An interesting aspect of Cisco's new strategic direction with its Intent-based enterprise networking is that the company has made a major bet on developing proprietary ASICs rather than relying on merchant Ethernet switching silicon from Broadcom, Cavium, Barefoot, Innovium or other merchant semiconductor suppliers. There are a number of reasons why the company may have chosen this approach.
First, with Broadcom dominating the market for Ethernet switching silicon, it does not help Cisco's market positioning when many competing vendors have similar switches with matching port counts and speeds. Cisco commands a margin premium and to defend over the long term it may have been necessary to pursue a silicon development program. Second, the costs of developing switching silicon may have declined in relative terms to the market opportunity. Consider that several start-ups, including Barefoot, Innovium and Xpliant (now part of Cavium), gathered sufficient venture funding to attempt entering the market. If the costs were too high, the angel investors would not have taken the risk, so one can assume that large vendors, such as Cisco do have the financial resources to proceed with in-house silicon development. Third, while merchant silicon is becoming more programmable, Cisco may see benefits in a proprietary chipset with APIs for select ecosystem partners.
Cisco's Intent-based networking builds on its Digital Network Architecture (DNA) and its widely-installed Catalyst line of campus, branch and access Ethernet switches.
The new line of Catalyst switches are the 9000-series -- out of sequence compared to previous Catalyst generations, including the 2900 series, 3600, 3800, 4500, 6500 and 6800 series. The 9000-series branding makes sense, however, when considering the company's data centre switches. The Cisco Nexus 9000 series is its flagship data centre switch, so it makes sense that the Catalyst 9000 series be positioned as the flashing enterprise switch.
Comparison with Nexus data centre switching line
Cisco's Nexus data centre switching line also differentiates from the competition using proprietary silicon but powers some models with Broadcom. The latest generation of Nexus switches, announced in March 2016, includes a new Nexus 9000 model based on its custom ASIC and a Nexus 3000 model based on Broadcom's Tomahawk silicon. In terms of Nexus network architecture and software programmability, Cisco is supporting three choices: its own, full-bore Application Centric Infrastructure (ACI) architecture, running on the APIC controller in its Nexus 7K and flagship 9K switches, a programmable fabric vision that could also be supported on the new Nexus 3000 switches with Broadcom silicon, and a lighter programmable network architecture running on any of the Nexus switches and featuring NX-OS enhancements for devops, automation and segment routing.
Performance is a key argument for the custom silicon. With the new Nexus 9000 switches, Cisco said it will achieve industry-leading performance for 100 Gbit/s, with 25% more non-blocking performance, at 50% the cost of comparable solutions, plus greater reliability and lower power. In addition, Cisco is announcing a new Nexus Fabric Manager that automates the fabric lifecycle management with a point-and-click web interface and offers automated configuration snapshots and rollback. Nexus Fabric Manager builds and self-manages a VXLAN-based fabric, dynamically configuring switches based on simplified user-based actions. An IT manager can fully deploy a VXLAN-based fabric in just three steps, complete with zero touch provisioning, and can upgrade all fabric switches to a new software release in 'four mouse clicks'.
There are no performance comparisons yet for the Unified Access Data Plane (UADP) 2.0 ASIC that powers the new Catalyst 9000 series, but the company has said that it is highly programmable. One example of this flexibility is the unique encrypted traffic analytics that will supported. This capability leverages the power of the ASIC along with Cisco's Talos cyber intelligence and machine learning to analyse metadata traffic patterns. Cisco said this enables the network to identify the fingerprints of known threats even in encrypted traffic, without decrypting it and impacting data privacy. Cisco claims it can detect threats in encrypted traffic with up to 99% accuracy, with less than 0.01% false positives. This capability was developed essentially over the course of several months.
Automation and programmability key themes for switching silicon
Other silicon vendors are pursuing automation and programmability as well. Earlier this month, Broadcom unveiled a new generation of its widely-deployed Trident switching silicon for data centre, enterprise and service provider networks. The new StrataXGS Trident 3 switch family, aimed at networks transitioning to high density 10/25/100 Gigabit Ethernet, is manufactured in 16 nm and designed to support fully programmable packet processing, while achieving significant cost and power efficiency. It builds on Broadcom's widely deployed StrataXGS Trident and Tomahawk switch products, offering fully programmable, line-rate switching. It supports new protocol parsing, processing and editing for Service Function Chaining, network virtualisation and SDN. It offers programmable support for new switch instrumentation capabilities such as in-band and out-of-band network telemetry. The StrataXGS Trident 3 also retains complete functional compatibility to with StrataXGS Trident 2 and Trident 2+ based networks, widely adopted by network equipment manufacturers. The chip supports forwarding databases for L2 switching, L3 routing, label switching and overlay forwarding. Broadcom promises 3xincreased ACL scale to support evolving policy/security requirements.
Barefoot Networks, a start-up based in Palo Alto, California, has garnered considerable attention for its Tofino switching chip which boasts 6.5 Tbit/s of overall capacity, and a strategic investment from Google, as well as engagements with Alibaba, Baidu and Tencent . Barefoot has said its Tofino silicon, which has been sampling since November 2016, excels for its programmable forwarding plane. Recently, the company disclosed ongoing work with AT&T and SnapRoute to deliver what it believes is the first real-time path and latency visualisation. Utilising Tofino and In-band Network Telemetry (INT), AT&T was able to gain deep insight into the network down to packet-level for the first time to help to address bottlenecks caused by path or latency variation. Barefoot noted it took 6 weeks to develop the visualisation capability before it was deployed into AT&T's production environment carrying live customer traffic over a Washington DC to San Francisco link. Barefoot has also announced a partnership with Taiwan-based network switching equipment firms Edgecore Networks and WNC. As a side note, Barefoot Networks was co-founded by Nick McKeown, a Stanford professor and co-founder of Nicira (acquired by VMware), Martin Izzard, Pat Bosshart and Dan Lenoski VP Engineering.
Inovium is another Silicon Valley based start-up that is making a run at scalable Ethernet silicon for data centres switches. Its TERALYNX is claimed to be the first single switching chip to break the 10 Tbit/s performance barrier. It also offers telemetry, line-rate programmability, the largest on-chip buffers and ultra low-latency. The chip is expected to sample in Q3 2017. Innovium’s TERALYNX promises to include support for 10/25/40/50/100/200/400 Gigabit Ethernet standards. It will deliver 128 ports of 100 Gbit/s, 64 ports of 200 Gbit/s or 32 ports of 400 Gbit/s in a single device. This may make it more suited for data centre switches than campus or branch offices.
Some concluding observations
While Cisco may be going down the path of proprietary silicon for its flagship switching platforms, the many other players in this market segment appear set to benefit from innovations coming from Broadcom and the new merchant silicon suppliers. Arista, in particular, continues to thrive despite the many legal challenges presented by Cisco. Earlier this month, Arista rolled out key enhancements to its R-Series platforms, which are based on Broadcom's Jericho+ switching silicon. The latest Arista R-Series platforms provide over 150 Tbit/s of capacity for switching and routing applications with cloud-driven Arista EOS software technologies including Arista FlexRoute and AlgoMatch. Arista is also known to use Cavium's programmable Xpliant switching silicon in other platforms, giving it a multi-vendor approach to the market.
