Foreword xxxiv Introduction xxxvi Part I Introduction to DNA Chapter 1 Why Transform Your Business Digitally? 1 Opportunities and Threats 1 Digitally Transforming Industries 3 Digital Advertising 3 Digital Media and Entertainment 3 Digital Finance 4 Digital Communications 4 Digital Transportation Services 5 Digitally Transforming Businesses 7 Transforming the Customer Experience 8 Transforming the Employee Experience 11 Transforming Business Operations 14 Driving Digital Transformation with the Internet of Things 16 Are You Ready? 17 Summary 18 Further Reading 18 Chapter 2 The Business Value of DNA 19 Business Requirements of the Network Architecture 19 Cost Reduction 20 Risk Mitigation 20 Actionable Insights 21 Business Agility 22 Intent-Based Networking 23 Business Value of Cisco Digital Network Architecture 24 Reducing Costs Through Automation, Virtualization, and Programmable Hardware 25 Mitigating Risks with Integrated Security and Compliance 26 Revealing Actionable Insights Through Analytics 26 Accelerating Business Agility Through Open APIs 26 Adding It All Up 28 Summary 29 Further Reading 29 Chapter 3 Designing for Humans 31 Technology Versus User-Experience 31 Design Thinking Philosophy and Principles 33 Cisco Design Thinking Framework 34 Discover Phase 35 Define Phase 37 Explore Phase 39 The Cisco Design Thinking Journey for DNA 40 DNA Discovery Phase 41 DNA Definition Phase 49 DNA Exploration Phase 53 Summary 53 Further Reading 54 Chapter 4 Introducing the Digital Network Architecture 55 Requirements for DNA 56 Requirements to Reduce Complexity and Costs 57 Requirement to Increase Operational Flexibility 58 Security and Compliance Requirements 59 Cloud-Enablement Requirement 60 Architectural Principles 60 Openness 61 Extensibility 62 Programmability 62 Policy-based Networking 63 Security 63 Software Driven 64 Cloud Integrated 65 Conflicting Principles? 65 Overview of the DNA Components 66 Infrastructure 66 Automation 73 Analytics Platform 77 The Role of the Cloud in DNA 80 Connecting the Building Blocks: APIs 83 Outcomes 84 Summary 85 Further Reading 86 Chapter 5 The Digital Network Architecture Blueprint 87 DNA Services 88 DNA Services-Transport 90 DNA Services-Policy 91 Relationship Between DNA Policies and Business Intent 92 DNA Infrastructure 93 Transport Functions 94 Supporting Network Functions 96 Fabrics 98 Automating DNA-Controllers 99 Automating Transport and Network Functions Infrastructure 99 Maintaining a View of the Infrastructure Functions and Connected Endpoints 100 Instantiating and Maintaining DNA Services 100 Relationships in DNA: Revisiting Domains, Scopes, and Fabrics 102 DNA Interfaces 105 Service Definition and Orchestration 107 Relationship Between the Controllers and the Service Definition and Orchestration Component 110 Analytics Platform 112 Data Collection 113 Data Extraction 113 Data Ingestion 114 Data Export 114 On-Premises and Off-Premises Agnosticism-Revisiting the Cloud 115 Application Hosting in the Cloud and the Evolution of the DMZ 116 Leveraging the Cloud for DNA Controllers and Analytics 118 Summary 120 Part II DNA Programmable Infrastructure Chapter 6 Introduction to DNA Infrastructure 123 Picturing the Modern Network 124 Exploring DNA Infrastructure 125 The Evolving Network, and Why It Matters 126 Requirements: The Need for Change 126 Requirements: The Need for Speed (of Change) 127 Requirements: The Need for Simplicity 128 Requirements: The Need for Continuity 129 DNA Infrastructure Solutions 130 Flexible Hardware 130 Flexible Software 131 New and Evolving Protocols 132 The Emergence of Virtualization 133 Bringing It All Together 133 Summary 134 Chapter 7 Hardware Innovations 135 The Importance of Hardware in a Software-Defined World 135 The Making of a Chip 136 Delving Deeper: How Chips Are Designed and Built 136 Drivers of Chip Design and Density 143 When Good Chips Go Bad: What Can Go Wrong in Chip Design 145 When Good Chips Need to Get Better: Designing the Next Generation 146 Now We Speak the Same Language! 147 What's Happening in the World of Networks 148 How Traditional Network ASICs Process Packets 149 Traffic Handling with CPUs and FPGAs 150 Introducing Flexible Silicon 152 Flexible Switching Silicon: UADP 154 UADP Use Cases-Current, and Future 163 UADP-Summing Up 172 Flexible Routing Silicon: QFP 173 QFP-An Introduction 174 QFP-Diving Deeper 176 QFP-Use in Platforms 180 UADP and QFP-Summing Up 181 Wireless: Providing Innovation for Mobility 182 Flexible Radio Assignment 183 Intelligent Capture 185 Summary 186 Further Reading 187 Chapter 8 Software Innovations 189 The Importance and Evolution of Networking Software 189 Cisco IOS: Origins and Evolution 190 Evolution of the Cisco IOS Data Plane 191 Evolution of the Cisco IOS Control Plane 194 Evolution of the Cisco IOS Management Plane 195 Evolution of Cisco Networking Software 196 The Evolution of Cisco IOS to IOS XE 198 Cisco IOS XE in a Nutshell 199 Cisco IOS XE: Delving Deeper 201 IOS XE Subsystems 202 IOS XE Database 203 Container Framework and Application Hosting 205 Cisco IOS XE: Bringing It All Together 207 Cisco IOS XE: Simplification with a Single Release Train 209 Cisco IOS XE: Software Maintenance Upgrades 209 Cisco IOS XE: Platform Support 212 Cisco IOS XE: Summary 213 Protecting Platforms and Networks: Trustworthy Systems 214 Trustworthy Systems: An Overview 215 Attack Mitigation with Trustworthy Systems 216 Defense: Image Validation and Signing 217 Defense: Runtime Defenses 217 Defense: Secure Boot 218 Ensuring Device Identity with the Secure Unique Device Identifier 220 Cisco Secure Boot and Trust Anchor Module: Validating the Integrity of Software, Followed by Hardware 221 The Move to Intuitive Networking 222 Summary 223 Further Reading 223 Chapter 9 Protocol Innovations 225 Networking Protocols: Starting at the Bottom with Ethernet 226 Power Protocols: Power over Ethernet, to 60 Watts and Beyond! 227 The Future of Power over Ethernet 230 Multiple-Speed Protocols over Copper: Multigigabit Ethernet, Squeezing More Life Out of Existing Cabling Infrastructures 230 25G Ethernet-The New Kid on the Block 234 Ethernet Evolving: This Is Not Your Father's Ethernet! 235 Moving Up the Stack 235 Networking Protocols: Moving Up the Stack to Layer 2 235 Networking Protocols: Moving Up the Stack to Layer 3 237 Networking Protocols Today: Summary 242 Networking Protocols for the New Era of Networking 242 VXLAN: A Next-Generation Encapsulation Technology 243 IS-IS: The Evolution of Underlay Routing 249 LISP: The Evolution of Overlay Host Reachability 249 Scalable Group Tags: The Evolution of Grouping and Policy 257 Bringing It All Together: What Next-Generation Protocols Within the Network Allow Us To Build 264 Summary 264 Further Reading 265 Chapter 10 DNA Infrastructure-Virtualization 267 Benefits of Network Function Virtualization 268 CAPEX Benefits of NFV 268 OPEX Benefits of NFV 270 Architectural Benefits of NFV 271 Use Cases for Network Function Virtualization 272 Control Plane Virtualization 272 Branch Virtualization 274 Virtualization to Connect Applications in VPCs 275 Virtualization of Multicloud Exchanges 276 Overview of an NFV System Architecture 278 Hypervisor Scheduling and NUMA 281 Input/Output Technologies for Virtualization 283 Challenges and Deployment Considerations of Network Function Virtualization 289 Performance 289 Oversubscribing the Physical Hardware Resources 290 Optimizing Server Configurations 290 Selecting the Right I/O Technique 291 VNF Footprint Considerations 292 Multi-tenancy and Multi-function VNFs 293 Transport Virtualization 296 Network Segmentation Architecture 297 Policy-based Path Segmentation 299 Control Plane-based Segmentation 302 Summary 305 Chapter 11 DNA Cloud 307 Introduction to the Cloud 308 Cloud Service Models 311 Cloud Deployment Models 312 It's a Multicloud World! 313 DNA for the Cloud 315 DNA Cloud for Applications 316 DNA Cloud for Automation 318 DNA Cloud for Analytics 319 Summary 323 Further Reading 323 Part III DNA Automation Chapter 12 Introduction to DNA Automation 325 Why Automate? 325 Reduce Total Cost of Ownership 326 Lower Risk 326 Move Faster 328 Scale Your Infrastructure, Not Your IT Department 328 Think "Out of the Box" 329 Simplify Like Never Before 330 Enable Applications to Directly Interact with the Network 330 Is DNA Automation the Same as SDN? 330 Centralized Versus Distributed Systems 331 Imperative Versus Declarative Control 331 The Cisco SDN Strategy 332 Automation Elements 332 Network Programmability 332 Network Controller 333 Network Orchestrator 334 Summary 335 Further Reading 336 Chapter 13 Device Programmability 337 Current State of Affairs 338 CLI Automation 338 SNMP 340 Model-Based Data 340 YANG 341 Protocols 344 Encoding 345 Network Protocols 346 NETCONF 347 RESTCONF 350 gRPC 351 Telemetry 352 gRPC Telemetry 353 Tools 354 Application Hosting 357 Summary 359 Further Reading 359 Chapter 14 DNA Automation 361 The Increasing Importance of Automation 362 Allow the Network to Scale 363 Reduce Errors in the Network 363 Time to Perform an Operation 363 Security and Compliance 364 Current Impediments to Automation 364 Classifying Network Automation Tasks 367 Infrastructure and DNA Service Automation 368 Standard and Nonstandard Automation Tasks 369 The Role of Controllers in DNA Automation 371 Leveraging Abstractions in DNA to Deliver Intent-Based Networking 372 Domain Controllers Versus Control Plane Protocols 375 Automating Your Network with Cisco DNA Center 377 DNA Center Basics 377 Day 0 Operations-Standardizing on Network Designs 382 Standardizing on Network Designs 388 Automating the Deployment of Network Elements and Functions 390 Day N Operations-Automating Lifecycle Operations 394 Summary 395 Further Reading 396 Part IV DNA Analytics Chapter 15 Introduction to DNA Analytics 397 A Definition of Analytics 397 DNA Analytics 398 DNA Analytics, Opportunities and Challenges 399 Brief History of Network Analytics 400 Why DNA Analytics? 401 The Role of Network Analytics in DNA 402 Summary 404 Chapter 16 DNA Analytics Components 405 Analytics Data Sources 405 DNA Instrumentation 407 Distributed Network Analytics 408 Telemetry 411 Why Telemetry? 412 The DNA Telemetry Architecture 413 Limitations of Today's Telemetry Protocols 413 The Evolution of DNA Telemetry: Model-Driven Telemetry 414 Analytics Engine 416 The Traditional Analytics Approach 416 The Need for Analytics Engines 418 The Role of the Cloud for Analytics 420 Summary 422 Further Reading 422 Chapter 17 DNA Analytics Engines 423 Why a DNA Analytics Engine? 425 DNA Analytics Engines 427 Cisco Network Data Platform 428 Telemetry Quotient 430 NDP Architecture 430 NDP Deployments Modes 436 NDP Security and High Availability 438 Cisco Tetration Analytics 439 It's All About Quality of Data 440 Data Center Visibility with Cisco Tetration Analytics 442 Cisco Tetration Analytics Architecture 444 The Benefits of Cisco Tetration Analytics 446 Summary 448 Further Reading 449 Part V DNA Solutions Chapter 18 DNA Virtualization Solutions: Enterprise Network Functions Virtualization and Secure Agile Exchange 451 The Cisco Strategy for Virtualization in the Enterprise 452 Cisco Enterprise Network Functions Virtualization 453 Details on Virtualization Hardware 455 NFVIS: An Operating System Optimized for Enterprise Virtualization 459 Virtualized Network Functions 463 Service Chaining and Sample Packet Flows 468 Orchestration and Management 473 485 Virtualizing Connectivity to Untrusted Domains: Secure Agile Exchange 488 Motivation for the Cisco SAE Solution 489 Cisco SAE Building Blocks 492 Running Virtualized Applications and VNFs Inside IOS XE 493 Summary 496 Further Reading 496 Chapter 19 DNA Software-Defined Access 497 The Challenges of Enterprise Networks Today 497 Software-Defined Access: A High-Level Overview 499 SD-Access: A Fabric for the Enterprise 500 What Is a Fabric? 500 Why Use a Fabric? 501 Capabilities Offered by SD-Access 505 SD-Access High-Level Architecture and Attributes 512 SD-Access Fabric Capabilities 515 SD-Access Device Roles 518 SD-Access Case Study 542 SD-Access Case Study, Summing Up 565 Summary 565 Further Reading 567 Chapter 20 DNA Application Policy 569 Managing Applications in DNA Center 570 Application Registry 570 Application Sets 574 Application Policy 576 What Happens "Under the Hood"? 585 Translating Business Intent into Application Policy 586 DNA Infrastructure Software Requirements for Application Policy 589 NBAR2 589 SD-AVC 599 DNA Infrastructure Platform-Specific Requirements for Application Policy 601 Routing Platform Requirements 602 Switching Platform Requirements 613 Wireless Platform Requirements 621 Summary 628 Further Reading 629 Chapter 21 DNA Analytics and Assurance 631 Introduction to DNA Assurance 631 Context 633 Learning 638 The Architectural Requirements of a Self-Healing Network 639 Instrumentation 640 Distributed On-Device Analytics 641 Telemetry 642 Scalable Storage 643 Analytics Engine 643 Machine Learning 644 Guided Troubleshooting and Remediation 645 Automated Troubleshooting and Remediation 645 DNA Center Analytics and Assurance 647 Network Data Platform 647 DNA Assurance 653 Summary 710 Further Reading 710 Chapter 22 DNA Encrypted Traffic Analytics 711 Encrypted Malware Detection: Defining the Problem 712 Encrypted Malware Detection: Defining the Solution 714 ETA: Use of IDP for Encrypted Malware Detection 714 ETA: Use of SPLT for Encrypted Malware Detection 715 Encrypted Malware Detection: The Solution in Action 716 Encrypted Malware Detection: Putting It All Together 719 Summary 720 Part VI DNA Evolution Chapter 23 DNA Evolution 721 9781587147050 TOC 11/19/2018