Brocade Software Networking Openness. Agility. Economics. © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION Curt Beckmann EMEA.

Slides:



Advertisements
Similar presentations
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Advertisements

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
IP EDGE DEVICES A solution for the Internet Migration Patrick Cocquet, 6WIND CEO, IPv6 Forum VP Dubai IPv6 Forum Summit – February 2001.
MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
Application Centric Infrastructure
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.
SDN Controller Requirement draft-gu-sdnrg-sdn-controller-requirement-00 Rong Gu (Presenter) Chen Li China Mobile.
MIGRATION FROM SCREENOS TO JUNOS based firewall
1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.
 Joseph Fuccillo  CTO & Co-Founder  Nectar Corp  Tom Tuttle  VP Business Development  Nectar Corp  James Fry  Global Manager for Managed Lync.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION Mohammad Hanif June 2015 Optimal Flow Placement in SDN Networks.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Networking in the cloud: An SDN primer Ben Cherian Chief Strategy Midokura.
1 MICHAEL BANIC VP ENTERPRISE MAKETING. THE NEW DATA CENTER NETWORK.
Software-Defined Networks Jennifer Rexford Princeton University.
Software Defined Networks and OpenFlow SDN CIO Summit 2010 Nick McKeown & Guru Parulkar Stanford University In collaboration with Martin Casado and Scott.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chris Wiborg Enterprise Architecture Marketing Manager Cisco Systems.
Firewall Network Processor™: Technical Concept and Business Solutions FNP™ – is a trademark of Fractel Inc. December 2008 Columbus.
INTERNATIONAL NETWORKS At Indiana University Hans Addleman TransPAC Engineer, International Networks University Information Technology Services Indiana.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC THAT’S THE ANSWER WHAT’S THE QUESTION? Software Defined Networking Dan DeBacker Principal.
1 | © 2015 Infinera Open SDN in Metro P-OTS Networks Sten Nordell CTO Metro Business Group
Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
Zentera Guardia Fabric ™ Securely Connects Client-Server Apps between Microsoft Azure, Enterprise Datacenters & Other Public Clouds MICROSOFT AZURE ISV.
Introduction to Avaya’s SDN Architecture February 2015.
© 2013, CYAN, INC. 11 Software Defined Metro Networks TNC2013 Virtualization and Innovation Robin Massey SE Manager EMEA
Brocade Software Defined Networking Muhammad Durrani Principle Engineer July, 2013.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Embrace the Future of.
SDN and Beyond Ghufran Baig Mubashir Adnan Qureshi.
SDN/NFV DDoS Requirements "The Mobile Use Case – 5G" Bipin Mistry, VP Product Management © 2015 Corero
100GE Upgrades at FNAL Phil DeMar; Andrey Bobyshev CHEP 2015 April 14, 2015.
OpenFlow: What’s it Good for? Apricot 2016 Pete Moyer Principal Solutions Architect.
Software Defined Datacenter – from Vision to Solution
REN SDN Use Cases With OpenFlow and P4 status TNC2016
REN SDN Use Cases With OpenFlow and P4 status TNC2016 Curt Beckmann Chair of Open Datapath Working Group, ONF Chief Technology Architect.
Software Defined Networking BY RAVI NAMBOORI. Overview  Origins of SDN.  What is SDN ?  Original Definition of SDN.  What = Why We need SDN ?  Conclusion.
Digital Transformation with SD-WAN
SDN & NFV Driving Additional Value into Managed Services.
READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.
Instructor Materials Chapter 7: Network Evolution
AuraPortal Cloud Helps Empower Organizations to Organize and Control Their Business Processes via Applications on the Microsoft Azure Cloud Platform MICROSOFT.
STEPS TO A CLOUD READY DATA CENTER
The Cloud Connection Company
Digital Transformation for Modern Service Providers
Securing the Network Perimeter with ISA 2004
Presenter: Ciaran Roche
How Smart Networks are Changing Corporate Networks
Enterprise vCPE use case requirement
Week 6 Software Defined Networking (SDN): Concepts
The NPD Group - Enterprise DC Agenda
Enterprise vCPE use case requirement
Advanced Borderless Network Architecture Sales Exam practice-questions.html.
Virtualization & Security real solutions
The Brocade Cloud Manageability Vision
Enterprise Productivity Services
IS3120 Network Communications Infrastructure
Stanford University Software Defined Networks and OpenFlow SDN CIO Summit 2010 Nick McKeown & Guru Parulkar In collaboration with Martin Casado and Scott.
Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.
WAN. Re-invented..
Cloud Computing and Cloud Networking
Software Defined Networking (SDN)
Virtual Private Network
Dell Data Protection | Rapid Recovery: Simple, Quick, Configurable, and Affordable Cloud-Based Backup, Retention, and Archiving Powered by Microsoft Azure.
The Next Generation Cyber Security in the 4th Industrial Revolution
Introduction to the 3rd Gen Fortinet Security Fabric
Utilizing the Network Edge
NFV and SD-WAN Multi vendor deployment
What’s New In WatchGuard Wi-Fi Cloud v8.6
Presentation transcript:

Brocade Software Networking Openness. Agility. Economics. © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION Curt Beckmann EMEA Chief Technology Architect Open Datapath WG Chair, ONF

Agenda Industry Trends Quick SDN / NFV Overview Introduction of Brocade SDN / NFV Portfolio Brocade Flow Optimizer REN Use Cases © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 2

Agenda Industry Trends Quick SDN / NFV Overview Introduction of Brocade SDN / NFV Portfolio Brocade Flow Optimizer REN Use Cases © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 3

An Industry in Transition © 2014 BROCADE COMMUNICATIONS SYSTEMS, INC B Mobile devices 7B Mobile devices 2B Interne t Users 1B Web sites 1B Web sites 1975 Mainframes, PCs SNA Arch, Private Lines 1 st Platform Client-Server LAN/WAN,Internet & IP Networks 2 nd Platform IT Relevance Gap Expectations Delivery 3 rd Platform Cloud Mobile Social Data Analytics “Digital business” <100M Mobile devices 16M Internet Users 2700 Websites

What the 3 rd Platform Looks Like © 2014 BROCADE COMMUNICATIONS SYSTEMS, INC 5 7B Mobile devices 7B Mobile devices 2B Interne t Users 1B Web sites 1B Web sites IT Relevance Gap Expectations Delivery New IP Storage Overlay Underlay Edge SDN NFV Orch Fabrics Compute Networking 3 rd Platform Cloud Mobile Social Data Analytics “Digital business” From To Closed Proprietary HW Proprietary OS Proprietary Apps Reactive Isolated elements Manual High cost Slow innovation Open Commodity HW Open Source OS Interoperable Apps Proactive Integrated system Automated Low cost Rapid innovation

New IP—Transformation of the Network A Customer Driven Disruption © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 6 The New Vision Open with a purpose Innovation at software speeds Ecosystem-compatible solutions Your pace, your path How You See It Today Open source, interoperable protocols Agility, Training, Partnering, Services Legacy + NG Features, Open Interfaces Solutions with interoperable components

Agenda Industry Trends Quick SDN / NFV Overview Introduction of Brocade SDN / NFV Portfolio Brocade Flow Optimizer REN Use Cases © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 7

Software Defined Networking (SDN) A Programmable Network—Design, Build, Manage © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 8 Data Plane Control Plane Basic Network Services: Topology Mgr, Switch Mgr, Host Tracker, Stats Mgr Advantages Network automation can integrate with other disciplines Less lock-in; Users can choose features to suit their needs Networking control can innovate at software speeds REST APIs Network protocols like OpenFlow Applications and Orchestration Frameworks Key Features Network algorithms decoupled from Hardware

Network Functions Virtualization (NFV) © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 9 Hardware Software Router VPN Firewall Advantages Remove hardware lock-in Simplify resource planning Enable fast service innovation Soft upgrades  Meet SLAs Reduce CAPEX/OPEX Main Features Complex networking functions in software on commodity servers Simpler networking functions in commodity networking devices

Agenda Industry Trends Quick SDN / NFV Overview Introduction of Brocade SDN / NFV Portfolio Brocade Flow Optimizer REN Use Cases © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 10

Brocade Software Networking Agile, Open, Economics © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 11 Branch Cloud IPsec Brocade vRouter Web Client Brocade SDN Controller Brocade vADC Web Server 1 Web Server 2 Web Server 3 Data Center Virtualized Core for Mobile

12 Brocade SDN Apps Brocade Flow ManagerBrocade Flow OptimizerBrocade Visibility Manager It delivers:Backbone Circuit Provisioning Provides Network sensor based services without disruption Manages Brocade Packet Broker Use Cases:Software Defined Backbone A)Threat Mitigation B)Large Flow Monitoring and Optimization A)Traffic aggregation, replication and load-balancing to tools B)Advance/Expert Interface with 3 rd -party integration Target NetworksProduction Backbone -Enterprise -REN -Colo DC Production Network: - Campus - DC Core/Border - ISP Peering Router - REN HPC Visibility Network: -Large Enterprise -REN -DC © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC

13 Brocade OpenFlow-capable Hardware Families The MLXe Router and ICX Campus product lines © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC. ICX 7450 SwitchICX 7250 SwitchICX 6610 Switch ICX 6450 SwitchICX 7750 SwitchMLXe Series Routers

Agenda Industry Trends Quick SDN / NFV Overview Introduction of Brocade SDN / NFV Portfolio Brocade Flow Optimizer REN Use Cases © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 14

15 L2 / L3 Firewall Bypass Science-DMZ Use Case HPC: High Performance Computing DTN: Data Transfer Nodes Brocade SDN Controller Open Daylight Brocade Flow Optimizer WAN/ Internet 1 HPC/DTN Network Incoming flow from upstream network Firewall 2 Sent to Firewall for processing 3 4 Brocade Flow Optimizer recognizes this as a trusted flow and programs Brocade MLXe using the controller to bypass the firewall for this flow 6 ”White-listed” flow now bypasses Firewall and data transfer is faster and more efficient Brocade MLXe Router L3 MLXe: VRF (1 & 6) and OF, or PBR (2) for one arm FW traffic and OF (1 & 6) BFO 1.2 can ensure flow in both directions is redirected via two action policies (stateful FW) 5 © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

16 Priority Data Superhighway Campus Slowpath-Bypass Use Case Brocade SDN Controller Open Daylight Brocade Flow Optimizer 1 Incoming flow from High Performance Workstation/server 2 Routed using normal routed/switched path 3 4 Brocade Flow Optimizer recognizes this as a trusted flow and that it is either a “large flow” or “priority application”. Programs Brocade ICX/MLXe using the controller to re-direct the traffic to priority path for this flow 6 ”White-listed” flow now placed on priority path and data transfer is faster and more efficient Brocade ICX or MLXe L2 or L3 redirect action Need to ensure flow in both directions is redirected via policy 5 © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

Brocade SDN Controller Open Daylight Brocade Flow Optimizer 17 Summary of Additional REN Use Cases Internet Brocade MLXe REST API © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC L7 / Botnet Attack Mitigation L2-L4 Volumetric Attack Mitigation BGP Remote Triggered Black Hole (RTBH) Mitigation DC Flow Management for Policy-based Security

Thank you © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 18

Backup © 2015 BROCADE COMMUNICATIONS SYSTEMS, INC. COMPANY PROPRIETARY INFORMATION 19

Brocade SDN Controller Open Daylight Brocade Flow Optimizer 20 L7 and Botnet Attack Mitigation Incoming Attack Flow Internet Brocade MLXe 1 Brocade Flow Optimizer initiates mirror action IDS detects L7 attack (Example; SYN Flood). API to BFO to discard flow. MLXe mirrors flows to IDS. OF “mirror+normal” action. OF discard action. 5 6 Adds ability for advanced DDoS detection, up to L7 Based upon the IDS (Palo Alto, Arbor etc.) detection capability API from IDS to BFO initiates additional discard actions REST API © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

Brocade SDN Controller Open Daylight Brocade Flow Optimizer 21 L2-L4 Volumetric Attack Mitigation Incoming Attack Flow Local Mitigation: Discard Flow (Redirect Optional) Internet Brocade MLXe 1 2 Brocade Flow Optimizer recognizes this as a L2-L4 Volumetric Attack Recommended when incoming aggregate attack traffic is 50% or less L2 – L4 local mitigation, based on sFlow sampling and DDoS policy OF discard action (Automated, Manual) 1/10GbE, 40GbE and 100GbE support © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

Brocade SDN Controller Open Daylight Brocade Flow Optimizer 22 BGP Remote Triggered Black-Hole (RTBH) Mitigation Incoming Attack Flow Mitigation: Discard Flow Internet Brocade MLXe (Triggering Device) Brocade MLXe 1 2 Brocade Flow Optimizer recognizes this as a L2-L4 Volumetric Attack Flow Optimizer initiates CLI static route to MLXe. MLXe advertises BGP Route (ex: /32, /28, /24, /23) 7 8 Upstream BGP router: A)Discards flow to null0, or B)Re-directs traffic to cleaning site L2 – L4 local mitigation does not protect upstream link If upstream link is congested above 50% by DDoS, add ability for RTBH to uncongest RTBH is a well known Internet operation Automated RTBH reduces mitigation time from 15 minutes or hours -> under 1 minute © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

23 L2 Firewall Bypass Science-DMZ Use Case HPC: High Performance Computing DTN: Data Transfer Nodes Brocade SDN Controller Open Daylight Brocade Flow Optimizer WAN/ Internet 1 HPC/DTN Network Incoming flow from upstream network Firewall 2 Sent to Firewall for processing 3 4 Brocade Flow Optimizer recognizes this as a trusted flow and programs Brocade MLXe using the controller to bypass the firewall for this flow 6 ”White-listed” flow now bypasses Firewall and data transfer is faster and more efficient Brocade MLXe Router L2 MLXe BFO 1.2 can ignore, push, pop or modify VLAN ID BFO 1.2 can ensure flow in both directions is redirected via two action policies (stateful FW) 5 © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC

24 L3 Firewall Bypass Science-DMZ Use Case HPC: High Performance Computing DTN: Data Transfer Nodes Brocade SDN Controller Open Daylight Brocade Flow Optimizer WAN/ Internet 1 HPC/DTN Network Incoming flow from upstream network Firewall 2 Sent to Firewall for processing 3 4 Brocade Flow Optimizer recognizes this as a trusted flow and programs Brocade MLXe using the controller to bypass the firewall for this flow 6 ”White-listed” flow now bypasses Firewall and data transfer is faster and more efficient Brocade MLXe Router L3 MLXe: VRF (1 & 6) and OF, or PBR (2) for one arm FW traffic and OF (1 & 6) BFO 1.2 can ensure flow in both directions is redirected via two action policies (stateful FW) 5 © 2016 BROCADE COMMUNICATIONS SYSTEMS, INC.

Enterprise DC Flow Management for Policy-Based Security Operator driven or sFlow threshold driven policy enforcement for large trusted flows Enterprise Datacenter 1 One-armed Firewall Trusted Traffic Flow WAN Inline Firewall Enterprise Datacenter 2 Default Traffic Flow Brocade SDN Controller Brocade Flow Optimizer Internet