1
00:00:01,140 --> 00:00:04,710
When it comes to the data center, Cisco has countless solutions,

2
00:00:04,710 --> 00:00:07,440
both hardware and software.

3
00:00:07,440 --> 00:00:11,130
We'll focus on four products in this clip.

4
00:00:11,130 --> 00:00:16,210
First, we have the Unified Computing System, or UCS Manager.

5
00:00:16,210 --> 00:00:19,550
This product is designed for managing Cisco computing hardware,

6
00:00:19,550 --> 00:00:24,410
such as rack and blade servers, inside of a private data center.

7
00:00:24,410 --> 00:00:30,120
It can also manage Cisco's popular hyperconverge solution, known as HyperFlex.

8
00:00:30,120 --> 00:00:32,880
The product enables administrators to apply server

9
00:00:32,880 --> 00:00:35,840
policies in a centralized way.

10
00:00:35,840 --> 00:00:41,010
UCS Manager has an RPC‑based XML API that describes methods

11
00:00:41,010 --> 00:00:44,690
for programmers to interact with the system.

12
00:00:44,690 --> 00:00:48,080
Cisco Intersight is a cloud‑based Software as a Service

13
00:00:48,080 --> 00:00:51,330
offering for Cisco compute management.

14
00:00:51,330 --> 00:00:56,890
Like Meraki, it comes with built‑in high availability and unlimited scale.

15
00:00:56,890 --> 00:01:00,910
Intersight can also leverage information from other customers.

16
00:01:00,910 --> 00:01:01,750
For example,

17
00:01:01,750 --> 00:01:06,590
if another company uses Intersight and their data center crashes due to a bug,

18
00:01:06,590 --> 00:01:08,860
Intersight can notify all other tenants,

19
00:01:08,860 --> 00:01:11,120
such as Globomantics.

20
00:01:11,120 --> 00:01:16,940
Sometimes, it can even take proactive action to remediate these faults.

21
00:01:16,940 --> 00:01:22,410
Intersight supports a modern REST API for programmatic access.

22
00:01:22,410 --> 00:01:26,570
UCS Director has a somewhat misleading name because it does much

23
00:01:26,570 --> 00:01:30,610
more than just manage Cisco UCS platforms.

24
00:01:30,610 --> 00:01:35,100
It's comparable to DNA Center except focused on the data center.

25
00:01:35,100 --> 00:01:37,310
It can interact with many other vendors,

26
00:01:37,310 --> 00:01:40,930
such as F5 load balancers, VMware vCenter,

27
00:01:40,930 --> 00:01:44,530
NetApp storage appliances, and many more.

28
00:01:44,530 --> 00:01:47,380
It is excellent for initial provisioning of new services,

29
00:01:47,380 --> 00:01:51,040
as well as workflow orchestration.

30
00:01:51,040 --> 00:01:57,720
Last, UCS Director has a REST API with extensive documentation.

31
00:01:57,720 --> 00:02:02,200
Another popular Cisco data center product is application‑centric infrastructure,

32
00:02:02,200 --> 00:02:04,940
or ACI.

33
00:02:04,940 --> 00:02:09,780
ACI is somewhat similar to SD‑WAN in that it manages an entire collection

34
00:02:09,780 --> 00:02:14,420
of network devices as a single application‑aware fabric.

35
00:02:14,420 --> 00:02:18,600
ACI is based on the Cisco Nexus 9000 hardware platform,

36
00:02:18,600 --> 00:02:21,240
a data center networking device.

37
00:02:21,240 --> 00:02:25,780
Here's a sample connectivity diagram of how they might be interconnected.

38
00:02:25,780 --> 00:02:29,900
If you remember the SD‑WAN vSmart controllers,

39
00:02:29,900 --> 00:02:33,740
ACI uses an application policy infrastructure controller,

40
00:02:33,740 --> 00:02:36,810
or APIC, which serves a similar purpose.

41
00:02:36,810 --> 00:02:41,300
It communicates to all the network devices in the fabric and controls

42
00:02:41,300 --> 00:02:44,800
how they forward traffic within the data center.

43
00:02:44,800 --> 00:02:48,740
Imagine distributed applications that follow the MVC design

44
00:02:48,740 --> 00:02:51,340
pattern discussed in the previous course.

45
00:02:51,340 --> 00:02:54,880
Large‑scale apps would probably have different components spread

46
00:02:54,880 --> 00:02:57,760
across different racks that need to communicate.

47
00:02:57,760 --> 00:03:01,980
ACI can enforce policies to ensure the view never talks

48
00:03:01,980 --> 00:03:05,440
directly to the model or vice versa.

49
00:03:05,440 --> 00:03:06,370
Additionally,

50
00:03:06,370 --> 00:03:11,540
ACI can govern what traffic is allowed to enter and exit the data center at the

51
00:03:11,540 --> 00:03:14,660
interconnect points with the rest of the enterprise network.

52
00:03:14,660 --> 00:03:17,290
Users should be able to access applications,

53
00:03:17,290 --> 00:03:19,860
but not manage the fabric directly,

54
00:03:19,860 --> 00:03:23,640
as only the APIC administrator should be doing that.

55
00:03:23,640 --> 00:03:27,650
Let's explore four big capabilities of ACI.

56
00:03:27,650 --> 00:03:31,140
Centralized management is a recurring theme.

57
00:03:31,140 --> 00:03:34,750
The industry is demanding solutions that have nice‑looking dashboards,

58
00:03:34,750 --> 00:03:37,320
plus strong API support.

59
00:03:37,320 --> 00:03:43,040
ACI has a REST API, which we'll be exploring in the next clip.

60
00:03:43,040 --> 00:03:48,640
ACI introduces a number of new network concepts, but I'll explain two key ones.

61
00:03:48,640 --> 00:03:50,790
An endpoint group, or EPG,

62
00:03:50,790 --> 00:03:54,640
is a collection of hosts with similar security attributes.

63
00:03:54,640 --> 00:04:00,210
A contract defines the communications that are allowed between two EPGs.

64
00:04:00,210 --> 00:04:03,360
This is a segmentation technique to ensure EPGs

65
00:04:03,360 --> 00:04:09,840
only exchange authorized traffic, improving the organization's security posture.

66
00:04:09,840 --> 00:04:13,030
Initially, ACI was limited to a single data center,

67
00:04:13,030 --> 00:04:18,040
but has since been expanded to reflect modern enterprise computing requirements.

68
00:04:18,040 --> 00:04:21,630
ACI can be extended across multiple sites to enable

69
00:04:21,630 --> 00:04:25,740
increased availability and resilience.

70
00:04:25,740 --> 00:04:30,040
Much like SD‑WAN, the API fabric is plug‑and‑play.

71
00:04:30,040 --> 00:04:32,270
The fabric can be physically interconnected with

72
00:04:32,270 --> 00:04:34,840
the APIC hanging off at the edge.

73
00:04:34,840 --> 00:04:39,140
The APIC will automatically begin discovering all nodes in the fabric.

74
00:04:39,140 --> 00:04:47,000
Once complete, the APIC will manage the fabric, allowing administrators to configure application‑specific policies.