how to use sdn to innovate, expand and deliver for your business

How to use SDN to Innovate, Expand, Deliver for your business

Tristan LiverpoolUK&I Systems Engineering Manager

© F5 Networks, Inc 2

Advanced threats

Mobility

Technology Shifts Center on Applications…

Internet ofthings

SDA/Cloud

Quality ofexperience

Time to Market

Application

Availability

© F5 Networks, Inc 3

High Network Complexity

Years of deploying point products have resulted in complex, fragile network

topologies

that must be balanced against unique upgrade, patch and maintenance

schedules

Challenges in Scaling Modern Datacenters

Agile Flexible

each with its own unique set of CLI, GUI, API and

integration methods

Efficient

Infrastructure integration difficulties

Difficult to Manage Lots of Boxes

© F5 Networks, Inc 4

Challenges in Scaling Modern Datacenters

Clients

Application

Data Plane

Architect

VEsRouter Switch LB Firewall

Net Engineers & Admins

Time Consuming Error Prone ProcessDifficult to Debug

Manual & Scripted Configuration

© F5 Networks, Inc 5

Enterprise Needs a New Answer

Agile Dev

Failed to Address:Rapid deployment &network operations.

Driver:Rapid development of customer desired applications.

DevOps

Failed to Address:Network operations.

Driver:Rapid deployment. Accelerate time to market.

SDN

Driver:Operationalise the Network. Accelerate time to market.

✓

Analysts and statistics can make almost any claim…

© F5 Networks, Inc 7

Spurious correlations…

It would seem the less people that use IE the less murders occur in the US…

When it comes to applications the

numbers and costs, the correlations are very

real

© F5 Networks, Inc 9

It’s an application world

37% 641Nearly HalfGrowth of the web in

2013New applications per

dayof all organizations going mobile

© F5 Networks, Inc 10

Data volumes double every

18 Months

OPEX costs double every eight years

Applications double every

four years

Putting Pressure on Networks to Scale

Source: IDC Directions, Battle for the Future of the Datacenter: The Role of Disaggregated Systems, Mar 2014

“© F5 Networks, Inc 11

“High performing organisations deploy code 30 times more often and 8000 times faster than their peers, deploying multiple times a

day, versus an average of once a month. They also have double the change success

rate and restore service 12 times faster than their peers. The net results are lower business risk and more operational agility.”

—2013 State of DevOps Report,Puppet Labs

“© F5 Networks, Inc 12

What is SDN?

© F5 Networks, Inc 13

Overlay/Virtual Networking?OpenFlow? L2-3 Switch Control?

Service Chaining?

Commoditisation?Virtualisation?

Programmability?Abstraction?

What is SDN?

Related…

© F5 Networks, Inc 14

F5 Definition of SDN:

“SDN is a family of architectures (not technologies) for operationalising networks with improved time to market, reduced risks, and reduced operating expenses by centralising control into a control plane that programmatically controls and extends all network data path elements and services via open APIs.”

SDN is aboutOperationalising Networks

© F5 Networks, Inc 16

Net Engineers & Admins

Operationalised Network with SDN

Control Plane

Clients

Application

Data Plane

Architect’s IntentArchitect

VEsRouter Switch LB Firewall

Centralised KnowledgeRepeatable Config.

Manual & Scripted ConfigurationProgrammatic Configuration via Open APIs

© F5 Networks, Inc 17

SDN in the SDDC

Control Plane

Data Plane

Softw

are-

Defin

ed D

ata

Cent

er NBI

SDDC Orchestrator

SDN Controller

SDN Applications

LAYER 2-4Stateless Fabric

Applications

NVGREVXLAN

Service Chaining

Virtual & Overlay Networks

L4-7 Stateful Services ???

OPENAPIs

Architect / Lines of Business

© F5 Networks, Inc 18

Applications Rely on Stateful Layer 4-7 Services

Router Switch

LAYER 2-4STATELESSSERVICES

LAYER 4-7STATEFULSERVICES

FirewallIdentity and Access

DDoSProtection

Global Load Balancing

Malware Detection

ADC Application Security

Local LoadBalancing

Application Performance

Secure Web Gateway

VIRTUAL AND OVERLAY NETWORKING

F5 Synthesis Software Defined

Application Services

© F5 Networks, Inc 20

SDN in the SDDC

Control Plane

Data Plane

Softw

are-

Defin

ed D

ata

Cent

er

BIG-IQSecurity

™BIG-IQ

Cloud™BIG-IQDevice

™NBI NBI

BIG-IQ

SDDC Orchestrator

SDN Controller

SDN Applications

LAYER 2-4Stateless Fabric

F5 L4-7 SDAS Stateful Fabric

Applications

NVGREVXLAN

Service Chaining

Virtual & Overlay Networks

PerformanceAccess& Identity

AvailabilitySecurityMobility

iApps

OPENAPIs

Architect / Lines of Business

© F5 Networks, Inc 21

f5 Synthesis Software Defined Application Services

SCALE N: MASSIVE SCALE AND CAPACITY

Virtual & OverlayNetworkingVLAN NVGRE OVS MAC-

IN-GRE

Programmability Automation

VXLAN Partners

VM ChassisAppliance

iAppsiControliRulesiCall Groovy Node.js

vCMP vCMP vCMP vCMPStandardisation

© F5 Networks, Inc 22

Gateway Capabilities Provides ability to bridge between any network or overlay

Ethernet EtherIP

NVGRE

VXLAN VLAN

OVS MAC in GRE

© F5 Networks, Inc 23

Built for Control and Orchestration

Control

Extensibility

EmbeddedFeatures

Foundational

F5 Data Path Elements

Data Path Primitives

Modules (LTM, GTM, APM, etc.)

Data Path

Primitives

Modules (LTM)

Data Path

Primitives

Modules (SDC)

iRules(2001)

Node.js(2013)

Groovy(2009)

iControl

(2001)

iControl-REST

(2013)REST

(2009)SOAP (2011)

iCall(2013)

Data Path

Primitives

Modules (Security,

Cloud, Device)

Node.js(2013)

REST(2013)

BIG-IP BIG-IQ LineRate Traffix

© F5 Networks, Inc 24

Fabric Connectors

Module Connectors

Cloud Connectors

Orchestration Connectors

Intelligent Services Orchestration

Single pane of glass

Rapid system andservice provisioning

Ecosystemenablement

BIG-IQ

•OpenStack, VMware, Cisco, etc.•REST API

•Virtual Editions─VMware, MSFT, XEN, KVM•Cloud bridging and health and performance Monitoring ─ AWS, VMware, and OpenStack

•Security•Device•Cloud•ADC•MAM•etc

• Multi tenant• Bare metal deployment• Elastic• Metered

© F5 Networks, Inc 25

F5 Operationalises the Stateful L4-7 Network with Synthesis

Massive Scalability and

Capacity

Automation and

Orchestration

New Network Innovation and

Services

Agile Efficient FlexibleHigh Performance

Services FabricBIG-IQ Programmability

SDN requires an ecosystem to

operationalise the entire network

© F5 Networks, Inc 27

F5 Synthesis Partner EcosystemNetwork/SDN System

Integrators Cloud Security Orchestration

© F5 Networks, Inc. 27

Application

© F5 Networks, Inc 28

F5 Partner FocusVMWARE/NSX

• NSX Integrates with F5 BIG-IQ and BIG-IP

• Integral to vCenter workflow• F5 iApps as ADN service templates in

NSX• BIG-IP VEs automatically deployed,

licensed, and configured• F5 provides enterprise-class edge SDAS

CISCO/ACI• Insieme/Cisco ACI APIC Controller

integrates with F5 BIG-IP• BIG-IP Plugin

OPEN CONNECTOR• Enable Connectors from any platform• SDK• Documentation

OPENSTACK• Joined Community October 15th 2013• Connector Complete now• Implementing Neutron LBaaS plugin• Driving towards new plugin exposing

rich set of F5 SDAS• BIG-IP VEs automatically deployed,

licensed, and configured

AWS• ADC and App Provisioning • Elastic Application Capacity• Cloud Bursting• Utility Licensing / Marketplace (New)

MICROSOFT• SCVMM 2012• BIG-IP Discovery/Monitoring• Hyper-V NVGRE Gateway

So what is SDN and why???• SDN is about operationalising the entire network and requires an

ecosystem to implement a comprehensive architecture that encompasses stateless L2-4 and stateful L4-7 network services.

• Benefits• Improve time-to-market• Reduce risk• Reduce operational expenses