Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Krzysztof.Konkowski@cisco.com
Consulting Systems Engineer
CCIE #20050 RS, SP; CCDE #2014::18
Kreowanie usług przez
operato...
2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Nasze wspólne wyzwania
Pasmo
ARPU
Klienci
Zar...
3© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Transformacja Biznesu
Obniżenie kosztów i jed...
Cisco Confidential 4©2014 Cisco and/or its affiliates. All rights reserved.
Różnica między kosztami VPNów
$-
$100,00
$200,...
5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Architektura SP-IWAN
Private
Cloud
Cisco ASR
...
6© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Target – Separate Transport and Service
•  CP...
7© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SP Cloud
Services
SP-IWAN Baseline Architectu...
8© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SP-IWAN Baseline Architecture – (Details)
•  ...
9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SP-IWAN Baseline Architecture
DMVPN Control P...
10© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SP-IWAN Baseline Architecture
Hosted Hub MC
...
11© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vMS – Topology Summary
R31
R11
DMVPN
Data Hu...
12© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Developing IWAN Within the SP’s
One Solution...
13© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Intelligent WAN
Solution Components fo...
14© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Transforming the User Experience
SELECT A SE...
15© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ManualAutomated Self-Service On-Demand
From ...
16© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Orchestration System
Elastic Services
...
17© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SP IWAN
SP-IWAN: Business Case Catalog
Deliv...
18© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Ubiquitous Visibility Across Networks
Cisco ...
19© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Allowing Applications
to Move Freely Between...
20© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Optimal Application Experience from Anywhere...
21© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Enable Cloud Application Deployment
Direct I...
22© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IWAN as a Service Offering Example
PremiumBa...
PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju urządzeń - Network Services Orchestration, Kr...
Upcoming SlideShare
Loading in …5
×

PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju urządzeń - Network Services Orchestration, Krzysztof Konkowski

112 views

Published on

PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju urządzeń - Network Services Orchestration, Krzysztof Konkowski

Published in: Internet
  • Be the first to comment

  • Be the first to like this

PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju urządzeń - Network Services Orchestration, Krzysztof Konkowski

  1. 1. Krzysztof.Konkowski@cisco.com Consulting Systems Engineer CCIE #20050 RS, SP; CCDE #2014::18 Kreowanie usług przez operatorów – SP IWAN
  2. 2. 2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Nasze wspólne wyzwania Pasmo ARPU Klienci Zarządzenie ciągłym wzrostem przepustowości Wykorzystanie możliwości infrastruktury Szybsza i efektywniejsza innowacja Operatorzy OTT zajmują pasmo… a nie chcą za nie płacić Netflix = 20% całego pasma downstream w US YouTube zdominował cyfrowy transport wideo Użytkownicy korzystają z usług transmisji danych – gdziekolwiek są 20%
  3. 3. 3© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Transformacja Biznesu Obniżenie kosztów i jednoczesne wypracowanie namacalnych wartości Automatyzacja Wspomaga ale i Wymusza Transformację Biznesu Data Center Zwirtualizowane pule zasobów (obliczeniowych i do przechowywania danych) Orchestration Dynamiczna konfiguracja, zmiana oraz proces zdalnego zarządzania Przenoszenie obciążenia Przenoszenie obciążenia zgodnie z profilami usługowymi Sieć Zwirtualizowane Funkcje Sieciowe Usługi chmurowe Pełen dostęp do zasobów z dowolnego miejsca chmury
  4. 4. Cisco Confidential 4©2014 Cisco and/or its affiliates. All rights reserved. Różnica między kosztami VPNów $- $100,00 $200,00 $300,00 $400,00 $500,00 $600,00 2013 2014 2015 2016 2017 2018 MPLS VPN IP VPN Cloud VPN Koszt MPLS VPN – Premium §  Zarządzanie po stronie operatora §  Bezpieczeństwo i polityka QoS w sieci SP §  Niezawodność – SLA. §  Dedykowana infrastruktura. MPLS VPN: $451 IP VPN : $143 Cloud VPN: $100 70% Premium
  5. 5. 5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Architektura SP-IWAN Private Cloud Cisco ASR 1000 Series Campus/ Data Center IP NGN MPLS Public Cloud Service Provider Managed and Policy Control Customer Sites AVC WAAS AVCWAAS IWAN-aaS Service Monitoring Service Provisioning vWAAS vWAAS Cisco CSR 1000V Series AVC Cisco CSR 1000V Series AVC Dual MPLS Mobile Mobile MPLS MPLS Internet Internet Internet Cisco ASR 1000 Series
  6. 6. 6© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Target – Separate Transport and Service •  CPE-to-CPE overlay enables separation of transport (underlay) and VPN service (overlay) –  Today choices: DMVPN (IWAN current), BGP-dVPN (IWAN Future) •  Routing in VPN service overlay environment should be almost trivial Router A Router B Router C Router E Router D = Service aware = Service unaware IP or MPLS Transport Underlay VPN Service Overlay
  7. 7. 7© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential SP Cloud Services SP-IWAN Baseline Architecture P P BR1 BR2 MPLS INET Orchestra)on vMS Multi Tenant Portal NSO Customer/admin Portals ESC OpenStack ODL Repor)ng Netflow Collector Customer/admin Portals Engine PnP HMC TMC PE BR1 BR2 MC/BR PE MC/BR Dual networks (Initial SP Model) Similar to Enterprise Deployment •  Description –  Dual network (separate MPLS and INET core) –  PfR measures performance end to end –  Secure access to MPLS-VPN over Internet (Secure gateway) •  Requirements –  IWAN Transport Independent Design - CPE-CPE traffic is encapsulated into mGRE –  Overlay Routing through the tunnels – BGP –  Disjoint tunnels in the SP Core –  Internet access secured by ezVPN or FlexVPN to a Secure gateway –  PfRv3 over DMVPN over FlexVPN BR
  8. 8. 8© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential SP-IWAN Baseline Architecture – (Details) •  A solution already offered by multiple Providers to connect customers via Internet/LTE into their MPLS VPN relies on FlexVPN client on the branch router, an FlexVPN server at point of egress from their network, which drops the traffic into the correct MPLS VPN. •  The IWAN DMVPN overlay must run as DMVPN (encrypted or unencrypted), over FlexVPN. Branch (EzVPN client) (DMVPN Spoke) EzVPN Server (aka Tunnel Terminator) HQ (DMVPN Hub) FlexVPN (Encrypted) DMVPN (unencrypted) Mobile Network
  9. 9. 9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential SP-IWAN Baseline Architecture DMVPN Control Plane / Data Plane Separation R31 R11 DMVPN Data Hub R12 DMVPN Data Hub R21 DMVPN Data Hub R22 DMVPN Data Hub R2 R3 SP Datacenter Customer HQ1 Customer HQ2 R41 R51 R52 •  DMVPN Overlay: –  R2 and R3 DMVPN Control Plane hubs in SP datacenter •  They are NOT PfR BRs –  DMVPN Data Plane hubs on customer premises •  PfR –  Hub MC in SP datacenter –  No local BRs –  HQ1 and HQ2 PfR both Transit Sites DMVPN Control Hub DMVPN Control Hub MPLS INET R10 Transit MC R20 Transit MC R1 Hub MC Domain Controller •  Standalone Hub MC •  Without local BRs. Becomes a real Domain Controller for PfR policies
  10. 10. 10© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential SP-IWAN Baseline Architecture Hosted Hub MC R31 (MC/BR) R11 BR R12 BR R21 BR R22 BR R2 R3 SP Datacenter Customer HQ1 Customer HQ2 R41 (MC/BR) R51 (MC/BR) R52 (BR) •  Hub MC (R1) hosted in the SP Cloud •  All MCs peer with the R1 MPLS INET R10 Transit MC R20 Transit MC R1 Hub MC Domain Controller •  Standalone Hub MC •  Without local BRs. Becomes a real Domain Controller for PfR policies
  11. 11. 11© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential vMS – Topology Summary R31 R11 DMVPN Data Hub R12 DMVPN Data Hub R21 DMVPN Data Hub R22 DMVPN Data Hub R2 R3 SP Datacenter Customer HQ1 Customer HQ2 R41 R51 R52 MPLS INET R10 Hub MC R20 Transit MC R61 NSO Customer/admin Portals Single CPE MPLS Single CPE MPLS/INET Dual CPE MPLS/INET
  12. 12. 12© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Developing IWAN Within the SP’s One Solution–Different Access Models Across Market Segments Service Provider Managed / Un-Managed and Service Provider Cloud Managed Models Intelligent VPN Hybrid WAN Cloud VPN Service Provider Network Branch Office Public Cloud Internet Service Provider Network HQ Service Provider 1 Service Provider 2 Branch Office Private Cloud Public Cloud Internet HQ MPLS Dedicated internet Service Provider 1 Service Provider 2 Branch Office Private Cloud `Public Cloud HQ Dedicated internet Dedicated internet INET INET Internet Private Cloud PE L2 PtP MPLS PW PE INET Common Orchestration and Elastic Cloud Services Platform Consistent Portal and Service Dashboard Instrumentation Application Aware Cloud Services Optimization Pervasive Security WAN Optimization Usage Based Pricing MPLS VPN
  13. 13. 13© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Intelligent WAN Solution Components for SPs Intelligent Path Control Load Balancing Policy-Based Path Selection Network Availability Secure Connectivity Scalable, Strong Encryption App-Aware Threat Defense Cloud Web Security Application Optimization Application Visibility App Acceleration Intelligent Caching Hybrid WAN Application-centric Design Common Operational Model Deployment Flexibility
  14. 14. 14© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Transforming the User Experience SELECT A SERVICE BUNDLE CONNECTION ONLY SELECT APPLICATION PERFORMANCE BASIC SELECT APPLICATION PERFORMANCE FULL SELECT APPLICATION PERFORMANCE PREMINUM SELECT Basic Connectivity ✓ ✓ ✓ ✓ Application Monitoring ✓ ✓ ✓ QoS Features ✓ ✓ ✓ Performance Routing ✓ ✓ Direct Internet Access ✓ App acceleration & opt ✓ Account Logout
  15. 15. 15© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ManualAutomated Self-Service On-Demand From Complexity to Simplicity and Automation Where Can We Put It? Procure It Install It Configure It Secure It FROM WEEKS TO MINUTES* Service Oriented Self-Service Automated Provisioning Elasticity (Capacity-on-Demand) Architect It Design It Is It Ready?
  16. 16. 16© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Orchestration System Elastic Services Controller (ESC) Tenant Portal Network Services Orchestrator (NSO) REST API REST API SP’s OSS/BSS ISR CPE PnP Functionality Zero Touch Provisioning OpenStack CSR1Kv ASAv X86Server WSAv CloudVPN Connectivity up If more VNFs are needed for a Service Chain ? ISR CPE Shipped to Customer Site, connected and Powered ON Customer Orders VPN Service Provide Day 1 Configuration SDN Controller Establish VPN: IPSec, IP Overlay (BGP, GRE, LISP), L2 PnP Server DCI/PE Internet Gateway OVS/ VTF
  17. 17. 17© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential SP IWAN SP-IWAN: Business Case Catalog Delivering Value Within the Network Deploying New Cloud Services/Guest Access DIA Ubiquitous Visibility Over Multiple Networks Application Visibility Allowing Applications to Flow Between Multiple Links Performance Routing Extend High Quality Digital Experiences from Any Cloud Application Performance
  18. 18. 18© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Ubiquitous Visibility Across Networks Cisco Application Visibility and Control Fault SeekingProactive Monitoring WAN Sizing Customer Sites Service Provider WAN Access Cisco CSR 1000V Series AVC Cisco CSR 1000V Series AVC Cisco CSR 1000V Series AVC Cisco CSR 1000V Series AVC Internet Public Cloud Private CloudCampus/Data Center vCPE •  Trace historical records for network data for RCA •  Determine type of traffic running across the network •  Tune the network to business- critical services •  Measure and project application needs for WAN services AVC AVC
  19. 19. 19© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Allowing Applications to Move Freely Between Networks Performance Routing (PfR) •  Steer application flows based on type, policies and path status •  Provide protection of business applications from brownouts Application-Aware •  Provide more value with Active/ Active WAN links •  Increase bandwidth efficiency by load-sharing traffic over all WAN paths Full Utilization •  Automatic and on-demand monitoring and intervention •  Decrease loss percentage to less than 5% Real-Time Branch ISR4K IPSec Secure WAN DIA MPLS Public Cloud Private Cloud Virtual Cloud IPSec Secure WANMPLS
  20. 20. 20© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Optimal Application Experience from Anywhere Application Performance Result Reduce Load •  Data redundancy elimination (DRE), compression, and TCP optimization Application Optimization •  Fewer protocol messages and metadata caching Application bandwidth with Cisco® WAAS Application bandwidth natively Application latency natively Application latency with Cisco WAAS 0 0 1 2 3 4 40 80 120 160 App Bandwidth App Latency Bandwidth (Mbps) Latency (Seconds) Reduced Bandwidth Reduced Latency Public Cloud Privat e Cloud Branch ISR-AX Akamai Intelligent Platform Mobile Apps Live Video Software Downloads Digital Signage Catalogs Guest WiFi Akamai Connect Any Device, Connectivity, Cloud
  21. 21. 21© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Enable Cloud Application Deployment Direct Internet Access •  Improve application performance (right flows to right places) Leverage local Internet path for •  Increase WAN transport capacity and app performance cost effectively! Internal Application Data to Center Branch Public Cloud Private Cloud Virtual Cloud Internet MPLS (IP-VPN) Direct Internet Access
  22. 22. 22© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential IWAN as a Service Offering Example PremiumBasic AVC AVC + QoS AVC + QoS + PfR AVC + QoS + PfR + Sec AVC + QoS + PfR + Sec + WAAS $$$ Application Acceleration and Optimization Application QOS and Bandwidth Control Real Time Application Performance Monitoring and Reporting Basic Connectivity 5% to 10% 10% 20% to 50% $$$ Upsell Opportunity (% of Basic Connectivity)

×