a better architecture for hybrid wan - velocloud
TRANSCRIPT
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
A Better Architecture
for Hybrid WAN
Steve Woo, VP Products & Co-founder, VeloCloud
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
hybrid networknoun / hy – brid net - work
: combination of two or more different types of networks
: typically referring to combination of private and public WAN transport
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Challenge the Definition
Private WAN
Hybrid WAN
• Hybrid WAN bar is pretty low• Also only looking at one dimension of network – the transport
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Hybrid Transport - Tiers
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Bar is pretty lowHybrid WAN-use both public and private-BUT DISPARATE or-BACKUP ONLY
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Yes, SimplifySD-WAN Hybrid-unified usage of links-simplified policyBUT CRITICAL TRAFFIC RELIES ON PRIVATE SLA
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Shoot for the…
… Optimized Performance
TRANSPORT INDEPENDENT PERFORMANCE-Enable the use of any transport even for critical, network sensitive applications
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Hybrid WAN versus True Transport Independence
Policy Managed Hybrid
Priority Site-2-site
traffic
Private
Normal Site-2-site
traffic
Load balance private
and Internet
Cloud traffic Direct to cloud over
Internet
True Transport Independence
Site-2-site traffic:
Priority and
Normal
Dynamic Multi-Path Opt to automatically
select link, on a per-packet basis, based on
priority, app type and link performance
Cloud traffic
Priority and
Normal
Dynamic Multi-Path Opt over Internet links,
based on priority and link performance
• Most technologies simplify policy assignment of critical traffic to MPLS– Utilize broadband for low priority
– May also deploy local QoS
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Simplicity of Transport Independence
Abstract actual interface/WAN links from the
business policy
Automatic [default]
All Transport
Based on:
Business priority for app
App-specific network SLAs
Real-time link conditions
Automatically steer each app
onto a suitable available link
Per-packet re-steer a session
mid-flow if changing link
conditions necessitate
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Advanced SD-WAN for Hybrid
Assured Application performance over MPLS, Internet broadband and LTE circuits
Continuous Link Monitoring
Drives automation and
optimization
Dynamic Per Packet Steering
Sub-second steering
without session drops
Aggregated bandwidth for
single flows
On Demand Remediation
Protects against
concurrent degradation
Enables single link
performance
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Policy Based Link Steering Overrides
Pin an application to a path
even when the link fails
e.g. > PCI to compliant provider
Prefer application on a path but
steer away if cannot meet SLA
e.g. > Prefer high bandwidth
video conferencing on broadband
Prefer application on a path but
steer away if the link fails
e.g. > Wired to wireless
Add metered usage of wireless
Abstract actual interface/WAN links from the
business policy
Mandatory
Private
Available
Public Wired
Preferred
Public
Internet
Public-Wireless
Private
Public
Public-Wired
Private
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Target Advanced SD-WAN Hybrid
Private WAN
Hybrid WAN
• Much more possible with hybrid transport
SDWAN
Advanced
SDWAN
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Expanded
Dimensions for
Hybrid Network
Services
Private WAN
Hybrid WAN
SD-WAN
Advanced
SDWAN
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Shoot for the…clouds
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Legacy Hybrid Compute: Backhaul
Datacenter Branch Branch
• Not optimized for migration to cloud• Backhaul performance penalty
• Congests datacenter WAN
Internet
MPLS/Private
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Legacy Hybrid Compute: Best Effort Direct
Datacenter Branch Branch
• “Direct” to Internet
• Best effort for availability and performance
• Manual, two-sided secure tunnel setup
Internet
MPLS/Private
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WAN
SD-WAN On-Premises
SaaS / IaaS
SD-WAN
Edge
Enterprise DC
Edges in “hub” role at enterprise datacenters and regional hubs
On-premises Orchestrator and Controllers
Direct breakout to Internet for non-backhaul traffic
SD-WAN
Orchestrator
&
Controllers
Régional Hubs
Branch
Web
SD-WAN
Edge
SDWAN
Edge
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WAN
Cloud-Delivered SD-WAN
SaaS / IaaS
Enterprise DCBranch
Web
Cloud
Gateways
Pre-installed at cloud doorstep
Delivered as-a-service
Performance, Reliability & Security
SD-WAN extended to cloud for hybrid applications, compute and services
SD-WAN
Edge
SD-WAN
Orchestrator
&
Controllers
SD-WAN
Edge
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Hybrid Services Insertion
Branch Site
Enterprise Hub
On Premises
Security
Other Web traffic
Salesforce.com
Web email
Internet
• Backhaul to on-premises services
– Regional and central
• Forwarding to cloud services, with SD-WAN performanceCloud
Security
Services
SD-WAN service chaining for hybrid services
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Hybrid Network - Topologies
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WAN
Hybrid “Parallel” Topology
MPLS/Private
Internet MPLS and Internet to destination
Use both links in active/active or
active/backup
On-premises [bottom] purely OTT end-
to-end solution – not in SP network
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WAN
Hybrid “Off Net to On Net” Topology
MPLS/Private
Private core / backbone
Last mile / access is SD-WAN Internet or hybrid
Access to private network via enterprise regional
hub or service provider SDWAN gateway
SD-WAN in the (SP) network provides value-add
and strategic on-ramp
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WANSD-WAN
Hybrid “Regional WAN” Topology
MPLS/Private
Private network connects regional
SD-WAN domains
Branches cross regions via private net
Dynamic branch to branch only within a
region
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
SD-WAN
Hybrid “Mixed Sites” Topology
Silver Site / SD-WAN HybridExisting SP MPLS Router
New SD-WAN Edge
Legacy Site / HybridMPLS with
VPN backup
Bronze Site / SD-WAN
InternetSingle/dual
Internet
MPLS/Private
Internet
Legacy and SD-WAN hybrid and Internet sites can co-exist
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Advanced Services
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Engineered Performance vs SLA
>99% of the time SD-WAN
delivers quality VOIP over
the Internet
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Unified OTT Security
Branch SiteEnterprise DC
Hub Edge
Branch
Edge
Enterprise DC
Traditional
Private
Datacenters
INTERNET
Cloud Gateways
Private - MPLS
IPsec VPN
Same IPsec VPN, whether public or private transport – to Ent and cloud DCs
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Simplified Cloud VPN
Branch SiteEnterprise DC
Enterprise DC
Cloud traffic not backhauled to enterprise datacenter
Cloud gateway provides automated branch VPN to
aggregated cloud connection
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Full Potential of SD-WAN Hybrid Networks
Services
Cloud-
Delivered
SD-WAN
Network (as
a) Service
On-Premises
SD-WAN
Enterprise
Apps
Hybrid Apps
SaaS / IaaS
Private WAN
Hybrid WAN
SD-WAN
Advanced
SD-WAN
On-Premises
Services
• Flexibility
• Synergy
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Next:Maximizing SD-WAN Architecture with
Service Chaining
Live webinar on Aug 17 at 10am
VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016
Thank You