十年來SD-WAN一直是變革的推動者;下一個呢？.pdf

《十年來SD-WAN一直是變革的推動者;下一個呢？.pdf》由會員分享，可在線閱讀，更多相關《十年來SD-WAN一直是變革的推動者;下一個呢？.pdf（32頁珍藏版）》請在三個皮匠報告上搜索。

1、#CiscoLive#CiscoLiveSteve Wood,Distinguished TME Steve Harrison,Senior TME Leader PSOENT-2002SD-WAN has been the agent of change for a decadewhat about the next?The Future of SD-WAN 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex A

2、pp Questions?Use Cisco Webex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until

3、June 9,2023.12343https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicPSOENT-20023 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveIntroductionSteve WoodDistinguished Technical Marketing EngineerSteve HarrisonSenior Leader Technical MarketingPSOENT-2002

4、4Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicIntroduction SD-WAN now Interconnectivity Policy and control Security Reporting and automation Conclusion PSOENT-20025SDWAN:Past,present and future 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThe

5、WAN disruption The WAN is evolving Large private POP and Colo footprintsMultiple provider backbonesService Exchange PointsProgrammable Control,cloud on-ramps-SDCIWAN moving to IaaS consumptionPAYG contracts,Service agilityOptimized for Cloud and SaaS access latency*SDCI Software Defined Cloud Interc

6、onnect Customer premises Local access First mile Last mile Middle-mile Regional Peering Edge/Service ExchangeColocation/PoPColocation/PoPColocation/PoPColocation/PoPInternetSP backboneSDCI ProviderBackboneHyperscalerbackbones SaaSPrivate DCHyperscalersPSOENT-20027 2023 Cisco and/or its affiliates.Al

7、l rights reserved.Cisco Public#CiscoLiveThree emerging patterns IPSecIPSecSDWANSDWANIXP PeeringSDWAN FabricDirectAttachSASEMost ControlSSEIPSecIPSecSDWANIPSecIPSecSDWANCloud GWCloud GWLeast ControlPSOENT-20028 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSDWAN of the Fu

8、ture Direct to Cloud&SaaS1Service Exchange PointUnify Fractured access peering|SLA and performance optimization|Independent Network Control Point23PSOENT-20029Local access*SDCI Software Defined Cloud Interconnect Customer premises Control PointColocation/PoPHyperscalerbackbones SP backboneSDCI Provi

9、derBackboneIXPSaaSPrivate DCHyperscalersBranch Control PointWhich network is best?|What security posture?|Traffic mapping policyCloud AccessWhich network is best|What cloud region?|SDCI Software Defined Cloud Interconnect 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSDW

10、AN Architecture:DC-Centric BackhaulPrivateDC AggregationDMZPrivateLinePublicInternetBranchCentric AccessIaaS DeliveredCustomer Deployed and ManagedCloud AppsMPLSInternetCloudSaaSCurrent SDWAN ArchitecturePSOENT-2002112-5 Cloud Access PointsHigh latency backhaulPoor application performanceLacking Iaa

11、S opportunityThe DC“Home Run”2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSDWAN:Cloud FirstCloudMiddle MileAccessCloud-first SDWAN ArchitectureCloudSecurityHosted SDWANColocationsHostedDirect ConnectDirect Peering/Hosted Direct ConnectSecure Access AnywhereCloud AppsClo

12、udGatewaysIaaS DeliveredCustomer DeployedVirtual SDWAN GW First Mile AccessPrivate DCSaaSPSOENT-200212100s of Cloud Access PointsLowest LatencyCloud SecurityOn-demand NetworkCloud OptimizedApplications:From connectivity to experience 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#

13、CiscoLiveApplication consistency What is the problem?SDWAN Instance BSDWAN Instance ANBARApplication Cache Ver 2023.4.31.1805NBARApplication Cache Ver 2023.3.21.1900App:O365-TeamsPolicy:Real Time VoicePriority:HighestDSCP Mark:EFApp:O365-SharePointPolicy:Corp Web AppPriority:MediumDSCP Mark:DS0Datab

14、ase version mismatchInconsistent app classificationPolicy breakingUnderlay PathOverlay PathNNINNIPSOENT-200215 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveApplication consistency The solution=Cisco SD-AVC SDWAN Instance BSDWAN Instance ANNINBARApplication Cache Ver 202

15、3.4.31.1805Update Ver 2023.6.7.1200NBARApplication Cache Ver 2023.3.21.1900Update Ver 2023.6.7.1200App:O365-TeamsPolicy:Real Time VoicePriority:HighestDSCP Mark:EFApp:O365-TeamsPolicy:RealTimeVoicePriority:HighestDSCP Mark:EFDatabases constantly updatedEmerging app classificationHigher policy match

16、efficacyOverlay PathOverlay PathNNIPSOENT-200216 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUser identity DC/HQMPLSBroadbandFiber/DirectCellularDIABroadbandCellularOn-Prem SecurityCloud SecurityIdentity Informed Path and PolicyPSOENT-200217 2023 Cisco and/or its affil

17、iates.All rights reserved.Cisco Public#CiscoLiveSaaS optimization Optimized connectivity to cloud applications Local breakout policy(DIA)from remote site Optimal path selection through proactive link probing Visibility on quality of experience metrics SaaS Branch/campus Users Regional data center Re

18、gional data center SD-WAN fabric GoToMeetingMicrosoft 365SalesforceG SuiteSAP ConcurIntuitZendeskSugarCRMOracleWebexBoxZohoDropboxAny Apps(Custom/NBAR)PSOENT-200218 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderlay or overlay automaticallySecurity compliance maintai

19、ned through use of local security policyIncrease in application QoE due to shorter pathSDWAN can switch seamlessly to ensure policy adherence Configured and successor paths proactively monitoredSD-WAN fabric Underlay DIA PSOENT-200219 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public

20、#CiscoLiveApplication Telemetry IntegrationExample:Microsoft 365 deep-probing Problem Traditional SD-WAN only probes the app front-endPerformance measurement only covers part of the network path It does not take service performance into account Solution Cloud onRamp for SaaS probing is augmented by

21、O365 SaaS telemetry Microsoft monitors performance of App service and computes a score Score is sent to SDWAN controller where it is used to augment probing data A combined path selection decision is made Cloud on ramp Path Network score App score DC 6 9,10 DIA 10 9,10 MS telemetry App Score Exchang

22、e 9Teams 10 Branch/campus Users Internet Umbrella SIG Data center PSOENT-200220 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThe death of VPN tunnels?Future is SaaS,not tunnels Align to SaaS QoESD-Internet,Intelligent Internet,Enhanced Internet Just an underlay decision

23、 then?Internet SaaS PSOENT-200223 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAPI-driven InfrastructureThe SDWAN of the FutureSoftware-defined underlay,Virtualized SDWAN,On-demand serviceOn-demand connectivity API ProgrammabilitySingle-pane management Latency optimized

24、 Direct peering Local access Direct connect PSOENT-200224Local access ColocationColocationVirtual SDWAN GatewaysPervasive security 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveWhy not just tunnel everything to SSE?Tunnelling everything to the cloud is not the solution T

25、he cloud does not infinitely scale SASE is the union of secure access and the service edge Not just a VPN to SSE Question:How do we make 1+1=3?Same Architecture Somewhere Else Secure Access Service Edge Cloud GW Everything Best at Edge Best in cloud PSOENT-200227 2023 Cisco and/or its affiliates.All

26、 rights reserved.Cisco Public#CiscoLiveCisco AdvantageNext gen firewall IDS/IPS Content filtering Advanced malware protection(AMP)Cisco Secure malware analytics(ThreatGrid)DNS layer protection(Cisco Umbrella)PSOENT-200228 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveYou

27、r SSE,your way,made easyConnect ZscalerConnect netskopeConnect MenloConnect PrismaSSE PartnersSD-WAN fabric SD-WAN Gateway SD-WAN Gateway PSOENT-200229Analytics:From data to insights 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveData driven reporting Site availability Lo

28、cal data harvesting Application impact Multi-data integration Enhanced application impact Heuristics and AI Automated alerting and reporting PSOENT-200231 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAnalytics to automation What are the adoption barriers?Totality of dat

29、asetGuidance efficacyInsight relevanceActionable insights Predictive foresight Automatic remediation Cisco AdvantageToolsWAN insights We are herePSOENT-200232 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFill out your session surveys!Attendees who fill out a minimum of

30、four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!These points help you get on the leaderboard and increase your chances of winning daily and grand prizesAttendees will also earn 100 points in the Cisco Live Challenge for every survey completed.

31、PSOENT-200233 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for related demosBook your one-on-oneMeet the Engineer meetingAttend the interactive education with DevNet,Capture the Flag,and Walk-in LabsVisit the On-Demand Library for m

32、ore sessions at www.CiscoL you#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive36Gamify your Cisco Live experience!Get points Get points for attending this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+at the bottom of the screen and scan the QR code:How:123436 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicPSOENT-2002#CiscoLive