0% found this document useful (0 votes)

374 views160 pages

BRKARC-2112 - 2019 Barcelona

Uploaded by

bruce

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

374 views160 pages

BRKARC-2112 - 2019 Barcelona

Uploaded by

bruce

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 160

BRKARC-2112

Harnessing the power of Software

Defined Branch and SD-WAN

Ramesh Kalimuthu,
Technical Marketing Engineer
Agenda
• Introduction
• What is SD Branch?
• SD-WAN Integration
• Monitoring and Troubleshooting
• Performance
• Conclusion

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
The branch and WAN cannot keep up…

 Delays enabling new connectivity

Poor user experience  Inconsistent application performance

 Difficult to manage multiple network

Complex to operate 
devices
Increasing bandwidth demands

Difficult to secure 

Support non-traditional devices
Can’t use the internet for SaaS

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Cisco DNA Virtualization
Automated, software-based network services in minutes on any platform
Branch/
Mobile Campus
Devices

Laptops

Cisco
Digital Network
Architecture

Users/Things Applications

IoT
Colocation Public
Centers Cloud

Secure, open, extensible Any virtual functions

Flexible deployment models
Anywhere in the network
Cisco Digital Network Architecture DIY or Managed Services
Any platform © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
What is Software Defined Branch Architecture?
Solution Oriented Approach
Centralized Orchestration and Management
SDN Applications

Consistent, trusted network services across all the platforms

Network Services and Applications

Hardware and software independence

Virtualization layer

Freedom of choice
Hardware platform

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Software Defined Branch
Deploy Services on Any Platform

Cisco DNA Center/ Network Service Orchestrator/ Virtual Managed Services

Virtual WAN
Virtual Router Virtual Firewall Optimization Third-Party
(ISRv,CSR,vEdge) (ASAv, NGFWv) (vWAAS) applications/VNFs

Network Functions Virtualization Infrastructure Software (NFVIS)

Enterprise Network
Cisco 4000 Series ISR + CSP-2100
UCS® E-Series
Compute System Cisco® UCS C-Series
(ENCS)

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
What SD Branch Can Do for You

Quickly roll out new services and locations

Simple and easy
to design, provision,
and manage the
Give you flexible deployment options
trusted services that
are critical
to your business
Simplify day-to-day operations

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
SD Branch Components
• Hardware : ENCS, Performance considerations
SD Branch • VNFs ecosystem
Components • NFVIS Security
• NFVIS VNF onboarding (packaging, etc)
• Orchestrator, VNFs/Applications
• NFVIS GUI demo (VMLifecycle, RBAC, Monitoring,
• Hardware, NFV Infrastructure Software SPAN, Logs/Troubleshooting, CIMC config, PNIC
tracking, Factory Reset)
• NFVIS Secure overlay, Single IP
• Security
• NFVIS Backup Restore
• Performance • NFVIS PnP
• Serviceability • Orchestration Demo Cisco DNAC-SDWAN, NSO
• Customer Case Studies
• NFVIS on White-box
• NFVIS Roadmap
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Hardware
Enterprise Network
Compute System
Platform Built for Enterprise NFV
Branch/Campus
Colocation Center
Public Cloud
ENCS 5000 Series for the Branch

Best of Routing Complete Open for Third Party

& Compute Virtualized Services Services and Apps

Enterprise Network Compute System

ENCS 5100 Series

ENCS 5400 Series

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
ENCS 5000 Series - Chassis Options

ENCS 5412
ENCS 5408 12-Core
ENCS 5406 8-Core
ENCS 5104 6-Core
4-Core

ENCS 5104 ENCS 5406 ENCS 5408 ENCS 5412

CPU 4-core, 3.4 GHz 6-core, 1.9GHz 8-core, 2.0GHz 12-core, 1.5GHz
LAN PoE No No 200W 200W
Capacity Guidance ISRv + 1 VNF ISRv + 2 VNFs ISRv + 3 VNFs ISRv + 5 VNFs

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
ENCS 5400 Series – I/O Side
Dedicated Lights- (Optional) Internal
Integrated 16 - 64 GB 6, 8, or 12-Core
out Management Hardware RAID M.2 Storage
Power Supply DRAM Intel Xeon-D
(CIMC) Controller 64 – 400 GB

8 Integrated LAN Ports USB 3.0 Network Interface 2 HDD or SSD

with Optional POE Storage Module for LTE & WAN RAID 0 & 1

Hardware 2 Onboard Gigabit

Acceleration for VM Ethernet ports with SFP
Traffic

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Data Path
Control Path

ENCS 5400 Internal Networking

ENCS 5400 Series

VNF 1 ISRv VNF 2

(NIC aware) (NIC aware)
HW offload for
VM-VM traffic Software
switched path
X86 / NFVIS

High-speed Lights-out
NIC CIMC
backplane management

Switch

VLAN-aware
X86 CIMC
HW Switch NIM
POE MGMT MGMT

Dual-PHY
Cellular, T1, Dedicated management
WAN GE or
DSL, LAN, GE ports
LAN uplink

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Understanding SR-IOV on the ENCS 5400
• There are multiple ways a VNF can connect to a physical NIC
of the underlying server/hardware
1
Virtual • Virtual switch - introduced by the hypervisor
Switch
• SR-IOV - by connecting the VNF directly to the physical NIC
• PCI Passthrough – dedicating the entire NIC to the VNF directly

SR-IOV • SR-IOV (Single root IO-Virtualization) allows multiple VNFs to

VNF
connect to a physical interface on the server/hardware
• However for a VNF to use SR-IOV network that the NIC provides, the
VNF needs to support the drivers that are required by the NIC

• On the ENCS, there are two NIC types on which SR-IOV has
been enabled
• WAN NIC GiG NIC – Intel i350, uses IGB Drivers
• LAN back plane NIC - Intel XL710, uses i40vef Drivers
• As long as the VNF supports these NIC drivers, the VNF can be
deployed using SR-IOV

• VNFs can be service chained using SR-IOV VFs on ENCS

• Using SR-IOV provides the best performance

• Eliminates performance issues due to the virtual switch

• VNFs can always be connected/service chained using virtual

switch
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Performance Dependencies
Individual performance of a VNF depends on
• The underlying platform, the number of cores and the type and frequency of the
processor used
• The resources available for the VNF
• How the VM connects to the physical NICS – PCI Passthrough, SR-IOV, virtIO
• Finally The VNF itself. VNF must also be optimized to run in a virtual environment
• In case of a Multi-VNF environment, the net chained VNF performance also
depends on
• The weakest-link VNF
• Use of virtual switches to copy packets from ingress to egress vNICs
• DPDK mode for virtual switches

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
ENCS NFVIS Compare Networking Options
SR-IOV Packet Flow DPDK-OVS Packet Flow OVS Packet Flow
Service Chain throughput better than DPDK/OVS Service Chain throughput near SRIOV, better than non-DPDK OVS Service chain throughput lower than DPDK and SRIOV
NO additional CPU required for NFVIS +1 CPU required for NFVIS NO additional CPU allocated for NFVIS
SRIOV driver support dependency on VNF NO additional driver dependency on VNF NO additional driver dependency on VNF

VM
VM Other VM ISRV VM Virtio Front-End
vNIC QEMU
QEMU
DPDK-OVS
Shared Memory to pass Shared
packet memory directly packets between VMs, no
mapped to VM, In user space
packet copying
Memory
no extra copy
Pulling packet from interface, no interrupt, no
context switching between user mode and NFVIS Linux vHost-net Kernel
OVS kernel mode, no extra packet copy Kernel Thread

NFVIS Linux Kernel

TAP
OVS
NFVIS Linux Kernel Driver

Physical
NIC IGB Kernel
Driver
VF VF

GE0/0 Require NFVIS 3.10 for DPDK on non-

PF physical port Open vswitch. GE0/0
NIC Physical port support in NFVIS 3.11.
NIC
GE0/0
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
ENCS-W vs ENCS
ENCS-W ENCS

• Standalone WAVE Replacement • Part of SD-Branch Solution

• Managed completely by WCM • vWAAS along with other VNFs
orchestrated by Cisco DNAC
• No interaction with • VM lifecycle management via
hypervisor(NFVIS) required hypervisor(NFVIS)
• Scale up to 6000 CC • Scales upto 750 CC
• Positioned when use-case • Positioned when usecase
involves standalone WAN / involves collapsing multiple
Application acceleration services (Routing, Firewall,
WAN-opt, etc) into single
• Perpetual license bundled with platform
appliance, same as WAVE • Term based licensing per VNF

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
UCS E-Series
Cisco UCS E-Series DC-class Servers
Intel Broadwell

Intel Ivy Bridge Cisco UCS E180D M3/

Intel Broadwell 1120D M3
Cisco ® UCS E160D
Intel Ivy Bridge  Double-Wide Service Module
Cisco UCS ® E160S M3  NFVIS, VMware, Hyper-V,
 Double-Wide Service Citrix certified
Cisco UCS ® E140S Module  Intel E5 8 core processor
 Single-Wide Service
module  NFVIS, VMware, Hyper-V,  96GB DRAM
Scalability

 Service module Citrix certified

 NFVIS, VMware, Hyper-V,
Citrix certified  Intel E5 6 core processor
 VMware, Hyper-V,
Citrix certified  Intel Broadwell 6 core  96GB DRAM
 Intel E3 4 core processor processor
 16GB DRAM  32GB DRAM
 USB 3.0 & 10Gb Interface

Performance
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Cloud Services
Platform 5K
CSP 5000 SKUs:
CSP 5216 CSP 5228 CSP 5436 CSP 5444 CSP 5456
Rack 1RU 2RU

CPU Cores 16 28 36 44 56

Mem(16GB/32GB) (128GB Minimum)

(12x2 DIMM Slot) 384GB-768 GB Total Capacity

PCIe NIC Slots 2 6

On Board NICs (LOM) 2x10 GbE SFP+
VIC 4x10/25 GbE SFP28
1GbE (i350) Y (Optional Add-in) 4x1GbE RJ45

i520(2x10GbE SFP+) Y
I710(4x10GbE SFP+) Y

Max NIC ports 14 (2x4+4+2) 30(6x4+4+2)

Min-Max BW 164GbE -200 GbE 324GbE-360GbE

Disk slot(small form) 10 (useable 8) 24

Disk Capacity 1.2*8/2=4.8TB(HDD)/3.8TB(SSD) 14.4 T(HDD)/11.5TB(SSD)

Power 2 slots (AC) 1540 W(2x770) 2100W (2x1050)

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
NFVIS on CSP5K

• Supported with release 3.11 and Higher

• CSP5K ships with CSP-OS: NFVIS will need to be
installed after unpacking box
• Replaces older CSP2100 Series Models
• More details can be found here:
Installing NFVIS on CSP

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Virtual Network
Functions
Network Services from Cisco
Consistent software across physical and virtual

ISRv/SD-WAN ASAv/FTD* vWAAS vWLC

High Performance Application
Full DC-Class Built for small and
Optimization and
Rich Features Featured Functionality medium branches
Akamai Connect

Windows Server Linux 3rd Party

Active Directory, File Network Services
Custom Applications
Share, Server Management &
DNS/DHCP
Applications Monitoring

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Enterprise NFV Open Ecosystem

• Customers have flexibility to run third-party VNF of their choosing.

• Third-Party vendors may choose to submit their VNF for certification.

• No admission restrictions; third party may be complimentary to Cisco, or competitive.

Requirements are the same regardless.
• Irrespective of certification, customers have flexibility to run third-party VNF of their choosing.

• More information: http://cs.co/3nfv

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/enterprise-network-
functions-virtualization-nfv/nfv-open-ecosystem-qualified-vnf-vendors.pdf
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Reference
Third party VNF Certification Resources
http://cisco.com/go/enfv

Certification Program at DevNet, http://cs.co/3nfv

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Vendor Status (December ‘18)
Certified Currently Testing Ready to Test

Netscaler

Expected Engaged

CloudBridge

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
NFVIS
Purpose built Network Hypervisor
Enterprise NFV Infrastructure Software (NFVIS)
Network Hypervisor Zero-Touch Deployment Monitoring

 Supports segmentation of virtual  Automatic connection to PnP  Netconf Notification

networks server  Host and VM Statistics
 Abstract CPU, memory, and  Highly secure connection to the  Packet Capture
storage resources orchestration system
 Easy day-0 provisioning

Lifecycle Management Service Chaining Open API

 Provisioning and launch of VNFs  Elastic service insertion  Programmable API for
 Failure and recovery monitoring  Multiple independent service service orchestration
 Stop and restart services paths based on applications or  Rest and NETCONF API
 Dynamically add and remove user profiles
services

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
NFVIS Software Stack
Power in Software
Console/ Cisco DNA Local Device
NSO Web Portal
SSH Center

Health Monitoring Plug-n-Play RBAC

Syslog SNMP
CLI NETCONF REST HTTPS
Host
Hypervisor Layer Virtual Switch Management
Orchestration API

Linux

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Default System Configuration on ENCS NFVIS
3.10.1 +
ENCS5400
Hypervisor (KVM)

wan-net wan2-net lan-net int-mgmt.-net

NFVIS

vSwitch
wan-br wan2-br lan-br Int-mgmt-br

VF VF VF VF VF VF
VF VF VF VF MGMT
NFVIS LAN Backplane
GE0/0 GE0/1 Port NIM

Default - DHCP for NFVIS on Default ENCS Integrated Switch

WAN-NET and WAN2-NET 192.168.1.1/24
GE1/0 GE1/1 GE1/2 GE1/3 GE1/4 GE1/5 GE1/6 GE1/7

• NFVIS can be accessed by default via the FP GE WAN ports or via the dedicated Management port

• NFVIS 3.10+ Default association: GE0-0 to wan-br, GE0-1 to wan2-br. Both wan-br and wan2-br are enabled for DHCP by default.
DHCP is attempted(cycle between GE0-0, GE0-1) until one of the ports acquire DHCP address. PnP will be attempted over the wan
facing network with path to default gateway. Pre-NFVIS 3.10, no wan2-br created by default, no dhcp by default via GE0-1.

• The Management port on ENCS is set to to 192.168.1.1 to access NFVIS

• All Switch ports – GE 1/0 to GE1/7 is associated to LAN bridge

• An internal management network (int-mgmt-net) and a bridge (int-mgmt-br) is created and is internally used for system monitoring.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
What is NFVIS?
NFVIS is not just KVM Console/ Cisco DNA Local Device
NSO Web Portal
SSH Center

NFVIS

Health Monitoring Plug-n-Play RBAC

Syslog SNMP
CLI NETCONF REST HTTPS
Host
Virtual Switch Management
Orchestration API

Linux/KVM

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Security: Chain of trust
Host Secure Boot VNF Secure Boot
KVM Kernel verifies
module signature
NFVIS

Kernel
Kernel hardened
Kernel for protection

VNF
Grub.efi uses
shim.efi to verify
shim.efi Grub.efi uses
kernel
Trust Chain

shim.efi to verify
Grub-efi kernel Grub-efi
UEFI uses UEFI uses
shim.efi shim.efi to verify shim.efi to verify
grub.efi grub.efi

UEFI Trust anchor

NFVIS
verifies UEFI
firmware
OVMF UEFI
Hardware Trust Anchor

Microloader

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Cisco SD Branch Chain of Trust
Security Risks Cisco Trusted Solution
VNF secure boot based on OVMF UEFI
 VM image tampering
 VM-to-VM communication
VNF / VM Encrypt VM Disk and VNF image*
VNF secure boot*
vulnerabilities

 Hypervisor security
Integrity measurement architecture (IMA)
 Components integrity
UEFI, GRUB, Kernel secure boot
 Unauthorized access to hypervisor
 System file integrity NFVIS Basic RBAC, secure SSL, Granular RBAC*
Restrict NFVIS access from VNFs*
 OS authenticity
Kernel hardening
 OS tampering

Storage isolation
 Hardware authenticity
SUDI / ACT2 authentication with orchestrator
 Storage security and vulnerabilities Hardware Storage encryption via CIMC
Note: features with * are planned roadmap items.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Security embedded at all layers of software

• CPU, Memory, Network and Storage Isolation

• Traffic Segmentation
Infrastructure • Passwords protection - stored on non reversible form using a
hashing algorithm
• Avoid issues related to overlapping names in user-mgmt,

• Can be accessed via secure authenticated interfaces

Access Layer • Encrypted, hashing and key exchange algorithms for SSH
and SSL

Linux/KVM • Image Tamper Protection

• Use of firewall rules to block unauthorized ports
• Strong SSH/SSL/TLS Configs
• SELinux

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Trustworthy Technologies for Enterprise Networking
Built-in security features that defend against today’s threats
Hardware Anchored Trust Anchor Module Hardware Authenticity
Image Signing (TAm) Check
Secure Boot
Creates a unique digital signature Helps ensure that code is authentic A tamper-resistant chip featuring Uses a X.509 SUDI certificate to
for a block of code. Signed images and unmodified. Anchors the nonvolatile secure storage, SUDI, verify hardware authenticity. Runs
may be checked at runtime to microloader in immutable and crypto services including RNG, only after the secure boot process
verify that software has not been hardware, to prevent Cisco key store, and crypto engine. has completed and software has
modified. devices from executing tainted
been verified to be trusted.
software.

HW Assisted SUDI for Cisco

Virtualization Plug & Play
Process and Memory The Secure Unique Identifier (SUDI)
segmentation for data isolation and is an X.509 certificate that provides
protection with better performance. factory-installed device identity.
Enables secure remote on-boarding
of devices.
Cisco ENCS 5000 Series
Secure Development
SE Linux Modern Cryptography Factory Reset Lifecycle (SDL)
Fine-grained system level access Provides secure, up-to-date One command to reset the device to A repeatable, measurable process
control to better protect against encryption so that encrypted data factory-original settings to protect designed to reduce vulnerabilities
privilege escalation attacks communications in-transit and at- sensitive data when the device is out and enhance the security and
rest remains confidential. of direct control. resilience of Cisco solutions.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Domain isolation in
NFVIS
Domain Isolation between network function and
VMs

Core Isolation Memory Isolation

NFVIS Infra isolates VM and host memory to

ensure there is no threat from compromised VMs.
Leverage KVM/QEMU to add an extra level of
Each core is dedicated to a function and address translation.
prevents sharing/oversubscribing cores VMs are not allowed to access file system and
storage in host directly

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Dedicated CPUs vs. Hyperthreading vs. pinning
Hyper-threaded platform like ENCS5400
Best Practice :

1vCPU = 1 logical CPUs

For predictable
1vCPU = 2 logical CPUs
Dedicated core, Pinned
Shared Core, Pinned performance, Dedicate
Core for Virtual Network
Functions like vRouters,
vFirewall, etc.

Lightweight Compute
Applications based on TCP
could share cores, host
more applications

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Domain Isolation between network function and
VMs
Storage Isolation Interface Isolation

VNF can use SR-IOV networks to connect to

WAN and Lan Backplane ports

Network functions (VNF) can be deployed on Applications can use Lan-network/virtIO to

Internal Datastore – M.2 SSD connect to the lan back plane

Customer data/Virtual Machines should be Provides independent path of each other

stored on external SED

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Security: Linux
Feature Detail Status
Image Tamper Digital signature creation and verification using asymmetric key Available today
Protection pairs.

Cisco root credential is leveraged to authenticate Cisco services -

bootloader, ISO and upgrade package are built by Cisco

Attack Vector Only essential packages that are required by NFVIS service is Available today
Reduction installed.

Only selective NFVIS service ports are opened through firewall rules

Linux Super-User Account is disabled

Periodic patching known security vulnerability fixes

Strong SSH/SSL/TLS 2048 bit key; strong encryption, hash, and key exchange algorithm, Available today
Configs Support for TLS 1.2 only.

SELinux Enabled in permissive mode Available today

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Security: NFVIS Management (Access)
Feature Detail Status
Secure Interfaces Allow only secure authenticated administrative interfaces for Available today
REST/NetConf (SSH, HTTPS)

Support only strong encryption, hashing and key exchange

algorithms for SSH and SSL.
Certificate Management Generates self-sign SSL certificate when first deployed, but can Available today
be replaced by CA signed certificate

Restricted storage access Restricted access to storage and folders. Protects NFVIS data Available today

Mounting USB Storage Device requires authentication

Admin-User Controlled Network Allow user to define the scope of IP addresses/services through Available today
Access “ip-receive-acl”. - Access list
VM Console Access Protection Port is opened for 60 seconds for external server to start Available today
session to the VM inside. If no activity, then then port is closed.
The port allows only one-time access.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Security: NFVIS Management (Access)
Feature Detail Status
Role Based Access Sensitive information/action accessible only to a predefined set of Available today
Control users.

Users are assigned roles: administrators, operators, auditors

Unauthorized access is prevented.

Identity Control Default password change enforced at initial login Available today

Time based lockdown after max failed attempt

Enforce strong password rules

Integration with external AAA servers (TACACS+, RADIUS).

Monitor User inactivity and disable user-account if inactive

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Security: NFVIS Management (Access)
Feature Detail Status
Idle Session Timeout User Session times out automatically Available today

Activity Logging Every attempt to login/logout and system configuration Available today
changes are recorded with enough information (who, when,
what)

VM lifecycle auditing
Session Resource Protection Maximum limit on concurrent sessions Available today

Maximum log file size, log rotation, deletion of log

Generate warning when reach threshold

Secure Unlock Client Presents a mechanism to ensure privileged debug access to a Available today
device in the field is restricted to authorized employees

Input Validation API input-validations to prevent command injection attacks Available today

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Security: NFVIS Management (System)
Feature Detail Status
Memory Isolation for System isolates VM and host memory to prevent threat from compromised VM. Available
VMs and Host KVM/QEMU adds an extra level of address translation. today

VM is not allowed to access file system and storage in host directly

Resource provision for One VM can not use more resources than provisioned. This will avoid denial of service Available
VMs condition from one VM consuming the resources. CPU, memory and storage are today
protected

ENCS 5400 Secure Ensure only authentic (signed) NFVIS software is executed Available
Boot today

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Security: NFVIS Management (Traffic)
Feature Detail Status
Traffic Segmentation Support creating VLAN and virtual bridges to help identify different sources of traffic Available
between VMs and and separate traffic between each VMs today
Host
Separate bridges and VLANs isolate the virtual machine network and management
network. Two machines on same physical network cannot send packets to each other
unless they are on same VLAN.
NIC Virtualization SRIOV (IO Virtualization) support enables Ethernet adaptor to appear as multiple virtual Available
adaptors called Virtual Functions (VFs). today

Hypervisor can map guest interfaces to specific VFs, guest uses direct access to their
VFs. Each VM “owns” a virtual interface and its related resource

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Security: NFVIS Management (GUI / Portal)
Feature Detail Status
Session Management Delete session information after user logout Available today

Portal Session times out automatically

Audit record starts when portal session started

Input Field Validation Input validation to avoid command injection runtime Available today

User Authentication Mechanics User session authenticated Available today

Token based user authentication for session management

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
VNF Onboarding
VNF format support on NFVIS
• NFVIS is based on a Linux distribution with KVM
• Can deploy any VNF with a QCOW2 extension (standard KVM file format)
• However, NFVIS can also support additional file formats
• .ISO, .IMG, .RAW
• Has ability to convert a VMDK file into QCOW2 using NFVIS CLI

nfvis# image-convert myimage.vmdk myimage.qcow2

• NFVIS provides users flexibility by creating a package to deploy on NFVIS

• Similar to creating an “OVA”

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Why Package?
• Creating a VNF package is not mandatory however it has it advantages
• Provides a way to scale out deployments
• Support for Day 0 configuration for 3rd party VNFs
• The packaging utility creates a tar.gz file which contains
• The raw QCOW2 file
• Image properties file
• Supported and default profiles
• Day 0 configs
• Image properties file is created by using either the GUI or using the packaging utility
provided with every release.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
VM Packaging using Packing Tool
• This is an enhanced packaging process that allows the VM owner to run
the nfvpt.py utility as a command with a combination of parameters to
package the VM.
• The VM packaging utility contains the following
• nfvpt.py—It is a python based packaging tool that bundles the VM raw disk image/s
along with VM specific properties.
• image_properties_template.xml—This is the template file for the VM image
properties file, and has the parameters with default values. If the user provides
new values to these parameters while creating the VM package, the default values
get replaced with the user-defined values.
• nfvis_vm_packaging_utility_examples.txt—This file contains examples on how to
use the image packaging utility to package a VM image.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
vEdge VM Packaging using the Package Utility
(nfvpt.py)
Input parameters Packaging Utility Final Package

image_properties_template.xml

./nfvpt.py -o vedge17.3.2 -i viptela-edge-genericx86-64.qcow2 -n

vedge.17.03.02 -t ROUTER -r 17.03.02 --monitored false --
cloudinit.cfg privileged true --bootstrap
/dir/latest/user_data:cloudinit.cfg,/dir/latest/meta_data.json:met
a_data,/dir/latest/vendor_data.json:vendor_data --min_vcpu 2 --
max_vcpu 8 --min_mem 4096 --max_mem 8192 --min_disk 8 --max_disk 8
--vnic_max 8 --optimize true --nocloud true --profile vEdge- vedge-17.3.2.tar.gz
meta_data small,"vEdge small profile",2,4096,8192 --profile vEdge-
Standard,"vEdge Standard profile",4,4096,8192 --default_profile
vEdge-Standard --custom ORGNAME, --custom OTP, --custom UUID, --
custom SYSTEM_IP, --custom VBOND,

vendor_data

• cloudinit.cfg: mounted as /openstack/latest/user_data

viptela-edge-genericx86-
• meta_data: mounted as /openstack/latest/meta_data.json
64.qcow2

• vendor_data: mounted as /openstack/latest/vendor_data

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Creating a Package using the NFVIS GUI
Access the utility from VM Life Cycle -> Image Repository -> Image Packaging

Add a new VM Package for vEdge Cloud

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Upload the QCOW2 binary and Day 0 config

Upload vEdge Cloud qcow2 binary

Upload cloud-init file

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Define Flavors
• Flavors set the CPU, Memory, Storage requirements for a VNF

• Helps with one-click automated deployment

Default Flavor
2 vCPU and 4096 MB of RAM

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Create Package, Download or Register
• Once the package is created, you can then download it and reuse it on other NFVIS
systems
• Register the VNF within NFVIS to deploy it

Register new Package so that it appears

under Image registration (image and profiles)

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Access the VNF Console from NFVIS
NFVIS - shows list of VM names NFVIS - console request to a deployed VM

vbo-UCPE1# show system deployments vbo-UCPE1# vmConsole 1511257222.vEdgeCloud

NAME ID STATE Connected to domain 1511257222.vEdgeCloud
------------------------------------ Escape character is ^]
1511257222.vEdgeCloud 7 running
viptela 17.2.0
vbo-UCPE1#
vedge login: admin
Password:
Welcome to Viptela CLI
admin connected from 127.0.0.1 using console on vedge
vedge#

VNF must be packaged with “Serial” console as enabled while using the VNF
packaging tool

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Accessing VNF using Port Forwarding
Port Forwarding from NFVIS
• NFVIS supports port forwarding for VNFs

• NFVIS Host IP address can be used to manage multiple VNFs using port
forwarding
• Example
• NFVIS host - 172.19.169.51
• ISRv deployed with port 22 is mapped to 2224
Lab-test01$ ssh admin@172.19.169.51:2224

Note:
• In order to use Port Forwarding, the VNF must allow itself to be monitored via NFVIS.
• NFVIS can then use the internal management network to connect to the VNF
• Port forwarding needs to know the source interface – Either MGMT or WAN Interface to work
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Secure Overlay and
Single WAN IP
Target Deployment Models using Secure Tunnels
Use case 1: Secure Overlay – NAT CPE Use Case 2: Secure Overlay – DHCP WAN IP Use Case 3: Secure Overlay – Static WAN
w/o NAT CPE IP w/o NAT CPE

Router - Private IP from NAT GW NFVIS – Initially uses WAN IP. Will move to Private IP
NFVIS – Initially uses WAN IP. Will move to Private IP
NFVIS –Private IP from NAT GW. Tunnel Overlay IP Router – Will be spun up and assigned WAN IP Router – Will be spun up and assigned WAN IP
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Solution – Hypervisor Management Overlay
Orchestrator
MSX
S/N Day 0 mapping
NSO

Mgmt-Hub
PnP Headend System-IP
Headend Interface IP
2

1 Day 0 config
Call Home

WAN-IP NFVIS Interface IP

NFVIS System IP

3
NFVIS 4
vBranch

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Solution – Overlay and Single Public IP
Orchestrator
MSX

NSO

Mgmt-Hub
PnP
Headend System IP
Headend Interface IP

WAN-IP

7
NFVIS Interface IP
NFVIS System IP
8
NFVIS 9
vBranch

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Solution – Single Public IP Failover
Orchestrator
MSX

NSO

Mgmt-Hub
PnP Headend System IP
Headend Interface IP

X
WAN-IP NFVIS Interface IP
NFVIS System IP

2
NFVIS 3
vBranch

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Backup and Restore
NFVIS Backup Restore NFVIS
3.10.1 +
BACKUP
rbac monitoring
API

rbac monitoring

API
pnp snmp mgmt rbac monitoring

API
pnp snmp mgmt
ovs ovs pnp snmp mgmt
sriov ovs
sriov ovs
ovs ovs
sriov
or
vnf1 … vnfN or
vnf1 … vnfN vnf1 … vnfN
or or
Mgmt
connectivity Mgmt
connectivity Mgmt
connectivity

vBranch Topology
DEPLOYED Optional Per VNF vs
Complete Topology Backup RESTORE

Restore from No-VNF-disk-Backup will

result in Re-Deploy of VNF.
VNF License is subject to change.
VNF package reqd in image repository.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Backup/Restore CLIs

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Physical Port Status
Tracking
NFVIS PNIC Tracking, VNIC Update NFVIS
3.10.1 +

ENCS5400 UPDATE UPDATE UPDATE

ISRv NGFW

Hypervisor (KVM)

wan-net wan2-net service-net lan-net int-mgmt.-net

NFVIS

vSwitch

wan-br wan2-br service-br lan-br Int-mgmt-br

VF VF VF VF VF VF
VF VF VF VF NIM
MGMT LAN Backplane
GE0/0 GE0/1
TRACK TRACK
ENCS Integrated Switch
GE1/0 GE1/1 GE1/2 GE1/3 GE1/4 GE1/5 GE1/6 GE1/7

• PNIC tracking works for ports associated with OVS, works on LAN and WAN facing ports. Available starting NFVIS 3.10.1 release.

• PNIC tracking is useful in High Availability Designs. HSRP, VRRP like stateful features depend on interface status to switch between
ACTIVE and STANDBY modes.

• PNIC state can be propagated to multiple vnics based on association

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
Deploying a VNF on
NFVIS using the GUI
Deploying VNFs Using NFVIS GUI
VM Life Cycle -> Deploy

“Draw” the desired

Topology

Enter the VNF properties

and Deploy

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
Network PnP
PnP Overview
• Cisco Network Plug-and-Play solution provides
• Simple, secure and unified approach to provision devices with zero-touch deployment
• Designed for users to instantiate a device into network, provision it without manual
intervention.

PnP Agent
• Runs on NFVIS device
• Auto-discover PnP server
• Provides device UDI (Serial Number, PID) to server
• Bulk provisioning of user credentials

• When NFVIS platform is powered on, Cisco Network PnP agent discovery
process kicks in this in turn discovers the IP address of the PnP Server

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
PnP Options

• Four Options
• Static Configuration
• Automatic Discovery with DHCP Options 43
• Domain Name System Lookup
• Cloud Redirection

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
PnP DHCP with options 43
The Cisco PnP agent automatically discovers the IP address of the Cisco Network PnP server specified in the
DHCP option 43 string.

Ex: of DHCP options 43 configs on DHCP server :

ip dhcp pool P_ENCS_18375

host 172.19.183.75 255.255.255.0
hardware-address 00f2.8bc3.4a54 //* mac address of NFVIS WAN Bridge
default-router 172.19.183.1
domain-name cisco.com
dns-server 172.19.183.147
option 43 ascii "5A;B2;K4;I172.19.152.41;J80”

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
PnP DNS Lookup
Construct a fully qualified domain name (FQDN), using the preset hostname "pnpserver”,
based on the network domain name configured on the DHCP server.
Example of DNS lookup configurations on DHCP server:

ip dhcp pool P_ENCS_18375

host 172.19.183.75 255.255.255.0
hardware-address 00f2.8bc3.4a54
default-router 172.19.183.1
domain-name cisco.com
dns-server 172.19.183.147
ip host pnpserver.cisco.com 172.19.152.41
ip dns server

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
PnP Cloud Redirect
• This method uses the Cisco Cloud Device Redirect
tool available in the Cisco Software Central.
• User needs to have a Cisco CCO account in advance.

Example of Cloud Redirect configurations on DHCP server:

ip dhcp pool P_ENCS_18375
host 172.19.183.75 255.255.255.0
hardware-address 00f2.8bc3.4a54
default-router 172.19.183.1
domain-name cisco.com
dns-server 172.19.183.147
ip host devicehelper.cisco.com 64.101.32.10
ip dns server

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
PnP Cloud Redirect – Cisco Account
In order to use Cisco Cloud Device Redirect tool, user needs to have a Cisco Account in advance.

Launch Cisco Software Central at https://software.cisco.com in browser and Click “Login In”

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
PnP Cloud Redirect (cont’d)

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Orchestration
Deploying a VNF on
NFVIS using APIs
Deploying VNFs Using APIs
Using NFVIS APIs – REST or NETCONF

curl -k -i -u admin:Cisco#123 -H Accept:application/vnd.yang.data+xml -H content-type:application/vnd.yang.data+xml -X

POST https://201.0.0.157/api/config/vm_lifecycle/tenants/tenant/admin/deployments --data
'<deployment><name>ISRv_SW_dep</name><vm_group><name>VM_GROUP_1</name><image>ISRv_IMAGE</image><flavor>ISRv-
small</flavor><bootup_time>600</bootup_time><recovery_wait_time>0</recovery_wait_time><recovery_policy><action_on_recovery>REBOOT_ONL
Y</action_on_recovery></recovery_policy><interfaces><interface><nicid>0</nicid><network>int-mgmt-
net</network><port_forwarding><port><type>ssh</type><protocol>tcp</protocol><vnf_port>22</vnf_port><external_port_range><start>20022</start
><end>20022</end></external_port_range></port><port><type>telnet</type><protocol>tcp</protocol><vnf_port>23</vnf_port><external_port_rang
e><start>20023</start><end>20023</end></external_port_range></port></port_forwarding></interface><interface><nicid>1</nicid><network>GE0-
0-SRIOV-1</network></interface><interface><nicid>2</nicid><network>GE0-1-SRIOV-
1</network></interface></interfaces><scaling><min_active>1</min_active><max_active>1</max_active></scaling><kpi_data><kpi><event_name>VM
_ALIVE</event_name><metric_value>1</metric_value><metric_cond>GT</metric_cond><metric_type>UINT32</metric_type><metric_collector><type
>ICMPPing</type><nicid>0</nicid><poll_frequency>3</poll_frequency><polling_unit>seconds</polling_unit><continuous_alarm>false</continuous_ala
rm></metric_collector></kpi></kpi_data><rules><admin_rules><rule><event_name>VM_ALIVE</event_name><action>ALWAYS
log</action><action>TRUE servicebooted.sh</action><action>FALSE recover
autohealing</action></rule></admin_rules></rules><config_data><configuration><dst>bootstrap_config</dst><variable><name>TECH_PACKAGE</na
me><val>security</val></variable><variable><name>ngio</name><val>enable</val></variable></configuration></config_data></vm_group></deploym
ent>

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
What is so great about REST? – Same concept,
many APIs Easy to use:

• In mobile apps
• In console apps
• In web apps
Cisco NFVIS REST APIs
• VM Image Management
• VM Deployment
• Virtual Network Configuration
• On-box Switch
• PNP
How does this work?
GET, POST, PUT,
Client Request DELETE API Service
Client Action Do Something
JSON, XML, TEXT Response 85
BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Service
Orchestrator
Network Service Orchestrator (NSO) for Service
Providers
• Model-driven end-to-end
Network Engineering Ops and Provisioning Service Developers
service lifecycle and
customer experience in
focus
NSO
• Seamless integration
Service Manager with existing and future
Package OSS/BSS environment
CDB Manager
Device Manager • Loosely-coupled and
modular architecture
Device Abstraction ESC (VNFM)
leveraging open APIs and
standard protocols
VNF Lifecycle VNF Service
NED NED NED • Orchestration across
Manager Monitoring
multi-domain and multi-
layer for centralized policy
and services across
Multi-domain Networks
entire network

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Core Function Packs
Currently
• Ready-made implementations
supported
for specific features
• Productized, TAC supported
• 80/20 rule – reduce
implementation cost and TTM SDWAN

vBranch

NFVO

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
NFV Orchestration with
NSO NFVO
NFV Orchestration Challenges
Lessons Learned

CISCO’S NFVO PROVIDES… …TO AVOID

A flexible software platform with open and Proprietary technologies with specialized
ETSI-aligned architecture and interfaces tooling driving long integration projects

A fully multi-vendor stack to accelerate VNF Hard-coded assumptions on VNF design

onboarding to smallest effort possible and behavior requiring fundamental updates

An integrated set of lifecycle operations on Procedural operations leading to expensive

network service and VNF-level change life cycle

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
NFVO High Level Architecture
VNFD Catalogue
OSS/BSS RFS Services
NSD Catalogue
NFV Orchestrator (NFVO)
NSRs and VNFRs

EM EM EM NFVI Resources

Or-Vnfm
(Or-Vi)

VNF VNF VNF VNF Manager (VNFM)

NFV Infrastructure (NFVI) Virtual Infrastructure Manager (VIM)

Service Lifecycle VNF Lifecycle

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
NFVO: High Level Architecture Mapping

RFS Services
RFS Provisioning and Activation VNFD, NSD Catalogue NFV Orchestrator (NFVO)
Cisco NSO NSRs and VNFRs NSO NFVO Component
NFVI Resources

Or-Vnfm
(Or-Vi)
VNF Manager (VNFM)
VNF VNF VNF
Cisco ESC

NFV Infrastructure (NFVI) Virtual Infrastructure Manager (VIM)

Service Lifecycle VNF Lifecycle

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
NSO vBranch
Core Function Pack
for ENFV Automation
ENFV Automated Operations - 1
Branch CPE fully operational in minutes

Customer 1. Pre-provision CPE

or Operator Select branch template
and enter device serial#
Portal
NSO w
vBranch
4. PnP
request CFP
2. Configure PnP
Enter PnP server IP
5+. Configure
CPE and
VNFs
3. Restart

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
ENFV Automated Operations - 2
Branch CPE fully operational in minutes

Customer 1. On-board CPE

or Operator 2. Provision CPE
Select branch template
Portal
NSO w
vBranch
CFP

3. Configure
CPE and
VNFs

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
• Bootstrap configuration (day-0)
• e.g. IP/credentials/license
• Set once

• Base configuration (day-1)

Golden configuration – best
Definitions:
•
practices for device role

Configuration • Set once

Service configuration (day-2/n)

Types •
• Configuration that changes over
device lifetime, e.g. ACL, firewall
rules, etc.
• Create/Modify/Delete multiple times

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Cisco DNA Center
Cisco DNA Center for Enterprise Customers
Profiles Self-Optimizing Predictive
Standardized configurations Machine learning-based detection
for multi-PIN services of problems prior to occurrence

Policy abstraction Proactive

Expressing the business Intent Faster troubleshooting with
Automation Assurance
rather than a feature problems and trends
correlation and dynamic thresholding

Validation E2E visibility

Machine learning-based Scalable data collection and reporting
network-wide configuration for reactive troubleshooting and planning
validation prior to deployment
Closed Loop

Enterprise WAN and access networks | Wired and wireless

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Cisco DNA Center components

Design Provision Policy Assurance

UI
Cisco DNA Center Dashboard

Routing Routing
Switching Wireless PathTrace
Switching Wireless WAAS NFV
NFV
Apps
Automation Automation Apps Assurance Assurance Apps

Discovery/ Service Device Collector Data Storage Analytics

Platform Inventory Manager Manager

Services NP NDP Services

Controller Fusion Services
App
NDP App

P/IAAS Maglev

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
Cisco DNA Automation – Branch DeploymentCisco ONE
Simplified Deployment of Physical/Virtual Branches Foundation

Onboard WAN devices &

Services via 3 easy steps
ISE

ISR/ENCS DHCP
WAN

Office Site Network Services DC

APs Cisco DNAC

1. Configure Network Settings, Service Provider & IP Pools

Branch Deployment in Minutes 2. Design a Router/Virtual Profile

3. Assign to Sites & Provision Network Devices

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Integrated Service Router Provisioning Process Flow
Design

Provide Network Specify Create Profile Provide SP

Define IP pools
Settings Credentials and attach Site Settings

Provision

Specify
Plug and Claim device Add device Provision
Input
Play devices for a site to Inventory Device
parameters

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
SD-Branch
Orchestration in Cisco
DNAC
ENCS based Virtual Branch Profile
Router WAN Router LAN
1 Configuration
2 Configuration 3 Integrated Switch
Configuration
4 Custom CLI
Configuration

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
Virtual Services using Cisco Validated Designs

Select to
add service

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
Support for Third party Services

3rd party
Services
support
with day 0
configs

Application
Hosting
Support

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Support for Third party Applications

Custom
network for
untrusted
traffic

CVD service
chaining
support for
DIA

Discovery Un-claimed Devices Secure Deployment

• Installer powers-on devices • Network admin claims devices

Configure device discovery based on device information
mechanism • Devices securely connects to
Cisco DNA-C Server, waiting to • Adds Device to Site for
• DHCP Option-43 Provisioning
• DNS be ‘Claimed’
• Cisco Cloud Redirect
Device
Authentication Cisco Cisco
DNAC DNAC
Cisco DNA-C app
DHCP DNS
OR
Server Server
Installer

PnP Cloud
Redirection Service
PnP-Agent PnP-Agent

Can run vEdge as a VNF on ENCS starting with NFVIS 3.7.1

Minimum vEdge Cloud version required - 17.2.1
SR-IOV support as part of 18.4

vEdge – Input
Provision vEdge
Select ENCS and parameters Connect vEdge to
on ENCS with Day
Map to Site obtained from vManage
0 config
vManage

vManage Properties for Integration

• IP Address
• Username/ Password
• Port Details
• vBond information
• Organization Name
• Certificate for onboarding vEdge

Integration via APIs to vManage

• One Time Password
• UUID
• Service Chain vEdge with other
services
• Day 1 registration of vEdge with
vManage

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
SDWAN onboarding using Zero Touch
Provisioning
Cisco SD-WAN Control and Policy
Redirect Elements
PnP Server 4
Server
3
Token and Serial Number
2 vEdge-cloud

PnP Call home

Deploy VNF Service

6
8

Chain
Full Registration and
1 Configuration

Assumption:
 DHCP on Transport Side (ENCS mgmt)  DHCP or Static IP (WAN Transport)
 DNS to resolve devicehelper.cisco.com*  DNS to resolve vbond fqdn
* Factory default config NFVIS

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
Cisco DNA Center
Automation Demo
Customer Use Cases
Commercial Investment Trust
• Two major use case driving this Ethernet Transport vEdge
LTE Transport ISRv
• Redesign their WAN
WAN Opt vWAAS
• Refresh their existing ISRs (2911s) VNF Orchestration Cisco DNA Center
SD-WAN Management vManage
• As part of their WAN transformation they evaluated Cisco
SD-WAN and other vendors
• Cisco SD-WAN - Liked ease of manageability and
feature
• Liked the the ability to consolidate and host additional
functions leveraging the Cisco SD-Branch /virtualization
platform
• This Cisco x86 platform also provided with capability for
backup connectivity to the sites with 4G-LTE

• Consolidated SD-WAN, WAN optimization and 3rd party

Firewall (for Colos)
• The solution also provided with High Availability
between VNFs

• Next Phase of design to include SD Access for the

Campus and Branch with Cisco DNA Center for
Automation

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
Large bottling company – Type 1 Profile
Managed Service
(SDWAN)
• Branch consolidation and operational efficiency driving move to
virtualization

• Three main site profiles covered by this solution

• Type 1: Corporate – 500+ users, 120 Sites
• Dual ENCS 5412
• vEdgecloud and vFirepower
• Dual MPLS and Internet Circuits
Type 2 and 3 Profiles
• Type2 : Medium remote locations - 51 - 200 users, 120 sites
• Single ENCS 5412
• vEdgecloud and vFirepower
• Single MPLS and dual Internet Circuits
• Type 3 Small – 15 users, 10 sites World wide
• Single ENCS 5412
• vEdgecloud and vFirepower
• single MPLS and single Internet Circuits

• Global leader in tooth replacement and

orthodontic solutions with 5000 employees
across 5 continents
• Straumann currently were deploying two
Cisco 2951s, 1 Palo Alto Firewall and
Riverbed for Wan Optimization across 70
locations
• Preferred choice of FW vendor is PAN
To: 1 Router, 1 FW and 1 vWAAS all in one platform
• Want automation
• Cisco DNA Center addresses automation
capabilities by adding editable topology,
support for generic 3rd party VNF, adding
custom networks etc.

• Cisco chosen after beating out the • Automation has been key
competition for 246 branches. Initial order
for 165 branches. • Bank has been exploring virtualization for a
year now
• Key Requirements • Bank initially were engaged with other
• Consolidation, Automation and Quickly vendors. However no vendor was able to
isolate and troubleshoot problems. provide an end to end solution that included
• Security is paramount with the bank. automation.
• Analyzed every component of the solution till • After running pilots at multiple branches and
it met their standards saw how easy it was to automate and spin
• Two key promises made by Cisco up new sites, the customer was convinced
with the Cisco solution.
• Continue to invest in the solution
• They were able to eliminate multiple
• Complete Common Criteria certification
Windows workstations at every branch by
virtualizing them
• Chose the ENCS for it compactness

Bank’s strategic investment is on Mobile Why ENFV?

Banking – Load the bank in a truck and drive • Hardware consolidation
it from location to location to grow their
customer base • Integrated switch with POE
capabilities
Wanted a solution that fits the following
• Dual 4G primary WAN access
requirements
• IWAN Solution Integration
• IWAN enabled WAN router.
• Automation
• Run routing, security and banking
applications in a virtual environment
• 4G-LTE for WAN connectivity
• Hardware that can accommodate the
above requirements and fits into the
space available in the mobile trucks

Opens up new revenue models

• OBS has been one of the first
customers to work closely with Cisco Use Ciena Blue Plant as the orchestrater.
to launch their uCPE solution
Use NFVIS NETCONF APIs for integration
• Looking to further strengthen their
Positioning ISRv with 3rd party VNFs
SD-WAN offering and is part of its
strategy to move to software-defined
networks (SDN) and intent-based https://www.businesswire.com/news/home/20
networking. 180206005830/en/Orange-Business-
Services-Cisco-Bring-SD-WAN-Network

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
Reference
British Telecom
• BT integrating Cisco’s Network
Services Orchestrator (NSO) uCPE Press Release
software platform for network https://www.globalservices.bt.com/btfederal/
automation en/news/bt-and-cisco-accelerate-for-future-
networks
• Very close engagement with BT.
There are three meetings a week
SDWAN + uCPE press release
between BT and the NFVIS team
https://www.globalservices.bt.com/btfederal/
en/news/bt-launches-new-global-managed-
service

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 123
Monitoring and
Troubleshooting a
Virtual Environment
Enterprise NFV Monitoring
VNF NetFlow EEM Scripts
Syslog and SNMP Show CLI
ISRv CPU Utilization Memory Utilization Interface Stats

• NFVIS supports REST and NETCONF APIs that can be used to export all Host and VNF specific information
Hypervisor
• CLIs are also available to monitor and export data
NFVIS
• All data is exported via NETCONF. Need a NETCONF client to receive data
• Host and Interface SNMP MIBS support added as part of 3.6.1 release (July 2017)
• Exporting to external Syslog support added as part of 3.6.1 release (July 2017)

Hardware • Monitoring via Cisco Integrated Management Controller for Platforms that support it.
ENCS • CIMC supports an exhaustive list of MIBS which can be used to monitor every aspect of the underlying
hardware
• CPU, Memory, Interface and Disk Stats

show system-monitoring host [cpu | disk | memory | port] stats

show system-monitoring vnf [cpu | memory] stats

• Table: summary (e.g. min / max / average)

show system-monitoring host [cpu | disk | memory | port] table

• Default collecting duration is 5min

• Query for a specific collecting duration via API / CLI.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 126
NFVIS Notifications for Monitoring and Troubleshooting
• NFVIS sends notifications for
• vmlcEvents (VM Lifecycle)
• nfvisEvents (NFVIS)

• Use NFVIS CLI or GUI to query notifications

nfvis# show notification stream vmlcEvent

notification
eventTime 2017-02-17T22:27:20.292+00:00
vmlcEvent
status SUCCESS
status_code 200
status_message Image creation completed successfully.
image isrv-universalk9.16.03.01.tar.gz
vmlcEvent vm_source
!
vmlcEvent vm_target
!
vmlcEvent event
type CREATE_IMAGE
!

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 127
NFVIS Notification Events
• VM Life Cycle Events
CREATE_IMAGE VM_STOPPED
DELETE_IMAGE VM_STARTED
CREATE_FLAVOR VM_REBOOTED
DELETE_FLAVOR VM_MONITOR_UNSET
VM_DEPLOYED VM_MONITOR_SET
VM_ALIVE VM_RECOVERY_CANCELLED
VM_UPDATED VM_RECOVERY_REBOOT
VM_UNDEPLOYED
VM_RECOVERY_INIT
VM_RECOVERY_COMPLETED

• NFVIS System Events

WAN_DHCP_RENEW NETWORK_CREATE
INIT_STATUS_CHANGE NETWORK_UPDATE
NETWORK_DELETE

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 128
SPAN & Packet Capture
SRIOV or OVS vnic can be spanned(port replicated) to a Packet capture VM
Tcpdump can be done via GUI or CLI on OVS vnics

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 129
Troubleshooting Enhancements
Exposed low level Linux show commands without having to go to root
• Low level Show commands under “Support” keyword
• Provides stats from OVS, provides TCP data dump and output from virsh commands

Example: How to verify if the Day 0 configuration is attached to the VNF when instantiated by NFVIS?

Step1: Get the list of VNFs running on NFVIS

nfvis# support virsh list
Id Name State
----------------------------------------------------
19 1509553386.ROUTER running

Step 2: Next check if there is a config drive generated with the day 0 configuration you added to the package
nfvis# support show config-drive 19
-rw-r--r--. 1 qemu qemu 397312 Nov 1 16:23 /cisco/esc/esc_database/nodejs/VM/ae828bab-
3e90-4a53-ba97-14aa0db258f2/ae828bab-3e90-4a53-ba97-14aa0db258f2-hdd.config

Step 3: Once verified that config drive is present, next look at the contents of the drive by using
nfvis# support show config-drive content 19
At the tail end you should see the configuration that you packaged with the VNF

Step1: Use the support virsh dumpxml <id>

nfvis# support virsh dumpxml 19

The virsh dumpxml command lists out exactly how the VNF was deployed on NFVIS. It lists out the properties that was
enabled as well

For the above example by using the virsh dumpxml command look for key word Serial, if you see the following in the
output then you know the VNF was enabled for Serial Console on NFVIS.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 131
Troubleshooting (specific to config drive)
Issue Cause Debug Fix
Image registration fails if package is not *.tar.gz Look at the error message on Repackage using local portal
(doesn’t have the required files portal/API response code. or packaging tool
on slide#27 Also look at ESCManager.log
NFVIS#show log
/var/log/esc/escmanager.log |
include Image_name
Image registration fails Checksum is not correct - Look at the error message on Repackage using local portal
maybe packaging tool /local portal/API response code. or packaging tool
portal not used to package the Also look at ESCManager.log
VM NFVIS#show log
/var/log/esc/escmanager.log |
include Image_name

VM deployment fails VM is monitored VM. VM is not Look at the API response Undeploy VM
attached to int-mgmt-net (it code. Re-Deploy using local portal or
can be attached to any nic) Also look at ESCManager.log using API attach int-mgmt-net
when deployed using API. By NFVIS#show log to one of the nics
default local portal attaches /var/log/esc/escmanager.log |
nic0 of the monitored VM to include vm_dep_name
int-mgmt-net.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 132
Troubleshooting (contd…)
Issue Cause Debug Fix
VM deployment fails VM is a monitored VM and Look at the error message on Re-deploy using local portal
bootup_time is not specified in portal/API response code. (default bootup_time is local
the payload Also look at ESCManager.log portal is 600 seconds)
bootup_time is boot time NFVIS#show log Or deploy using API and specify a
required for VM to boot in /var/log/esc/escmanager.log | reasonable, positive value for the
seconds (+ve value) include vm_dep_name VM to boot in seconds.
Some VMs need longer time to
boot.
VM deployment fails VM is a monitored VM and Look at the error message on Re-deploy using local portal
kpi_data is not provided in the portal/API response code. (it attaches kpi_data)
payload Also look at ESCManager.log Or deploy using API and specify a
NFVIS#show log kpi_data
/var/log/esc/escmanager.log |
include vm_dep_name

VM deployment fails Bootstrap config file is tokenized Look at the API response code. Use a different unused ip address
and the key, value pairs are Also look at ESCManager.log for the int-mgmt-net.
passed during deployment using NFVIS#show log
API. But static ip address is used /var/log/esc/escmanager.log |
through the deployment payload include vm_dep_name
for this VM for int-mgmt-net
which was already assigned by
the system for other VMs.

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 135
All Cisco Stack vs White Box Stack
White Box Stack consists of… “quality?”
“reliability?”
“licensing cost?”
• COTS Hardware “support?” “compatibility with
• Unrelated hypervisor hardware?”
“support?” (again)
• Disparate VNF collection “cross component compatibility/duplication?”
“support?” (again) (multiple touch points now!)
• Orchestration?

so. many.
“what’s the glue?” questions.
“Can it ‘see’ my hardware?”

wobbling stack of uncertainty™

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 136
All Cisco Stack vs White Box Stack
All Cisco White Box
vBranch is the key to How well can a single
VMS Non-Cisco
success for the Cisco
vBranch + SDWAN Orchestration (Ericsson, etc..)
orchestrator support
stack. Pre-defined multiple underlying
templates are fully components?
tested and supported
VNFs are on their own.

Palo Alto

Riverbed
vWAAS

Fortinet
Juniper
strengthen the vEdge

vWLC

Cisco
ASAv
Inconsistent licensing,
ISRv

VNF
overall offer. VNFs hypervisor support, etc.
weaken the stack.
Opportunity to
highlight synergies
How well does each
between products Non-Cisco
NFVIS Hypervisor VNF work with the
throughout the entire (KVM, Openstack, etc.) chosen hypervisor?
solution stack.
No Cisco product in
An integrated stack

Advantech
the white box space.
offers single vendor

Cisco ?

Juniper
ENCS and UCSE do

Dell
sourcing, and ENCS Hardware not fit into white box
consistent cross- model (pricing or
solution support. technology)

vCenter?
The SD-WAN vendor’s?
Good Luck! (you’re going to need it)
RedHat’s? (CloudForm? OpenStack Platform Director?)
Some other vendor or open source*?

Versa VeloCloud Silver Peak Choice?: Three (only) vendors. SD-WAN only.

hypervisor Extra cost: VMWare ESX isn’t free if you want to manage it,
VMWare or RedHat RedHat isn’t free. Both require support.
Single platform only, Ethernet only, Intel Xeon D2100
‘up to’** 16 cores, ‘up to’ 64 RAM, max 1TB storage
Two expansion slots, but nothing for them

Superior Hardware Engineering Superior Operational Platform

• Flexible, Expandable platform: • Integrated switch with 8 ports with PoE

4, 6, 8, 12 Core Options
Up to 64MB RAM upgrades • Hardware acceleration of VM-to-VM traffic flow
Up to 2 TB SATA, 1.2 TB SET, 1.8 TB SAS (~30% performance improvement than our
Disk Storage competitors for multiple VNFs)
Upgradable in the Field !
• Support for Hardware RAID on 12” chassis for
• Support Multiple VNFs including those with Redundancy
high storage demand like vWAAS, vNAM,
Windows Servers, Log Servers • Secure boot and BMC/CIMC Lights Out Server
Management
• NIMs/WAN module support
- 4G/LTE (without loosing integrated • LTE modules can support Dying Gasp support that
WAN ports) is available on NIMs. (SMS messaging)
- T1/E1 (Up to 8 ports, no SFP with
VNF/Core usage req’d as others) • Enterprise class grade components (comparable
- xDSL* to an ISR)
- Voice T1/E1, FXS, FXO*
• Purpose built HW with > 7 Years lifetime versus
general white box with ~ 3 Years

* Roadmap BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 139
Reference
NFVIS – True Network Hypervisor
• Designed Specifically for Enterprise • Zero touch deployment
deployments • Embedded PnP Client in NFVIS enables true Zero Touch
Deployment model without any human intervention
• Targeted for Networking teams in Enterprise
organizations • Allows for quick and error free deployment of network
services
• Optimized for the deployment and • Automatic Resource Optimization for improved network
monitoring of Virtual Network Functions performance
• Built-in VM monitoring capability allows for • Optimized use of CPU, Memory and Storage for maximum
auto restart of VNFs when down performance of the different VNFs.
• Avoids expensive truck rolls to remote sites • Management GUI bundled in with NFVIS
• Rich Open APIs • Easy to use GUI eliminates complexity of dealing with the
underlying hypervisor
• Industry standard API that allows integration • Provides ability to draw network topology and instantiate a
with any Orchestration system virtual branch
• APIs available for both RESTConf and • Open Architecture Software stack
NETConf
• Allows for easy onboarding of any 3rd party software
• APIs support includes
• VM deployment • Secure and Trusted Infrastructure Software
• VM health monitoring • Security tested and certified. Chain of trust between
orchestrator, hardware, nfvis components and vnfs
• System resource (compute/memory/storage)
management • FIPS and Common Criteria Certifications on Roadmap

Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

cs.co/ciscolivebot#BRKARC-2112

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 141
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations

Don’t forget: Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com

Demos in Meet the Related

Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 143
Thank you
Education Offerings
R&S related Cisco education offerings
Course Description Cisco Certification
CCIE R&S Advanced Workshops (CIERS-1 & Expert level trainings including: instructor led workshops, self CCIE® Routing & Switching
CIERS-2) plus assessments, practice labs and CCIE Lab Builder to prepare candidates
Self Assessments, Workbooks & Labs for the CCIE R&S practical exam.

• Implementing Cisco IP Routing v2.0 Professional level instructor led trainings to prepare candidates for the CCNP® Routing & Switching
• Implementing Cisco IP Switched CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in
Networks V2.0 self study eLearning formats with Cisco Learning Labs.
• Troubleshooting and Maintaining
Cisco IP Networks v2.0

Interconnecting Cisco Networking Devices: Builds on ICND1 to provide capabilities needed to configure, implement CCNA® Routing & Switching
Part 2 (or combined) and troubleshoot a small enterprise network. Including: understanding of
Quality of Service (QoS), how virtualized and cloud services interact and
impact enterprise networks, along with an overview of network
programmability and the related controller types and tools that are
available to support software-defined network architectures.
Also available in self study eLearning format with Cisco Learning Lab.

Interconnecting Cisco Networking Devices: Understand layer 2 and layer 3 networking fundamentals needed to CCENT® Routing & Switching
Part 1 install, configure, and provide basic support of small/branch networks.
Covers network device security and IPv6 basics. Also available in self
study eLearning format with Cisco Learning Lab.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 147
Design Cisco education offerings
Course Description Cisco Certification
Designing Cisco Network Service Architectures Provides learner with the ability to perform conceptual, intermediate, CCDP® (Design Professional)
(ARCH) Version 3.0 and detailed design of a network infrastructure that supports desired
capacity, performance, availability required for converged Enterprise (Available Now)
network services and applications.

Designing for Cisco Internetwork Solutions Instructor led training focused on fundamental design methodologies CCDA® (Design Associate)
(DESGN) Version 3.0 used to determine requirements for network performance, security,
voice, and wireless solutions. Prepares candidates for the CCDA (Available Now)
certification exam.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 148
Wireless Cisco education offerings
Course Description Cisco Certification
• Designing Cisco Wireless Enterprise Professional level instructor led trainings to prepare candidates to CCNP® Wireless
Networks conduct site surveys, implement, configure and support APs and
• Deploying Cisco Wireless Enterprise controllers in converged Enterprise networks. Focused on 802.11 and
Networks related technologies to design, deploy, troubleshoot as well as secure
• Troubleshooting Cisco Wireless Enterprise Wireless infrastructure. Course also provide details around Cisco
Networks mobility services Engine, Prime Infrastructure and wireless security.
• Securing Cisco Wireless Enterprise Networks
Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA® Wireless
Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations.
Understanding of the Cisco Unified Wireless Networking for enterprise
deployment scenarios. In this course, you will learn the basics of how to
Deploying Basic Cisco Wireless LANs (WDBWL) install, configure, operate, and maintain a wireless network, both as an 1.2
add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified
Wireless Networking solution.
The WDAWL advanced course is designed with the goal of providing
learners with the knowledge and skills to successfully plan, install,
Deploying Advanced Cisco Wireless LANs configure, troubleshoot, monitor, and maintain advanced Cisco wireless
1.2
(WDAWL) LAN solutions such as QoS, “salt and pepper” mobility, high density
deployments, and outdoor mesh deployments in an enterprise customer
environment.
Deploying Cisco Connected Mobile Experiences WCMX will prepare professionals to use the Cisco Unified Wireless
Network to configure, administer, manage, troubleshoot, and optimize 2.0
(WCMX) utilization of mobile content while gaining meaningful client analytics.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 149
Cybersecurity Cisco education offerings
Course Description Cisco Certification
Understanding Cisco Cybersecurity The SECFND course provides understanding of CCNA® Cyber Ops
Fundamentals (SFUND) cybersecurity’s basic principles, foundational knowledge,
and core skills needed to build a foundation for
understanding more advanced cybersecurity material &
skills.
Implementing Cisco Cybersecurity This course prepares candidates to begin a career within a CCNA® Cyber Ops
Operations (SECOPS) Security Operations Center (SOC), working with
Cybersecurity Analysts at the associate level.
Cisco Security Product Training Official deep-dive, hands-on product training on Cisco’s
Courses latest security products, including NGFW, ASA, NGIPS,
AMP, Identity Services Engine, Email and Web Security
Appliances, and much more.

For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

Implementing Cisco Edge Network Configure Cisco perimeter edge security solutions utilizing Cisco CCNP® Security
Security Solutions (SENSS) Switches, Cisco Routers, and Cisco Adaptive Security Appliance
(ASA) Firewalls
Implementing Cisco Threat Control
Solutions (SITCS) v1.5 Implement Cisco’s Next Generation Firewall (NGFW), FirePOWER
NGIPS (Next Generation IPS), Cisco AMP (Advanced Malware
Protection), as well as Web Security, Email Security and Cloud
Implementing Cisco Secure Access Web Security
Solutions (SISAS)
Deploy Cisco’s Identity Services Engine and 802.1X secure
Implementing Cisco Secure Mobility network access
Solutions (SIMOS)
Protect data traversing a public or shared infrastructure such as
the Internet by implementing and maintaining Cisco VPN
solutions
Implementing Cisco Network Security Focuses on the design, implementation, and monitoring of a CCNA® Security
(IINS 3.0) comprehensive security policy, using Cisco IOS security features
For more details, please visit: www.cisco.com/go/securitytraining or http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 151
Data Center / Virtualization Cisco education
offerings
Course Description Cisco Certification
Introducing Cisco Data Center Networking (DCICN) Get job-ready foundational-level certification and CCNA® Data Center
Introducing Cisco Data Center Technologies (DCICT) skills in installing, configuring, and maintaining
next generation data centers.
Implementing Cisco Data Center Unified Computing (DCUCI) Obtain professional level skills to design, CCNP® Data Center
Implementing Cisco Data Center Infrastructure (DCII) configure, implement, troubleshoot next
Implementing Cisco Data Center Virtualization and Automation generation data center infrastructure.
(DCVAI)
Designing Cisco Data Center Infrastructure (DCID)
Troubleshooting Cisco Data Center Infrastructure (DCIT)

Product Training Portfolio:DCAC9K, DCINX9K, DCMDS, DCUCS, Gain hands-on skills using Cisco solutions to
DCNX1K, DCNX5K, DCNX7K, CACND, DSACI, HFLEX configure, deploy, manage and troubleshoot
UCSDF, UCSDACI, DCUCCEN unified computing, policy-driven and virtualized
data center infrastructure.

Designing the FlexPod® Solution (FPDESIGN) Learn how to design, implement and administer Cisco and NetApp Certified
Implementing and Administering the FlexPod ® Solution (FPIMPADM) FlexPod® solutions FlexPod® Specialist

Designing the VersaStack Solution (VSDESIGN) Learn how to design, implement and administer
Implementing and Administering the VersaStack Solution (VSIMP) VersaStack solutions

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 152
Network Programmability Cisco education offerings
Course Description Cisco Certification
Developing with Cisco Network Provides Application Developers with comprehensive curriculum to Cisco Network Programmability
Programmability (NPDEV) develop infrastructure programming skills; Developer (NPDEV) Specialist
Addresses needs of software engineers who automate network Certification
infrastructure and/or utilize APIs and toolkits to interface with SDN
controllers and individual devices
Designing and Implementing Cisco Network Provides network engineers with comprehensive soup-to-nuts Cisco Network Programmability
Programmability (NPDESI) curriculum to develop and validate automation and programming skills; Design and Implementation
Directly addresses the evolving role of network engineers towards more (NPDESI) Specialist Certification
programmability, automation and orchestration

Programming for Network Engineers (PRNE) Learn the fundamentals of Python programming – within the context of Recommended pre-requisite for
performing functions relevant to network engineers. Use Network NPDESI and NPDEV Specialist
Programming to simplify or automate tasks Certifications

Cisco Digital Network Architecture This training provides students with the guiding principles and core
Implementation Essentials (DNAIE) elements of Cisco’s Digital Network Architecture (DNA) architecture and
its solution components including; APIC-EM, NFV, Analytics, Security
and Fabric.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 153
Cloud Cisco education offerings
Course Description Cisco Certification
Learn how to perform foundational tasks related to
Understanding Cloud Fundamentals (CLDFND)
Cloud computing, and the essentials of Cloud CCNA® Cloud
Introducing Cloud Administration (CLDADM)
infrastructure, administration and operations
Implementing and Troubleshooting the Cisco Cloud Infrastructure
(CLDINF) Obtain professional level skills to design,
Designing the Cisco Cloud (CLDDES) automate, secure, provision and manage private CCNP® Cloud
Automating the Cisco Enterprise Cloud (CLDAUT) and hybrid Clouds
Building the Cisco Cloud with Application Centric Infrastructure (CLDACI)

Product Training Portfolio:

CloudCenter: CLDCTR* Gain in-depth hands-on skills using Cisco
UCS Director: UCSDF, UCSDACI solutions to configure, deploy, manage and
Prime Service Catalog: PSCF, PSCI, PSCD troubleshoot Cloud deployments
MetaPod: MPODF20
*Available Q3FY18

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 154
Collaboration Cisco education offerings
Course Description Cisco Certification
CCIE Collaboration Advanced Workshop (CIEC) Gain expert-level skills to integrate, configure, and troubleshoot CCIE® Collaboration
complex collaboration networks

Implementing Cisco Collaboration Applications Understand how to implement the full suite of Cisco collaboration CCNP® Collaboration
(CAPPS) applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
Implementing Cisco IP Telephony and Video Learn how to implement Cisco Unified Communications Manager, CCNP® Collaboration
Part 1 (CIPTV1) CUBE, and audio and videoconferences in a single-site voice and video
network.
Implementing Cisco IP Telephony and Video
Part 2 (CIPTV2) Obtain the skills to implement Cisco Unified Communications Manager
in a modern, multisite collaboration environment.
Troubleshooting Cisco IP Telephony and Video
(CTCOLLAB) Troubleshoot complex integrated voice and video infrastructures

Implementing Cisco Collaboration Devices Acquire a basic understanding of collaboration technologies like Cisco CCNA® Collaboration
(CICD) Call Manager and Cisco Unified Communications Manager.

Implementing Cisco Video Network Devices Learn how to evaluate requirements for video deployments, and
(CIVND) implement Cisco Collaboration endpoints in converged Cisco
infrastructures.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 155
Service Provider Cisco education offerings
Course Description Cisco Certification
Deploying Cisco Service Provider Network Routing SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP), CCNP Service Provider ®
(SPROUTE) & Advanced (SPADVROUTE) route manipulations, and HA routing features; SPADVROUTE covers advanced
routing topics in BGP, multicast services including PIM-SM, and IPv6;
Implementing Cisco Service Provider Next-
Generation Core Network Services (SPCORE) SPCORE covers network services, including MPLS-LDP, MPLS traffic
engineering, QoS mechanisms, and transport technologies;
Edge Network Services (SPEDGE) SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs,
and Carrier Ethernet services; all within SP IP NGN environments.

Building Cisco Service Provider Next-Generation The two courses introduce networking technologies and solutions, including OSI CCNA Service Provider ®
Networks, Part 1&2 (SPNGN1), (SPNGN2) and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network
management, and Cisco OS (IOS and IOS XR).

Implementing Cisco Service Provider Mobility UMTS The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills Cisco Service Provider Mobility
Networks (SPUMTS); required to understand products, technologies, and architectures that are found CDMA to LTE Specialist;
Implementing Cisco Service Provider Mobility CDMA in Universal Mobile Telecommunications Systems (UMTS) and Code Division Cisco Service Provider Mobility
Networks (SPCDMA); Multiple Access (CDMA) packet core networks, plus their migration to Long- UMTS to LTE Specialist
Implementing Cisco Service Provider Mobility LTE Term Evolution (LTE) Evolved Packet Systems (EPS), including Evolved Packet
Networks (SPLTE) Core (EPC) and Radio Access Networks (RANs).

Implementing and Maintaining Cisco Technologies Service Provider/Enterprise engineers to implement, verification-test, and Cisco IOS XR Specialist
Using IOS XR (IMTXR) optimize core/edge technologies in a Cisco IOS XR environment.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 156
Internet of Things (IoT) Cisco education offerings
Course Description Cisco Certification
Managing Industrial Networks for An associate level instructor led lab based training CCNA® Industrial
Manufacturing (IMINS2) focuses on common industrial application protocols,
security, wireless and troubleshooting designed to
prepare you for the CCNA Industrial certification
Managing Industrial Networks with This instructor led lab based training addresses Cisco Industrial
Cisco Networking Technologies (IMINS) foundational skills needed to manage and administer Networking Specialist
networked industrial control systems for today's
connected plants and enterprises. It helps prepare plant
administrators, control system engineers and traditional
network engineers for the Cisco Industrial Networking
Specialist certification.
Control Systems Fundamentals For IT and Network Engineers, provides an introduction to Pre-learning for IMINS,
for Industrial Networking (ICINS) industry IoT verticals, automation environment and an IMINS2 training &
overview of industrial control networks (E-Learning) certifications
Networking Fundamentals For Industrial Engineers and Control System Technicians, Pre-learning for IMINS,
for Industrial Control Systems (INICS) covers basic IP and networking concepts, and IMINS2 training &
introductory overview of Automation industry Protocols. certifications

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 157
Data and Analytics Cisco education offerings
Course Description
ANDMB – Data Management, Architecture and Applications Provides hands on training with a technical mix of application, compute, storage and
networking topics concerning the deployment of Big Data clusters.

ANDMA – Advanced Data Management, Architecture and Covers major architecture design to cater to different needs of the application, data center
Applications or deployment requirements. It provides architectural designs and advanced hands-on
training on topics covering Scaling of cluster to thousands of nodes and management, Data
Life Cycle management with HDFS tiered storage, and different approaches for Multi-tenant
Hadoop cluster deployments with Openstack

Data and Analytics training page: http://www.cisco.com/c/en/us/training-events/resources/learning-services/technology/data-analytics.html

For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth

BRKARC-2112 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 158
Digital Business Transformation
Cisco education offerings
Course Description Cisco Certification
For Technology Sellers:

Adopting the Cisco Business Architecture Builds skills to discover and address technology needs using a Cisco Business Architecture
Approach business-focused, consultative sales approach, broadly applicable and Analyst
targeted to prepare for the digital transformation journey that is
demanded across the business world.
Applying Cisco Business Architecture Provides tools and skills training to prepare the learner to use a business Cisco Business Architecture
Techniques led approach to technology solutions sales and deployments. This Specialist
continues the journey begun with the Adopting the Cisco Business
Architecture Approach above
Mastering the Cisco Business Architecture Builds skills, and proven, real-world techniques to prepare for a Cisco Business Architecture
Discipline Business architect leadership role in the sales and deployment of Practitioner
transformative technology solutions.

Cisco Customer Success Manager Specialist Prepares for the crucial role that drives adoption and enablement, Cisco Certified Customer
ensuring that customers achieve their expected business outcomes, and Success Manager
reduces churn/increases renewal for services and subscription based
products.

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

Windows 11 Cheat Sheet
0% (1)
Windows 11 Cheat Sheet
10 pages
HP Spectre x360 Maintenance and Service Guide
No ratings yet
HP Spectre x360 Maintenance and Service Guide
100 pages
Atmdesk X: User'S Manual
0% (1)
Atmdesk X: User'S Manual
95 pages
Brkarc 2012
No ratings yet
Brkarc 2012
134 pages
Brkarc 2014
No ratings yet
Brkarc 2014
77 pages
Brkarc 2012 PDF
No ratings yet
Brkarc 2012 PDF
119 pages
BRKSPG 2724
No ratings yet
BRKSPG 2724
86 pages
Teccrs 3006
No ratings yet
Teccrs 3006
252 pages
DGTL Brkens 1100
100% (2)
DGTL Brkens 1100
99 pages
Cisco ECS
No ratings yet
Cisco ECS
27 pages
BRKENT-2105-Deploy and Manage SD-Branch
No ratings yet
BRKENT-2105-Deploy and Manage SD-Branch
46 pages
2020 BRKSPG-2724 Network Function Virtualization (NFV) Using IOS-XR
No ratings yet
2020 BRKSPG-2724 Network Function Virtualization (NFV) Using IOS-XR
95 pages
BRKSPG 2724
No ratings yet
BRKSPG 2724
87 pages
Study Guide Cisco 300-540 SPCNI Designing and Implementing Cisco Service Provider Cloud Network Infrastructure
From Everand
Study Guide Cisco 300-540 SPCNI Designing and Implementing Cisco Service Provider Cloud Network Infrastructure
Anand Vemula
No ratings yet
21 NFV MFalkner 27mar2018
No ratings yet
21 NFV MFalkner 27mar2018
57 pages
Datasheet c78 738512
No ratings yet
Datasheet c78 738512
14 pages
BRKCRS 3447
No ratings yet
BRKCRS 3447
133 pages
Cisco NX-OS Software Architecture
100% (1)
Cisco NX-OS Software Architecture
69 pages
BRKSPG 2002
No ratings yet
BRKSPG 2002
90 pages
Software-Defined Networking and Network Programmability: Mark "Mitch" Mitchiner - Solutions Architect CCIE #3958
No ratings yet
Software-Defined Networking and Network Programmability: Mark "Mitch" Mitchiner - Solutions Architect CCIE #3958
73 pages
Cisco 5400 Enterprise Network Compute System BIOS Release Notes 2 11
No ratings yet
Cisco 5400 Enterprise Network Compute System BIOS Release Notes 2 11
4 pages
NFV Orchestration - Managing Vnfs in Data Center and Branch
No ratings yet
NFV Orchestration - Managing Vnfs in Data Center and Branch
26 pages
Ensdbi
No ratings yet
Ensdbi
3 pages
BRKSDN 2040
No ratings yet
BRKSDN 2040
83 pages
BRKSDN 2063
No ratings yet
BRKSDN 2063
68 pages
SDN-NFV For Telco DC: Abhishek Mande - Customer Solution Architect - APJ March 2017
No ratings yet
SDN-NFV For Telco DC: Abhishek Mande - Customer Solution Architect - APJ March 2017
34 pages
Study Guide 300-435 ENAUTO: Automating and Programming Cisco Enterprise Solutions Certification Exam
From Everand
Study Guide 300-435 ENAUTO: Automating and Programming Cisco Enterprise Solutions Certification Exam
Anand Vemula
No ratings yet
Cisco NX-OS Software Data Sheet
No ratings yet
Cisco NX-OS Software Data Sheet
8 pages
Datasheet c78 734034
No ratings yet
Datasheet c78 734034
4 pages
BRKCRS 1452
No ratings yet
BRKCRS 1452
90 pages
Brkvir 2002 PDF
No ratings yet
Brkvir 2002 PDF
117 pages
BRKSDN 2411
No ratings yet
BRKSDN 2411
66 pages
Versa FlexVNF Datasheet Final 11.5
No ratings yet
Versa FlexVNF Datasheet Final 11.5
3 pages
VMware NSX Network Essentials
From Everand
VMware NSX Network Essentials
Sreejith.C
No ratings yet
CISCO NFV - Quick Start Tuto
No ratings yet
CISCO NFV - Quick Start Tuto
5 pages
BRKRST 2558
No ratings yet
BRKRST 2558
98 pages
Comparatif-Vds VmWare3.5-N1KV Vsphere
No ratings yet
Comparatif-Vds VmWare3.5-N1KV Vsphere
6 pages
Nfvis Config Guide 3 12
No ratings yet
Nfvis Config Guide 3 12
254 pages
Campus Wired LAN Deployment Using CVD
No ratings yet
Campus Wired LAN Deployment Using CVD
88 pages
SR-IOV Networking in Kubernetes: The Complete Guide for Developers and Engineers
From Everand
SR-IOV Networking in Kubernetes: The Complete Guide for Developers and Engineers
William Smith
No ratings yet
BRKRST 1014
No ratings yet
BRKRST 1014
92 pages
Virtual Networks Unlocked: Your Guide to Azure Connectivity
From Everand
Virtual Networks Unlocked: Your Guide to Azure Connectivity
Kameron Hussain
No ratings yet
800-150 FLDTEC: Supporting Cisco Devices for Field Technicians Study Guide
From Everand
800-150 FLDTEC: Supporting Cisco Devices for Field Technicians Study Guide
Anand Vemula
No ratings yet
Cisco BRKRST-2069
No ratings yet
Cisco BRKRST-2069
98 pages
Study Guide for the Cisco 300-440 ENCC Designing and Implementing Cloud Connectivity Exam.
From Everand
Study Guide for the Cisco 300-440 ENCC Designing and Implementing Cloud Connectivity Exam.
Anand Vemula
No ratings yet
Software Defined Networking (SDN) - a definitive guide
From Everand
Software Defined Networking (SDN) - a definitive guide
Rajesh Kumar Sundararajan
2/5 (2)
Cisco 4000 Series Integrated Services Routers
No ratings yet
Cisco 4000 Series Integrated Services Routers
30 pages
IBM / Cisco Vs HP-VC: Technology Solutions Architect - Data Centre Cisco Systems
No ratings yet
IBM / Cisco Vs HP-VC: Technology Solutions Architect - Data Centre Cisco Systems
49 pages
SD-WAN Demystified: Empowering Your Network for Success
From Everand
SD-WAN Demystified: Empowering Your Network for Success
Maula Issa
5/5 (1)
Greater Manageability and Throughput: Cisco Nexus 1000V Series Switches and Intel's Virtual Machine Device Queues
No ratings yet
Greater Manageability and Throughput: Cisco Nexus 1000V Series Switches and Intel's Virtual Machine Device Queues
2 pages
Dcict Datacenter Part1 CCSP - Ir
100% (1)
Dcict Datacenter Part1 CCSP - Ir
364 pages
Cisco CSR in Aws Whitepaper
No ratings yet
Cisco CSR in Aws Whitepaper
21 pages
Brkens 1501
No ratings yet
Brkens 1501
56 pages
Cisco ENCS Training
No ratings yet
Cisco ENCS Training
3 pages
Study Guide Cisco 300-915 DEVIOT Developing Solutions using Cisco IoT and Edge Platforms Exam
From Everand
Study Guide Cisco 300-915 DEVIOT Developing Solutions using Cisco IoT and Edge Platforms Exam
Anand Vemula
No ratings yet
Versa Ds Flex VNF 01 5
No ratings yet
Versa Ds Flex VNF 01 5
4 pages
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
No ratings yet
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
80 pages
Cisco Secure Firewall Threat Defense Virtual (Formerly FTDV/NGFWV)
No ratings yet
Cisco Secure Firewall Threat Defense Virtual (Formerly FTDV/NGFWV)
12 pages
Study Guide Automating and Programming Cisco Data Center Solutions 300-635 DCAUTO Exam
From Everand
Study Guide Automating and Programming Cisco Data Center Solutions 300-635 DCAUTO Exam
Anand Vemula
No ratings yet
Cisco 4400 Series Family
No ratings yet
Cisco 4400 Series Family
28 pages
Deployment Case Study of SDN and NFV Transformation
No ratings yet
Deployment Case Study of SDN and NFV Transformation
25 pages
Nexus 9300 GX Series Switches Ds
0% (1)
Nexus 9300 GX Series Switches Ds
17 pages
Cisco ESC Datasheet PDF
No ratings yet
Cisco ESC Datasheet PDF
7 pages
Dynamic Root Disk A.3.13 Administrator's Guide: HP-UX 11i v2, HP-UX 11i v3
No ratings yet
Dynamic Root Disk A.3.13 Administrator's Guide: HP-UX 11i v2, HP-UX 11i v3
67 pages
PDF 3941897 en-US-1
No ratings yet
PDF 3941897 en-US-1
69 pages
HP 15-Dy1038ca Emglish Manual
No ratings yet
HP 15-Dy1038ca Emglish Manual
78 pages
Linux - Sign Virtual Box Modules (Vboxdrv, Vboxnetflt, Vboxnetadp, Vboxpci) Centos 8 - Stack Overflow
No ratings yet
Linux - Sign Virtual Box Modules (Vboxdrv, Vboxnetflt, Vboxnetadp, Vboxpci) Centos 8 - Stack Overflow
3 pages
Rx2660!1!91 Install Manual
No ratings yet
Rx2660!1!91 Install Manual
12 pages
Elitebook 850 g4
No ratings yet
Elitebook 850 g4
196 pages
HCL 10.5.4 - OSx86
No ratings yet
HCL 10.5.4 - OSx86
18 pages
A58ml2 20170831
No ratings yet
A58ml2 20170831
7 pages
User Guide: Lenovo Legion 5 (15, 6) and Lenovo Legion 5 (17, 6)
No ratings yet
User Guide: Lenovo Legion 5 (15, 6) and Lenovo Legion 5 (17, 6)
34 pages
Quickspecs: Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2
No ratings yet
Quickspecs: Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2
18 pages
Tuto Hackintosh3450
No ratings yet
Tuto Hackintosh3450
10 pages
Apple Platform Security Guide
No ratings yet
Apple Platform Security Guide
157 pages
HP Elitebook 820 g1 Notebook PC
No ratings yet
HP Elitebook 820 g1 Notebook PC
178 pages
HP Superdome 2 Partitioning Administrator Guide (5900-2540, December 2012) PDF
No ratings yet
HP Superdome 2 Partitioning Administrator Guide (5900-2540, December 2012) PDF
126 pages
Vsphere Esxi 703 Upgrade Guide
No ratings yet
Vsphere Esxi 703 Upgrade Guide
107 pages
Assemble Computer Hardware: BIOS (Basic Input-Output System) Configuration
No ratings yet
Assemble Computer Hardware: BIOS (Basic Input-Output System) Configuration
11 pages
Installation Guide - ArchWiki
No ratings yet
Installation Guide - ArchWiki
6 pages
Project Memory BIOS CMOS UEFI
No ratings yet
Project Memory BIOS CMOS UEFI
3 pages
FlexiSoft Gateway OI GB TF81
No ratings yet
FlexiSoft Gateway OI GB TF81
112 pages
DRD Aix
No ratings yet
DRD Aix
66 pages
Operating System Assignment
No ratings yet
Operating System Assignment
4 pages
Vsphere Bitfusion Install Guide 35
No ratings yet
Vsphere Bitfusion Install Guide 35
51 pages
Booting The OS X Installer On LAPTOPS With Clover
No ratings yet
Booting The OS X Installer On LAPTOPS With Clover
10 pages
How To Create A UEFI Bootable Ubuntu USB Drive in Windows
No ratings yet
How To Create A UEFI Bootable Ubuntu USB Drive in Windows
7 pages
1.initial Boot Sequence
No ratings yet
1.initial Boot Sequence
94 pages
HP BIOS Flash Update
No ratings yet
HP BIOS Flash Update
3 pages
(SOLVED) GPT Parition - UEFI Boot Issues - Windows Server - Spiceworks
No ratings yet
(SOLVED) GPT Parition - UEFI Boot Issues - Windows Server - Spiceworks
9 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.