Confidential │ ©2019 VMware, Inc. 1

VMware Recognized as a Leader in Gartner Magic Quadrant for WAN Edge Infrastructure

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

‹#› 2Confidential │ ©2018 VMware, Inc.

VMware Named as a Leader in the Gartner Magic Quadrant for WAN Edge Infrastructure

Source: Gartner, Inc., Magic Quadrant for Enterprise Mobility Management Suites, October 10, 2018.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from VMware.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as

statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

VMware SD-WAN by VeloCloud

Positioned Furthest on Completeness of

Vision

Leader in the Ability to Execute

3Confidential │ ©2018 VMware, Inc.

Enterprise WAN Is Getting Increasingly Complex

Loss of Control

Lack of Visibility

Higher Cost

Lack holistic security

React to change & no agility

Shorter Cycle Time

Lack consistent performance

Control

Visibility

Cost

Security

Plan-Driven

Long Cycle Time

performance

IaaS/PaaSAWSGCP

SaaSSalesforce.com

Office365

Dropbox

LEASED LINES

LEASED LINES

BRANCH

BRANCH

DATA CENTER

BRANCH

BRANCH

BRANCH

BRANCH

DATA CENTER

BRANCH

DATA CENTERDR SITE

DATA CENTER

BRANCH

BRANCH

▪50-80% Backhaul▪50% has Hybrid WAN▪Lifting & Shifting to Cloud

Businesses Blocked by WAN Challenges

App Performance / Bandwidth Expense & Constraint Issues

Branch deployment Complexity

Cloud migration Not supported by static architectures

X

X

X

5Confidential │ ©2018 VMware, Inc.

Simplified WAN Management

Assured Application Performance

Managed On-ramp to the Cloud

VMware SD-WAN Key Advantages

Branch Edges

Cloud Gateways

SaaS / IaaS

Zero-touch deployments, simplified operations, one-click service insertion

Direct cloud access with performance, reliability and security

Datacenter Edges

Transport independent performance for the most demanding apps, leverages economical bandwidth

SD-WAN Overlay

Private /MPLS 3G/4G LTE

Internet Broadband

6Confidential │ ©2018 VMware, Inc.

VMware Cloud-Delivered SD-WANVeloCloud’s Network Service Consists of 3 Key Components

1

3

VeloCloud Orchestrator

2

Orchestrator

Cloud Gateway

1

2

Edge

3

VeloCloud Gateway/Controller

3

3

7Confidential │ ©2018 VMware, Inc.

Regions 30

Orchestrators 63+

Gateways 440+

99.99% Reliability SLA

SSAE16 Type II Audited Datacenters

Cloud Scale Redundancy

Gain access to strategic orchestrators & gateways placed around the world

SaaS (e.g. SD-WAN as a Service) powered by VMware Cloud Infra

8Confidential │ ©2018 VMware, Inc.

Why Cloud-Delivered Matters?

IoT

SD-WAN as an Abstraction Layer

SD-WAN as a Platform

SD-WAN as a Cloud Service

9Confidential │ ©2018 VMware, Inc.

PCI DSS 3.2 Certified SD-WAN

The first and only solution to offer

PCI-Certified Cloud-Delivered SD-WAN

All SD-WAN by VeloCloud components

are PCI Compliant

Retailers benefit from SD-WAN by VeloCloud

PCI AOC to simplify PCI Audit

VMware SD-WAN by VeloCloud is a PCI DSS

(v3.2) Level 1 Service Provider

Ensure PCI compliance in a simple, efficient, and cost-effective manner

Confidential │ ©2019 VMware, Inc. 10

Gain line-of-sight to your entire WAN, On-going visibility and agile troubleshooting

+Use RESTful API to enable your own custom heuristics or analytics

View overall site health Drill down to application usageQuickly assess link quality

Examine bandwidth and throughput in real-time

Understand traffic sources and usage on every site

Access historical data to easily track progress

See latency, packet loss, and jitter on each link

VMware SD-WAN Orchestrator (VCO)

11Confidential │ ©2018 VMware, Inc.

Private Cloud

▪ Direct

▪ Multi-path to closest Gateway

▪ Backhaul to selected VCEs

Netpluz Internet/MPLS

1Non-critical Internet traffic, e.g. Netflix, Facebook etc

2

• Mission Critical Internet applications e.g. IaaS, SaaS

• Security Integration to Cloud Web Security e.g. Zscaler, Symantec

Hub Edge3

On-prem applications & Internet backhaul

App-aware Traffic Engineering

Managed On-ramp to the Cloud

Branch Edge

Cloud Gateway

Gateway provides overlay

brownout & blackout

protection for cloud services

12Confidential │ ©2018 VMware, Inc.

Business Challenges of Cloud services e.g. IaaS / SaaS

Internet transport is cost-effective but unreliable

for the most critical applications like voice

Service disruptions like this above simply

create thousands of incident tickets whereas

nothing can be done but just to wait for service

to resume

OR

VeloCloud Internet Quality Report

www.channelnewsasia.com/news/singapore/starhub-broadband-service-suffers-second-outage-in-2-days-7773784

Brownout Blackout

13Confidential │ ©2018 VMware, Inc.

Blackout protection for real-time cloud app

https://www.youtube.com/watch?v=4N2PM_f_8WE

14Confidential │ ©2018 VMware, Inc.

VeloCloud SD-WAN Path via Gateway (VCG) Underlay Path Non-SDWAN Performance

Brownout protection for Cloud (e.g. speedtest )

Speedtest throughput performance comparison over a single Internet (100Mbps)

Packet-loss download upload

0% 94 Mbps 94 Mbps

5% 80Mpbs 81Mbps

10% 67Mbps 76Mpbs

15% 41Mpbs 72Mbps

20% 23.75Mbps 60.24Mbps

Packet-loss download upload

0% 95 Mbps 95 Mbps

5% 15Mbps 8Mbps

10% 5.38Mbps 3.45Mbps

15% 1.74Mbps 0.81Mbps

20% 0.93Mpbs 0.32Mbps

15Confidential │ ©2018 VMware, Inc.

SD-WAN download upload

0% ~ 100Mbps ~ 100Mbps

5% 83.50Mpbs 67.01Mbps

10% 78.93Mbps 78.40Mpbs

15% 25.12Mpbs 60.10Mbps

20% 11.16Mbps 12.63Mbps

Speedtest throughput performance over a single Internet (100Mbps)

Non SD-WAN download upload

0% ~ 100Mbps ~ 100Mbps

5% 10.98Mbps 14.92Mbps

10% 3.38Mbps 2.13Mbps

15% 0.94Mbps 0.83Mbps

20% 0.47Mpbs 0.23Mbps

16

Speedtest with 5% packet-loss via Non-SDWAN Path

Speedtest over Underlay Path

17

Speedtest with 5% packet-loss via SD-WAN Path

Speedtest over SD-WAN Overlay Path

18

Speedtest with 10% packet-loss via Non-SDWAN Path

Speedtest over Underlay Path

19

Speedtest with 10% packet-loss via SD-WAN Path

Speedtest over SD-WAN Overlay Path

20

Speedtest with 20% packet-loss via Non-SDWAN Path

Speedtest over Underlay Path

21

Speedtest with 20% packet-loss via SD-WAN Path

Speedtest over SD-WAN Overlay Path

22Confidential │ ©2018 VMware, Inc.

Edge is Software (VCE)3 Deployment Options

Option 1 Option 2 Option 3

Edge software pre-installed “bare metal” on VeloCloud hardware or Dell hardware

Virtual Edge installed on ESXi or KVM, ESXi license not included

Virtual Edge installed in IaaS e.g. AWS, Azure and AliCloud

On marketplace, BYOL IaaS fees not included

Next-generation hardware from Dell Dell VEP4600 uCPE Roadmap

VeloCloud 510 to 2000

IBM Cloud

Google Cloud

- Dell VEP4600 uCPE certified

Confidential │ ©2019 VMware, Inc. 23

Dynamic Multi-Path Optimization

Application Performance Assurance

Deep Application Recognition

Secure Overlay

Multi-path

Link Qualification Application Steering

On-Demand Remediation &

Aggregation

What is on the network? What paths are available? How are the paths performing?

What is the best path for the application?

Reacting to deteriorating link conditions even for

single WAN link

24Confidential │ ©2018 VMware, Inc.

• Drives automation and optimization

Dynamic Multi-path Optimization (DMPO)

Assured Application Performance On Any Transport

• Sub-second steering without session drops

• Aggregated bandwidth for single flows

• Protects against concurrent degradation

• Enables single link performance

Dynamic Per Packet Steering

On Demand Remediation

Continuous Link Monitoring

Case Study: Retail Hybrid WAN• MPLS link outage• Performance issues on Comcast CABLE

VeloCloud Delivers Excellent VoIP Quality• Sub-sec s teering of VOIP without call drops• On-demand mitigation of packet loss & ji tter

25Confidential │ ©2018 VMware, Inc.

Maintaining QoE – Unified Communication Services

Video Conference over Single WAN Link with 2% Packet Loss

Without VeloCloud SD-WAN With VeloCloud SD-WAN

26Confidential │ ©2018 VMware, Inc.

O365 SharePoint throughput comparison over a single Internet link

Brownout protection, Assured SaaS performance

VeloCloud SD-WAN path via Gateway

Non-SDWAN path via pure Internet

Office365 Sharepoint File Transferring over 2 weeks continuously from Singapore to Bangkok

From 930pm ~ 1130pm everyday

Confidential │ ©2019 VMware, Inc. 27

Built for the Highly Secure Deployments

Security Capabilities in VMware SD-WAN

Secure Data Connections

• IKEv2 based secure tunnel between Edge and Gateways

• FIPS 140-2* compliant IPSec support PSK or PKI key management with built CA

Application aware Firewall

• Stateful Packet filtering based on the network and application information

• Recognize more than 3300 applications

Secure Control Connections

• TLS1.2 based secure communication b/w Edge, Gateways and Orchestrator

• PCI compliant deployment options

End to end Segmentation

• Simple Enterprise wide segmentation creation

• Integrate with NSX and maps branch segments to NSX routing domains

* FIPS 140-2 Level certification is In Progress

28Confidential │ ©2018 VMware, Inc.

Enterprise-Wide Segmentation

• Traffic profile Isolation• Segment aware policies

• Segment aware topology insertion

• Overlapping IP in different segments

Corp

Guest

PCI

Corp

Corp

29Confidential │ ©2018 VMware, Inc.

Application Aware

Embedded

Can be disable in favor of external physical firewall

Integrated rule set

Default to block inbound

Best of breed integration

Direct or via Gateway

Zscaler, Forcepoint

Use Business Policy to redirect select traffic to CASB providers

Best if breed integration local at the Edge

Use Edge based hypervisor

Fixed service chaining

Palo Alto Networks

Security Architecture

Integrate with best-of-breed security providers

Built-in Firewall CASB Integration Firewall VNFCentralized Firewall

Backhaul to the DC

Use existing DC security infrastructure

Backhaul via a hub or a Non-VC-Site

Use business policy to redirect select traffic to the DC based firewall

Internet InternetInternet Internet

Branch DC

CASB

Embedded Firewall

FirewallVNF

30Confidential │ ©2018 VMware, Inc.

Virtual Ready (V) Edges

AvailableNOW

Available2H/2019

▪ Leverage best-of-breed VNF with SD-WAN

▪ Simple, one-click service insertion

▪ Automate VM lifecycle and registration

Firewall VNF and SD-WAN Integration

31Confidential │ ©2018 VMware, Inc.

CLOUD WEB SECURITY INTEGRATION

Cloud Security Service

Branch Site

Corporate

Datacenter

VeloCloud

Edge Hub

VeloCloud

Edge

VeloCloud

Gateway

Dynamic Multi-Path Optimization

Automated tunneling eliminates site by site configurations

VeloCloud Dynamic Multipath Optimizationdelivers application performance and reliability to cloud

Single-click Application-Aware Policiesfor granular service insertion

32Confidential │ ©2018 VMware, Inc.

Netpluz Advantage Managed Communications Service Provider

24/7 Managed Services

End-to-End Services

Competitive Pricing

Experienced Management Team

Successfully deployed Locally & Regionally

Secure Connectivity – Broadband, GPON, Ethernet, Metro Ethernet

www.netpluz.asia

SD-WAN LIVE DEMO AT

BOOTH G95

Confidential │ ©2019 VMware, Inc.

Thank you!Scan me to download

Do join us at

Booth G95