Kevin: Good afternoon, everyone. My name is Kevin Suitor and welcome to our webinar. With me today is Jeremy Milligan, and he’s our senior solution engineer and will be running through a live demo. If you have questions, please put the questions into the chat and we will interrupt them and feed them into our session.
Today we have a fairly quick agenda. We will be through this agenda in less than 45 minutes. We’re gonna cover a quick introduction into SD-WAN and the drivers behind it, why people are deploying SD-WAN today, a quick review of the TELoIP Cloud, SD-WAN as a service solution, and the majority of the time we’ll actually be going through a live demonstration of the product. So we will send out the recording along with the slide deck tomorrow so that you can pass this on and of course, as always, we will have a video recording and transcript up on our blog, blog.teloip.com, in the next week or so for you to review at your leisure.
So without further ado, now, Why SD-WAN? You know, it’s interesting that Gartner has, in a report that was published on 27th of February…I pulled a quote from there. “By year-end 2018, more than 40% of WAN edge infrastructure refresh initiatives will be based on software-defined WAN (SD-WAN) appliances and/or x86-based virtualized customer premise equipment platforms versus traditional routing.” So you know, moving from 2% today to 40% within the next 18 months, that’s a pretty impressive growth curve and it seems to indicate that we’ve hit an inflection point in this market. So, now, that’s the driver here and sort of framing the conversation for the day.
Let’s start with, quickly reviewing what SD-WAN is and what problems it solves. SD-WAN solutions are really designed to solve the cost performance problem that network managers face today. If you think about it, right, MPLS came about in the mid-90s. It’s been the backbone of the both private networks and the public internet for the last 20 years. However, today’s environment is really breaking MPLS. And today’s network managers require increased flexibility to deal with digital transformation efforts.
They need increased performance to deal with cloud-based applications. They need to be able to abstract away the complexity of the network away from the underlying architecture and really allow changes to occur much more dynamically in their infrastructure, so abstract away the complexity and, of course, they need to reduce the cost. And SD-WAN checks every one of these boxes, and that’s why it’s such a fast growing technology stack for the market as a whole.
There’s a study that was published in the last week or so, which really looked at the motivation for enterprise SMB and enterprise customers to adopt SD-WAN. And I found it interesting that 38% of the respondents were looking to improve WAN performance, 36% were looking to cut total WAN spend, 13% to improve provisioning time, 8% say capacity, and there were a bunch of other reasons. But we’re going to focus today on improving WAN performance and how SD-WAN helps with improving WAN performance. So, an important factor in all of this is your transport network selection really impacts your total network cost. So, in Q3 of 2016 there was a study performed that look at worldwide IP/VPN access costs versus…10 MB IP/VPN is 21 times more than a broadband connection of the same capacity. And if we look at MPLS, it was 150 to 200 times more expensive for same capacity. So there are tremendous wins available for OpX and CapX when looking at using SD-WAN and broadband circuits, direct internet access circuits, as an underlay to SD-WAN. So, there’s one potential saving.
That being said, 72% of respondents felt that they were gonna keep MPLS as part of their network solution. So therefore, cost probably is not the biggest driver. They really are looking for that abstraction, reduction of complexity. They’re really looking for the performance improvement that comes from the increased bandwidth and the ability to aggregate links of different types and costs in the in the system. I did find it interesting, in the same report, 76% of respondents plan to adopt SD-WAN and have selected a vendor or are in the midst of selecting a vendor. We hope that TELoIP would be a vendor of choice in moving forward and we hope that you can see by the end of this presentation why we think that would be important.
So I’m gonna move now into, why have we hit the tipping point? Well, as I said, Public Cloud has rendered the traditional MPLS architecture as suboptimal. Today’s enterprise WAN is too rigid, too complex, and too costly for the typical environment that is using Public Cloud software as a service environments, like Office 365, or say you’re using, Salesforce now, or any of these environments, that are replacing traditional on-premise applications. And I’ve created a hashtag for this, #cloudbreaksMPLS.
We see that same report from Gartner that I quoted, two-thirds of enterprises will deploy SD-WAN in some form by the year-end 2018. So, two in three companies are going to do it. They’re seeing the ROI. And then service providers, partners like the TELoIP partner community, are working to incorporate SD-WAN into their offering. So, my takeaway on this, SD-WAN is happening now. Business-critical apps run better. If you give any cloud-based application a 100 MB circuit versus a 10 MB IPVPN MPLS circuit, it’s just flat out gonna run better. And if you can build that faster network without having to go and upgrade your VPN technology and let your cost cycle get in your way, things will be better.
So inherent with the SD-WAN is your internal SSL/VPN infrastructure, comes along for free, right, and it’s incorporated within here. Every connection is actually encrypted from end to end. And Jeremy will walk through some of that in the presentation, the demo. I talked to a bunch at the front end about reducing OpX and CapX, you’re gonna get increased performance, increased responsiveness and you’re gonna do it at 70% plus lower costs over time. We have been selling software-defining networks at TELoIP since 2008 with our SD-internet offer. Our customers have captured these returns over the last seven to eight years. And as we continue with SD-WAN, putting the encryption onto it, they’ll continue to capture these same type of returns.
As I said, every connection is encrypted. SD-WAN is secure. And, what you’re gonna get with SD-WAN is an instantly agile software-defined network that delivers broadband economies. Abstract away the complexity, you can add network locations much more quickly. For example, typically we’re seeing MPLS circuits. It takes six to nine months to roll out a new site using MPLS. When you move to a broadband internet-type environment, you’re looking at, more typically, weeks to do this rollout and you can turn a site up in a matter of minutes. Generally, less than 30 minutes to turn a site up. You can optimize your network infrastructure to better leverage bandwidth-intensive apps. You can set priority.
We had a long conversation with Pat Saavedra a couple of weeks ago about how the TELoIP Cloud delivers quality of experience and quality of service maintenance. You can go to our blog and you can now listen to that 45-minute webinar. We’ve gone through a lot of detail in how the TELoIP Cloud provides extensive quality of service support and quality of experience improvement for our customer base. Every endpoint is secured, has a built-in firewall, all connections, and they’re encrypted, so you’re meeting all of your security requirements. You’re not being asked to go and deploy firewalls out to every branch site as a separate device. It’s incorporated within the AI appliances.
So our VINO Edge appliances cover the software-defined edge, and you get through our orchestration with the VINO Portal. You have the ability to set business-oriented policies and allow those policies to flow through to each end-user and each application meeting the business requirement. So quickly, a little commercial about the TELoIP Cloud, we have nine POPs across North America. We started delivering service to customers through these pops in 2008. These POPs are deployed in carrier neutral facilities and they give us access to a to a bunch of different backbone technologies. That allows us to have a great backbone transit. So you don’t have to build your own WAN. Your wide area network comes for free. You just need to worry about getting your access from your endpoints into your closest POP.
And so if all you’re having to worry about is the access network and the rest of the fabric is built for you automatically, you get tremendous simplification of managing your SMB, or enterprise wide area network.
So what do we sell? We sell a set of appliances that are functioned between 10 MB and 1 GB depending on the license that is applied. We sell the VINO SD-WAN license, which is a monthly recurring revenue license. Those licenses are available between 10 MB per second and 1 GB per second. We sell the VINO SD-Internet license, which is a 25 MB to 1 GB MRR license. There’s a one-time activation fee to cover initial installation and configuration, and the VINO Portal access comes along for free within the application.
One thing that many people are interested in is we also have the ability to provide a VINO SD-WAN Remote Access Service. So instead of needing separate IPVPN RAS services, we actually provide, at each one of those nine POPs, a public addressable RAS service for your user community. Your road warriors, your work-from-home employees can actually connect in through a secure VPN tunnel to the closest POP and then they are placed inside the protected route do main. And so those users look exactly like a user sitting inside one of your remote offices or branch offices. And so that consolidated service offer really allows every user in your company to be part of your network no matter where they work, live, or play.
So, quick little picture and then we’re gonna pass on to Jeremy to the take over and handle the demo portion of this. So we provide a carrier agnostic SD-WAN. You bring your own last mile links or you work with a TELoIP partner to provide the last mile, whether that is, you know, a DSL link, an LTE link, cable internet, MPLS, Direct Internet Access. You pick what you want as your last mile links. We have the ability to do per-packet aggregation across those links, aggregate them and get the traffic up. And in this case, you would get the red plus the green in terms of total capacity. And Jeremy will show you that in the demo in a moment. You get access out to the internet, to the Public Cloud, along with a very secure, protected route domain in the core of the network. So you have both your private WAN to access private cloud services, and you have public Software as a Service access incorporated within your VINO SD-WAN offer. So, with that, what I’d like to do is pass it over to Jeremy to take over and run the demo.
Jeremy: All right, perfect. So my name is Jeremy. I’m a product engineer here at TELoIP, and I’m just gonna start my screen sharing here. I’m going to share my full screen. All right, so you should be able to now see a Firefox window with the TELoIP portal. Maybe, Kevin, if you could confirm that.
Kevin: Yes, you’re up and running.
Jeremy: Excellent. All right, so what I’ve started with here is the VINO portal. So, I just logged in. This is the dashboard. Now, to save a little time today, you’ll see a number of tabs up above and I’ll be going through these different tabs to show you some of the different pictures that we have within the VINO forum. So right off the bat, I logged in here and selected TELoIP as a customer. Now, we have our main offices up here in Toronto, so you’ll see a number of different devices up there as well as in the New York area. Now down below, we have an aggregate score for each one of the points of presence, or points of entry, whichever way you want to think of them as, and the aggregate quality of experience score for each one.
Now, you’ll see down in the bottom here, we have that legend for quality of experience. Now before you ask, Quality of Experience (QoE) is measured very closely to that Mean Opinion Score (MOS), so we made it a little bit more attributed to the network and the network quality of the voice call to make it a little bit more applicable for end-client. Now the next thing I’m going to take you into here is our demo boardroom (CPE view). Now, at the very top of the screen we have system information here, which shows us the total uptime on that hardware, the model, and the version of our operating system that runs on top. And the load of service that it is within, so this is an SD-internet product. Next up shows the total amount of bandwidth. This site has 59 Mbps Inbound by just about 6 Mbps outbound. And just to the side of that we have our host availability.
Now, this is just the first little inkling that this is fully tied into a network monitoring system that is also included at no additional cost alongside the VINO Portal. And it’s been rolled into the portal in various different ways. Right here, we’ve got the host availability. Now down below, we have our quality of experience graph. We also have the three individual circuits that have been connected to this device. So in this case, we’ve got three Bell Canada circuits. Since we’re Canadian, we’ve got these DSLs up here. Some of them are ADSL2, and the third is an ADSL2+ circuit. You can see that as a backbone circuit has a much lower latency than those other two connections.
Now down below, you can see the whole POP connectivity. This is the overall connection to the point of presence through the overlay, through over different underlay connections. Now next up, we have the Voice- over-IP PBX so we can see, at the same time, with Home PoP and our headquarters’ WAN, what the quality of our voiceover IP performance is going to be like. Anything above a 2.5 is really gonna be a very high-quality call. Now, next up, I’m going to show you the VINO tab. So I’m just kind of moving left to right here, through these different capabilities that we have in this light blue bar for our demo boardroom unit.
Now the first bits of information here, we’ve already seen. Now, what we have not seen is the complex and automated configurations that each one of these devices receives upon installation. So we can see this device is configured with three links. We go into the basics here, we get a little bit more detailed into how each one of these links is configured, as well as the different capabilities of the service. So in this case, we’ve turned on that bidirectional compression, we’ve enabled our keepalive, we’ve enabled NAT and our firewall, as well as our IPDE que. Now the two items we haven’t enabled here, the link MTU detection and RLA on-demand.
These two features allow individual links to be changed by the carrier and us to automatically coordinate and configure ourselves to use them to their maximum potential. Down below we have these three links that are connected. Two of them are actually configured with private addresses. No these are statically assigned, but these private addresses could very easily be public addresses. Now the third circuit is connected through a DHCP client. Now, any DHCP link allows us to perform our zero-touch provisioning model, wherein the device arrives un-configured, it phones home, it receives its configuration, and it calibrates itself for the links that are connected at the client site.
Now down below are some of the automated calibration features, such as our failover sensitivity for multi-directional pathway selection. This is our preemptive failover technology. It allows for just a lost syllable on a Voice-over-IP call, in the event of a catastrophic outage of a single link or multiple links. We’re never going to lose a full word and were certainly not going to lose more than a second of audio. From here, you can see we’re configured for about 300 ms of failover. Now, next up we have our bandwidth reservations. During our demonstrations, we traditionally block off just enough, bandwidth here for an AG729 call. It’s about 32 to 35 kb per second.
We’ve also turned on our assurance. This allows for, if a link goes down, that bandwidth that’s been assigned to that particular link is seamlessly spread amongst the remaining circuits to ensure that the client has the right amount of reserved bandwidth. Now, if it turns out that bandwidth i’s not enough, we will certainly allow that priority traffic to use much more. Now, this is that priority traffic. You can see, down here, our IP/QOS rules. Now in this case, we’re prioritizing inbound voiceover IP from a third-party PBX provider. So in this case, we don’t receive any DSCP or TOS bit or priority que markings. So in this event, we’re prioritizing this inbound traffic from three particular hosts that this third-party provider has.
On the outbound, going out from the site? Oh, that’s simple. We just add the DSCP class marker, and prioritize that traffic as it should be. Now, one thing I’ve skipped over here was our latency and jitter avoidance. But this is used in combination with our multi-directional pathway collection, just above here. So in the event that one of these circuits uses latency above 500 ms or jitters above 150, we’re gonna remove it for 20 seconds. It will only be re-added with the other circuits until its health has been re-verified and it is returned to a quality circuit. Now, that circuit is allowed to do that four times. But any one of these elements here can be controlled and configured to optimize the connection for the client. If links are susceptible to this kind of behavior, we can increase the over-limit count or increase the latency or jitter threshold.
Now down below here, we have our quality of experience check, which is the three graphs that you saw on the previous page as well as our overlay queue, which is used for all traffic. It is not prioritized within these rules here. Now, the first fives rules, that we really didn’t touch on, or the last two here, are used for demonstration. The first five are used for optimizing our monitoring system, and the first one is used on every single device that we send out. It allows for prioritizing acknowledgment packets within a particular length. This allows for even a site that’s completely saturated and used all their bandwidth can still have applications, cloud-based or private-based, feel fast. But they still load fast even though the client’s site has completely sucked away all of their bandwidth.
Now, next up here since we’re talking about bandwidth, I think it’s great to go into our graph. So again, I’m going left to right here. I’ve gone into bandwidth. I’ve gone into our standard graph views. So from here, we can see the total site bandwidth. We can see the top talker. We can sort this out by hosting if we want. We can see if the majority of our traffic is headed for speed test server, as we do during our demonstration, as well as the top ASN BGP, or top companies or organizations, that this device speaks to. Now next up, I’m going to show you the next views for our bandwidth graphic. So from here, I’m going to go into bandwidth and then I’m gonna show you the top bandwidth unit. So for bandwidth, we have a great deal of granularity to look at how a client uses their traffic, how many packets per second, how many bytes or how many packets.
Next up, you have the top bandwidth users. So from here we can see the type of service, the TCP flags at the client’s site, as well as the top protocol andport. You see the majority of our traffic is through SSL and web. Now, next, we have some configurable items within our IP node. So we have a full-fledged route table. We have a rouet table management system, so we can add additional routes, we can delete current and existing routes, and you can also see one of our advantages here with multiple route tables. Each device, whether it be the 100, the 400, the 600, or our larger AI 9000, all support up to 16 route tables. This allows us to use links that are on the same default gateway. In fact, they might even have the same IP address, like one 192.168.1.1, which is a very common subnet to find amongst broadband providers. Now, we’re allowed and we’re permitted to use those IP addresses in unison, even if they have the same default gateway and that modem gives us the same IP address. This allows us to work with multiple underlay circuits that share the same gateway.
Next up, we’ve got our interface status and information. Now, there’s a lot more detail inside each one of these elements. I’ll show you a couple of things inside of here. So, this is fairly self-explanatory. We have our GE0, GE1, GE2 ports. These are the physical ports that are on the back of the AI 600 device we’re looking at right now. So from here, we can make configuration changes by just using the edit window here. We can add in VLANs, if we need one on GE2, we can add one in, or if we need to add in keep-alive we can also do that. Now, down below, I’ll show you some examples of some VLANs that have already been created. So we have VLAN 101 and 102 for the first two links, DSL1 and DSL number 2. The third link is actually a Versature VoIP phone through a third-party provider.
All right, so next up, we’re gonna show you the DHCP client. This one is also very self-explanatory. This is the IP address and mechanism that we’re using for our third link that allows us to do a zero-touch provisioning model here, but that was giving us an IP address via DHCP. Now, on the other side, we have DHCP server so that we can start serving out IP addresses. Of course, this is necessary for organizations that want to displace pre-existing network equipment at a site, but we also have a unique capability to also provide a public address to that site. Now, we can use the DHCP for that or we can configure that statically and let the client configure themselves statically as well. But from here, you can see two different subnet definitions that we’ve assigned to two different interfaces, both GE3 and VLAN 200 for our Voice-over-IP phone.
So you’ll feed those two subnets here. We can make modifications as necessary. We can add in “www” or TFTP server names to allow for automatic phone provisioning. Now, even more, we’ve got a lot more details down here. We have our Voice-over-IP phone that’s been leased out. We can see its host name and its vendor device and its model number. But we also have additional options for static line definitions, just above this, as well as custom options, down below, for custom devices and custom attributes…vendor devices. This ties into the LLDP-MED functionality of our DHCP server, which is an advanced DHCP server. LLDP-MED, in this case, would allow this phone, for example, to be transitioned over to VLAN 200 automatically.
All right, next up we’ve got the utility tools. So this one, again, is two basic utilities. The trace route and Ping tool, but we’ve added in some additional functionality for our ping tool to allow for fragmentation or no fragmentation. We can also select the type of service for these ICMP packets. And up above we’ve got our trace route utility, which uses an MTR tool, to actually give operators just a little bit more visibility. Now, the next area we’ll take a look at is our SIP trace voice utility. Now, we built this entire page just for Voice-over-IP providers. Now, our partners use this today for, obviously, recording calls, for analyzing SIP traffic. There’s a wealth of different ways that you can use this tool.
So from here, we generate a P-CAP file. Now that P-CAP file can also be downloaded and analyzed within Wireshark, but you don’t even need Wireshark. We tied all of the options that’s in here to do a full analysis. Now from here, we can select a P-CAP file. I’ll just pick one at random here. From my SIP recording for this month, so it’s like in-depth analysis on this file. Down below, we’ll have the complete SIP analysis. We can see the type of codes that we’ve sent, we can see the number of SIP requests that we sent, and the number of replies we received. Next up, we’ve got the hierarchy of statistics down here, the number of frames that we’ve sent, both for data frames and for RTP frames. And down below, we’ve also got a voice recorder and our playback system.
Now, when putting on headphones with left and right channels, you can hear the left side and ride side to differentiate the sender and receiver of the call. With this tool, you can determine if that call was held in good quality from both ends. Now, if that’s not enough, we could also take a look at the flow. So as I mentioned before, we don’t exactly need Wireshark here. We can pull up the details of a single SIP packet. We can take a look at that frame, we can determine the operator or the user who initiated that call, which was myself dialing 1006 from 5001, so this just gives you an idea of some of the potential, just this small tool right here.
Next up we’ve got our speed test session utility. Now, I can run a speed test here, but I think I should show you the more popular item down below. So as you saw before, we have three links, they’re all from Bell Canada. And these are three DSL links of different shapes and different sizes, they all have different latencies, and they all have different speeds. But from here, we can see the quality of experience, represented in the top left, for each one of these three circuits. We can also see the total amount of bandwidth, both outbound and inbound for one through three, and the same for those three circuits down below. We are representing the jitter and latency in real time.
Now, down below this, if this is not enough, we have the raw data. We have the jitter, the latency, per second, for each one of these circuits, as well as its independent packet distribution weighting mechanism as well. So we can see how one circuit compares to the other, and you can see that certain circuit has a much larger weight because it is a much larger circuit at a lower latency. We can also see the total amount of bandwidth is perfect. We can see our link number two occasionally dropping down to a 1.32 QoE. And that’s exactly why we like these DSL’s here is that we get to show poor DSL quality, poor connectivity, and still be able to provide that priority and that bidirectional QoS.
All right, next up we’ve got the server status and host availability. So these are some of the elements that we monitor every single five minutes from our network monitoring system. So I mentioned before that our NMS is kind of tied into the VINO portal, and this is where it is kind of more visible. And this is where all of the email and SMS or text messages will come from, for each of the monitored services at the client site. Whether it be with one’s uptime, with one’s QOE, or quality of experience, or the CPE device uptime, model and version, as well as some very important information here, our quality of experience rules one through three.
Now, the next view I’ll bring you to here is our device availability. From this page, and I’ll blow this up just a little bit, we can see the total quality of experience measurements for our three checks as well as our three weights and our Home POP check. So if I want to, I could pull out an entire partner or an entire customer of ours, or partners, and look at every single one of their sites in this format. And so, for review purposes, I can also export this as a CFD file. All right, Kevin, so that is kind of the world through the portal. You know, if there’s anything you think I should touch on a little bit more, just let me know.
Kevin: No, I think that’s good. So at this stage, folks, if there’s any questions, fire them into the chat and Jeremy and I will be more than happy to answer any questions.
Jeremy: And it’s okay if you can’t think of any good questions right now. We’re always available. You can email email@example.com or just go straight to our website and use our live chat.
Kevin: Okay, it seems like we’ve answered everybody’s questions. So, at this stage, I’d like to thank everybody for your time. As Jeremy mentioned, visit the website www.teloip.com, we do have live chat on there and Jeremy and Daniel and the rest of the team are online all the time answering questions there. We have our blog, blog.TELoIP.com, our podcast channel, podcast.TELoIP.com. Follow us on Twitter, join up and follow us on LinkedIn. We’re on all the social channels so we’re more than happy to answer any of your questions. Thanks very much and have a great day. We’ll have another one of these events next week.