Post on 24-Aug-2021
transcript
Confidential ©2019 | VMware, Inc.
VMware SD-WAN by VeloCloud
Scott MacDonaldDeputy Director Infrastructure Services
CA Department of Technology, OTS
Dwayne SinclairSenior Manager, Systems Engineering
State, Education, Local Government
VMware
2Confidential │ ©2019 VMware, Inc.
Why SD-WAN and Why Now?
Confidential │ ©2019 VMware, Inc.
Evolving Network Requirements
3
Customer RequirementsAdaptability:
Network must adjust and respond dynamically, based on application needs business policy and network conditions
AutomationPolicy changes must be automatically propagated so that manual work and errors are minimized
MaintainabilityThe deployment of new features and capabilities (upgrades, patches) must be seamless with minimal disruption of operations
Integrated SecurityNetwork applications must integrate seamless security as a core service instead of an add-on solution
Flexible Administration ModelsVendor Managed, CDT Managed and/or Customer ManagedTransport Independence (telco agnostic)Low Co$t
Confidential │ ©2019 VMware, Inc. 4Confidential │ ©2019 VMware, Inc.
What is SD-WAN?
Confidential │ ©2019 VMware, Inc. 5Confidential │ ©2019 VMware, Inc.
SD-WAN Starts with a VeloCloud Edge…
Confidential │ ©2019 VMware, Inc. 6
Edge is Software Three Deployment Options
Option 1 Option 2 Option 3
Edge software pre-installed “bare metal” on VeloCloud hardware
Virtual Edge installed on ESXior KVM
ESXi license not included
Virtual Edge installed in AWS or AzureOn marketplace, BYOLIaaS fees not included
Roadmap Roadmap Roadmap
VeloCloud 510 to 3800
Next-generation hardware from Dell
Dell VXRAILIBM Cloud
Google Cloud
VMware Cloud on AWS
VMware SD-WAN Edge by VeloCloud
- Dell VEP4600 uCPEcertified
Confidential │ ©2019 VMware, Inc. 7Confidential │ ©2019 VMware, Inc.
• Zero-touch provisioning• Group business-level policies• Automatic link profiling
VeloCloud Orchestrator All-In-One OrchestrationMulti-tenant managed IT portal * Enterprise wide * Site drill down: link and usage discovery
CLI
Confidential │ ©2019 VMware, Inc. 8Confidential │ ©2019 VMware, Inc.
Solution Components
Virtual Edge
Flexibility in deployment
• Purpose-built hardware• Virtual Edge for cloud or white box• Services platform for VNF
For branch, datacenter & cloud
VMware SD-WAN Edge
Multi-tenant cloud-based management, configuration, and monitoring portal
VMware SD-WAN Orchestrator and Controllers
VMware or SP hosted, and
on-premises at enterprise
Business policy
abstractionAPIs
Enables fast deployment, zero-touch operations
Optimized cloud on-ramp to the
doorstep of SaaS / IaaS
Strategic world-wide locations,
top-tier network PoPs
VMware SD-WAN Gateways
Fully managed and operated by VMware and SPs
Multi-tenant
Confidential │ ©2019 VMware, Inc. 9Confidential │ ©2019 VMware, Inc.
Simplified WAN Management
Assured Application Performance
Managed On-ramp to the Cloud
VMware SD-WAN by VeloCloud Benefits
Branch Edges
SaaS / IaaS
Zero-touch deployments, simplified operations, one-click service insertion
Direct cloud access with performance, reliability and security
Datacenter Edges
Transport independent performance for the most demanding apps, leverages economical bandwidth
SD-WAN OverlayPrivate /MPLS 3G/4G LTE
Internet Broadband
VMware SD-WAN Orchestrator
Cloud Gateways
Software Defined WAN Overlay
‹#› 10Confidential │ ©2019 VMware, Inc.
VMware Named as a Leader in the Gartner Magic Quadrant for WAN Edge Infrastructure
Source: Gartner, Inc., Magic Quadrant for Enterprise Mobility Management Suites, October 10, 2018.This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from VMware.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
VMware SD-WAN by VeloCloud
Positioned Furthest on Completeness of Vision
Leader in the Ability to Execute
Confidential │ ©2019 VMware, Inc. 11
Agile Rolloutsq Broadband & LTE
q Zero touch deployments
q Flexible configurations
Lower Costq Economical
bandwidthq Lower IT costs
q Efficient usage
Application Performance & Reliabilityq Optimal customer
experienceq Reliable uptime
q Cloud and legacy apps
Simplified Securityq Enables business
q Minimizes riskq Reduced
compliance efforts
Business Benefits
12Confidential │ ©2019 VMware, Inc.
Where is SD-WAN Used?
Confidential │ ©2019 VMware, Inc. ‹#› 13Confidential │ ©2019 VMware, Inc.
Myriad of SD-WAN Use Cases
Deploy multiple links
Improve application performance
Access cloud datacenters and SaaS
Simplify branch deployment
Global, Managed WAN
Enhanced security
Confidential │ ©2019 VMware, Inc. 14Confidential │ ©2019 VMware, Inc.
Dynamic Multi-Path Optimization in Action“Assured application performance over any type of link”
VMware SD-WAN Enhancements
MPLS
Comcast Cable
Excellent voice quality!
• Sub-second steering without session drops
• Aggregated bandwidth for single flows
• Drives automation and optimization
Continuous Link Monitoring
Dynamic Per Packet Steering
• Protects against concurrent degradation
• Enables single link performance
On Demand Remediation
Confidential │ ©2019 VMware, Inc. 16Confidential │ ©2019 VMware, Inc.
10x faster response time
SD-WAN Solution – SaaS/Data Performance
Dual 20Mbps Links / 50 MB Box File Transfer
Without VMware SD-WAN by VeloCloud
VMware SD-WANby VeloCloud
No Loss 22 sec 12 sec
2% Packet Loss 134 sec 13 sec
Confidential │ ©2019 VMware, Inc. 17Confidential │ ©2019 VMware, Inc.
Securing SD-WAN
Confidential │ ©2019 VMware, Inc. 18
Branch to Data Center
Simple enterprise-wide segment creation
Segment-aware topology
Isolation & overlapping IP
Segment-aware policies
On-premises and cloud
End to end services, analytics and policy
Branch 1
Branch 2
Retail 1
Corp-HR10.1.0.0/24
Voice10.1.0.0/24
Corp-HR10.2.0.0/24
Corp-MKT10.2.0.0/24
Voice10.2.0.0/24
Corp-MKT10.3.0.0/24
PCI10.3.0.0/24
Guest10.4.0.0/24
VeloCloud Edge / Gateway
NSX routing domain Corp-HR
NSX routing domain Corp-MKT
NSX routing domain PCI
Data Center
HRIS Payroll
CRM Analyst
PCI Network
VeloCloud Orchestrator and Controller
VMware NSXVMware ESXi
Roadmap
SD-WAN analytics
Policy automation
via API
VMware vRealizeNetwork Insight
& Ecosystem
NSX Manager
- Security policies
Confidential │ ©2019 VMware, Inc. 19Confidential │ ©2019 VMware, Inc.
Multi-Segment CPE Software
Segment ASegment BSegment C
Per Segment QoS and DMPO
• Per segment QoS and Dynamic Multipath Optimization
• Overlay Bandwidth Cap
Store-in-Store / Multiple Security Segments
20Confidential │ ©2019 VMware, Inc.
Deploying SD-WAN
Confidential │ ©2019 VMware, Inc. 21
Outcome Driven Networking
Abstractionand Automation
Contextual Implementation
Self-Learning& Adaptation
Assured Application Performance
Simple and Secure VPN Outcome-DrivenSegmentation
Intelligent Routing Distributed Service Insertion
Zero-Touch Operations
Business Outcomes
Confidential │ ©2019 VMware, Inc. 22
• Cloud or on-premises orchestrator and controllers
• Controller functions: route reflector, VPN control, link measurements
Incremental and Interoperable SD-WAN Rollouts
VMware SD-WAN by VeloCloud Orchestrator
VMware SD-WAN by VeloCloud ControllersVMware SD-WAN Edge by VeloCloud
VMware SD-WAN Edge by VeloCloud
VMware SD-WAN by VeloCloub Hub Cluster
OSPF, BGP
BGP Route Learning and Distribution
OSPF, BGP
OSPF, BGP
Co-exist
Replace
Legacy
Internet
MPLS
Confidential │ ©2019 VMware, Inc. 23
Internet
MPLS
• Use VRRP to make VCE the default gateway when is it up
• Provide failover/redundancy with existing CE
• Use routing protocol (OSPF or BGP) to direct traffic to the VCE when it is up
• Provide failover/redundancy with existing CE
• VCE is the default gateway for the branch traffic
• Deploy VCE in HA pair to meet the redundancy/availability requirement
Branch Deployment Options
CE E-BGP
L2 SW VR
RP
Co-exist (L2) Co-exist (L3) CPE Replacement
Internet
MPLS
E-BGP/OSPF E-BGP
L3 SW
E-BGP/OSPF
Internet
MPLS
E-BGP
L2/3 SW
24Confidential │ ©2019 VMware, Inc.
Wrap Up
Confidential │ ©2019 VMware, Inc. 25
ROI of SD-WAN
WAN Simplification
Assured Application Performance
Architecture for the Cloud
Flexible Services Platform
ü Zero IT touch deployment
ü Outcome driven policies
ü Remote management, visibility and troubleshooting
ü Transport independent performance
ü Sub-second brownout protection via mid flow steering & remediation
ü Distributed cloud gateways-as-a-service
ü Virtual Edges for public cloud
ü VNF ready SD-WAN platform
ü SD-WAN as VNF for vCPEs
ü Distributed services insertion
ü Automatic segmentation, VPN
o Reduce on-site IT visits, accelerate deployment
o Minimize configuration and troubleshooting time
o Enables use of optimal ISP by site
o Increase utilization of circuits
o Eliminate redundant / dedicated circuits
o Enables use of economical broadband
o Savings with “over the top” services eg VOIP
o Reduced capex and opex for access to SaaS and hybrid cloud
o Reduced redundancy & disaster recovery costs
o Fewer truck rolls and capex
o Reduced hardware warranty and spares
o Eliminate per branch security expenses
o Reduced audit & compliance expenses
Key Features ROI Opportunities
Confidential │ ©2019 VMware, Inc. ‹#› 26Confidential │ ©2019 VMware, Inc.
Department of Technology SD-WAN Services
Subscription service based upon 12 or 36 month commitments
24/7 monitoring and support
Architectural design and support
Branch deployment services
Service available through CDT’s Service Request process
Integration with CDT Security Operations Center with 24/7 monitoring
Confidential │ ©2019 VMware, Inc.
Questions?