Published on February 19, 2014
Waves of adoption for NFV How public, private and hybrid cloud networking is used for real workloads Chris Swan, CTO @cpswan the original cloud networking company copyright 2014 1
Agenda What is NFV? Bursting and Containment Hubs and Spokes Winning Back Control Summary copyright 2014 2
What is Network Function Virtualization? copyright 2014 3
Positioning - NFV and SDN copyright 2014 4
Providers and Customers have different concerns Layer 6 Layer 5 Application SDN (using NFV) begins at the top of the network with the enterprise application, its owner and their collective technical and organizational demands. Layer 4 User Control Layer 7 Limits of access, control, & visibility Layer 3 Layer 2 Layer 1 Service Provider SDN starts at the bottom of the network with the "device" and network flows. Virtualization Layer Hardware Ownership Layer Layer 0 copyright 2014 5
NFV as a networking Swiss Army knife Application SDN (Software Defined Network) Appliances • Allow control, mobility & agility by separating network location and network identity • Control over end to end encryption, IP addressing and network topology NFV Router IPsec/SSL VPN concentrator Switch Firewall Protocol Redistributor Dynamic & Scriptable SDN copyright 2014 Hybrid virtual device able to extend to multiple sites 6
A technical use case overview US East 1 EMEA APAC Overlay Network Subnet: 172.31.0.0/22 Cloud Server C Cloud Server ACloud Server B Overlay IP: 172.31.1.1 Public IP: 18.104.22.168 Overlay IP: 172.31.1.250 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Peered NFV NFV Public IP: 22.214.171.124 Overlay IP: 172.31.1.246 Active IPsec Tunnel 192.168.3.0/24 172.31.1.0/24 Firewall / IPsec Cisco 5505 User Workstation LAN IP: 192.168.3.50 Cloud Server E Cloud Server F Cloud Server D Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Peered Overlay IP: 172.31.1.21 Public IP: 126.96.36.199 Overlay IP: 172.31.1.242 NFV Active IPsec Tunnel 192.168.4.0/24 172.31.1.0/24 Failover IPsec Tunnel Firewall / IPsec Cisco 5585 Data Center Server LAN IP: 192.168.4.50 User Workstation LAN IP: 192.168.3.100 Customer Remote Office Data Center Server LAN IP: 192.168.4.100 Customer Data Center London, UK Remote Subnet: 192.168.4.0/24 Chicago, IL USA Remote Subnet: 192.168.3.0/24 copyright 2014 7
Wave 1 Bursting and Containment copyright 2014 8
Fund bursts into public cloud to extend HPC Mutual fund securely extends HPC grid resource US-east-1 US-west-1 Overlay Network Node Node Peered NFV NFV Active IPsec Tunnels Firewall / IPsec Data Center Node Node Private Data Center Boston, USA copyright 2014 9
AD Configuration with Dual NIDs Mobile provider creates secure dev/test environments US-east-1 Private Cloud Hybrid Network Virtual Machine NFV Virtual Machine Peered NFV Active IPsec Tunnels 192.168.4.0/24 - 172.31.1.0/24 Firewall / IPsec Firewall / IPsec Data Center Servers Partner Data Center copyright 2014 User Workstation User Workstation Developer Office USA 10
Energy Savings Trust analyses data in IBM Cloud UK non-profit analyses 20 years of energy data & reduces CO2 Ehningen Cloud Server Virtual Machine NFV Active IPsec Tunnel Firewall / IPsec Data Center Servers On-Site Hardware UK copyright 2014 11
Capacity expansion: meeting game day demand US Sports Association flexes up & down during large annual events us-east-1 Cloud Server Virtual Machine NFV Active IPsec Tunnels Firewall / IPsec Workstations Media Partners Main Offices EMEA, & US & ANZ copyright 2014 Data Center New York, NY USA 12
BPMS-as-a-SaaS without traditional complexity BPMS vendor reaches customers without on premise installations us-east-1 us-west-2 Federated Cloud Overlay Network Virtual Machine Virtual Machine NFV Peered NFV Active IPsec Tunnels Failover IPsec Firewall / IPsec Private Cloud Cloud-based SaaS tool Customer Data Center 1 London, UK copyright 2014 Data Center Servers Customer Data Center 2 Berlin, DE Home Data Center Boston, MA USA 13
Wave 2 Hubs and spokes copyright 2014 14
Cloud “Meet Me Room” Retail analytics firm connects in shared, private environment us-east-1 us-west-2 Federated Cloud Overlay Network Virtual Machine Virtual Machine NFV Peered NFV Active IPsec Tunnels Failover IPsec Firewall / IPsec Remote Team Remote Team Internal IT Data Center 1 Dev/Test Camden, MA USA New York, NY USA Data Center Servers copyright 2014 Home Data Center Boston, MA USA 15
Cloud WAN for global reach and redundancy Firm extended offerings with global cloud points of presence US East Coast Netherlands APAC-1 Peered Peered NFV NFV NFV Active IPsec Tunnels Firewall / IPsec Remote Team Data Center Server Workstations Data Center Server Customer 1 Customer 2 Office Data Center Data Center Server New York USA copyright 2014 Tokyo, Japan London, UK Frankfurt, Germany 16
Multitenant cloud-based partner network Connecting mobile banking customers to common infrastructure Mobile Banking Platform Cloud Region A Cloud Region B Cloud Region C Cloud Region D Virtual Machine NFV Encrypted IPsec Tunnels Firewall / IPsec Data Center Server Data Center Server Data Center Server Data Center Server Data Center Server Customer Customer Customer Customer Data Center N Data Center 1 Data Center 2 Data Center 3 Home Network UK copyright 2014 USA UK USA USA 17
The globe spanning disposable network Mission specific networks brought up in hours, used for weeks Data Center Server Where NFV really shines today: create a WAN in minutes, use cloud as points of presence for your business User Workstation User Workstation copyright 2014 18
Wave 3 Winning back control copyright 2014 19
Overlay between public & private cloud Application developers no longer have ITIL processes in the way of agile delivery Location 1 Location 2 Location 3 Cloud Servers Cloud Servers Cloud Servers Peered Public IP: 188.8.131.52 Peered Public IP: 184.108.40.206 Peered Peered Public IP: 220.127.116.11 Peered Public IP: 18.104.22.168 Public IP: 22.214.171.124 Public IP: 126.96.36.199 Peered Location 5 Cloud Servers Public IP: 188.8.131.52 Public IP: 184.108.40.206 Cloud Servers Peered Peered Location 4 Peered Public IP: 220.127.116.11 Peered Peered Public IP: 18.104.22.168Public IP: 22.214.171.124 Public IP: 126.96.36.199 Region: Europe-1 NFV Overlay Network 172.31.0.0/24 copyright 2014 20
The first “process” customizable cloud transport network device NFV allows customers to embed features and functions provided by other vendors - or developed in house, safely and securely into cloud networks • Not just a scripting interpreter that allows control over known, existing features • Completely new functions, processes, computation delivered to the core of the customer cloud network (patent pending) NFV Router Switch Firewall IPsec/SSL VPN Concentrator (Reverse) Proxy SSL Termination Content Caching Load Balancing Protocol Redistributor Intrusion Detection copyright 2014 Dynamic & Scriptable SDN More.... Customer controlled, and cocreated, for the best hybrid cloud experience 21
Summary copyright 2014 22
Summary NFV allows networks to be built out of the cloud Users get control over their: Security Topology Addressing Protocols When you give people a networking Swiss Army knife to run in the cloud they do all kinds of stuff that you might not have expected copyright 2014 23
The CloudCamp Team 'Fireside Chat' - why is it still called cloud? 12:45 - 13:10 in Management, Services and Applications Stream copyright 2013 24
Questions? Paddington, London, UK ContactMe@cohesiveft.com +44 20 8144 0156 copyright 2014 25
Chris Swan's CloudExpo Europe presentation "Keeping control when moving applications to the ... “Waves of adoption for Network Function Virtualisation ...
Nachrichten » CohesiveFT CTO Chris Swan -- CloudExpo Europe 2014 Speaker and Panelist ...
Chris Swan’s CloudExpo Europe presentation “Keeping control when moving applications to ... “Waves of adoption for Network Function Virtualisation ...
In their Live Hack” presentation at 17th Cloud Expo, ... Chris Harrold, ... @CloudExpo #Cloud #Microservices. By Liz McMillan. For it to be SOA ...
He was impressed with the success of these two presentations. ... Swan Lake became known in Europe and the United States not long after the revised version ...
Vergleichbar ist die Bedeutung der TED in den USA mit dem, was das Weltwirtschaftsforum in Davos in Europa ist ... Chris Anderson antwortete darauf ...
Brokers: Join Here. Brokers, advertise your brokerage boats on YachtWorld.com. View a presentation and find out about YachtWorld Membership, providing a ...