Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
SD-WANfrom NTT Communications
SERVICE DESCRIPTION
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 1
1 NTT SD-WAN Service Portfolio NTT Communications, (NTT Com’s), SD-WAN service offers a new approach for deploying enterprise
grade Wide Area Networks (WANs) giving the ability to combine multiple access line connections with
application-based policy forwarding and security functions. This offers higher network service
availability and increased network performance.
The following are the key features of NTT Com’s SD-WAN service:
1.1 NETWORK CONNECTIVITY
NTT Com offer a broad and fully comprehensive selection of network access types and connectivity in
over 190 countries which is designed into a solution as the core component of SD-WAN.
Based on the client’s specific requirements and overall business needs, NTT Com can mix and match
multiple types of network technologies such as: MPLS, Ethernet, Internet, Broadband, Wireless and
4G/LTE — and deliver the most optimal connectivity solution for each customer office. Alternatively,
customers can provide their own ISP connections for NTT Com to integrate into a complete SD-WAN
solution.
Furthermore, NTT Com delivers scalable VPN gateway services such as Secure Socket Layer (SSL)
VPN Service to enable enterprises to connect to their business partners and enable a mobile
workforce.
1.2 ACTIVE-ACTIVE PATH CONTROL
Active-Active Path Control enables enterprises to distribute and manage network traffic, including local
ISP path optimization, traffic prioritization, and performance based routing. Leveraging advanced
routing optimization capabilities enables intelligent load-balancing of traffic over the best performing
path.
1.3 APPLICATION ACCELERATION
NTT Com SD-WAN Application Acceleration service provides: Transmission Control Protocol (TCP)
optimization, caching and compression, and application specific optimization to boost the end-to-end
performance of enterprise applications traversing the Enterprise WAN. This application Acceleration
service enables better performance of the network for the end user and a more effective working
environment.
1.4 SECURE CONNECTIVITY
NTT Com’s SD-WAN service addresses two main concerns around WAN security: protecting the
network from external threats and protecting the user’s access to public cloud and internet services.
As part of the SD-WAN service portfolio, NTT Com's Secure Web Gateway offers customers
distributed internet security via NTT Com Local Cloud Centers (LCCs) located globally and/or via
uCPE on-premises:
Firewall service
Intrusion protection service
URL filtering service
Malware detection reporting
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 2
1.5 REAL-TIME STREAMING NETWORK ANALYTICS
NTT Com’s application visibility reporting & analytics tool, was developed in-house and enables real-
time in-depth views of network and application performance with features that include:
Real time, interactive dashboards that enable enterprises to keep an instant pulse on the health of a network and applications — to continuously monitor traffic flows, enabling the identification of and response to business impacting events.
Multi-dimensional visualization of: application performance, network security, utilization, and end-user experience — allowing organizations to analyze issues at the site level, application layer, or individual user level.
Replay functionality that significantly improves the enterprise IT/Network team’s capabilities to perform capacity planning, security audits and to pinpoint application performance and network issues that are occurring now — or trace, identify and isolate issues that occurred in the past.
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 3
2 Service Components The SD-WAN service offers a fully bespoke network design, which can be tailored around the
customer application environment. The components include dedicated and internet based access
lines, managed customer premises equipment, VPN enablement as well as application traffic
management.
2.1 NETWORK CONSULTATION
During the discovery process, NTT Com SD-WAN network architects will work with you to identify any
performance pain points in your network. The SD-WAN solution design engineers fully understand
application performance and hybrid network design and will help create an SD-WAN solution to
accelerate the performance of your business applications.
2.2 HYBRID WAN DESIGN
An enterprise location may have a bespoke and unique set of connectivity requirements, which can
also be limited to the type and size of connectivity that is actually available. The hybrid WAN design
provided by NTT Com takes into consideration the onsite enterprise application use cases and
ensures that correct connectivity types are chosen as part of the SD-WAN solution.
2.3 APPLICATION AWARE ROUTING
The SD-WAN service delivers path control for application-aware routing across the WAN. In essence it
provides:
Dynamic selection of the best path for application-based business policies
Application-based load balancing across paths for full utilization of bandwidth with improved
network availability
NTT Com’s SD-WAN management platform monitors application performance on a per-flow basis,
and applies its learnings about application performance to select the best path for that application.
Using smart-probe intelligence, network traffic probes are sent out across the WAN to analyze the
performance of each network path to allow the SD-WAN to adapt to changes and further enhance
efficiency. The management platform effectively load-balances across paths while delivering the best
application-level SLA.
2.4 SD-WAN SUPPORT
Crucial to the SD-WAN service is its integral support function provided by NTT Com’s Global
Operation Center (GOC) which delivers advanced application layer monitoring and troubleshooting to
ensure minimal service interruption to its customers. In the event of an unscheduled problem or
outage with the customer’s service, the GOC will follow an interwoven set of procedures to facilitate
fast resolution. Having full visibility of application performance helps the GOC to identify and mitigate
service affecting problems quickly, tracking traffic trends provides insight into any potential issues that
may arise.
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 4
2.5 CUSTOMER PORTAL
The NTT Com Customer Portal provides a single point of contact for viewing information about your
SD-WAN solution, this includes:
Real-time streaming network analytics – end-to-end transparency and visibility of application traffic
Site-to-site communication
Network metrics, including throughput / delay / jitter / packet loss
Capability to self-deploy network functions
Configure and manage security policies in real time
Ticket and event management
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 5
3 Design Overview
3.1 TRANSPORT-INDEPENDENT WAN DESIGN
Software Defined hybrid networks need to be designed to provide efficient application performance.
As part of our consultation process with you, we will determine the best topology based on your
business requirements. The design will allow us to create application routing policies and also allow
for load balancing of default traffic in order to ensure that all available WAN capacity is fully utilized
and not wasted.
3.2 SITE DESIGN OPTIONS
Depending on your site requirements for service availability and bandwidth, NTT Com is able to
design a solution that incorporates multiple (hybrid connectivity) access types. These can include
dedicated access like Ethernet and Direct Internet Access combined with more cost-effective
connectivity like broadband DSL.
Normally an MPLS service runs in ACTIVE/PASSIVE mode which means that all traffic will travel
down the primary MPLS line. If the MPLS line should fail then the traffic will switch over to the backup
(PASSIVE) line.
With an SD-WAN, multiple access lines work together and are all ACTIVE. This allows for better use
of your connectivity and can increase the available bandwidth.
3.3 ON-PREMISES OR CLOUD-BASED
NTT Com’s delivery options for SD-WAN functions include:
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 6
SD-WAN Edge Device — SD-WAN proprietary hardware installed within branch-office
On-premises uCPE — SD-WAN as virtual network function (VNF) installed within branch-office
virtualized CPE
Cloud-based — network function delivered from NTT Com’s network PoPs which are distributed
globally
3.4 APPLICATION ROUTING POLICIES
To maintain the quality of the network application, routing policies will be created. These policies are
then placed into specific traffic classes:
Real-time (Voice & Video)
Transactional data (Enterprise applications like Citrix, SAP…)
Bulk data (FTP, SMB or other traffic to be offloaded to the internet)
Default (All other traffic not matching one of the other classes)
For each traffic class, the SD-WAN enabled edge devices will continuously monitor the network quality
of both MPLS and internet based links to ensure that it meets the performance requirements that have
been defined in the policy.
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 7
3.5 QUALITY OF SERVICE
SD-WAN uses the packet marking information to place the traffic into its defined Quality of Service
(QoS) traffic class. That means that traffic needs to be correctly identified and marked so that the SD-
WAN edge can ensure for example that VoIP traffic is forwarded over the MPLS network and File
Transfer Protocol (FTP) traffic over the internet.
In order to identify the traffic, each SD-WAN edge has a special function configured, which is able to
inspect the traffic and identify the applications. This means the edge devices can differentiate between
application-A and application-B traffic, even though both are HTTPS traffic going to the internet. In
case of outbound internet congestion, dedicated bandwidth can be allocated to the enterprise critical
traffic, such as important cloud-based applications.
www.ntt.com Title: SD-WAN – Technical Service Description 20 June 2017 | Prepared by: NTT Communications Product Management & Marketing
Copyright © 2017 NTT Communications Security: External Use 8
NTT Europe Ltd. Europe Head Office1 King William Street London EC4N 7AR United Kingdom
TEL: +44 20 7977 1000
NTT Singapore Pte. Ltd.Singapore Head Office20 West Pasir Panjang Road #11-28 mapletree Business City Singapore 117439
TEL: +65 6438 3101
Copyright © 2017 NTT Communications
The rights of third party trade mark owners are acknowledged. Information in this document is correct at time of print and is subject to change without notice.
NTT America, Inc. America Head Office757 Third Avenue, 14th Floor New York, NY 10017 U.S.A.
TEL: +1 212 661 0810
NTT Com ICT Solutions Pty LtdAustralia Head OfficeLevel 19, 321 Kent Street Sydney NSW 2000 Australia
TEL: +61 2 9270 3400
NTT Communications CorporationGlobal Head Office1-1-6 Uchisaiwai, Chiyoda-ku Tokyo 100-8019 Japan
TEL: +81 3 3500 8111
NTT Com Asia Ltd.Hong Kong Head Office6 Chun Kwong Street Tseung Kwan O Industrial Estate Tseung Kwan O Hong Kong
TEL: +852 3793 0288
www.ntt.com
Contact us:
SDWAN062017-4