Unleashing SDN to Align Network Capabilities with Enterprise IT & DevOps Needs

Copyright 2016 Alcatel-Lucent. All rights reserved.

Unleashing SDN to Align Network Capabilities with Enterprise IT & DevOps Needs

Sunil Khandekar Founder & CEO

Nuage Networks March 9th, 2016


A Consumption Shift

Cloud has changed the way

applications are being consumed

From “order and wait”

To “instant gratification”

Consumer expectations are shifting

Multiple personas

Single user

On-demand personalized catalogue


Business Agility is Paramount

Rapid Introduction of New Services

Learn and Adapt

Superb Customer Experience

DevOps Model is imperative!

IT Must Align to Business Needs


Bridging the Gap Between Applications & Networks

Realizing DevOPs w/ marriage of

“IP” & “IT”

Customer in Control

Network Services on demand, in

support of cloud applications

Improved Service Velocity

Any application, any cloud, every time

Software Defined Networking

FROM:

TO:


EVOLVING Data Center to the CLOUD

Automation

Private Cloud

Public Clouds

Unconstrained options

Evolved DC Infrastructure

FROM: • Static DC network

– VLAN Based

• Vertically integrated (mono CMS & Hypervisor )

• No segmentation

• Email driven fulfillment

ORDER AND WAIT

TO: • Automated DC

Network – IP Fabric

• Hybrid stack w/ Openstack and KVM

• Micro-segmentation

• Self-service fulfillment

ORDER AND GET!


SDN beyond Datacenter

Connecting Users to Applications

Private Cloud

DYNAMIC & INTERACTIVE APPLICATIONS

Public Cloud

✓

HIGHLY DISTRIBUTED USERS

?


The GAP

Automation

Private Cloud

Public Clouds

Automated

Instantaneous modifications

Simplified policy-driven management

Freedom of choice

Evolved Datacenter Infrastructure

Constrained access options

Limited hardware

Limited Automation

Branch offices Enterprise WAN

Specific provider

Status Quo at the Remote Location

o Costly moves, adds and changes

o Complex management

o Limited choice

o Proprietary hardware, vertically integrated


Private Cloud

SD-WAN Objectives

FULLY AUTOMATED

HIGH PERFORMANCE

SECURE

ON-DEMAND Connectivity between Users and to Apps in Private OR Public Clouds

CONSISTENT POLICY Framework for all use cases

HIGHLY DISTRIBUTED USERS

DYNAMIC & INTERACTIVE APPLICATIONS

Connecting Users to Applications

Public Cloud

Copyright 2016 Alcatel-Lucent. All rights reserved. 3/9/2016

9

CONNECT USERS TO PRIVATE CLOUD

Private Cloud

Private IP/MPLS

Internet

Private IP/MPLS

OVERLAY VPN ON PRIVATE OR PUBLIC NET

Internet

CONNECT USERS TO PUBLIC CLOUD

Internet

OFF-NET EXTENTION W/ VPN INTEROP

KEY USE CASES

Public Cloud


10

KEY Requirements – 1 of 2

CPE MUST Evolve From proprietary to

OPEN COTS Platform Must allow ability to

separate SW from HW Automated & secure

on-boarding

Separate OVERLAY from Underlay

To allow for ANY Transport : On-net or Internet

Internet reach

Interop w/ Existing IP/VPN

Allow Internet tails to be seamlessly connected

PE Interop across Service, Control & Management Planes

OVERLAY


11

KEY Requirements – 2 of 2

Private Cloud

Application Placement Flexibility to support

embedded or hosted Apps

In the DC or at Customer Prem

Service Chaining for VAS

On-ramp to Private & Public Cloud

On net or Internet Secure connectivity w/ Consistent Policy

End-to-End Visibility Overlay Underlay

Correlation

Public Cloud

AppApp

App


EndtoEndAutomatedSDNFramework

Does SD-WAN == vCPE?

• Separation of SW from HW • Same Operational Tools as

traditional HW CPEs • No Automated Bootstrapping

vCPE Software Appliance Runs on X86 COTS Platform

A GOOD FIRST STEP … But.. addresses HW consolidation but

doesn’t address SDN automation

✓ ✓ ✓ ✓ ✓



Does SD-WAN == WOC + Overlay?

• Application Aware • Optimal Path Selection • Transport independent • Proprietary Branch devices

vCPE Software Appliance Runs on X86 COTS Platform

Does next-gen WOC go far enough to deliver on the promise of SD-WAN?

...book ended solution w/ no interop..

OVERLAY +

✓ ✓


Does SD-WAN == Cloud based Management of cost Optimized Branch Routers

• Cloud based provisioning in a SaaS Model

• Automated Island • Transport independent

Does lower cost branch router w/ CMS deliver on the promise of SD-WAN?

+

✓



15


Key Elements to address ALL Requirements?


16

Site

Onboarding

User to

Application

Advanced

Security

Centralized

Control

• Trust model

• Secure bootstrapping

• Multi-factor

• No device pre-staging

• Transport technology

independence

• Open multi-form factors

• Appliance / VM

• Branch-2-Cloud

connectivity

• E2E application flow

management

• Embedded PKI

• Device X.509 cert

• Remote disconnect

• Advanced Encryption

• Aggressive re-keying

• Service Micro-segmentation

• Unified policy from

branch-to-Cloud

• Multi-tenanted solution

• Pull-model w/ declarative

policy

• Integrated UL/OL

Assurance

SD-WAN : Key Elements


Open-CPE

Separation of software from

hardware

SD-WAN : Key Elements

Interoperable

Multi-vendor inter-working at

every layer

Independent per-layer

federated scaling

Scale-out


18

THE BRANCH UNSHACKLED

CONTROL PLANE

BRANCH NETWORKING DEVICE

MGMT PLANE

FORWARDING PLANE

GENERAL PURPOSE COMPUTE

OPEN OS

Op

enFl

ow

SECURITY

TRAFFIC STEERING QoS

Open CPE

ETHERNET

PROPRIETARY HARDWARE

Today’s Closed CPE


19

CPE

ThinCPE

FatCPE

1

2

VS

OpenCPE: Fat v/s Thin

Resource Considerations Physical systems running Containers run only

one kernel per system Hypervisors run one kernel per virtual Machine

(plus one for the host) Flexibility & Performance

Containers can be started instantly like applications

VMs require OS restart + Application Management

Simpler and Faster Orchestration of Containers Lifecycle management of hypervisors

Copyright 2016 Alcatel-Lucent. All rights reserved. 20

Expand to include applications

Overlayofferstransportchoices

Policy-based control

IT-approachtonetworkservice

delivery

SD-WAN : The Complete Picture

L2

Tenant A

Tenant B

L2

L2

Mul pleTransportlinks Separa onofservice

fromtransport

Applica on-awarepathselec on

Site

Site

From Transport

Public Cloud

Private CloudApp

App


OpenCPE (X86 BRANCH ROUTER FOR CLOUD ERA) • Network service platform for branches • L2-L4 Switching and routing with advanced network functions • Physical or Virtual form-factors

POLICY & ANALYTICS • Network Policy Engine – abstracts complexity • Service templates and analytics

FEDERATED CONTROL • SDN Controller, programs the network • Rich routing feature set

VIRTUAL SWITCH • Distributed switch / router – L2-4 rules • Supports leading hypervisors and base metal assets

SDN TOOL SET

SDDC Feature Set SDWAN Feature Set

Unified SDN Layer : User to User AND User to Applications

Consistent Policy-Based Automation


Connecting Users to Applications THE Final Picture

Internet

Private IP/MPLS

FULLY AUTOMATED

HIGH PERFORMANCE

SECURE

ON-DEMAND Connectivity between Users and to Apps in Private OR Public Clouds

CONSISTENT POLICY Framework for all use cases

Private Cloud

Public Cloud

IT Aligned to Business Needs


3/9/2016

23

Thank You!

@nuagenetworks

@SunilSKhandekar

Unleashing SDN to Align Network Capabilities with Enterprise IT & DevOps Needs

Technology

Transcript of Unleashing SDN to Align Network Capabilities with Enterprise IT & DevOps Needs