A Better Architecture for Hybrid WAN - VeloCloud

VeloCloud Networks, Inc. | Proprietary & Confidential | © Copyright 2016

A Better Architecture

for Hybrid WAN

Steve Woo, VP Products & Co-founder, VeloCloud


hybrid networknoun / hy – brid net - work

: combination of two or more different types of networks

: typically referring to combination of private and public WAN transport


Challenge the Definition

Private WAN

Hybrid WAN

• Hybrid WAN bar is pretty low• Also only looking at one dimension of network – the transport


Hybrid Transport - Tiers


Bar is pretty lowHybrid WAN-use both public and private-BUT DISPARATE or-BACKUP ONLY


Yes, SimplifySD-WAN Hybrid-unified usage of links-simplified policyBUT CRITICAL TRAFFIC RELIES ON PRIVATE SLA


Shoot for the…

… Optimized Performance

TRANSPORT INDEPENDENT PERFORMANCE-Enable the use of any transport even for critical, network sensitive applications


Hybrid WAN versus True Transport Independence

Policy Managed Hybrid

Priority Site-2-site

traffic

Private

Normal Site-2-site

traffic

Load balance private

and Internet

Cloud traffic Direct to cloud over

Internet

True Transport Independence

Site-2-site traffic:

Priority and

Normal

Dynamic Multi-Path Opt to automatically

select link, on a per-packet basis, based on

priority, app type and link performance

Cloud traffic

Priority and

Normal

Dynamic Multi-Path Opt over Internet links,

based on priority and link performance

• Most technologies simplify policy assignment of critical traffic to MPLS– Utilize broadband for low priority

– May also deploy local QoS


Simplicity of Transport Independence

Abstract actual interface/WAN links from the

business policy

Automatic [default]

All Transport

Based on:

Business priority for app

App-specific network SLAs

Real-time link conditions

Automatically steer each app

onto a suitable available link

Per-packet re-steer a session

mid-flow if changing link

conditions necessitate


Advanced SD-WAN for Hybrid

Assured Application performance over MPLS, Internet broadband and LTE circuits

Continuous Link Monitoring

Drives automation and

optimization

Dynamic Per Packet Steering

Sub-second steering

without session drops

Aggregated bandwidth for

single flows

On Demand Remediation

Protects against

concurrent degradation

Enables single link

performance


Policy Based Link Steering Overrides

Pin an application to a path

even when the link fails

e.g. > PCI to compliant provider

Prefer application on a path but

steer away if cannot meet SLA

e.g. > Prefer high bandwidth

video conferencing on broadband

Prefer application on a path but

steer away if the link fails

e.g. > Wired to wireless

Add metered usage of wireless

Abstract actual interface/WAN links from the

business policy

Mandatory

Private

Available

Public Wired

Preferred

Public

Internet

Public-Wireless

Private

Public

Public-Wired

Private


Target Advanced SD-WAN Hybrid

Private WAN

Hybrid WAN

• Much more possible with hybrid transport

SDWAN

Advanced

SDWAN


Expanded

Dimensions for

Hybrid Network

Services

Private WAN

Hybrid WAN

SD-WAN

Advanced

SDWAN


Shoot for the…clouds


Legacy Hybrid Compute: Backhaul

Datacenter Branch Branch

• Not optimized for migration to cloud• Backhaul performance penalty

• Congests datacenter WAN

Internet

MPLS/Private


Legacy Hybrid Compute: Best Effort Direct

Datacenter Branch Branch

• “Direct” to Internet

• Best effort for availability and performance

• Manual, two-sided secure tunnel setup

Internet

MPLS/Private


SD-WAN

SD-WAN On-Premises

SaaS / IaaS

SD-WAN

Edge

Enterprise DC

Edges in “hub” role at enterprise datacenters and regional hubs

On-premises Orchestrator and Controllers

Direct breakout to Internet for non-backhaul traffic

SD-WAN

Orchestrator

&

Controllers

Régional Hubs

Branch

Web

SD-WAN

Edge

SDWAN

Edge


SD-WAN

Cloud-Delivered SD-WAN

SaaS / IaaS

Enterprise DCBranch

Web

Cloud

Gateways

Pre-installed at cloud doorstep

Delivered as-a-service

Performance, Reliability & Security

SD-WAN extended to cloud for hybrid applications, compute and services

SD-WAN

Edge

SD-WAN

Orchestrator

&

Controllers

SD-WAN

Edge


Hybrid Services Insertion

Branch Site

Enterprise Hub

On Premises

Security

Other Web traffic

Salesforce.com

Web email

Internet

• Backhaul to on-premises services

– Regional and central

• Forwarding to cloud services, with SD-WAN performanceCloud

Security

Services

SD-WAN service chaining for hybrid services


Hybrid Network - Topologies


SD-WAN

Hybrid “Parallel” Topology

MPLS/Private

Internet MPLS and Internet to destination

Use both links in active/active or

active/backup

On-premises [bottom] purely OTT end-

to-end solution – not in SP network


SD-WAN

Hybrid “Off Net to On Net” Topology

MPLS/Private

Private core / backbone

Last mile / access is SD-WAN Internet or hybrid

Access to private network via enterprise regional

hub or service provider SDWAN gateway

SD-WAN in the (SP) network provides value-add

and strategic on-ramp


SD-WANSD-WAN

Hybrid “Regional WAN” Topology

MPLS/Private

Private network connects regional

SD-WAN domains

Branches cross regions via private net

Dynamic branch to branch only within a

region


SD-WAN

Hybrid “Mixed Sites” Topology

Silver Site / SD-WAN HybridExisting SP MPLS Router

New SD-WAN Edge

Legacy Site / HybridMPLS with

VPN backup

Bronze Site / SD-WAN

InternetSingle/dual

Internet

MPLS/Private

Internet

Legacy and SD-WAN hybrid and Internet sites can co-exist


Advanced Services


Engineered Performance vs SLA

>99% of the time SD-WAN

delivers quality VOIP over

the Internet


Unified OTT Security

Branch SiteEnterprise DC

Hub Edge

Branch

Edge

Enterprise DC

Traditional

Private

Datacenters

INTERNET

Cloud Gateways

Private - MPLS

IPsec VPN

Same IPsec VPN, whether public or private transport – to Ent and cloud DCs


Simplified Cloud VPN

Branch SiteEnterprise DC

Enterprise DC

Cloud traffic not backhauled to enterprise datacenter

Cloud gateway provides automated branch VPN to

aggregated cloud connection


Full Potential of SD-WAN Hybrid Networks

Services

Cloud-

Delivered

SD-WAN

Network (as

a) Service

On-Premises

SD-WAN

Enterprise

Apps

Hybrid Apps

SaaS / IaaS

Private WAN

Hybrid WAN

SD-WAN

Advanced

SD-WAN

On-Premises

Services

• Flexibility

• Synergy


Next:Maximizing SD-WAN Architecture with

Service Chaining

Live webinar on Aug 17 at 10am


Thank You

Technology

A Better Architecture for Hybrid WAN - VeloCloud