simplifying wired network deployments with software-defined networking (sdn)
TRANSCRIPT
#ATM16
Enhanced network security, visibility and optimization with SDNCraig Mills,
March 2016
2#ATM16
Agenda
• SDN in a mobile first campus • Visibility• Security• Optimization
3#ATM16
Aruba mobile-first campus product line-up
Infrastructure Services Management
AirWave and IMCSDN and Mobility Controllers
ClearPass 802.11ac Wave 1 &
2
Wired Edge, Distribution
and Core
BLE Beacons
Applications
Cloud-Based Central Network
Optimizer SDN App
Network Protector SDN App
Network Visualizer SDN App
4#ATM16
Mobile-first campus building block
5#ATM16
What is the challenge you are facing?
“How do I get a better experience from a unified communication device?”
“How do I limit what students are viewing during school hours?”
“How can I resolve network issues faster?”
6#ATM16
Legacy networks are holding back the full-potential
“My network is complex and it takes months to deploy applications.”
Too Complex
“ I have to manually configure each and every switch for this new application .”
Too Manual
“Network is too static to respond to my applications .”
Too Static
7#ATM16
Networks operating at the speed of business SDN vision and strategy
Creating programmable networks to align with business applications
Data center, campus& branch automation
Open Standards ecosystem
Reigniteinnovation
Easily accessible marketplace
Simple Agile Automated
8#ATM16
SD
N A
rchi
tect
ure
Application
Control
Infrastructure
Separate control and data plane; abstract control plane of many devices
to one
Deliver open programmable interfaces to orchestrate network
service automation
Open standard-based programmatic access to infrastructureNetwork Device Network Device Network Device
Controller
Cloud Orchestration
SDN Applications
Open Programmable Interface
Open Programmable APIs
SDN framework
9#ATM16
Enhance your existing network with SDNHPE Hybrid SDN Solution
Ease of adoption in multi vendor environment
Turn on/off SDN without impacting the network
Enhance performance and scale
10#ATM16
Hybrid SDN network architecture
Maintain the protocols that work, add value on top
Network Device
Network Device
Virtual Device
Controller
SDN Applications
CLI
SD
N A
rchi
tect
ure
Management
Control
Infrastructure
Traditional (OSPF,
NETCONF)
CLI
11#ATM16
Aruba SDN Solution Portfolio
Aruba 5400R
VAN SDN Controller
Protector VisualizerOptimizer
iMC VAN SDN Manager
OptimizationSecurity Visibility and Orchestration
Aruba 3810 Aruba 2920
12#ATM16
ONCE YOU MOVE TO BYOD…
13#ATM16
Real time threat protection across enterprise networks HPE Network Protector SDN application
− Simple security for BYOD
− Malware/Botnet/ Spyware protection
− Zero threat protection at the edge with IPS as a service
− Online testing assurance
Protection from 1.5M daily threats <1 hr deployment1 1/4 cost vs. hardware
security1
1. South Washington County schools case study
14#ATM16
HPE Network ProtectorBringing security to the edge of the network
Core
Distribution
Edge
TippingPointReputation DV data base(1.5M Known bad hosts)
HPE Virtual Application Networks Controllerwith Network Protector SDN Application
piratesmustdie.com
OpenFlow (DNS Redirect)
15#ATM16
South Washington County
Network Protector SDN App• Maintain 31-site wired and wireless network
serving over 30,000 users with 1 staff member• Deploy in less than 1 hour• Fraction of the cost, $200K vs $2million of
hardware
16
COLLABORATION IN THE DIGITAL WORKPLACE
17#ATM16
SOFTWARE CONTROLS FOR UNIFIED COMMUNICATIONS
1000s of 802.11ac
access points
100s of OpenFlow capable wired
accessand core switches
Mobility Controller with AppRF technology
SDN Controller with Network Optimizer
app
SDN API
SDN API
18#ATM16
Automating policy for enterprise networks
• Enhanced user experience • Simplified policy deployment• Dynamic traffic prioritization based on
user/device•Application integration ready
HPE Network Optimizer SDN application
1. Internal calculations2. Deltion college case study
80% reductionin complexity1
270% improvementin call quality1
40% improvement in
S4B quality 2
19#ATM16
HPE Network Optimizer SDN Application - Microsoft Lync
User: LindaUser: James
Network Optimizer
HPE VAN SDN Controller
Active Directory,
Exchange & SharePoint .
LyncSDN API
HPE Server HPE ServerAruba 5400R
Aruba 3810 Aruba 2920
Ringing…SIP Signaling
SDN API
Dialog Start
OpenFlowModify QoS DSCP Rules
20#ATM16
Deltion College
Network Optimizer & Kemp Load balancing• 15,000 students and 1,200 staff• Enhanced user experience by 40%• Latency issues with added bandwidth
demands for video and desktop sharing eliminated
• Enabled to expand its video-based instruction and be responsive to changing business needs
21#ATM16
INVESTIGATING ISSUES ARE DISRUPTIVE, TIME CONSUMING AND MANUAL
22#ATM16
Instant troubleshooting
• Solve help desk issues in a matter of seconds vs minutes
• Real-time visibility and diagnosis• Simple & automated troubleshooting
requiring low level network detail• Proactively monitor the network to reduce
the number of help desk issues
40X Cost saving for network diagnostics1
HPE Network Visualizer SDN application
1. Internal calculations
23#ATM16
HPE Network Visualizer SDN Application
Dynamic traffic capture
Core
Distribution
Edge
HPE Network Visualizer SDN AppHPE VAN SDN Controller
Traffic capture
Traffic Repository Openflo
w
24#ATM16
HPE Network Visualizer RoadmapFeaturesVisualizer 1.1 release
– Connection path determination– SDN Topology View– Host location– DNS (in place of IP) driven traffic capture– Path Performance: Link Packet loss– Packet Capture RESTful API– ClearPass User-ID integration – AD User-ID integration
25#ATM16
SDN Open Eco-System
26#ATM16
HPE SDN App Store
90%1
60%1
Shorter time to Service
100%Standards-basedand open
Lower costs
… and enterprise ready
50Switches SDN-enabled
1Based on internal Study
27#ATM16
– SDK Kit: 5000+ downloads
– 5 Developer events globally
– Ecosystem Partners: 30+
– Over 30 million SDN-ready ports
– 50 SDN-enabled network devices
– SDN Controller
– 7500+ downloads
– Customers and development partners
– Number of available APIs: 100+ – JAVA/ REST/ PYTHON
– Curated Apps:
– 3 HPE and 19 Partner
– BlueCat, F5, Riverbed, …
– Protector, Optimizer, Visualizer
We’ve accelerated our innovation over the last year
28#ATM16
Accelerate Innovation with Partners
OptimizationSecurity Visibility and Orchestration
89 SDN Members
Select SDN Customers
21 SDN Apps
29#ATM16
Bama Foods
Network Optimizer & Blue Cat DNS & Real Status Hyperglance• Enhanced user experience • Lower overall IT infrastructure cost• Enables a real-time, 360-degree view of the
entire network through Real Status Hyperglance SDN App and BlueCat DNS Director SDN App
30#ATM16
Get more information
Attend these sessions: Visit these demos: Contact us:
– www.hpe.com/networking/sdn
– www.arubanetworks.com
– www.hpe.com/networking/sdnappstore
Your feedback is important to us. Please take a few minutes to complete the session survey.
DWS8 - Software-Defined Networking (SDN) deep dive: 3rd-party ecosystem apps and the app store
PD10 - LIVE DEMO: HPE SDN applications
Tech Playground
31#ATM16
32#ATM16
Hybrid SDN
33CONFIDENTIAL © Copyright 2015. Aruba Networks, an HP company. All rights reserved.
Hybrid SDN Flowchart
Enable new solutions* without Major Disruption
Hybrid SDN enabled by optional OpenFlow Pipeline
OpenFlow decisions inserted into Forwarding Pipeline
May be enabled/disabled at will Enabled on Per VLAN Basis
OpenFlow actions typically before Forwarding
Output Port: Normal
Port Ingress
Forwarding Logic
ACL Logic
Port Egress
Port Ingress
OpenFlow Pipeline
Forwarding Logic
ACL Logic
Port Egress
Traditional Forwarding SDN Hybrid Forwarding
EnableOpenFlow
*Network Optimizer, Network Protector and Network Visualizer enabled by Hybrid SDN
34CONFIDENTIAL © Copyright 2015. Aruba Networks, an HP company. All rights reserved.
Network Optimizer leveraging Hybrid SDN
Port Ingress
OpenFlow Pipeline
Forwarding Logic
ACL Logic
Port Egress
Flow 9 Match Incoming Port : Any Ethernet Type : IP Source MAC : Any Destination MAC : Any Source MAC Mask : 000000-000000 Destination MAC Mask : 000000-000000 VLAN ID : Any VLAN priority : Any Source IP Address : 192.168.10.100/32 Destination IP Address : 192.168.50.34/32 IP Protocol : UDP IP ECN : Any IP DSCP : Any Source Port : 46772 Destination Port : 19924 Attributes Priority : 35010 Duration : 1000 seconds Hard Timeout : 0 seconds Idle Timeout : 60 seconds Byte Count : NA Packet Count : 72495 Flow Table ID : 100 Controller ID : 1 Cookie : 0x9999 Hardware Index: 19 Instructions Apply Actions Modify IP DSCP : 46 Modify VLAN PCP : 5 Normal
Match Action OutputSkype4B Call
DetailsSet
DSCP & L2 QoSNormal
35#ATM16
Join Aruba’s Titans of Tomorrow force in the fight against network mayhem. Find out what your IT superpower is.
Share your results with friends and receive a free superpower t-shirt.
www.arubatitans.com