Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Using a secured, cloud-delivered SD-WAN to transform your business network

For more information on Managed Software Defined Wide Area Network (SD-WAN) service, please visit


  • Login to see the comments

  • Be the first to like this

Using a secured, cloud-delivered SD-WAN to transform your business network

  1. 1. Confidential │ ©2019 VMware, Inc. 1 VMware Recognized as a Leader in Gartner Magic Quadrant for WAN Edge Infrastructure GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
  2. 2. ‹#› 2Confidential │ ©2018 VMware, Inc. VMware Named as a Leader in the Gartner Magic Quadrant for WAN Edge Infrastructure Source: Gartner, Inc., Magic Quadrant for Enterprise Mobility Management Suites, October 10, 2018. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from VMware. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. VMware SD-WAN by VeloCloud Positioned Furthest on Completeness of Vision Leader in the Ability to Execute
  3. 3. 3Confidential │ ©2018 VMware, Inc. Enterprise WAN Is Getting Increasingly Complex Loss of Control Lack of Visibility Higher Cost Lack holistic security React to change & no agility Shorter Cycle Time Lack consistent performance Control Visibility Cost Security Plan-Driven Long Cycle Time performance IaaS/PaaS AWSGCP SaaS Office365 Dropbox LEASED LINES LEASED LINES BRANCH BRANCH DATA CENTER BRANCH BRANCH BRANCH BRANCH DATA CENTER BRANCH DATA CENTER DR SITE DATA CENTER BRANCH BRANCH 50-80% Backhaul 50% has Hybrid WAN Lifting & Shifting to Cloud
  4. 4. Businesses Blocked by WAN Challenges App Performance / Bandwidth Expense & Constraint Issues Branch deployment Complexity Cloud migration Not supported by static architectures X X X
  5. 5. 5Confidential │ ©2018 VMware, Inc. Simplified WAN Management Assured Application Performance Managed On-ramp to the Cloud VMware SD-WAN Key Advantages Branch Edges Cloud Gateways SaaS / IaaS Zero-touch deployments, simplified operations, one-click service insertion Direct cloud access with performance, reliability and security Datacenter Edges Transport independent performance for the most demanding apps, leverages economical bandwidth SD-WAN Overlay Private /MPLS 3G/4G LTE Internet Broadband
  6. 6. 6Confidential │ ©2018 VMware, Inc. VMware Cloud-Delivered SD-WAN VeloCloud’s Network Service Consists of 3 Key Components 1 3 VeloCloud Orchestrator 2 Orchestrator Cloud Gateway 1 2 Edge 3 VeloCloud Gateway/ Controller 3 3
  7. 7. 7Confidential │ ©2018 VMware, Inc. Regions 30 Orchestrators 63+ Gateways 440+ 99.99% Reliability SLA SSAE16 Type II Audited Datacenters Cloud Scale Redundancy Gain access to strategic orchestrators & gateways placed around the world SaaS (e.g. SD-WAN as a Service) powered by VMware Cloud Infra
  8. 8. 8Confidential │ ©2018 VMware, Inc. Why Cloud-Delivered Matters? IoT SD-WAN as an Abstraction Layer SD-WAN as a Platform SD-WAN as a Cloud Service
  9. 9. 9Confidential │ ©2018 VMware, Inc. PCI DSS 3.2 Certified SD-WAN The first and only solution to offer PCI-Certified Cloud- Delivered SD-WAN All SD-WAN by VeloCloud components are PCI Compliant Retailers benefit from SD-WAN by VeloCloud PCI AOC to simplify PCI Audit VMware SD-WAN by VeloCloud is a PCI DSS (v3.2) Level 1 Service Provider Ensure PCI compliance in a simple, efficient, and cost-effective manner
  10. 10. Confidential │ ©2019 VMware, Inc. 10 Gain line-of-sight to your entire WAN, On-going visibility and agile troubleshooting +Use RESTful API to enable your own custom heuristics or analytics View overall site health Drill down to application usageQuickly assess link quality Examine bandwidth and throughput in real-time Understand traffic sources and usage on every site Access historical data to easily track progress See latency, packet loss, and jitter on each link VMware SD-WAN Orchestrator (VCO)
  11. 11. 11Confidential │ ©2018 VMware, Inc. Private Cloud  Direct  Multi-path to closest Gateway  Backhaul to selected VCEs Netpluz Internet/MPLS 1 Non-critical Internet traffic, e.g. Netflix, Facebook etc 2 • Mission Critical Internet applications e.g. IaaS, SaaS • Security Integration to Cloud Web Security e.g. Zscaler, Symantec Hub Edge 3 On-prem applications & Internet backhaul App-aware Traffic Engineering Managed On-ramp to the Cloud Branch Edge Cloud Gateway Gateway provides overlay brownout & blackout protection for cloud services
  12. 12. 12Confidential │ ©2018 VMware, Inc. Business Challenges of Cloud services e.g. IaaS / SaaS Internet transport is cost-effective but unreliable for the most critical applications like voice Service disruptions like this above simply create thousands of incident tickets whereas nothing can be done but just to wait for service to resume OR VeloCloud Internet Quality Report service-suffers-second-outage-in-2-days-7773784 Brownout Blackout
  13. 13. 13Confidential │ ©2018 VMware, Inc. Internet outage most recently..
  14. 14. 14Confidential │ ©2018 VMware, Inc. Blackout protection for real-time cloud app
  15. 15. 15Confidential │ ©2018 VMware, Inc. VeloCloud SD-WAN Path via Gateway (VCG) Underlay Path Non-SDWAN Performance Brownout protection for Cloud (e.g. speedtest ) Speedtest throughput performance comparison over a single Internet (100Mbps) Packet-loss download upload 0% 94 Mbps 94 Mbps 5% 80Mpbs 81Mbps 10% 67Mbps 76Mpbs 15% 41Mpbs 72Mbps 20% 23.75Mbps 60.24Mbps Packet-loss download upload 0% 95 Mbps 95 Mbps 5% 15Mbps 8Mbps 10% 5.38Mbps 3.45Mbps 15% 1.74Mbps 0.81Mbps 20% 0.93Mpbs 0.32Mbps
  16. 16. 16Confidential │ ©2018 VMware, Inc. SD-WAN download upload 0% ~ 100Mbps ~ 100Mbps 5% 83.50Mpbs 67.01Mbps 10% 78.93Mbps 78.40Mpbs 15% 25.12Mpbs 60.10Mbps 20% 11.16Mbps 12.63Mbps Speedtest throughput performance over a single Internet (100Mbps) Non SD-WAN download upload 0% ~ 100Mbps ~ 100Mbps 5% 10.98Mbps 14.92Mbps 10% 3.38Mbps 2.13Mbps 15% 0.94Mbps 0.83Mbps 20% 0.47Mpbs 0.23Mbps
  17. 17. 17 Speedtest with 5% packet-loss via Non-SDWAN Path Speedtest over Underlay Path
  18. 18. 18 Speedtest with 5% packet-loss via SD-WAN Path Speedtest over SD-WAN Overlay Path
  19. 19. 19 Speedtest with 10% packet-loss via Non-SDWAN Path Speedtest over Underlay Path
  20. 20. 20 Speedtest with 10% packet-loss via SD-WAN Path Speedtest over SD-WAN Overlay Path
  21. 21. 21 Speedtest with 20% packet-loss via Non-SDWAN Path Speedtest over Underlay Path
  22. 22. 22 Speedtest with 20% packet-loss via SD-WAN Path Speedtest over SD-WAN Overlay Path
  23. 23. 23Confidential │ ©2018 VMware, Inc. Edge is Software (VCE) 3 Deployment Options Option 1 Option 2 Option 3 Edge software pre-installed “bare metal” on VeloCloud hardware or Dell hardware Virtual Edge installed on ESXi or KVM, ESXi license not included Virtual Edge installed in IaaS e.g. AWS, Azure and AliCloud On marketplace, BYOL IaaS fees not included Next-generation hardware from Dell Dell VEP4600 uCPE Roadmap VeloCloud 510 to 2000 IBM Cloud Google Cloud - Dell VEP4600 uCPE certified
  24. 24. Confidential │ ©2019 VMware, Inc. 24 Dynamic Multi-Path Optimization Application Performance Assurance Deep Application Recognition Secure Overlay Multi-path Link Qualification Application Steering On-Demand Remediation & Aggregation What is on the network? What paths are available? How are the paths performing? What is the best path for the application? Reacting to deteriorating link conditions even for single WAN link
  25. 25. 25Confidential │ ©2018 VMware, Inc. • Drives automation and optimization Dynamic Multi-path Optimization (DMPO) Assured Application Performance On Any Transport • Sub-second steering without session drops • Aggregated bandwidth for single flows • Protects against concurrent degradation • Enables single link performance Dynamic Per Packet Steering On Demand Remediation Continuous Link Monitoring Case Study: Retail Hybrid WAN • MPLS link outage • Performance issues on Comcast CABLE VeloCloud Delivers Excellent VoIP Quality • Sub-sec steering of VOIP without call drops • On-demand mitigation of packet loss & jitter
  26. 26. 26Confidential │ ©2018 VMware, Inc. Maintaining QoE – Unified Communication Services Video Conference over Single WAN Link with 2% Packet Loss Without VeloCloud SD-WAN With VeloCloud SD-WAN
  27. 27. 27Confidential │ ©2018 VMware, Inc. O365 SharePoint throughput comparison over a single Internet link Brownout protection, Assured SaaS performance VeloCloud SD- WAN path via Gateway Non-SDWAN path via pure Internet Office365 Sharepoint FileTransferring over 2 weeks continuously from Singapore to Bangkok From 930pm ~ 1130pm everyday
  28. 28. 28Confidential │ ©2018 VMware, Inc. Blackout Protection for Cloud PBX sub-second steering
  29. 29. Confidential │ ©2019 VMware, Inc. 29 Built for the Highly Secure Deployments Security Capabilities in VMware SD-WAN Secure Data Connections • IKEv2 based secure tunnel between Edge and Gateways • FIPS 140-2* compliant IPSec support PSK or PKI key management with built CA Application aware Firewall • Stateful Packet filtering based on the network and application information • Recognize more than 3300 applications Secure Control Connections • TLS1.2 based secure communication b/w Edge, Gateways and Orchestrator • PCI compliant deployment options End to end Segmentation • Simple Enterprise wide segmentation creation • Integrate with NSX and maps branch segments to NSX routing domains * FIPS 140-2 Level certification is In Progress
  30. 30. 30Confidential │ ©2018 VMware, Inc. Enterprise-Wide Segmentation • Traffic profile Isolation • Segment aware policies • Segment aware topology insertion • Overlapping IP in different segments Corp Guest PCI Corp Corp
  31. 31. 31Confidential │ ©2018 VMware, Inc. Application Aware Embedded Can be disable in favor of external physical firewall Integrated rule set Default to block inbound Best of breed integration Direct or via Gateway Zscaler, Forcepoint Use Business Policy to redirect select traffic to CASB providers Best if breed integration local at the Edge Use Edge based hypervisor Fixed service chaining Palo Alto Networks Security Architecture Integrate with best-of-breed security providers Built-in Firewall CASB Integration Firewall VNFCentralized Firewall Backhaul to the DC Use existing DC security infrastructure Backhaul via a hub or a Non-VC-Site Use business policy to redirect select traffic to the DC based firewall Internet Internet Internet Internet Branch DC CASB Embedded Firewall Firewall VNF
  32. 32. 32Confidential │ ©2018 VMware, Inc. Virtual Ready (V) Edges Availabl e NOW Available 2H/2019  Leverage best-of-breed VNF with SD- WAN  Simple, one-click service insertion  Automate VM lifecycle and registration Firewall VNF and SD-WAN Integration
  33. 33. 33Confidential │ ©2018 VMware, Inc. CLOUD WEB SECURITY INTEGRATION Cloud Security Service Branch Site Corporate Datacenter VeloCloud Edge Hub VeloCloud Edge VeloCloud Gateway Dynamic Multi-Path Optimization Automated tunneling eliminates site by site configurations VeloCloud Dynamic Multipath Optimization delivers application performance and reliability to cloud Single-click Application-Aware Policies for granular service insertion
  34. 34. 34Confidential │ ©2018 VMware, Inc. Netpluz Advantage Managed Communications Service Provider 24/7 Managed Services End-to-End Services Competitive Pricing Experienced Management Team Successfully deployed Locally & Regionally Secure Connectivity – Broadband, GPON, Ethernet, Metro Ethernet SD-WAN LIVE DEMO AT BOOTH G95
  35. 35. Confidential │ ©2019 VMware, Inc. Thank you! Scan me to download Do join us at Booth G95