The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This section contains the following topics:
The dynamic nature of cloud environments requires organizations to apply and enforce frequent changes to networks. These networks can consist of thousands of virtual services elements, such as firewalls, load balancers, routers, and switches. Cisco Prime Network Services Controller simplifies operations with centralized, automated multidevice and policy management for Cisco network virtual services. For the latest Prime Network Services Controller release updates and overview, see the corresponding Prime Network Services Controller data sheet.
Cisco Prime Network Services Controller (Prime Network Services Controller) is the primary management element for Cisco Nexus 1000V (Nexus 1000V) switches and services that can enable a transparent, scalable, and automation-centric network management solution for virtualized data center and hybrid cloud environments. Nexus 1000V switches and services deliver a highly secure multitenant environment by adding virtualization intelligence to the data center network. These virtual switches are built to scale for cloud networks. Support for Virtual Extensible LAN (VXLAN) helps enable a highly scalable LAN segmentation and broader virtual machine (VM) mobility.
Prime Network Services Controller enables the centralized management of Cisco virtual services to be performed by an administrator, through its GUI, or programmatically through its XML API. Prime Network Services Controller is built on an information-model architecture in which each managed device is represented by its subcomponents (or objects), which are parametrically defined. This model-centric approach enables a flexible and simple mechanism for provisioning and securing virtualized infrastructure using Cisco VSG and Cisco Adaptive Security Appliance 1000V (ASA 1000V) Cloud Firewall virtual security services.
In addition, Prime Network Services Controller supports Cisco Cloud Services Router 1000V (CSR 1000V) edge routers, and Citrix NetScaler 1000V and Citrix NetScaler VPX load balancers. This combination of virtual services brings numerous possibilities to customers, enabling them to build virtual data centers with all of the required components to provide best-in-class cloud services.
The following table lists the features and benefits of using Prime Network Services Controller. For the latest Prime Network Services Controller release description and overview, see the latest Prime Network Services Controller data sheet and Release Notes.
Features | Description | Benefits |
---|---|---|
Multiple-Device Management |
Prime Network Services Controller provides central management of installed VMs (edge routers, edge firewalls, compute firewalls, and load balancers) and Nexus 1000V. |
Simplifies provisioning and troubleshooting in a scaled-out data center. |
Load Balancing Profiles |
An application network profile represents load balancer server farms and related features and attributes. |
Simplifies provisioning, reduces administrative errors during load balancing policy changes, reduces audit complexities, and helps enable a highly scale-out data center environment. |
Routing Profiles |
A network profile represents edge router routing policies and related features and attributes. |
Simplifies provisioning, reduces administrative errors during routing policy changes, reduces audit complexities, and helps enable a highly scale-out data center environment. |
Security Profiles |
A security profile represents the VSG or ASA 1000V security policy configuration in a profile (template). |
Simplifies provisioning, reduces administrative errors during security policy changes, reduces audit complexities, and helps enable a highly scaled-out data center environment. |
Stateless Device Provisioning |
The management agents in VSG and ASA 1000V are stateless, receiving information from Prime Network Services Controller. |
|
Security Policy Management |
Security policies are authored, edited, and provisioned centrally. |
|
Context-Aware Security Policies |
Prime Network Services Controller obtains virtual machine contexts from VMware vCenter. |
Allows a security administrator to institute highly specific policy controls across the entire virtual infrastructure. |
Support virtual services for DFA environments |
Cisco Prime NSC obtains tenant information and allows virtual services to be added to DFA virtual overlay networks. |
— |
Dynamic Security Policy and Zone Provisioning |
Prime Network Services Controller interacts with the Nexus 1000V VSM to bind the security profile to the corresponding Nexus 1000V port profile. When virtual machines are dynamically instantiated by server administrators and appropriate port profiles applied, their association with trust zones is also established. |
Helps enable security profiles to stay aligned with rapid changes in the virtual data center. |
Multi-Tenant (Scale-Out) Management |
Prime Network Services Controller is designed to manage VSG and ASA 1000V security policies in a dense multi-tenant environment so that administrators can rapidly add and delete tenants and update tenant-specific configurations and security policies. |
Reduces administrative errors, helps ensure segregation of duties in administrative teams, and simplifies audit procedures. |
Role-Based Access Control (RBAC) |
RBAC simplifies operational tasks across different types of administrators, while allowing subject-matter experts to continue with their normal procedures. |
|
XML-Based API |
Prime Network Services Controller XML API allows external system management and orchestration tools to programmatically provision VSG and ASA 1000V. |