Transcript Why Vyatta
소프트웨어 기반 라우터 Network Infrastructure with the Agility of an Application AGENDA • • • • • • 소개 고객 기술 및 비지니스 Vyatta란 고객 Use Case Competitive Advantage Vyatta Appliance 2 Vyatta는 무엇인가? Vyatta는 소프트웨어 기반 손루션으로써 가상화 네트워크와 클라우드 인프라 구축 할 수 있습니다. Mission: 기업 및 클라우드 아키텍쳐의 현대화 3 Vyatta Usage: Evolution 2006년 2009년 물리적 인프라 2010년 2011년 가상화 데이터센터 2012년 PRIVATE / PUBLIC CLOUDS NETWORK OS ROUTING SECURITY AGILITY 4 Industry Leadership Vyatta 판매 성장 World Class Team Investors 5 Why Vyatta ? > Vyatta는 IP 기반 네트워크 솔루션으로 편리한 네트워크 환경 구축가능 > 실제 네트워크 환경에서 가상화 환경으로의 간단한 이전 > 오픈소스로써 템플릿 기반의 개발도구를 지원, 주문형 네트워크 구축 가능 > Utility Pricing 6 가상화 장단점. Business Gains + Networking Pains Reduced CapEx VM Sprawl/Stall Reduced OpEx Traffic “tromboning” Increased Agility Lack of server isolation Responsiveness Increased CapEx /OpEx 7 Keeping Up With Virtualization MultiTenancy Developer Velocity Application Density Networking Pain N-Tier Deployments CapEx Time-To-Deploy IT Goals Infrastructure Agility 8 Traditional Approaches Miss the Real Issue Increased Complexity Decreased Efficiency Increased Costs 9 소프트웨어 기반 네트워크의 가치 소프트웨어 기반 네트워킹은 소프트웨어의 유연성 및 경제와 네트워크를 제공 Quickly Deploy & Change Scale Up & Down Users Server Leverage Speed 10 Vyatta 네트워크 운영체제 CLOUD COMPUTING • Router, Firewall, VPN, + • Granular Control of VM’s Virtualized • Hypervisor Independence • Auto-Provisioning • Elastic Networking • Remote Management Download NETWORK OS Network Admin System Admin Bare Metal NETWORK EDGE • Router, Firewall, VPN, + • DSL thru 10Gbps Edge • Unbeatable Price/Performance • Scalability Security Admin • System Availability • Platform Independence 11 Vyatta 모델 Delivered over 40 software releases REMOTE API Command-Line Interface Graphical User Interface Remote Access API VYATTA DATA MODEL Controls 100% of functions Distance-agnostic Add, change & move VMs Interfaces to provisioning systems Interfaces to orchestration systems Vyatta IP VyattaGuard Web Filter Routing FW NAT VPN URL Filter QoS WAN LB IPv6 Vyatta DNA Multi-Platform Virtualization Drivers 12 Vyatta 기능 NETWORK OS - HIGHLIGHTS Routing IPv4/IPv6 – BGP, OSPF, RIP, STATIC, POLICY Security IPv4/IPv6 - STATEFUL FIREWALL, IPSEC VPN, SSL OPENVPN Threat Protection System Management IP Services High Availability Platforms TRAFFIC FILTERING, URL FILTERING, TRAFFIC SEGMENTATION FAMILIAR CLI, WEB GUI, CONFIG SCRIPTS, REST API DHCP, NAT, DNS, VLAN, SSH, TELNET, SNMP STATEFUL FAILOVER, CONFIG REPLICATION, CLUSTERING, VRRP Intel x86, VMware, XenServer, Redhat KVM, Riverbed RSP 13 일반적 네트워크 시스템 일반적 데이터 센터: 모든 서버 간 트래픽이 물리적 라우터 및 방화벽을 통해 전송. A1 A2 B1 B2 C1 C2 C3 Server Server Server Server Server Server Server 14 일반적 가상화 네트워크 환경 가상화 네트워크: 보안 정책의 세분화를 위해 모든 트래픽은 물리적 디바이스 통과.. vSwitch Hypervisor A1 C1 Virtualized server vSwitch Hypervisor A2 Virtualized server vSwitch Hypervisor B2 B1 C2 C3 Virtualized server 15 Vyatta Solution vyatta로 다음 작업 수행 가능: • 효율적 트래픽 관리 • 소프트웨어의 유연성 전갱 가능 vSwitch Hypervisor A1 C1 Virtualized server vSwitch Hypervisor A2 Virtualized server vSwitch Hypervisor B2 B1 C2 C3 Virtualized server 16 Vyatta Virtual Network Contains Traffic With Vyatta: 가상 환경에서 다중 계층 네트워크를 구축하는 모두 내부 및 간 하이퍼 바이저 트래픽 관리 가능 vSwitch Hypervisor A1 C1 Virtualized server vSwitch Hypervisor A2 Virtualized server vSwitch Hypervisor B2 B1 C2 C3 Virtualized server 17 Use Cases 예 Virtual Networking with Vyatta Cloud Bridging with Vyatta Vyatta with Cloud Service Providers Data Center to Multiple VPC with Vyatta 18 현재의 가상화 데이터 센터(VDC) 19 VDC Distributed Traffic Isolation 20 VDC Router Isolation • Per tenant network services • Per tenant network topology • Per tenant network administration • Multi-tier network architecture in software 21 Use Case 예 Virtual Networking Cloud Bridging Vyatta in the Cloud Data Center to Multiple VPC 22 Secure Layer 2 Cloud Bridging • Simple and secure VM migration to and from the cloud provider or VDCS • Provides n+1 VDC/cloud expansion • Provides migration strategy for: • Demand spikes • DR/BCP plan • Phased application moves 23 Use Cases 예 Virtual Networking Cloud Bridging Vyatta in the Cloud Data Center to Multiple VPC 24 Vyatta in the Cloud – Ex: Amazon INTERNET • Limit of 10 IPsec VPN connections per VPN gateway (using Amazon gateway) • No control over Amazon side of the VPN tunnel • No VPC-to-VPC VPN mechanism 25 Vyatta in the Cloud – Ex: Amazon Key IPSEC/SSL VPN Cloud Bridge NAT + Firewall • No limit to # of VPN tunnels • Securely connect into multiple VPCs from a single • Create full VPN mesh between multiple VPCs • Securely bridge cloud to cloud or datacenter to cloud 26 Use Cases 예 Virtual Networking Cloud Bridging Vyatta in the Cloud Data Center to Multiple VPC 27 Datacenter to Multiple VPC – VPN Mesh Key IPSEC/SSL VPN PING INTERNET • Vyatta virtual machine installed on hypervisor in datacenter • Full mesh VPN between multiple VPCs and datacenter 28 Why Vyatta? Vyatta 는가상화 및 클라우드 환경을위한 소프트웨어 기반 네트워킹의 선두 업체 • 백만 이상의 다운로드 기록 • 세계적으로 1000이상의 고객 확보 • Top tier cloud & Fortune 500 customers • 글로벌 유통체제 Cumulative Downloads 1,400,000 1,200,000 차세대 응용 프로그램 • 독립적 플랫폼 • 최적화된 가상화 • ROI를 위한 라이센스 • 운영비용 절감 • Open API Standard Image 1,000,000 Virtual Machine 800,000 600,000 400,000 200,000 0 2006 2007 2008 2009 2010 2011 29 Competitive Advantage Juniper vGW VShield App VShield Edge Check Point Fortinet Vyatta Cisco VSG L2 Bridge / Switch True L3 Routing IPsec VPN / OpenVPN Stateful Firewall Usage-Based Pricing Open Restful API Amazon Integration Application Firewall Policy Based Routing Central Mng. IPv6 1 Fortigate VM 30 Vyatta Appliance Specification Model 600 Model 1600 Model 2600 Model 3500 Layer 3 Forwarding 250,000pps 600,000 PPS * 1,400,000 PPS * 2,000,000 PPS * VPN Forwarding 150Mbps 400 Mbps 500 Mbps 700 Mbps Max VPN Sessions 1000 2000 4000 6000 Onboard I/O(Ports) 6x 10/100/1000 1 x 100/100, 6x 10/100/1000 8x 10/100/1000 4x 10/100/1000 Ethernet Expansion Up to 4 additional 10/100/1000 up to 8 additional 10/100/1000 (2 x 4 ) up to 16 additional 10/100/1000 or up to 8 x 10GbE Serial Expansion Up to 4 port T1/E1 & Synchronous Serial V.35,X.21 Up to 2 x 4 port T1/E1 & Synchronous Serial V.35,X.21 1,2,4 port T1/E1 and Synchronous Serial V.35,X.21 1 x RJ45 1 x RJ45 2, 4, 6 port RJ45 2, 4, 6 port SFP Ethernet 4-port 1000BASE-T 2-port & 1000BASE-SX 4 port 1Gbe SFP+ 4-port 1000BASE-T 2-port 1000BASE-SX 4 port 1GbE SFP+ 4 port 10Gbe SFP+ 6 port 10Gbe SFP+ WAN 1-port, 2-port & 4 port T1/E1 1-port, 2-port & 4 port T1/E1 1-port, 2-port & 4 port T1/E1 1GB 800 MHz DDR2 2 GB 1333 MHz DDR3 2GB expandable to 192GB Console Memory 1 x RJ45 512MB 800 MHz DDR2 31 THANK YOU!