소프트웨어 기반 라우터

Network Infrastructure with the Agility of an Application

2

AGENDA

• 소개• 고객 기술 및 비지니스• Vyatta 란• 고객 Use Case• Competitive Advantage• Vyatta Appliance

3

Vyatta 는 무엇인가 ?

Mission:

기업 및 클라우드 아키텍쳐의 현대화

Vyatta 는 소프트웨어 기반 손루션으로써 가상화 네트워크와 클라우드 인프라 구축 할 수 있습니다 .

4

Vyatta Usage: Evolution

NETWORK OS

가상화 데이터센터물리적 인프라 PRIVATE / PUBLIC CLOUDS

AGILITY

ROUTING

SECURITY

2006 년 2009 년 2010 년 2011 년 2012 년

5

Industry Leadership

Vyatta 판매 성장

World Class Team Investors

6

Why Vyatta ?

> 실제 네트워크 환경에서 가상화 환경으로의 간단한 이전

> Utility Pricing

> 오픈소스로써 템플릿 기반의 개발도구를 지원 , 주문형 네트워크 구축 가능

> Vyatta 는 IP 기반 네트워크 솔루션으로 편리한 네트워크 환경 구축가능

7

가상화 장단점 .

+

Business Gains

Networking Pains

Reduced CapEx

Reduced OpEx Increased Agility Responsiveness

VM Sprawl/Stall

Traffic “tromboning”

Lack of server isolation

Increased CapEx /OpEx

8

NetworkingPain

Keeping Up With Virtualization

ApplicationDensity

Infrastructure Agility

Multi-Tenancy

Time-To-Deploy

CapEx

ITGoals

DeveloperVelocity

N-TierDeployments

9

Traditional Approaches Miss the Real Issue

Decreased Efficiency

Increased CostsIncreased

Complexity

$

10

Scale Up& Down

ServerLeverage

소프트웨어 기반 네트워킹은

소프트웨어의 유연성 및 경제와 네트워크를 제공

소프트웨어 기반 네트워크의 가치

Quickly Deploy& Change

Use

rsSpeed

11

Vyatta 네트워크 운영체제

Download

CLOUD COMPUTING

• Router, Firewall, VPN, +

• Granular Control of VM’s

• Hypervisor Independence

• Auto-Provisioning

• Elastic Networking

• Remote Management

NETWORK EDGE

• Router, Firewall, VPN, +

• DSL thru 10Gbps Edge

• Unbeatable Price/Performance

• Scalability

• System Availability

• Platform Independence

NETWORK OSNetwork Admin

System Admin

Security Admin

Virtualized

Bare Metal

12

Vyatta 모델

Vyatta DNA

Vyatta IP

Command-Line Interface Graphical User Interface

VYATTA DATA MODEL

VyattaGuard Web Filter

FW

VPN

NAT

Routing

URLFilter

QoS

WAN LB

IPv6

Multi-Platform Virtualization Drivers

Remote Access API

Delivered over 40 software releases

REMOTE API Controls 100% of functions Distance-agnostic Add, change & move VMs Interfaces to provisioning

systems Interfaces to orchestration

systems

13

Routing

Security

Threat Protection

System Management

High Availability

Platforms

IPv4/IPv6 – BGP, OSPF, RIP, STATIC, POLICY

IPv4/IPv6 - STATEFUL FIREWALL, IPSEC VPN, SSL OPENVPN

TRAFFIC FILTERING, URL FILTERING, TRAFFIC SEGMENTATION

FAMILIAR CLI, WEB GUI, CONFIG SCRIPTS, REST API

STATEFUL FAILOVER, CONFIG REPLICATION, CLUSTERING, VRRP

Intel x86, VMware, XenServer, Redhat KVM, Riverbed RSP

IP Services DHCP, NAT, DNS, VLAN, SSH, TELNET, SNMP

Vyatta 기능

NETWORK OS - HIGHLIGHTS

14

Server ServerServerServerServerServerServer

일반적 네트워크 시스템

A1 A2 B1 C1 C2 C3B2

일반적 데이터 센터 : 모든 서버 간 트래픽이 물리적 라우터 및 방화벽을 통해 전송 .

15

Virtualized server

HypervisorvSwitch

Virtualized server

HypervisorvSwitch

Virtualized server

HypervisorvSwitch

일반적 가상화 네트워크 환경

A1 C1 B1A2 C3B2 C2

가상화 네트워크 :보안 정책의 세분화를 위해 모든 트래픽은 물리적 디바이스 통과 ..

16

Virtualized server

HypervisorvSwitch

Vyatta Solution

Virtualized server

HypervisorvSwitch

Virtualized server

HypervisorvSwitch

A1 C1 A2 C3B2 B1 C2

vyatta 로 다음 작업 수행 가능 :

• 효율적 트래픽 관리• 소프트웨어의 유연성 전갱 가능

17

Virtualized server

HypervisorvSwitch

Vyatta Virtual Network Contains Traffic

Virtualized server

HypervisorvSwitch

Virtualized server

HypervisorvSwitch

A1 C1 B1A2 C3B2 C2

With Vyatta:가상 환경에서 다중 계층 네트워크를 구축하는 모두 내부 및 간 하이퍼 바이저 트래픽 관리 가능

18

Use Cases 예

Cloud Bridging with Vyatta

Data Center to Multiple VPC with Vyatta

Vyatta with Cloud Service

Providers

19

현재의 가상화 데이터 센터 (VDC)

20

VDC Distributed Traffic Isolation

21

• Per tenant network services

• Per tenant network topology

• Per tenant network administration

• Multi-tier network architecture in software

VDC Router Isolation

22

Use Case 예

Virtual Networking

Data Center to Multiple VPC

Vyatta in the Cloud

23

• Simple and secure VM migration to and from the cloud provider or VDCS

• Provides n+1 VDC/cloud expansion

• Provides migration strategy for:• Demand spikes • DR/BCP plan• Phased application moves

Secure Layer 2 Cloud Bridging

24

Use Cases 예

Virtual Networking Cloud Bridging Data Center to

Multiple VPCVyatta in the

Cloud

25

INTERNET

Database

Application

Web

Datacenter

Public

PrivatePrivate

VPC InternetGateway

Remote Site(s)

Remote Site(s)

• Limit of 10 IPsec VPN connections per VPN gateway (using Amazon gateway)

• No control over Amazon side of the VPN tunnel

• No VPC-to-VPC VPN mechanism

Vyatta in the Cloud – Ex: Amazon

26

Key

IPSEC/SSL VPN

Cloud Bridge

NAT + Firewall

Vyatta in the Cloud – Ex: Amazon

• No limit to # of VPN tunnels

• Securely connect into multiple VPCs from a single

• Create full VPN mesh between multiple VPCs

• Securely bridge cloud to cloud or datacenter to cloud

27

Use Cases 예

Virtual Networking Cloud Bridging Vyatta in the

Cloud

28

Key

• Vyatta virtual machine installed on hypervisor in datacenter

• Full mesh VPN between multiple VPCs and datacenter

IPSEC/SSL VPN

PING

Database

Application

Web

Datacenter

INTERNETPublic VPC Internet

Gateway

Private

VPC InternetGateway

Public

Private

vpc-928dbffb10.0.0.0/16

vpc-947f42fd192.168.0.0/16

Vyatta AMI(NAT + VPN)

10.0.0.26EIP: 184.72.121.67

10.0.1.0/16

Vyatta AMI(NAT + VPN)

192.168.0.92EIP: 184.72.110.240

192.168.1.0/16

Public IP:76.74.103.12

Datacenter to Multiple VPC – VPN Mesh

29

Vyatta 는가상화 및 클라우드 환경을위한 소프트웨어 기반 네트워킹의 선두 업체

• 백만 이상의 다운로드 기록

• 세계적으로 1000 이상의 고객 확보

• Top tier cloud & Fortune 500 customers

• 글로벌 유통체제

차세대 응용 프로그램• 독립적 플랫폼

• 최적화된 가상화

• ROI 를 위한 라이센스

• 운영비용 절감

• Open API

0

200,000

400,000

600,000

800,000

1,000,000

1,200,000

1,400,000

2006 2007 2008 2009 2010 2011

Cumulative Downloads

Standard Image

Virtual Machine

Why Vyatta?

30

Competitive Advantage

Vyatta

Cisco VSG

Juniper vGW

VShield App

VShield Edge

Check Point

Fortinet Fortigate

VM

L2 Bridge / Switch

True L3 Routing IPsec VPN / OpenVPN Stateful Firewall Usage-Based Pricing Open Restful API Amazon Integration Application Firewall Policy Based Routing

Central Mng.

IPv6 1

31

Vyatta Appliance

Specification Model 600 Model 1600 Model 2600 Model 3500

Layer 3 Forwarding 250,000pps 600,000 PPS * 1,400,000 PPS * 2,000,000 PPS *

VPN Forwarding 150Mbps 400 Mbps 500 Mbps 700 Mbps

Max VPN Sessions 1000 2000 4000 6000

Onboard I/O(Ports)

6x 10/100/10001 x 100/100, 6x 10/100/1000

8x 10/100/1000 4x 10/100/1000

Ethernet Expansion  Up to 4 additional 10/100/1000

up to 8 additional 10/100/1000 (2 x 4 )

up to 16 additional 10/100/1000 or up to 8 x 10GbE

Serial Expansion  Up to 4 port T1/E1 & Synchronous Serial V.35,X.21

Up to 2 x 4 port T1/E1 & Synchronous Serial V.35,X.21

1,2,4 port T1/E1 and Synchronous Serial V.35,X.21

Console 1 x RJ45 1 x RJ45 1 x RJ452, 4, 6 port RJ452, 4, 6 port SFP

Ethernet  4-port 1000BASE-T 2-port & 1000BASE-SX4 port 1Gbe SFP+

4-port 1000BASE-T2-port 1000BASE-SX4 port 1GbE SFP+

4 port 10Gbe SFP+6 port 10Gbe SFP+

WAN  1-port, 2-port & 4 port T1/E1

1-port, 2-port & 4 port T1/E1

1-port, 2-port & 4 port T1/E1

Memory 512MB 800 MHz DDR2 1GB 800 MHz DDR2 2 GB 1333 MHz DDR32GB expandable to 192GB

THANKYOU!