deploying an nfv cloud

Deploying and Operating an NFV CloudJuan Ramón Acosta, Principal ArchitectNaren Narendra, Senior Product ManagerMay 10, 2017

Service Provider Network Transformation

Reduce Network Appliances, Siloes

Avail Self-service Personalization

Automate Service Creation

Open Source

NFVSDN

Converged Infrastructure

MobilityManagedServices Video Security

SimplifiedOperations

Highly Available Infrastructure

Network Function Virtualization

Analyst View of the NFV Selling MotionLight Reading Survey from January 2016 of 120 SP’s

• “Some of the first operators to move ahead with open NFV implementations have found that the economics don’t work today, because the system integration costs of getting products from multiple vendors to work together are higher than the savings”.

• “That inconvenient economic truth is prompting a backlash against multivendor NFV installations”

• “Having flirted unsuccessfully with trying to integrate everything themselves, CSPs are going back to buying everything pre-integrated from one vendor”

NFV Coming Ready or Not, Light Reading, January 2016http://www.lightreading.com/lg_redirect.asp?piddl_lgid_docid=722671

DIY Approach

A la carte

Pre-integrated

http://www.lightreading.com/lg_redirect.asp?piddl_lgid_docid=722671

Ingredients for successful NFVRequires specialized set of tools well beyond traditional IT

Virtual Infrastructure Mgmt

Emerging

SDN Controller& Network Integration

Chaining and Connectivity

Data Models and AutomationFast Data Plane on x86

Netconf/YANG

VTS (MP-BGP/VXLAN) ACI

SR-IOV

NSH/Service ChainingSegment Routing NEW

NEW

End-to-End Requirements for NFV

Infrastructure and OS

NEW

`

Access

Carrier-E / Transport

Central Data Centers

Edge

Internet / Partner SP Edge

Core and EdgeAggregation Multi-Cloud

VPN CPE

Cust. Prem

Cust Prem

vBranch,Analytics

Access

Nothing is seen

today…

MEC (with VPC) & Fog

Apps in future

Remote DCs

VPC, SecGW, vIMS,vManaged Service,

Media xCoding, cDVR,vPE, vBNG, vCMTS,

vCDN, Analytics

In Future - IOT / Fog Computing, Online Gaming,

Location based Services, AR/VR, Data Analytics

Central DCs

VPC, Gi-LAN, vIMS,Biz Services (vMS),

Media xCoding, cDVR,vCDN,

Virtualized RR,Analytics

Co-Lo / Peering

vMS, vCDN,vDDoS,

Analytics

Cloud Hosted

XaaS delivered from the Multi-

Cloud

NFV Deployments are Going to be Distributed

Peering

DCI

DCI

DCI

DCI

DCI

DCI

Remote DCNear Edge

Remote DCNear Edge

Co-Lo

Co-Lo

Peering

Peering

CO

vBNG, vOLT, vCMTS, vPEBiz Services (vMS),

vRAN,vCDN, Analytics

VPC & MEC apps in future (gaming, AR/VR, IOT, Fog,

location based services, Data Analytics)

NFV Infrastructure RequirementsCarrier Class Performance

Use Case Agnostic Infrastructure

Open Standards Based, Modular and Elastic

Easy to use with Unified Management

Integrated Solution with Single Point of Ownership

Service Velocity Customer Experience Open Architecture

Multi-level Security

Cisco NFV and ETSI NFV Framework

Cisco NFVI =

Cisco VIM+NFVI Monitoring+Unified Management+SDN Controller+Cisco UCS & Nexus Hardware

Cisco Network Services Orchestrator (NSO)

OSS , BSS

VNF

Service, VNF & Infrastructure Description

EMS 1

NFVI

EMS 2 EMS 3

VNF 1 VNF 2 VNF 3

Virtual Compute Virtual Storage Virtual Network

Computing Hardware

Hardware Resources

Storage Hardware Network Hardware

Virtualisation Layer

Orchestrator

Virtualised Infrastructure

Manager

VNF Managers

Cisco Elastic Services Controller (ESC)

Cisco NFV Architecture

VNF Manager

Cisco ESC Third Party

NFV-O and Resource Orchestration

NSO – Network Services Orchestrator enabled by Tail-f

North Bound APIs

Virtual Network Functions Cisco and Third Party

CSR ASAv vNAM vIPS

vPC-DI vIMS VideoOpt.

Third Party

Cisco Physical Infrastructure

Network VIM

Linux (RHEL, Hyper Visor (KVM), Host Packages, Software Defined Storage

NetworkCompute (UCS) Storage Ceph

Uni

fied

Man

agem

ent

with

ass

uran

ce

Uni

fied

Man

agem

ent

API

GUI

Virtualized Infrastructure Manager

Cisco VIM based on RHEL OSP

Ass

uran

ceThird Party

or

or APIC* VTSor 3rd Partyor

* Roadmap


Network VIM

Linux (RHEL), Hyper Visor (KVM), Host Packages, Software Defined Storage


Uni

fied

Man

agem

ent

with

ass

uran

ce

Uni

fied

Mgt

.

API

GUI

Virtual Infrastructure Manager

Cisco VIM on RHEL OSP

Ass

uran

ce

Leading Industry Partnerships

Performance Acceleration,Enhanced Platform Awareness

Certified by Red HatJoint Engineering

Integrated platform Design and Validation

Legend

Simple Access to Support Single Point of Contact

APIC* VTSor 3rd Partyor

* Roadmap

Use Cases

Virtual Managed Services Mobility Media


Network VIM



Uni

fied

Man

agem

ent

with

ass

uran

ce

UC

SD

API

GUI



Ass

uran

ce


* Roadmap

Cisco VIMVirtualized Infrastructure Manager

Installer & Life Cycle Manager

ContainerizedControl Plane

Health ChecksLogging/Monitoring

HA VerificationVM Throughput TestingCisco VIM

Security

CI/CD Enabled

Integrated Operational & Validation Tools

ELK Stack – Centralized logging for hosts and OpenStack services

CloudPulse – NFVI control plane and API endpoint health check

VMTP – Full virtual topology bring up and throughput tests

Cloud99 – Failure injection tests for HA validation

KloudBuster – Large scale virtual topology tests

Monitoring – containers, processes, physical & virtual resources

Use Cases Legend

Virtual Managed Services Mobility Media


Network VIM



Uni

fied

Man

agem

ent

with

ass

uran

ce

UC

SD

API

GUI



Ass

uran

ce


* Roadmap

Cisco Virtual Managed Services(VMS)

© 2017 Cisco and/or its affiliates. All rights reserved. Cicso confidential.

14

VMS Service Packages unlock many Cloud Managed Services from a single platform

NSO Service Models and Device Models simplify the orchestration of new services and multi-vendor devices (90% less code)

SPs can create new Cloud Managed Services rapidly using the VMS Software Development Kit (SDK)

Your Service

Here

VMS… A Multi-Service PlatformCloud based Service Creation …Many Services…One Platform…for Enterprises and SMBs

VMS Service Packages simplify…

vRouter vFirewall vWAAS

How to create and monetize a service

How to orchestrate and activate a service

How to monitor and modify a service

How to collect analytics and bill a service

How to boot and manage virtual and physical devices

NSO Service Models

Multi-VendorNSO Device Models

Many Service Packages offered from the SP Cloud

VMS Cloud Managed Services for SPs Rapid Time to Market using customizable Self-Service Portals and Service APIs

Customer Self-Service Portal to manage and monitor devices from the Cloud

Customer Self-Service Portal to add new services from the Cloud

SP Operator Portal to manage multi-tenant services from the Cloud

SP Operator Portal to rapidly create new Service offers from the Cloud

SP Admin Portal to manage new tenants, users, and secure access from the Cloud

SP Admin Portal to manage service creation info and analytics from the Cloud

** All service configs are available through APIs or an optional User Interface

VMS provides a Self-Service Portal and Service APIsCapture new Customers with customized Service offers

Customers can…• Purchase new Services• Create new customer sites • Select devices for each site• Select new Service options• Confirm service terms and conditions

Service Providers can…• Create customized offers with

monetized choices • Integrate the service workflow with

your BSS/OSS systems• Rapidly bring services to market• Support many tenants from a

single platform

Select a new Service

Add a new Branch Site and Device

Review Service Selections

Customer Self-service Workflow


VMS provides Self-Service Site ManagementSite Configurations made easy with protective guard rails, from the Self-Service Portal or service APIs

Customers and Service Providers can…• Manage Site configurations from the Cloud

• Make site config changes with protective guard rails and Role Based Access Control

• See a massive reduction in OPEX using Cisco certified Service Packages, all managed by VMS

Select a new Service

Add a new Branch Site and Device First Step in the Workflow

Simple configuration of IWAN Hub Sites with guard rails

Simple configuration of IWAN Branch Sites with guard rails

Simple configuration of Enterprise prefixes with guard rails


ISR 800, 1900, 2900, 3900, 4000 Series

CPE VPN Managed WAN Managed Security

VMS Cloud VPNSecure Hub-and-Spoke Connectivity with Remote Access, Web Security, and Firewall

• Enhances agility to deploy new services

• Operational efficiency with zero-touch deployment and automated provisioning

• Enable business to comply with regulatory requirements with strong encryption of data in motion

• Enable zero-touch provisioning tenants self or service provider managed solution

• Installation and deployment simplicity

Service Provider Cloud VPN Business Benefits

Firewall(ASAv)

Web Security (WSAv)

Intrusion Prevention

(IPSv)

vRouter(CSR1Kv)

Branch

Branch

Cloud VPN(IPSec) Internet

Remote Access

ISR 800, 1900, 2900, 3900, 4000 Series


• Simplified integration of cloud services for Internet and MPLS network customers

• Expand Cloud VPN service to support customers on MPLS network

• Maintain MPLS network integrity and security, as well as service provider domain separation

• Ability to offer network integration of customer branch offices across Cloud VPN and MPLS networks

VMS Cloud VPN with Converged EdgeSecure Convergence of IPSec and MPLS Connected Sites with Cloud Managed Security

Firewall(ASAv)

Web Security (WSAv)

Intrusion Prevention

(IPSv)

vRouter(CSR1Kv)

Branch

Branch

Branch

Branch

1Q VLANs

Cloud VPN(IPSec)

Other Networks

MPLS VPNNetwork

Internet

Service Provider Managed Network

Remote Access

Business Benefits

vBranch Solution Benefits• Expand Your TAM: Enable New Services with

Services Running Virtualized in the Branch, No Additional Hardware

• Minimize Truck Rolls: Operational Efficiency by Zero-Touch Deployment and Automated Provisioning

• Easy Integration: Utilize Existing Branch Delivery Model with Service Capability Remaining in the Branch

• Offer Flexibility: Enables Tenant Self-Management or Service Provider Managed Offers

• Overlay Oriented: Suited to Wide Array of Overlay VPNs: MPLS, IWAN, IVPNs

vBranch Solution Overview and BenefitsSolution to Deploy Feature-Rich Services in Branch Environment Using Virtualization Technology

Firewall(ASAv)

vRouterISRv

WAN opt(WAASv)

ENCS w/NFVIS

vBranch @ Enterprise

Branch Office

Self-Service Portal

Internet

VMS vBranchManagement Platform

Service Provider Infrastructure

EnterpriseHeadquarters

MPLS VPN(MPLS)

VMS Cloud Managed IWANA DMVPN Service with Many Transport Options between Branches and Hub

ISR 800, 1900, 2900, 3900, 4000 Series


Branch

InternetDMVPN

Internet

MC

Border Router

Border Router

Intelligent WANBranch Router

MPLSDMVPN

Cloud IWAN Business Benefits

• Steer application flows based on type, policies and path status

• Provide protection of business applications from brownouts

Application-Aware• Provide more value with

Active/Active low cost WAN links• Increase bandwidth efficiency by

load-sharing traffic over all WAN paths

Full Utilization / Lower Cost• Automatic and on-demand

monitoring and intervention• Decrease loss percentage to

less than 5%

Real-Time

Master ControllerHub

VMS Cloud Managed SD-WAN

Perfect for distributed customers looking forlower cost and self-managed SD-WAN options

SD-WAN created with Zero Touch Provisioning (PnP) and validated IWAN Service Packs (NSO)

Automated end-to-end SD-WAN Services managed from the Service Provider Cloud

Secure multi-tenant Cloud Managed platform, simplified orchestration and tenant self-service

Rapidly create new monetized services, modify existing services instantly from Cloud

Optimized for Ease of Management

VMS as a Service Creation Platform

VMS Offers using Service Extensions

Multi-Vendor Network Element Drivers

Device Manager

Service Manager

Network Services Orchestrator (NS0)

SP Applications/Systems

Active Network

View

Physical Networks

VNFM Controller apps EMS and NMS

Network Abstraction in Modern and Brownfield Environments

Network AppsVirtual Networks

Service InterfacesVMS

Service CreationPlatform

Service Infrastructure

Service Offers

Data Platforms

OpenAPIs

Custom Template Service

Custom Template Extension

Orchestration Templates

UX/UI Extension

Extending Packaged Services Services will never be one size fits all Providers need a way to customize and

add configurations to existing services.

Custom Template Service Provides UI/UX extensions per service

to Operators and Tenants. Leverages NSO templates VMS offer

templates to create new payloads for service offer.

Builds on NSO Capabilities NSO provides template capabilities New Templates can be reloaded These templates are then

referenced Does not require new NSO

Java/Python Mapping code.

VMS Service Extension Feature FlowExample iWAN Offer Modification

Development iWAN Template to Disable DHCP on CPE Client

Load new template into NSO


VMS Platform learns of NSO Extension

iWAN Service Offer

iWAN Service Offer Picks up service extension

iWAN Service UI automatically presents as a configuration service option.

iWAN Service Requests now include Service Extension

NSO Drives follows normal process of creating device configurations.

1

2 3 4

5

6

7

VMS Service Creation; Opaque Services

Multi-Vendor Network Element Drivers

Device Manager

Service Manager

Network Services Orchestrator (NS0)

SP Applications/Systems

Active Network

View

Physical Networks

VNFM Controller apps EMS and NMS

Network Abstraction in Modern and Brownfield Environments

Network AppsVirtual Networks

Service InterfacesVMS

Service CreationPlatform


Service Offers

Data Platforms

OpenAPIsVMS Provides Catalog of Opaque Services & Ordering

Opaque Service Model

NSO invokes VMs and pushes Day 0 Configs.Device still “unmanaged”

VMS Signals External NMS/EMS that Opaque Devices are ready.

External NMS/EMS Takes over all subsequent Service Configs. VMS platform maintains the infrastructure for the service.

VMS Service Creation Platform; SDKDo I want to use it? How do I try it?How do I get started?

How do I use it? How do I get help?

Developer Site Developer SandboxTutorials & How-Tos

</>

Docs & Sample Code Community & Support

Supported VNF Vendors

Production Grade PoC Grade

Visit Cisco in Booth A4See how our cloud solutions provide what you need to meet your goals.

Join the conversation @CiscoCloud© 2017 Cisco and/or its affiliates. All rights reserved. Cicso confidential. 30