APPLIC ATION C ENT R IC INF RAST RUCT UR E ED ITION

Unleashing IT VOLUME 5 / ISSUE 1

TAKING
FLIGHT
WITH SDN
How Bowling Green State University is improving
the educational experience for staff and students.

PAGE 3 PAGE 8 PAGE 12

Cisco ACI adoption L2-L7 policy control Digital transformation

THE REVOLUTION
IS HAPPENING Unleashing IT
VOLUME 5 / ISSUE 1
It’s not easy to revolutionize
longstanding technology norms. It
takes vision, knowhow, determination,
and most of all, industry acceptance.
STRATEGIES & SOLUTIONS
This edition of Unleashing IT
showcases the groundswell of CISCO ACI AT THE ONE-YEAR MARK 3
momentum surrounding Cisco®
Application Centric Infrastructure
(Cisco ACI™), which fundamentally
SOFTWARE LEADERS EMBRACING INFRASTRUCTURE
transforms the way technology is AUTOMATION 5
delivered in support of business
priorities. Hundreds of organizations EXTENDING POLICY CONTROL TO THE NETWORK’S
are already using the year-old
UPPER LAYERS 8
architecture, and we could not have
achieved such rapid and widespread
adoption without the enthusiasm and
support of Intel®, our networking and
EXPERIENCES
application partners, and customers.
BUILDING A DATA CENTER AROUND AN
Technology leaders like F5 Networks APPLICATION ARCHITECTURE 10
and Citrix are pushing the benefits
of Cisco ACI to the network’s upper
layers (page 8). Software innovators THE BIRTH OF A “SMART ENTERPRISE” 12
including Apprenda, CliQr, DataTorrent,
and Vnomic are utilizing Cisco ACI to A NEW FOUNDATION FOR BUSINESS GROWTH,
bolster the integration, security, and
EVOLUTION 14
manageability of their applications
(page 5). And forward-thinking
organizations like Alpha Technologies COMPETING WITH PUBLIC CLOUD TITANS 16
(page 16), KPIT (page 12), NIC
(page 17), Pulsant (page 18), and
Siam City Cement PCL (page 14) BETTER GOVERNMENT:
are already taking advantage of ONLINE VS. WAITING IN LINE 17
the breakthrough software-defined
networking architecture.
BUSINESS UNLIMITED 18
Learn why in the following pages,
and consider the ways you build,
deploy, and manage your applications.
Perhaps there is a better way.
IN COLLABORATION WITH INTEL®

We welcome your feedback on

the articles in this publication
at UnleashingIT.com. For more
information, follow the links inside or
contact Cisco at 1-800-553-6387 and Unleashing IT is published by Cisco Systems, Inc. To receive future
select option 1 to speak with a Cisco editions of Unleashing IT and provide feedback on the articles in this
representative. edition, visit UnleashingIT.com.

Intel, the Intel logo, Xeon, and Xeon Inside are trademarks of Intel
Corporation in the U.S. and/or other countries.

Sincerely, ©2016 Cisco and/or its affiliates. All rights reserved. Cisco, the
Cisco logo, Cisco ACI, Cisco Unified Computing System, Cisco
UCS, Cisco Intercloud Fabric, and Cisco Nexus are trademarks
or registered trademarks of Cisco and/or its affiliates in the U.S.
and other countries. To view a list of Cisco trademarks, visit www.
Inbar Lasser-Raab cisco.com/go/trademarks. Third party trademarks mentioned
are the property of their respective owners. The use of the word
Vice President partner does not imply a partnership relationship between Cisco
Cisco Systems, Inc. and any other company. (1601)
STRATEGIES & SOLUTIONS

CISCO ACI AT THE

ONE-YEAR MARK
Cisco senior vice president
Soni Jiandani and other industry
insiders discuss the swift and
broad adoption of a breakthrough
software-defined networking
architecture.

It’s been just over a year since Cisco® Application Centric “We don’t look at deploying ACI as a network refresh,
Infrastructure (Cisco ACI™) and associated products— but as a way of changing how our data centers operate,”
including the Application Policy Infrastructure Controller says Vince Spina, vice president of IT, global network
(APIC) and Cisco Nexus® 9000 switches—began shipping. infrastructure, and data center services at Symantec. “We
If customer and partner adoption are any indication, need to move at the speed of business and be an enabler,
the breakthrough software-defined networking (SDN) not an impediment. ACI helps us focus on delivering the
architecture is being very well received. applications the business needs rather than the plumbing
supporting the applications.” 2
“ACI is outpacing other SDN platforms by more than two to
one in terms of adoption,” says Soni Jiandani, senior vice
president of the Insieme business unit at Cisco. “We recently OPEN ARCHITECTURE, EXPANDING ECOSYSTEM
announced our one-thousandth ACI customer—Danske
Bank, the largest financial institution in Denmark—and A growing number of technology leaders—including
hundreds of organizations are already in production and Apprenda, Citrix, CliQr, DataTorrent, F5 Networks, Intel®,
realizing exceptional results.” Microsoft, Puppet Labs, SAP, Vnomic, and others—have
integrated with Cisco ACI to bolster the development, control,
She points to Symantec as a prime example. Cisco ACI and security of their solutions.
has helped the global leader in security reduce application
development time by 87 percent while boosting the “Over 45 prominent technology providers have adopted ACI,
efficiency of its network operations staff by 79 percent. providing integration, automation, and policy control up and
down the stack,” says Jiandani. “This growing ecosystem of
“We did the planning, design, and execution for this partners is helping push the benefits of ACI well beyond the
whole software-defined ACI approach in four and a half networking layer.”
months,” says Sheila Jordan, senior vice president and
CIO of Symantec. “That kind of speed is unheard of when Cisco ACI is an open architecture that allows any application—
implementing a leapfrogging technology.” 1 whether virtual, bare metal, or container—to be deployed
at scale in heterogeneous environments through the use of
All told, Symantec projects a whopping $145 million in application programming interfaces (APIs), she explains. It
business benefits over a five-year span as a direct result of also accommodates a variety of firewalls, load balancers,
deploying Cisco ACI—representing an ROI of 441 percent. hypervisors, cloud management tools, and L4-L7 appliances.

Unleashing IT 3
Enterprise Management Associates (EMA) calls Cisco ACI a That means dynamic data centers that can automatically
“surprisingly open technology.”3 discover and recommend policies in real time. And it means
greater application mobility throughout virtual, bare metal,
“Cisco ACI is far more open than the industry gives it credit container, and multi-cloud environments.
for,” the analyst firm contends. “EMA recommends that
enterprises looking for open programmable solutions assess “Integration, automation, security, and control are necessary
ACI to determine whether it meets their requirements. Its in today’s application-centric world,” says Jiandani. “ACI
approach to providing an open and programmable network will continue to deliver on all of these fronts through ongoing
may contrast sharply with the approaches adopted by innovations.”
advocates of bare-metal switching and open source network
software, but Cisco is offering a degree of openness that
was previously unheard of in Cisco networks.” 1http://images.forbes.com/forbesinsights/StudyPDFs/Cisco-IT_as_a_Strategic_Business_
Resource-REPORT.pdf
2 http://www.cisco.com/c/dam/en/us/solutions/data-center-virtualization/application-centric-
“We want to enable maximum choice,” Jiandani says, infrastructure/benefits-aci.pdf
“while also providing simplicity through automation and 3 http://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-
programmability.” centric-infrastructure/ema-enable-agility.pdf

CONTINUED MOMENTUM, FOCUS ON ANALYTICS

According to Jiandani, Cisco will continue to advance the

architecture’s capabilities in the coming months, with a
CISCO ACI BY THE
distinct focus on data analytics. NUMBERS
“We want to double down on infrastructure analytics to See how much time and money Symantec is
deliver the insights that no one else can,” she says. “ACI saving through the use of Cisco ACI. To get
will soon be able to analyze and act on relevant data the IDC Business Value Snapshot, visit the
in motion.” resource center at UnleashingIT.com.

4 Unleashing IT
STRATEGIES & SOLUTIONS

SOFTWARE LEADERS
EMBRACING
INFRASTRUCTURE
AUTOMATION

Application experts from Apprenda, CliQr, DataTorrent, and Vnomic explain why
they have integrated their solutions with Cisco Application Centric Infrastructure.
Building applications is one thing. Deploying them in data “These dependencies range from security rules and service
centers or the cloud is another. level agreements to performance and compliance. And they
need to be correlated to networking constructs such as
“Let’s be honest, it’s a lot of work to put an application subnet groups, firewalls, access control lists, load balancers,
into production,” says Farid Jiandani, product manager at and other L4 through L7 policies.”
Cisco. “Applications have a series of dependencies that
need to be mapped across a wide variety of environments.

Unleashing IT 5
There needs to be an easier way to deploy applications
across heterogeneous environments, he surmises,
regardless of the hypervisors and cloud management
software being utilized.

“Software abstraction can help translate application

dependencies into a logical policy model,” says Jiandani.
“But then it needs to be translated into infrastructure jargon
that tells the underlying systems how to behave.”

That’s why software leaders like Apprenda, CliQr,

DataTorrent, and Vnomic are taking advantage of Cisco®
Application Centric Infrastructure (Cisco ACI™)—combining
application logic with policy control to automate the
configuration of the infrastructure. Here’s how.

APPRENDA: IMPROVING APPLICATION SECURITY AND

COMPLIANCE IN THE CLOUD

Apprenda provides a Platform-as-a-Service (PaaS)

software layer for large enterprises developing their own
custom applications. Because its customers operate in
highly regulated industries such as financial services and
healthcare, security and compliance are of great concern.

“We’ve always been able to isolate compute, memory, and

storage, but our customers wanted more,” says Rakesh
Malhotra, senior vice president of product management
and engineering at Apprenda. “They would ask us about
network isolation, and quite frankly, we never had a
good answer.” “Deploying applications in the cloud takes far too long,
it’s far too manual, and it can be very difficult to align
Until now. Apprenda recently integrated its enterprise PaaS heterogeneous environments like OpenStack and VMware,”
with Cisco ACI, delivering the isolation—and resulting says Jeremy Oakey, vice president of strategic alliances
security and compliance—its customers were seeking. at CliQr. “Our platform simplifies the process by creating
application profiles, and with ACI, we can use those profiles
“With ACI, the applications are decoupled from the to automate the configuration of the cloud infrastructure.”
infrastructure,” says Malhotra. “So our customers can utilize
a shared, standardized infrastructure that offers full isolation The programmability and automation of Cisco ACI is “extremely
instead of managing many silos of dedicated hardware.” deep,” he adds, which is in stark contrast to other software-
defined networking (SDN) architectures that are more “flat” and
Everyone benefits, he adds. Application development teams still demand networking expertise and manual provisioning.
can work faster and are no longer confined to the limitations
and rigidity of the infrastructure. And infrastructure teams “We share the same vision with Cisco surrounding
can focus on higher value tasks like security, capacity, and abstraction, automation, and policy control,” says Oakey.
efficiency instead of continually spinning up new virtual “ACI is a disruptive technology, but our customers are
machines, firewalls, and load balancers. keenly interested in putting it into production.”

“The best thing is speed and flexibility don’t come at the DATATORRENT: UNIFYING THE MANAGEMENT OF BIG DATA
expense of security, compliance, or control. It’s quite the APPLICATIONS
opposite. Standardization and automation dramatically
improve those things,” says Malhotra. “Customers are the DataTorrent is a leader in real-time big data analytics,
best barometer, and they are very, very excited about our offering the world’s first open source, enterprise-grade
ACI integration.” platform for stream and batch processing on Hadoop. That
platform, DataTorrent RTS, is now integrated with Cisco ACI.
CLIQR: AUTOMATING APPLICATION DEPLOYMENT ACROSS
MULTIPLE CLOUDS “Big data applications operate in a distributed compute
environment, and they need to connect to multiple sources
CliQr offers a single platform to model, deploy, and manage of data to generate business insight,” says Charu Madan,
applications in hybrid—often multi-cloud—environments. Its director of business development at DataTorrent. “As access
CloudCenter Platform has been integrated with Cisco ACI requirements evolve, the process of securely configuring
to automate and optimize the end-to-end provisioning of these connections becomes tedious, manual, and repetitive.
infrastructure as part of the application deployment process. That’s not only time consuming, but unsustainable with the
dynamic nature of applications and real-time data.”

6 Unleashing IT
The combination of DataTorrent RTS and Cisco ACI provides a “With ACI, we never have to worry about the particulars of the
unified view of a big data application, its data sources, and the networking layer—only semantics and connectivity,” Palma
underlying network. And it enables the creation of policies that says. “The ACI constructs are robust, simple, and semantically
follow the application and data sources even after changes have pure. And we got it up and running in about a week.”
been made.
Vnomic customers can now build large, complex application
“We are leveraging ACI because it makes our product landscapes extremely fast, with servers, storage, network,
better,” says Madan. “The integration of the two allows big hypervisors, and firewalls automatically provisioned. What
data applications to be developed and deployed faster, with used to take months can be performed in hours.
better security and a single point of management.”
“These are very, very complex network environments, and
VNOMIC: EASING THE DEPLOYMENT OF SAP HANA they are being automated for the first time,” says Palma. “It’s
APPLICATIONS like a new kind of factory where you can define what you
want, push a button, and it just happens.”
Vnomic provides an “application-centric, policy-driven,
software-defined everything” platform, improving the
development and governance of complex applications
such as SAP S/4HANA. The Vnomic Declarative Application
Delivery and Governance Platform has been integrated with GET THE FORRESTER
Cisco ACI, automating the configuration and deployment of
network fabrics in support of those large-scale applications. STUDY
“ACI makes the network a semi-magical thing,” says Derek Forrester calculated the potential ROI
Palma, president and CTO of Vnomic. “We define the and typical payback period for Cisco ACI
application semantics and push them to the network with ACI, deployments. See the results and get the
and it immediately produces a sophisticated fabric that can Forrester Total Economic Impact™ study at the
deliver everything the application needs—regardless of whether UnleashingIT.com resource center.
it is in a physical or virtual environment.”

Palma says Cisco ACI is more elegant than other SDN

architectures that require additional infrastructure
translation, where interfaces, protocols, routers, subnets,
and shared resources need to be explicitly manipulated.

Unleashing IT 7
STRATEGIES & SOLUTIONS

EXTENDING POLICY
CONTROL TO THE
NETWORK’S UPPER
LAYERS
F5 Networks and Citrix are
extending the benefits of Cisco
Application Centric Infrastructure
to the application layer.

GET THE SDN COST

COMPARISON
According to ZK Research, “The integrated
approach taken by Cisco ACI translates
into significant economic advantage over a
solution built using VMware NSX.”

To see the full ZK Research report and

to access an SDN Cost Comparison
calculator, visit the resource center at
UnleashingIT.com.

8 Unleashing IT
Security breaches don’t always occur at the perimeter of a lines for each and every device, which is time consuming,
network. Session hijacking, SQL injection, and other data prone to human error, and takes applications offline when
attacks frequently take place in the application layer. changes need to be made.”

“Hackers are frauding the application itself, going straight The answer? Network abstraction, where configuration
through the firewall,” says Nathan Pearce, principal and deployment are based on the application itself and not
technologist for programmable networks at F5 Networks. the network devices. And where a single policy for each
“And it looks like normal TCP traffic.” application can be extended anywhere the application is
stored and accessed.
The point is this: security and policy control cannot be limited
to the core networking layers (L2-L3). They must be extended “ACI defines the policy for connectivity—switching, routing,
to the upper layers of the network (L4-L7) where application load balancing, firewalls—but you still need to extend
services are delivered. that policy to the application services that ensure high
performance, availability, and security,” says Pearce.
That’s why technology leaders like F5 and Citrix have adopted
Cisco® Application Centric Infrastructure (Cisco ACI™),
extending the benefits of software-defined automation and A FULLY AUTOMATED NETWORK
policy control to L4-L7.
F5 has integrated the Cisco Application Policy Infrastructure
Controller (APIC) with its Software Defined Application
REDUCING COMPLEXITY, INCREASING SPEED Services, directly incorporating F5 application solutions into
the Cisco ACI automation framework. Using F5 application
Applications are more distributed than ever before, and services templates, known as iApps, application policies can
they are constantly being augmented. While server and be developed once and easily replicated without recreating
storage virtualization has helped facilitate the dynamic every single command line.
nature of modern applications—and the business
functions they serve—the network has remained largely “There’s really no point in addressing L2 and L3 without
static and rigid. addressing L4 through L7, and vice versa,” says Pearce.
“Organizations need full-stack integration and automation,
“It can’t take weeks to configure the network when and that’s what we’ve done with ACI and F5 application
applications are changing on a daily basis,” says Raj Gulani, solutions. It’s a higher level of abstraction; like a menu
director of product management at Citrix. “The network must without having to know all of the ingredients or how to
maintain pace, up and down the stack.” cook the dish.”

Switches, routers, firewalls, load balancers, and DNS The Citrix NetScaler Device Package for Cisco ACI has also
services all require command lines—for each application. been integrated with the APIC, enabling the orchestration
And all applications must be manually synchronized across of Citrix network fabrics. The integration provides software-
a multitude of physical and virtual environments. defined policy control from L2-L7 that can be managed
directly through the APIC, delivering end-to-end health
“Today’s applications have too many touchpoints, and monitoring and telemetry.
defining every bit of network plumbing takes too long,”
Pearce says. “We needed to get away from single command “We’ve effectively automated the network,” says Gulani. “We
have work to do to educate others on how to take advantage
of this new technology, but I have no doubt that it will become
more mainstream.”

With L2-L7 integration, customers can automate network

configurations and connectivity as well as higher level
application services surrounding TCP/HTTP optimization,
data security, and performance monitoring. They can react
faster to application changes, fluctuating demand, and
potential attacks. And they can improve their compliance
posture while reducing the possibility of human errors
and downtime.

“Customers want to see that this is real, and we are happy to

show them,” says Gulani. “That’s when they realize the true
value and power of this integration, and its ability to spawn
innovation and differentiation.”

Unleashing IT 9
EXPERIENCES

BUILDING A DATA
CENTER AROUND
AN APPLICATION
ARCHITECTURE
With a software-defined network as the hub of a new
data center, Bowling Green State University is streamlining
application delivery to better serve students and staff.

The IT department at Bowling Green State University (BGSU) BGSU recently decided to establish a new data center at a
couldn’t do it all. New application and service requests, software colocation facility. Doing so would free up valuable space
updates and patches, and infrastructure maintenance all on campus for new student services, and also dramatically
demanded time and attention—which was in finite supply. reduce the time and effort required for infrastructure
maintenance.
Of course, each new application or service added to the snowball
effect. More to maintain, less time to fulfill the ongoing stream of But hardware caretaking was only half the problem. BGSU
requests from the university’s staff. wanted to find a better, faster way to accommodate requests for
new applications and IT services.
“Department leaders are always finding new applications that they
want to employ for teaching purposes, and they want them fast,” “We started looking at SDN [software-defined networking],
says Matt Haschak, director of IT security and infrastructure at and we had three requirements,” says Haschak. “We wanted
BGSU. “We were trying to do it all, but it was unsustainable.” an architecture that would allow us to be more efficient, that
would be more flexible and open, and offer better, more
New requests could not come at the expense of hardware and consistent security.”
software maintenance. And IT administration could not come at
the expense of the university’s mission to continually improve His research led him to the combination of Cisco® Application
educational experiences inside and outside the classroom. Centric Infrastructure (Cisco ACI™), Cisco Nexus® switches, and
the Intel® Xeon® processor-based Cisco Unified Computing
Something had to give. System™ (Cisco UCS®).

“We did a bunch of homework and looked at other SDN

NEW COLOCATION STRATEGY solutions, but they weren’t as mature as ACI,” says Haschak.
“And once the decision was made, ACI became the focal point
The data center at BGSU is smack dab in the middle of campus, of the entire colocation build out. We are building everything
on the third floor of a building constructed in 1931. The location around it.”
presents a number of challenges, such as getting new equipment
into the room. At one point, the university had to cut a hole in the
roof and lower new hardware in.

10 Unleashing IT
 ABOVE Big thinker: Matt Haschak, director of IT
security and infrastructure, on the BGSU campus

MORE CONSISTENCY, BETTER SECURITY “We will be able to accommodate more one-off requests, and
we will have more time to consider new things and new ways of
Haschak cut his teeth as a security analyst, and he brings serving our students and staff,” says Haschak.
a security-minded focus to every infrastructure project and
decision. While Cisco ACI was chosen for its ability to simplify and He cites a new test and development environment for university
accelerate application delivery, it was the security aspects of the researchers as an example. In the past, that sort of environment
architecture that got his juices flowing. would have been very difficult and time consuming to deploy,
segment from the university’s core systems, and secure. With
“ACI is a policy-based architecture,” Haschak explains. “Once Cisco ACI policy templates, it will be fast and effortless.
you define those policies, they follow the application no matter
where it is stored or accessed. If you do it right the first time, “Our new architecture is allowing us to evolve,” Haschak says, “as
everything else becomes faster, easier, more consistent, and more an IT staff and as a university.”
secure moving forward.”

Cisco ACI forced Haschak and his team to better understand the
connections and communications between BGSU’s technology
systems, and establish policies surrounding application security,
GET THE SDN COST
load balancing, user access, and the like. COMPARISON
“It takes some time up front, but it will pay huge dividends for us,” Curious about the cost differences between Cisco ACI
he says. “A lot of security breaches happen on old systems that and VMware NSX? Access the SDN Cost Comparison
are somewhat forgotten and just sitting there. With ACI, we can see
calculator at the UnleashingIT.com resource center.
everything in a single pane of glass, we know what is connected to
what, and we know the security policies are being enforced.”

When BGSU’s applications are ported to the new colocation

data center in spring of 2016, the university’s IT staff will be
largely freed from the burden of infrastructure maintenance.
And they will have a powerful SDN architecture that streamlines
application delivery and support.

Unleashing IT 11
EXPERIENCES

THE BIRTH OF A
“SMART ENTERPRISE”
How global technology firm KPIT is transforming its operations, from employee
recruiting and collaboration to customer engagement and support.

One of the fastest growing IT consulting and product KPIT partners with more than 200 global corporations in the
engineering firms in the world, KPIT helps its customers run automotive and transportation, manufacturing, and energy and
their business more efficiently and develop products that utilities industries. Much of its work surrounds the development
deliver sustainable competitive advantage. In doing so, the of custom applications that help its customers become more
India-based company “co-creates transformational value.” productive, integrated, and innovative.

But recently, KPIT has been undergoing a transformation of its own. Because speed of application delivery is a key differentiator for
KPIT and, in turn, its customers, the company implemented a
“We look at ourselves as a highly agile company, and every private cloud five years ago to allow its developers to provision
function supporting the business needs to be agile,” says their own compute resources. However, all other infrastructure
Mandar Marulkar, vice president and chief information officer services—including network, security, and storage—would
at KPIT. “With this goal in mind, we have been working to often take four weeks to deploy after application requirements
increase our operational agility.” were fully understood.

12 Unleashing IT
“We wanted to give the power to our application developers THE NEXT LEVEL
to provision all infrastructure components, on demand and in
a cost-effective manner,” explains Marulkar. “They should be According to Marulkar, KPIT can now respond quickly
able to decide service, performance, and security levels, and and efficiently to new application requests and business
then have the infrastructure automatically configured. They requirements—for both internal and external customers.
shouldn’t have to worry about technical configurations, and It can build multitenant environments that simultaneously
they shouldn’t have to wait.” cater to the needs of multiple customers while delivering
consistent security and performance. And it can offer
better, more competitive service-level agreements to
DIGITAL TRANSFORMATION the marketplace.

Known internally as “Smart Enterprise,” KPIT’s digital “Cisco ACI has helped us take our business offerings to the
transformation initiative aims to advance the company’s next level,” says Marulkar. “That means we can pursue more
business processes using social engagement, mobility, business opportunities, capture additional revenue, and
predictive analytics, and container technologies. But before increase customer satisfaction.”
those goals can be attained, the company needed to
modernize its infrastructure and application environment. KPIT can also advance its “Smart Enterprise” ambitions. The
new infrastructure and application architecture will provide
KPIT is doing so with a combination of Cisco® Application the foundation for a variety of new digital platforms. And they
Centric Infrastructure (Cisco ACI™), Cisco Nexus® switches, will help transform the company’s operations, from employee
the Intel® Xeon® processor-based Cisco Unified Computing recruiting and collaboration to customer engagement and
System™ (Cisco UCS®), and Cisco UCS Director. A policy- support.
based automation architecture, Cisco ACI simplifies and
accelerates application delivery. Smart indeed.

“ACI provides essential automation,” Marulkar explains,

“which helps speed up infrastructure provisioning, reduce
human errors, and ensure compliance and uniformity of all
applications. In essence, it allows us to work faster and deliver
better solutions and services.” GET THE FULL
Cisco ACI also integrates with KPIT’s preexisting network CASE STUDY
infrastructure and comes pre-loaded with application templates
and rules, easing the implementation process. Cisco ACI reduces costs, automates IT tasks, and
accelerates application deployments. To learn more
“The openness and integration of ACI was very crucial because about KPIT’s use of Cisco ACI, get the full case
we didn’t want to create isolated technology islands in our data
study at the UnleashingIT.com resource center.
center,” says Marulkar. “And with an intuitive interface, ACI has
been easy to learn, manage, and monitor.”

TRANSFORMING of Cisco Connected Mobile Experiences (CMX), VBrick

streaming video, Cisco Intercloud Fabric™ (ICF) solutions,

BUSINESS and Cisco Identity Services Engine (ISE).

“We want to provide secure access to all applications and
With an application-centric data center, KPIT is advancing data through mobile devices,” Marulkar explains.
its “Smart Enterprise” initiative with a variety of new
With the new technologies in place, KPIT plans to enhance
technologies.
employee recruiting, training, and collaboration. It will
“All of our internal processes and customer-facing expand customer engagement and digital marketing
applications are being transformed,” says Mandar Marulkar, practices. And it will use advanced analytics to attain
vice president and chief information officer at KPIT. “We want new insights surrounding operational performance and
to improve how we engage with customers, the speed with customer trends.
which we deliver products and services, how we innovate,
“This is just the first phase of our Smart Enterprise
and the resiliency and reliability of our operations.”
initiative,” says Marulkar. “We will continue to transform
The integration of mobile, video, and cloud technologies is the customer experience, enhance our operational
key to the transformation. KPIT is utilizing a combination processes, and pursue new digital business models.”

Unleashing IT 13
EXPERIENCES

A NEW
FOUNDATION
FOR BUSINESS
GROWTH,
EVOLUTION

Siam City Cement Public Company

Limited’s new technology
infrastructure has laid the groundwork
for business optimization and a better
customer experience.

14 Unleashing IT
The directive from Siam City Cement Public Company Limited
(or INSEE) leaders was clear: Go digital, become more agile,
and use the latest technologies to grow and evolve in the Asia
Pacific region.

“Even though we are a cement provider in a commoditized

industry, we believe technology can help us be a leader
in this market,” says Hans Keril Ante, head of IT, security,
and compliance for Siam City Cement PCL, one of the
largest cement producers in Thailand. “So we reconsidered
everything.”
Hans Keril Ante, head of IT,
That meant rethinking the core infrastructure, cloud utilization, security, and compliance
and endpoint devices, and it included a dedicated pursuit of
big data analytics and the Internet of Things (IoT). All in an
effort to boost operational efficiency, enhance the customer
experience, and create differentiation in a mature market. wealth of data. And new sources of data will soon be brought
online as part of the company’s IoT strategy. With better
integration and visibility of that data, Ante and his team are
NEW DATA CENTER BUILT FROM SCRATCH planning to conduct advanced analytics that lead to business
optimization.
Based in Bangkok, Siam City Cement PCL has three primary
manufacturing plants and 98 smaller mixing plants spread “We want to become more operationally efficient,” says Ante.
throughout Thailand. A brand new, world-class data center that “With our new infrastructure and SAP HANA, we can see
connects them all recently went live. the performance of our plants and the performance of our
business. And we can see everything with one dashboard.”
“We built it from scratch using the best technology we could
find,” explains Ante, the infrastructure lead for the digital Siam City Cement PCL also has the flexibility and agility
transformation project. company leaders requested, and will use them to continuously
enhance the way it serves its customers.
The combination of Intel® Xeon® processor-based Cisco
Unified Computing System™ (Cisco UCS®), Cisco Nexus® “We don’t know what new apps will come that can improve
switches, and Cisco® Application Centric Infrastructure (Cisco the customer experience or our competitive advantage,” says
ACI™) are at the heart of the new data center. A policy-based Ante. “But we know we can implement anything, and we can
automation architecture, Cisco ACI simplifies and accelerates do it quickly.”
application delivery.
Company leaders can be more creative as they explore
“It’s so easy to interconnect and provision things,” says Ante. opportunities to grow and evolve, he adds. Regardless of
“We connected and configured the new data center in only two which paths they choose, Siam City Cement PCL’s future will
weeks. And we can provision new services quickly. Not just be built on its new technology foundation.
servers and switches, but entire services. If we want to deploy
a new web service or connect to a new cloud service, we can “The combination of UCS, Nexus, and ACI was a no
do it very fast.” brainer,” says Ante. “If we didn’t adopt them, we would be
stuck in the past.”
Network configurations, firewalls, and security elements are
automatically replicated using Cisco ACI policies and service
profiles. Ante says his team was able to replicate 30 servers
and switches in less than three hours. This speed was a critical
factor in stress testing the new environment and preparing SAP
HANA for production deployment. GET THE FULL
“We got SAP HANA up and running faster than expected, CASE STUDY
and we’ve seen a 100 percent performance improvement
compared to our old SAP installation,” Ante says. “Because it’s
Cisco ACI reduces costs, automates IT tasks, and
so much faster, we can conduct better analytics and run more
complicated reports.” accelerates application deployments.

To learn more about Siam City Cement PCL’s

MORE EFFICIENCY, BETTER CUSTOMER EXPERIENCE use of Cisco ACI, get the full case study at the
UnleashingIT.com resource center.
Some 80 percent of Siam City Cement PCL’s orders are placed
online through customer and supplier portals that generate a

Unleashing IT 15
EXPERIENCES

COMPETING WITH
PUBLIC CLOUD TITANS
Why large-scale cloud providers should be concerned about West Virginia’s
Alpha Technologies.

The West Virginia economy has been decimated in “There is less complexity but more depth with ACI,” Belcher
recent decades. As the once-fruitful coal mines fade into explains. “So security is simultaneously simpler, better, and
obscurity, so too have the career prospects for countless more manageable on a granular level.”
area professionals.
That has allowed Alpha to bolster its PCI, HIPAA, and SSAE16
“The local economy needs an influx,” says Doug Tate, founder compliance capabilities, and pursue ISO27001 and FedRAMP
and president of Alpha Technologies, a West Virginia cloud, certifications.
communications, and hosting provider. “I want to create 300 to
600 high-paying jobs that will help.” “When you get certified by these standards bodies, it opens
up a ton of new business opportunities,” Tate says, while
To do so, Tate needs to grow his business. Alpha currently adding the company’s size, geography, and status as a
supports hundreds of customers, but it aims to serve service-disabled, veteran-owned company also play in
thousands. And it has lofty ambitions of competing with the Alpha’s favor. “Our whole pitch is around security and
world’s largest cloud providers. data protection.”

“We want to play in the same sandbox as the big boys,” Tate In the past, it took a week to get a new customer up and
says, “on local, regional, and national levels.” running on Alpha’s cloud. Using Cisco ACI, the same work can
be accomplished in less than an hour—with full data isolation,
Alpha is now in a position to do so, he claims, because of its better security, and demonstrable compliance with a number of
recent adoption of Cisco® Application Centric Infrastructure industry standards.
(Cisco ACI™), a breakthrough software-defined networking
architecture, and the Intel® Xeon® processor-based Cisco The extra time will be spent attracting new business,
Unified Computing System™. enhancing customer support, and creating new jobs for the
local population. While Alpha generated roughly $13 million
“ACI is a game changer,” Tate says. “It allows us to compete at in 2015 revenue, Tate estimates the company can “easily” net
a higher level.” upwards of $200 million in 2016.

“We are bidding on multi-million and multi-billion dollar

SECURITY, COMPLIANCE FOR GOVERNMENT CUSTOMERS contracts that nobody else can touch, and it’s largely based on
our security and compliance capabilities,” Tate says. “This stuff
Alpha’s proximity to Washington, D.C., makes it an ideal sells itself.”
provider for government contracts and projects. But as with all
public sector activities, data security is of utmost importance.

“Traffic needs to be completely isolated,” says Jack Belcher,

COO for Alpha. “In the past, we had to manually provision
everything—network, virtual machines, security. It was time
consuming, complex, and came with the possibility of human
error. But ACI is secure by default.”

In a traditional data center, every system can communicate

with others unless segmentation policies are meticulously
defined, creating a dubious security posture. Cisco ACI
is the opposite. Server, storage, and networking systems
cannot interact with each other natively unless those links are
deliberately established.

16 Unleashing IT
 BETTER GOVERNMENT: ONLINE VS.
WAITING IN LINE
With data isolation and protection being critical to its
How NIC is making government success, NIC would meticulously and manually provision
everything—servers, network, security—to deploy each new
services more accessible for citizens. service or onboard a new agency. The process took 30 to 45
days on average.
Interacting with state and local government agencies isn’t
always easy. It often involves traveling to an understaffed FASTER PROVISIONING, BETTER SECURITY
office, filling out paperwork, waiting in line, and hoping for
the desired answers or outcome. NIC has adopted Cisco® Application Centric Infrastructure
(Cisco ACI™) to increase the speed and efficiency of service
NIC is working to improve these interactions by making them delivery. The software-defined networking architecture
more accessible for citizens and businesses. The eGovernment automates infrastructure provisioning, greatly accelerating
pioneer has delivered roughly 9500 services in more than 30 application development, testing, and deployment.
states, making it easier for people to obtain hunting and fishing
permits, register vehicles, pay for parking tickets, purchase “ACI handles all of the tedious, manual infrastructure tasks for
business licenses, and comply with court and corrections us, so we can deploy new services faster,” says Shaw. “What
mandates. All online, without waiting in line. used to take a month or more now takes hours.”

But as with all public sector activities, citizen privacy is of NIC recently hosted a technology conference, he adds, in part
utmost importance. to showcase its new development capabilities. In the span
of three and a half days, conference leaders and attendees
“We essentially act as a fully managed private cloud for a created 583 discrete application environments.
number of states,” says Jeff Shaw, vice president of IT at NIC.
“But each agency is independent and has its own data that “I never thought it would be possible to spin up that many
can’t be intermingled with others, even within the same state.” environments in that short of a timeframe,” says Shaw. “It has
taken us 23 years to deploy 9500 services. With ACI, I think we
can increase our output by 500 to 1000 services annually.”

GET STARTED And all of them will have better data isolation and security.
Cisco ACI decouples security and segmentation from the
underlying network topology, providing automation and policy
A variety of solution and service bundles with
control down to the individual tenant, application, or workload.
fixed pricing are available to speed up Cisco
ACI deployments. To learn more about Cisco “Government agencies want to move to the cloud,” says Shaw.
ACI starter kits, visit the resource center at “With ACI, we can get them there more efficiently and securely
UnleashingIT.com. than ever before.”

Unleashing IT 17
EXPERIENCES

BUSINESS
UNLIMITED
For Pulsant and its
customers, the combination
of Cisco Application Centric
Infrastructure and F5 Device
Package delivers integration
and automation across
multiple environments.

18 Unleashing IT
Choice and integration. That is what Pulsant’s customers
are demanding. And it is exactly what the U.K.-based cloud,
colocation, and managed services provider is delivering.

“Our customers are increasingly utilizing a hybrid

combination of technologies and services, from on-premises
and colocation data centers to managed and public clouds,”
says Matt Lovell, CTO for Pulsant. “But they don’t want
a collection of point solutions. They want end-to-end
management, security, and analytics across all of
these environments.”

With hardware, software, standards, and everything in between

being different, data becomes the pivot point, he explains. And
policy control surrounding that data is the only way to ensure
consistency—of governance, security, and compliance—no
matter where the workloads reside.

A POWERFUL COMBINATION

Pulsant is utilizing the latest software-defined networking (SDN)

technologies to integrate its colocation and cloud offerings and
provide a higher level of service to its customers. “Architecting a complex core network is difficult and time
consuming, but the next-gen controllers do most of the heavy
“We’re moving up the enterprise food chain by becoming lifting,” says Lipka. “The APIC takes high-level instructions,
more data and application centric,” Lovell says. “There are a breaks them down into little pieces, and delivers them to the
lot of cloud providers, but not many can offer management ACI Fabric. It’s all automated.”
down to each device or a single pane of glass across all
enterprise applications.” Pulsant isn’t just providing systems and service integration,
but also end-to-end visibility, health monitoring, policy control,
Cisco® Application Centric Infrastructure (Cisco ACI™) and the and security. A new self-service portal will soon give Pulsant’s
F5 Device Package for Cisco Application Policy Infrastructure customers greater access to and control of their data—across
Controller (APIC) have been key to Pulsant’s evolution in this multiple physical and virtual environments—for advanced
arena, providing integration and automation from the core analytics, reporting, and decision making.
network to the application layer.
“This is one of the most exciting times to be a networking
“The network is critical for how applications, services, and data specialist,” Lipka says. “We are in the midst of a revolution,
are handled,” Lovell explains. “The combination of Cisco ACI and ACI is a revolutionary technology. After two days of
and F5 Device Package provides visibility and policy control testing, we could tell it would change and improve the way we
across L2 to L7 fabrics, and removes the boundaries between run our business and serve our customers.”
physical and virtual workloads.”
“Business unlimited,” says Lovell. “That’s our vision, and we
are delivering on the vision by creating new ecosystems of
SIMPLICITY + AUTOMATION = SPEED value for our customers—all backed by an integrated platform
with consistent security, management, and policy control.”
Pulsant’s new architecture provides intelligence and
abstraction that simplify and automate complex tasks. That
means much faster development and provisioning for Pulsant
and its customers.

“It’s all about simplicity,” says Martin Lipka, head of

CISCO ACI BY THE
connectivity architecture at Pulsant. “If the racks are set up
and the cables are laid, I can configure a new data center in
NUMBERS
10 minutes, and I can teach someone else to do it just
as quickly.” See how much time and money can be saved
through the use of Cisco ACI.
In the past, it would take Pulsant weeks to patch together
different systems and services, handling security, protocols, To get the IDC Business Value Snapshot, visit
and compliance on a case-by-case basis. Today, it takes days the resource center at UnleashingIT.com.
or even hours.

Unleashing IT 19
 Faster data center. Full stop.
Slow is neither an option nor an excuse today. That’s why
Intercloud, ACI, and data centers powered by Cisco UCS
TM
get you and your business ready for cloud at the speed of
right now. See how.

cisco.com/go/sdnhub

Cisco UCS®
with Intel® Xeon®
Intel, the Intel logo, Xeon, and Xeon Inside are trademarks or registered
trademarks of Intel Corporation in the U.S. and/or other countries. processors