Support Coming Transit Hub VPC Integrated Security • Low TCO by enabling security services • Built-in high availability with routing • Single device to manage routing and security CSR1 CSR2 24
  • 25. Data Center Transit VPC AZ1 AZ2 App 1 (VPC1) App 2 (VPC2) App 3 (VPC3) Internet Employee Developer Guest Non-Compliant ✓ X ✓ ✓ X X ✓ ✓ X ✓ ✓ ✓ VPC1 Extend Trust Sec into AWS Transit VPC Simplifying Segmentation and Control Direct Connect Dynamic Route Peering Employee Tag Developer Tag Guest Tag Non-Compliant Tag X X ✓ ✓ ISE Identity & Access Control Policy Enforcement App 1 VPC2 App 2 VPC3 App 3 Control Access to spoke VPC’s based on SGT Tags and Policy Enforcement within the Transit VPC Hub CSRv’s • Control Traffic between VPC’s • Simplify Security Configurations • Scale Security Group Control • Single Control Point dev pro test ASR1K CSR1 CSR2
  • 26. AWS CloudFormation • AWS technology to define cloud stacks via a JSON file • Comparable technologies in OpenStack (Heat) and Azure (RM Templates) • Can be used to create VPCs or launch EC2 instances into existing VPCs • For CSR, can be used to initially launch, and then also configure via user data • Most useful for Day 0 • Template for CSR in GitHub repository template AWS CloudFormation stack 26
  • 27. • Guest Shell runs in a LXC container • It gives you native Linux Shell (Command) access to run customized scripts • Access to IOS-XE CLI, boot flash • Python is the language we support today • You can install AWS CLI and SDK to automate day-to-day jobs through scripts • EEM can be leveraged to create Crontab tasks calling Guest Shell scripts • https://github.com/CiscoDevNet/csr_aws_guestshell Guest Shell Network OS Guest Shell Open Application Container API Linux applications 27
  • 28. Cloud Security with Cisco Umbrella Regional Data Center Remote Site ISP1 SD-WAN Fabric DNS Queries Data Center DIA • vEdge router intercepts client DNS queries - Deep Packet Inspection • DNS queries are forwarded to Cisco Umbrella DNS servers based on the data or application aware routing policies centrally defined on vManage - Target DNS servers list is defined under the service side VPN - Policy can pin DNS query for specific application (DPI based) to specific DNS server from the list • Cisco Umbrella enforces security policy compliance based on DNS resolution
  • 29. Viptela Confidential29 Cloud onRamp for IaaS How it works Internet Branch DC MPLS Public Cloud (AWS & Azure) connectivity solution consumable through the vManage platform vManage Platform Public cloud credentials added to vManage vManage invokes instantiation of vEdge instances in users accounts & connects IaaS instances to vEdge GW VPN segments IaaS instances are discovered from users account in a region. User selects instances to operate on New instances can be discovered and mapped to VPN segments later Public Cloud Provider 1 Region 1 IaaS instances IaaS instances vEdge GW User defines vEdge gateway parameters and maps IaaS instances to VPN segments in the overlay vManage Cloud onRamp for IaaS app: A vManage application that orchestrates connectivity to IaaS instances across multiple cloud and multiple regions. Provides visibility into cloud instances. vEdge Cloud Router: A virtualized version of the vEdge router. Available on the AWS and Azure marketplace.
  • 30. Viptela Confidential30 Cloud onRamp for SaaS Regional internet exit Branch with local DMZ Data Center/DMZ vFabric httping probes SaaS traffic primary SaaS traffic backup Cloud onRamp for SaaS Gateways: vEdge routers monitoring service availability to SaaS apps. vManage Cloud onRamp for SaaS app: A vManage application provides visibility into SaaS performance and availability from the branch. • User designates Cloud onRamp gateways which can be remote DMZs or local CPE (DIA case) • SLA metrics are computed by using httping based probes to the SaaS endpoint through the Cloud onRamp gateway • Per application SLA metrics include loss and latency • Application aware routing to SaaS end-point from gateway routers • Path experiencing better SLA for the application is chosen How it works Viptela Quality of Experience (vQoE) score: Provides visibility into application QoE based on realtime probes. vQoE information influences routing decisions on vEdge routers
  • 31. Viptela Confidential31 Why Cloud Connect ? • Proven methodology – Transforming to deliver business outcomes based on adoption of capabilities via cloud technologies • Ease of management- Easy management and administration due to consistency of the solutions between on-premises and public cloud • Integrated Security - Most comprehensive security and networking features and services that leverage existing infrastructure • Seamless transition to cloud environments by extending enterprise grade networking & security from on-premises to cloud • Best-in-class SD WAN with security - Viptela with Umbrella • Best Network flow monitoring and threat analytics
  • 32. Viptela Confidential32 • www.cisco.com/go/cloud. • https://www.cisco.com/c/en/us/solutions/cloud/hybrid-cloud-public- cloud.html?CAMPAIGN=cloud%2bstory&COUNTRY_SITE=us&POSITION=social %2bmedia%2bshare&REFERRING_SITE=blogs%2Ecisco%2Ecom&CREATIVE= cisco%2Bblogs%2Bto%2Bhybrid%2Bpublic%2Bcloud • Demo Videos - • https://www.youtube.com/channel/UCaOS_SEzOmqKZDOIupONssg Find out more :