Jon Sanchez, director of Symantec IT data center services, understands that in high tech, you need to go big or go home. "You don't have the luxury of sitting back on your heels for five or six years to see if something's going to play out—not if you want to use that as a competitive advantage."
With that in mind, Symantec, a Mountain View, California-based information protection software vendor, has opted to replace a multivendor network in its Granite Labs data center by jumping ahead two networking technology generations. Sanchez says it will leapfrog from its current end-of-life infrastructure straight to Cisco® Application Centric Infrastructure (Cisco ACI™), a holistic architecture featuring centralized automation and policy-driven profiles.
Granite Labs, the "crown jewel" of Symantec's IT infrastructure, is built on FlexPod™, a solution that includes:
- Intel® Xeon® processor-based Cisco Unified Computing System™
- Cisco Nexus® Series Switches
- NetApp Clustered Data ONTAP storage
Granite Labs is considered one of the largest software-defined data centers in the world, hosting more than 50,000 virtual machines with about 16,000 online at any given time. This environment, which provides engineering, training, and pre-sales support, will be the first service that migrates onto the full Cisco ACI framework, Sanchez says.
Simpler migration of network infrastructure
The architecture will simplify the migration process, he explains.
"We're replicating our existing network methodologies and components, and then bringing them into ACI with its comparable technologies filling any gaps. So instead of VLANs, for example, we have EPGs [Endpoint Groups].”
According to Sanchez, Symantec should save about a year in the migration process thanks to Cisco ACI's automation capabilities. The company wanted to simplify a network that was tough to maintain because it not only included some unsupported end-of-life products, but also was a challenge to configure, as it was essentially two networks with equipment from different vendors.
The old network was so complex that Symantec outsourced help to maintain it, but "building a new, fresh, clean network on ACI" will simplify how support is provided, allowing the company to bring that function in house.
The result? Sanchez says they'll go from around 1200 outsourced people supporting them to around 500 or 600 in house.
"We're going to provide the same or better service with half or fewer people than we currently have supporting IT, and that's primarily due to ACI," Sanchez says.
Reducing errors through centralized automation
Currently, when Sanchez's team deploys new services or expands capacity for an application, someone must access a firewall and change rules manually. That's where human error can creep in to potentially create security issues, as a port no longer needed may remain open. Cisco ACI's automation features will speed up deployment and eliminate potential security issues caused by that kind of mistake.
"Automation is key to everything that we do," he says.
The architecture will also provide Symantec "huge" scalability, says Sanchez, allowing his team to support the growing number of applications and services it will be taking on.
Self-service functionality gains
The architecture's self-service functionality will eventually "provide our customers the ability to go through a portal, ask for what they need, and—in as many cases as possible—allow us to provide that service without actually engaging a person to provision servers, network, and even services," he says.
Sanchez is thrilled with the architecture's potential. He believes Cisco ACI will help move the company to a world in which the skills required to build and maintain a network are harmonized with those necessary to develop applications. It's a game-changer that has many network experts keyed up.
"I'm really excited because [Cisco ACI] is the first fundamental change to networking that we've seen in a decade or even longer," Sanchez says.