Ensemble SmartWAN:NFV Platform for SD-WAN
Unleashing the Benefits of SD-WAN
© 2016 ADVA Optical Networking. All rights reserved. 2
What Is Software-Defined WAN (SD-WAN)?
SD-WAN is an integrated solution to enable the augmentation or replacement of MPLS VPNs with an overlay network using lower-cost broadband connections
SD-WAN solutions typically provide embedded routing and firewall capabilities, policy-based flow routing and in some cases, WAN optimization
SD-WAN today consists of two parts:
• A central controller, often hosted in cloud
• Access nodes deployed at user sites
© 2016 ADVA Optical Networking. All rights reserved. 3
Q: Why Is SD-WAN Hot?
A: MONEY!
SD-WAN can provide enterprise VPNs at a lower cost point than today’s provider MPLS VPNs
$
© 2016 ADVA Optical Networking. All rights reserved. 4
MPLS VPN Versus Broadband Pricing
Source: Why Does MPLS Cost So Much More Than Internet Connectivity?
As we saw when covering why
the NEW architecture will
happen MPLS is typically
priced at $300 - $600 per
Mbps per month for the
copper connectivity typically
deployed at all but the very
largest enterprise locations,
while the monthly price of
broadband connectivity is
now $1.50 - $15 per Mbps
per month.
© 2016 ADVA Optical Networking. All rights reserved. 5
It’s Not Just Pricing!
Other issues with today’s MPLS VPNs:
• Slow to install and provision
• Slow adds/moves/changes
• Lack of application-level visibility and control
© 2016 ADVA Optical Networking. All rights reserved. 6
Why Not Use Broadband for VPNs?
• Higher loss
• Lower reliability
• Lack of security
• Shared, best-effort bandwidth
• Requires management of routing for VPNs
© 2016 ADVA Optical Networking. All rights reserved. 7
SD-WAN Benefits
• Lower cost for VPNs
• Access flexibility and redundancy
• All-in-one solution
• Policy-based control
• Works over a variety of media
© 2016 ADVA Optical Networking. All rights reserved. 8
Current SD-WAN Limitations
• SD-WAN is stand-alone
• SD-WAN is monolithic
• SD-WAN couples service and technology
• SD-WAN implementations are large
• SD-WAN is a pure overlay technology
• SD-WAN is user-managed
© 2016 ADVA Optical Networking. All rights reserved. 9
Overview of Ensemble SmartWAN
• Virtual networking platform
• Vendor neutral
• Deployability and scale
• Carrier-class OpenStack
• Native VPNs without requiring a customer edge (CE) router
Key Points:
Ensemble SmartWAN doesn’t replace SD-WAN – It evolves it by leveraging a foundation of virtualization, NFV and SDN
© 2016 ADVA Optical Networking. All rights reserved. 10
Ensemble SmartWAN transforms SD-WAN from a monolithic application
to part of a disaggregated service offering that enables other VNFs to also
access SD-WAN features such as hybrid WAN
Ensemble SmartWAN and Solution Architecture
© 2016 ADVA Optical Networking. All rights reserved. 11
MPLSVPN
Internet
HeadquartersBranch 2
Branch 1
Branch 3
Gateway
Branch 4PE
PE
L3VPN
L3VPN
Broadband
SmartWAN
Orchestration and Control
CustomerPortal
PE VNF
SmartWAN Architecture
Maps between IP-VPN and tunnelsGateway into cloud services (IP-VPN and IPSec tunnels)
NFVI – Data Center
VNFVNF
VNF
VNF
Centralized networkfunctions
Distributed network functions
Application aware flow steering
• Virtualization and SD-WAN• Network and overlay protocols• Single service order integration• Pure-play software
Ensemble Connector
Ensemble Connector
Ensemble Connector
© 2016 ADVA Optical Networking. All rights reserved. 12
Vendor Neutral
Ensemble SmartWAN provides the virtual infrastructure for hosting virtual
SD-WAN deployments and other best-of-breed VNFs
© 2016 ADVA Optical Networking. All rights reserved. 13
Deployability
Ensemble SmartWAN:
• Simplifies deploying SD-WAN with zero-touch provisioning on a single management LAN
• Enables use of white box / COTS servers
• Provides secure method for installation and turn-up
© 2016 ADVA Optical Networking. All rights reserved. 14
SmartWAN Out-of-Box Experience
4
1. CSP assigns policies and templates
2. CSP sends user access code
3. Connector shipped to user
4. User applies power and internet
5. Appliance authenticates via X.509/SSL
6. User enters access code at Connector
7. Controller provides Connector commissioning
8. Connector builds management tunnel
9. Connector calls home to Controller
10. Director/Orchestrator discover Connector through Ensemble Controller
11. Controller/Orchestrator download provisioning and policies
Call Home
IPsec
Ensemble Director
Ensemble Orchestrator
Ensemble Controller
MAC Verify
SSL
Auth Server
BGP Control
Topology
Management Gateway
Access Code
AccessCode
Commissioning
Appliances are bulkstaged outside of order fulfilment flow• Operating system• Connector image• CSP-specific
parameters
Authentication TunnelManagement Tunnel
NB APIs NB APIs
2
4
5
6
7
8
9
10111011
Ensemble Connector User
Predefined policies
1
Carrier
Appliance Shipped3
© 2016 ADVA Optical Networking. All rights reserved. 15
Carrier-Class OpenStack
Ensemble SmartWAN leverages embedded cloud, which places the
OpenStack controller on each compute node to realize the benefits
of OpenStack while removing issues related to scale, security and
upgrades
© 2016 ADVA Optical Networking. All rights reserved. 16
Ensemble Embedded Cloud
• Provides a distributed, wholly contained uCPE cloud deployment by equipping remote compute nodes with a colocated cloud controller
• Addresses security concerns by not exposing OpenStack management and control plane across the open network
• Addresses scaling concerns by limiting the number of compute nodes to be managed by the cloud controller
• Presents a consistent virtualization API at the customer site and the data center, thereby allowing developers to write applications that work with both the distributed and centralized models
© 2016 ADVA Optical Networking. All rights reserved. 17
Ensemble SmartWAN: Overlay and Underlay Networking
• End-nodes construct tunnels over existing network
• In some cases: colocatedCE router
Legacy Overlay Model:
• Simplification by collapsing CE with SD-WAN
• VNFs can directly interact with underlying MPLS VPN
Ensemble SmartWAN:
Ensemble SmartWAN interfaces directly with today’s MPLS VPNs, providing an underlay networking option in addition to traditional SD-
WAN overlays
MPLSVPN
PE
CE
SD-WAN
VPN Tunnel
PE
CE
SD-WAN
SD-WAN
MPLSVPN
CE
PE
CE
PE SD-WAN
SD-WAN
SD-WAN
VPN Tunnel
© 2016 ADVA Optical Networking. All rights reserved. 18
Partner Support for Ensemble SmartWAN
“This is a platform that will help service providers evolve their managed services portfolio to offer virtual SD-WANs and best-of-breed VNFs from leading VNF suppliers and this is an enormous leap.” - Nav Chander, senior director, service provider marketing, Silver Peak
“What they’re developing here is a platform that will help service providers meet their business and end customer needs, and align well with their long-term goals of delivering more high-value services. That’s why we’re strong advocates of Ensemble SmartWAN.” - Kumar Mehta, founder and CDO, Versa Networks
© 2016 ADVA Optical Networking. All rights reserved. 19
Summary
Ensemble SmartWAN Transforms SD-WAN
From a stand-alone enterprise-managed monolith
To a componentized NFV-based solution that embraces APIs and automation for service provider deployments
• Makes deployment on white box servers fast and secure
• Couples SD-WAN features like hybrid WAN and policy management into a broader service portfolio for managed deployments by service providers
Ensemble SmartWAN Enhances SD-WAN
Thank You
IMPORTANT NOTICE
The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited.
The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation.
Copyright © for the entire content of this presentation: ADVA Optical Networking.
Top Related