bb2370 nielsen cloud network innovations-final


Transforming Delivery of Applications to UsersBB2370Mike Nielsen, HP Networking

HP FlexNetwork Architecture Cloud Innovations

Promise of the Cloud for Business

Simplifymanagement

Deploy appsin minutes

3 monthsTo deploy a new application from data center to user

Over

70%Of downtime is caused by CLI misconfiguration

Over


4 © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Cloud Application Delivery Expectations

50%Workloads will be virtualized by the end of 2012

PRIVATE, PUBLIC AND INDEPENDENT CLOUDS

Over

1%Of smartphones consume 50% of mobile data

DYNAMIC AND MOBILE SERVICE CONSUMPTION

Just

3 monthsTo deploy a new application from data center to user

COMPLEXITY OF THE INFRASTRUCTURE

Over



Legacy Networks Slow Application DeploymentSystem Admin

Time in Months

Are you ready yet?

Which server?

Which

VLAN?

Which subnets?

How muchbandwidth?

QoSPriority?

QoSMethod?

Rack 3Server

5

VLAN 10

Subnet.16.31

10M CIR

20M PIR

Priority4 IP TOS

Ok, starting switch config

Deploying Exchange

VMs… ready!

…250,000+ CLI entries for typical data center

Network Admin



Legacy Networks Can’t Meet Cloud Expectations

Impossible to identify applications and meet diverse service levels

ApplicationIndifferent

Architected for one tenant, user type and location - lacking programmability

Rigid PhysicalNetworks

Slow to respond to new application requirements and hampered by manual errors

ManualManagement



Focus less on managing infrastructure…

…and more on connecting users to applications

HP Virtual Application Networks

HP’s Vision for Software Defined Networks



Separate Logical from Physical Management, Making the Network Programmable

Virtual Application Networks

FlexManagement

FlexNetwork Architecture

FlexFabric FlexBranchFlexCampus

End-to-End Control Plane

CoreRouting Access CoreRouting Access Routing Switching Wireless



Tunes the Virtual Network for Application Delivery Requirements

Create Virtual Networks for Specific Applications

FlexManagement



Virtual Application NetworkVirtual Application NetworkVirtual Application NetworkVirtual Application Network





New Operating Model Delivers Agility Needed for Cloud

Deploy Virtual Application Networks

Server CPUs

VM VM VM VM

Hypervisor

FlexManagement



Virtual Application NetworkVirtual Application NetworkVirtual Application NetworkVirtual Application Network



http://www.google.com/imgres?imgurl=http://hardwarelogic.com/articles/reviews/processors/INTEL_Q6600/Core.jpg&imgrefurl=http://www.guruht.com/2007/09/intel-e6850-dual-core-processor-review.html&usg=__eSe-qSUbVwAYRLbH_7i3rXYVJXU=&h=414&w=475&sz=39&hl=en&start=32&zoom=1&itbs=1&tbnid=yIad_YnZ-LclFM:&tbnh=112&tbnw=129&prev=/images?q=multi-core+processors&start=20&hl=en&sa=N&gbv=2&ndsp=20&tbs=isch:1&ei=Kyc6Tf7AKoG0lQenvLjzBg





Virtual Application Networks Deliver

Create consistency, reliability and repeatability across the entire network infrastructure

ApplicationCharacterization

Create multitenant, on-demand, topology and device-independent provisioning

NetworkVirtualization

Use templates to ensure user service level and policy for dynamic application delivery

Automated Orchestration


Virtual Application Networks in Action

Deploy new applications in minutes in the data center

Rapidly onboard users and their devices

Securely interconnect Virtual Application Networks



Virtual Application Network Manager Module

Delivering Virtual Application Networks Today

• Characterize app using

template

• Program virtual network

resources

• Orchestrate network resources

Hypervisor Management

Intelligent Management Center

VANplug-in

VAN Policy Engine

VANAPI

HPN Access Switch

HPN Data Center

FabricHPN Core

SwitchHPN Core

Router

VM

VM

VM

vSwitchManager

Server

NIC

vS

wit

ch/H

P o

pen

vS

wit

ch

VAN Manager Components

IMC Enterprise/Standard Components

VAN Access

Switch SW

VAN Designe

r



Virtual Application Networks Deploy Apps in MinutesSystem Admin

Network Admin

Deploying Exchange

VMs

Application deployedin 3 steps

CharacterizeIMC VAN

Manager

Orchestrate

VMs

IMC VAN

Manager

Minutes

Wow! That was

fast!… ready!

Virtualizing

Virtualize

Plug-in

vCenter

Build profile with template

Choose connectio

nprofile

Power on virtual

machines

1

2

3



Virtual Application Network ComponentsKey Components

Existing IMC function used to set/monitor virtual switch features in the virtual machine manager

vSwitchManager

Rapid provisioning and error-free configuration to manage the connection between VMs and the required physical and virtual network policies

VAN Policy Engine

Repeatability to design connections based on virtual machine and application requirements, including QoS policies, ACLs, and virtual network configuration details

VAN Designer

Hypervisor integration (currently VMware) enabling system administrators to map connection types to virtual machines

VANPlug in

VANAPI

Assured interoperability with Cloud orchestration through RESTful APIs, enabling external access to VAN functions from cloud and network orchestration frameworks

Virtual Switch which communicates with vSwitch Manager and VAN plug-in to coordinate policy enforcement

vSwitch/HP open vSwitch



HP IMC and F5 Management Integration

HP Intelligent Management Center

• CharacterizeInstantly identify all converged infrastructure requirements

• VirtualizeVirtualize application, network, and server resources

• OrchestrateRapidly deploy application, network, and system configurations



Deploying Applications in MinutesSystem Admin

Network Admin

Deploying Exchange

VMs

Application deployedin 3 steps

Characterize

IMC VAN Manager

w/ F5 iApp

Orchestrate

VMs

IMC VAN

Manager

Minutes

Wow! That was

fast!… ready!

Virtualizing

Virtualize

Plug-in

vCenter

Build profile

Select iApp

Choose connectio

nprofile

Power on virtual

machines

1

2

3



Challenges of BYOD on Legacy Networks

• Device-dependentLegacy architectures rely on company-issued devices to deliver secure access to applications

• Inconsistent management Separate management for wired and wireless devices are disaggregated, have separate policies

• Separate management for devices, applicationsLack of visibility into user behaviors, access, and usage



User, Network, Security and Application Policy Management with

BYOD

Virtual Application Networks in the Campus

• Secure network access for user-owned devices• Highly secure client control• Self registration for client-owned

• Unified wired and wireless management• Consistent Device policy management• Network policy mapped to user profiles

• Unified monitoring and application access• User and traffic analysis• Application access control

Monitoring

Provisioning

On-boarding



Orchestrating User-to-Network-to-Application

BYOD Solution Architecture

Authentication

Device Agnostic

Network Agnostic

User Security Check

Employee Guest

Time Aware

LocationAware

Authorization Audit

Traffic Monitoring

UserBehavior

UserSelf-Service

Monitoring Provisioning

Policy enforcement based on level of trust

Traffic and User Behavior Analysis

User registrationDevice profiling

Onboarding



Challenges of Legacy Hub & Spoke WAN Connectivity

• ComplexEncryption configuration is manually intensive & error-prone

• VulnerableCarrier service offerings limit flexibility & security

• ConstrainedLegacy architectures limit performance of rich media applications (e.g., video conferencing)

Campus

BranchBranch

DataCenter

BranchBranch



“Zero-touch” deployment of routers across the enterprise with DVPN

Virtual Application Networks in the Branch

Campus

BranchBranch

Internet

IMC-BIMSSecu

re D

ata

Tunnel

Secure Data Tunnel

Secu

re D

ata

Tunnel

• Simple• Automated zero-touch deployment with IMC• Reduces configuration steps

• Secure• Standards-based IPsec• Flexible support for any WAN technology &

Internet

• Scalable• Site-to-site performance for rich media • Scales to over 30,000 sites

93% reduction in configuration

steps

900% more scalable



Hub(primary)

Hub(secondary)

AAA Server

VAM Server (primary)

HQ

VAM Server (secondary)

Spoke

Branch

IP Network

Server Public IP Address (static)Client Public IP

Address (manually configured

or dynamically assigned)

Client Private IP Address

(statically configured)

Tunnel

Tu

nn

elDVPN configured

on single tunnel interface

Virtualizing the WAN and connecting Virtual App Networks

DVPN Solution Architecture



Virtualizing the WAN and connecting Virtual App NetworksDVPN Solution Architecture

BranchBranch

Internet

Secu

re D

ata

Tunnel

Secure Data Tunnel

Secu

re D

ata

Tunnel

AAA Server

VAM Server (primary)

VAM Server (secondary)

(primary)(secondary)

Hub

Employs client/server model• Supports up to 10 DVPN domains

per router

• Supports 2 tunnel encapsulations: UDP and GRE

• Each client registers mapping of its private and public IP addresses with server using DVPN control protocol (VAM)

• Managed under IMC w/IVM and BIMS

• Interoperable with standard IPsec



Delivering New Applications in Minutes versus WeeksEnable Cloud with Virtual Application Networks

Tune network to the application delivery requirements

Virtualize the network end-to-end, from application to user

Enable IT to manage the network with policies rather than CLI, scripts

Single pane-of-glass management for the physical and virtual network

Ensure choice with open, standards-based approach



Tools to Help Our Clients

• Learn about Virtual Application Networks

• Download a copy of Virtual Application Networks Whitepaper

• Read about the FlexNetwork Architecture

• Get the analyst perspective from ESG on Virtual Application Networks

• Learn more about Dynamic VPN

• Understand HP’s BYOD strategy

• Load the trial license of the Intelligent Management Center

http://h20195.www2.hp.com/V2/GetPDF.aspx/4AA4-0793ENW.pdf

http://h20195.www2.hp.com/V2/GetPDF.aspx/4AA4-0790ENW.pdf

http://h17007.www1.hp.com/us/en/whatsnew/090511.aspx

http://h17007.www1.hp.com/docs/van/VAN_WhitePaper.pdf

http://h20195.www2.hp.com/v2/GetPDF.aspx/4AA3-9066ENW.pdf

http://h17007.www1.hp.com/us/en/products/network-management/index.aspx


Thank you

bb2370 nielsen cloud network innovations-final

Technology