Cisco SD-WAN and DNA-C

Similar documents
Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

Introduction to Cisco SD- WAN (Viptela)

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

Delivering Cisco Next Generation SD-WAN with Viptela

Enterprise Network Compute System (ENCS)

SD-WAN on Cisco IOS XE Routers: An End-to-End View

Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab

Serviceability of SD-WAN

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Secure Extensible Network. Solution and Technology Introduction

Cisco SD WAN for Service Providers

Fundamentals and Deployment of Cisco SD-WAN Duration: 3 Days (24 hours) Prerequisites

Implementing and Configuring Cisco SDWAN (ICSDWAN-CT)

CTO PoV: Enterprise Networks (Part 2) Security for IoT & Cloud

Simplify and automate your network with Cisco DNA

Delivering Enterprise SDN. Now. Simplify and Automate Your Network for Digital Transformation

Routing Underlay and NFV Automation with DNA Center

Next generation branch with SD-WAN and NFV

Cisco Virtual Managed Services

vedge Cloud Datasheet PRODUCT OVERVIEW DEPLOYMENT USE CASES EXTEND VIPTELA OVERLAY INTO PUBLIC CLOUD ENVIRONMENTS

Enterprise SD-WAN Financial Profile (Hybrid WAN, Segmentation, Quality of Service, Centralized Policies)

Cisco SD-WAN Application Acceleration

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

Simplify and Automate Your Network with Cisco DNA. Brink Sanders Managing Director, Software and Network Transformation 12 May 2017

CVP Enterprise Cisco SD-WAN Retail Profile (Hybrid WAN, Segmentation, Zone-Based Firewall, Quality of Service, and Centralized Policies)

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

SD-WAN Advanced Operations & Troubleshooting Bootcamp (SDWOTS)

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Live Demo: Top Deployed SD-WAN Use Cases

Cisco Integrated Services Virtual Router

Cisco Multicloud Portfolio: Cloud Connect

vbranch Introduction and Demo

Simplifying the Branch Network

Contrail SD-WAN Design & Architecture Guide

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Unity EdgeConnect SP SD-WAN Solution

SILVER PEAK EDGECONNECT SD-WAN SOLUTION OVERVIEW FOR SERVICE PROVIDERS

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

Networking in the Digital Era

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Huawei SD-WAN Solution

SD-WAN: Cloud onramp for SaaS Deployment Guide

Deploying Cisco SD-WAN on AWS

The vedge Cloud router targets the follow ing main deployment use cases: 1. Extend SD-WAN Overlay into Public Cloud Environments

VMWARE AND NETROUNDS ACTIVE ASSURANCE SOLUTION FOR COMMUNICATIONS SERVICE PROVIDERS

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Intelligent WAN : CVU update

Ciprian Stroe Senior Presales Consultant, CCIE# Cisco and/or its affiliates. All rights reserved.

Versa Software-Defined Solutions for Service Providers

SD-WAN / Hybrid WAN : Leveraging SDN-NFV for Networks Agility

SD-WAN 101. November 3 rd 2016 Rob McBride Marketing

Simplifying WAN Architecture

Benefits of SD-WAN to the Distributed Enterprise

SECURING THE MULTICLOUD

Ipanema SD-WAN Product Overview

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

NFV Infrastructure for Media Data Center Applications

IWAN APIC-EM Application Cisco Intelligent WAN

From Zero Touch Provisioning to Secure Business Intent

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Več kot SDN - SDA arhitektura v uporabniških omrežjih

Virtualized Network Services SDN solution for service providers

FUNDAMENTALS FOR RELOADED MPLS-VPN CONNECTIVITY

I D C T E C H N O L O G Y S P O T L I G H T. SD- W AN : M o m e n t u m B u i l d s as Early Ad o p t e r s

The Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

Prepare for Digital Network Architecture, NFV, and SDN with Cisco ONE Software

VeloCloud SD-WAN Subscription

METAFABRIC ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER

Virtualized Network Services SDN solution for enterprises

Delivering the Wireless Software-Defined Branch

Cisco Meraki Cloud Managed IT Solution Derrick Phua. May 12, 2017

JURUMANI MERAKI CLOUD MANAGED SECURITY & SD-WAN

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Mitigating Branch Office Risks with SD-WAN

Power Your Branch with Intelligent WAN

SD-WAN Deployment Guide (CVD)

SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT

Cisco Routing Software Subscription Offers

Cisco Digital Network Architecture Vision for Virtualization

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Advanced CSR Lab with High Availability and Transit VPC

ONBOARDING GUIDE GLOBALPROTECT CLOUD SERVICE FOR REMOTE NETWORKS

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Leveraging NSO for SD- WAN, SDA, and ENFV

Enterprise WAN Agility.

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

Cloud-Managed Security for Distributed Networks with Cisco Meraki MX

Cisco APIC-EM Components and Architecture, page 3. About the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), page 1

Borderless Networks. Tom Schepers, Director Systems Engineering

Evolution of connectivity in the era of cloud

SD-WANs and Lifecycle Service Orchestration (LSO) October Daniel Bar-Lev Director, Office of the CTO

Unity EdgeConnect SD-WAN Solution

Transcription:

Cisco SD-WAN and DNA-C

SD-WAN

Cisco SD-WAN Intent-based networking for the branch and WAN 4x Improved application experience Better user experience Deploy applications in minutes on any platform with consistent application performance 40% WAN opex savings Branch Greater agility Simplify the deployment and operation of your WAN and get faster performance using less bandwidth 3.24h Time to threat detection Advanced threat protection Securely connect your users to applications and protect your data from the WAN edge to the cloud

Cisco SD-WAN Solution Built on Cisco DNA Cloud managed and controlled fabric Transport Independence Application quality of experience Control Management Analytics Internet MPLS 4G LTE End-point flexibility (Physical or Virtual) Data Center Campus Integrated Security Branch Public Cloud

Intent-based networking for the branch and WAN Transport independence Centralized cloud managed fabric Intent Learning Context Application quality of experience End-point flexibility Security Integrated security

Comprehensive threat protection Integrated security Router IPSec Tunnel VPN 1 VPN VPN 3 2 VPN 3 Cloud Data Center VPN 4 Cloud Security Meet industry compliance with end-to-end segmentation Internet MPLS Corporate Data Center Reduce attack surface with cloud and on-prem security Talos threat intelligence protects all users devices Small Office Home Office Campus 4G/LTE Branch

Simplify migration to the cloud Application quality of experience Cloud Providers Cloud Applications Secure branch to cloud connectivity protects data in motion Agile workflows simplifies extending the enterprise to IaaS or SaaS Analytics determines the optimal path for the best application experience Small Office Home Office Secure SD-WAN Fabric Data Center Branch Campus IaaS/SaaS

Optimize the user experience Analytics and assurance Visibility of applications and infrastructure across the WAN Forecasting and what-if analysis Intelligent recommendations Viptela vanalytics

Deploy branches faster at lower cost Transport independence Private Cloud MPLS 3G/4G-LTE Colocation Branch Internet Leverage internet for public cloud and Internet access Public Cloud Secure VPN overlay for private and virtual public cloud access Seamless extension to the cloud enables business policy to follow workloads

Reduce complexity for remote sites Single rich services branch platform SD-WAN Unified Communications Easy to deploy and manage services on-demand Cloud Based Security Branch On-demand physical and virtual form factors Best of breed trusted network services Application hosting Application Optimization

Meet Cisco SD-WAN

Cisco SD-WAN Solution Overview Applying SDN Principles Onto The Wide Area Network vbond vmanage APIs 3 rd Party Automation Management/ Orchestration Plane vanalytics vsmart Controllers Control Plane MPLS INET 4G vedge Routers Data Plane Cloud Data Center Campus Branch CoLo

Cisco SD-WAN Solution Roles and Responsibilities Orchestration Plane First point of authentication Distributes list of vsmarts/ vmanage to all vedge routers Facilitates NAT traversal Data Plane Physical of virtual Zero Touch Provisioning Establishes secure fabric Implements data plane policies Exports performance statistics vanalytics vbond MPLS vmanage vsmart Controllers INET 4G APIs 3 rd Party Automation Single pane of glass for Day0, Day1 and Day2 operations Multitenant or single-tenant Centralized provisioning, troubleshooting and monitoring RBAC and APIs Dissimilates control plane information between vedges Distributes data plane policies Implements control plane policies vedge Routers Management Plane Control Plane Cloud Data Center Campus Branch CoLo Most Comprehensive SD-WAN Solution in the Market

Understanding Control and Data Plane

Overlay Routing System IP: 1.1.1.53 System IP: 1.1.1.54 vsmart vsmart MPLS INET OMP peering establishes between vedge routers and vsmart Controllers and between vsmart Controllers Between System IPs Over TLS/DTLS connections Dramatic control plane complexity reduction SD-WAN Traditional IPSec networks IKE+IPSec IKE+IPSec IKE+IPSec System IP: 1.1.1.1 OMP OMP IKE+IPSec IKE+IPSec IPSec IPSec vedge DTLS/TLS Linear Control Plane Complexity O(n) IKE+IPSec Quadratic Control Plane Complexity O(n^2) Intelligent Fabric Routing

OMP Route Types and Prominent Attributes OMP Routes TLOC Label VPN-ID Tag Preference Origin Protocol Origin Metric Service Side MPLS vsmart INET vedge Connected Static Dynamic (OSPF/BGP) TLOC Routes TLOCs Site-ID System-IP Encap-Auth Public IP/Port Private IP/Port Tag Preference Weight L4-L7 Node Ultimate Flexibility and Control over Fabric Behavior Service Routes Network Service VPN-ID Service-ID Label TLOC

Data Plane Establishment TLOCs vsmart vsmarts advertise TLOCs to vedges in OMP TLOC routes SD-WAN Fabric with TLOCs as tunnel endpoints vedge TLOCs advertised to vsmarts in OMP TLOC routes IPSec IPSec IPSec vedge MPLS INET vedge Local TLOCs (System IP, Color, Encap Pub IP/Port, Priv IP/Port) BFD for quality and liveliness detection vedge vedge Transport Locator (TLOC) OMP IPSec Tunnel Flexible Data Plane

Common Data Plane Communication Per-Session Loadsharing Active/Active Per-Session Weighted Active/Active Application Pinning Active/Standby Application Aware Routing SLA Compliant MPLS INET MPLS INET MPLS INET MPLS INET SLA SLA Default Device Configurable Policy Enforced Policy Enforced Ultimate Control over Application Traffic Forwarding

Segmentation, AppQoE and Cloud onramp

End-to-End Segmentation with Multi-Topology Single Tunnel vsmart Route Tables B A C A C B Full Mesh Hub and Spoke vedge Router vedge Router IP UDP ESP LBL Original Packet Partial Mesh Point to Point Segment connectivity across fabric w/o reliance on underlay transport vedge routers maintain per-vpn routing table for complete control plane separation Resource Compartmentalization, Compliance and Attack Surface Reduction

Application Quality of Experience Queuing Rate Tokens Token Bucket vedge Conforming Default Behavior Marking Ingress Interface Q0 Q1 Q2 Q7 Egress Interface Ingress Interface Egress Interface Ingress Interface DSCP Copy DSCP Egress Interface DSCP Classification Queuing Shaping/Policing Queuing Modify with ACL/Data Policy Modify with re-write rules Deep Packet Inspection App 1 Visibility Internet SLA Routing App 2 MPLS App 3,000 Remote Site 4G/LTE Data Center Delivering Better Application Quality of Experience

Cloud onramp for SaaS and IaaS SaaS Applications Host VPCs/VNETs Regional Hub Cloud Data Center Gateway VPC/VNET Remote Site SD-WAN Fabric Campus Remote Site SD-WAN Fabric Campus Quality Probing (HTTP) Standard IPSec Versatile Cloud Adoption

Viptela Architecture Simplified Management Single Pane Of Glass Rich Analytics & Monitoring

Deploy rich services across on any platform End-point flexibility Branch virtualization Public Cloud ENCS 5100 ENCS 5400 Up to 250Mbps 250Mbps 2GB SD-WAN Branch Services vedge 100 vedge 1000 vedge 2000 ISR 1000 ISR 4000 ASR 1000 100 Mbps 4G LTE & Wireless Up to 1 Gbps Fixed 10 Gbps Modular 200 Mbps Next-gen connectivity Performance flexibility Up to 2 Gbps Modular Integrated service containers Compute with UCS E 2.5-200Gbps High-performance service w/hardware assist Hardware & software redundancy

Enterprise NFV

Introducing Cisco Enterprise NFV Network Services in Minutes, on Any Platform Cisco DNA Center/ Network Service Orchestrator/ Virtual Managed Services Virtual Router (ISRv,CSR,vEdge) Virtual Firewall (ASAv, NGFWv) Virtual WAN Optimization (vwaas) Virtual Wireless LAN Controller (ewlc) Third-Party VNFs Network Functions Virtualization Infrastructure Software (NFVIS) Cisco 4000 Series ISR + UCS E-Series Enterprise Network Compute System (ENCS) Cisco UCS C-Series / CSP-2100

Purpose built Network Hypervisor Enterprise NFV Infrastructure Software (NFVIS) REFERENCE Network Hypervisor Zero-Touch Deployment Monitoring Supports segmentation of virtual networks Abstract CPU, memory, and storage resources Automatic connection to PnP server Highly secure connection to the orchestration system Easy day-0 provisioning Netconf Notification Host and VM Statistics Packet Capture Lifecycle Management Service Chaining Open API Provisioning and launch of VNFs Failure and recovery monitoring Stop and restart services Dynamically add and remove services Elastic service insertion Multiple independent service paths based on applications or user profiles Programmable API for service orchestration Rest and NETCONF API

Current ENCS Portfolio Best of Routing & Compute Complete Virtualized Services Open for Third Party Services and Apps Enterprise Network Compute System AN W SD ENCS 5100 Series ENCS 5400 Series software NFVIS-BR ENCS 5104 4-Core CPU PoE Capacity Guidance 4-core, 3.4 GHz ENCS 5406 6-Core 6-core, 1.9GHz ENCS 5412 12-Core ENCS 5408 8-Core 8-core, 2.0GHz 12-core, 1.5GHz No No 200W 200W ISRv + 1 VNF ISRv + 2 VNFs ISRv + 3 VNFs ISRv + 5 VNFs R Y D EA

Shipping Now Roadmap ENCS 5400 Series Integrated Power Supply 16-64 GB DRAM 8 Integrated LAN Ports with Optional POE Hardware Acceleration for VM Traffic 6, 8, or 12-Core Intel Xeon-D Dedicated Board Management Controller USB 3.0 Storage Optional Hardware RAID Controller Network Interface Module for LTE & legacy WAN 2 Onboard Gigabit Ethernet ports with SFP Internal M.2 Storage 2 HDD or SSD RAID 0 & 1 Optional Hardware Crypto Module

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback