Riverbed SD-WAN

Ricky Lin, CCIE#7469, MBA

Deputy CTO
Agenda

1 Why SD-WAN

2 SteelConnect Overview

3 2016 Direction

© 2016 Riverbed Technology. All rights reserved. 2

 Data Center

App. teams IT Ops

Disaster Recovery Site

Your IT used to Private

WAN
look like this
Regional Hub and Campus
Remote and Branch Office Remote and Branch Office

2014
© 2016 Riverbed Technology. All rights reserved. 3
 Global Ops Data Center SaaS IaaS

Disaster Recovery Site

Carrier Neutral
Facilities

More and more it’s Private Public

WAN Internet
looking like this
Regional Hub and Campus Mobile
Remote and Branch Office Remote and Branch Office

2016+
© 2016 Riverbed Technology. All rights reserved. 4
Application delivery is becoming complex
The edge is becoming The faster pace of
Application diversity on
a hub of changes drives IT
a stretched perimeter
communication operations to evolve

Local
Branch Faster user
Applications behavior
Data Center
changes Non-scalable
to Branch
Applications SaaS change
to Branch implementation
Applications
based on
Faster business legacy
driven changes concepts
Source: ESG 2015. ROBO TRENDS
SURVEY

© 2016 Riverbed Technology. All rights reserved. 5

 Software-Defined WAN

Cost Agility
“SD-WAN is a new and transformational way
to architect, deploy and operate corporate
Business
WANs, as it provides a dramatically
Performance
simplified way of deploying and managing
remote branch office connectivity in a cost-
Simplicity Reliability effective manner.”1

“By the end of 2019, 30% of enterprises will use SD-WAN

products in all their branches, up from less than 1% today.”
1 Gartner, Jul 2015 “Technology Overview for SD-WAN”
2 Gartner, Dec 2015 “Market Guide for Software-Defined WAN”

© 2016 Riverbed Technology. All rights reserved. 6

 Three Key Value Props driving SD-WAN

Simplified Management and Orchestration (Provisioning,

Management, Configuration)

Utilizing diverse transport effectively (Reducing costs via

broadband Internet, increasing bandwidth and utilization)

Increased Visibility and Security in the enterprise

7 © 2015
2016 Riverbed Technology. All rights reserved. 7
Agenda

1 Why SD-WAN

2 SteelConnect Overview

3 2016 Direction

© 2016 Riverbed Technology. All rights reserved. 8

 Management Portal
SD-WAN: How does it work? • Single-pane of glass for configuration network management:
cloud-hosted and on-premises
1. WAN Transport Virtualization • Zero-touch provisioning
• Portal where user defines global policies
2. Centralized Management • Aggregated visibility on application performance
3. App-centric & Policy-based Orchestration
SD-WAN Controller
• Establishes and manages Secure Virtual Overlay to sites.
Management • Interprets the Global Policy according to the knowledge collected
Portal from the network
• Defines service chains to enable policy goals
• Manages distribution of interpreted Policy to individual elements
SD-WAN
Controller
Virtual WAN Fabric
• Secure Overlay Fabric
SaaS IaaS • Transport Independence
• Network Segmentation

SD-WAN
SD-WAN Gateway
Gateways
• Local Policy Enforcement
Remote & Branch Offices Campus Sites Data Centers Regional Hubs • WAN Path Selection, Network QoS, Firewall, Service Chaining
• Telemetry feedback loop to/from SD-WAN Controller

© 2016 Riverbed Technology. All rights reserved. 9

 BRANCH AND EDGE CONNECTIVITY DELIVERED

OcedoConnect
Cloud Based
 Solutions (HW/SW/SaaS) for automated configuration • “Network Management
and management of Branch networks and WANs Configuration (multitenant, SaaS)
Automated”
 3 year old startup focused on SD-WAN and • One centrally
remote/branch office SD-LAN Gateways – G50,
assigned policy G100, V-GW
for WAN and
 Founded by team that created Astaro Branch network
(Universal Threat Management (UTM) acquired by Sophos) Ethernet Switch – S24
• Zero touch (w/POE for voice)
 Revenue products & cloud services since Q2/2015 provisioning

WiFi Access Points

 Based in Karlsruhe, Germany A3, A5, A5+
(Home of Karlsruhe Institute of Technology) Branch 1 Branch 2 Branch 3

© 2016 Riverbed Technology. All rights reserved. 10

© 2016 Riverbed Technology. All rights reserved. 11
Contract mining company - Africa

Project Description
Customer is one of the largest Contract Mining Company’s in Africa with established support networks in Africa, Australia and
Europe. It is a mixed MPLS/Internet infrastructure across 20 branches. Step by step they want to get rid of their entire Cisco
infrastructure.

Ocedo was beating the competitors with:

● Automated fully-meshed VPN
● Pure central management of all components
● Zero-touch deployment for all components
● Dramatically reduced maintenance efforts

Gear:
● 3x G100
● 12x G50w
● 3x AP3
● 2x AP5

Effort:
● Few hours from time to time, because of step-by-step order and deployment

Status February 2016: More than half of the sites are up and running with Ocedo GWs, ordering step by step is going on

© 2016 Riverbed Technology. All rights reserved. 12

 Government - Mauritius
Project Description
The customer is a belongs to the Government of Mauritius. Headquarter and branch in Mauritius plus 8 overseas offices
worldwide have to get connected including switching and wireless (for home offices too).

Ocedo was beating the competitors with:

● Automated fully-meshed VPN
● Easy and seamless integration of multiple home offices (L2 VPN)
● Pure central management of all components
● Zero-touch deployment for all components
● Dramatically reduced maintenance efforts

Gear:
● 9x G50w
● 5x AP5r & nx AP3
● nx S12

Effort:
● 1 day configuration
● Max few hours for each office replacing the infrastructure

Status February 2016: PoC was successful, in ordering process

© 2016 Riverbed Technology. All rights reserved. 13

 Manufacturer for LED-based illumination technology - Germany

Project Description
The customer is one of the leading manufacturers of LED-based illumination technology and light systems. They have offices
and production branches in 40 countries all over the world, HQ is in Germany. All offices have MPLS connection, mostly
used for Citrix, but the bandwidth was often too small and the branches demanded local internet breakout. It was almost
decided to have Citrix CloudBridge VirtualWAN devices installed in all locations, but the partner brought Ocedo into the
game.

Ocedo was beating the competitors with:

● Hybrid WAN - use 2 or more Uplinks and use for failover (and loadbalancing/QoS/traffic path selection in future)
● very easy configuration - especially compared to the CloudBridge config
○ comment of the ProfServ guy at partner: “we sold 5 days of consulting & configuration to the customer but
actually we almost just got coffee and observed how the G50 appliances came online in the CC.”
● Citrix CloudBridge is still used in some larger locations, but the customer has saved >50k€ with Ocedo

Gear:
● 36x G50W, 20x AP3, 2x G100

Effort:
● ½ day for demoing the functionality and convince customer
● ½ day per location to replace and configure G50-onsite

Status February 2016: Ordered, deployment/integration is currently happening, 50% done

© 2016 Riverbed Technology. All rights reserved. 14
The Power of Software-Defined Networking
Centralized Management & Operational Efficiency

Software-Defined WAN & Remote LAN

Single Management & Control Plane For all Sites

© 2016 Riverbed Technology. All rights reserved. 15

Demo

© 2016 Riverbed Technology. All rights reserved. 16

Agenda

1 Why SD-WAN

2 SteelConnect Overview

3 2016 Direction

© 2016 Riverbed Technology. All rights reserved. 17

Applications - Not Just Packets

Simple to Use

SteelHead

Integrated Visibility
SteelCentral

© 2016 Riverbed Technology. All rights reserved. 18

Riverbed SD-WAN Product Roadmap
Phase 1 Phase 2 Phase 3 Phase 4
Internet Hybrid Data Center Services
SD-WAN SD-WAN Scale Platform

`
Internet WAN Overlay with Hybrid SD-WAN Overlay with Enterprise-class SD-WAN Extensible service options
Use Case Branch Network automation Dynamic routing for large-scale deployments for converged branches

Management/Control Cloud-hosted Visibility via SteelCentral On-prem appliance Functional separation, ++

SDI-130 & 330 up to 200Mbps, SDI-1030, up to 1Gbps, 1000 SDI-2030, up to 1Gbps, SDI-2030, up to 1Gbps,
Branch Gateways
200 sites sites 2000 sites 5000 sites
SDI-VGM, up to 2.5 Gbps SDI-VGM, up to 2.5 Gbps SDI-5030 10Gbps+ with SDI-5030 10Gbps+ with
Data Center Gateways
clustering clustering
L2 & L3 Intra-zone Mesh and L2 & L3 Intra-zone Mesh and Deterministic path selection DPS
Supported Topologies
Hub & Spoke Hub & Spoke (DPS)
Embedded SteelOS with Embedded SteelOS, Dynamic SteelOS, HA via cluster w/ SteelOS, Tighter
Primary SD-WAN services: routing (BGP, OSPF), VRRP, Load Balancing in DC, Path integration with
Static Routing, DPI, QoS, Path Path Quality, VPN+, Auto Quality++, optimized cloud- SteelHead, WAN-Opt as a
Services Selection, integrated Security, Topology, SteelHead WAN- based security – Zscaler,
rd
service, Integrated 3 party
VPNs Opt integration, Steel/Netflow SteelCentral++ service chain

© 2016 Riverbed Technology. All rights reserved. 19

Business intent: a common language for fast
application rollout and easy change management
Business goals

I want this new critical confidential “Financial Consolidation” SAP module

Business to exclusively be delivered In Asia to Users in the Financial Department

leader

High level IT abstractions

Application Groups Performance Groups Security Groups Sites Users

IT leader
SD-WAN
Controller
Global network service abstractions

DPI library Service chains Firewall policies Uplinks Active Directory

Network
Encrypted Segments Subnets
leader

© 2016 Riverbed Technology. All rights reserved. 20

SteelHead Hybrid Networking has an exciting future

Software Software
SteelOS
9.1 9.2 XX70

 RiOS Hybrid Networking  Hybrid Networking scale and  SteelOS migration with base
 WAN optimization additional enhancements SD-WAN services / Hybrid
Networking
 Controlled by SCC
 WAN optimization

© 2016 Riverbed Technology. All rights reserved. 21

 Best of Technology and Enterprise Needs

Router
Incumbents

WAN SDWAN
specialists pureplays

© 2016 Riverbed Technology. All rights reserved. 22 22

 Why Riverbed SD-WAN

Excellence

Comprehensive application performance, visibility and

Vision control product portfolio

Experience Driving Market Leading Evolution into the WAN

<space>
Tier 1 Proven Enterprise Vendor
<spacer>

© 2016 Riverbed Technology. All rights reserved. 23

Application Defined Network Utopia!

© 2016 Riverbed Technology. All rights reserved. 24

 Trust in Skynet SDWAN. It’s the future.

© 2016 Riverbed Technology. All rights reserved. 26

 Thank You

© 2015 Riverbed Technology. All rights reserved. 27