Transcription
VMware SD-WAN byVeloCloudScott MacDonaldDeputy Director Infrastructure ServicesCA Department of Technology, OTSDwayne SinclairSenior Manager, Systems EngineeringState, Education, Local GovernmentVMwareConfidential 2019 VMware, Inc.
Why SD-WAN and WhyNow?Confidential 2019 VMware, Inc.2
Evolving Network RequirementsCustomer RequirementsAdaptability:Network must adjust and respond dynamically, based onapplication needs business policy and network conditionsAutomationPolicy changes must be automatically propagated so thatmanual work and errors are minimizedMaintainabilityThe deployment of new features and capabilities (upgrades,patches) must be seamless with minimal disruption ofoperationsIntegrated SecurityNetwork applications must integrate seamless security as acore service instead of an add-on solutionFlexible Administration ModelsVendor Managed, CDT Managed and/or Customer ManagedTransport Independence (telco agnostic)Low Co t3Confidential 2019 VMware, Inc.
What is SD-WAN?Confidential 2019 VMware, Inc.4
SD-WAN Starts with a VeloCloud Edge Confidential 2019 VMware, Inc.5
Edge is SoftwareVMware SD-WAN Edge by VeloCloudThree Deployment OptionsOption 1Option 2Option 3Edge software pre-installed “baremetal” on VeloCloud hardwareVirtual Edge installed on ESXior KVMESXi license not includedVirtual Edge installed in AWS or AzureVeloCloud 510 to 3800- Dell VEP4600 uCPEcertifiedRoadmapRoadmapNext-generationhardware from DellDell VXRAILOn marketplace, BYOLIaaS fees not includedRoadmapIBM CloudGoogle CloudVMware Cloud on AWSConfidential 2019 VMware, Inc.6
VeloCloud Orchestrator All-In-One OrchestrationMulti-tenant managed IT portal * Enterprise wide * Site drill down: link and usage discoveryCLIConfidential 2019 VMware, Inc. Zero-touch provisioning Group business-level policies Automatic link profiling7
Solution ComponentsVMware SD-WAN EdgeFlexibility in deployment Purpose-built hardware Virtual Edge for cloud or white box Services platform for VNFVirtual EdgeFor branch,datacenter & cloudVMware SD-WAN Orchestrator and ControllersMulti-tenant cloudbased management,configuration, andmonitoring portalVMware or SPhosted, andon-premises atenterpriseBusinesspolicyabstractionAPIsEnables fastdeployment,zero-touchoperationsVMware SD-WAN GatewaysOptimized cloudon-ramp to thedoorstep of SaaS/ IaaSConfidential 2019 VMware, Inc.Fully managedand operated byVMware and SPsMulti-tenantStrategic worldwide locations,top-tier networkPoPs8
VMware SD-WAN by VeloCloud BenefitsSoftware Defined WAN OverlayVMware SD-WAN OrchestratorCloudGatewaysBranchEdgesPrivate /MPLS3G/4G LTESaaS / IaaSSD-WANOverlayInternet BroadbandDatacenterEdgesSimplified WANManagementZero-touch deployments,simplified operations, oneclick service insertionConfidential 2019 VMware, Inc.Assured ApplicationPerformanceTransport independentperformance for the mostdemanding apps,leverages economicalbandwidthManaged On-rampto the CloudDirect cloud access withperformance, reliabilityand security9
VMware Named as a Leaderin the Gartner Magic Quadrant forWAN Edge InfrastructureVMware SD-WAN byVeloCloudPositioned Furthest on Completeness ofVisionLeader in the Ability to ExecuteSource: Gartner, Inc., Magic Quadrant for Enterprise Mobility Management Suites, October 10, 2018.This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from VMware.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed asstatements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.Confidential 2019 VMware, Inc.‹#›10
Business BenefitsApplicationPerformance &Reliabilityq Optimal customerexperienceq Reliable uptimeAgile RolloutsLower CostSimplified Securityq Broadband & LTEq Economicalq Enables businessq Zero touchbandwidthq Lower IT costsq Minimizes riskdeploymentsq Flexibleq Efficient usageq Reducedcompliance effortsconfigurationsq Cloud and legacyappsConfidential 2019 VMware, Inc.11
Where is SD-WAN Used?Confidential 2019 VMware, Inc.12
Deploy multiple linksImprove applicationperformanceMyriad of SD-WAN UseCasesAccess cloud datacenters andSaaSSimplify branchdeploymentGlobal, Managed WANEnhanced securityConfidential 2019 VMware, Inc.‹#›13
Dynamic Multi-Path Optimization in Action“Assured application performance over any type of link”Excellent voice quality!VMware SD-WAN EnhancementsContinuous Link Monitoring Drives automation and optimizationDynamic Per Packet SteeringMPLS Sub-second steering without session drops Aggregated bandwidth for single flowsComcast CableOn Demand RemediationConfidential 2019 VMware, Inc. Protects against concurrent degradation Enables single link performance14
SD-WAN Solution – SaaS/Data Performance10x faster response timeDual 20Mbps Links / 50 MB Box File TransferNo Loss2% Packet LossConfidential 2019 VMware, Inc.Without VMware SDWAN by VeloCloudVMware SD-WANby VeloCloud22 sec12 sec134 sec13 sec16
Securing SD-WANConfidential 2019 VMware, Inc.17
Branch to Data CenterRoadmapEnd to end services, analytics and policySD-WANanalyticsVeloCloud Orchestrator and ControllerData CenterNSX routingdomain omationvia APIVMware vRealizeNetwork Insight& EcosystemNSX Manager- Security policiesHRIS PayrollBranch 1NSX routingdomain 10.2.0.0/24CRMBranch 2VeloCloudEdge / GatewayAnalystNSX routingdomain PCISegment-aware topologyIsolation & overlapping 4Simple enterprise-widesegment creationPCI NetworkRetail 1Confidential 2019 VMware, Inc.VMware NSXVMware ESXiSegment-aware policiesOn-premises and cloud18
Multi-Segment CPE SoftwareStore-in-Store / Multiple Security Segments Per segment QoS and Dynamic MultipathOptimization Overlay Bandwidth CapSegment ASegment BSegment CPer Segment QoS and DMPOConfidential 2019 VMware, Inc.19
Deploying SD-WANConfidential 2019 VMware, Inc.20
Outcome Driven NetworkingAbstractionand AutomationContextualImplementationSelf-Learning& AdaptationBusiness OutcomesAssured Application PerformanceSimple and Secure VPNOutcome-DrivenSegmentationIntelligent RoutingDistributed ServiceInsertionZero-Touch OperationsConfidential 2019 VMware, Inc.21
Incremental and Interoperable SD-WAN RolloutsVMware SD-WAN by VeloCloud OrchestratorReplaceVMware SD-WANEdge by VeloCloudVMware SD-WAN by VeloCloud ControllersOSPF, BGPBGPRoute Learning andDistributionVMware SD-WANEdge by VeloCloudOSPF, BGPInternetVMware SD-WAN byVeloCloub Hub ClusterCo-existOSPF, BGPMPLSLegacy Cloud or on-premises orchestrator and controllers Controller functions: route reflector, VPN control,link measurementsConfidential 2019 VMware, Inc.22
Branch Deployment OptionsCo-exist (L2)CECo-exist (L3)E-BGPE-BGP/OSPFMPLSE-BGPE-BGPMPLSMPLSL2/3 SWVRRPL2 SWCPE ReplacementL3 SWE-BGP/OSPFInternet Use VRRP to make VCE thedefault gateway when is it up Provide failover/redundancywith existing CEConfidential 2019 VMware, Inc.Internet Use routing protocol (OSPF orBGP) to direct traffic to the VCEwhen it is up Provide failover/redundancywith existing CEInternet VCE is the default gateway for thebranch traffic Deploy VCE in HA pair to meetthe redundancy/availabilityrequirement23
Wrap UpConfidential 2019 VMware, Inc.24
ROI of SD-WANWAN SimplificationAssured ApplicationPerformanceü Zero IT touch deploymentoReduce on-site IT visits, accelerate deploymentü Outcome driven policiesoMinimize configuration and troubleshooting timeü Remote management, visibilityand troubleshootingoEnables use of optimal ISP by siteü Transport independentperformanceoIncrease utilization of circuitsoEliminate redundant / dedicated circuitsü Sub-second brownout protectionvia mid flow steering &remediationoEnables use of economical broadbandoSavings with “over the top” services eg VOIPoReduced capex and opex for access to SaaS andhybrid cloudoReduced redundancy & disaster recovery costsü VNF ready SD-WAN platformoFewer truck rolls and capexü SD-WAN as VNF for vCPEsoReduced hardware warranty and sparesü Distributed services insertionoEliminate per branch security expensesü Automatic segmentation, VPNoReduced audit & compliance expensesü Distributed cloud gateways-as-aserviceArchitecture for the CloudFlexible Services PlatformROI OpportunitiesKey Featuresü Virtual Edges for public cloudConfidential 2019 VMware, Inc.25
Subscription service basedupon 12 or 36 monthcommitments24/7 monitoring and supportDepartment of TechnologySD-WAN ServicesArchitectural design and supportBranch deployment servicesService available throughCDT’s Service RequestprocessIntegration with CDT SecurityOperations Center with 24/7monitoringConfidential 2019 VMware, Inc.‹#›26
Questions?Confidential 2019 VMware, Inc.
Dynamic Multi-Path Optimization in Action "Assured application performance over any type of link" VMware SD-WAN Enhancements MPLS Comcast Cable Excellent voice quality! Sub-second steering without session drops Aggregated bandwidth for single flows Drives automation and optimization Continuous Link Monitoring Dynamic Per Packet .
