copyright 2014 1

Waves of adoption for NFV

Chris Swan, CTO

@cpswan

the original cloud networking company

How public, private and hybrid cloud

networking is used for real workloads

copyright 2014 2

Agenda

What is NFV?

Bursting and Containment

Hubs and Spokes

Winning Back Control

Summary

copyright 2014 3

What is

Network Function Virtualization?

copyright 2014

Positioning - NFV and SDN

4

copyright 2014

Providers and Customers

have different concerns

Layer

0

Layer

4

Layer

3

Layer

2

Layer

1

Layer

5

Layer

7

Layer

6

Virtualization

Layer

Hardware

Ownership

Layer

Limits of access, control, & visibility

User

Contr

ol

Use

r C

on

tro

l

Service Provider SDN starts at the

bottom of the network with the

"device" and network flows.

Application SDN (using NFV)

begins at the top of the network

with the enterprise application, its

owner and their collective technical

and organizational demands.

5

copyright 2014 6

NFV as a networking Swiss Army knife

Firewall

Dynamic &

Scriptable

SDN

Protocol

Redistributor

IPsec/SSL VPN

concentrator

Router Switch

NFV

Hybrid

virtual

device

able to

extend to

multiple

sites

Application SDN (Software Defined Network) Appliances

• Allow control, mobility & agility by separating network location

and network identity

• Control over end to end encryption, IP addressing and network

topology

copyright 2014 7

A technical use case overview

Customer Data Center Customer Remote Office

NFV

Overlay Network Subnet: 172.31.0.0/22

Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server A Cloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F

Active IPsec

Tunnel Active IPsec Tunnel

Failover IPsec

Tunnel

192.168.4.0/24 -

172.31.1.0/24 192.168.3.0/24 -

172.31.1.0/24 Firewall / IPsec

Cisco 5505

Firewall / IPsec

Cisco 5585

Data Center

Server Data Center

Server LAN IP:

192.168.4.50

LAN IP:

192.168.4.100

User Workstation

LAN IP:

192.168.3.100

User Workstation

LAN IP:

192.168.3.50

Chicago, IL USA

Remote Subnet:

192.168.3.0/24

London, UK

Remote Subnet:

192.168.4.0/24

Public IP:

184.73.174.250

Overlay IP:

172.31.1.250 Public IP:

54.246.224.156

Overlay IP:

172.31.1.246

Public IP:

192.158.29.143

Overlay IP:

172.31.1.242

Peered Peered

US East 1 EMEA

NFV NFV

APAC

copyright 2014 8

Wave 1

Bursting and Containment

copyright 2014

Mutual fund securely

extends HPC grid

resource

Fund bursts into public cloud to extend HPC

Private Data Center

NFV

US-east-1

Active IPsec Tunnels

Firewall / IPsec

Data Center Node

Boston, USA

Node

US-west-1

Overlay Network

Peered

Node

Node

NFV

9

copyright 2014

Developer Office

NFV

US-east-1

Active IPsec Tunnels

192.168.4.0/24 - 172.31.1.0/24

Firewall / IPsec

USA

User Workstation User Workstation

Partner Data

Center

Firewall / IPsec

Data Center Servers

Private Cloud

Peered

Hybrid Network

Virtual Machine Virtual Machine

NFV

Mobile provider creates

secure dev/test

environments

AD Configuration with Dual NIDs

10

copyright 2014

UK non-profit analyses

20 years of energy data

& reduces CO2

Energy Savings Trust analyses data in IBM Cloud

11

On-Site Hardware

NFV

Active IPsec Tunnel

UK

Firewall / IPsec

Data Center Servers

Virtual Machine Cloud Server

Ehningen

copyright 2014

US Sports Association

flexes up & down during

large annual events

Capacity expansion: meeting game day demand

12

Main Offices

NFV

Active IPsec Tunnels

New York, NY USA

Data Center

Virtual Machine Cloud Server

us-east-1

Media Partners

Firewall / IPsec

EMEA, & US & ANZ

Workstations

copyright 2014

BPMS vendor reaches

customers without on

premise installations

BPMS-as-a-SaaS without traditional complexity

13

Home Data Center

NFV

Active IPsec Tunnels

Firewall / IPsec

Boston, MA USA

us-east-1

Customer Data

Center 2

Peered

Federated Cloud

Overlay Network

NFV

Virtual Machine Virtual Machine

Customer Data

Center 1

Cloud-based

SaaS tool

Failover IPsec

Private Cloud

Data Center Servers

us-west-2

Berlin, DE London, UK

copyright 2014 14

Wave 2

Hubs and spokes

copyright 2014

Retail analytics firm

connects in shared,

private environment

Cloud “Meet Me Room”

15

Home Data Center

NFV

Active IPsec Tunnels

Firewall / IPsec

Boston, MA USA

us-east-1

Dev/Test

Peered

Federated Cloud

Overlay Network

NFV

Virtual Machine Virtual Machine

Internal IT Data

Center 1

Remote Team

Failover IPsec

Data Center Servers

us-west-2

New York, NY USA Camden, MA

USA

Remote Team

copyright 2014

Firm extended offerings

with global cloud points

of presence

Cloud WAN for global reach and redundancy

16

Remote Team

Data Center

Active IPsec Tunnels

Frankfurt, Germany

Firewall / IPsec

Data Center Server

Customer 2 Tokyo, Japan

Workstations

APAC-1

Peered

US East Coast

Peered

Customer 1 New York USA

Office London, UK

Data Center Server Data Center Server

Netherlands

NFV NFV NFV

copyright 2014

Connecting mobile

banking customers to

common infrastructure

Multitenant cloud-based partner network

17

Data Center Server

Encrypted IPsec Tunnels

Home Network USA

Firewall / IPsec

Customer

Data Center 2

USA

Customer

Data Center 1

UK

Data Center Server

NFV

Virtual Machine

Mobile Banking

Platform

Cloud Region A Cloud Region B Cloud Region C Cloud Region D

Data Center Server

Customer Data

Center N

USA

Customer

Data Center 3

UK

Data Center Server Data Center Server

copyright 2014

The globe spanning disposable network

Where NFV really shines today: create a WAN in minutes,

use cloud as points of presence for your business

User Workstation User Workstation

Data Center Server

18

Mission specific

networks brought up in

hours, used for weeks

copyright 2014 19

Wave 3

Winning back control

copyright 2014 20

Overlay between public & private cloud

Public IP: 194.42.93.145 Public IP: 194.42.93.146 Public IP: 194.42.93.147 Public IP: 194.42.93.148 Public IP: 194.42.93.149 Public IP: 194.42.93.150

Public IP: 194.42.93.151 Public IP: 194.42.93.152 Public IP: 194.42.93.153 Public IP: 194.42.93.154

Public IP: 5.23.25.66

Cloud Servers

Peered

Location 1

Cloud Servers

Peered

Location 2

Cloud Servers

Peered

Location 3

Cloud Servers

Peered

Location 4

Cloud Servers

Peered

Location 5 Peered Public IP: 5.23.25.12

Region: Europe-1

NFV Overlay Network

172.31.0.0/24

Peered Peered

Peered

Peere

d

Peered

Application developers

no longer have ITIL

processes in the way of

agile delivery

copyright 2014 21

The first “process” customizable cloud transport

network device

NFV allows customers to embed features and functions provided by

other vendors - or developed in house, safely and securely into

cloud networks

• Not just a scripting interpreter that allows control over known, existing

features

• Completely new functions, processes, computation delivered to the

core of the customer cloud network (patent pending)

NFV

Customer

controlled,

and co-

created, for

the best

hybrid cloud

experience

Router

SSL

Termination Content

Caching

Load

Balancing

Intrusion

Detection More....

Switch Firewall IPsec/SSL

VPN

Concentrator

Protocol

Redistributor

Dynamic &

Scriptable

SDN

(Reverse)

Proxy

copyright 2014 22

Summary

copyright 2014 23

NFV allows networks to be built out of the cloud

Users get control over their: Security

Topology

Addressing

Protocols

When you give people a networking Swiss Army

knife to run in the cloud they do all kinds of

stuff that you might not have expected

Summary

copyright 2013 24

The CloudCamp Team 'Fireside

Chat' - why is it still called cloud?

24

12:45 - 13:10 in Management, Services and

Applications Stream

copyright 2014 25

Paddington, London, UK

ContactMe@cohesiveft.com

+44 20 8144 0156

Questions?