Deploying new WAN services can take a long time and require a significant up-front capital investment. The software-defined nature of SD-WAN enables service agility, rapid rollout, and instant-on WAN that the Service Provider can immediately benefit from. This accelerates the time to market and time to revenue.

1. WAN. Re-invented.
Technical Deep Dive
SD-WAN for Service Providers
Parag Thakore, Director Product Management
Kangwarn Chinthammit , Director of Solutions Marketing

2. Agenda
SD-WAN for SPs
 Enterprise Trends, Challenges, and Deployment Considerations
 Top SD-WAN Considerations
 SD-WAN Building Blocks & Deep Dive
1. Unified Elastic Transport
2. Cloud On-Ramp
3. Flexible Deployments
4. Automation and Orchestration
 Summary
3/21/2016 2

3. Businesses Blocked by WAN Challenges
3/21/2016 3
Application rollouts
inhibited by expensive
bandwidth
Branch deployments delayed
by IT complexity
Cloud migration not supported
by static architectures
X
X
X

4. Top SD-WAN Deployment Considerations
3/21/2016 4

5. Key Capabilities of SD-WAN (Source: Gartner)
1. Lightweight WAN CPE replacement that is
transport agnostics
2. Allow for dynamic load sharing across multiple
WAN
3. Dramatically simplify the complexity associated
with management, configuration, and
orchestration of the WAN
4. Provide secure VPN and ability to integrate
additional network services and offload Internet
traffic closer to the edge of the network
3/21/2016 5
Source: http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/

6. SP’s SD-WAN Consideration Process
3/21/2016 6
What services can I offer?
• New services vs better existing services & ROI
How do I offer these services?
• Customer Experience, Reduce Truck-Rolls, Simplify
Operations
How do I integrate into my network and
operation?
• Flexible Deployment and Business Models, Fit SP
topology, leverage SP network, integrate with OSS

7. VeloCloud SD-WAN Whole Offer - Building Blocks
3/21/2016 VeloCloud.com Company confidential. 7
Cloud
On-Ramp
Unified Elastic
Transport
Internet
MPLS
Wireless
What to deliver ? How to deliver ?
Flexible
DeploymentsVNF
VNF
VNF
Automation &
Orchestration

8. Cloud-Delivered SD-WAN For NSP/CSP
83/21/2016
Dynamic Multi-path
Optimization
CE
Router
SaaS
SP
Cloud
Service
PRIVATE/MPLS
Cloud
DC
SP Orchestrator
INTERNET
PE
PE
Branch Site
Enterprise
DC
PE
SP Cloud
Gateways
SD-WAN CPE
Or Virtual Edge
1
3
2
• Public and private links
Secure Bonded Overlay
OnNet/Offnet support
• Gateway/VCO in SP cloud or
VeloCloud Hosted
Deliver Rich Services & Maintain Visibility
• WAN Expansion
No RIP and Replace
• Scalable, Multi-tenant Architecture
• Thin branch, auto provisioned
• Direct path to Ent and cloud apps
3

9. Unified Elastic Transport

10. Dynamic Multi-Path Optimization
Assured Application performance over MPLS, Internet broadband and LTE circuits
Continuous Monitoring
Automatic capacity testing
Continuous link & path quality monitoring
MPLS Class-of-Service aware
Dynamic App Steering
App aware per Packet Steering
Virtualized: apps not tied to links
Aggregated bandwidth for single flows
Policies abstracted by link groups
Backup link policy
On Demand Remediation
Error & jitter correction
Automatic steering for brownouts/blackout
Case Study: 2500 Site Retail Hybrid WAN
•MPLS packet loss and outage
•Performance issues on CABLE
VeloCloud Delivers Excellent VOIP Quality
•Sub-sec steering of VOIP without call drops
•On-demand mitigation of packet loss & jitter
VeloCloud Networks | Proprietary & Confidential | © Copyright 2016

11. Customer base expansion with Offnet Deployments
17%of the time
single Internet link fails to
deliver expected application
performance
8.89
VQS
>99%of the time
SD-WAN with dual Internet to
delivers predictable
application performance
VQS
9.96
Internet Cloud-delivered SD-WAN
Source: VeloCloud Internet Quality Report
Offnet Sites On-net Sites

12. TCP Flow Optimization
3/8/2016 12
TCP flow
optimization with
packet loss
occurring
Up to 20X better performance with SDWAN

13. Layer 7 Aware Stateful Application Firewall
• Granular application
policies for visibility and
control
• Firewall can also be
disabled in favor of
existing hardware
• ICSA certified by H216
3/8/2016 13

14. Cloud On-Ramp

15. Retail Case Study with UCaaS Provider
3/21/2016 15
• OTT service with hosted VOIP
• Cable simultaneously had critical performance issues
• Cloud-Delivered SD-WAN delivers app perf
• Policy based redirect (UC traffic only)
• OnDemand mitigation on Single Link

16. Voice/Video Optimization @ Retail Site
MOS: 2.1 @
2% Packet loss
MOS: 4.1 @ 2%
Packet loss
MOS: 3.3 @
33ms Jitter
MOS: 4.2 @ 33ms
Jitter
Legacy Vendor With SDWAN

17. Eliminiate NxN, High Performance Connection to VPC
VPC VPC VPC VPC
 Connection to VPC requires either backhaul
to DC first or setting up IPSec tunnel from
every branch to VPC
 Complicated and manual IPSec
configuration to VPC
Traditional WAN to VPC Connect to VPC with Cloud-delivered SD-WAN
 High performance, secure connectivity to VPC
with Dynamic Multipath Optimization
 Eliminate the mesh tunnels from branches to
VPC; only IPSec tunnels from the Cloud
Gateways are required
 Automated IPSec configuration Cloud-
delivered SD-WAN

18. SD-WAN Automation and
Orchestration

19. SD-WAN Automation and Orchestration for ICOM
3/21/2016 19
*3 Tier Multi-Tenant * Role Based* RestFul APIs* Flexible Deployment Models*Velo/SP Hosted

20. Consolidated Dashboard for complete lifecycle management
3/8/2016 20
SLA Measurements Remote Diagnostics
Monitoring

21. Software Defined Automation
• Remote cloud provisioning
• Group business level policies
• Automatic link profiling
• One-click VPN to DC and cloud
• Eliminate NxN manual tunnels
• Dynamic branch-to-branch
• Cloud services insertion
• No complex per node routing
• Backhaul to on-premise services
Simplified ConfigurationsZero Touch Branches Easy Services Insertion
VeloCloud Networks | Proprietary & Confidential | © Copyright 2016

22. Flexible Service Insertion –
Policy-based Application Steering and Redirection
3/21/2016 22
Internet/MPLS1
2
3
4
Dynamic branch to
branch tunnel Traffic to other on-net sites or SP
services
Critical traffic to the
Internet, e.g. SaaS
Non-critical Internet traffic,
e.g. Netflix
SP PoP
SP Hosted GW
VeloCloud GW

23. Policy-based Application Steering and Redirection - Examples
3/21/2016 23
Legacy WAN: ACL, IP address, subnets
SD-WAN: App-level policy
Legacy WAN: Need to put application in the right
queue
SD-WAN: App-awareness to choose the right
queue
Legacy WAN: Complex routing tuning & PBR to
do split tunnel
SD-WAN: App-aware split tunnel policy & single
click
Legacy WAN: Routing protocol tuning, probes,
PBR
SD-WAN: Dynamic path selection

24. Flexible Deployment Options

25. VNF for SP Universal CPE/vCPE
 Edge VNF can be service chained on SP
owned Universal CPE
 Flexible Deployment Options
 Runs on x86 COTS
 Multi-tenant GW software can interoperate
with existing Provider Edge Routers
3/21/2016 25
COTS
VeloCloud
Gateway Software
VeloCloud
Edge VNF
VNF
VNF
VNF
VeloCloud
Edge HW

26. MPLS
Orchestrator
Flexible Branch and VPN Handoff types
CE
Router
INTERNET
Dynamic Multi-path
Optimization
IPSec
Existing VPN
Headend
VRF
26
PE
Service Provider
Cloud Gateways
PE
PRIVATE/MPLS
NETWORK
VeloCloud
Edge
Supported Onboarding
Options
Supported VPN
Handoff Options
Option 1:
Internet-only
Option 2:
Hybrid WAN
Handoff Option 1:
IPSec over Internet
to customer VPN
headend, firewall
Handoff Option 2:
VRF/VLAN handoff
to PE router to reach
destination on MPLS
PE
3/21/2016

27. Headend Deployment Options
3/21/2016 2727
INTERNET
PRIVATE/MPLS
NETWORKBranch Headend/Hub
Option 1:
Overlay tunnels from branch to hub.
Dynamic Branch to Branch
Need SD-WAN edges at all sites
INTERNET
PRIVATE/MPLS
NETWORKBranch
SP PoP
IPSec
VRF
Option 2:
Overlay tunnels from branch to SP PoP.
Dynamic Branch to Branch
SDWAN and Non-SDWAN connectivity via
Core
VeloCloud Edge
VeloCloud Edge VeloCloud Gateway

28. Flexible Deployment Options
VM
• Appliance, Software or Multi-tenant Cloud
Datacenter OptionsBranch Options
• Appliance or Virtual Software
FormFactorInsertionModes
VM
• Branch Insertion: Overlay Flow Control, On-Net + Offnet
• Headend and Orchestrator:
• Multi-Tenant and Single Tenant Options
• SDWAN and Non-SDWAN Sites
• Flexible Business Models
• VeloCloud Hosted for quick TTM
• SP Hosted and integrated with PE
• On Customer Prem
Flexible options simplify and enable incremental deployments
VeloCloud Networks | Proprietary & Confidential | © Copyright 2016

29. Cloud Network
On premise and cloud delivery
Cloud Delivered SD-WAN Architecture
29
CABLE
DSLLTE
MPLS
Branch
Velocloud
Edge
VeloCloud DC
Edge
Enterprise DC
Dynamic Multi-Path
Cloud VPN
Smart QoS
App Firewall & Web Security
Application Performance Monitoring
Services Catalog & Ecosystem
Virtual Services Delivery
SD-WAN Services Orchestration
Business Policy Automation
Overlay flow control and
services insertion
Visualization
Cloud DC
Multi-tenant, cloud scale
Distributed Redundant Infra
VeloCloud
Gateways
VeloCloud Networks | Proprietary & Confidential | © Copyright 2016

30. www.velocloud.com/sd-wan-dummies
Thank You!