Introducing Cisco SD-WAN Brian Joanis Systems Engineer, Cisco

Introducing Cisco SD-WAN Brian Joanis Systems Engineer, Cisco

Introducing Cisco SD-WAN Brian Joanis Systems Engineer, Cisco Systems Looking at things differently Software Defined WAN.. 2 Definition An SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism. Cisco SD-WAN Platform for Digital Transformation Cloud Delivered Analytics Automation Virtualization USERS SDWAN Cloud OnRamp

. IoT Edge Computing DC DEVICES Cisco SD-WAN Fabric IaaS SaaS THINGS SECURE SCALE OPEN vDC APPLICATIONS Ciscos SD-WAN Solutions Advanced SD-WAN Insight

Cloud and OnRamp More than two active transports or active LTE Comprehensive WAN connectivity & services Complex topologies Custom policies at scale Advanced routing & segmentation Discover Listening Consensus Cisco SD-WAN SD-WAN ESSENTIALS Hybrid WAN L3 overlay for deployments Dynamic path selection Cloud-managed Zero touch deployment with templates and easy to use dashboard

Single Dashboard Single pane-of-glass management for full stack infrastructure across the branch Existing Meraki customers evaluating SD-WAN Integrated branch security and network connectivity solution Cisco SD-WAN Architecture The Power of Abstraction vManage APIs Management Plane 3rd Party Automation vAnalytics vBond Orchestration Plane Control Plane vSmart Controllers 4G MPLS INET

vEdge Routers Data Plane Cloud Data Center Campus Branch SOHO Cisco SD-WAN Solution Elements Orchestration Plane Orchestration Plane Cisco vBond vManage Orchestrates connectivity between management, control and data plane First point of authentication

Requires public IP Address Facilitates NAT traversal All other components need to know the vBond IP or DNS information Authorizes all control connections (white-list model) Distributes list of vSmarts to all vEdges APIs 3rd Party Automation vAnalytics vBond vSmart Controllers 4G

MPLS INET vEdge Routers Cloud Data Center Campus Branch SOHO Cisco SD-WAN Solution Elements Management Plane Management Plane Cisco vManage vManage APIs 3rd Party Automation vAnalytics

vBond vSmart Controllers 4G MPLS INET Cloud Data Center Campus vEdge Routers Branch SOHO Single pane of glass for Day0, Day1 and Day2 operations Real time alerting Centralized provisioning Configuration

standardization Simplicity of deploying Simplicity of change Supports REST API CLI Syslog SNMP NETCONF Cisco SD-WAN Solution Elements Control Plane Control Plane APIs 3rd Party Automation vManage

vAnalytics Cisco vSmart vBond vSmart Controllers 4G MPLS INET Cloud Data Center Campus vEdge Routers Branch SOHO Centralized brain of the solution Facilitates fabric discovery Establishes OMP peering with all vEdges

Implements control plane policies, such as service chaining, traffic engineering and per VPN topology Dramatically reduces complexity of the entire network Distributes connectivity information between vEdge Orchestrates secure data plane connectivity between vEdges Cisco SD-WAN Solution Elements Data Plane Physical/Virtual Data Plane Cisco vEdge vManage APIs 3rd Party Automation vAnalytics

vBond vSmart Controllers 4G MPLS INET Cloud Data Center Campus vEdge Routers Branch SOHO WAN edge router Provides secure data plane with remote vEdge routers Establishes secure control plane with vSmart controllers (OMP) Implements data plane and

application aware routing policies Exports performance statistics Leverages traditional routing protocols like OSPF, BGP and VRRP Support Zero Touch Deployment Physical or Virtual form factor (100Mb, 1Gb, 10Gb) Overlay Management Protoco (OMP) Unified Control Plane vSmart Runs on top of TCP, extensible control plane protocol Runs between vEdge routers and vSmart controllers and between the vSmart controllers - vSmart vSmart vEdge vEdge

Inside TLS/DTLS connections Advertises control plane context VS Fabric Operation Fabric Walk-Through OMP Update: Reachability IP Subnets, TLOCs Security Encryption Keys Policy Data/App-route Policies vSmart OMP DTLS/TLS Tunnel IPSec Tunnel OMP Update BFD OMP Update vEdge

Policies vEdge Transport1 TLOCs BGP, OSPF, Connected, Static OMP Update OMP Update VPN1 VPN2 A B Subnets TLOCs Transport2 VPN1

VPN2 C D Subnets BGP, OSPF, Connected, Static Policy Driven WAN Infrastructure Policy Augmented Dynamic Routing 1 vManage GUI Policy Orchestration Control Policy: App-Route Policy: Routing and Services App-Aware SLA-based Routing Data Policy: Extensive Policy-based Routing and Services Combine and Apply per Site

2 vSmart controller Policy Enforcement/Advertisement Execute Control Policy Advertise AAR/Data Policies to Sites 3 vEdge WAN router Access Layer Branch/DC Execute AAR and Data Policy as received Dynamic Routing and Policies Combine to dictate behavior Cisco SD-WAN Security vBond Router and Controller Identity Zero Trust Security Model vManage vSmart Strong Encryption Network Segmentation Application Firewall

vEdge vEdge vEdge vEdge Infrastructure DDoS Protection Secure Segmentation Security Zoning Interface Compliance VPN 1 IPSec Tunnel Guest WiFi VPN 2 VPN 3 Multi-Tenancy VLAN Extranet Per-VPN Topology Full-Mesh

Hub-and-Spoke Partial Mesh Point-to-Point Cloud OnRamp: Software as a Service (SaaS) Best Performing Path Regional Internet Exit Small Office Home Office Branch Secure SD-WAN Fabric DIA ISP A Regional Internet Exit ISP B Campus DIA

Direct Internet Access Quality Probing Operations Simplicity and Visibility Single Pane Of Glass Operations Rich Analytics The Intuitive Network Foundation AC CE SS r nt e Ce TA DA FABRIC WAN Security The Cisco SD Solution.. Key Foundation Takeaways Summary

Power of abstraction provides network agility Automated provisioning accelerates time to market and reduces costs Automatic and adaptive configuration preserves a consistent application experience Insight into application health Simplified operations THANK YOU. Brian Joanis WI Select Systems Engineer [email protected]

Recently Viewed Presentations

  • spinning Whats the chance of heads on a

    spinning Whats the chance of heads on a

    You might recall (from MTH 243) that binomial distributions' histograms begin to look like bell curves if 1) p 0.5 and 2) n is very large. You might recall (from MTH 243) that binomial distributions' histograms begin to look like...
  • Presentación de PowerPoint

    Presentación de PowerPoint

    Quiero suponer que todos ya conocéis la Intranet, puesto que han hecho sus deberes de descargarse el manual y traerlo estudiado al curso. De cualquier forma, repasare los temas abordados en el manual por si hay alguna duda.
  • Chemistry for Changing Times 11th Edition Hill and Kolb

    Chemistry for Changing Times 11th Edition Hill and Kolb

    Arial Calibri Default Design 1_Default Design Microsoft Equation 3.0 Chemistry for Changing Times 12th Edition Hill and Kolb Intermolecular Forces and the States of Matter Intermolecular Forces and the States of Matter Intermolecular Forces and the States of Matter Intermolecular...
  • Why DECA?

    Why DECA?

    Business administration core exam. 100 MC questions. Part 2. Content interview. 10 minutes to review a given assignment/case. ... Personal Finance software-deca.org-H&R Block website *Finalist can compete at ICDC in SMI event *Finalist can compete at ICDC in ACT event.
  • INTRODUCTION - 123seminarsonly.com

    INTRODUCTION - 123seminarsonly.com

    The Sky X gateway works by intercepting the TCP connection from the client and converting the data to the Xpress Transport Protocol (XTP) for transmission over the satellite. The Sky X gateway on the opposite side of the satellite link...
  • Présentation PowerPoint

    Présentation PowerPoint

    Simple, Double, Quadruple (and so does the cost..) PATTERNING. 6-Transistor implementation do not work correctly in nano-CMOS. XOR GATE. 6T - Bug ! ?? ?=1, ???=?, ???? ???=? ...
  • www.tpex.org.tw

    www.tpex.org.tw

    Foreign Issuer Applying for Listing on Taiwan GTSM and Emerging Stock Market
  • An Overview of Windows Azure Presented by Vince

    An Overview of Windows Azure Presented by Vince

    Defining the Cloud " Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management...