Cisco Switzerland Technology Blog

A glimpse of the Intent-based datacenter

Thursday, 24 May 2018

We remain on board our time machine. After visiting the age of technological changes in modern networking, we saw the achievements brought by the policy model, in handling flexible service deployment and dynamic network configuration. In this journey, we will discover how the growth of applications affected the datacenter strategy, in the context of topology and traffic patterns. We will tell you the story about how the proliferation of policies have given birth to a new initiative – the “Intent-based datacenter”, as we call it.

During the past decade, multiple datacenters have been built on various locations across the globe. This geographical diversity made them an attractive hosting solution for numerous services, including millions of workloads. In parallel, the requirement for large-scale, highly-available and secure services, demanded the development of novel datacenter strategies based on recurrent improvement cycles. These changes have been principally guided by the following two influencers:

  • Topology – spine-leaf topology has evolved the datacenter architecture to a more efficient model.
  • Traffic patterns – east-west traffic predominance vs. north-south, due to increased intra-communication between applications and micro-services.

One of the pioneer concepts in today’s datacenter is the Intent-based network. But what is Intent?

The Intent intends to describe a final state, without specifying the transitions towards that state. For instance, you would like a cake and you know which ingredients its needs to have, but you don’t have the recipe. And you don’t need it, because all you want to have, is a ready-made cake. Similarly, Intent-based networking [1, 2, 3] consists in describing the desired effect of the network (what I want from the network, who should talk to who, etc.) and providing assets and intelligence to reach that state (interfaces, overlays, protocols, functions, etc.). The Intent-based approach consolidates the following 3 stages:

  1. the user formalizes the Intent within a policy format
  2. the management layer / orchestration engine enforces the policies into the network using REST interfaces
  3. the monitoring tool provide continuous feedback loop to changing conditions

All of these have one goal in common: automatic service deployment and network configuration, improved application performance and security, trade-off between infrastructure cost and performance, ensured IT compliance, etc.

The way we accomplished delivering this, is by applying well-proven techniques to well-known architectures. Deep in the core we base on methodologies such as: promise theory, machine learning, data science, formal methods to network verification, etc. to build the most significant pillars of the datacenter ecosystem (ACI, Tetration, Network Assurance Engine). We allowed the application to make a full impact in deriving new businesses. Now the application holds the key to Intent-definition and passes the token to Context-description directly to the infrastructure. The new datacenter topologies have triggered innovation in the design of hardware solutions. Consequently, this has brought major improvements to the industry-grade infrastructure capabilities.

Currently we are in the stage where the datacenter is no longer the limit.

Our applications run in multiple spaces, over heterogeneous hardware and virtual software solutions. Taking this into perspective, Cisco has established its own datacenter strategy based on the following 4 postulates: (I) Multi-cloud, (II) Application aware, (III) Hardware innovation, and (IV) Capture of Intent. In a nutshell, the Intent-driven datacenter is crafted towards the support of next-generation applications and management systems. It addresses the pain points of both, the DevOps and the Cloud engineers and it’s split in two dimensions: services and location. This means that the technology should be location agnostic and capable or running – any type of service workload (consumer, provider, hybrid applications, and L2-7 services) – anywhere (across private, public cloud, and hybrid cloud, and multiple cloud operators). Therefore, mechanisms that allow for integration of workloads and coordinated management, including open northbound interfaces – are essential in order to circumvent the undesired silo-effect. Furthermore, the increased mobility and connectivity at any level, raises the importance for efficient assessment of security risks as a business-critical factor. One of the means to ensure prompt reaction to security threat, is the collection of real-time telemetry data in persistent feedback loop, which can trigger automatic changes upon alarming state. Thus, providing a secure data-protection model that abstracts the workload from the underlying network details, while reducing operational complexity is a must.

Wrapping up the Cisco datacenter strategy, leads us to the end of the third journey. The next and final blog, will reveal: (1) the challenges that the Intent-based datacenter encountered, and (2) the Cisco technology portfolio that joined the recent convergence trends between policy-based networking and Intent-driven datacenter, into a new initiative – ACI Anywhere.


[1] Cisco Intent Networking,

[2] Gartner Intent-based networking,

[3] Intent-based networking explained,

Leave a comment