FUNDAMENTALS FOR RELOADED MPLS-VPN CONNECTIVITY

Similar documents
Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

SECURING THE MULTICLOUD

Extending Enterprise Security to Multicloud and Public Cloud

Contrail SD-WAN Design & Architecture Guide

Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper

INTERCONNECTING MULTICLOUD WITH VMX

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

Benefits of SD-WAN to the Distributed Enterprise

Cisco SD-WAN and DNA-C

Stop Threats Faster. Vaishali Ghiya & Dwann Hall Juniper Networks

Simplifying the Branch Network

JN0-210.juniper. Number: JN0-210 Passing Score: 800 Time Limit: 120 min.

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Mitigating Branch Office Risks with SD-WAN

Software Defined Broadband Networks. Jon Mischel Director, Product Management

SD-WAN orchestrated by Amdocs

Versa Software-Defined Solutions for Service Providers

Routing Applications State of the Art and Disruptions

Where is the Network Edge? MEC Deployment Options, Business Case & SDN Considerations

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

Overview of the Juniper Networks Mobile Cloud Architecture

THE MPLS JOURNEY FROM CONNECTIVITY TO FULL SERVICE NETWORKS. Sangeeta Anand Vice President Product Management Cisco Systems.

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

ANIKET DAPTARI & RANJINI RAJENDRAN CONTRAIL TEAM

Transform your network and your customer experience. Introducing SD-WAN Concierge

Remote Access VPN Helping enterprise businesses implement strong authentication for their remote workforce

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Build a Software-Defined Network to Defend your Business

SD-WANs and Lifecycle Service Orchestration (LSO) October Daniel Bar-Lev Director, Office of the CTO

Cloud Controlled Network for Service Providers

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Introduction. Hardware and Software. Report Overview

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

The Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems

SILVER PEAK EDGECONNECT SD-WAN SOLUTION OVERVIEW FOR SERVICE PROVIDERS

Service Automation Made Easy

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Evolution of connectivity in the era of cloud

SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES

Enterprise WAN Agility.

Distributed Data Centers within the Juniper Networks Mobile Cloud Architecture. White Paper

Colt Novitas: Bringing SDN & NFV in Production. Javier Benitez, Strategy & Architecture,

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Resilient WAN and Security for Distributed Networks with Cisco Meraki MX

Contrail Service Orchestration Release Notes

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Transform your network and your customer experience. Introducing SD-WAN Concierge

Leverage SDN Principles in LTE to Meet Future Network Demands

SD-WAN Solution How to Make the Best Choice for Your Business

Automated Control and Orchestration within the Juniper Networks Mobile Cloud Architecture. White Paper

Cato Networks. Network Security as a Service

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

STARTERS ORDERS: SD-WAN ROADMAP

How Smart Networks are changing the Corporate WAN

We re ready. Are you?

Simplifying WAN Architecture

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Distributed Data Centers Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

EdgeConnectSP The Premier SD-WAN Solution

MASERGY S MANAGED SD-WAN

Delivering the Wireless Software-Defined Branch

SECURE HYBRID CLOUD Solution

Hardware Accelera+on in an SDN/NFV World: MRV POC with Charter Communica+ons

SD-WAN Tutorial: Service Components, Functionality, MEF Reference Architecture and Use Cases

Contrail Service Orchestration Release Notes

Secure Extensible Network. Solution and Technology Introduction

Cloud-Enable Your District s Network For Digital Learning

From Zero Touch Provisioning to Secure Business Intent

Huawei SD-WAN Solution

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Winning Together in Service Provider. Neil Dunham // Director, Sales

Zero Trust Security with Software-Defined Secure Networks

NETWORK VIRTUALIZATION THE STORY OF SDN/NFV, NUAGE, DATACENTERS, VCPE

SD-WAN Managed Service Use Cases, Challenges and MEF standardization work

Digital Transformation

SD-WANs and Lifecycle Service Orchestra8on (LSO) Pascal Menezes CTO, MEF

Network Edge Innovation With Virtual Routing

SD-WAN / Hybrid WAN : Leveraging SDN-NFV for Networks Agility

Next generation branch with SD-WAN and NFV

Hybrid Network present & future

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

Deploying & Orchestrating ECI s Mercury ucpe on Advantech White Boxes

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab

Improve application deployment by 400% with your own private cloud

Cloud CPE Solution Release Notes

Policy Enforcer. Product Description. Data Sheet. Product Overview

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Peering as a Cloud enabler for Enterprises

MEF's Lifecycle Service Orchestration (LSO): Multi-operator Service Delivery from Months to Minutes..

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer

Vodafone keynote. How smart networks are changing the corporate WAN. Peter Terry Brown Director of Connectivity & UC.

Software-Defined WAN Does Not Grow on WAN Alone

CONTRAIL SECURITY. Contrail Cloud Networking & Security

Transcription:

FUNDAMENTALS FOR RELOADED MPLS-VPN CONNECTIVITY Tony Sarathchandra Director, Product Management Dec 12 th, 2017

This statement of direction sets forth Juniper Networks current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation. This presentation contains proprietary roadmap information and should not be discussed or shared without a signed non-disclosure agreement (NDA).

Agenda MPLS-VPN Service Evolution SD-WAN Solution Overview Demo (<10m) Q&A

Evolution of Business Connectivity Services VPN gateway VPN gateway 1990s 2000s mid-2000 mid-2010 2020+ Leased Lines & Frame Relay IP/MPLS VPN with L2/L3 services Hybrid WAN & IPSec VPN SD-WAN with services Cloud Connect VNF Internet virtual private cloud VNF virtual private cloud AWS cloud

USD (Billions) USD (Billions) MPLS Challenges & SD-WAN Opportunities 10 9 8 7 6 MPLS Revenue (Developed Markets) 2013 2014 2015 2016 2017 2018 2019 2020 5% decline in North America 12% decline in Western Europe Global Revenue growth for MPLS is declining Price erosion for MPLS means Europe starts to see negative growth rates for MPLS VPN revenues by 2016, with North America following suit by 2018 North America Western Europe 6 4 SD-WAN Market Size 93% CAGR By 2020, SD-WAN market size is projected to grow to $6B with a CAGR of 93% 2 0 2015 2016 2017 2018 2019 2020 Sources: OVUM: IP VPN Services Market Forecast IDC: Cloud and Drive for WAN Efficiencies Power Move to SD-WAN

What are Enterprise WAN Challenges? Top 3 WAN Challenges 38% Security 33% SaaS / Cloud Services 32% Managing Branch Connectivity 7% Currently use SD-WAN 63% Plan to adopt SD-WAN in next 18 months Source: IDC WW SD-WAN Survey Special Report, July 2016

What do Enterprises want? The enterprise application mix is fast leaning towards cloud based applications WAN transformation is inevitable for enterprises seeking to optimize for these applications SD-WAN Deployment Scenarios: Internet VPN Access Support for SaaS and public cloud Optimized SaaS/Cloud Offload 31% 32% 57% 34% Ability to use multiple WAN providers 32% Increase reliability of existing WAN Top 3 drivers for SD-WAN 29% Site connectivity to cloud providers Source: IDC WW SD-WAN Survey Special Report, July 2016

IP/MPLS VPNs Evolution with SD-WAN PMO with IP/MPLS VPN Services FMO with SD-WAN Services Managed Secure SD-WAN Enabled Edge Branch MPLS Branch MPLS HQ HQ Branch Optional Direct Connect Branch Optional Direct Connect Internet Internet Remote Office Cloud-based applications Remote Office Cloud-based applications Remote Access via IPSec Remote Access via IPSec

End to End SD-WAN with Transport Independence Intelligent Branch SD-WAN framework allows implementation of more intelligence/logic in software rather than in hardware, enabling increased flexibility and automation Analytics and Deep Application Inspection Application-based SLAs Centralized Policy Management Branch Office Remote Office Orch + Controller: Policy-based routing defines how network traffic is prioritized and routed IP/MPLS Broadband Analytics provide visibility into WAN performance & informs routing improvements Enterprise Data Center Cloud-based applications Secure and Managed VPN Campus/Corp Office CPEs: Devices enforce routing policy & enable easy deployment & management 4G/LTE Non-critical applications

Branch Consolidation & Evolution to SD-WAN Bring Agility and Enhanced Customer Experience Utilizing Cloud Technology Legacy Branch (PMO) Future Branch (FMO) with D-NFV WAN Optimization Router VIRTUALIZED SERVICE SD-WAN VNFs Other VNFs NG Firewall UTM Firewall WLAN Controller CPE Platforms Switch Services Applications Expensive, complex all-in-one box or many vendor inline boxes and cumbersome refresh Simple, customizable and instantaneous refresh

Juniper SD-WAN Differentiation Integrated NG Security CPE Portfolio Breadth On-prem or Cloud Multi-tenancy Native IP/VPN Integration MANO UTM, IPS, Sky ATP, Unified Policy, SDSN Fixed and Virtualized CPE appliances Management & Orchestration, VNF Orchestration Reduce CAPEX with Existing PE infrastructure

Juniper SD-WAN Solution Components Service Orchestration Contrail Service Orchestration (CSO) - Connectivity inc. service chaining - Security Service Orchestration (MANO) Network Service Controller (NSC) Virtual Network Functions inc. Service chaining vsrx and vmx and Third Party VNFs Universal CPEs / Branch CPE / Soft CPE Devices VNFs Telco MPLS, LL, VNFs Cust VPN NFX SRX Branch Soft NFX Internet VNFs Public Cloud Physical / Vitual SD-WAN Hubs and Gateways MX & SRX Series / vsrx

SD-WAN with Integrated Security Secure SD-WAN Building Blocks Application Awareness Deep Packet Inspection (DPI), App-ID and Meta-Data, 3000+ App Signatures User Awareness Integration with Microsoft Active Directory/LDAP* Overlays, IPSec/GRE Application and Subscriber-Aware Performance Monitoring and Analytics RPM, IP monitoring, BFD, Ethernet OAM, J-Flow v5 v8 v9, TWAMP Application Based Routing Stateful: Performance monitoring results, App-ID, User-ID* Full Routing Stack Routing Protocols (BGP, IS-IS, OSPF, RIP, Static) Full Security Stack Firewall, IDP, UTM, ATP, Anti-virus, Anti-spam, Web/Content Filtering 4Gb/s (2 vcpu, 4GB) vsrx NFX Series VNF 3 rd Party Optimized for small footprint MPLS Internet * Roadmap

Flexibility and Scale SD-WAN CPE Product Portfolio Shipping SOPD Investigation CSO/NSC Automation, SD WAN & Security SRX300 SRX320 SRX340 SRX345 VNF vsrx Open VNF Platform NFX250 S2 NFX250 S1 VNF vsrx NFX350 vsrx VNF Soft NFX NFX150 NFX250 LS1 Small Appliance Custom PFE 0.5-2.0 Gbps router Crypto acceleration Integrated Appliance/ No virtualization VDSL, LTE Junos Generic CPE/Server Whitebox CPE / Server 4 Gbps router (2vCPUs), up to 20Gbps Router (10vCPUs) Small Server Medium Server Large Server ATOM 4C/8C 2-4 VNFs Crypto acceleration Expansion slot / LTE Server Performance Xeon D 6C / Pentium D 4C 2-8 VNFs AES-NI acceleration 1GE/10GE Server + HW PFE Xeon Multi-socket High Performance 1/10GE and higher Crypto acceleration Expansion slots Server

SD-WAN with Public Cloud Connectivity (AWS) Universal SD-WAN Connectivity Fully automated SD-WAN connectivity to vsrx in customer VPC Contrail Service Orchestration Zero Touch Deployment Admin / Customer Portal Additional direct connect support in future Automated Provisioning VNF vsrx auto provisioned in AWS via CSO Bring-up from defaults Fully security service management Customer access to Self Care Portal for self provisioning of VPC credentials Branch Enterprise Hub VNF Data Center Internet VPN gateway VPN gateway virtual private cloud virtual private cloud AWS cloud Secure VPN connection Management connection

SD-WAN with Full Multi-Tenancy Multi-tenant Management with full Role Based Access Controls (RBAC) Complete management separation between tenants Multi-tenant Control plane with Network Services Controller (BGP) Full routing separation between tenants SD-WAN endpoints support multiple network segments per tenant i.e. Tenant A can have overlapping network X & Y Each tenant supports multiple differing service sets i.e. Tenant A: SD-WAN + Security, Tenant B: SD- WAN + WanOpt Deployable as on-premises or hosted (AWS) Contrail Service Orchestration Self Care Portal Designer Tools Admin Portal Service Orchestration & Network Controller Tenant A Tenant A Tenant B Tenant B HQ Branch

Regional Hub Sites with Hub/Spoke Interworking SD-WAN with MPLS as Transit Branch Internet Regional Hub 1 Regional Hub 3 Internet Traditional multi-homed hub/spoke design MPLS Support for active/backup dual hubs with BGP based failover Support for multiple transport types with Internet/MPLS/LTE or any transport combination MPLS Regional Hub 2 Region/PoP 1 Regional Hub 3 Region/PoP 2 Mapping of traffic/cos to underlay transit MPLS network for inter-pop site connectivity via native PE integration

Regional Hub Sites with Full & Partial Mesh Interworking SD-WAN with MPLS as Transit Branch Fully Meshed Sites Internet Regional Hub 1 Internet Regional Hub 3 MPLS Direct site-to-site connectivity bypassing hub sites for latency sensitive traffic Partially Meshed Sites with On-demand Site-to-site Support for full end points to fully mesh or partially mesh with direct site-to-site connectivity via on-demand tunnel setup MPLS Regional Hub 2 Regional Hub 3 Region/PoP 1 Region/PoP 2 On-demand tunnels triggered by specific applications, i.e. VoIP

Regional Hub Sites E2E Full Mesh Overlay SD-WAN with E2E Overlay Branch Fully Meshed Sites Internet Regional Hub 1 Internet Regional Hub 3 Partially Meshed Sites with On-demand Site-to-site MPLS MPLS Regional Hub 2 Regional Hub 3 Region/PoP 1 Region/PoP 2 Similar to regional mesh topology prior but with regional hubs meshed with SD-WAN based overlays Enables explicit hob by hop SLA monitoring and best path selection Decouples from underlay network entirely

Highly Available Dual-NFX CPE Support Dual NFXs with active/active WAN links across both devices at the branch Active path JCP0 vsrx0 NFX0 WAN0 WAN2 GW vsrx operates in cluster mode with internal synchronization of routing/fib information Near hitless failover in case of a NFX or WAN link failure for local LAN traffic Backup path VRRP JCP1 vsrx1 WAN1 NFX1 VNF Service Chain vsrx cluster

Gateway High Availability with Dual Hub/PoP Support POP 1 Local POP Active PE 1 Support for active/backup dual hubs with BGP based failover Customer LAN Customer Site VRRP SD-WAN NO SD-WAN 1 2 3 4 CPE 1 Active Backup CPE 2 WAN_0 - All Active WAN_1 - All Active 1 2 3 4 ACCESS ISP 1 and/or PE 1 Fails ISP 1 and/or PE 1 and/or CPE 1 Fails ISP 1 ISP 2 Backup POP 2 PE 2 Local POP IP/MPLS CORE Backup SD-WAN Gateway(PE2) in case of primary gateway/pop failure Dual NFXs with active/active WAN links across both devices Near hitless failover in case of a NFX or WAN link failure for local LAN traffic

Integrated Intuitive Policy Management New Intent based policy model for SD-WAN

Integrated Intuitive Policy Management New Intent based policy model for NGFW

SD-WAN Roadmap Cloud CPE Distributed 2.0 Cloud CPE Distributed 2.1 CSO 3.0 SD-WAN CSO 3.1 Secure SD-WAN CSO 3.2 Secure SD-WAN CSO 3.3 Secure SD-WAN CSO 4.0* Secure SD-WAN CSO 4.1* Secure SD-WAN Q4 2016 Q1 2017 Q2 2017 Q3 2017 Q4 2017 Q1 2018 Q2 2018 Q3 2018 Available Now! SD-WAN with integrated NG Security Services

DEMO

THANK YOU

REFERENCES & ADDITIONAL INFO SD-WAN for Service Providers Cloud CPE https://www.juniper.net/us/en/solutions/sd-wan/ SD-WAN for Enterprise Cloud Enabled Branch https://www.juniper.net/us/en/solutions/cloud-enabled-enterprise/branch/ Contrail Service Orchestration https://www.juniper.net/us/en/products-services/sdn/contrail/contrail-service-orchestration/ NFX250 Network Services Platform https://www.juniper.net/us/en/products-services/sdn/nfx250/ SRX/vSRX Gateways https://www.juniper.net/us/en/products-services/security/srx-series/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback