2© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Agenda
▪ Industry Challenges
▪ Introducing Network Services Orchestration
▪ What? Why?
▪ How to Implement Network Services Orchestration
▪ Build vs Buy, Open Source vs Vendors, Vendor Selection
▪ Anuta NCX Overview
▪ Technology, Use-cases, Case Study.
▪ Product Demo
▪ What’s Next for Network Services Orchestration?
3© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Enterprise Services
SecurityServices
VideoServices
MobileBackhaul
Customers expect fast services turn-up
Complexity of service provisioning exploding
Frequency of change in networks increasing
Operational overhead
becomes a huge burden
Operators must replace manual,
time consuming steps, and
proprietary management solutions
into an open and
more flexible service orchestration
platform
Industry Challenges
4© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Traditional Provisioning Vs Network Service Orchestration
Delays in service activation
Lack of automation
Existing Gaps Network Services Orchestration
Costly softwareoverhead
▪ Service template driven
▪ Cross-vendor provisioning▪ Cross-Technology provisioning
▪ Hardware, Virtual, SDN
▪ Customizable templates▪ All-in-one suite
Q1. How familiar are you with Network
Orchestration?
A. Just Learning
B. Evaluating Vendors
C. Already in Production
D. Not appropriate for us
6© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Where Are Network Services Orchestration Cost Efficiencies ?
AdaptabilityReduction in time to
provision new services
QualityDecline in errors
ProductivityOutput increases
per person
7© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Time
De
ma
nd
Automation Value is Medium
Staff Demands
Th
resh
old
Staff Level
AutomationValue is High
Automation is Mandatory
HugeROI
Number of Full Time
Employees (FTE)
Do More with Less
▪ Key workload metric:
Number of production units per person
(e.g., servers per admin)
▪ “Shift” skills of staff
▪ (NetEng Operators)
▪ Correlate production units to revenue
and divide by staff costs
▪ Demand is increasing exponentially, but staff is shrinking
▪ Beyond a demand threshold, automation is mandatory
8© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
▪ Leverage service orchestration from a full-lifecycle perspective
▪ Design, Create, Discover, Assure, Modify, Delete
▪ Utilize custom template-based service modeling for any device type
▪ Provide off-the-shelf support for any custom device
▪ Service provisioning, Automatic cross-vendor topology discovery, and FCAPS
▪ Implement full REST API for network programmability, provisioning, automation & orchestration
▪ Adopt comprehensive user-defined network resource management
▪ Support service discovery from network
▪ Brownfields and Greenfields
Desired Network Services Orchestration Features
9© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Initial Approach Considerations
▪ Appetite for community support and
engagement
▪ Fit for purpose
▪ Ease of configuration/customization
▪ Time to market/Speed to implement
▪ Maintenance of the platform or the rules
▪ Acquisition cost + On-going operations
▪ Core focus of the business/organization
▪ Breadth and depth of vendor support
needed
▪ Scalability of the organization’s needs
▪ Maintenance and sustainability
▪ Total Cost of Ownership (TCO)
• Initial Acquisition + On-going operations
Build vs. Buy Open Source vs. Vendor
Implementing Network Services
Orchestration
11© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
▪ Breadth and Depth of Vendors Supported
▪ Flexibility to perform Brownfield, as well as Greenfield, Discovery and Orchestration
▪ Support for Physical and Virtual Appliances
▪ Support for Legacy and/or Proprietary and/or Open and/or Emerging Standards & Interfaces
▪ Scalability to Small, Medium, and Large enterprise environments
▪ Validated Service Models
▪ Ease of using the Development Toolkit
▪ Ease of Configuration/Customization
Platform Selection Considerations
12© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
SERVICE MANAGEMENT
Recommended Network Services Orchestration Lifecycle
Design the
Configuration
Entities
STEP 1
Create
Service
Template
STEP 2
Deploy
the Service
STEP 3
Discovery
Assurance
Performance
Modification
Decommissioning
STEP 4
SERVICE DESIGN SERVICE DEPLOYMENT
13© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Technica’ Service Development Process
• Add features and templates
• Customize menus and options
• Apply user and tenancy limits
• Validate or add features
• Add CLI or API support, as needed
• Set parameter limits
• Service/configuration data requirements
• Feature support
• Provisioning protocol support
Service Model Definition• L2/L3 VPN services
• Ethernet and VLAN bridging
services
• MPLS service models
• Datacenter infrastructure and
interconnect services
• Datacenter host add/drop
services
YANG/NETCONF• VPLS customer interface
• VLAN number
• VPN name
• Route distinguisher
• IPT site ID
• Policer bandwidth
• MTU size
• Allowed MAC
• User profiles
Requirements Definition• Add an ethernet VLAN
establish MPLS service
for customer
• Deploy new hosts and
VMs in a datacenter
• Migrate to next-gen
Devices or new vendor
• Deploy L2VPN
Q2. Which is the most important criteria for
Choosing Network Orchestration Platform?
A. Multi-Vendor Support
B. Brownfield Support
C. Ease of Customization
D. On-Prem and Cloud-Based Delivery Model
E. Scale
Anuta NCX Overview
16© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Anuta NCX Orchestration Platform
Orchestration
capabilities for
Multiple
Networking
Domains
Self Serve Portal Service Manager, OSS, BSS
Anuta NCXNMS & Orchestration Platform
Anuta NCXVNF Mgr
NCX Portal
17© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
YANG Data Store
Integration & Service Delivery PlatformOperations/Support
NCX PortalBusiness
PortalX-Domain
OrchestratorTicketing Systems
Service Assurance
Physical/Virtual/SDN Network Infrastructure
NCX Orchestration Platform
Inventory of Services
Inventory of Devices
Inventory of Networks
SNMP CLI REST API/SDK SNMP-TRAP NETCONF SYSLOG YANG
R E S T C O N F
Service Manager
Resource & VNF Mgr.
NCX Platform Services
(RBAC, Persistence,
etc.)Capacity Manager
Audit & Reconcile
Engine
YANG Model Engine
Model driven, layered and abstraction approach helps in delivering vendor neutral, extensible and maintainable services
NCX High Level Architecture
ANY network service or application
ANY technology or architecture
ANY vendor, platform or device type
ANY southbound interface (CLI, REST,
NETCONF, etc.)
YANG model drivendevice, network and service
Admin/OperatorDevOps/Tenant
Tenant/Consumer
Business Process/Workflow
East-West Integration
License Mgr. VNF Mgr.
Image Mgr. Certificate Mgr.
CMDB Analytics
PnP. Service Assurance
IPAM/DNS/DHCP Syslog/SNMP Rcvr.
Other NMS or Information Providers
18© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Rules Engine
Analytics driven Service Assurance
Tenant / Service
Specific Monitoring Config
Push/Pull KPI, Filtered
Telemetry data
Multi Vendor Physical/Virtual Infrastructure
On Premises or Remote or Cloud
Partner Analytics Platform
Analytics
Collection Engine
Analytics
Collection Engine
Raw
Telemetry
Raw
Telemetry
Config Discovery, Operational and
Telemetry Data
OSS/BSS/Self-Service/Assurance Platforms
Operational and
Telemetry DataRemediate
Assurance
Apps
RemediateKPI & Other
Native Policy & Remediation
External App triggering Remediation
NCX offers Service Assurance natively and also integrates with partner analytics platforms
SLAs & Remediation actions can be defined in YANG models
Alerts can be consumed natively or propagated to 3rd party assurance apps
NCX maps infrastructure alerts to tenant services in real-time
Collection Provisioning
Rules Engine
Provisioning
Apps
Analytics &
Assurance
Apps
Policy Mgr
Provision
Audit &
Reconciliation
Powerful Query/Policy Engine and State Machine allows any behavior to be modeled, monitored and enforced
19© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Why NCX?
Use-cases
• Enterprise Data Center
• Branch
• Managed Services
• Data Center Interconnect
Why NCX?
• Multi-Vendor & Feature Velocity with NCX SDK
• Breath of Common Models
• Highly Scalable & Available architecture
• Micro Services based
• Support for IETF YANG
20© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Use case and Challenges
Case Study 1 – Branch Automation
▪ NCX as the orchestrator performs ZTD of new branches and automate
the MSP managed CPE devices.
▪ NCX monitors the KPI of the CPE and trigger the traffic over
secondary CPE device by modifying the relevant configurations.
▪ Branch Automation for Managed Service Customers in 130 countries
▪ > 200K CPE or Branch Locations from 1000+ customers
▪ Multi-Vendor, Physical, Hybrid and Virtual Network Services
▪ On-boarding a new tenant requires 400 complex CLIs across 4 vendor
platforms.
Results
Solution
▪ CPE provisioning reduced from 60 minutes to 5 minutes
▪ Achieved Ready for Service (RFS) within 37 days - Customer
expected 80 days.
Using NCX, we turned around a greenfield 148 site deployment project with
zero errors in less than 18 hours. Before NCX, such project would take 112
engineering hours excluding audits and rework.
Topology
MSP
Data Center
NCX
Self Service Portal
OSS/BSS
NCX Agent
ESXi
VM NCX
Spoke-2
Spoke-3 HQ
DC/HUB
Spoke-1
vWanOp
FW
R1
R2
Physical
CPE
Hybrid
CPE
Virtual
CPE
vFW
vWanOp
vRouter
NCX Agent
Large Enterprise
MPLS
L3VPN
OpenStack vCenter
Spoke-2
Spoke-3
Spoke-1
Physical
CPE
Hybrid
CPE
Virtual
CPE
vFW
vWanOp
vRouter
OpenStack
vCenter
SME/SMB etc.,
Internet
Azure
vWanOp vWanOp
21© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Case Study 2 – Managed Enterprise Services
Profile
▪ Major Tier1 MSP serving over 7000 managed network
customers and over 120,000 CPE devices
Use case and Challenges
▪ Manual activation of Customer vCPE devices
▪ Activation of new management services takes months
Solution
▪ Customer Self-service user service activation/de-
activation and reporting
▪ Integration with Infoblox for IPAM, Cisco ACS for
Secure authentication
▪ YANG based Extensible Platform to support future
growth and requirements
▪ End Points – Cisco Catalyst 6500, Cisco ASA-SM, Cisco
Virtual ASA, Cisco ACS, VMware vRealize,
ScienceLogic, InfoBlox
Managed Services
Network Infra
Customer
Site
Anuta NCX NFV
Orchestrator &
VNF Manager
Telstra IPMAN
Network
Customer
Site
Telstra Self-Serve
Portal
Juniper NFX
Cisco Catalyst 6500
Cisco ASA-SM, Cisco ACS
Virtual Network
Infra
ArcSight & Other App
VMs for Tenants
Cisco vASA
Anuta Data Center / AWS
Tenant Service VMs
& Physical Infra
VMWare vRA
vCenter
ScienceLogic
Infoblox
Juniper CSO
22© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Use case and Challenges
Case Study 3 – Virtual Branch and NFV
▪ Need for turn-key CPE solution for retail business customers with TTM
▪ Current deployment model for retail CPEs inefficient due to the
geographic spread, shortage of skilled local engineers and servicing
costs of hardware
Profile
▪ Major Tier1 MSP serving 7000 managed network customers and
60,000 CPE devices
▪ Fill gap in the Retail space with Virtual CPE solution that can be
brought to market from MSP outlets
Solution
▪ x86 hardware, Ubuntu Linux and KVM hypervisor
▪ Cisco CSR1kV as vRouter, Juniper vSRX as vFirewall
▪ Openstack as the virtual infrastructure manager
▪ OVS orchestrated via Openstack API
▪ NCX as the VNF Manager and performing end to end orchestration
and service chaining
Nova API
Openstack
vApp Images
KVM Hypervisor
Open
vSwitch
vRouter
vFirewall
Neutron API
Anuta NCX
vCPE
Internet
VNF Manager
(Deploy, Destroy,
Scale Up/Down)
To LAN
LTE
LTE
NFV Orchestration,
Service Chaining
Orchestration Flow
vApp Images
InternetMSP CMI (Mgmt)
Managed Services
23© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Use case and Challenges
Case Study 4 – App. Delivery in Private Cloud
▪ Extensible YANG models
▪ Multi-vendor Support (35
vendors)
▪ Pluggable, Micro-services
Architecture
▪ Multi-Tenancy and RBAC
▪ F5 Silverline DDoS Protection service
▪ 4 Global Data Centres
▪ Multi-Vendor: Arista, Arbor PeakFlow, Juniper MX, F5 LTM and
Viprion.
Results
Why NCX?
▪ Applications don’t need to care about devices and topology any more
▪ Time to market for new features reduced by 30%.
Key Success Criteria
▪ Device and Topology Abstraction
▪ Config Audit and Reconciliation
▪ Extensibility
▪ Full CRUD (Create, Read, Update
and Delete)
▪ Development Toolkit (SDK)
WAN Edge
Juniper
MX
Internet
Juniper
SRX
Load Balancer
F5 LTM
Arista
7K
Compute
Servers
vCenter
Virtual
Access
Juniper VGW
Logical Topology
(Service Chain)
24© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Anuta NCX Summary
Next Generation Network Management & Service Orchestration Platform
▪ Open Standards (YANG) based extensible platform
▪ Micro services based pluggable/modular & horizontally scalable architecture
▪ Layered Abstraction, multi-tenant architecture
▪ Multi-vendor support (40+ Vendors )
▪ New Apps can be delivered in weeks
▪ Multiple Networking Domains – Campus, Data Center, Branch, Wired/ Wireless
▪ Production deployments at Fortune 100 Enterprise & Tier-1 SP/MSPs
Demo
26© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
L2VPN Demonstration
vMX (EJ3)
NCX
vMX (EJ1)MX80
IP MPLS
EX-4300 C3750
Edge Service Endpoints
IBGP AS 20760
Lab GW
WebRequest
WebServer
27© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
L2VPN Demo Screenshots
Highlighting
Workflow
Status
Selecting the Template
Adding Circuit Parameters
28© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Advanced Topics
▪ Service Assurance
▪ More than compliance and remediation
▪ NFV MANO
▪ VNF Management
▪ Extend to data center (compute and storage) orchestration with Technica’s ASE solution
▪ Include SDN Controller(s) into the architecture
▪ Piloting and Prototyping in US Federal Government
▪ Leverage OTA (or Other Transactional Authorities) like C5 and CEED
▪ Container Support
29© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
How Do I get from Design to Operation?
▪ List desired services
▪ Determine features
▪ Common
▪ Specific
▪ Determine objects
▪ Physical, functional, policy-driven
▪ Attributes
▪ Model and test features
▪ Deploy service
30© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Value Proposition
CHEAPER
• Lower staffing requirements
• Fewer applications
• Operators, not Engineers
LOWER RISK
• Policy driven
• Remove human errors
• Validation and rollback
FASTER
• End-to-end provisioning• Provision only the
necessary data
BETTER
• Verification and feedback
• Service oriented logging
• Modular
31© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Automation
Scale
Flexible
Predictive
Speed
Configuration
ITOps
DevOpsCloudOps
Data Center Infrastructure
Network Service Orchestration:
The Center of Gravity
For Policy Driven
Operations
NetworkServices
Orchestration
32© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Vendor Support
Vendor Devices Types VNFsA10 Networks vThunder
Affirmed Networks vEPC vEPC
Alcatel-Lucent 7750 series, 7705 series
Arista Networks 7000 Series
BlueCat BlueCat Address Manager (DNS) & IPAM
Brocade
VDX 8770, FastIron, BigIron series Vyatta 5400, 5600, SteelApp
SteelApp
vEPC vEPC
6900, 8000, VDX 6700 series
Blue Coat ProxySG
Centina Systems Service Assurance Platform
Check Point Checkpoint Provider-1, Security Gateway Checkpoint R77 Virtual Security Gateway
Cisco
ASR 9K, ASR 1K, 7600 series, ASR1000, CSR1000v Cisco VSG, Virtual WAAS, Virtual ASA, CSR 1000V, XRV, Virtual WSA*
Catalyst 2900, 3560, 3600X, 3750, 4K, 6500 Series Switches
ISR Family - 800, 1800, 2800, 2900, 3800 and other
Nexus 1K, 2K, 3K, 5K, 7K, 9K, UCS Fabric Interconnect
ASA 5500 series, FWSM, ASA SM, CSR1000v, Virtual ASA, VSG
ACE-Appliance, ACE-Module, WAAS, SM-SRE, WAN E-574 to 8541 appliances, WSA
MME*, P/S-GW, Cisco WLC 2500, 5500 vEPC
VNMC, APIC
Citrix NetScaler MPX, SDX VPX
Ericsson SSR 8000
F5 NetworksBIGIP-LTM, BIGIP-GTM, 3600, VIPRION 2400 Virtual LTM, GTM
BIG-IQ
Fortinet Fortigate 3140, 3140B Virtual FortiGate
HitachiAlaxala AX-3650, Alaxala – AX1240, AX2530
Apresia 15000, Apresia LightGM124/118/110GT-SS
33© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Vendor Support
Vendor Devices Types VNFs
HP
5800, 5900, 6000 series
12500, 10500, 7500 series VSR 1000
HPE Helion HCG, HP DCN
Huawei NE40-X8, NE40-X3 series
Infoblox IPAM
Juniper
MX-80 series, MX-480, MX-960, VGW, SRX, Virtual SRX Juniper VGW, Juniper vSRX
EX Series Switches, QFX , Q Fabric System (DC Network Fabric), NFX 250
Contrail, JUNOS Space
Microsoft SCVMM
Neustar Neustar DNS Service
Nuage Nuage VSP
Oracle Opus Switches
Palo Alto Networks PA and VM Series
Radware 5412XL, ADC-VX 5412XL, ADC-VX
RedHat OpenStack
Riverbed Virtual and Physical Steelhead Steelhead
ScienceLogic Service Assurance Platform
Splunk Syslog
Venafi Certificate Mgmt
VMWare DVS, vCenter, ESXi, vShield Edge Gateway, vRealize, ESXI, vCenter ESXI, DVS, vShield Edge Gateway, vCNS
CSP Interconnect Amazon AWS, IBM SL, Vmware vCloud Air, Cisco CCS, Microsoft Azure
Cloud Portals OpenStack
Public Cloud/Hybrid Cloud AWS
34© 2017 Anuta Networks and Technica Corp. All Rights Reserved.
Thank You