Session 2: finally a high-performance and affordable IT solution in the cloud

Seminar ‘On cloud nine about your IT solution’

Hybrid is reality

First requirement: connectivity

The problem with cloud access: the internet

?

The solution: NetScaler SD-WAN with Cloud Interconnect

To measure is to know (Waze, RTTI)

6

NetScaler SD-WAN

What is SD-WAN?

MPLS

Internet (DIA/DSL/Cable)

NetScaler SD-WAN

Intelligently measure path quality in each direction

Policy may override

Aggregate all links

Choose paths based on measurements

High priority applications are assigned to best path(s)

7

Branch office(s)

Datacenter(s)

NetScaler SD-WAN

Let’s apply SD-WAN to the cloud

Internet (DIA/DSL/Cable)

Internet (DIA/DSL/Cable)

NetScaler SD-WANMPLS

Always ON connectivity to the cloud

8

DatacenterCloud

What about remote offices?

9

Branch office(s)

NetScaler SD-WAN

NetScaler SD-WANInternet (DIA/DSL/Cable)

Internet (DIA/DSL/Cable)

NetScaler SD-WANDatacenter

Cloud

Secure and reliable delivery from cloud to branch

NetScaler SD-WAN makes hybrid cloud easy

High performance delivery from multiple clouds to branch

9.2

New

1 Gbps256 virtual paths

Virtual Virtual

Physical

4 Gbps and up550 virtual paths

NetScaler SD-WAN allows you to seamlessly combine multiple services:

• Business DSL + Cable 99.95%

• MPLS + Business DSL 99.99%

• MPLS + MPLS 99.995+%

What about a cable cut?

• MPLS + Bus. DSL + 3G/4G 99.999+%

SD-WAN improves WAN availability

Source: Gartner (July 2013)

Accessype

Typical availability

Downtime per month

Consumer grade DSL

98% 15 hours

Business DSL 99.0% 7 hours

Metro Ethernet 99.5% 4 hours

MPLS Leased Line 99.9% 1 hour

11

3G/4G option ideal for retail, construction, bank and maritime companies

Standard Network QoS

Let’s compare QoS approaches

SD-WAN enforced QoS

SD-WAN can still use standard network QoS, but may override based on conditions

What about application profiles, SLA and QoS?

Category Minimum bandwidth

Prioritization Duplicate

Real Time 30% VoIP Yes

Video conference No

Interactive 40% XenDesktop No

SQL No

Exchange No

Custom No

Bulk 30% FTP No

Video No

Custom No

• Up to 17 QoS levels (classes) can be utilized across the 3 categories of application traffic: Real Time, Interactive, and Bulk

• Categories can be provisioned with guaranteed minimums

• Specific application policies can be created using src/dest IP & Port, TCP/UDP, DSCP

• QoS model is dual-ended resulting in the best user experience

• Works out-of-the-box with default policies• Can be tuned accordingly

13

Second requirement: security

Layered security with NetScaler SD-WAN

Branch DC

MPLS

internet

Secure Web Gateway

(Zscaler…)

Benefits:• secure traffic in transit• isolate network segments• offload internet traffic• enforce consistent

security policies in branch, DC and cloud

IaaS

SaaS

Point-to-point encryption (AES, IPSec)

Network segmentation

Network segmentation

Exception

Internet

Third requirement: manageability

Datacenter

Cloud/SaaS

NetScaler SD-WAN Center for scale and management

Branch

Branch MPLSINTERNET

4G/LTESATELLITE

NetScaler SD-WAN Center

• Single pane of glass for branch, DC, Cloud• Configure, manage, report• No branch or device configuration required

Simplified deployment with zero-touch deployment service

Now:

• automated bring-up

• authentication to join network

• status updates of the deployment process

• NetScaler SD-WAN 410 appliance

Coming soon:

• read bar code + geo-locatethe appliance

• other appliances

new

Key takeaways

20

Management

& visibility

Application

Optimization

Real time

measurement

Application

QoS

Application

optimization

Dynamic path

bondingSecurity

Key takeaways of Netscaler SD-WAN

Connectivity

Security

Manageability

Demo

Xylos’ demo environment

P2P

Internet

Virtualized wide area network

SD-WAN

Antwerpen

SD-WAN

SD-WAN CenterMgmt.

Brussel

SD-WAN SE

Front end subnet Backend subnet

Virtual Network

Azure region

NSGNSG

SDWAN WAN1NIC-1

172.16.4.4/24

SD-WAN deployed in Edge/Gateway mode

SD-WAN deployed in inline (or PBR) mode

SD-WAN deployed in inline (or PBR) mode

WAN1 (172.16.4.0/24)

LAN3 (172.16.3.0/24)

SDWAN LAN3NIC-1172.16.3.4/24

LAN2 (172.16.1.0/24)

ClientLAN2NIC-1

172.16.1.4/24

Mgt2NIC-2172.16.0.5/24

Mgt2NIC-2172.16.0.4/24

Default (172.16.0.0/24)

LAN (?/24)

WAN1192.168.5.202/24

WAN2192.168.1.100/24

WAN2192.168.25.100

WAN1192.168.2.202/24

SNAT94.107.244.203

SNAT62.58.102.203