How to Differentiate & Accelerate Your

Managed SD-WAN & Security Offerings

Sponsored by

October 16, 2018

 Today’s Speakers

James Crawshaw Dogu Narin Rajoo Nagar OrenMarmur

Oren Marmur
Senior Analyst Head of Product Director of Product VP,Head
VP, Headof
ofNFV
NFV
Management Marketing AmdocsOpen
Amdocs OpenNetwork
Network
Agenda

• Introduction
• Orchestration for SD-WAN
• SD-WAN Security
• SD-WAN Solution Details
• Summary
• Audience Q&A

3
INTRODUCTION

• Implementing a managed SD-WAN service offering is a complex

• CSPs must manually stitch multiple SD-WAN, security and other VAS
solutions with BSS/OSS - this is a major inhibitor of business agility
• In their haste CSPs leave many important things to be resolved later on
• CSPs should offer their customers a portfolio of SD-WAN and value-added
services such as security
• To do this CSPs must combine SD-WAN with NFV-based virtual functions
and existing underlay WAN resources.
Hybrid Cloud
Branch
Wireless
Internet

MPLS

4
Major US CSP SD-WAN Plans

Heavy Reading, February 2018

5
SD-WAN Components

Heavy Reading, February 2018

Audience question poll 1

Which virtualization-related feature do you think is the most

important for SD-WAN?
• Scaling and load balancing
• Hybrid cloud
• Multi-cloud
• Containers
 Orchestration
for SD-WAN

Information Security Level 2 – Sensitive

8 © 2018 – Proprietary & Confidential Information of Amdocs
SD-WAN a paradigm shift in enterprise connectivity services
SD-WAN deployment models

Managed OTT DIY

service SD-WAN

Enterprises spending on edge routers vs. SD-WAN Favourable SD-WAN delivery model
40% of enterprises plan to deploy SD-WAN as
58% of WAN infrastructure will use SD-WAN by 2020
a managed service bundled with WAN transport

4000 3,556
US$ Millions

2,907
3000
2,2472,172 2,324
1872 1,699
2000 1510
993 1,112
1000

0
2018 2019 2020 2021 2022

SD-WAN Equipment Branch Office Router

Chart/graphic created by Amdocs based on Gartner Research: Gartner, Forecast: Enterprise Network Source: Gartner, Survey Analysis: SD-WAN Early Findings Yield Surprises, Published: 15 November 2017 ID: G00343588
Equipment by Market Segment, Worldwide, 2015-2022, 3Q18 Update, 28 September 2018 - ID G00349395

Information Security Level 2 – Sensitive

9 © 2018 – Proprietary & Confidential Information of Amdocs
Can communications service providers
turn the SD-WAN threat into an opportunity?
DYI / WAN Vendors Service Providers’ Differentiators

Guaranteed SD-WAN Bundled

SLA and with MPLS services
Mng Service

Price Flexibility Time to

Deliver

Service Provides need to offer differentiated SD-WAN solution

bundled with value-add services
10
Offering SD-WAN introduces operational complexities

Service
innovation Business Operation customer
time-to-market Integration efficiency experience

Onboarding Siloed Monetizatio Agile Self

platforms n operation service
time and cost of
Chain functions Handle Allow end users to
getting SD-WAN
to create Integration of SD-WAN service design, customize,
and VNFs into the
valuable service SD-WAN platforms orders quickly and manage virtual
network
bundles with BSS/OSS and efficiently services through
self service portal

11
Why NFV Orchestration for SD-WAN?
Manage end-to-end service
lifecycle - introduction,
fulfilment and operations

Closed-loop operations -
for hybrid (physical/virtual)
network

Multi-domain, multi-vendor
orchestration – SDN/SD-WAN
controllers from any vendor

Link hybrid SD-WAN with MPLS

IP-VPN for end-to-end services

12
Key enabler for a differentiated SD-WAN solution
DESIGN ORCHESTRATE OPERATE

SELF-SERVICE / ORDERING

PRODUCT SD-WAN
CATALOG

REAL-TIME
OFFLINE
OFFLINE CONTINUOUS IN REAL-TIME
IN LAB
DESIGN REAL-TIME PRODUCTIO SMART
ONBOARDING ORCHESTRATION N OPERATION
ANALYTICS-DRIVEN ANALYTICS-DRIVEN

HYBRID CLOUD

BSS - MONETIZATION

BIG DATA &

Enriched Hybrid SD-WAN - Service Lifecycle ANALYTICS
Management
13
 Multi Domain NFV Orchestration
Orchestration and service chaining of applications
(e.g. vRouter, vFW, anti-DDOS, etc.), SDN and SD-WAN controllers
deployed in hybrid (physical & virtual) multiple network domains as well as at the customer premises

NFV VNF VNF VNF VNF VNF

L 4 -7

SD-WAN controller SDN Controller

Enterprise HQ
Enterprise Branch VNF

VNF

VNF VNF VNF VNF

Enterprise DC
CPE GW
Enterprise Branch VNF
SDN PE
L 1-3 VNF
DCGW
IP/MPLS
VNF
VNF VNF VNF
PE

Enterprise Branch VNF

VNF
INTERNET
VNF

Information Security Level 2 – Sensitive

14 © 2018 – Proprietary & Confidential Information of Amdocs
SD-WAN Integration into CSP network
Portal Billing ordering

Manual
stitchin
g
SD-WAN VNF #1 VNF #2 Public cloud

Portal Billing ordering

TMF API
Pre-Packaged
Amdocs NFV SD-WAN Package
integration

SD-WAN VNF #1 VNF #2 Public cloud

15
Accelerate innovation and time to market through virtualization
and service orchestration

BSS Enterprise
portal

REST APIs
Open API

Amdocs NFV SD-WAN package

BSS Order SD-WAN NGFW Data Center Domain APIs for digital
Integration decomposition controller plug in controller plug in OpenStack plugin orchestration experience

SD-WAN xN NGFW xN Data Center

WAN Bandwidth VPN App Intrusion Antivirus DDoS URL SSL Service Infrastructure Life cycle
connectivity Management Control Prevention Filtering Inspection Function Resources management
Chaining management

16
Accelerate managed SD-WAN + VAS offering
Ready-to-deploy, pre-integrated service orchestration solution

| 3 Months |

Define Develop Deploy Deliver Optimize

System Integration Service design and policy Service fulfillment Best practices and
& VNF onboarding • Resource definitions • VNF instantiation continuous fulfilment
Pre-defined
• Stitching siloed systems
SD-WAN + Security + VAS
• Policy rules services • Service orchestration
• Service chainingand Policies • Network configuration
• BSS/OSS integration
• Service modeling • Zero touch provisioning Service
• Service definitions Lifecycle
• VNF descriptors Test Automation
and
debug

Data Monitoring
analytics and
diagnostic

17
Give control to your customers
Give customers ability to quickly and easily spin up the network services they need
from the vendors they want
Chose your Service bundle
by combining VNFs

Order
(Zero touch provisioning)

Monitor & Manage

18
 1st North American cable provider to offer SD-WAN services

Amdocs NFV orchestrator and Versa SD-WAN controller

Automated fulfillment of underlay connectivity

with new overlay services

Most Innovative
SD-WAN Service 65% reduction in the end-to-end processing
due to service orchestration automation

7 months time to market from design/inception

to production
enables distributed enterprises to benefit from:

Enable delivering new VAS virtual services

to any tier of business

scale cost built-in network

efficiencies reliability

Information Security Level 2 – Sensitive

19 © 2018 – Proprietary & Confidential Information of Amdocs
 Summary and Key Takeaways
Differentiation and customer experience
Service providers need to leverage their uniqueness - providing
self configurable managed SD-WAN solution bundled with VAS services

Service lifecycle management is key

Management and Orchestration plays a crucial role for
adding services connecting to exiting business enablement systems

Accelerate time to market

Field proven, pre integrated ready-to-deploy solution
accelerate time-to-market using pre defined validated
configurable service models

Information Security Level 2 – Sensitive

20 © 2018 – Proprietary & Confidential Information of Amdocs
Audience question poll 2

Which security feature is most important for SD-WAN?

• Application validation
• Cryptography
• DDoS
• Encryption
• IDS/IPS
• Network penetration testing
• NGFW
• TEEs
 Security VNF
Solution

Information Security Level 2 – Sensitive

22 © 2018 – Proprietary & Confidential Information of Amdocs
Service Provider Industry Trends

IT Shift from Capex to Opex

▪ MSP/MSSP outsourcing
▪ IaaS & SaaS clouds
▪ Skills Shortage
Cloud Elasticity & Agility
▪ Auto-scaling applications
▪ Capacity on-demand
▪ Tenant self-service

Network Function Virtualization (NFV)

▪ Hardware commoditization
▪ Service modularity and scalability
▪ Orchestrated service insertion/chaining

23
Use Cases for Fortinet Virtual Security

PARTNER AUTOMATION & ORCHESTRATION

MANAGEMENT & REPORTING

Web
Private

Applications
Cloud
NSX SDDC SERVICE
VIRTUALIZED FIREWALL SDN AUTOMATION
MICRO-SEGMENTATION PROVIDER NFV

VMware NSX
FortiGate-VMX Virtual FW for N-S Security VNF Cisco ACI
E-W Protection ESXi, KVM, Xen, Hyper-V Amdocs, Nuage, Adva OpenStack

24
Fortinet VNF Security Solution - Highlights

FortiGate VM • Small footprint VNF runs on 3rd

Security VNF at Edge or in Private Cloud party x86 appliance
• Full layer 7 security stack including
NGFW, IPS, AV, Web Filtering,
embedded SD-WAN
• NFV orchestration & service
chaining via partner Orchestrator
(e.g. Amdocs)
• On-premises and hosted solution
PATCHED

Consolidated security and networking VNF in a single, small footprint –

scalable, cost effective NFVi solution for service providers

25
FortiGate VM VNF Overview
Award-winning FortiGate platform as Virtual appliance
❖ Same powerful FortiOS and FortiGuard real-time threat intelligence
❖ Industry leading virtual firewall performance
❖ Robust networking and routing capabilities

Solution Breadth & Depth

❖ Support for leading hypervisors, SDN & cloud platforms
❖ Deep integration into virtual ecosystem via Fabric Connectors

Broad range of use cases

❖ High performance security VNF
❖ Micro-segmentation, visibility and policy automation
❖ VDOM-enabled for multi-tenant environments

Single Pane of Glass Management

❖ Broad Security Fabric visibility and end to end segmentation
❖ Ease of configuration, management and reporting

Accelerated Business Agility

❖ Rapid deployment and provisioning
❖ Flexible licensing to meet business needs

26
Fortinet Security VNF for Amdocs - Highlights

▪ Pre-integrated security VNF for quickly

creating and deploying value-added
security services
▪ Full range of advanced security
services including Threat Protection
and Unified Threat Management
▪ Rapidly and efficiently spin up or down
VNFs across customer premises, data
centers and public cloud
▪ Broad range of revenue generating
services for enterprises of any size

27
Fortinet Security Awards & Certification
Gartner Enterprise Firewall MQ 2017
▪ Gartner MQ Leader – FortiGate Leader
▪ FortiGuard services with best-in-class
security effectiveness tested by NSS Labs
“Recommended” Ratings, VB, etc
▪ Certified integration with leading platforms,
including validations by VMware NSX,
Cisco ACI, and public cloud platforms

28
Audience question poll 3

Which 3 other features are most important for SD-WAN?

• Ability to handle a hybrid MPLS + Internet + LTE environment
• Integrated load balancing and WAN optimization
• IPv6 support
• Open APIs for northbound management systems
• Session-awareness (for user- or application-flow monitoring)
• Multi-tenancy
• Zero-touch deployment for remote locations
 SD-WAN solution
highlights

Information Security Level 2 – Sensitive

30 © 2018 – Proprietary & Confidential Information of Amdocs
31
Who Is Versa?

Founded in Developed Key Addressing

PATENT-
$112M
2012 $40B+ in Premier
By Highly PENDING
TAM Venture Funding
Experienced TECHNOLOGY
Exec Team
35+ Patents of WAN/Managed
Developed in Process Network Services
Multi-Billion $$$
Juniper MX Series
Over 380 customer
engagements and
contracted 200K sites
Versa Solution Scope

SD-WAN

Security
Routing
Carrier &
Enterprise
Grade
Multi-
uCPE Tenancy

Analytics

SD-WAN, Routing, Security…

with Software Agility + Economics
Versa Products Summary

Director FlexVNF Analytics

Single pane of glass for Developed from ground-up for Rich big data analytics &
provisioning, management & carrier-grade network services search platform
monitoring
Integrated with 3rd Party
Integrated with leading FM/PM solutions
Orchestrators
Versa Solution Building Blocks

End-to-End Services Orchestrator

RESTful
APIs

Fault and CMS

Performance • VMware vCloud
Mgmt Versa Versa • OpenStack
• Docker
Analytics Director

SDN Controller
IPFIX NetConf • VMware NSX
Routing CG-NAT VPN
Firewall
Other &
3rd Party • Nuage
•
DPI + App Identification Other &
Firewall

Juniper Contrail
Other & 3rd Party
Firewall Routing CG-NAT VPN
Routing CG-NAT VPN 3rd Party
Fabric (service chaining, elasticity) DPI + App Identification
Other & DPI + App Identification Other &
Firewall Firewall

•
Other &
Routing Versa OS VPN
CG-NAT 3rd Party Firewall Fabric (service
Routing CG-NATchaining,
VPNelasticity) 3rd Party

Versa VNF System

DPI + App Identification

Fabric (service chaining, elasticity)

Fabric
Routing(service chaining,
CG-NAT

Versa OS
VPNelasticity) 3rd Party

DPI + App Identification Versa OS

DPI + App Identification

Fabric (service chaining, elasticity)

ODL*
Fabric (service chaining, elasticity)
Versa VNF System
Versa OS Versa VNF System Versa OS
Versa OS

Versa VNF System Versa VNF System

Versa VNF System

FlexVNF™ FlexVNF™ FlexVNF™

Overlay Network (VMware NSX, Nuage, Juniper Contrail, ODL*)

Hypervisor (ESXi, KVM), Bare Metal, Containers

34
Copyright
35
SD-WAN©with
2014Versa
Versa r

Rich Set of WAN Connection DIA, DCA Traffic

Options (MPLS, BB, LTE) Optimizations for SaaS
Customer Traffic
Portal

SP class Network Internet

Versa
Integration for Underlay and SD-WAN-CPE 1 Director
Secure IPSec Overlays while
Brownfield Networks SD-WAN keys never sent on wire
Versa SD-WAN
(VPN Fabric) Controller

Rich and Dynamic Topology Ethernet

IP/MPLS VPNor
MPLS VPN WAN Performance
SD-WAN-CPE 2 Versa
IP/MPLS VPN Analytics Measurement and Traffic
Options
Optimization

SD-WAN-CPE 3
Full Segmentation and
IPv6 and Dual Stack
Multi-tenancy
36
Application Traffic Management

Recognizes over 3K
Applications and Millions of Application Experience
URLs Based Management

App and URL Classes based CODEC / MOS Based Traffic

Traffic Management Management for Voice and
LTE Network
Internet Video Flows

Dynamic WAN Performance

FEC, Packet Striping, Cloning Measurement and Traffic
VPN Network Optimization

Data Center

App QoS, HQoS Latency, jitter sensitive traffic: Voice,

Video, Business Critical
37
Ease of Deployment and Provisioning

S/N Based ZTP and URL Secure Management via

Based ZTP Options Encrypted Management
Channel
Director
Device and Services
Templates, Hierarchical Workflows to Achieve
Templates Commonly Used Tasks
Public
Internet Cloud
SD-WAN-CPE 1
Covering All of Versa vSD-WAN-CPE 50
Functions (Routing, Security, Ease of App Traffic
SD-WAN, uCPE) Management

Ethernet or
SD-WAN-CPE 2 IP/MPLS VPN
Fully Multitenant with
Extensive RBAC
38
Insights with Built-in Analytics

Big Data Based Analytics IPFix and Netflow Based

Traffic Flow Reporting

Reporting of Actual
Topology Near Real Time Traffic Info

Application and App

Performance Traffic Per User & Groupd Traffic
Breakdown Break Down

Strong Multi-tenancy and

RBAC
 Summary

Information Security Level 2 – Sensitive

39 © 2018 – Proprietary & Confidential Information of Amdocs
Amdocs NFV SD-WAN package
Simplifying and accelerating CSPs journey towards SD-WAN + VAS services

Key features
BSS Enterprise
• Pre-integrated platform for quickly creating, deploying and portal
monetizing managed SD-WAN and security services
• Plugins for seamless integration with SD-WAN, NGFW and Open API REST APIs
SDN controllers
• Pre-defined use cases & service model, configurable service
NFV Orchestrator
parameters
• BSS integration via TMF service order lifecycle management Plugins Plugins Plugins
Open APIs
• APIs for real-time feed on what’s happening in network APIs

• Multi-domain, multi-vendor SD-WAN, SDN and VNF

orchestration and services lifecycle management SD-WAN Controller NGFW Data Center

Proven Pre Elastic Short Affordable & NFV ecosystem with 80+
Key Benefits reference integrated scaling TTM scalable partners

40
AUDIENCE Q&A

Dogu Narin Rajoo Nagar

Oren Marmur Head of Product Director of Product
VP, Head of NFV Management Marketing
Amdocs Open Network