Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
© 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE.
CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING ...
Upcoming SlideShare
Loading in …5
×

A flexible & integrated approach to VNFs on SD-WAN

4,477 views

Published on

In this presentation from NFV World Congress 2017, Saurabh Sandhir, VP Product Management, dicusses Nuage Networks flexible & integrated approach to VNFs on SD-WAN and the benefits of working with a comprehensive SD-WAN solution.
For more information on Nuage Networks SD-WAN solutions, visit: http://www.nuagenetworks.net/products/virtualized-network-services/

Published in: Technology
  • Hello! Get Your Professional Job-Winning Resume Here - Check our website! https://vk.cc/818RFv
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

A flexible & integrated approach to VNFs on SD-WAN

  1. 1. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Keynote Saurabh Sandhir Vice President, Product Management – Nuage Networks May 3rd, 2017 SD-WAN & BUSINESS FORUM | NFV World Congress (San Jose) SD-WAN BEYOND CONNECTIVITY A FLEXIBLE AND INTEGRATED APPROACH TO VNFS ON SD-WAN
  2. 2. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Make Networking as instantaneous and readily consumable as compute  Open: Preserve choice  Boundary-less: Networks, not islands  Policy-Driven: Automation, Security and visibility THE BIG IDEA OUR ROOTS  Nuage is based in Silicon Valley with a team around the world  An Alcatel-Lucent venture, now Nokia, focused on data center and branch office network evolution for the cloud era OUR MISSION
  3. 3. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NUAGE NETWORKS – THE PLATFORM BM-connectivity Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor Hypervisor VM-connectivity Hybrid-connectivityContainers-Connect L2 Tenant A Tenant B L2 L2 Mul$ple'Transport' links' Separa$on'of'service' from'transport' Applica$on7aware' path'selec$on' Site' Site' SD-WAN connectivity VSS Insight VSAP Assurance Networking ‘glue’ connecting users and applications VCS: Virtualized Cloud Services VNS: Virtualized Network Services Kubernetes Virtualized Services Directory (VSD) Virtualized Services Controller (VSC) VSP - Unified Multi-tenanted Policy and Control
  4. 4. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION TRANSPORT DEPENDENT LOCATION DEPENDENT DEVICE DEPENDENT MANUAL (TIME ‘DEPENDENT’) ENTERPRISE WAN TRANSPORT INDEPENDENT LOCATION INDEPENDENT DEVICE INDEPENDENT ENTERPRISE VNS AUTOMATED (TIME ‘INDEPENDENT’) WIDE AREA NETWORKING EVOLUTION WITH SD-WANs
  5. 5. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Flexible, Self-service, On-demand, Pay-for-use WITH THE RIGHT SDN ..
  6. 6. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION VALUE ADDED SERVICES FOR THE BRANCH • Fragmented Appliances • Lack of unified cloud policy or control • Manual Extension to DC (or cloud hosted) services • Rigid orchestration • Lack of Flexibility, easy lock-in, high operational expense • Consolidated platform • Centralized cloud policy or control • On demand extension to DC (or cloud hosted) services • Well defined interface to orchestration • Flexible deployments at scale with multi-tenancy SBC/VoIP IDS/IPS FW Net. Opt URL Filter DPI/Analytics NAT IOT Agent WLCDHCP
  7. 7. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NUAGE SD-WAN FLEXIBLE MODELS FOR ENTERPRISE BRANCH VALUE ADDED SERVICES Chained Services VNFs (VM or Containers) hosted on SDWAN CPE Hosted On-premise (“Branch in a Box”) On-board services NAT, VPN, QoS, DHCP, etc Embedded VNFs hosted in DC or PoP SaaS services for security, DDoS (e.g Zscaler) Service Chained (incl. Cloud Hosted) NEW
  8. 8. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Data Center Logical chain representation (not strictly traffic flows)CPE App App App InternetLAN FW Net OptDHCP IP XLTVPN WAN CPE DMZ Applications Embedded or Hosted Central Office App Virtualized Services Directory (VSD) Virtualized Services Controller (VSC) Scalable, Multitenant & Unified Policy, Control & Dataplane NUAGE SD-WAN A UNIFIED & FLEXIBLE PLATFORM FOR BRANCH VAS
  9. 9. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION DC Underlay DC VXLAN VRS-1 (Hypervisor) App 1 VRS-2 (Hypervisor) App 2 DC Service Overlay DC SDN Policy and Management DC SDN Controller DC Edge Router Site2 Site1 CPE 1 CPE 2 WAN Underlay WAN Service Overlay WAN VXLANoIPsec VXLAN WAN SDN Policy and Management WAN SDN Controller PE ◎Two separate services, managed and controlled independently ◎Disconnected Data Plane (tunnels) – Decap, Decrypt, Re- Encap ◎Disconnected Policy and Control Plane – Isolated Policies, ACLs, VRFs. Siloed Flow Monitoring WAN BRANCH TO DC CHAINING THE PROBLEM OF DISJOINT DOMAINS
  10. 10. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION INTEGRATED POLICY AND SEAMLESS CONTROL ACROSS WAN & DC BOUNDARYLESS SD-WAN SERVICE CHAINING NSG-BR VSC-WAN-n VSC-DC NP BRP NP Network Port BRP Border Router Port RR BGP Route Reflector VSC-WAN-1 RR MP-BGP MP-BGP VSD Datacenter VRS-1 (Hypervisor) WAN VRS-2 (Hypervisor) Service Overlay WAN Underlay DC Underlay MP-BGP App 1 VNF 2 Branch 1 Branch 2
  11. 11. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NSG DP / CP (OS/HYPERVISOR) VM VNFs CONTAINER VNFs ACCESS MPLS WAN Internet (3G, LTE, BB) PRIVATE DATA CENTER PUBLIC CLOUD BRANCH/ENTERPRISE BRANCH IN A BOX : CPE HOSTED VNFs SBC/VoIP IDS/IPS FW Net. Opt URL Filter DPI IOT Agent WLC ??? Anti Virus
  12. 12. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION OVERLAY INTERNET BREAKOUT7850 NSG (Physical x86) NSG DP / CP (OS) VM VNFs CONTAINER VNFs HYPERVISOR ▪ REST API based integration w/ NFV Orchestrator ▪ VNF Onboarding, Catalog Management ▪ Lightweight VNF lifecycle management ▪ Light weight VIM (Scheduler) ▪ VM instantiation/deletion/default config ▪ Service Chaining Framework ▪ VNF insertion in packet flow ▪ Advanced forwarding rules to redirect traffic ▪ KVM hypervisor / Libvirt Management of VNF ▪ Resource Monitoring & VNF Health Checks VSC VSC Federated scale-out control plane VSD VNF repository Lightweight VNFM Lightweight VIM NFV ORCHESTRATOR CBND Partner SOLUTION ARCHITECTURE FOR HOSTED VNFs
  13. 13. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION ▪ Lightweight & Scalable Architecture ▪ CPE platform / resource management under VSD control ▪ Secure VNF Deployment & Service Chaining at Scale ▪ Open Ecosystem of VNF Partnerships ▪ Open Eco-system for VNFs ▪ No customization required to support Nuage CPE ▪ Management & Orchestration CBND ▪ Single Point of Integration with Orchestrator, OSS/BSS ▪ Open APIs / REST Interface ARCHITECTURE – KEY BENEFITS
  14. 14. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NUAGE NETWORKS VSP INTEGRATION PARTNER (VIP) PROGRAM VitalQIP
  15. 15. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION ProxyIDS/IPS FW URL Filter DPIAnti Virus Hosted On-premise (“Branch in a Box”) Embedded Service Chained (incl Cloud Hosted) Incomplete without “pan network” flow visibility, monitoring and dynamic event based policy automation SECURITY SERVICES ESSENTIAL TO SD-WAN
  16. 16. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NUAGE VIRTUAL SECURITY SERVICES (VSS) FOR SD-WAN Dynamic Security Automation • Automate Response based on Security Analytics • Dynamic Service Insertion for Threat Mitigation Visibility & Security Analytics • Contextual Flow Visualization • ACL & Traffic Analytics, Near Real-time Alerts
  17. 17. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION NUAGE SD-WAN & VSS Use-Case: Telemetry Triggered Services INTERNET PRIVATE IP HQ Branch 1 Partners Bare Metal Overlay ESXi ESXi KVM KVM Bare Metal Bare Metal Container Container Hyper-V Hyper-V FIREWALL / IPS EXTRANET SEGMENT SD-WAN X-86 CPE SD-WAN X-86 CPE SD-WAN X-86 CPE DATA CENTER  Prevent malware from infected branch device from entering corporate network  Detect malicious end-points  Automate response to prevent malware spread  Leverage SDN analytics to identify suspect end-points  Dynamically insert security services (e.g., NGFW, IPS) for suspect traffic  Security services can be hosted in the data center or the branch
  18. 18. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Value Added Services New Revenue Acq. & Retention Secure Seamless Connectivity SDVPN for Global Organizations Simplified WAN Management Ensure Operational Efficiencies Transport Agnostic Support Any WAN Underlay Technology Application Awareness App & User based Traffic Engineering Visibility & Sec. Analytics Integrated System- wide Security PRIVATE DATA CENTER NSG UBR NSG-BR PUBLIC CLOUD LARGE ENTERPRISE NSG-V/BR NSG-V/P NSG-V/P BRANCH LOCATIONSINTERNET MPLS INTERNET 4G/LTE Advanced Networking Infrastructure / Multi-Tenant / Scale & Performance NUAGE SD-WAN : THE MOST COMPREHENSIVE SD-WAN SOLUTION
  19. 19. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Service Provider Use Case:  Background: – Tier 1 Canadian Service Provider offering full complement of services  Challenges: – Challenged to reduce OPEX by investing in new technologies to modernize VPN portfolio – Wants to introduce competitive SMB VPN product with value added features for stickiness and increased walletshare.  Solution: – VNS provides scalable product that supports SMB customer needs for VPN, application awareness, advanced analytics and reporting, security and service chaining to distributed and centralized VNFs – Integration into OSS/BSS infrastructure and “Network Services Portal” reduces cost to manage network – Introduction of new products aligned with SDN-vision for network VNS Overlays Broadband Network Site “B” NSG Site “C” NSG xDSL GPON Centralized Management And Network Policy Engine Customer management portal SP-DC NSG-V Offnet Site “A” NSG xDSL WIreless LTE VNF VNF
  20. 20. © 2017 NOKIA. ALL RIGHTS RESERVED. NUAGE NETWORKS IS A NOKIA VENTURE. CONFIDENTIAL - SOLELY FOR AUTHORIZED PERSONS HAVING A NEED TO KNOW PROPRIETARY – USE PURSUANT TO COMPANY INSTRUCTION Thank you www.nuagenetworks.net @nuagenetworks

×