extending visibility from the wan to the cloud...extending visibility from the wan to the cloud...

1© 2017 ThousandEyes Inc. All Rights Reserved.Confidential © 2017 ThousandEyes Inc. All Rights Reserved.

Extending Visibility from the

WAN to the Cloud

JUNIPER CLOUD CPE SOLUTION

Oliver Schuermann

Systems Engineering Senior Director, Juniper Networks

MAJOR USE CASES AND TRENDSIN ENTERPRISE AND MANAGED SERVICE PROVIDERS

3

Cloud

Evolution to Cloud-based Services• Enterprise Private Cloud

• Distributed Private Cloud

• Hybrid Cloud

Campus and

Branch

Evolution to Cloud CPE and SD-WAN• Cloud CPE: Virtualize Services Centrally (Virtual CPE) or Distributed (Universal CPE)

• Self-Service Portals and Zero-Touch Deployment of CPE Devices

• SD-WAN: Dynamic Application-Aware and Performance-Aware Traffic Steering

Security

Evolution to Software-Defined Network Security• Fine-grained Segmentation with Policy-based Security

• Pervasive Threat Detection and Policy Enforcement Throughout the Network

Automation

Evolution to DevOps Culture• Rich Automation and Orchestration Frameworks

• Rich Real-time Telemetry and Analytics

• Wide Adoption of Open Source

BRANCH CONSOLIDATION WITH CLOUD CPEBring Agility and Enhanced Customer Experience Utilizing Cloud Technology

Router

NG Firewall

Switch

WLAN Controller

UTM Firewall

WAN Optimization

Expensive, complex all-in-one box or many vendor inline boxes and cumbersome refresh

Legacy Branch (PMO)

Simple, customizable and instantaneous refresh

VIRTUALIZEDSERVICE

VNFs

CPE Platforms

• Services• Applications

Future Branch (FMO) with D-NFV

SD-WAN Other VNFs

SERVICE SIMPLICITY TO DELIVER BRANCH CONSOLIDATION

NFX Series

RegionalBranch

Campus

LocalBranch

SRX Series

Centralized ManagementAutomated Service Delivery

VNFs

Centralized Cloud CPE

Distributed Cloud CPE

Service Orchestrator/

Cloud Platform

Juniper Sky ATP &

Spotlight Secure Service

Ent.App

vSRX

MPLS

Internet

UnmanagedVPN & POS

Application Aware Forwarding

App aware Performance Routing

Centralized Policy Control

Secure and Managed VPN

vSRX / vMX

THIRD PARTY ECOSYSTEM

OSS / BSS

ROUTING

vSR

X

vMX

SECURITY

vSR

X

IP T

ab

le

THIRD PARTY PNF MANAGEMENT

PN

F P

lug

ins

Cis

co

1000v

THIN CLIENTS

WAN OPTIMIZATION

Riv

erb

ed

Plu

gin

s f

or

Oth

er

3rd

Part

yP

lug

ins

WIRELESSVisibility &

Monitoring

Confidential © 2017 ThousandEyes Inc. All Rights Reserved.

Extending Visibility from the WAN to the CloudNick Kephart, Sr. Director Product Management

8© 2017 ThousandEyes Inc. All Rights Reserved.

About Us

We’re a team of network experts,

committed to helping you best

connect your business

FOUNDED IN

HEADQUARTERS IN:

2010

San Francisco

OFFICES IN:

New York | London | Austin

9© 2017 ThousandEyes Inc. All Rights Reserved.

Relied on by networks everywhere

5/5top global

software companies

5/6top US banks

48Fortune 500

companies

10© 2017 ThousandEyes Inc. All Rights Reserved.

SP Challenges & Opportunities in the Cloud Era

• Challenges:– Shift to IaaS/SaaS favors Direct Internet Access (DIA) and SD-

WAN

– Cannibalization of profitable MPLS WAN services

• Opportunities:– Act as custodians of the enterprise journey to the cloud

– Provide visibility into the “new normal” of the cloud

– Monetize catalog of virtual service add-ons

– Cross-sell cloud direct connect and other service offerings

11© 2017 ThousandEyes Inc. All Rights Reserved.

Enterprises now live in an Internet-centric IT world

Business

Operations

Employee

Productivity

Customer

Experience

DDoS Attack Cloud Outages

12© 2017 ThousandEyes Inc. All Rights Reserved.

Yesterday: Enterprises with on-premises apps

Network Appliance

Chicago, IL

Email

San Jose, CA

Hong Kong

London, UK CRM

ITSM

Payroll

Branch Offices Corporate Backbone Data Center

13© 2017 ThousandEyes Inc. All Rights Reserved.

Today

Branch Offices

Data Center

Public Internet

Chicago

San Jose

Hong Kong

London

Email

CRM

CRM

Email

MPLS / VPN

HR

ITSM

TokyoHR

VoIP

Gateway

Mobile Users

SaaS ProviderCustomers

Account

portal

14© 2017 ThousandEyes Inc. All Rights Reserved.© 2017 ThousandEyes Inc. All Rights Reserved. 14

Office 365

Traditional monitoring is ineffective in this world

Data Center

NY Branch

HK Branch

Home

Packets are only captured at choke points, devices are only probed and flows are only recorded on your network

SPANSNMP

Flow

INTERNET

SLAs?

Performance?

Responsibility?

15© 2017 ThousandEyes Inc. All Rights Reserved.© 2017 ThousandEyes Inc. All Rights Reserved. 15

Office 365

Collect performance data from every perspective

Data Center

NY Branch

HK Branch

Home

Endpoint Agents

INTERNET

Cloud Agents

Enterprise Agents

Enterprise Agents

16© 2017 ThousandEyes Inc. All Rights Reserved.

A unified view of performance from user to app

Routing

User App

End-to-End Performance Data

App

Performance

User

Experience

Network

Topology

Routing

Topology

Enterprise, Endpoint and Cloud Agents

Network

Connectivity

Device

Performance

17© 2017 ThousandEyes Inc. All Rights Reserved.

ThousandEyes Enterprise Agent VNF

for Juniper NFX

18© 2017 ThousandEyes Inc. All Rights Reserved.

ThousandEyes for Juniper Cloud CPE

Streamline Application Monitoring and Troubleshooting

ThousandEyes Enterprise Agents deployed on NFX250 branch routers provide

integrated network intelligence for Juniper’s leading NFV platform, Cloud CPE

19© 2017 ThousandEyes Inc. All Rights Reserved.

ThousandEyes for Juniper Cloud CPE

Juniper-ThousandEyes Joint Solution Enables Time-Saving Automation

Leverage Contrail to rapidly instantiate a service chain combining ThousandEyes’

VNFs with Juniper’s vMX Virtual Routers and vSRX Virtual Firewalls

20© 2017 ThousandEyes Inc. All Rights Reserved.

Help Enterprises visualize their entire WAN

21© 2017 ThousandEyes Inc. All Rights Reserved.

Offer end-to-end transit and outage visibility

22© 2017 ThousandEyes Inc. All Rights Reserved.© 2017 ThousandEyes Inc. All Rights Reserved.

SaaS Performance Visibility

23© 2017 ThousandEyes Inc. All Rights Reserved.

See app and network performance at a glance

24© 2017 ThousandEyes Inc. All Rights Reserved.

Monitoring a SaaS application

25© 2017 ThousandEyes Inc. All Rights Reserved.

Correlate with network performance

26© 2017 ThousandEyes Inc. All Rights Reserved.

Correlate with network performance

27© 2017 ThousandEyes Inc. All Rights Reserved.

Infrastructure context across the WAN

28© 2017 ThousandEyes Inc. All Rights Reserved.

Easily define triggers to drive automation

29© 2017 ThousandEyes Inc. All Rights Reserved.© 2017 ThousandEyes Inc. All Rights Reserved.

How the Comcast Outage Impacted

Internet-Based WAN Performance

30© 2017 ThousandEyes Inc. All Rights Reserved.

Normal Internet traffic to branch

31© 2017 ThousandEyes Inc. All Rights Reserved.

Elevated rates of packet loss detected

32© 2017 ThousandEyes Inc. All Rights Reserved.

Traffic sent through Level 3 instead

33© 2017 ThousandEyes Inc. All Rights Reserved.

Root Cause: Level 3 route leak

34© 2017 ThousandEyes Inc. All Rights Reserved.© 2017 ThousandEyes Inc. All Rights Reserved.

Find Out More At

https://www.thousandeyes.com/integrations/juniper