Cisco Intersight

Basic Information

Cisco Intersight is a cloud operations platform providing advanced infrastructure and workload optimization. It streamlines the management of Cisco compute infrastructure, including Cisco Unified Computing System (UCS) and Cisco HyperFlex hyperconverged infrastructure (HCI), along with certain third-party targets. The platform came to fruition in 2017, with a full-featured release anticipated in 2020.

• Model: Cloud operations platform, offered as Software-as-a-Service (SaaS) or as a Virtual Appliance.
• Version: Continuous delivery model with weekly updates and enhancements.
• Release Date: Initial availability in Q4 2017. Full-featured release expected in 2020.
• Minimum Requirements: Vary by deployment model. For Connected Virtual Appliance (CVA) medium deployments, 24 vCPU, 64 GB RAM, and 2 TB storage are required. Large CVA deployments need 48 vCPU, 96 GB RAM, and 2 TB storage.
• Supported Operating Systems (for managed servers): Rocky Linux (9.x, 8.x), Red Hat Enterprise Linux (RHEL) (full ISO image, UEFI Secure Boot not supported on IMM servers), SUSE Linux Enterprise Server (not supported in Embedded mode with SCU on IMM servers), Ubuntu (24.04.1, 24.04), and VMware ESXi (7.0 U2+, 9.0 with custom ISO).
• Latest Stable Version: As a SaaS platform, Intersight receives continuous updates; there is no single "latest stable version" number. Virtual appliance upgrades are available, with the ability to skip one upgrade, though not recommended.
• End of Support Date: Intersight as a service is continuously supported. End of Support (EOS) dates apply to the managed Cisco UCS and HyperFlex hardware and their software releases, which Intersight alerts users about. Cisco's general software support policy is typically one year from the end of sale date.
• End of Life Date: Similar to EOS, End of Life (EOL) dates are relevant for the managed hardware and software, with Intersight providing advisories.
• License Type: Subscription-based. The licensing model was simplified in April 2023 to two tiers: Cisco Intersight Infrastructure Services Essentials and Cisco Intersight Infrastructure Services Advantage. Specific licenses exist for Intersight CVA/SaaS and Intersight PVA.
• Deployment Model:
  • Software-as-a-Service (SaaS): Cloud-hosted on Intersight.com.
  • Connected Virtual Appliance (CVA): On-premises deployment that connects to Intersight.com.
  • Private Virtual Appliance (PVA): On-premises deployment for air-gapped environments, operating as a self-contained, offline instance.

Technical Requirements

• RAM:
  • Connected Virtual Appliance (CVA): 64 GB for medium deployments (up to 500 servers), 96 GB for large deployments (up to 8,000 servers).
  • Private Virtual Appliance (PVA): Similar requirements to CVA.
• Processor:
  • Connected Virtual Appliance (CVA): 24 vCPU for medium deployments, 48 vCPU for large deployments.
  • Private Virtual Appliance (PVA): Similar requirements to CVA.
• Storage:
  • Connected Virtual Appliance (CVA) and Private Virtual Appliance (PVA): 2 TB.
• Display: Not directly specified for Intersight itself, as it is a web-based platform. Access is via standard web browsers.
• Ports:
  • Device Connectors to Intersight Platform: Outbound initiated HTTPS connections on port 443 to svc.intersight.com.
  • Connected Virtual Appliance (CVA): HTTPS port 443 for user access, requires connectivity to Intersight.com, smart licensing, and Cisco download page.
• Operating System (for hosting virtual appliances): VMware ESXi 7.0 or higher. Also supports Microsoft Hyper-V Server VM and KVM hypervisors.

Analysis of Technical Requirements

Cisco Intersight offers significant deployment flexibility, catering to various enterprise needs. The SaaS model minimizes local infrastructure demands, requiring only network connectivity for managed devices. For organizations with data locality or security mandates, the on-premises virtual appliances (CVA and PVA) provide robust alternatives. These virtual appliances, particularly for larger deployments, necessitate substantial virtual machine resources, reflecting their role in managing extensive enterprise infrastructure. Key technical considerations include ensuring proper network connectivity, especially for SaaS and CVA models, to facilitate communication with Cisco's cloud services. Accurate DNS resolution and NTP synchronization are critical for reliable operation. The platform's broad support for major Linux distributions and VMware ESXi for managed servers ensures compatibility with diverse data center environments.

Support & Compatibility

• Latest Version: Intersight operates on a continuous delivery model, with weekly updates and enhancements automatically pushed to the service.
• OS Support (for managed servers): Supports OS installation for Rocky Linux (9.x, 8.x), RHEL (full ISO), SUSE Linux Enterprise Server (not in Embedded mode with SCU), Ubuntu (24.04.1, 24.04), and VMware ESXi (7.0 U2+, 9.0 with custom ISO).
• End of Support Date: Intersight as a service is continuously supported. End of Support (EOS) dates apply to the managed Cisco UCS and HyperFlex hardware and their associated software releases. Intersight provides advisories for these dates. Cisco's general policy indicates software support typically lasts one year from the end of sale date for products.
• Localization: Supports data sovereignty requirements, such as a consistent user experience in regions like EMEA.
• Available Drivers: Intersight manages firmware updates and Hardware Compatibility List (HCL) compliance checks for connected hardware. For OS installation, specific images and versions are supported, and for ESXi 9.0, a custom ISO with the latest Cisco drivers is necessary.

Analysis of Overall Support & Compatibility Status

Cisco Intersight provides a robust and continuously evolving support and compatibility framework. Its SaaS delivery model ensures that users always access the latest features and security updates without manual intervention. The platform supports a wide array of Cisco UCS and HyperFlex systems across multiple generations, along with integration capabilities for third-party infrastructure. Comprehensive OS compatibility for managed servers, including leading enterprise Linux distributions and VMware ESXi, highlights its versatility in heterogeneous environments. While Intersight itself benefits from continuous support, users must actively monitor the End of Life (EOL) and End of Support (EOS) dates for their underlying hardware and software, which Intersight proactively communicates through advisories. The platform's ability to manage firmware and facilitate HCL compliance for connected devices simplifies maintenance and ensures operational consistency. Localization features, particularly for data sovereignty, further enhance its global applicability.

Security Status

• Security Features: Multi-factor authentication, role-based access control (RBAC), data isolation, secure telemetry and configuration information storage, and a single point of egress for virtual appliances. Supports industry-standard security protocols including HTTPS, TLS, and AES.
• Known Vulnerabilities: Cisco regularly publishes security advisories and integrates fixes. Recent advisories include CVEs related to Cisco Integrated Management Controller (IMC) Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting, Cisco UCS Manager Software Stored Cross-Site Scripting, Command Injection, and Sensitive Log Information Disclosure.
• Blacklist Status: No general blacklist status is applicable to the Intersight platform itself. Security advisories address vulnerabilities in managed components.
• Certifications: ISO 27001 certified for information security management systems.
• Encryption Support: Supports encryption for data in transit (HTTPS, TLS) and at rest (AES).
• Authentication Methods: Multi-factor authentication (MFA) and Single Sign-On (SSO) using corporate credentials via SAML 2.0.
• General Recommendations: Stay updated with the latest Intersight releases (automatic for SaaS), apply firmware updates to managed hardware, and review Cisco Security Advisories regularly. Configure appliance backups for virtual appliance deployments.

Analysis on Overall Security Rating

Cisco Intersight maintains a strong security posture, underpinned by its cloud-native architecture and adherence to industry best practices. Key security features like multi-factor authentication, robust role-based access control, and comprehensive encryption for data in transit and at rest provide a secure management environment. The platform's ISO 27001 certification further validates its commitment to information security. Cisco proactively addresses known vulnerabilities through continuous updates for the SaaS offering and regular advisories for managed hardware, ensuring timely remediation. While Intersight itself is designed with security in mind, the overall security rating is also dependent on the security of the managed infrastructure. Users are encouraged to leverage Intersight's capabilities for firmware management and HCL compliance, and to follow Cisco's security recommendations, including regular review of advisories and proper configuration of virtual appliances, to maintain a high level of security across their IT estate.

Performance & Benchmarks

• Benchmark Scores: Not directly applicable to Intersight as a management platform. Performance metrics relate to the efficiency and scalability of managing infrastructure.
• Real-World Performance Metrics: Provides global health monitoring, inventory, and detailed performance metrics for managed servers, chassis, fabric interconnects, and HyperFlex systems. Offers insights into CPU utilization, storage capacity, and network performance. Scalability for CVA deployments ranges from 500 to 8,000 managed servers.
• Power Consumption: Intersight can manage power policies for servers, BIOS, and OS, and supports dynamic power rebalancing. It also includes fan control modes, such as Maximum Cooling, for optimal thermal management.
• Carbon Footprint: Not directly measured for the Intersight platform itself. Its efficiency in managing infrastructure can contribute to optimized resource utilization and potentially reduced energy consumption in data centers.
• Comparison with Similar Assets: Intersight simplifies data center operations by delivering systems management as-a-service, offering a single interface for managing diverse Cisco and third-party infrastructure. It contrasts with traditional on-premises management tools by providing cloud-based analytics, automation, and proactive support.

Analysis of Overall Performance Status

Cisco Intersight's performance is measured by its ability to efficiently manage and optimize complex IT infrastructure. As a cloud-based platform, it delivers high scalability and responsiveness for monitoring and controlling a large number of distributed devices. Real-world performance is demonstrated through its comprehensive telemetry collection, providing detailed metrics on server, storage, and network components, which enables proactive identification and resolution of issues. The platform's automation capabilities, such as policy-based configuration and firmware updates, significantly reduce manual effort and improve operational efficiency. While Intersight itself does not have traditional hardware benchmarks, its ability to manage power policies and thermal controls on managed devices contributes to optimized energy use within the data center. Compared to traditional on-premises management solutions, Intersight offers a more agile, centralized, and intelligent approach, leveraging machine learning and analytics to enhance operational insights and automation, ultimately leading to improved infrastructure performance and reduced total cost of ownership.

User Reviews & Feedback

User reviews and feedback generally highlight Cisco Intersight's strengths in simplifying infrastructure management and providing a unified view across diverse environments.

• Strengths:
  • Centralized Management: Provides a single-pane-of-glass for managing Cisco UCS and HyperFlex, and integrates with third-party systems.
  • Automation: Automates many daily tasks, including provisioning, configuration, and firmware updates, leading to increased efficiency.
  • Cloud-Delivered: Offers the benefits of SaaS, including continuous updates, accessibility from anywhere, and reduced maintenance overhead.
  • Proactive Insights: Leverages machine learning and analytics to provide recommendations, HCL compliance checks, and proactive problem identification.
  • Scalability: Designed to manage distributed environments from core to edge.
• Weaknesses:
  • Connectivity Requirements: The Connected Virtual Appliance (CVA) requires periodic communication with Intersight.com, which can be a concern for highly restricted networks.
  • Resource Demands for Virtual Appliances: On-premises virtual appliance deployments can be resource-intensive, requiring significant vCPU, RAM, and storage.
  • Learning Curve: While intuitive, the breadth of features and policy-driven management may present a learning curve for new users.
  • Dependency on Cisco Ecosystem: While it integrates with some third-party solutions, its core strength lies within the Cisco UCS and HyperFlex ecosystem.
• Recommended Use Cases:
  • Managing distributed data centers, remote sites, branch offices, and edge environments.
  • Automating server provisioning, configuration, and firmware lifecycle management.
  • Ensuring compliance and consistency across infrastructure deployments.
  • Proactive monitoring and troubleshooting of Cisco UCS and HyperFlex systems.
  • Organizations seeking a cloud operating model for their hybrid IT infrastructure.

Summary

Cisco Intersight is a powerful and versatile cloud operations platform designed to simplify and automate the management of modern IT infrastructure. Its core strength lies in its ability to provide a unified, intelligent management layer for Cisco UCS and HyperFlex systems, with growing support for third-party hardware and software. The platform's flexible deployment models—SaaS, Connected Virtual Appliance, and Private Virtual Appliance—cater to diverse organizational needs, from full cloud adoption to strict on-premises and air-gapped environments. This flexibility, combined with a continuous delivery model for updates, ensures that users always benefit from the latest features and security enhancements.

Key strengths include its comprehensive automation capabilities, which streamline provisioning, configuration, and firmware management, significantly reducing operational overhead. Intersight's use of machine learning and analytics provides proactive insights, HCL compliance checks, and intelligent recommendations, moving organizations from reactive troubleshooting to predictive maintenance. The robust security features, including ISO 27001 certification, multi-factor authentication, and strong encryption, underscore Cisco's commitment to protecting managed environments.

However, potential weaknesses include the substantial resource requirements for on-premises virtual appliance deployments and the necessity for consistent network connectivity for the SaaS and CVA models. While Intersight offers integrations, its deepest functionality remains within the Cisco ecosystem.

Overall, Cisco Intersight is highly recommended for enterprises seeking to modernize their infrastructure management, achieve greater operational efficiency through automation, and gain centralized visibility and control over their distributed IT assets. It is particularly well-suited for organizations leveraging Cisco UCS and HyperFlex, aiming for a cloud operating model, or requiring advanced policy-driven management and proactive support. The platform's continuous evolution and strong security posture make it a compelling solution for managing complex, hybrid IT environments.

Information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.