The networking declaration of independence

Similar documents

Overlay Networks: Connecting and Protecting Across Regions with Docker. Patrick Kerpan, CEO

Using Docker in Cloud Networks

VNS3 Secure Network Appliance Service Defnition for G-Cloud 7

Cloud Security Best Practices

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

SDN and NFV in the WAN

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Software Defined Network (SDN)

Using LISP for Secure Hybrid Cloud Extension

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

Leveraging SDN and NFV in the WAN

HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES

Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

SOFTWARE DEFINED NETWORKING

IPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks

How To Orchestrate The Clouddusing Network With Andn

OpenFlow/SDN for IaaS Providers

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

The promise of SDN. EU Future Internet Assembly March 18, Yanick Pouffary Chief Technologist HP Network Services

Virtualization, SDN and NFV

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Fortinet Firewall. Overview

Spotlight On Backbone Technologies

Network Virtualization

2013 ONS Tutorial 2: SDN Market Opportunities

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

Network Functions Virtualization in Home Networks

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲端運算行動應用研究中心

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start?

IT Infrastructure Services. White Paper. Utilizing Software Defined Network to Ensure Agility in IT Service Delivery

What is SDN all about?

Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel.

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Network Virtualization Solutions

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

EXINDA NETWORKS. Deployment Topologies

F V CE Brocade Communications Systems, Inc. PROPRIETARY INFORMATION 2

SDN PARTNER INTEGRATION: SANDVINE

VNS3 to Cisco ASA Instructions. ASDM 9.2 IPsec Configuration Guide

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

Remote Voting Conference

Carrier/WAN SDN. SDN Optimized MPLS Demo

SDN Architecture and Service Trend

Network Services Internet VPN

BRINGING NETWORKS TO THE CLOUD ERA

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Enterprises Seek The Benefits Of Hybrid Cloud, And Work To Overcome The Challenges

USING SOFTWARE-DEFINED DATA CENTERS TO ENABLE CLOUD ADOPTION

Palo Alto Networks. Security Models in the Software Defined Data Center

Using IPsec VPN to provide communication between offices

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Software Defined Networks Virtualized networks & SDN

the Data Center Connecting Islands of Resources Within and Across Locations with MX Series Routers White Paper

VIRTUALIZING THE EDGE

Cisco QuickVPN Installation Tips for Windows Operating Systems

Software AG and the AWS cloud. Past, Present and Best Practices. Jonathan Madamba Director, Solution Cloud John Fitzgerald Director, Product Marketing

Designing Virtual Network Security Architectures Dave Shackleford

Ethernet-based Software Defined Network (SDN)

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s

Roman Hochuli - nexellent ag / Mathias Seiler - MiroNet AG

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer

ICAB5238B Build a highly secure firewall

Configuring TheGreenBow VPN Client with a TP-LINK VPN Router

IPsec VPN Application Guide REV:

TechNote. Configuring SonicOS for Amazon VPC

Network Function Virtualization & Software Defined Networking

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Proactively Secure Your Cloud Computing Platform

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

Connecting Remote Offices by Setting Up VPN Tunnels

Network System Design Lesson Objectives

Network Softwarisation An Open Development Ecosystem. Telefónica Global CTO

VPN Tracker for Mac OS X

ISG50 Application Note Version 1.0 June, 2011

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Using SDN-OpenFlow for High-level Services

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

(R)Evolution im Software Defined Datacenter Hyper-Converged Infrastructure

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

Lecture 17 - Network Security

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Transcription:

The networking declaration of independence How overlay networking gives you control of your networks Chris Swan, CTO @cpswan the original cloud networking company copyright 2014 1

Agenda What is NFV? Declaration of Independence NFV Capabilities Preview: Waves of Adoption copyright 2014 2

What is Network Function Virtualization? copyright 2014 3

Positioning - NFV and SDN copyright 2014 4

NFV can be a networking Swiss Army knife Application SDN (Software Defined Network) Appliances Allow control, mobility & agility by separating network location and network identity Control over end to end encryption, IP addressing and network topology NFV Hybrid Router Switch Firewall virtual device able to extend to IPsec/SSL VPN concentrator Protocol Redistributor Dynamic & Scriptable SDN multiple sites copyright 2014 5

Networking Declaration of Independence copyright 2014 6

Nicira s declaration of independence from metal, freed NFV from OpenFlow + http://nicira.com/sites/default/files/docs/nicira%20- %20The%20Seven%20Properties%20of%20Virtualization.pdf copyright 2014 7

These same properties free NFV from the constraints of OpenFlow (technology, timing and target) Nicira defined the 7 Properties of network virtualization as: 1. Independence from network hardware 2. Faithful reproduction of the physical network service model 3. Follow operational model of compute virtualization 4. Compatible with any hypervisor platform 5. Secure isolation between virtual networks, the physical network, and the control plane 6. Cloud performance and scale 7. Programmatic networking provisioning and control copyright 2014 8

Independence from network hardware Public Cloud Region 1 Overlay Network Cloud Server Overlay IP: 172.31.11.xx Standard IPsec Tunnel Cloud Server NFV Firewall / IPsec Device IP: 192.168.1.xx LAN Data Center Servers Customer Data Center With VM-based network devices you can use the cloud network as bulk transport and are indifferent to all else. copyright 2014 9

Reproduction of physical network model Public Cloud Region 1 Overlay Network Cloud Server Cloud Server NFV Standard IPsec Tunnel Virtual Network Data Center Servers Data Center Servers Customer Data Center NFV devices look and feel like the same networking devices customers have used for ever, without boundaries copyright 2014 10

Follow operational model of compute virtualization NFV NFV NFV NFV NFV functions can be dynamically brought on-line, up to the elastic limits of the total infrastructure available (!!) copyright 2014 11

Compatible with any hypervisor platform Public Clouds Private Clouds Virtual Infrastructure NFV does more than follow the model of compute virtualization, it exists via compute virtualization. copyright 2014 12

Secure isolation US East 1 EMEA APAC Overlay Network Subnet: 172.31.0.0/22 Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 NFV Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Active IPsec 192.168.3.0/24 Tunnel - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Peered NFV Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Failover IPsec Tunnel Peered Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Active IPsec Tunnel 192.168.4.0/24-172.31.1.0/24 Firewall / IPsec Cisco 5585 User Workstation User Workstation Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 LAN IP: 192.168.3.50 LAN IP: 192.168.3.100 Customer Remote Office Chicago, IL USA Remote Subnet: 192.168.3.0/24 Customer Data Center London, UK Remote Subnet: 192.168.4.0/24 Isolation takes many forms: from underlying infra, allow my protocols, keep my chattiness in, keep others out, etc.. copyright 2014 13

Cloud performance and scale NFV Data Center Server User Workstation User Workstation Where NFV really shines today: create a WAN in minutes, use cloud as points of presence for your business copyright 2014 14

Programmatic networking provisioning & control Public Clouds Private Clouds + http://maxoffsky.com/code-blog/building-restful-api-in-laravel-start-here/ Virtual Infrastructure Cloud Compute and Network APIs + NFV Device APIs allow previously unimaginable flexibility and power copyright 2014 15

Preview: Waves of Adoption copyright 2014 16

Waves of NFV Adoption Tomorrow 11:25-11:50 in DCIM / Software Defined Datacentres and Networks Stream Public Cloud Region 1 Overlay Network Public Cloud Region 1 Overlay Network Encrypted Overlay network in VPC Cloud Server Overlay IP: 172.31.11.xx Cloud Server Cloud Server Cloud Server Web App 1 Web App 2 Web App 3 Standard IPsec Tunnel NFV NFV Encrypted Connections Standard IPsec Tunnel Multiple IPsec Devices Firewall / IPsec Device IP: 192.168.1.xx LAN Data Center Servers Customer Data Center Customer Site 1 Customer Site 2 Customer Site N Bursting and Containment Hubs and Spokes Winning back control copyright 2014 17

Questions? Paddington, London, UK ContactMe@cohesiveft.com +44 20 8144 0156 copyright 2014 18