Tech Field Day: Viptela Solution Overview
Ramesh Prabagaran, VP of Product Management, gives an overview of Viptela. He then proceeds to briefly touch on the company’s SD-WAN solutions, and the decisions behind some of their implementations.
Recorded at Tech Field Day in Silicon Valley.
Ramesh Prabagaran has a track record of bringing disruptive and innovative networking products to market focused on carriers and enterprises. Most recently at Juniper Networks, he was a senior product line manager establishing the product vision for enterprise and datacenter routing products (M and MX Series), and WAN-focused solutions for Fortune 100 companies.
Tom Hollingsworth: Hello, I’m Tom Hollingsworth and you are watching Networking Field Day 13. We are here in San Jose, California with Viptela. We have invited a group of networking bloggers, speakers, pod castors and luminaries of the community to take part in this discussion to offer their opinions, ask questions and add their voice to the conversation about software-defined-wide-area networking.
If you would like to learn more about Tech Field Day including how to become a presenter or a delegate please join us at our website techfieldday.com. If you would like to see more videos about this and other exciting technologies please check out our YouTube channel at YouTube.com/techfieldday.
Ramesh Prabagaran: Thank you, Tom. And thank you everyone for visiting us on this wonderful sunny San Jose day. It started to be very nice to show you the sun out there and then have you all locked in this room for two hours.
So the journey that you’ve been through so far has been pretty incredible. The company started more than four years ago but it was really about 18 months ago that we had kind of an inflection point. A very large Fortune 500 retailor and a Fortune 500 bank came over to us and said hey, I have a problem. I’ve seen your solution and I’ve plated on with your solution and know it works. Help me through this journey to transform my wide infrastructure to an all LAN-network.
So we took it upon ourselves to actually go through that challenge. Six months later we had thousands of sites across these large Fortune 500 bank and retailers deployed. To us in many ways that was really the start of the explosive growth for the company and very excited to share with you our successes, our experiences, show the product and action and get all of the feedback from you guys as well.
So we have an action-packed agenda for you guys today. We’ll go through a short introduction though not as [unintelligible 00:02:09] because it looks like everybody is aware of this event and how their dog behaves as well but we’ll go through the technology overview of what are this confidence of the solution. How do we think of our destiny more importantly and some of the use cases that our customers have brought to us and also show meaning of the things in action. I’m going to spend about 15 minutes to cover that and then after that it’s going to be a demo and a demo and a demo and a demo. We will show all of the things that I’m going to talk about in action as well.
So let me quickly start off with an overview of the company again. As I mentioned four years ago we got started with an incredible journey. We have over a hundred enterprise customers deployed. And to us a deployed customer means somebody who has critical infrastructure running on our technology has paid us for a period of time. And we take pride in the number of sites that we have production deployed that continues to grow by the day. We are gaining upwards of 15,000 sites and given that we’ve been selling our products for a little over two years. This has been a pretty amazing journey for us.
Along the way certainly we have taken some of the largest of the Fortune 500 companies along with us in this journey, 25 plus Fortune 500 customers in manufacturing, retail, financial services, healthcare and all converting their infrastructure into SD-WAN. We also have the three of the largest thousand plus site networks as well on the SD-WAN infrastructure. As we go through this journey of what is the product and what is the solution you will see why this automatically scales to such large extent as well.
Now we are not alone in this whole process. We do have very good partnerships with some of the largest service providers, Verizon, Singtel and so forth and also some of the largest of the systems integrators. So now we’re going to talk a little bit about not why you need SD-WAN but why our customers deploy SD-WAN because we have a wide variety of cases and I kind of want to double-click on that.
So if you look at the overall journey of SD-WAN itself it’s been mostly at take a private network, take a public infrastructure and merge them and you get high bandwidth and off you go. That’s been kind of the way that rules of the technology and the rules of the market has been. But over time this has [unintelligible 00:04:45] quite a bit. There’s not a single day that goes by where we have conversations with customers on O365.
Now many of you are wondering what does Office 365 have to do with the [unintelligible 00:04:58] quite a bit because Microsoft says exit out of the internet, do [unintelligible 00:05:02] internet access, access a Microsoft Cloud and that’s the best way to access O365. Now guess what the current [unintelligible 00:05:13] looks like. Back all the traffic back to our data center and regional [DMZ] and then exit out to the internet. So the placement of a public clouded gateway or a fast gateway is a pretty key element in all of this and that’s again driving the discussion to what is the WAN capable network and is the WAN network as well.
Compliance and security; certainly for business reasons, for credit card transactions and for HIPPA compliance customers are looking for how do I make my current infrastructure compliant. Now [Emplus] has done a phenomenal job because everybody trusts Emplus. It’s isolated. It’s not private but it’s isolated and it gives you that compliance. But the minute I start to mix private and public networks, what does that look like? We’ve been able to help multiple customers get the compliance that they absolutely require for their infrastructure as well.
Now many of you have seen how AWS has grown – actually explosively grown and many of our customers – enterprise customers are deploying applications in AWS and Azure and Google [unintelligible 00:06:18] and so forth and want to make that part of the wide area so that you don’t have take classes again from your branch. Go to a data center, cloud burst to a public cloud and make the network somehow work that way. We help customers through their journey of making their public cloud part of the wide area. And that’s a pretty key element in order to get the user experience that our customers rightfully deserve.
Now those are again just some of the use cases that we have for our customers. And for certain industry work it goes in particular that are our specific use cases, retail especially with all of the retail analytics that needs to happen [unintelligible 00:06:59] channel experience and so forth is requirements for bandwidth that is a requirement for segmentation and that is requirements for a marketing and retail location. Everyone outside that has walked into one of the large retailers to buy groceries or whatnot has seen a coffee shop and have seen many other things inside that retail chain. So you your retail location no longer is [unintelligible 00:07:23] and it is actually inherently becoming a monthly tenant. And so there’s a lot of innovation that needs to happen inside that infrastructure to make things work.
Healthcare; continuing healthcare is a pretty big deal for this country. When a patient goes through the journey of getting admitted at a hospital and an acute care facility to at third-party facility and to all the way up to home you need to have that continued health care. Now guess what, the network absolutely plays a pretty good role in that and some of our customers have publically thought about how we have helped them through that journey as well. And certainly in manufacturing especially with business partners coming into the mix [unintelligible 00:07:55] coming into the mix and so forth. So for those of you that you look at SD-WAN and say is the board mixing private and public networks, it’s not just that. There’s a whole lot more to help customers through this whole process.
Now I certainly understand and I admit to the fact that this place is extremely crowded. I think the last count was over 30 in this particular space and we have not seen a clear definition of what is what and so we have taken a stab at this. We’ve kind of defined three classes of SD-WAN players here. And from a customer standpoint when you look at it look at it with this lens? Some players focus on application optimization. They start with application is everything and it’s all session-based, I need to optimize things going either to the Cloud or I need to optimize the application itself for this behavior.
That’s a [unintelligible 00:08:47] optimizing connectivity. Once again, if you relay this back to use cases that our customers have it’s a piece of it. Planned for documentation is another category where you look at hey, the world is moving from MPLS to all broadband and oh by the way, broadband is [unintelligible 00:09:05] and let me fix that for you. That’s again a piece of the problem and it does not make an enterprise network a whole. And we’ll talk about why that is not a whole as well.
And then finally we categorize ourselves in this whole stack of SD-WAN category where it’s a more hybrid infrastructure. It’s about not just mixing MPLS and public. It’s about bringing in [unintelligible 00:09:28] and bringing in Cloud and bringing in SaaS, it’s bringing in compliance, security, centralized qualities and centralized management and all of them.
And so our promise to our customers is really this; we provide you with enterprise class with SW-DAN capabilities that’s Cloud ready that’s hardened and secure and simple to operate. It’s really that simple, right? It’s really these four categories that we excel at. And this whole thing is [unintelligible 00:09:56] either as a service on premise existing infrastructure and probably it’s very well that’s kind of the underdone. That’s why you see it in a slightly smaller form as well.
This is really the promise that we are providing to our enterprise customers. And the router market is either through a channeled partner or through a managed service provider. We take multiple partners along the way as well.
Now let me talk a little bit about what each of these things mean. What does the enterprise class mean? And I’m going to have a little kick here. We’ll start with a completely blank piece and we’ll fill it up. The route of it at the [unintelligible 00:10:29] independent fabric, how can I take broadband and fill [unintelligible 00:10:34] infrastructures and kind of pull them all together into a unified fabric. Not just really only unified fabric but one that is zero touch and zero thrust. The zero thrust is important because the minute you mix and thrive it in public infrastructure the element of thrust just goes away. You need to be able to secure that infrastructure. You need to be able to authenticate everything that comes into that infrastructure. That table stakes a transport independent fabric.
On top of that we have the delivery platform that includes many of the elements that your familiar with; routing, security and so on and so forth. The other thing is it’s not just about running [BZB or OSBF] because that I think has existed for more than a decade. People know how to do it but the minute you start to bring this in to the infrastructure – let’s say I take a [unintelligible 00:11:22] router that’s being advertised from my data center and it makes its way through them and this network into a branch and gets re-advertised back through OSBF, the minute I have a distribution we all know what happens in the network; loops, [unintelligible 00:11:35] and so on and so forth.
So you have to be able to up level and not just routing and adjusting and programming the device that’s sitting behind me to this really large-scaled network that’s [unintelligible 00:11:48]. And we assure all of this in action. We take pride in asserting ourselves in doing existing infrastructure really two sites at a time. You can take just a pair of sites, put us in the mix and be a participant in the existing topology and you can start to migrate the infrastructure. In fact, many of our customers have gone through the journey from zero sites all the way up to thousands of sites starting exactly that way. Sometimes they go through like 25 to 50 sites at a time but they all start small and then grow big as well.
The next thing is really around security and segmentation. Security is stable stakes. You need to have authentication. You need to have encryption and at the same time you need to have access control into the network as well and we’ve talked a lot about what that means. David will show all of these things in action as well.
I want to double-click on a couple of things and then we’ll move to some of the other pieces. Segmentation; segmentation has existed in networks for probably over a decade. We all know how VLANS work. The branches have had VLANS for again over a decade. The VLANS center has been virtualized again for a decade but the wide area has been a pretty single blob. Why is that the case? We asked this questions to customers that hey, do you want your network to be segmented and the answer is absolutely, yes. Can you do it? The answer is an absolute no, right?
And so we have been able to again help our customers through this whole journey of our segmentation. And segmentation could be part of a variety of reasons. It could be for [unintelligible 00:13:18]Wi-Fi reasons. I offer that out to the internet and I do a [unintelligible 00:13:25] and it could be for compliance reasons. It could be to separate lines of business, a wide variety of things. We subscribe to bringing segmentation all the way to the CPE boundary and not just limited to the B boundary like in the MPLS one. And we’ll show again some of these things in action as well.
Now many I’m sure are wondering – okay, this is technology I’ve known and I’ve heard, what is Nokia, right? And when we built this in a very modular way with the transport independent fabric the confidence that gave us the [unintelligible 00:13:56] platform and then applied the pieces of [unintelligible 00:13:59] on top of it. Things like applications instantly. I can pre-classify applications into 3,000 applications. I can take an SLA and slap that against an application and say anywhere in the infrastructure if I see Web-X traffic and I have a path that’s less then a hundred milliseconds of latency, take that. Don’t take any other path. We can actually put a single policy on the centralized management platform and the entire network will start to honor that policy. So things of that sort can be done really in a simple way and insure that action as well.
A few other things that on Cloud are the ability to create different qualities is also important. One of the large retailers have had the requirements to have guest Wi-Fi traffic that is through a split tunnel. I have video surveillance traffic because if theft happens in one of the stores and all of the nearby stores need to get that video surveillance feed and so I need to be able to stream that and so that requires a partial mesh. I have [unintelligible 00:14:56] traffic that needs to go [unintelligible 00:15:00] and give all of this capability on a single platform, right? And so we actually can segment the network and actually provide the different kinds of topologies as well. And all of this is delivered with a single pane of glass where you can have configuration management, trouble shooting and also a layout of analytics. Once again, we will show that in action as well.
To us this is what an enterprise class SD-WAN solution needs to look like. It is not one thing, it is not two things, it’s all of these things working in unison across the multiple thousand websites.
Now you may be wondering what does this mean to the Cloud. And people think loud and say it’s one thing and we frown because it’s not one thing. It’s really two things. You have to fundamentally separate infrastructure as a service from that. And the root of it is it all looks really simple but [unintelligible 00:15:51] the details. In the IaaS world typically you’ve had a data center that flower burst into a public cloud and that’s how networks have been. The role of the network infrastructure guys have been through connect the sites to the nearest internet and that’s about it, right? That leads us to [unintelligible 00:16:04].
What we have done is actually we’ve taken our piece of software and put that directly into the public cloud and made the public cloud part of the wide area. So you’re naturally extending your perimeter not just from a branch, to a site, to a data center, to campus, but all the way up to a public cloud as well. And that’s what is way different if you take SaaS now into the picture.
If we go to Microsoft and say hey, can spin up an instance of our software inside the O365 they would say that’s the door, please. So please show yourself out, right? Nobody wants to take a foreign piece of software and put that into a SaaS club. And so there are different things that you’ll have to do to optimize applications that are Cloud based especially SaaS based. Things that aren’t getting the telemetry off the public Cloud provider incorporating that into your best SaaS so that you can optimize access to the Cloud. Once again, David will show all of this in action as well.
I want to touch on a couple of things and then I’ll talk about the confidence of the solution and then we’ll get into the juicy part of just really the demo. So Security and hardening; we like to stand on the shoulder of giants that have proven themselves in the market and you’ll see a couple of them listed on the screen here. It’s very hard for a brand new player to come into the network and say please trust me because honestly if I say that to you, you wouldn’t trust me either, right?
And so we like to partner with some of these players here to provide a few things. One is assertion. If my business logics say this application needs to go through a firewall and the where the firewall is in the infrastructure I need to be able to sell this [unintelligible 00:17:42]. The same thing for that destination for www [unintelligible 00:17:48] actually could be transactions going to the internet as well. So this scale is a pretty big partner of what is in that category and we’ll show again these things in action.
And finally, there needs to be something to operate. You need to be able to globally – you need to be able to zoom in and zoom out and be able to look at their entire infrastructure and get some original analytics as well on top of that network. I want to cover a couple of other things on the product but I’m looking around the room here and I know I’ve talked for like five minutes non-stop and so I’ll take a breath and I’ll also see if you guys have questions.
Speaker: All right, I’ll take that as a no. So the competence of the solution, this is not all [unintelligible 00:18:31] that is stuff that actually exists and this is kind of how it works. So it’s really two aspects for the solution and you have what we call is [unintelligible 00:18:38] and you’ll see one on the tables here which has two antennas with LTE. These are either physical or virtual devises that sit at the edge of the network. It could be your data [unintelligible 00:18:52], it could be your site, your branch, your admin office or whatnot. And the same thing can extend all the way into a public cloud as well. We really don’t care whether this is a piece of hardware or a piece of software. It’s an innovation that we have inside of the software that really comes.
All of their traffic that flows freely within the enterprise freely flows between these V-edge devices. And the data thing here is like I said AS256 based and the traffic flows freely here. Now when it comes to a network Wi-Fi connectivity that’s where we bring in elements of the controller and the management platform as well. The management platform is responsible for configuring the devices, monitoring them, troubleshooting them and so forth. And the controller is responsible for taking a piece of information and providing that to the best of the infrastructure. Taking a policy crunching that and then providing that providing that to the best of the infrastructure as well.
And so these are really the three components of the solution. We have the management platform because we manage the response controllers that are responsible for many, many things around network-wide routing and authentication and around policy crunching and many other things and then edge device itself. We don’t subscribe to dumb, dumb edges. We feel fundamentally the edges need to have some level of intelligence. If you are participating in OSB or VGP you need to have some brain in order to participate in that topology. And so the network devises the [unintelligible 00:20:19] when it comes to network Wi-Fi connectivity they have to go to the controller and they get that information and [unintelligible 00:20:28]. We’ll show that again in action as well.
The setup devices that we have that we have that we have just – the V-edge [unintelligible 00:20:34] device. We have flavors that provide aggregation, one gig, 100 meg that are used for [unintelligible 00:20:41] based. Ethernet with integrated LTs and so you can just take a SIM card and put that inside one of these devices and have connectivity out through my favorite [unintelligible 00:20:53] and the same thing for Wi-Fi on the LAN side as well.
And the same piece of software, their grounds on all of this are also available in a virtualized compact that I mentioned again in Spinup and Instance and on Amazon VPC, [unintelligible 00:21:07] Cloud and you can have a VCP offering or the [unintelligible 00:21:10] as well. So this portfolio will continue to expand but the architecture is going to remain the same.
So that was the intro covering the aspects of where we have been, the customers, what are the use cases and what are the main technology blocks and also the contents of the solution.