Download - ECI - The Elastic Network - winds of change
3
100+ YEARS OF CHANGE UNTIL NOW
Operator Switchboards
1880s
Automated Switching
1940s
Data and Modems
1980s
Multi-Wavelength Fiber 1990s
© All Rights Reserved ECI 2015
4
AGENTS OF CHANGE TODAY
The Cloud brings surging bandwidth and new traffic patterns
The Internet of Things drives access anywhere anytime
Open Networks enables virtualization and new models for delivering services
Security now becomes even more complex and important
© All Rights Reserved ECI 2015
7
THE CLOUD
• Business flexibility and cost savings driving migration of applications to the cloud
• Users seeking transparent and always-on experience
© All Rights Reserved ECI 2015
8
MOVING TO THE CLOUD
Corporate
VoIP GW
ERP, CRM
Storage, DB
Email, Web, Video
Packet Optical Transport
Software as a Service (SaaS)Infrastructure as a Service (IaaS)Platform as a Services (PaaS)
DC
DC
DC
BranchBranch
PublicPrivateHybrid
© All Rights Reserved ECI 2015
9
CLOUD CONNECTIVITY APPLICATIONS
DCI Backbone
• 10GbE to 100GbE interfaces
• P2P or network
Cloud Connect
• Private/private/hybrid cloud access
• 100MbE to 10GbE interfaces• P2P or network
SAN Connect• Storage device
connectivity for business continuity
• GbE and FC interfaces• P2P
StorageCompute
Data Center
Data Center
© All Rights Reserved ECI 2015
10
CLOUD CONNECT
Enterprise access to their hosted applications in private, public, or hybrid clouds.
Needs: User Transparency (high speed with
low latency) Scalability as communications need
grow High availability
2014 2018
57
128
PaaS SaaS IaaS Series4
* Industry Sources
The Growing Cloud Technology DemandWW Public IT Cloud Services Spending by
Segment ($B)
© All Rights Reserved ECI 2015
11
SAN CONNECT
Data storage distribution and synchronization for business continuity.
Needs: Connectivity for all FC and GbE interfaces High bandwidth with low latency for active-
active synchronization High availability with automatic switchover High security for very sensitive data
plan to use cloud storage
23%
currently use cloud storage
60%
Cloud Storage Usage
* Industry Sources
© All Rights Reserved ECI 2015
12
DATA CENTER INTERCONNECT BACKBONE
Service distribution between data centers, as if within a data center.
Needs: Low cost bandwidth Scalability – ease of growth based on
demand High availability Flexibility
2013 2018
WW Data Center Traffic(1GB file transfers/hour)
Data Center to End User Data Center to Data Center
81
192
* Industry Sources
© All Rights Reserved ECI 2015
13
CLOUD OPPORTUNITIES
Superior offering to enterprises for access to hosted applications Transparent always-on connectivity
Superior offering to data center operators for data center interconnect Unlimited flexible bandwidth
© All Rights Reserved ECI 2015
15
THE INTERNET OF THINGS
The networked connection of people, processes, data
and things so that “everything”
joins the network
People
DataThings
Processes
© All Rights Reserved ECI 2015
17
IOT EXAMPLE
Multi-user location reporting plus big data analytics delivers real-time personalized traffic routing
© All Rights Reserved ECI 2015
18
ANOTHER IOT EXAMPLE
1. Micro-sensors on or in your body determine you are having a heart attack
2. Your smart phone relays your condition and position to an emergency response center
3. The nearest emergency medical team (EMT) is dispatched
4. Your insurance company, which monitors everything through “big data”, sends you a text
© All Rights Reserved ECI 2015
19
IOT OPPORTUNITIES
Accelerating shift to uniform packet-based network
New offering of E2E multi-object management (??)
Can leverage for capital investment in new technologies (e.g. packet-optical integration) to make the network more efficient
© All Rights Reserved ECI 2015
21
SDN IN DATA CENTERS IS ALREADY A REALITY
Open control protocols (e.g.
OpenFlow)
Data Center Traffic Flow Problem: Complexity Inconsistent policies Inability to scale Vendor dependence Cost
SDN Solution: Decoupling of control plane from data plane Broadly deployed today in data centers
© All Rights Reserved ECI 2015
22
WHY SDN IN THE WAN?
Seamless inter data center communication to create the Cloud (virtualized LAN connectivity)
Vendor interoperability to lessen dependence on closed vendor solutions
Facilitate building overlay networks
Fast creation of connectivity applications
© All Rights Reserved ECI 2015
23
CHALLENGES FOR SDN IN THE WAN
Main factor in resolving these challenges is TIME
Need for orchestration to scale across multiple SDN controllers
Dealing with multiple WAN routing protocols (e.g. VXLAN, GRE, GRE IPsec, Geneve)
Open standards agreements Legacy equipment Critical mass
© All Rights Reserved ECI 2015
24
SDN OPPORTUNITIES
Start assessing today how to evolve your particular network to SDN
Network optimization
New revenue opportunities
© All Rights Reserved ECI 2015
26
SECURITY CONCERNS
Corporate
VoIP GW
ERP, CRM
Storage, DB
Email, Web, Video
Packet Optical Transport DC
DC
DC
BranchBranch
Data Interception
System Infiltration
Data Exfiltration
© All Rights Reserved ECI 2015
27
MULTI-LAYER ENCRYPTION
Physical
OSI Layer
Data link
Network
Transport
ApplicationPresentation
Session
DWDM
1
2
3
4
5-7
IPsec
SSL
MAC
L1OE
Payload TCPHeader
PayloadTCP
HeaderIP/MPLSHeader
PayloadTCP
HeaderIP/MPLSHeader
MACHeader
Encrypted
Encrypted
Encrypted
PayloadTCP
HeaderIP/MPLSHeader
MACHeader
Encrypted
Increasing information encrypted
Only layer 1 OPTICAL ENCRYPTION (L1OE)
PROTECTS ALL message payload and addressing information
© All Rights Reserved ECI 2015
28
WHY L1OE – BECAUSE YOUR FIBER IS NOT SAFE
From using off-the-shelf clip-on devices to multi-billion dollar submarines
it is possible to tap a fraction of light from fibers without interruption
and intercept full communications
The ONLY DEFENSE against fiber tapping is
layer 1 optical encryption
© All Rights Reserved ECI 2015
29
L1 OPTICAL ENCRYPTION IMPLEMENTATION
Apollo NE-A
NE-A Private
Key
Apollo NE-B
NE-B Private
Key
Network Key Manager used by Enterprise customer to administer encryption of and monitor their links
Enterprise IT Admin
All management links protected by
TLS/SSL
Encrypted Optical Link
Cloud-based applicationsEnterprise office
Client agnostic10G and 100G linksNo overhead, wire speedDiffie-Hellman key exchange AES-256 encryption with GCM extensions
X.509 Authentication with third-party administration option
Intercepted data is indecipherable
© All Rights Reserved ECI 2015
30
Security Functions:
Payload HeaderPayload Header Payload Header… Payload Header
Security Applications
Public Domain Private Domain
Eventsdatabase
Inspects the packet header and
sometimes the payload
Used to construct• Inspect• Pass• Reject• Alert
• Flag
• Record• Investigate
CYBER SECURITY BASICS
© All Rights Reserved ECI 2015
31
Public DomainClassified Network
Organization Network
All Traffic InfoAll Log Info
1
2345
67
1
Big Data Analytics
Network Anomaly Detection
L1 – L3 Encryption
Secured Site GW (UTM)
Strong Authentication
Unidirectional Secure GW
DDOS Protection2
3
4
5
6
7
Real-time unified dashboard
LightSec-V
LightSEC™ CYBER SECURITY SUITE
31© All Rights Reserved ECI 2015
ECI Telecom Proprietary 32
NFV CYBER DELIVERY
Corporate
Packet Optical Transport DC
DC
DC
Branch Branch
NFV
D-NFV
VoIP GW
ERP, CRM
Storage, DB
Email, Web, Video
Virt
ualiz
ed
Virtualized
33
SECURITY OPPORTUNITIES
Increasing awareness of this pervasive threat is creating an opportunity to offer Enterprises value-added services
Encryption
Holistic Cyber protection
© All Rights Reserved ECI 2015
YOU NEED TO BE
ELASTICECI brings you ELASTIC networks so that YOU can quickly and seamlessly adapt to the rapidly evolving market.
34© All Rights Reserved ECI 2015
ECI Telecom Proprietary and Confidential 35
ELASTIC NETWORKS MEAN:
Controlling your network in real time
Quickly introducing new services and innovation
Seamlessly operating in multi-vendor environments
35© All Rights Reserved ECI 2015
36
UNLIMITEDCloud brings surging bandwidth and new traffic patterns
EFFICIENTMobile and the “Internet of things” drive access anywhere anytime
OPENNew revenue sources, new applications
SECURESecurity for open and programmable networks
DRIVEN BY THE NEEDS OF TOMORROW
© All Rights Reserved ECI 2015
37
SMARTLIGHT™ FRAMEWORK
Neptune
Apollo
LightSoft NMS
LightControl SDN Controller
LightSaver
LightInsight
LightWays
LightConnect
LightTime
LightAction
Control TransportAppsSecurity
37
LightSec
FOUR
INTERCONNECTED
LAYERS BRING OUR
ELASTIC NETWORKS
TO LIFE
© All Rights Reserved ECI 2015
38
LIGHTPORTATION™
CONVERGED PACKET-OPTICAL TRANSPORT
ACCESS METRO REGIONALLONG-HAUL
Apollo (OPT)Optical Transport with Packet Services
Neptune (NPT)Packet Transport with Integrated Optics
38
UNLIMITED BANDWIDTH
Security Apps Control Transport
MULTI-SERVICE
MULTI-TECHNOLOGY
© All Rights Reserved ECI 2015
39
LIGHTSOFT®
E2E NETWORK MANAGEMENT SYSTEM
UNIFIED NETWORK MANAGEMENT• Carrier Ethernet, MPLS,
DWDM, OTN, SDH• Full FCAPS
INTUITIVE
• Point-and-click E2E service creation
SCALABLE• 20K NEs, 1M trails &
tunnels
UNIFIED NETWORK MANAGEMENT• Path finding, QoS monitoring,
service restoration, CNM, more
OPEN
• Multi-vendor management via generic EMS
• Rich set of OSS interfaces
39
Security Apps Control Transport
© All Rights Reserved ECI 2015
40
LIGHTCONTROL™
MULTI-LAYER SDN CONTROLLER
ExpansiveOpenness
Real-time and programmable control logic
CONTROLLER
APPS
NETWORK
Carrier-grade controllerfor wide area networks
Centralized coordinated multi-layer control plane for packet-optical networking
Multi-layer network optimization
Security Apps Control Transport
40© All Rights Reserved ECI 2015
41
LIGHTAPPS™
SDN AppsBring the value of SDN applications to existing installed base and future SDN networks.
Power Optimization
LightConnect™
LightInsight™
Network Analytics
Bandwidth on Demand
LightAction™
LightSaver™
Network Programming
LightWays™
Traffic Congestion Management
LightTime™
Scheduled Services
41
Security Apps Control Transport
© All Rights Reserved ECI 2015
L1 – L3 Encryption
Unidirectional Secure GWB
ig D
ata
Ana
lytic
s
Secure S
ite GW
(UTM
)
Str
ong
Aut
hent
icat
ion
Netw
ork Anom
aly Detection
42
LIGHTSEC™
COMPREHENSIVE CYBER SECURITY
42
Security Apps Control Transport
© All Rights Reserved ECI 2015
ElastiNET™SERVICE PROVIDERS
ElastiGRID™UTILITIES
ElastiCLOUD™CLOUD NETWORKING
43
THE PERFECT SOLUTION FOR YOU
43© All Rights Reserved ECI 2015