Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco Application Virtual Switch for Cisco Application Centric Infrastructure Data Sheet

Available Languages

Download Options

  • PDF
    (648.6 KB)
    View with Adobe Reader on a variety of devices
Updated:February 14, 2019
Document ID:68320e9d-ce90-417a-8ce4-4b4c328f5996

Available Languages

Download Options

  • PDF
    (648.6 KB)
    View with Adobe Reader on a variety of devices
Updated:February 14, 2019
Document ID:68320e9d-ce90-417a-8ce4-4b4c328f5996
 

Product Overview

The Cisco® Application Virtual Switch (AVS) is a purpose-built virtual network edge switch for Cisco Application Centric Infrastructure (ACI). Cisco AVS brings the Cisco ACI policy model to virtual infrastructure, thus providing policy consistency across physical and virtual workloads. Cisco AVS also lets you extend these polices to the existing infrastructure, providing outstanding investment protection.

Cisco ACI is an innovative architecture that radically simplifies, optimizes, and accelerates the entire application deployment lifecycle. Cisco ACI uses a holistic systems-based approach, with tight integration between physical and virtual elements, an open ecosystem model, and innovation-spanning application-specific integrated circuits (ASICs), hardware, and software. This unique approach uses a common policy-based operating model across a network that supports Cisco ACI along with security elements (and computing and storage in the future), overcoming IT silos and drastically reducing costs and complexity.

The main benefits of Cisco ACI include:

   Simplified automation with an application-based policy model

   Common platform for managing physical, virtual, and cloud-based environments

   Centralized visibility with real-time application health monitoring

   Micro Segmentation and Distributed Firewall capabilities to secure east west traffic

   Operation simplicity, with common policy, management, and operation models across application, network, and security resources (and computing and storage resources in the future)

   Open software flexibility for development and operations (DevOps) teams and ecosystem partner integration

   Scalable performance and secure multitenancy

The Cisco ACI consists of (Figure 1):

   Cisco Application Policy Infrastructure Controller (APIC)

   Spine switches

   Physical and virtual leaf switches

Figure 1.      Cisco ACI Overview

datasheet-c78-733605_0.jpg

Cisco Application Virtual Switch

Cisco AVS is a purpose-built virtual switch for Cisco ACI that’s part of the virtual network edge switch offering of the Cisco ACI leaf portfolio. Cisco AVS is a distributed virtual switch that resides in the hypervisor layer of a virtualized host, providing switching and policy enforcement capabilities in the future. Cisco AVS provides consistent virtual networking across multiple hypervisors (in the future) to simplify network operations and provide consistency with the physical infrastructure (Figure 2). Here are some of the advantages of Cisco AVS:

   Cisco AVS is robustly integrated into the Cisco ACI architecture and supports application network profile (ANP) enforcement at the virtual host layer consistent with the physical Cisco Nexus® 9000 Series Switches.

   Cisco AVS is managed centrally along with rest of the Cisco ACI fabric components through Cisco APIC and provides advanced telemetry features to allow end-to-end visibility and troubleshooting capabilities across both virtual and physical devices.

   Cisco AVS enables optimal traffic steering between virtual and physical layers of the fabric to enhance performance and resource utilization. For example, if the web and application tiers are located on the same host, Cisco AVS can route traffic or apply security policies between these endpoint groups within the hypervisor itself (in the future). However, if the database is a bare-metal workload that is attached to the physical Cisco Nexus 9000 Series Switch, the application policy is consistently applied at the physical Cisco Nexus 9000 Series top-of-rack (ToR) switches instead.

Figure 2.      Application Centric Infrastructure with Application Virtual Switch

datasheet-c78-733605_1.jpg

Cisco AVS is compatible with any upstream physical access layer switch that complies with the Ethernet standard, including Cisco Nexus Family switches. Cisco AVS is compatible with any server hardware listed in the VMware Hardware Compatibility List (HCL). Cisco AVS is a distributed virtual switch solution that is fully integrated into the VMware virtual infrastructure, including VMware vCenter for the virtualization administrator. This solution allows the network administrator to configure virtual switches and port groups to establish a consistent data center network policy.

Figure 3 shows a topology that includes Cisco AVS with Cisco APIC and VMware vCenter with the Cisco Virtual Switch Update Manager (VSUM).

Figure 3.      Sample Cisco AVS Topology

datasheet-c78-733605_2.jpg

Cisco Virtual Switch Update Manager

Cisco VSUM enables you to add hosts and upgrade Cisco AVS using the VMware vSphere Web Client. The Cisco VSUM GUI is an integral part of the VMware vSphere Web Client and can be accessed only by logging into the VMware vSphere Web Client.

Features

Table 1 summarizes the main features of Cisco AVS.

Table 1.       Main Features

Feature

Description

Systemwide application visibility and troubleshooting

  Cisco Switched Port Analyzer (SPAN) and Encapsulated Remote SPAN (ERSPAN) support
  Simple Network Management Protocol (SNMP) Version 3 support
  Bridge Protocol Data Unit (BPDU) guard
  BPDU filter

Application network profiles

Logical representation of all components of the application and their interdependencies in the application fabric

Policy

Policy and contract enforcement

Monitoring

  Virtual network interface cards (vNICs)
  Received and transmitted ingress and egress packets
  Broadcast, multicast, and dropped packets
  Service insertion
  Packets and bytes
  VLAN and Bridge Domain statistics
  Uplink and virtual Ethernet statistics
  Ingress and egress counters

Virtualization integration

  VMware ESXi and vSphere
  Automated creation of port groups for VLAN and VXLAN mapped to endpoint groups (EPGs)
  VMware vMotion movement between fabric-connected hosts

Secure East West traffic

  Provides Microsegmentation and Distributed firewall functionality to secure east west traffic

Secure user authentication

  TACACS+, RADIUS, and Lightweight Directory Access Protocol (LDAP) through Cisco APIC
  Local authentication with password and role-based access control (RBAC) through Cisco APIC

Upgrade

Upgrade using Cisco VSUM

Centralized management

Use of Cisco APIC to configure, manage, and troubleshoot system

Security

  Permit, deny, and taboo list (blacklist) and application-centric whitelist policy model for securing virtual applications at the physical fabric
  EPG policy filtering (source EPG, destination EPG, and Layer 4 ports) at the physical fabric
  Secure multitenancy at scale built into Cisco ACI fabric
  Built-in distributed Layer 4 security integrated into Cisco ACI fabric to secure east-west traffic
  Security policies automated to move as workloads are moved in the data center
  RBAC, authenticated access based on certificate authentication, Cisco Secure Access Control System (ACS), and local authentication through Cisco APIC

External connectivity

  Static PortChannel
  Link Aggregation Control Protocol (LACP) PortChannel
  Virtual PortChannel (vPC)
  Straight-through mode to end hosts and servers
  MAC address pinning and VXLAN loadbalancing

Layer 2 features

  Layer 2 switch ports and VLAN trunks
  IEEE 802.1q VLAN encapsulation
  LACP: IEEE 802.3ad
  vPC host mode
  Jumbo-frame support; up to 9000 bytes

Virtual Extensible LAN (VXLAN)

  Scalable network isolation
  Port statistics

Cisco VSUM

VMware vSphere Web Client plug-in for ease of installation and upgrade

VMware vSphere feature compatibility

  VMware vMotion
  VMware Distributed Resource Scheduler (DRS)
  VMware High Availability (HA)
  VMware Storage vMotion
  VMware Fault Tolerance (FT)
  VMware Update Manager
  VMware Auto Deploy
  VMware vRealize

System Scalability

Table 2 summarizes Cisco AVS scalability capabilities.

Table 2.       Cisco AVS Scalability

Feature

Cisco AVS Scale

ESXi hosts per Cisco APIC cluster

3200

Virtual Ethernet interfaces

990 per physical host

Uplinks in a PortChannel

8

SPAN sessions

64

ERSPN sessions

64

VLANs

4096

Physical NICs

8

Software Requirements

Cisco AVS is supported in Release 4.2(1) SV2 (2.3) and later. It is supported as a virtual leaf (vLeaf) for Cisco APIC with VMware ESXi Release 5.1 and later for the VMware ESXi hypervisor. Starting December 8th Cisco AVS is supported on VMware vSphere 6.0

System Requirements

   Compatible with VMware vCenter Release 5.1 or later

   Cisco AVS vLeaf

     VMware ESXi 5.1 or later

     Hard disk space: 6.5 MB

     RAM: 150 MB

   Cisco VSUM virtual machine requirements

     Hard disk: 80 GB

     RAM: 2 GB

   Server on VMware Hardware Compatibility List (http://www.vmware.com/go/hcl)

     Compatible with any upstream physical switches, including all Cisco Nexus and Cisco Catalyst® Family switches as well as Ethernet switches from other vendors

Licensing and Ordering Information

Cisco AVS 1.0 licensing is included as part of Cisco ACI licensing.

Warranty

Cisco AVS has a 90-day limited software warranty. For more information about the Cisco AVS warranty, see http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html.

Service and Support

Cisco AVS Service and Support are included as part of Cisco ACI. Cisco offers a wide range of services to help accelerate your success in deploying and optimizing the Cisco ACI solution in your data center. The innovative Cisco Services offerings are delivered through a unique combination of people, processes, tools, and partners and are focused on helping you increase operation efficiency and improve your data center network. Cisco Advanced Services uses an architecture-led approach to help you align your data center infrastructure with your business goals and achieve long-term value. Cisco SMARTnet Service helps you resolve mission-critical problems with direct access at any time to Cisco network experts and award-winning resources. With this service, you can take advantage of the Cisco Smart Call Home service capability, which offers proactive diagnostics and real-time alerts on your Cisco ACI deployment. Spanning the entire network lifecycle, Cisco Services offerings help increase investment protection, optimize network operations, support migration operations, and strengthen your IT expertise.

Cisco Capital

Financing to Help You Achieve Your Objectives

Cisco Capital can help you acquire the technology you need to achieve your objectives and stay competitive. We can help you reduce CapEx. Accelerate your growth. Optimize your investment dollars and ROI. Cisco Capital financing gives you flexibility in acquiring hardware, software, services, and complementary third-party equipment. And there’s just one predictable payment. Cisco Capital is available in more than 100 countries. Learn more.

For More Information

For more information about the Cisco Application Virtual Switch and for the latest software release information and recommendations, please visit http://www.cisco.com/go/avs.

 

 

 

Learn more