What SD-WAN Means for Enterprise

Copyright 2015 Alcatel-‐Lucent. All rights reserved.

8/28/151


What SD-‐WAN means for Enterprise

Toshal DudhwalaAugust 25, 2015

The next generation Enterprise branch network and services

@tdudh


Agenda

§ State of Enterprise WAN§ What is SD-‐WAN?§ What is Nuage Networks doing?§ Use Cases

3


Adoption of Off-‐Premise Cloud services§ Off-‐premises cloud services to be $200B by

2018§ IaaS– to augment in-‐house infrastructure

during peak loads, keeping capex lower§ PaaS/CaaS – to speed up application

development and deployment§ SaaS – to allow experimentation with new

applications§ Hybrid Cloud becomes architecture of choice

§ Public cloud becomes too costly as the usage scales up

§ Want more control than public cloud offers§ The WAN becomes strategic

§ Corporate WAN traffic is forecast to grow at 15%/year through 2018

§ Cost savings is even more important

4

Source: www.ihs.com


Next Generation WAN RequirementsCustomer Current Network Key Requirements Driving Factors

Bank 3000+ ATM/branch locations2 x MPLS NetworksATM, Banking, Video, Internet

High BW (100Mbps) links for non-‐sensitive data with strong security for sensitive data

Enhanced services for customer (i.e. Agility) e.g. Video ATM

RestaurantChain

1000+ international locationsT1 MPLS linksPOS, Ordering Menu, Inventory

High BW (50 Mbps) links with 3G/4G connection as a backup for MPLS

Cloud based application with high BW access at branch sites

Retail Chain (Food, Drug, Clothing, etc)

7000+ locationsMPLS NetworkPOS, Inventory, VoIP

Managed VPN service (10Mbps) with converged services

Lower WAN OPEX cost

Government 100+ locationsT1 MPLS NetworkVoice

Load balance voice traffic on multiple WAN (MPLS, Microwave, LTE and Internet)

100% reliability via Hybrid WAN networks

5


State of Enterprise WAN Today

TRANSPORTDEPENDENT

LOCATION DEPENDENT

DEVICE DEPENDENT

MANUAL(TIME ‘DEPENDENT’)

ENTERPRISE WAN

1. Turn-up a new site

2. Reconfiguration of existing site3. Transport introduction/upgrades

4. L2-L4 VPN service configuration5. Security implementation6. Security assessment

7. L4-L7 application insertion8. Datacenter interconnection

9. Operational moves/adds/changes10. Service assurance/fault localization11. Service optimization/fault prevention

12. Device replacement13. Configuration auditing/compliance

14. . . .


What is SD-‐WAN?

SD-WAN promises to shift incremental control to enterprise IT

SD-WAN (Software Defined Wide Area Networks ) is a new model for the delivery of Enterprise services over WAN based on SDN principles

Overlay(offers(transport(choices(

Self%governance-of-service-func1ons-

--

IT-‐approach to network service

delivery


SD-‐WAN – Bigger picture

8

MPLS WAN

Internet

Site1

Site2

HQ/DC

SD-‐WAN enabled VPN Network

Centralized Policy and Control

Any-‐to-‐any network connection

Transport Independent

Intelligent Traffic control

Policy based Network managementAutomated branch

and Services orchestration


WAN Evolution with SD-‐WAN

TRANSPORTDEPENDENT

LOCATION DEPENDENT

DEVICE DEPENDENT

MANUAL(TIME ‘DEPENDENT’)

ENTERPRISE WAN

TRANSPORTINDEPENDENT

LOCATION INDEPENDENT

DEVICE INDEPENDENT

ENTERPRISE VNS

AUTOMATED(TIME ‘INDEPENDENT’)


Virtualized Network Services (VNS) – definition

10

• VNS (def.) : Enterprise focused solution aimed at automating the Enterprise WAN– Automating: device installation/replacement/upgrades, new transport introduction, VPN service instantiation,

IP/MPLS interoperability, traffic encryption, security enforcement, L4-‐7 application insertion, cloud-‐bursting, moves/adds/changes, service assurance, traffic analytics, policy auditing . . .

SOFTWARE DEFINED AUTOMATED NETWORKING

Seamless Cloud Integration

Flexible Deployment Model

Unified Services Policy


VNS – Componentry

11

VSP: Unified Multi-‐tenanted Policy and Control

Virtualized Services Controller (VSC)

Virtualized Services Directory (VSD)

. . . . Layer 4 Security Traffic

SteeringQoSLayer 3

NSG (Physical) NSG (Virtual)

Layer 2

✔✔

Bootstrap

§ Runtime topology engine

§ Federated control-plane manager

§ Instantaneous programming of the network

§ Unified policy-plane for mgmt of distributed end points

§ Business/IT Service engine (definition of rules)

§ Multi-tenant templates & Analytics

§ General-purpose compute platform

§ Lightweight data-path agent leverage HW acceleration

§ Security hardened with TPM/X.509/TLS-based identification

§ Multi-tenant/Multi-VPN with enhanced networking services


Mapping VNS to SD-‐WAN

12

Overlay(offers(transport(choices(

IT#approach*to*network*service*

delivery*

VSP: Unified Multi-‐tenanted Policy and Control

Virtualized Services Controller (VSC)

Virtualized Services Directory (VSD)

. . . . Layer 4 Security Traffic

SteeringQoSLayer 3

NSG (Physical) NSG (Virtual)

Layer 2

✔✔

Bootstrap

Self%governance-of-service-func1ons-

--


Traditional Branch

Control plane

BRANCH NETWORKING DEVICEManagement

plane

Forwarding plane

PROPRIETARY HARDWARE

VNS Branch

GENERAL PURPOSE COMPUTE

OPEN OSx86

Centralized Policy Manager

SDN Controller

SecurityTrafficSteeringQoS

Branch Networking for Cloud Era


Fixed

Office / Building Retail / Store Front Kiosk / ATM

Pop-‐up

Virtual

Private Datacenter

Temporary

Mobile workforce Public Datacenter (IaaS) Cloud Applications (SaaS)

What is Branch?

Branch (def.): Any location requiring attachment to Enterprise WAN


Private Data Center (or HQ)

VNS Deployment

15

MPLS WAN (Provider Networks)

Internet (3G, LTE, BB)

Site1

Site2

Public Cloud



VNS Deployment

16



Site1

Site2

Public Cloud

VSD

VSC

Enterprise admin


VNS Deployment

17



Site1

Site2

Public Cloud

VSD

VSC

Enterprise admin

Private Data Center (or HQ)NSG

NSG

NSG



Public Cloud

VNS Deployment

18

VSD

VSC



Site1

Site2

Enterprise admin

OF-‐TLS

NSG

NSG

NSG



Public Cloud

VNS Deployment

19

VSD

VSC



Site1

Site2

Enterprise admin

OF-‐TLS

Virtualized Network Services (VNS) WAN

VXLAN/MPLSoGRE

IPSec

NSG

NSG

NSG


… a fully automated, policy driven WAN

20


Public Cloud

VSD

VSC



Site1

Site2

Enterprise admin

OF-‐TLS

Virtualized Network Services (VNS) WAN

VXLAN/MPLSoGRE

IPSec

NSG

NSG

NSG



Public Cloud

Use Case #1 -‐ Hybrid WAN

21

VSD

VSC



Site1

Site2

Enterprise admin

NSG

NSG

NSG

ECMP across both links



Public Cloud


22

VSD

VSC



Site1

Site2

Enterprise admin

Voice

Video

NSG

NSG

NSG


Intelligent Traffic Steering



Public Cloud


23

VSD

VSC



Site1

Site2

Enterprise admin

Video

NSG

NSG

NSG


Intelligent Traffic Steering

Seamless Backup

XVoice



Public Cloud

Use Case #2 – Hybrid Cloud

24

VSD

VSC



Site1

Site2

Enterprise admin

NSG

NSG

NSG


VNS Business Case for Enterprise§ Large Enterprise with 200 branch

locations worldwide § Uses Multiple transport medium for VPN

connectivity § Over 80% saving in rollout cost

§ Using ZTP with policy based orchestration§ Over 40% saving in TCO (Total Cost of

Ownership)§ Template based policy allows easily and

automated management of branch network policies

25

1 2 3 4

TCO (U

SD)

YEAR

Traditional VNS

Savings 14% 34% 41% 65%


Summary

§ The decade-‐only WAN architecture is no match for today’s Enterprise business needs

§ SD-‐WAN is a next generation architecture to meet Enterprise next generation WAN requirements.

§ VNS provides an automated, policy based solution to deliver business services in a secured way

26

TRANSPORTINDEPENDENT

LOCATION INDEPENDENT

DEVICE INDEPENDENT

ENTERPRISE

WAN

POLICY DRIVENAUTOMATION

INTER OPERABLE

FLEXIBLE DEPLOYMENTMODEL


THANK YOU


nuagenetworks.net @nuagenetworks

What SD-WAN Means for Enterprise

Technology

Transcript of What SD-WAN Means for Enterprise