Transcription
nil.com 2017 NIL, Security Tag: INTERNAL 2017 NIL, Security Tag: PUBLIC1
Implementing NFV: From Idea to Practice 2017 NIL, Security Tag: INTERNAL2
Overview What is NFV?Why should I care?If I do care, how should I go about making it happen?What should I watch out for?NFV example – Using Cisco NSO to orchestrate NFV end to end 2017 NIL, Security Tag: INTERNAL3
What is NFV?VMNFV Virtual Network Appliances 2017 NIL, Security Tag: INTERNAL4
Why Should I Care?Because there be business benefits 2017 NIL, Security Tag: INTERNAL5
If I Do Care, How Should I Go AboutMaking It Happen?Create an NFV SolutionOperate an NFV Solution 2017 NIL, Security Tag: INTERNAL6
What is NFV?Take 2VM 2017 NIL, Security Tag: INTERNAL7
What is NFV?Take 2VM 2017 NIL, Security Tag: INTERNAL8
What is NFV?Take 2Cloud ServiceOn Premise 2017 NIL, Security Tag: INTERNALVM9
What is NFV?Take 2Cloud ServiceOn Premise 2017 NIL, Security Tag: INTERNALVMEverything should beautomatedAutomation10
What is NFV?Take 2Self-Care PortalCloud ServiceOn PremiseVMSimple user interfaces asfront-end to automationAutomationOperators’ Portal 2017 NIL, Security Tag: INTERNAL11
What is NFV?Take 2Self-Care PortalCloud ServiceOn PremiseVMExisting Support SystemAnd Many New SystemsAutomationCRM BillingRMSOperators’ Portal 2017 NIL, Security Tag: INTERNALEMSMonitoringSystems12
NFV Components OverviewEnd-to-End OrchestrationEnterprise Zero-TouchProvisioning Self-serviceSP NetworkSP DCorvXInternetvEnterprise Self-service AutomationSubscriber Zero-TouchProvisioning Self-service 2017 NIL, Security Tag: INTERNALvSubscriber L2 MPLS VPN L3 MPLS VPN IPsec VPNs QoS Multicast .vCPE Self-service Automation AutomationVNFs and more: IPv4 and/or IPv6 forInternet access Network Firewall Web Firewall Email Firewall Load Balancer Deep Packet Inspection(QoS) Bandwidth on Demand Remote Access VPN (IPsecor SSL) Site-to-Site IPsec VPN NAT DHCP server VoIP gateway Web Server NAS (storage) Backup server .13
Sample NFV ServiceInternet AccessDCVMMPLS VPNSP NetworkCPE 2017 NIL, Security Tag: INTERNALL2vPEInternetRTRInternetGateway14
Sample NFV ServiceInternet AccessDCVMMPLS VPNSP NetworkCPEL2vPEInternetRTRInternetGatewayDynamic creation and configuration of all components 2017 NIL, Security Tag: INTERNAL15
Sample NFV ServiceSecure Internet AccessDCVMMPLS VPN, IPsec, L2TPv3, SP NetworkCPE 2017 NIL, Security Tag: INTERNALVML2vPEInternetRTRInternetGateway16
Sample NFV ServiceSecure Internet AccessDCVMMPLS VPN, IPsec, L2TPv3, SP NetworkCPEVML2vPEInternetRTRInternetGatewayDynamic insertion and configuration of newcomponents and reconfiguration of existingcomponents 2017 NIL, Security Tag: INTERNAL17
Sample NFV ServiceSecure Internet Access DCRemote AccessVMMPLS VPN, IPsec, L2TPv3, SP NetworkCPE 2017 NIL, Security Tag: INTERNALVML2vPEInternetRTRInternetGateway18
Sample NFV ServiceSecure Internet Access DCRemote AccessVMMPLS VPN, IPsec, L2TPv3, SP NetworkCPEVML2vPEInternetRTRInternetGatewayDynamic reconfigurationof existing components 2017 NIL, Security Tag: INTERNAL19
Don’t WorryThere’s an NFV For Dummies Book No really, there are a lot of resources out there There’s also standardization – ETSI NFV MANO 2017 NIL, Security Tag: INTERNAL20
How To Build an NFV Solution ETSI NFV MANO aims tostandardize the architecture andinterfaces for Vnfm-ViNf-ViVIMInfrastructure 2017 NIL, Security Tag: INTERNAL21
How To Build an NFV Solution A slightly more accurateview of the ETSI NFVMANO architecture andinterfaces 2017 NIL, Security Tag: INTERNAL22
What Do I Need To Build an NFV Solution? Physical infrastructure:servers, storage, DCnetwork Hypervisor Infrastructure managementproductNetwork VNFs Some VNFs requireadditional EMS Magic glue to bind allcomponents together intoa decent NFV solution 2017 NIL, Security Tag: INTERNALCompute StorageNFVOOr-VnfmvFWvCPEvIPSvWSA 23
Caveat Emptor Everybody claims ETSI NFV MANO compliance Every NFV management product is really a rebrandedlegacy product with some adjustment for NFV MANO All integrations are custom, require time and thoroughtesting Not all products support multitenancy Not all virtual appliances are virtualization-friendly Hypervisors were not originally designed for NFV (basicfunctionality tweaking, performance tuning) 2017 NIL, Security Tag: INTERNAL24
Main NFV Design Goals Adding a new service or modifying an existing servicesshould not be rocket science Troubleshooting capabilities and tools should be available Re-instantiating a service instance should be available andsimple Scaling of physical resources should be simple 2017 NIL, Security Tag: INTERNAL25
Sample Solution Using Cisco NSOOSS/BSS, WebPortal, Cisco NSO: Service modeling using YANG NETCONF for reliablemanagement of elements NFVO service package for ETSIMANO compliance Network Element Drivers (NEDs)for VNFs of many vendors Automatically exposes servicemodel northbound (via REST,NETCONF, CLI) Cisco ESC: Manages VNF lifecycle Provides day-0 configuration toVNFs Uses NETCONF 2017 NIL, Security Tag: INTERNALREST, REST, NETCONFCLICLI or NETCONFCisco NSO(NFVO)REST, NETCONFvFWvCPEvIPSvWSA vESAvSLBInfrastructureCisco ESC(VNFM)OpenStack orVMware(VIM)26
Sample Stack(Cisco and/or VMware)OSS/BSSCustom Self-CarePortalOtherOrchestratorsCisco NSOVMware vRealizeOpenStackVNF Managers& ControllersCisco ESCVMware NSXOtherCisco UCS, ACIVMware NSX, VCOpenStackOtherCisco ACIVMware NSXCisco vityNetworkDevices 2017 NIL, Security Tag: INTERNALPhysical DevicesAVS VTF OVSDVSvFWvCPEvSLBOthervIPSvWSA vESAVirtual Devices27
Summary Get the design right or else Do not believe vendors’ marketing claims Aim not only for management and self-service simplicity, butalso for maintenance simplicity as much as possibleEverything should be made assimple as possible, but no simpler 2017 NIL, Security Tag: INTERNAL28
Q?nil.com 2017 NIL, Security Tag: INTERNAL29
Every NFV management product is really a rebranded legacy product with some adjustment for NFV MANO All integrations are custom, require time and thorough testing Not all products support multitenancy Not all virtual appliances are virtualization-friendly Hypervisors were not originally designed for NFV (basic