unleashing sdn to align network capabilities with enterprise it & devops needs
Post on 16-Apr-2017
587 Views
Preview:
TRANSCRIPT
Copyright 2016 Alcatel-Lucent. All rights reserved.
Unleashing SDN to Align Network Capabilities with Enterprise IT & DevOps Needs
Sunil Khandekar Founder & CEO
Nuage Networks March 9th, 2016
Copyright 2016 Alcatel-Lucent. All rights reserved.
A Consumption Shift
Cloud has changed the way
applications are being consumed
From “order and wait”
To “instant gratification”
Consumer expectations are shifting
Multiple personas
Single user
On-demand personalized catalogue
Copyright 2016 Alcatel-Lucent. All rights reserved.
Business Agility is Paramount
Rapid Introduction of New Services
Learn and Adapt
Superb Customer Experience
DevOps Model is imperative!
IT Must Align to Business Needs
Copyright 2016 Alcatel-Lucent. All rights reserved.
Bridging the Gap Between Applications & Networks
Realizing DevOPs w/ marriage of
“IP” & “IT”
Customer in Control
Network Services on demand, in
support of cloud applications
Improved Service Velocity
Any application, any cloud, every time
Software Defined Networking
FROM:
TO:
Copyright 2016 Alcatel-Lucent. All rights reserved.
EVOLVING Data Center to the CLOUD
Automation
Private Cloud
Public Clouds
Unconstrained options
Evolved DC Infrastructure
FROM: • Static DC network
– VLAN Based
• Vertically integrated (mono CMS & Hypervisor )
• No segmentation
• Email driven fulfillment
ORDER AND WAIT
TO: • Automated DC
Network – IP Fabric
• Hybrid stack w/ Openstack and KVM
• Micro-segmentation
• Self-service fulfillment
ORDER AND GET!
Copyright 2016 Alcatel-Lucent. All rights reserved.
SDN beyond Datacenter
Connecting Users to Applications
Private Cloud
DYNAMIC & INTERACTIVE APPLICATIONS
Public Cloud
✓
HIGHLY DISTRIBUTED USERS
?
Copyright 2016 Alcatel-Lucent. All rights reserved.
The GAP
Automation
Private Cloud
Public Clouds
Automated
Instantaneous modifications
Simplified policy-driven management
Freedom of choice
Evolved Datacenter Infrastructure
Constrained access options
Limited hardware
Limited Automation
Branch offices Enterprise WAN
Specific provider
Status Quo at the Remote Location
o Costly moves, adds and changes
o Complex management
o Limited choice
o Proprietary hardware, vertically integrated
Copyright 2016 Alcatel-Lucent. All rights reserved.
Private Cloud
SD-WAN Objectives
FULLY AUTOMATED
HIGH PERFORMANCE
SECURE
ON-DEMAND Connectivity between Users and to Apps in Private OR Public Clouds
CONSISTENT POLICY Framework for all use cases
HIGHLY DISTRIBUTED USERS
DYNAMIC & INTERACTIVE APPLICATIONS
Connecting Users to Applications
Public Cloud
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
9
CONNECT USERS TO PRIVATE CLOUD
Private Cloud
Private IP/MPLS
Internet
Private IP/MPLS
OVERLAY VPN ON PRIVATE OR PUBLIC NET
Internet
CONNECT USERS TO PUBLIC CLOUD
Internet
OFF-NET EXTENTION W/ VPN INTEROP
KEY USE CASES
Public Cloud
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
10
KEY Requirements – 1 of 2
CPE MUST Evolve From proprietary to
OPEN COTS Platform Must allow ability to
separate SW from HW Automated & secure
on-boarding
Separate OVERLAY from Underlay
To allow for ANY Transport : On-net or Internet
Internet reach
Interop w/ Existing IP/VPN
Allow Internet tails to be seamlessly connected
PE Interop across Service, Control & Management Planes
OVERLAY
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
11
KEY Requirements – 2 of 2
Private Cloud
Application Placement Flexibility to support
embedded or hosted Apps
In the DC or at Customer Prem
Service Chaining for VAS
On-ramp to Private & Public Cloud
On net or Internet Secure connectivity w/ Consistent Policy
End-to-End Visibility Overlay Underlay
Correlation
Public Cloud
AppApp
App
Copyright 2016 Alcatel-Lucent. All rights reserved.
EndtoEndAutomatedSDNFramework
Does SD-WAN == vCPE?
• Separation of SW from HW • Same Operational Tools as
traditional HW CPEs • No Automated Bootstrapping
vCPE Software Appliance Runs on X86 COTS Platform
A GOOD FIRST STEP … But.. addresses HW consolidation but
doesn’t address SDN automation
✓ ✓ ✓ ✓ ✓
Copyright 2016 Alcatel-Lucent. All rights reserved.
EndtoEndAutomatedSDNFramework
Does SD-WAN == WOC + Overlay?
• Application Aware • Optimal Path Selection • Transport independent • Proprietary Branch devices
vCPE Software Appliance Runs on X86 COTS Platform
Does next-gen WOC go far enough to deliver on the promise of SD-WAN?
...book ended solution w/ no interop..
OVERLAY +
✓ ✓
Copyright 2016 Alcatel-Lucent. All rights reserved.
Does SD-WAN == Cloud based Management of cost Optimized Branch Routers
• Cloud based provisioning in a SaaS Model
• Automated Island • Transport independent
Does lower cost branch router w/ CMS deliver on the promise of SD-WAN?
+
✓
EndtoEndAutomatedSDNFramework
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
15
EndtoEndAutomatedSDNFramework
Key Elements to address ALL Requirements?
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
16
Site
Onboarding
User to
Application
Advanced
Security
Centralized
Control
• Trust model
• Secure bootstrapping
• Multi-factor
• No device pre-staging
• Transport technology
independence
• Open multi-form factors
• Appliance / VM
• Branch-2-Cloud
connectivity
• E2E application flow
management
• Embedded PKI
• Device X.509 cert
• Remote disconnect
• Advanced Encryption
• Aggressive re-keying
• Service Micro-segmentation
• Unified policy from
branch-to-Cloud
• Multi-tenanted solution
• Pull-model w/ declarative
policy
• Integrated UL/OL
Assurance
SD-WAN : Key Elements
Copyright 2016 Alcatel-Lucent. All rights reserved.
Open-CPE
Separation of software from
hardware
SD-WAN : Key Elements
Interoperable
Multi-vendor inter-working at
every layer
Independent per-layer
federated scaling
Scale-out
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
18
THE BRANCH UNSHACKLED
CONTROL PLANE
BRANCH NETWORKING DEVICE
MGMT PLANE
FORWARDING PLANE
GENERAL PURPOSE COMPUTE
OPEN OS
Op
enFl
ow
SECURITY
TRAFFIC STEERING QoS
Open CPE
ETHERNET
PROPRIETARY HARDWARE
Today’s Closed CPE
Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016
19
CPE
ThinCPE
FatCPE
1
2
VS
OpenCPE: Fat v/s Thin
Resource Considerations Physical systems running Containers run only
one kernel per system Hypervisors run one kernel per virtual Machine
(plus one for the host) Flexibility & Performance
Containers can be started instantly like applications
VMs require OS restart + Application Management
Simpler and Faster Orchestration of Containers Lifecycle management of hypervisors
Copyright 2016 Alcatel-Lucent. All rights reserved. 20
Expand to include applications
Overlayofferstransportchoices
Policy-based control
IT-approachtonetworkservice
delivery
SD-WAN : The Complete Picture
L2
Tenant A
Tenant B
L2
L2
Mul pleTransportlinks Separa onofservice
fromtransport
Applica on-awarepathselec on
Site
Site
From Transport
Public Cloud
Private CloudApp
App
Copyright 2016 Alcatel-Lucent. All rights reserved.
OpenCPE (X86 BRANCH ROUTER FOR CLOUD ERA) • Network service platform for branches • L2-L4 Switching and routing with advanced network functions • Physical or Virtual form-factors
POLICY & ANALYTICS • Network Policy Engine – abstracts complexity • Service templates and analytics
FEDERATED CONTROL • SDN Controller, programs the network • Rich routing feature set
VIRTUAL SWITCH • Distributed switch / router – L2-4 rules • Supports leading hypervisors and base metal assets
SDN TOOL SET
SDDC Feature Set SDWAN Feature Set
Unified SDN Layer : User to User AND User to Applications
Consistent Policy-Based Automation
Copyright 2016 Alcatel-Lucent. All rights reserved.
Connecting Users to Applications THE Final Picture
Internet
Private IP/MPLS
FULLY AUTOMATED
HIGH PERFORMANCE
SECURE
ON-DEMAND Connectivity between Users and to Apps in Private OR Public Clouds
CONSISTENT POLICY Framework for all use cases
Private Cloud
Public Cloud
IT Aligned to Business Needs
Copyright 2016 Alcatel-Lucent. All rights reserved.
3/9/2016
23
Thank You!
@nuagenetworks
@SunilSKhandekar
top related