Uploaded byJamelPandiin2
PPTX, PDF33 views

The needs for Wide Access Networks .pptx

The document discusses Software-Defined Wide Area Networking (SD-WAN) and its benefits over traditional networking services, emphasizing cost optimization and application-specific Quality of Service (QoS). It covers aspects like Service Level Agreements (SLAs), types of services offered, and the implementation of SD-WAN technologies, including hybrid and enterprise solutions. Additionally, it highlights the increasing need for businesses to minimize downtime costs and improve the efficiency of their network operations.

Embed presentation

Download to read offline
SD-WAN 1 SD-WAN Yaakov (J) Stein CTO
SD-WAN 2 The need for SD-WAN
SD-WAN 3 Why do we pay for services ? Generally good (and frequently much better than toll quality) voice service is available free of charge (e.g., Skype) So why does anyone pay for voice services ? Similarly, one can get free • (WiFi) Internet access • email boxes • search services • file storage and sharing • web hosting • software services So why pay for any service ?
SD-WAN 4 Paying for QoS The simple answer is that one rarely pays for Best Effort service one pays for Quality of Service guarantees For example, for voice communications services Of course, one really would like to pay for Quality of Experience but that may be hard to measure QoS parameters proxy for QoE QoS price BE toll quality with mobility
SD-WAN 5 Service Level Agreements In order to justify recurring payments service providers agrees to a minimum level of service in a Service Level Agreement (SLA) An SLA is a legal commitment between a service provider (SP) and a customer, for example: • Telco and subscriber • ISP and Internet user • VPN operator and enterprise • cloud application provider and cloud user SLAs typically include (financial) penalties for breaches If objectives or penalties are too low, SLA is useless If objectives or penalties are too high, cost will be prohibitive Badly defined SLAs may damage operations by setting incorrect goals
SD-WAN 6 SLAs and QoS parameters SLAs detail measurable network parameters that influence (correlate with) QoE, such as : Customer parameters • customer service response time • numerous legalities Connectivity parameters • availability (e.g., the famous five nines) • time to repair (e.g., the famous 50 ms) Noise (error) level parameters • SNR, BER, etc. • Packet Loss Ratio • defect densities Information rate parameters • bandwidth, throughput, goodput Latency parameters • 1-way delay • round trip delay performance parameters customer service parameters fault parameters
SD-WAN 7 Connectivity vs. the rest Basic connectivity (availability) always influences QoE and thus its monitoring is considered fault management (FM) which triggers automatic corrective actions (APS) All other parameters may influence QoE depending on service/ application (voice, video, browsing, …) and are considered performance monitoring (PM) For example • Some services only require basic connectivity • Some also require minimum available throughput • Some require delay less then some end-end (or RT) delay • Some require packet loss ratio (PLR) less than some percentage
SD-WAN 8 Carrier-grade services From what we have said it follows that there are two kinds of services: • Best Effort (BE) services (e.g., Internet) • Carrier Grade (CG) services (e.g., Carrier Ethernet or MPLS TE) Best Effort services may be very inexpensive or free but come with very loose consumer-grade SLAs, e.g., – repair within 5 business days – no latency expectations – no PLR guarantees Carrier-grade services may be very expensive and SLA-dependent SLAs are often complex and may take weeks to negotiate This leads end-users to wonder whether they really need them
SD-WAN 9 For example ... High availability services usually have 5-nines (99.999%) availability while BE services are often 3-nines (99.9%) or less High availability services usually have sub-50 millisecond repair times while BE services do not specify this time at all CE services provide dual-token-bucket bandwidth profiles while Internet connectivity services only specify physical layer bit-rate Low delay services may guarantee delay only 15% higher than physically possible (light propagation time) while latency of BE services is typically double that physically possible Low PLR services may guarantee PLR under 0.01% while BE services may have PLR of 1% Tight SLAs can cost the end-user 5-10 times more than loose ones
SD-WAN 10 The cost of downtime For whom isn’t BE service enough? According to Gartner in 2014 IT downtime cost large corporation $5,600 per minute and the cost has probably increased considerably since then In a 2016 survey of large organizations by ITIC • 98% reported that 1 hour of downtime costs > $100,000 • 81% reported that 1 hour of downtime costs > $300,000 • 33% reported that 1 hour of downtime costs $1-5 million Amazon’s 13 minute partial downtime in Nov 2019 is estimated as having cost it $2.6 million And these are only direct losses Any end-user noticeable downtime can lead to negative QoE that impacts reputation and customer loyalty leading to additional long term harm
SD-WAN 11 The conventional approach To prevent harmful communications downtime • banks, brokers, financial services • critical infrastructure operators • web retail presence require high-availability (e.g., 5 nines) But connectivity isn’t always enough, for example • interactive applications are unsatisfactory without low delay • real-time operational traffic often requires low packet loss • enterprises require good security/traffic isolation So service providers offer carrier grade services that guarantee various QoS parameters in an SLA Similarly, services provided internally have defined Service Level Objectives)
SD-WAN 12 Example: Carrier Ethernet services MEF CE 2.0 defines several QoS KPIs availability specified in “nines” notation (e.g., five nines) bandwidth profile (committed data-rate) specified by CIR, CBS, EIR, EBS, … packet loss fraction of frames to be delivered that are actually delivered specified by T (time interval) and L (loss objective) packet delay measured UNI-N to UNI-N on delivered frames specified by T, P (percentage) and D (delay objective) packet delay variation specified by T, P, D, V (PDV objective)
SD-WAN 13 The problem Enterprises got used to ordering SLA-based services and for simplicity did so for all of their networking needs even those not requiring special treatment This led to a situation wherein • Internet browsing • email • backups • other non-critical communications were priced outrageously high Enterprise IT personnel noticed that they were paying more for 50 Mbps at work than they were paying for 1G Internet at home And the BE Internet service usually worked very well!
SD-WAN 14 The solution: SD-WAN
SD-WAN 15 The solution - SD-WAN SD-WAN is mostly about optimizing expenditures Traffic flows are separated according to application Flows are run over paths with the minimum required QoS thus minimizing operational cost Carrier Grade network 1 high priority l o w p r i o r i t y Carrier Grade network 2 these may be two different TE paths in a single network but in that case conventional mechanisms are available SD-WAN controller HQ SD-WAN end-point branch SD-WAN end-point
SD-WAN 16 Hybrid SD-WAN Application flows not requiring any special QoS treatment may be run over low-cost BE Internet connections This is often called hybrid SD-WAN Of course the Internet flows must be monitored and encrypted Carrier Grade network public Internet h i g h e s t p r i o r i t y l o w e s t p r i o r i t y lower priority
SD-WAN 17 Pure Internet SD-WAN It may even be possible to provide SD-WAN services entirely over Internet connections by employing two disjoint ISPs and duplicating traffic for high availability remember – nines add, so 2 three-nines links = six-nines! Carrier Grade network ISP 2 ISP 1 SD-WAN controller HQ SD-WAN end-point branch SD-WAN end-point
SD-WAN 18 Three SD-WAN use cases The simplest use case is application-based QoS this is similar to standard CoS-based services but enables CoS mapping based on Deep Packet Inspection and explicitly takes operational expense into account Another common use case is bandwidth augmentation that is, adding bandwidth to an assured service without major increase in expense by separating/offloading low priority traffic (e.g., hybrid SD-WAN) Another use case is rapid site commissioning where a new site can be rapidly added to an existing VPN by initially connecting over Internet until the SLA-guaranteed connectivity is available (e.g., pure Internet SD-WAN)
SD-WAN 19 Rapid site commissioning Carrier Grade network public Internet on-net traffic o f f - n e t t r a f f i c on-net branch sites HQ off-net branch
SD-WAN 20 SD(-WA)N What is the connection between SD-WAN and SDN ? Software Defined Networking applies IT technologies to routing and is mostly used inside Data Centers SD-WAN advocates extending SDN technologies to the enterprise WAN Also, SD-WAN can be considered SDN at the application layer Even SDN-based enterprise datacenters are interconnected today via static MPLS VPNs Why ? • because that is what service providers are offering (until now) • because enterprises are used to assured services, rather than build-to-fail • because wide area interconnections are not dynamic (except during failures) SD-WAN can be considered as extending the internal SDN to the outside world
SD-WAN 21 But SD-WAN needs a bit more … SDN principles derive from user/control plane separation • centralized intelligence for resource optimization • enhanced automation (zero-touch) for rapid service delivery • virtualization of network elements for flexibility These concepts are applicable to any network not just Data Center LANs But in the WAN they need to be augmented by: • overlay networking (tunneling) • monitoring usage and performance (“analytics”) • strong security
SD-WAN 22 SD-WAN technology
SD-WAN 23 SD-WAN architectural elements What is required to implement SD-WAN? A central SD-WAN controller is software responsible for: • defining policy • finding paths or networks with desired QoS levels • instructing SD-WAN end-points of the required mappings • fault event handling SD-WAN end-points (HQ and branch) are appliances or software responsible for: • tunneling traffic to other end-point(s) • HQ: high scalability (traffic volume, number of tunnels) • identifying applications and mapping them to flows (DPI) • reconstructing traffic onto the LAN • monitoring QoS level (at least of non-SLA-guaranteed paths) • encrypting/decrypting packets (at least for Internet paths) • HQ: gateway functionality to external networks (e.g., Internet)
SD-WAN 24 Digression: Why tunnels? Why does SD-WAN insist on tunneling traffic, with the added complexity? Why can’t we distribute traffic on 2 or more paths without tunneling? After all, Carrier Ethernet handles several Classes of Service via the PCP field without tunneling! But problems arise when using foreign or multiple networks Different networks use different addressing spaces which mask the true end-user identity Consider the case of two or more Internet paths where we distribute different packet flows over different networks but switchover upon network failure Were we to simply load balance then upon failover the traffic will arrive at the destination with a different source address and be unrecognized! With tunneling, the far-end end-point removes the tunnel headers restoring the same source address no matter which path was taken
SD-WAN 25 Two types of SD-WAN Who builds the SD-WAN? There are two cases • Enterprise SD-WAN (called DIY SD-WAN by SPs) – end-user deploys/manages equipment and controls – end-user contracts/pays for standard (SD-WAN-agnostic) point-to-point, VPN, or Internet service for underlay connectivity • Service Provider SD-WAN (also called managed SD-WAN) – service provider markets new SD-WAN service offering – offering cannibalizes traditional MPLS/CE VPN service but avoids losing customer altogether – SP deploys/manages SD-WAN end-points and controller
SD-WAN 26 Enterprise SD-WAN The original impetus for SD-WAN came from IT professionals They observed that corporate WANs, consisting of • branch-to-branch • branch to HQ • branch-to-DC connectivity, suffered from • high pricing and complexity • slow provisioning cycles (not dynamic) • poor IT visibility (no dashboard) • limited security features (FIPS certification, event logging, etc.) • inefficient bandwidth management (including asymmetry) • impossibility of bandwidth pooling from different SPs In 2014 ONUG proposed building over the Internet an alternative to traditional SP VPN services
SD-WAN 27 What can an enterprise do? Instead, or in addition to, today’s static and expensive • L3VPN • L2VPN • IPsec-VPN based services An enterprise can rent pure connectivity between its sites based on inexpensive large bandwidth non-assured links and build by itself an assured service by combining these links Since the enterprise only sees end-to-end link attributes it must continuously monitor the QoS status of these links Since these links are not under its own control the enterprise must provide its own end-to-end encryption
SD-WAN 28 ONUG The Open Network User Group (ONUG) was created in 2012 by Nick Lippis (IT analyst and advisor) and IT professionals, mostly from the financial sector in order to organize conferences to share IT best practices The first ONUG event was held in February 2013 conferences are semiannual, and have expanded to Europe ONUG’s board consists of IT executives, mostly from banks ONUG forms working groups to define use case requirements • SD-WAN 2.0 • Orchestration and Automation • Hybrid Multi-Cloud • Hybrid Multi-Cloud Security new groups as of 2019
SD-WAN 29 ONUG’s Open Networking ONUG defines Open networking as interoperable software and/or hardware that provides choice and design options to enterprise IT This is achieved by • decoupling of specialized network hardware and software • open industry standards (consortium, community or SDO) The goals are • mitigating vendor lock-in • significant reduction of the total cost of ownership (especially OPEX)
SD-WAN 30 ONUG SD-WAN In 2014 ONUG published its SD-WAN Use Case whitepaper kicking off the SD-WAN revolution This whitepaper provides requirements to guide enterprises in implementing SD-WAN by in-house teams although it acknowledges SD-WAN services by managed SPs The whitepaper surveys WAN architecture models and details requirements for • scalability • efficiency • reliability • seamless integration • security • manageability
SD-WAN 31 Service Provider SD-WAN Service providers recognized Enterprise (DIY) SD-WAN as an existential threat to be countered even at the risk of cannibalizing their most profitable business SPs realized that DIY SD-WAN suffers from disadvantages • end-users do not have network-wide visibility and thus can not efficiently choose paths • enterprise IT are not knowledgeable or capable of handling complex networking • enterprise management desires certain key services to be guaranteed by a recognized SP • connectivity to public DCs can’t be handled in-house and decided to offer managed SD-WAN services
SD-WAN 32 MEF SD-WAN The MEF forum has detailed its view of SD-WAN • Understanding SD-WAN Managed Services • introduces terminology for SD-WAN managed service components • illustrates how they fit into the LSO Reference Architecture (RA) • specifies the required LSO reference architecture interfaces • explains how SD-WAN facilitates multi-vendor interoperability • provides example SD-WAN managed service use cases • MEF-70 SD-WAN Service Attributes and Definition • industry-neutral SD-WAN service definition • accelerates adoption/certification of MEF 3.0 compliant SD-WAN • orchestration across global ecosystem of automated networks and has carried out many PoC demonstrations, including: • Zero Touch Services with Secure SD-WAN • Multi-Vendor LSO Orchestrated SD-WAN with container-based uCPEs • SD-WAN over virtualized/orchestrated wholesale CE Access Service
SD-WAN 33 SP SD-WAN end-points and CPEs Enterprise (DIY) SD-WAN end-points are customer equipment that is, owned and operated by the end-user SP managed SD-WAN end-points must be • located at customer premises • under complete control of service provider, since • SP must be able to monitor QoS between end-points • SP must be able to define forwarding policy • SP is responsible for encryption between end-points Branch end-point can thus be: • dedicated SD-WAN appliances • software installed in existing CPE demarcation devices (e.g., as a VM or container in a disaggregated CPE)
SD-WAN 34 Reminder: MEF LSO architecture
SD-WAN 35 Relationship to MEF-3.0 and LSO In MEF’s view, SD-WAN is a good match for LSO
SD-WAN 36 Required SD-WAN characteristics MEF views the following characteristics as mandatory for SD-WAN: • Secure, IP-based Virtual Overlay Network typically IPsec-based, usually NAT and firewall • Transport-independence of Underlay Network including MPLS (or CE) over fiber, broadband Internet, TDM, LTE • Service Assurance of each SD-WAN Tunnel QoS KPIs are measured in real-time for each tunnel • Application-Driven Packet Forwarding typically based on DPI • High Availability through Multiple WANs but not necessarily hybrid (multiple WAN technologies) WAN • Policy-based Packet Forwarding packets are placed in tunnels based on QoS policy and security policy • Service Automation via Centralized Management ZTP of CPE, visibility, user access via web portal and/or APIs • (optionally) WAN Optimization
SD-WAN 37 Who’s doing SD-WAN?
SD-WAN 38 Some SD-WAN equipment vendors In 2019 the global SD-WAN market is estimated at between 1 and 1.5 Billion $ (YoY growth was about 65%) The top vendors are presently: • Cisco (Viptela, Meraki, and ISR/ASR routers) • Silver Peak (Unity EdgeConnect) • Versa • VMware (VeloCloud) • Fortinet (integrated into industry-leading firewall) • Nuage (Nokia) • Citrix (NetScaler, Citrix Application Control Engine) and there are many many more …
SD-WAN 39 Some managed SD-WAN providers A short list of notable SD-WAN service providers: • AT&T (Flexware uCPE, VeloCloud CPE) • Comcast Business’ ActiveCore platform • Orange Business Services (Flexible SD-WAN) • Deutsche Telekom • CenturyLink (with Versa or Cisco) • Verizon (Fully- Partially- and Self-Managed SD-WAN) • Colt (global SD-WAN as a service) • Masergy • Aryaka (cloud-based Global SD-WAN provider) • Cato (cloud-based Global SD-WAN provider)
SD-WAN 40 The future of SD-WAN Recent reports show a resurgence of interest in SD-WAN a trend expected to continue with enhanced telecommuting The home-office use case may become a new market segment But some analysts have suggested that SD-WAN is an interim technology and will soon disappear Two reasons are given: • more and more services are moving to the public cloud and accessed over standard Internet connections • 5G will provide sufficient data rate and QoS over a single access technology Only time will tell …
SD-WAN 41 www.rad.com Thank You For Your Attention

More Related Content

PPTX
Why SD-WAN as it Moves to Mainstream Adoption?
byColloqueRISQ
 
PDF
Learning SD-WAN with Cisco: Transform Your Existing WAN Into a Cost-effective...
bybaritonanhee
 
PDF
Software Definedwan For The Digital Age A Bold Transition To Next Generation ...
byizistsach
 
PDF
Enabling the Future of Work with SD-WAN
byXylos
 
PDF
Colt’s Carrier SDN & NFV: Experience, Learnings & Future Plans
byOpen Networking Summit
 
PPTX
SD-WAN-Guest-Lecture about feature and advantages over traditional wAN
bydevender449
 
PDF
Session 2: 'On cloud nine about your IT solution'
byXylos
 
PDF
Comcast LAYER 2 VS. MPLS
byMallory Zemelis
 
Why SD-WAN as it Moves to Mainstream Adoption?
byColloqueRISQ
 
Learning SD-WAN with Cisco: Transform Your Existing WAN Into a Cost-effective...
bybaritonanhee
 
Software Definedwan For The Digital Age A Bold Transition To Next Generation ...
byizistsach
 
Enabling the Future of Work with SD-WAN
byXylos
 
Colt’s Carrier SDN & NFV: Experience, Learnings & Future Plans
byOpen Networking Summit
 
SD-WAN-Guest-Lecture about feature and advantages over traditional wAN
bydevender449
 
Session 2: 'On cloud nine about your IT solution'
byXylos
 
Comcast LAYER 2 VS. MPLS
byMallory Zemelis
 

Similar to The needs for Wide Access Networks .pptx

PDF
SDWAN.pdf
bysushil kumar
 
PPTX
91c03816-de6c-441d-a9e6-3865765434ff.pptx
byJayant530797
 
DOCX
White Paper Security and High Availability Concerns with Wide Area Networks
byChristopher Lietz
 
DOCX
White Paper Security and High Availability Concerns with Wide Area Networks
byChristopher Lietz
 
PPTX
PLNOG 22 - Denis Zotov - SD-WAN - typowe i nietypowe zastosowania
byPROIDEA
 
PDF
evolving-network-technologies-e-book.pdf
byssuser615453
 
PPTX
SD-WAN features and proposed in details.pptx
byAlsherif95
 
PDF
Build a network to thrive in the Digital age
byFiona Sexton
 
PPTX
Javier Lecanda - Colt SDN/NFV Experience inca 201706
byIndependent Networks Co-operative Association
 
PDF
Introduction to Software Defined WANs
byAPNIC
 
PPTX
SD-WAN
bychetnaganatra
 
PDF
Building service provider networks 1st Edition Howard C. Berkowitz
bypolitomuqeem
 
PDF
The Hybrid Network Buyers Checklist
byKaryl Scott
 
PDF
Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...
byInnovation Network Technologies: InNet
 
PDF
Building service provider networks 1st Edition Howard C. Berkowitz
bydmkizdyui6047
 
PDF
Sdwan webinar
bypmohapat
 
PDF
SD-WAN Architecture Matters - Dr. Jim Metzler & VeloCloud
byVeloCloud Networks, Inc.
 
PDF
Edmundson Design Portfolio 2018
byNeil Edmundson
 
PDF
Critical capabilities us wireline telecom services 3.12.13
bycskidmore
 
PPTX
comaprison of newer WAN technology and traditional WAN technologies .pptx
byAdam890155
 
SDWAN.pdf
bysushil kumar
 
91c03816-de6c-441d-a9e6-3865765434ff.pptx
byJayant530797
 
White Paper Security and High Availability Concerns with Wide Area Networks
byChristopher Lietz
 
White Paper Security and High Availability Concerns with Wide Area Networks
byChristopher Lietz
 
PLNOG 22 - Denis Zotov - SD-WAN - typowe i nietypowe zastosowania
byPROIDEA
 
evolving-network-technologies-e-book.pdf
byssuser615453
 
SD-WAN features and proposed in details.pptx
byAlsherif95
 
Build a network to thrive in the Digital age
byFiona Sexton
 
Javier Lecanda - Colt SDN/NFV Experience inca 201706
byIndependent Networks Co-operative Association
 
Introduction to Software Defined WANs
byAPNIC
 
SD-WAN
bychetnaganatra
 
Building service provider networks 1st Edition Howard C. Berkowitz
bypolitomuqeem
 
The Hybrid Network Buyers Checklist
byKaryl Scott
 
Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...
byInnovation Network Technologies: InNet
 
Building service provider networks 1st Edition Howard C. Berkowitz
bydmkizdyui6047
 
Sdwan webinar
bypmohapat
 
SD-WAN Architecture Matters - Dr. Jim Metzler & VeloCloud
byVeloCloud Networks, Inc.
 
Edmundson Design Portfolio 2018
byNeil Edmundson
 
Critical capabilities us wireline telecom services 3.12.13
bycskidmore
 
comaprison of newer WAN technology and traditional WAN technologies .pptx
byAdam890155
 

More from JamelPandiin2

PPTX
Database Management System 2 (Oracle 10g Admin 2).pptx
byJamelPandiin2
 
PPTX
SQL Language for the Midterm Period.pptx
byJamelPandiin2
 
PPTX
Capstone two & Thesis two Requirements.pptx
byJamelPandiin2
 
PPT
Data Link Layer Protocols in Wide Access Network.ppt
byJamelPandiin2
 
PPTX
Principles of Operating System Act..pptx
byJamelPandiin2
 
PPTX
Introduction to Unified Func. Test..pptx
byJamelPandiin2
 
PPTX
Unified Functional Testing - Prelim.pptx
byJamelPandiin2
 
PPT
os1-1_int.ppt
byJamelPandiin2
 
PPT
Section02-Structures.ppt
byJamelPandiin2
 
PPT
ch1.ppt
byJamelPandiin2
 
Database Management System 2 (Oracle 10g Admin 2).pptx
byJamelPandiin2
 
SQL Language for the Midterm Period.pptx
byJamelPandiin2
 
Capstone two & Thesis two Requirements.pptx
byJamelPandiin2
 
Data Link Layer Protocols in Wide Access Network.ppt
byJamelPandiin2
 
Principles of Operating System Act..pptx
byJamelPandiin2
 
Introduction to Unified Func. Test..pptx
byJamelPandiin2
 
Unified Functional Testing - Prelim.pptx
byJamelPandiin2
 
os1-1_int.ppt
byJamelPandiin2
 
Section02-Structures.ppt
byJamelPandiin2
 
ch1.ppt
byJamelPandiin2
 

The needs for Wide Access Networks .pptx

  • 1.
  • 2.
  • 3.
    SD-WAN 3 Why dowe pay for services ? Generally good (and frequently much better than toll quality) voice service is available free of charge (e.g., Skype) So why does anyone pay for voice services ? Similarly, one can get free • (WiFi) Internet access • email boxes • search services • file storage and sharing • web hosting • software services So why pay for any service ?
  • 4.
    SD-WAN 4 Paying forQoS The simple answer is that one rarely pays for Best Effort service one pays for Quality of Service guarantees For example, for voice communications services Of course, one really would like to pay for Quality of Experience but that may be hard to measure QoS parameters proxy for QoE QoS price BE toll quality with mobility
  • 5.
    SD-WAN 5 Service LevelAgreements In order to justify recurring payments service providers agrees to a minimum level of service in a Service Level Agreement (SLA) An SLA is a legal commitment between a service provider (SP) and a customer, for example: • Telco and subscriber • ISP and Internet user • VPN operator and enterprise • cloud application provider and cloud user SLAs typically include (financial) penalties for breaches If objectives or penalties are too low, SLA is useless If objectives or penalties are too high, cost will be prohibitive Badly defined SLAs may damage operations by setting incorrect goals
  • 6.
    SD-WAN 6 SLAs andQoS parameters SLAs detail measurable network parameters that influence (correlate with) QoE, such as : Customer parameters • customer service response time • numerous legalities Connectivity parameters • availability (e.g., the famous five nines) • time to repair (e.g., the famous 50 ms) Noise (error) level parameters • SNR, BER, etc. • Packet Loss Ratio • defect densities Information rate parameters • bandwidth, throughput, goodput Latency parameters • 1-way delay • round trip delay performance parameters customer service parameters fault parameters
  • 7.
    SD-WAN 7 Connectivity vs.the rest Basic connectivity (availability) always influences QoE and thus its monitoring is considered fault management (FM) which triggers automatic corrective actions (APS) All other parameters may influence QoE depending on service/ application (voice, video, browsing, …) and are considered performance monitoring (PM) For example • Some services only require basic connectivity • Some also require minimum available throughput • Some require delay less then some end-end (or RT) delay • Some require packet loss ratio (PLR) less than some percentage
  • 8.
    SD-WAN 8 Carrier-grade services Fromwhat we have said it follows that there are two kinds of services: • Best Effort (BE) services (e.g., Internet) • Carrier Grade (CG) services (e.g., Carrier Ethernet or MPLS TE) Best Effort services may be very inexpensive or free but come with very loose consumer-grade SLAs, e.g., – repair within 5 business days – no latency expectations – no PLR guarantees Carrier-grade services may be very expensive and SLA-dependent SLAs are often complex and may take weeks to negotiate This leads end-users to wonder whether they really need them
  • 9.
    SD-WAN 9 For example... High availability services usually have 5-nines (99.999%) availability while BE services are often 3-nines (99.9%) or less High availability services usually have sub-50 millisecond repair times while BE services do not specify this time at all CE services provide dual-token-bucket bandwidth profiles while Internet connectivity services only specify physical layer bit-rate Low delay services may guarantee delay only 15% higher than physically possible (light propagation time) while latency of BE services is typically double that physically possible Low PLR services may guarantee PLR under 0.01% while BE services may have PLR of 1% Tight SLAs can cost the end-user 5-10 times more than loose ones
  • 10.
    SD-WAN 10 The costof downtime For whom isn’t BE service enough? According to Gartner in 2014 IT downtime cost large corporation $5,600 per minute and the cost has probably increased considerably since then In a 2016 survey of large organizations by ITIC • 98% reported that 1 hour of downtime costs > $100,000 • 81% reported that 1 hour of downtime costs > $300,000 • 33% reported that 1 hour of downtime costs $1-5 million Amazon’s 13 minute partial downtime in Nov 2019 is estimated as having cost it $2.6 million And these are only direct losses Any end-user noticeable downtime can lead to negative QoE that impacts reputation and customer loyalty leading to additional long term harm
  • 11.
    SD-WAN 11 The conventionalapproach To prevent harmful communications downtime • banks, brokers, financial services • critical infrastructure operators • web retail presence require high-availability (e.g., 5 nines) But connectivity isn’t always enough, for example • interactive applications are unsatisfactory without low delay • real-time operational traffic often requires low packet loss • enterprises require good security/traffic isolation So service providers offer carrier grade services that guarantee various QoS parameters in an SLA Similarly, services provided internally have defined Service Level Objectives)
  • 12.
    SD-WAN 12 Example: CarrierEthernet services MEF CE 2.0 defines several QoS KPIs availability specified in “nines” notation (e.g., five nines) bandwidth profile (committed data-rate) specified by CIR, CBS, EIR, EBS, … packet loss fraction of frames to be delivered that are actually delivered specified by T (time interval) and L (loss objective) packet delay measured UNI-N to UNI-N on delivered frames specified by T, P (percentage) and D (delay objective) packet delay variation specified by T, P, D, V (PDV objective)
  • 13.
    SD-WAN 13 The problem Enterprisesgot used to ordering SLA-based services and for simplicity did so for all of their networking needs even those not requiring special treatment This led to a situation wherein • Internet browsing • email • backups • other non-critical communications were priced outrageously high Enterprise IT personnel noticed that they were paying more for 50 Mbps at work than they were paying for 1G Internet at home And the BE Internet service usually worked very well!
  • 14.
  • 15.
    SD-WAN 15 The solution- SD-WAN SD-WAN is mostly about optimizing expenditures Traffic flows are separated according to application Flows are run over paths with the minimum required QoS thus minimizing operational cost Carrier Grade network 1 high priority l o w p r i o r i t y Carrier Grade network 2 these may be two different TE paths in a single network but in that case conventional mechanisms are available SD-WAN controller HQ SD-WAN end-point branch SD-WAN end-point
  • 16.
    SD-WAN 16 Hybrid SD-WAN Applicationflows not requiring any special QoS treatment may be run over low-cost BE Internet connections This is often called hybrid SD-WAN Of course the Internet flows must be monitored and encrypted Carrier Grade network public Internet h i g h e s t p r i o r i t y l o w e s t p r i o r i t y lower priority
  • 17.
    SD-WAN 17 Pure InternetSD-WAN It may even be possible to provide SD-WAN services entirely over Internet connections by employing two disjoint ISPs and duplicating traffic for high availability remember – nines add, so 2 three-nines links = six-nines! Carrier Grade network ISP 2 ISP 1 SD-WAN controller HQ SD-WAN end-point branch SD-WAN end-point
  • 18.
    SD-WAN 18 Three SD-WANuse cases The simplest use case is application-based QoS this is similar to standard CoS-based services but enables CoS mapping based on Deep Packet Inspection and explicitly takes operational expense into account Another common use case is bandwidth augmentation that is, adding bandwidth to an assured service without major increase in expense by separating/offloading low priority traffic (e.g., hybrid SD-WAN) Another use case is rapid site commissioning where a new site can be rapidly added to an existing VPN by initially connecting over Internet until the SLA-guaranteed connectivity is available (e.g., pure Internet SD-WAN)
  • 19.
    SD-WAN 19 Rapid sitecommissioning Carrier Grade network public Internet on-net traffic o f f - n e t t r a f f i c on-net branch sites HQ off-net branch
  • 20.
    SD-WAN 20 SD(-WA)N What isthe connection between SD-WAN and SDN ? Software Defined Networking applies IT technologies to routing and is mostly used inside Data Centers SD-WAN advocates extending SDN technologies to the enterprise WAN Also, SD-WAN can be considered SDN at the application layer Even SDN-based enterprise datacenters are interconnected today via static MPLS VPNs Why ? • because that is what service providers are offering (until now) • because enterprises are used to assured services, rather than build-to-fail • because wide area interconnections are not dynamic (except during failures) SD-WAN can be considered as extending the internal SDN to the outside world
  • 21.
    SD-WAN 21 But SD-WANneeds a bit more … SDN principles derive from user/control plane separation • centralized intelligence for resource optimization • enhanced automation (zero-touch) for rapid service delivery • virtualization of network elements for flexibility These concepts are applicable to any network not just Data Center LANs But in the WAN they need to be augmented by: • overlay networking (tunneling) • monitoring usage and performance (“analytics”) • strong security
  • 22.
  • 23.
    SD-WAN 23 SD-WAN architecturalelements What is required to implement SD-WAN? A central SD-WAN controller is software responsible for: • defining policy • finding paths or networks with desired QoS levels • instructing SD-WAN end-points of the required mappings • fault event handling SD-WAN end-points (HQ and branch) are appliances or software responsible for: • tunneling traffic to other end-point(s) • HQ: high scalability (traffic volume, number of tunnels) • identifying applications and mapping them to flows (DPI) • reconstructing traffic onto the LAN • monitoring QoS level (at least of non-SLA-guaranteed paths) • encrypting/decrypting packets (at least for Internet paths) • HQ: gateway functionality to external networks (e.g., Internet)
  • 24.
    SD-WAN 24 Digression: Whytunnels? Why does SD-WAN insist on tunneling traffic, with the added complexity? Why can’t we distribute traffic on 2 or more paths without tunneling? After all, Carrier Ethernet handles several Classes of Service via the PCP field without tunneling! But problems arise when using foreign or multiple networks Different networks use different addressing spaces which mask the true end-user identity Consider the case of two or more Internet paths where we distribute different packet flows over different networks but switchover upon network failure Were we to simply load balance then upon failover the traffic will arrive at the destination with a different source address and be unrecognized! With tunneling, the far-end end-point removes the tunnel headers restoring the same source address no matter which path was taken
  • 25.
    SD-WAN 25 Two typesof SD-WAN Who builds the SD-WAN? There are two cases • Enterprise SD-WAN (called DIY SD-WAN by SPs) – end-user deploys/manages equipment and controls – end-user contracts/pays for standard (SD-WAN-agnostic) point-to-point, VPN, or Internet service for underlay connectivity • Service Provider SD-WAN (also called managed SD-WAN) – service provider markets new SD-WAN service offering – offering cannibalizes traditional MPLS/CE VPN service but avoids losing customer altogether – SP deploys/manages SD-WAN end-points and controller
  • 26.
    SD-WAN 26 Enterprise SD-WAN Theoriginal impetus for SD-WAN came from IT professionals They observed that corporate WANs, consisting of • branch-to-branch • branch to HQ • branch-to-DC connectivity, suffered from • high pricing and complexity • slow provisioning cycles (not dynamic) • poor IT visibility (no dashboard) • limited security features (FIPS certification, event logging, etc.) • inefficient bandwidth management (including asymmetry) • impossibility of bandwidth pooling from different SPs In 2014 ONUG proposed building over the Internet an alternative to traditional SP VPN services
  • 27.
    SD-WAN 27 What canan enterprise do? Instead, or in addition to, today’s static and expensive • L3VPN • L2VPN • IPsec-VPN based services An enterprise can rent pure connectivity between its sites based on inexpensive large bandwidth non-assured links and build by itself an assured service by combining these links Since the enterprise only sees end-to-end link attributes it must continuously monitor the QoS status of these links Since these links are not under its own control the enterprise must provide its own end-to-end encryption
  • 28.
    SD-WAN 28 ONUG The OpenNetwork User Group (ONUG) was created in 2012 by Nick Lippis (IT analyst and advisor) and IT professionals, mostly from the financial sector in order to organize conferences to share IT best practices The first ONUG event was held in February 2013 conferences are semiannual, and have expanded to Europe ONUG’s board consists of IT executives, mostly from banks ONUG forms working groups to define use case requirements • SD-WAN 2.0 • Orchestration and Automation • Hybrid Multi-Cloud • Hybrid Multi-Cloud Security new groups as of 2019
  • 29.
    SD-WAN 29 ONUG’s OpenNetworking ONUG defines Open networking as interoperable software and/or hardware that provides choice and design options to enterprise IT This is achieved by • decoupling of specialized network hardware and software • open industry standards (consortium, community or SDO) The goals are • mitigating vendor lock-in • significant reduction of the total cost of ownership (especially OPEX)
  • 30.
    SD-WAN 30 ONUG SD-WAN In2014 ONUG published its SD-WAN Use Case whitepaper kicking off the SD-WAN revolution This whitepaper provides requirements to guide enterprises in implementing SD-WAN by in-house teams although it acknowledges SD-WAN services by managed SPs The whitepaper surveys WAN architecture models and details requirements for • scalability • efficiency • reliability • seamless integration • security • manageability
  • 31.
    SD-WAN 31 Service ProviderSD-WAN Service providers recognized Enterprise (DIY) SD-WAN as an existential threat to be countered even at the risk of cannibalizing their most profitable business SPs realized that DIY SD-WAN suffers from disadvantages • end-users do not have network-wide visibility and thus can not efficiently choose paths • enterprise IT are not knowledgeable or capable of handling complex networking • enterprise management desires certain key services to be guaranteed by a recognized SP • connectivity to public DCs can’t be handled in-house and decided to offer managed SD-WAN services
  • 32.
    SD-WAN 32 MEF SD-WAN TheMEF forum has detailed its view of SD-WAN • Understanding SD-WAN Managed Services • introduces terminology for SD-WAN managed service components • illustrates how they fit into the LSO Reference Architecture (RA) • specifies the required LSO reference architecture interfaces • explains how SD-WAN facilitates multi-vendor interoperability • provides example SD-WAN managed service use cases • MEF-70 SD-WAN Service Attributes and Definition • industry-neutral SD-WAN service definition • accelerates adoption/certification of MEF 3.0 compliant SD-WAN • orchestration across global ecosystem of automated networks and has carried out many PoC demonstrations, including: • Zero Touch Services with Secure SD-WAN • Multi-Vendor LSO Orchestrated SD-WAN with container-based uCPEs • SD-WAN over virtualized/orchestrated wholesale CE Access Service
  • 33.
    SD-WAN 33 SP SD-WANend-points and CPEs Enterprise (DIY) SD-WAN end-points are customer equipment that is, owned and operated by the end-user SP managed SD-WAN end-points must be • located at customer premises • under complete control of service provider, since • SP must be able to monitor QoS between end-points • SP must be able to define forwarding policy • SP is responsible for encryption between end-points Branch end-point can thus be: • dedicated SD-WAN appliances • software installed in existing CPE demarcation devices (e.g., as a VM or container in a disaggregated CPE)
  • 34.
    SD-WAN 34 Reminder: MEFLSO architecture
  • 35.
    SD-WAN 35 Relationship toMEF-3.0 and LSO In MEF’s view, SD-WAN is a good match for LSO
  • 36.
    SD-WAN 36 Required SD-WANcharacteristics MEF views the following characteristics as mandatory for SD-WAN: • Secure, IP-based Virtual Overlay Network typically IPsec-based, usually NAT and firewall • Transport-independence of Underlay Network including MPLS (or CE) over fiber, broadband Internet, TDM, LTE • Service Assurance of each SD-WAN Tunnel QoS KPIs are measured in real-time for each tunnel • Application-Driven Packet Forwarding typically based on DPI • High Availability through Multiple WANs but not necessarily hybrid (multiple WAN technologies) WAN • Policy-based Packet Forwarding packets are placed in tunnels based on QoS policy and security policy • Service Automation via Centralized Management ZTP of CPE, visibility, user access via web portal and/or APIs • (optionally) WAN Optimization
  • 37.
  • 38.
    SD-WAN 38 Some SD-WANequipment vendors In 2019 the global SD-WAN market is estimated at between 1 and 1.5 Billion $ (YoY growth was about 65%) The top vendors are presently: • Cisco (Viptela, Meraki, and ISR/ASR routers) • Silver Peak (Unity EdgeConnect) • Versa • VMware (VeloCloud) • Fortinet (integrated into industry-leading firewall) • Nuage (Nokia) • Citrix (NetScaler, Citrix Application Control Engine) and there are many many more …
  • 39.
    SD-WAN 39 Some managedSD-WAN providers A short list of notable SD-WAN service providers: • AT&T (Flexware uCPE, VeloCloud CPE) • Comcast Business’ ActiveCore platform • Orange Business Services (Flexible SD-WAN) • Deutsche Telekom • CenturyLink (with Versa or Cisco) • Verizon (Fully- Partially- and Self-Managed SD-WAN) • Colt (global SD-WAN as a service) • Masergy • Aryaka (cloud-based Global SD-WAN provider) • Cato (cloud-based Global SD-WAN provider)
  • 40.
    SD-WAN 40 The futureof SD-WAN Recent reports show a resurgence of interest in SD-WAN a trend expected to continue with enhanced telecommuting The home-office use case may become a new market segment But some analysts have suggested that SD-WAN is an interim technology and will soon disappear Two reasons are given: • more and more services are moving to the public cloud and accessed over standard Internet connections • 5G will provide sufficient data rate and QoS over a single access technology Only time will tell …
  • 41.