SlideShare a Scribd company logo

Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture

Download as PPTX, PDF
N
NetworkCollaborators

Cisco Connect 2018 Indonesia -

Technology
1 of 30
Next-Gen Cisco SD-WAN Architecture Shamil Fernando & Heri Chayadi Wibowo Manager Systems Engineering (Cisco SD-WAN) Enterprise Network System Engineer
User and Application Landscape is Changing Change in App Content Change in App Delivery Change in App Consumption Rich, Dynamic, Web-Based Cloud, SaaS, Virtualized Mobile, Diverse devices Internet Edge Is Moving to the Branch Applications Are Moving to the Cloud INTERNET MPLS 4G DC vDC IaaS SaaS mobile branch guest head office
Customer Requirements Security and Compliance are critical areas and require us to have the appropriate Segmentation, Policing, Access Controls and Visibility from end-to-end Network Planning I want to Simplify Deployments and Automate Policy Enforcement to ensure a Consistent and Seamless Application Experience Network Operations I want to Centralized Policy Enforcement and Assurance to Accelerate Time to Resolution Network Manager I need to Replace or Change existing Infrastructure and WAN Services to Lower Costs and Maximize Investments Security Operations
Traditional and Legacy Architectures cannot scale to address changing needs SOFTWARE DEFINED: True separation of control, data and management CLOUD: Cloud hosted and delivered APPLICATION AWARE: Visibility & SLA business intent policy enforcement SCALE AND FLEXIBILITY: True enterprise scale SECURITY: Ingrained authentication, encryption, segmentation, access controls & service chaining OPEN: for automation, orchestration, best-of-breed integration Application Bandwidth Requirements Cloud Consumption Disjointed Security Simplified Operations WAN Flexibility Time To Capability Challenges Enabling Seamless transition from traditional WAN to SD WAN SECURE WAN FABRIC Broadband 4G/LTEMPLS ZERO TOUCH ZERO TRUST 1
• Reduce Cost • Secure Your Network • Operate Faster and Simplicity • Integrate Latest Cloud and Network Technologies Cisco SD-WAN Solution helps you to:
Traditional Networks  Control and Data Plane same devices  Peer-to-peer control plane  Routing protocol prorogate for all (N^2) complexity  Localize management  Complex to manage  Not scalable  Impossible to support multiple transport  Link down create route storm Control & Data Plane Control & Data Plane Control & Data Plane
4G/LTE MPLS1Internet MPLS2 SD-WAN Principals • Separation Control and Data Plane • DTLS/TLS is used to establish the control channel • Control channel is established only with central controllers • No scaling issues are with full mesh of control plane • Control channel does not have to follow the data path • No disruption one link fail Data Plane Control Plane Data PlaneData Plane Data Plane
Cisco SD-WAN Architecture Control Plane (Containers or VMs) Data Plane (Physical or Virtual) Management Plane (Multi-tenant or Dedicated) Orchestration Plane API 4GINTERNET MPLS vSmart ANALYTICSORCHESTRATION vManager vManage vSmart vEdge vBond vBond Data Center Campus Branch Home Office
Cisco SD-WAN Solution Elements 4G/LTE MPLSInternet vEdge Routers vSmartvManage Ubiquitous Data Plane Secure Control Plane Controllers On-premise/cisco Cloud/ Partner Cloud vBond
Cisco SD-WAN Solution Transport Independent Fabric CellularMPLSBroadband Delivery Platform QoS Application Policies Security Per-Segment Topologies Segmentation Svc Insertion Cloud Path Application Visibility & SLA Secure Perimeter Traffic Engineering SurvivabilityRouting Analytics Monitoring Operations Transport Hub Multicast Cloud Accel
Zero-Trust Security Principles DTLS/TLS Control Tunnel  Strong authentication - PKI certificates, 2048bit keys  Highly encrypted tunnels - DTLS/TLS AES256 - White-list model  Ubiquitous Deployment - Automatic NAT mitigation Control Elements X.509 Certificate
Secure Bring-up With Approval • Per-device control on TPM identity trust • Single stage (Zero Touch Provisioning) – TPM identity is automatically trusted • Two stage (One Touch Provisioning) – TPM identity is not automatically trusted. Requires administrator validation. • Staging Mode – TPM identity is automatically trusted for control, but not for data. Requires administrator validation.
End to End Security TransportsTransportsTransports Site 1 Site 2 IPSec AES256-GCM ESPv3 with HMAC SHA-1 vSmart Controllers Control Plane DTLS/TLS IPSec security associations IPSec security associations Update Update  Symmetric encryption IPsec AES256-GCM ESPv3 with HMAC SHA-1  Traffic Encryption and Authentication Header  Tunnel Liveliness Detection (BFD)  Anti-Replay Protection  Rekey 12 hours  Each vEdge advertises its local IPsec encryption key Traffic Encrypted with Key 2 Traffic Encrypted with Key 1 vEdge Router vEdge Router Local Remote Local Remote
Configuration Simplicity and ZTP • Templates are attached to provisioned vEdge routers • Variables are used for rapid bulk configuration rollout with unique per- device settings • Local configuration changes are not allowed - Prevents configuration drift
Configuration Simplicity and ZTP Zero Touch Bringup Server Control and Policy Elements Full Registration and Configuration vEdge Router 1 2 3 4 5 * Factory default config Assumption:  DNS to resolve ztp.viptela.com*  Authentication  Push the configuration  Enforce the version
Application Visibility Secure SD-WAN Fabric Deep Packet Inspection Over 3000+ application  App Firewall  Traffic prioritization  Transport selection vEdge Router App 1 App 2 App 3,000
Application Performances and AAR Path1: 10ms, 0% loss, 2ms jitter Path2: 200ms, 3% loss 5ms jitter Path3: 140ms, 1% loss 3ms jitter vSmart Controllers App Aware Routing Policy App A path must have latency <150ms and loss <2% Path 2  vEdge Routers continuously perform path liveliness and quality measurements Latency, Loss and Jitter,  Auto Load Balance Device QoS (shaping, policing, queuing, marking) Internet MPLS 4G LTE Optimal Throughput
End to End Segmentation Use Cases  Security Zoning  Compliance  Guest WiFi  Multi-Tenancy  Extranet Interface VLAN Prefix TransportsTransports Site 1 Site 2 Data Center VPN A VPN B VPN C IPSec 20 IP 8 UDP 36 ESP 4 VPN … Data Label 802.1q 802.1q IF IF IF IF  Isolated virtual private networks across any transport  VPN mapping is based on physical vEdge Router interface, 802.1Q VLAN tag or a mix of both
Per-Segment Topologies Full Mesh Hub-and-Spoke Regional Hub Unified Communications Data Center Applications Regional Internet/Services Optimal Application Experience
Cloud onRamp for IaaS Secure SD-WAN Fabric Provide security, segmentation, QoS and reliability to cloud workloads?
Optimize Public Cloud Performance (SaaS) Regional internet exit Branch with local DMZ Data Center/DMZ vFabric httping probes SaaS traffic primary SaaS traffic backup Score Color 8-10 GREEN 5-8 YELLOW 0-5 RED
Secure Internet Access Secure SD-WAN Fabric Branch Campus Regional Data Center Internet & Cloud Small Office Home Office Cisco Security
Centralize Management & Monitoring Centralize Configuration • Security • Template Configuration • Policy • Routing • QoS, Marking • ACL • Application SLA • ….. Centralize Monitoring • Devices • Application • Bandwidth usage • Link Performances • Alerts
Analytics Dashboard Visibility • Application Visibility • Network Visibility • Network Co-relation • Cross-Customer Comparison Forecast • Application Usage Forecast • Bandwidth Usage Forecast What-If • Branch Expansions • Rolling out new applications • Policy changes Recommendation
Self Healing Capabilities Active Software Available Software Available Software Available Software A B C D Activate Rollback vEdge Router 1 2 3 Failed Upgrade vEdge Router 1 Attach Template vManage 2 Connectivity Lost Rollback 3
High Availability and Redundancy VRRP OSPF/ BGP OSPF/ BGP Internet InternetMPLSMPLS Internet MPLS Site Data Center MPLS Internet vSmart Controllers Control Data
vEdge Portfolio vEdge capabilities integrated into all IOS-XE platforms (ISR, CSR, ENCS, ASR1K) cloud Interconnect (2 Gbps +) Small Office Home Office 100 Mbps Branch Campus 1 Gbps Large Campus Data Center 10 Gbps Higher Capacity Aggregation 20 Gbps+ ISR4K ASR1K Private Cloud ENCS
Why Cisco SD-WAN Trusted by Fortune 500 Enterprises Cisco SD-WAN: The Most-Deployed Enterprise Grade SD-WAN Thousands of sites, every major industry, including: RETAIL HEALTHCARE FINANCIAL SERVICES ENERGY Most deployed and trusted by Fortune 500 enterprises Winning 95% of competitive POCs Standards Compliant: …and more
IT’s All You Jakarta, Indonesia 10 April 2018 Cisco Connect

Recommended

Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Canada
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN Technology
Cisco Canada
 
Understanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionUnderstanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN Solution
Cisco Canada
 
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Insight
 
CenturyLink SD-WAN Executive Brief -- Emily Pechal
CenturyLink SD-WAN Executive Brief -- Emily PechalCenturyLink SD-WAN Executive Brief -- Emily Pechal
CenturyLink SD-WAN Executive Brief -- Emily Pechal
Emily Pechal
 
How LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
How LTE is Enabling Non-Stop Connectivity for SD-WAN DeploymentsHow LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
How LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
Enterprise Management Associates
 
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Cisco Canada
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
Cisco Canada
 

Recommended

Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Canada
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN Technology
Cisco Canada
 
Understanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionUnderstanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN Solution
Cisco Canada
 
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Meraki vs. Viptela: Which Cisco SD-WAN Solution Is Right for You?
Insight
 
CenturyLink SD-WAN Executive Brief -- Emily Pechal
CenturyLink SD-WAN Executive Brief -- Emily PechalCenturyLink SD-WAN Executive Brief -- Emily Pechal
CenturyLink SD-WAN Executive Brief -- Emily Pechal
Emily Pechal
 
How LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
How LTE is Enabling Non-Stop Connectivity for SD-WAN DeploymentsHow LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
How LTE is Enabling Non-Stop Connectivity for SD-WAN Deployments
Enterprise Management Associates
 
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed ...
Cisco Canada
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
Cisco Canada
 
TechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN SecurityTechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN Security
Robb Boyd
 
Presentation NetScaler SD-WAN - David Gallo
Presentation NetScaler SD-WAN - David GalloPresentation NetScaler SD-WAN - David Gallo
Presentation NetScaler SD-WAN - David Gallo
Michelle Guerrero Montalvo
 
Secure Your Network for Scale & the Cloud
Secure Your Network for Scale & the CloudSecure Your Network for Scale & the Cloud
Secure Your Network for Scale & the Cloud
VeloCloud Networks, Inc.
 
SD-WAN 2.0: Building a Better SD-WAN, October 2016
SD-WAN 2.0: Building a Better SD-WAN, October 2016SD-WAN 2.0: Building a Better SD-WAN, October 2016
SD-WAN 2.0: Building a Better SD-WAN, October 2016
ADVA
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
VeloCloud Networks, Inc.
 
SD-WAN
SD-WANSD-WAN
SD-WAN
chetnaganatra
 
DNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus DayDNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus Day
Cisco Canada
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
Ashutosh Kaushik
 
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile EraThe Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
Digital Transformation EXPO Event Series
 
Cisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Virtual Managed Services Solution
Cisco Virtual Managed Services Solution
Cisco Service Provider
 
The greatest SDWAN sales slidedeck ever created
The greatest SDWAN sales slidedeck ever createdThe greatest SDWAN sales slidedeck ever created
The greatest SDWAN sales slidedeck ever created
Ronald Bartels
 
Software Defined WAN – SD-WAN
Software Defined WAN – SD-WANSoftware Defined WAN – SD-WAN
Software Defined WAN – SD-WAN
MarketingArrowECS_CZ
 
Intelligence at the Edge: How SD-WAN can Enable a Smarter Network
Intelligence at the Edge: How SD-WAN can Enable a Smarter NetworkIntelligence at the Edge: How SD-WAN can Enable a Smarter Network
Intelligence at the Edge: How SD-WAN can Enable a Smarter Network
QOS Networks
 
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
Ciaran Roche
 
SD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloudSD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloud
VeloCloud Networks, Inc.
 
China Telecom Americas: SD-WAN Overview
China Telecom Americas: SD-WAN OverviewChina Telecom Americas: SD-WAN Overview
China Telecom Americas: SD-WAN Overview
Vlad Sinayuk
 
SD WAN
SD WANSD WAN
SD WAN
Bri Molina
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?
Phani Kumar
 
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
Nur Shiqim Chok
 
Présentation Matinée SD-WAN Waycom & Citrix
Présentation Matinée SD-WAN Waycom & CitrixPrésentation Matinée SD-WAN Waycom & Citrix
Présentation Matinée SD-WAN Waycom & Citrix
Waycom
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
Nur Shiqim Chok
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 

More Related Content

What's hot

SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
Ashutosh Kaushik
 
Cisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Virtual Managed Services Solution
Cisco Virtual Managed Services Solution
Cisco Service Provider
 
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
Nur Shiqim Chok
 

What's hot (20)

TechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN SecurityTechWiseTV Workshop: SD-WAN Security
TechWiseTV Workshop: SD-WAN Security
 
Presentation NetScaler SD-WAN - David Gallo
Presentation NetScaler SD-WAN - David GalloPresentation NetScaler SD-WAN - David Gallo
Presentation NetScaler SD-WAN - David Gallo
 
Secure Your Network for Scale & the Cloud
Secure Your Network for Scale & the CloudSecure Your Network for Scale & the Cloud
Secure Your Network for Scale & the Cloud
 
SD-WAN 2.0: Building a Better SD-WAN, October 2016
SD-WAN 2.0: Building a Better SD-WAN, October 2016SD-WAN 2.0: Building a Better SD-WAN, October 2016
SD-WAN 2.0: Building a Better SD-WAN, October 2016
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
 
SD-WAN
SD-WANSD-WAN
SD-WAN
 
DNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus DayDNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus Day
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
 
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile EraThe Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
 
Cisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Virtual Managed Services Solution
Cisco Virtual Managed Services Solution
 
The greatest SDWAN sales slidedeck ever created
The greatest SDWAN sales slidedeck ever createdThe greatest SDWAN sales slidedeck ever created
The greatest SDWAN sales slidedeck ever created
 
Software Defined WAN – SD-WAN
Software Defined WAN – SD-WANSoftware Defined WAN – SD-WAN
Software Defined WAN – SD-WAN
 
Intelligence at the Edge: How SD-WAN can Enable a Smarter Network
Intelligence at the Edge: How SD-WAN can Enable a Smarter NetworkIntelligence at the Edge: How SD-WAN can Enable a Smarter Network
Intelligence at the Edge: How SD-WAN can Enable a Smarter Network
 
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
WAN Summit NYC: SDN, SD-WAN, NFV - I'm Confused!
 
SD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloudSD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloud
 
China Telecom Americas: SD-WAN Overview
China Telecom Americas: SD-WAN OverviewChina Telecom Americas: SD-WAN Overview
China Telecom Americas: SD-WAN Overview
 
SD WAN
SD WANSD WAN
SD WAN
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?
 
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
[Cisco Connect 2018 - Vietnam] Shamil fernando hcmc next-gen cisco sd-wan (vi...
 
Présentation Matinée SD-WAN Waycom & Citrix
Présentation Matinée SD-WAN Waycom & CitrixPrésentation Matinée SD-WAN Waycom & Citrix
Présentation Matinée SD-WAN Waycom & Citrix
 

Similar to Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture

CloudGenix_Customer Presentation
CloudGenix_Customer PresentationCloudGenix_Customer Presentation
CloudGenix_Customer Presentation
Syed Arsalan
 
Cross selling 5
Cross selling 5Cross selling 5
Cross selling 5
Sen Nathan
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
CA Technologies
 

Similar to Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture (20)

[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
en_perfect_pitch_training_2015.pptx
en_perfect_pitch_training_2015.pptxen_perfect_pitch_training_2015.pptx
en_perfect_pitch_training_2015.pptx
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
 
Cisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s RealityCisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s Reality
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
SD-WAN iFLX-Brochure
SD-WAN iFLX-BrochureSD-WAN iFLX-Brochure
SD-WAN iFLX-Brochure
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
 
iWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience SolutioniWAN - Cisco Application Experience Solution
iWAN - Cisco Application Experience Solution
 
CloudGenix_Customer Presentation
CloudGenix_Customer PresentationCloudGenix_Customer Presentation
CloudGenix_Customer Presentation
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
 
Igor lakhman net_res_v1
Igor lakhman net_res_v1Igor lakhman net_res_v1
Igor lakhman net_res_v1
 
TechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WANTechWiseTV Workshop: Cisco SD-WAN
TechWiseTV Workshop: Cisco SD-WAN
 
Cross selling 5
Cross selling 5Cross selling 5
Cross selling 5
 
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
Cisco Connect 2018 Thailand - Software defined access a transformational appr...Cisco Connect 2018 Thailand - Software defined access a transformational appr...
Cisco Connect 2018 Thailand - Software defined access a transformational appr...
 
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven DecisionsVisualizing Application & Delivery Flows to Make Data-Driven Decisions
Visualizing Application & Delivery Flows to Make Data-Driven Decisions
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
 
WWT IWAN Technical Presentation
WWT IWAN Technical PresentationWWT IWAN Technical Presentation
WWT IWAN Technical Presentation
 
Nuage Networks: Delivering Datacenter Networks As Consumable as Computee_scot...
Nuage Networks: Delivering Datacenter Networks As Consumable as Computee_scot...Nuage Networks: Delivering Datacenter Networks As Consumable as Computee_scot...
Nuage Networks: Delivering Datacenter Networks As Consumable as Computee_scot...
 

More from NetworkCollaborators

More from NetworkCollaborators (20)

Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy Cisco Connect 2018 Singapore - Cybersecurity strategy
Cisco Connect 2018 Singapore - Cybersecurity strategy
 
Cisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesCisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response Services
 
Cisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights onCisco Connect 2018 Singapore - Do more than keep the lights on
Cisco Connect 2018 Singapore - Do more than keep the lights on
 
Cisco Connect 2018 Singapore - jordan koh
Cisco Connect 2018 Singapore - jordan kohCisco Connect 2018 Singapore - jordan koh
Cisco Connect 2018 Singapore - jordan koh
 
Cisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security EquationCisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security Equation
 
Cisco Connect 2018 Singapore - Transforming Enterprises in a Multi-Cloud World
Cisco Connect 2018 Singapore - Transforming Enterprises in a Multi-Cloud WorldCisco Connect 2018 Singapore - Transforming Enterprises in a Multi-Cloud World
Cisco Connect 2018 Singapore - Transforming Enterprises in a Multi-Cloud World
 
Cisco Connect 2018 Singapore - The Network Intuitive
Cisco Connect 2018 Singapore - The Network IntuitiveCisco Connect 2018 Singapore - The Network Intuitive
Cisco Connect 2018 Singapore - The Network Intuitive
 
Cisco Connect 2018 Singapore - Cisco CMX
Cisco Connect 2018 Singapore - Cisco CMXCisco Connect 2018 Singapore - Cisco CMX
Cisco Connect 2018 Singapore - Cisco CMX
 
Cisco Connect 2018 Singapore - Easing the Transition
Cisco Connect 2018 Singapore - Easing the Transition Cisco Connect 2018 Singapore - Easing the Transition
Cisco Connect 2018 Singapore - Easing the Transition
 
Cisco Connect 2018 Singapore - Cisco SD-WAN
Cisco Connect 2018 Singapore - Cisco SD-WANCisco Connect 2018 Singapore - Cisco SD-WAN
Cisco Connect 2018 Singapore - Cisco SD-WAN
 
Cisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined AccessCisco Connect 2018 Singapore - Cisco Software Defined Access
Cisco Connect 2018 Singapore - Cisco Software Defined Access
 
Cisco Connect 2018 Singapore - En06 jason pernell
Cisco Connect 2018 Singapore - En06 jason pernellCisco Connect 2018 Singapore - En06 jason pernell
Cisco Connect 2018 Singapore - En06 jason pernell
 
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
Cisco Connect 2018 Singapore - Secure data center building a secure zero trus...
 
Cisco Connect 2018 Singapore - Next generation hyperconverged infrastructure
Cisco Connect 2018 Singapore - Next generation hyperconverged infrastructureCisco Connect 2018 Singapore - Next generation hyperconverged infrastructure
Cisco Connect 2018 Singapore - Next generation hyperconverged infrastructure
 
Cisco Connect 2018 Singapore - Data center transformation a customer perspec...
Cisco Connect 2018 Singapore - Data center transformation a customer perspec...Cisco Connect 2018 Singapore - Data center transformation a customer perspec...
Cisco Connect 2018 Singapore - Data center transformation a customer perspec...
 
Cisco Connect 2018 Singapore - delivering intent for data center networking
Cisco Connect 2018 Singapore - delivering intent for data center networkingCisco Connect 2018 Singapore - delivering intent for data center networking
Cisco Connect 2018 Singapore - delivering intent for data center networking
 
Cisco Connect 2018 Philippines - ben green
Cisco Connect 2018 Philippines - ben greenCisco Connect 2018 Philippines - ben green
Cisco Connect 2018 Philippines - ben green
 
Cisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights onCisco Connect 2018 Philippines - do more than keeping the lights on
Cisco Connect 2018 Philippines - do more than keeping the lights on
 
Cisco Connect 2018 Philippines - jaymen quah
Cisco Connect 2018 Philippines - jaymen quahCisco Connect 2018 Philippines - jaymen quah
Cisco Connect 2018 Philippines - jaymen quah
 
Cisco Connect 2018 Philippines - The workplace of the future
Cisco Connect 2018 Philippines - The workplace of the futureCisco Connect 2018 Philippines - The workplace of the future
Cisco Connect 2018 Philippines - The workplace of the future
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Cisco Connect 2018 Indonesia - next-gen cisco sd-wan architecture

  • 1.
  • 2. Next-Gen Cisco SD-WAN Architecture Shamil Fernando & Heri Chayadi Wibowo Manager Systems Engineering (Cisco SD-WAN) Enterprise Network System Engineer
  • 3. User and Application Landscape is Changing Change in App Content Change in App Delivery Change in App Consumption Rich, Dynamic, Web-Based Cloud, SaaS, Virtualized Mobile, Diverse devices Internet Edge Is Moving to the Branch Applications Are Moving to the Cloud INTERNET MPLS 4G DC vDC IaaS SaaS mobile branch guest head office
  • 4. Customer Requirements Security and Compliance are critical areas and require us to have the appropriate Segmentation, Policing, Access Controls and Visibility from end-to-end Network Planning I want to Simplify Deployments and Automate Policy Enforcement to ensure a Consistent and Seamless Application Experience Network Operations I want to Centralized Policy Enforcement and Assurance to Accelerate Time to Resolution Network Manager I need to Replace or Change existing Infrastructure and WAN Services to Lower Costs and Maximize Investments Security Operations
  • 5. Traditional and Legacy Architectures cannot scale to address changing needs SOFTWARE DEFINED: True separation of control, data and management CLOUD: Cloud hosted and delivered APPLICATION AWARE: Visibility & SLA business intent policy enforcement SCALE AND FLEXIBILITY: True enterprise scale SECURITY: Ingrained authentication, encryption, segmentation, access controls & service chaining OPEN: for automation, orchestration, best-of-breed integration Application Bandwidth Requirements Cloud Consumption Disjointed Security Simplified Operations WAN Flexibility Time To Capability Challenges Enabling Seamless transition from traditional WAN to SD WAN SECURE WAN FABRIC Broadband 4G/LTEMPLS ZERO TOUCH ZERO TRUST 1
  • 6. • Reduce Cost • Secure Your Network • Operate Faster and Simplicity • Integrate Latest Cloud and Network Technologies Cisco SD-WAN Solution helps you to:
  • 7. Traditional Networks  Control and Data Plane same devices  Peer-to-peer control plane  Routing protocol prorogate for all (N^2) complexity  Localize management  Complex to manage  Not scalable  Impossible to support multiple transport  Link down create route storm Control & Data Plane Control & Data Plane Control & Data Plane
  • 8. 4G/LTE MPLS1Internet MPLS2 SD-WAN Principals • Separation Control and Data Plane • DTLS/TLS is used to establish the control channel • Control channel is established only with central controllers • No scaling issues are with full mesh of control plane • Control channel does not have to follow the data path • No disruption one link fail Data Plane Control Plane Data PlaneData Plane Data Plane
  • 9. Cisco SD-WAN Architecture Control Plane (Containers or VMs) Data Plane (Physical or Virtual) Management Plane (Multi-tenant or Dedicated) Orchestration Plane API 4GINTERNET MPLS vSmart ANALYTICSORCHESTRATION vManager vManage vSmart vEdge vBond vBond Data Center Campus Branch Home Office
  • 10. Cisco SD-WAN Solution Elements 4G/LTE MPLSInternet vEdge Routers vSmartvManage Ubiquitous Data Plane Secure Control Plane Controllers On-premise/cisco Cloud/ Partner Cloud vBond
  • 11. Cisco SD-WAN Solution Transport Independent Fabric CellularMPLSBroadband Delivery Platform QoS Application Policies Security Per-Segment Topologies Segmentation Svc Insertion Cloud Path Application Visibility & SLA Secure Perimeter Traffic Engineering SurvivabilityRouting Analytics Monitoring Operations Transport Hub Multicast Cloud Accel
  • 12. Zero-Trust Security Principles DTLS/TLS Control Tunnel  Strong authentication - PKI certificates, 2048bit keys  Highly encrypted tunnels - DTLS/TLS AES256 - White-list model  Ubiquitous Deployment - Automatic NAT mitigation Control Elements X.509 Certificate
  • 13. Secure Bring-up With Approval • Per-device control on TPM identity trust • Single stage (Zero Touch Provisioning) – TPM identity is automatically trusted • Two stage (One Touch Provisioning) – TPM identity is not automatically trusted. Requires administrator validation. • Staging Mode – TPM identity is automatically trusted for control, but not for data. Requires administrator validation.
  • 14. End to End Security TransportsTransportsTransports Site 1 Site 2 IPSec AES256-GCM ESPv3 with HMAC SHA-1 vSmart Controllers Control Plane DTLS/TLS IPSec security associations IPSec security associations Update Update  Symmetric encryption IPsec AES256-GCM ESPv3 with HMAC SHA-1  Traffic Encryption and Authentication Header  Tunnel Liveliness Detection (BFD)  Anti-Replay Protection  Rekey 12 hours  Each vEdge advertises its local IPsec encryption key Traffic Encrypted with Key 2 Traffic Encrypted with Key 1 vEdge Router vEdge Router Local Remote Local Remote
  • 15. Configuration Simplicity and ZTP • Templates are attached to provisioned vEdge routers • Variables are used for rapid bulk configuration rollout with unique per- device settings • Local configuration changes are not allowed - Prevents configuration drift
  • 16. Configuration Simplicity and ZTP Zero Touch Bringup Server Control and Policy Elements Full Registration and Configuration vEdge Router 1 2 3 4 5 * Factory default config Assumption:  DNS to resolve ztp.viptela.com*  Authentication  Push the configuration  Enforce the version
  • 17. Application Visibility Secure SD-WAN Fabric Deep Packet Inspection Over 3000+ application  App Firewall  Traffic prioritization  Transport selection vEdge Router App 1 App 2 App 3,000
  • 18. Application Performances and AAR Path1: 10ms, 0% loss, 2ms jitter Path2: 200ms, 3% loss 5ms jitter Path3: 140ms, 1% loss 3ms jitter vSmart Controllers App Aware Routing Policy App A path must have latency <150ms and loss <2% Path 2  vEdge Routers continuously perform path liveliness and quality measurements Latency, Loss and Jitter,  Auto Load Balance Device QoS (shaping, policing, queuing, marking) Internet MPLS 4G LTE Optimal Throughput
  • 19. End to End Segmentation Use Cases  Security Zoning  Compliance  Guest WiFi  Multi-Tenancy  Extranet Interface VLAN Prefix TransportsTransports Site 1 Site 2 Data Center VPN A VPN B VPN C IPSec 20 IP 8 UDP 36 ESP 4 VPN … Data Label 802.1q 802.1q IF IF IF IF  Isolated virtual private networks across any transport  VPN mapping is based on physical vEdge Router interface, 802.1Q VLAN tag or a mix of both
  • 20. Per-Segment Topologies Full Mesh Hub-and-Spoke Regional Hub Unified Communications Data Center Applications Regional Internet/Services Optimal Application Experience
  • 21. Cloud onRamp for IaaS Secure SD-WAN Fabric Provide security, segmentation, QoS and reliability to cloud workloads?
  • 22. Optimize Public Cloud Performance (SaaS) Regional internet exit Branch with local DMZ Data Center/DMZ vFabric httping probes SaaS traffic primary SaaS traffic backup Score Color 8-10 GREEN 5-8 YELLOW 0-5 RED
  • 23. Secure Internet Access Secure SD-WAN Fabric Branch Campus Regional Data Center Internet & Cloud Small Office Home Office Cisco Security
  • 24. Centralize Management & Monitoring Centralize Configuration • Security • Template Configuration • Policy • Routing • QoS, Marking • ACL • Application SLA • ….. Centralize Monitoring • Devices • Application • Bandwidth usage • Link Performances • Alerts
  • 25. Analytics Dashboard Visibility • Application Visibility • Network Visibility • Network Co-relation • Cross-Customer Comparison Forecast • Application Usage Forecast • Bandwidth Usage Forecast What-If • Branch Expansions • Rolling out new applications • Policy changes Recommendation
  • 26. Self Healing Capabilities Active Software Available Software Available Software Available Software A B C D Activate Rollback vEdge Router 1 2 3 Failed Upgrade vEdge Router 1 Attach Template vManage 2 Connectivity Lost Rollback 3
  • 27. High Availability and Redundancy VRRP OSPF/ BGP OSPF/ BGP Internet InternetMPLSMPLS Internet MPLS Site Data Center MPLS Internet vSmart Controllers Control Data
  • 28. vEdge Portfolio vEdge capabilities integrated into all IOS-XE platforms (ISR, CSR, ENCS, ASR1K) cloud Interconnect (2 Gbps +) Small Office Home Office 100 Mbps Branch Campus 1 Gbps Large Campus Data Center 10 Gbps Higher Capacity Aggregation 20 Gbps+ ISR4K ASR1K Private Cloud ENCS
  • 29. Why Cisco SD-WAN Trusted by Fortune 500 Enterprises Cisco SD-WAN: The Most-Deployed Enterprise Grade SD-WAN Thousands of sites, every major industry, including: RETAIL HEALTHCARE FINANCIAL SERVICES ENERGY Most deployed and trusted by Fortune 500 enterprises Winning 95% of competitive POCs Standards Compliant: …and more
  • 30. IT’s All You Jakarta, Indonesia 10 April 2018 Cisco Connect

Editor's Notes

  1. Cisco SD-WAN provide Multi transport Network Over disjoin network - Separation of the control plane Application visibility over 3000+ application Limited scale them of thousand  Reduce the WAN cost Direct access to cloud and improve the performances  Simplify the operation
  2. Disjoined Network No application visibility Limited scale  Insufficient BW WAN cost No direct access to cloud app Hybrid  Fragment Security Complex Operations
  3. Component – vEdge Router (Hardware / Software), Control Component (software Support – smaller branch, Large Datacenter, Public and Private cloud Controller can be deployed – Viptela / Private / On Premise Transport Independent Fabric Create Secure data plane connection between the vEdge and controllers Only control information send to the controller vManage for Management and monitoring. Rest full APIS
  4. Transport Independent Fabric Can connect multiple transport to Single router Simplify the deployment using Zero Touch Zero trust All connation are A/A Eliminate WAN side routing Delivery Platform (Routing) Full Router, Full BGP and OSPF (VRF) Segmentation Full QoS and Shaping Multicast Traffic redirection (Svc Insertions) High Availability (AS/AP) Replace the router and simplify the Network Application & Policies DPI and Application Visibility, Application SLA base policy (best path base on the underline network performances) Traffic engineering Segmentation based topology Secure internet gateway SaaS and IaaS path selection and acceleration Operation, Monitoring and Analytics Complete configuration and Management No Configuration in Edge Device 5 min revert, 8 min revert for upgrade
  5. Optimal Throughput – MTU discovery
  6. Largest Deployed in Retail, Healthcare, Financial Services and Energy Most deployed across Fortune-500 Enterprises Thousands of production sites in every major industry Compliant with PCI, HIPAA and other industry standards 1. Sophistication of Use cases for the Enterprise - hybrid wan, business partners, soho, cloud, M&A etc 2. Most deployed and trusted SDWAN solution by Fortune 500