Scribd Logo
Upload

Welcome to Scribd!

  • CoR Azure

    Uploaded by

    weeoam01
    29 views11 pages
    CoR_Azure

    Original Title

    CoR_Azure

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    CoR_Azure

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views11 pages

    CoR Azure

    Uploaded by

    weeoam01
    CoR_Azure

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    Cloud on Ramp - Azure

    It’s a Multi-cloud World


    Devices & Things

    IaaS
    WAN SaaS

    Mobile Users Campus & Branch Users

    DC/Private Cloud

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    A Hybrid Multi-Cloud environment is the new norm
    Enterprises are adopting cloud; forecasts show that investments will increase

    93% $74B 57%

    IaaS spend is 57% of


    93% of projected to enterprise
    enterprises grow by 24% workloads will be
    embraced multi- CAGR to reach deployed in
    cloud strategy public clouds in
    $74B by 2022 12 months

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    …But….there are multiple challenges with cloud
    deployments

    Complexity Experience Security Consumption

    Complex connectivity,
    Lack of QoS, reliability Lack of a common Traditional consumption
    inconsistent experience with
    and optimizations for policy framework models for on-prem do
    and lack of governance across
    cloud application across on-prem and not align with cloud
    multi-cloud and SaaS
    experience cloud that provides full products and
    expensive
    visibility marketplaces

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Cloud onRamp extends SD-WAN to Cloud to address these
    challenges
    3

    ü Automated – Self Service


    ü Normalized for Multi-Cloud
    ü Service Level Observability
    Middle Mile ü Optimal SaaS Experience
    Cisco SD-WAN 2
    ü PAYG offered through marketplace
    ü Ecosystem partnerships for middle mile
    DC BRANCH BRANCH
    1 automation
    1

    1 Site to Site 2 Site to Cloud 3 Cloud to Cloud

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Cloud onRamp for IaaS
    Key Benefits

    Automated Infra in Policy Control Management Plane Reduce OPEX Enhanced Visibility
    Public Cloud

    BGP to OMP
    IGW
    AZ1
    Cisco Cloud Edge
    VPC VPC

    TGW Gateway
    AZ2 VGW vManage VPC/VNET
    SDWAN Cisco Cloud Edge Platform
    Transit VPC
    Device and Circuit
    Transit VPC
    Availability
    Extends a common Tunnel Perf (Loss,
    Extends full SD-WAN policy framework Managed via Cost effective by Latency, Jitter)
    capabilities into the across SD-WAN fabric vManage just like any utilizing Transit Top Apps
    cloud and cloud other router VPC/VNET BW Utilization
    App QoE

    Extend SD-WAN Policy Framework Unified Control Cost Effective vAnalytics

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Cloud onRamp for IaaS - Azure
    Standard IPSec + BGP
    (2x) SD-WAN • VPN GW for host VNETs
    VNET
    BGP <-> OMP
    AS1 • VNET Gateway per-region
    - Multiple for scale
    VNET
    VPN
    AS2 GW • Standard based IPSec
    INET - Connectivity redundancy
    Host VNET WAN Edge
    AS
    MPLS
    • BGP across IPSec tunnels for route
    Express advertisement
    VNET WAN Edge Route - Active/active forwarding
    GW
    AS1 - BGP into OMP redistribution
    VNET Gateway
    Advertise default route to host
    VPN
    GW VNETs
    AS2
    • Optional Express Route
    Host VNET

    Azure Region
    vManage
    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Cisco SD-WAN integration with Microsoft vWAN
    Native integration of SD-WAN endpoint inside Azure Virtual WAN
    17.4

    Azure Troubleshooting & Troubleshooting & Azure


    Automation Telemetry Optics telemetry data telemetry data Optics Telemetry
    Automatically connect to resource
    in vWAN Hub, including Express Cisco vManage
    Route and VPN gateways
    Region 1 Region 2
    Ease of Management Cisco SD-WAN fabric
    Leverage Azure managed service vWAN vWAN
    vWAN Hub to simplify cloud
    deployment SD-WAN SD-WAN
    Endpoint Endpoint

    Security/Policy
    Create policies in vManage and
    push them to vWAN Hub Branch Branch Branch

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Automation, Visibility and Segmentation
    Cloud onRamp for Multicloud - Azure 2H CY20

    Cisco Cloud
    Controllers

    Azure Portal Cloud REST


    Management Plane APIs

    west-us1 east-us1

    Workloads Resources Workloads Resources

    BGP<-> OMP Azure FW Azure FW


    BGP Route
    Redistribution
    Peering

    vHub vHub
    INET
    INET DC
    Site 1 Azure Backbone
    SDWAN Cloud Network SDWAN
    MPLS
    MPLS
    Site 3
    SDWAN SDWAN
    Site 2 Region Region

    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    Mapping of SD-WAN branch networks to VNets
    Difference to AWS: vWAN currently does not support segmentation.

    Unidimensional mapping:
    • select a set of VNETs in one or multiple regions and define a tag
    • select a set of service VPNs (SD-WAN branch networks)
    Result: all selected VNets will be visible to all selected VPNs.
    Caveat: IP addresses of the selected VPNs cannot overlap (since no
    segmentation support).

    Mapping types:
    • 1:1 mapping: one VPN to one tag, which can contain multiple VNets.
    • N:1 mapping: mapping several VPNs to one tag
    © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

    You might also like