How to Succeed in the New Age of Software-Defined WANs?

How to Succeed in the New Age of Software-Defined WANs

Sponsored by:

February 21, 2017

Presenters

Sterling Perrin

Senior Analyst,

Heavy Reading

Chris Lewis

Product Manager,

Cisco Systems

Alastair Johnson

Principal Solution Architect,

Nuage Networks

Mark Weiner

Chief Marketing Officer,

Versa Networks

Lloyd Noronha

Head of Global Marketing

Viptela

• Introduction and Defining SD-WAN

• Four Use Cases

–Growing Top Line Revenue

–Reducing Costs

–Increasing Service Velocity

–A Universal CPE

• Questions & Answers

Agenda

SD-WAN: A software-defined overlay approach for connecting, monitoring, and controlling enterprise WAN’s

1 Active-Active Architecture: Sites connect to applications through Internet & private WAN

2 CPE: physical or virtual form factor

3 Secure Hybrid WAN: Dynamic traffic engineering across Internet & private WAN based on application policy, and aware of network availability/degradation

4 Visibility, Prioritization & Steering Applications: Specifically business critical and real-time applications per security, corporate governance and compliance

5 High Availability & Resiliency: Optimal for client user experience

6 Layer 2 & 3 Interoperability: With directly connected switch and/or router

7 Management Dashboard/Portal: By site, Application and VPN performance level

8 Controller with open APIs: For access and management, forward specific log events

9 Zero Touch Deployment: agility in provisioning and deployment

10 FIPS 140-2 Validation Certification: Encryption with automated certificate life cycle management

• Integrates a central policy repository (controller) that drives configuration, management and optimization of services and devices based on policy/software and in an automated fashion.

• Two main adoption scenarios:

• Enterprise DIY• Operator managed

enterprise service

Open Networking User Group SD-WAN Requirements

• Operators see three primary benefits for their customers:

– The ability to add new features on-demand via software

– Speed and agility in adding and managing new locations

– Improved application security

Operator Views on Offering SD-WANs to Enterprise Customers

48%

45%

42%

38%

35%

28%

25%

45%

50%

43%

52%

58%

53%

58%

7%

5%

14%

8%

6%

17%

16%

1%

2%

2%

1%

0% 50% 100%

Ability to add new features on-demand viasoftware

Speed and agility in adding and managing

new locations

Improved application security

Low-cost WAN connectivity options relative

to legacy services

Improved application performance by

steering flows over appropriate networks…

Multi-megabit broadband connectivity for

locations

Peace-of-mind from managed servicesoffering (one point of contact)

Critical Important, but not critical Marginal Not important at all

N=96Source: Heavy Reading December 2016 Operator Views on Emerging SD-WANs Survey, Sponsored by ADVA

Most Important Expected Benefits for Operators' Customers

State of SD-WAN Deployments Today

Operator Managed Services Enterprise DIY


• Four Use Cases


–Reducing Costs


–A Universal CPE


Agenda

• MPLS + more [revenue, margin]

Maintain MPLS sales

Minimize MPLS arbitrage

Sell MPLS + Internet connectivity

• Increased market reach

Larger geographic reach via off-net transport

Ability to go down market

| Copyright © 2017 Versa Networks Inc. All Rights Reserved—Company Confidential

Growing Top Line with Managed SD-WAN

Maintain/protect existing revenue New or increased revenue

• Reduce customer churn

Bandwidth needs = better met

Tying network to app requirements = greater stickiness

Added high-value services = greater stickiness

• Design richer services

Add tiers for security

Firewall, NGFW, UTM

Adding to SD-WAN = perfect fit (given direct Internet)

Example: Versa customers seeing 75% attach rate

WAN optimization

Growing Top Line with Managed SD-WAN


• MPLS + more [revenue, margin]

Bundled existing MPLS with in-house + 3rd party

broadband

Extra revenue for SD-WAN overlay

• Increased market reach

Able to sell to full and partial off-net customers

• Design richer services

Premium tier with full branch security

70+% attach rate

Case Study: Tier 1 Provider



• Four Use Cases


–Reducing Costs


–A Universal CPE


Agenda

© 2016 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.

CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION 2/22/2017

12

Reducing operational costs with SD-WANLightReading Webinar: How to Succeed in the New Age of Software-Defined WANs

• Alastair Johnson | [email protected]

• 21-Feb-2017


CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION

SD-WAN reduces operational costs at WAN sites

Reduce VPN deployment times from weeks to hours

Self-service portals and network automation reduce operational overhead, improve customization and service offerings

Centralized policy control reduces expertise required at remote sites; improves compliance

Flexible CPE options reduce management complexity, reduce hardware costs

60%+Cost-reduction in VPN site set-up

90%+Reduction in site turn-up times Easy to upsell other services,

e.g. NFV for security, load balancing

Easily integrated with other cloud service offerings, e.g. hosting

SD-WAN brings benefits to both service providers and enterprises


CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION

VPRN

Provider Edge

VPRN

Provider Edge

VPRN

Provider Edge

Provider EdgeInternet

Internet

MPLS VPN

SD-WANX-86CPE

Hybrid WAN

SD-WANX-86CPE

Fulfillment Assurance Billing Inventory ….

Cust. Service

CustomerPortal

OSS/BSS

Internet Site

SD-WAN Branch SitePhysical CPE

SD-WAN Branch SiteVirtual CPE

On-premises datacenterLegacy VPN

Hosted Cloud Services DC 2

Virtualized Services Directory (VSD)Global Policy Repository

Network ServicesGateway

Virtual NSG

Cloud Operations Center(Cloud Management Sys.

and SDN Controller)

Back Office Applications

Customer NSGs (CPE)

VM VM

Hosted Cloud Services DC 1

VM VM

Virtualized ServicesController (VSC)

VRS Virtual SwitchesVM

SD-WAN SDN

Service Providers are moving to SD-WAN and SDN integration


CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION 2/22/2017

15

http://nuagenetworks.net


• Four Use Cases


–Reducing Costs


–A Universal CPE


Agenda

Viptela Confidential17

Case Study: Fortune-500 Bank, 1200-sites

Public internet

Bandwidth

Security /

Isolation

Verizon Private IP

Regional Offices

Verizon Secure CloudInterconnect

Consumer Mobile devices

Guest Wireless

ATM’s and kiosks

Video conferencing

Data centers

Headquarters

Retail

branch

Time to

Revenue

App Outages

Customer challenges:

• Rollout high-bandwidth video application for topline revenue($$)

• Isolation across lines of business

• No Outages for critical Applications during network failures

Verizon + Viptela

• Managed SD-WAN solution with MPLS + Broadband + LTE at every location

• Secure overlay fabric that addresses security concerns

• Isolated segmentation for each lines of business

• Application Aware Routing policies for real-time steering around network issues


MPLS Internet LTE

……

Primary: Direct Internet Breakout for O365

Secondary: Backhaul to DC for O365

Viptela Secure SD-WAN Fabric

CASB

Challenges• Hundreds of branches aggregated over

MPLS (4-6Mbps) + T1 Backup• Office 365 Performance throttled, poor

user experience• Future expansion to AWS, Azure not

possible on current WAN

Singtel + Viptela

• 20-50Mbs Internet + MPLS and LTE backup

• Direct Internet Access to O365• 3x – 4x performance improvement for

O365 across all sites • Central policy and control• Simplified extension to AWS, Azure

Case Study: Fortune-500 Food Distributor


Analytics

Accelerating Service Velocity with SD-WAN

DC

vFabric

Secure Scale Open

Cloud Delivered

SDWANCloud

OnRamp

Edge

Computing

(IOT)

…

LAN

Users

Devices

Things

Apps


• Four Use Cases


–Reducing Costs


–A Universal CPE


Agenda

Cisco as SD-WAN Customer

Chris Lewis

Product Manager Cisco

February 2017

Lessons learned from deployment

Securing access to new Internet services

MPLS (IP-VPN)

Internet PoP Data Center

Today’s Enterprise WAN (e.g Cisco)

• Stateful firewall

• DNS logging

• URL Black listing

• AV in the cloud

• URL logging

• Netflow Collection

• IDS/IPS

• Anti-Malware

• Full Packet Capture

• Intellectual Property Protection

• Web Proxy logging

for compliance

e.g. Cisco: 16 IPoPs

serving ~500 branch offices

Internet

Virtual

Private Cloud

Public Cloud

Rackspace

Amazon.com

Microsoft

Office 365Google

Salesforce Cisco WebEx

Scaling Security Posture “How Do I Capture SD-WAN Savings with This Operational Model?”

MPLS (IP-VPN)Internet

“It would be great if an SP could help us with this challenge”- John Manville, SVP Cisco IT

Internet PoP Data Center

“16 becomes 500”

• Stateful firewall

• DNS logging

• URL Black listing

• AV in the cloud

• URL logging

• Netflow Collection

• IDS/IPS

• Anti-Malware

• Full Packet Capture

• Intellectual Property

Protection

• Web Proxy logging

for compliance

?

Virtual Managed Services (VMS)

• Discrete physical Appliances installed and

cabled together – Truck rolls

• Add/Modify - physical presence of technical staff

• Space/power requirements

• Physical inventory management and low utilization

• The “Layer 1” challenge

Before VMS uCPE Solution

Branches SP HQ

SP

WAN

Physical CPE and physical appliances cabled together

• Rich and flexible services with a variety of VNFs and

even application VMs

• Multiple functions delivered on one hardware

• Deploy/modify services remotely w virtualization

• Pay for what you use, easy to deploy new VNFs

• Automated deployment and management

After VMS uCPE Introduction

SP

WAN

Automation and Management platform

Same network functions but virtualized + possible Apps

Self-service Portal

CSR1kv ASAv vWAAS 3rd party

Cisco IT Feedback• Cisco IT wants more processing power

• Ethernet access is not everywhere

• Serial connections

• DSL

• Legacy issues, POE

How to Succeed in the New Age of Software-Defined WANs?

Technology