Post on 16-Apr-2017
Turbo-boosting Hybrid WAN
using SD-WAN
Mike Wood, VP MarketingParag Thakore, Director Product Management
Challenges With Today’s Hybrid WAN
Leverage
Internet link
Simple to deploy
& manage
Support cloud
adoption
Challenges
17% of the time, the Internet not
suitable for critical apps1
Enforce security and application
steering policy across hybrid WAN
Need to maintain performance &
control with SaaS
Current Hybrid WAN
No unified transport and policy,
complicated routing tuning
Fallback to MPLS when
Internet not performing
Lack cloud footprint requires traffic
backhaul to DC for control
Automation and Orchestration with SD-WAN
• Group business level policies for Hybrid
• Remote cloud provisioning
• Automatic Link measurement and conditioning
• App aware policies
• 3 Tier Multi-Tenant
• Role Based
• RestFul APIs
• Flexible deployment options
Service ProviderZero Touch Branch & ICOM
SDWAN
SP
Partners
Customers
On-premise or
cloud hosted
Challenges to Access On-Premise Applications
1/14/2016
Enterprise DC or
Regional Hubs
Active/Standby or Active-Active Internet+MPLS
ẋ Internet cant carry business grade traffic
ẋ Scale challenges on Branch CPE
Modernize Access to On-Prem Applications with SD-WAN
1/14/2016
Enterprise DC or
Regional Hubs
Controller
On-premise or
cloud-hosted
SD-WAN
SD-WAN
SD-WAN
Aggregates capacity to offer higher WAN utilization
Application and link condition aware per-packet steering
Sub-Second Blackout and Brownout protection to applications
Dynamic tunnels between SD-WAN endpoints would enable scale
Maintain COS awareness
Enables Internet-only and low TCO Hybrid WAN
1/14/2016
Complex to setup. Avoiding backhaul requires
full or partial mesh tunnel from branches to
VPCs
Poor Internet performance impacts user
productivity
Traditional WAN to VPC SD-WAN in Cloud
Simple to setup
Cloud SD-WAN eliminates mesh tunnel
requirement to VPCs
Centralized policy to control branch VPC
access
Assure performance, secure connectivity
SDWAN
SDWAN
SDWAN
SDWAN
SDWANSDWAN
Simple, High Performance Connection to IAAS
Challenge to Access SaaS
1/14/2016
SaaS BACKHAUL INTERNET
WAN SLAs and centralized security
ẋ Congest WAN
ẋ Backhaul latency penalty
ẋ Enterprise DC may be distance from
cloud DCs
DIRECT CLOUD ACCESS
Shortest path
ẋ Best effort Internet
Enterprise DC or
Regional Hubs
Controller
On-premise or
cloud hosted
SD-WAN for SaaS
1/14/2016
SDWAN
In Cloud
Enterprise DC or
Regional Hubs
SaaS
SD-WAN
SD-WAN
SD-WAN
SD-WAN
SD-WAN Cloud Access
Shortest path
SDWAN performance,
reliability and security
Aggregated virtualized
cloud connectivity
Deploy
stack of
branch
appliances
Backhaul
everything
Complexity
of redirecting
to cloud
services
OR OR
Complex Service Insertion
Have to make a choice how
to deliver network services
Backhaul all traffic is
inefficient and affects
performance
Investigate cloud-based
network services
1/14/2016
Ease of Network Services Insertion
1/14/2016
Branch Site
Enterprise Hub
On Premise
Email DLP
Other Web traffic
Salesforce.com
Web email
Internet
• One-click service insertion
• Virtual services platform at branch
• Optimized performance to remote cloud and
centralized enterprise services
• Partner ecosystem
Advanced
Firewall
NEW
SD-WAN SD-WAN
SD-WAN
SD-WAN for Cloud Service Provider
1/14/2016
SD-WAN
In Cloud
Enterprise DC or
Regional Hubs
SaaS eg
UCaaS
SD-WAN
SD-WAN
SD-WAN
SD-WAN
SD-WAN for CSP
Policy-based redirect
Sub-second blackout and brownout protection
On-demand remediation
Hybrid SD-WAN for Network Service Providers
1/14/2016
SD-WAN
SD-WAN
SD-WAN
Private Network
SD-WAN OTT On-Ramp
SD-WAN performance, reliability and security
Off-Net Deployments – Improved Profitability, Reach
Accelerate time to turn up new sites
Hybrid SD-WAN
SD-WAN
SD-WAN
SD-WAN
Deliver Richer Application Experience
Multi-Tenant SD-WAN
SD-WAN
VNF for SP Universal CPE/vCPE
Branch VNF can be service chained on SP
owned Universal CPE
Flexible Deployment Options
Runs on x86 COTS
Multi-tenant headend to interop with
Provider Edge Routers
1/14/2016
COTS
SP Headend
VNF
Branch
VNF
Virtual
SD-WANCust1
Cust2
SD-WAN – Summary
In
Branch
In Cloud
SaaS
Assured Application
Performance
Simplified IT operation, zero touch
deployments and one-click service
insertion
Direct cloud access with performance,
reliability and security
Business policy
automation
Managed on-ramp
to the cloud
In DC
Transport independent performance for the
most demanding apps, leverages economical
bandwidth
SD-WAN OverlaySD-WAN
SD-WAN
SD-WAN