SD-WAN ndi DNA kuthandiza woyang'anira: mawonekedwe a zomangamanga ndi machitidwe

Maimidwe omwe mungakhudze mu labu yathu ngati mukufuna.

SD-WAN ndi SD-Access ndi njira ziwiri zatsopano zopangira maukonde. M'tsogolomu, ziyenera kuphatikizana kukhala maukonde amodzi, koma pakadali pano akuyandikira. Mfundo yake ndi iyi: timatenga netiweki kuyambira m'ma 1990 ndikuyika zigamba zonse zofunika ndi mawonekedwe ake, osadikirira kuti ikhale yotseguka m'zaka zina 10.

SD-WAN ndi chigamba cha SDN ku ma network omwe amagawidwa. Mayendedwe ndi osiyana, kuwongolera ndikosiyana, kotero kuwongolera kumakhala kosavuta.

Ubwino - njira zonse zoyankhulirana zimagwiritsidwa ntchito mwachangu, kuphatikiza zosunga zobwezeretsera. Pali kachitidwe ka mapaketi ku mapulogalamu: chiyani, kudzera panjira iti komanso ndi zomwe zimafunikira kwambiri. Njira yosavuta yoperekera mfundo zatsopano: m'malo motulutsa kasinthidwe, ingotchulani adilesi ya seva ya Cisco pa intaneti yayikulu, malo a data a CROC kapena kasitomala, komwe ma configs a netiweki yanu amachotsedwa.

SD-Access (DNA) ndizomwe zimayendera kasamalidwe ka netiweki wakomweko: kasinthidwe kuchokera kumalo amodzi, mfiti, zolumikizira zosavuta. M'malo mwake, maukonde ena amamangidwa ndi zoyendera zosiyana pamlingo wa protocol pamwamba panu, ndipo kugwirizana ndi maukonde akale kumatsimikiziridwa pamalire ozungulira.

Tidzathananso ndi izi pansipa.

Tsopano ziwonetsero zina pamabenchi oyesera mu labu yathu, momwe zimawonekera komanso zimagwirira ntchito.

Tiyeni tiyambe ndi SD-WAN. Zofunikira zazikulu:

• Kuphweka kwa kutumizidwa kwa mfundo zatsopano (ZTP) - zimaganiziridwa kuti mumadyetsa mfundoyo ndi adiresi ya seva ndi zoikamo. Mfundoyi ikugogoda pa izo, imalandira config, ndikuyiyika ndikuphatikizidwa mu gulu lanu lolamulira. Izi zimatsimikizira Zero-Touch Provisioning (ZTP). Kuti atumize pomaliza, wopanga ma netiweki safunikira kupita kumalo. Chinthu chachikulu ndikuyatsa chipangizocho molondola pamalopo ndikulumikiza zingwe zonse, ndiye kuti zidazo zimangolumikizana ndi dongosolo. Mutha kutsitsa ma configs kudzera pa mafunso a DNS mumtambo wa ogulitsa kuchokera pa USB drive yolumikizidwa, kapena mutha kutsegula cholumikizira kuchokera pa laputopu yolumikizidwa ndi chipangizocho kudzera pa Wi-Fi kapena Efaneti.
• Kufewetsa kasamalidwe ka netiweki kachitidwe - konzani kuchokera ku ma templates, mfundo zapadziko lonse lapansi, zopangidwira nthambi zosachepera zisanu, zosachepera 5. Chilichonse kuchokera pamalo amodzi. Kuti mupewe ulendo wautali, pali njira yabwino kwambiri yobwereranso kumakonzedwe am'mbuyomu.
• Kasamalidwe ka magalimoto pamapulogalamu - kuwonetsetsa kuti zabwino ndi zosintha mosalekeza za siginecha ya pulogalamu. Ndondomeko zimakonzedwa ndikuyendetsedwa chapakati (palibe chifukwa cholemba ndikusintha mamapu amayendedwe a rauta iliyonse, monga kale). Mutha kuwona yemwe akutumiza chiyani, komwe ndi chiyani.
• Magawo a netiweki. Ma VPN odziyimira pawokha pamwamba pazida zonse - chilichonse chili ndi njira zake. Mwachikhazikitso, kuchuluka kwa magalimoto pakati pawo kumatsekedwa; mutha kutsegulira mwayi wongopeza mitundu yomveka yamagalimoto m'malo omveka bwino a netiweki, mwachitsanzo, kudutsa chilichonse kudzera pa firewall kapena proxy.
• Kuwoneka kwa mbiri yabwino ya netiweki - momwe mapulogalamu ndi ma tchanelo amagwirira ntchito. Zothandiza kwambiri pakuwunika ndikuwongolera zomwe zikuchitika ngakhale ogwiritsa ntchito asanayambe kulandira madandaulo okhudza kusakhazikika kwa mapulogalamu.
• Kuwoneka pamakina - kodi ndi mtengo wake, ndi awiri osiyana omwe amabwera patsamba lanu, kapena akudutsa pamanetiweki omwewo ndikunyozetsa / kugwa nthawi imodzi.
• Kuwonekera kwa mapulogalamu amtambo ndi kuyendetsa magalimoto kudzera pamayendedwe ena (Cloud Onramp).
• Chida chimodzi chimakhala ndi rauta ndi chowotcha moto (momwemo, NGFW). Zida zochepa za hardware zikutanthauza kuti n'zotsika mtengo kutsegula nthambi yatsopano.

Zigawo ndi kapangidwe ka mayankho a SD-WAN

Zida zomalizira ndi WAN routers, zomwe zingakhale hardware kapena zenizeni.

Orchestrators ndi chida chowongolera maukonde. Amakonzedwa ndi zida zomalizira, ndondomeko zamagalimoto, ndi magwiridwe antchito achitetezo. Zotsatira zake zimatumizidwa zokha kudzera pamaneti owongolera kupita ku node. Mofananamo, woimbayo amamvetsera maukonde ndikuyang'anira kupezeka kwa zipangizo, madoko, njira zoyankhulirana, ndi kuyika kwa mawonekedwe.

Zida za Analytics. Amapanga malipoti kutengera zomwe zasonkhanitsidwa kuchokera kuzipangizo zomaliza: mbiri yakale yamakanema, mapulogalamu a netiweki, kupezeka kwa node, ndi zina zambiri.

Owongolera ali ndi udindo wogwiritsa ntchito njira zamagalimoto pamanetiweki. Analogue yawo yapafupi kwambiri pamanetiweki azikhalidwe amatha kuonedwa ngati BGP Route Reflector. Ndondomeko zapadziko lonse zomwe olamulira amazikonza mu orchestrator zimapangitsa owongolera kusintha mawonekedwe a matebulo awo owongolera ndikutumiza zidziwitso zosinthidwa kuzida zomaliza.

Kodi ntchito ya IT imalandira chiyani kuchokera ku SD-WAN:

1. Njira yosunga zobwezeretsera ikugwiritsidwa ntchito nthawi zonse (yosagwira ntchito). Zimakhala zotsika mtengo chifukwa mutha kugula njira ziwiri zocheperako.
2. Kusintha kwachangu kwa kuchuluka kwa magalimoto pakati pa tchanelo.
3. Nthawi yoyang'anira: mutha kupanga netiweki padziko lonse lapansi, m'malo mongoyendayenda pagawo lililonse la hardware ndi ma configs.
4. Kuthamanga kwa kukweza nthambi zatsopano. Iye ndi wamtali kwambiri.
5. Kuchepetsa nthawi yocheperako posintha zida zakufa.
6. Konzaninso netiweki mwachangu ntchito zatsopano.

Kodi bizinesi imalandira chiyani kuchokera ku SD-WAN:

1. Kutsimikizika kwa ntchito zamabizinesi pamaneti omwe amagawidwa, kuphatikiza kudzera panjira zotseguka zapaintaneti. Ndizolosera zabizinesi.
2. Thandizo pompopompo pamabizinesi atsopano pamaneti onse ogawidwa, mosasamala kanthu za kuchuluka kwa nthambi. Ndi za liwiro la bizinesi.
3. Kulumikizana mwachangu komanso kotetezeka kwa nthambi kumadera aliwonse akutali pogwiritsa ntchito ukadaulo uliwonse wolumikizira (intaneti ili paliponse, koma mizere yobwereketsa ndi VPN sizili). Izi ndi za kusinthasintha kwabizinesi posankha malo.
4. Izi zitha kukhala projekiti yokhala ndi kutumiza ndi kutumiza, kapena ikhoza kukhala ntchito
   ndi malipiro a mwezi uliwonse kuchokera ku kampani ya IT, telecom operator kapena cloud operator. Chilichonse chomwe chili choyenera kwa inu.

Ubwino wamabizinesi a SD-WAN ukhoza kukhala wosiyana kotheratu, mwachitsanzo, kasitomala wina adatiuza kuti manejala wamkulu adalandira pempho lachindunji ndi onse ogwira ntchito kumakampani masauzande ambiri komanso kuthekera kopereka zomwe zili.

Kwa ife inali "ntchito yankhondo." Panthawiyo, tinali kuthetsa kale vuto lakukonzanso CSPD. Ndipo pamene timvetsetsa kuti ife, makamaka, tifunika kuchita nawo ntchito yokonzanso zipangizo, ndipo luso lamakono lapita patsogolo, chifukwa chiyani tiyenera kuchita nawo ntchito yokonzanso matekinoloje ndi mautumiki omwewo ngati tingathe kupita patsogolo.

SD-WAN imayikidwa patsamba ndi Enikey. Izi ndizofunikira ku nthambi zakutali, komwe sikungakhale kopanda woyang'anira wabwinobwino. Tumizani ndi makalata, nenani kuti: “Lumikizani chingwe 1 m’bokosi 1, chingwe 2 mubokosi 2, ndipo musachiphatikize! Osasokonezedwa, #@$@%! Ndipo ngati sakusakaniza, chipangizocho chimalankhulana ndi seva yapakati, chimatenga ndikugwiritsa ntchito makonzedwe ake, ndipo ofesiyi imakhala gawo la intaneti yotetezeka ya kampani. Ndibwino pamene simukuyenera kuyenda ndipo ndizosavuta kufotokozera mu bajeti yanu.

Nachi chithunzi cha standi:

Zitsanzo za kasinthidwe:

Ndondomeko-malamulo oyendetsera magalimoto padziko lonse lapansi. Kusintha ndondomeko.

Yambitsani malamulo oyendetsera magalimoto.

Kusintha kwakukulu kwa magawo oyambira zida (ma adilesi a IP, maiwe a DHCP).

Zithunzi zowunikira magwiridwe antchito

Kwa mapulogalamu amtambo.

Zambiri za Office365.

Kwa mapulogalamu a pa-prem. Tsoka ilo, sitinathe kupeza mapulogalamu omwe ali ndi zolakwika pamalo athu (FEC Recovery rate ndi ziro paliponse).

Kuphatikiza apo - magwiridwe antchito a njira zotumizira deta.

Ndi zida ziti zomwe zimathandizidwa pa SD-WAN

1. Mapulatifomu a Hardware:

• Cisco vEdge routers (omwe kale anali Viptela vEdge) akuyendetsa Viptela OS.
• 1 ndi 000 mndandanda wa Integrated Services Routers (ISRs) yomwe ikuyenda ndi IOS XE SD-WAN.
• Aggregation Services Router (ASR) 1 mndandanda womwe ukuyendetsa IOS XE SD-WAN.

2. Mapulatifomu enieni:

• Cloud Services Router (CSR) 1v yomwe ikuyenda ndi IOS XE SD-WAN.
• vEdge Cloud Router yomwe ikuyenda ndi Viptela OS.

Mapulatifomu owoneka bwino atha kugwiritsidwa ntchito pamapulatifomu apakompyuta a Cisco x86, monga Enterprise Network Compute System (ENCS) 5 mndandanda, Unified Computing System (UCS), ndi Cloud Services Platform (CSP) 000. Mapulatifomu owonera amathanso kuthamanga pa chipangizo chilichonse cha x5 pogwiritsa ntchito hypervisor monga KVM kapena VMware ESi.

Momwe chipangizo chatsopano chimayambira

Mndandanda wa zida zomwe zili ndi chilolezo zotumizidwa zimatsitsidwa kuchokera ku akaunti yanzeru ya Cisco kapena kukwezedwa ngati fayilo ya CSV. Ndiyesetsa kupeza zithunzi zambiri pambuyo pake, pakadali pano tilibe zida zatsopano zoti tigwiritse ntchito.

Kutsata kwa masitepe omwe chipangizochi chimadutsa chikayikidwa.

Momwe njira yatsopano yobweretsera chipangizo / kasinthidwe imatulutsidwa

Timawonjezera zida ku Smart Account.

Mutha kutsitsa fayilo ya CSV, kapena mutha kutsitsa imodzi nthawi imodzi:

Lembani magawo a chipangizo:

Kenaka, mu vManage timagwirizanitsa deta ndi Smart Account. Chipangizochi chikuwoneka pamndandanda:

Pamndandanda wotsikira pansi moyang'anizana ndi chipangizocho, dinani Pangani Kusintha kwa Bootstrap
ndikupeza config koyamba:

Kusintha uku kuyenera kuperekedwa ku chipangizocho. Njira yosavuta ndiyo kulumikiza flash drive ndi fayilo yosungidwa yotchedwa ciscosd-wan.cfg ku chipangizocho. Mukayamba, chipangizocho chidzayang'ana fayiloyi.

Atalandira kasinthidwe koyambirira, chipangizocho chizitha kufikira woyimba ndi kulandira kasinthidwe kokwanira kuchokera pamenepo.

Timayang'ana SD-Access (DNA)

SD-Access imapangitsa kukhala kosavuta kukonza madoko ndi ufulu wofikira ogwiritsa ntchito. Izi zimachitika pogwiritsa ntchito mfiti. Zosintha zamadoko zimayikidwa mogwirizana ndi magulu a "Administrator", "Accounting", "Printers", osati ma VLAN ndi ma IP subnets. Izi zimachepetsa zolakwa za anthu. Mwachitsanzo, ngati kampani ili ndi nthambi zambiri ku Russia, koma ofesi yapakati imakhala yodzaza, ndiye kuti SD-Access imakulolani kuthetsa mavuto ambiri kwanuko. Mwachitsanzo, mavuto omwewo okhudzana ndi zovuta.

Pachitetezo chazidziwitso, ndikofunikira kuti SD-Access ikuphatikiza kugawikana momveka bwino kwa ogwiritsa ntchito ndi zida m'magulu ndi tanthauzo lazolumikizana pakati pawo, kuvomereza kwa kasitomala aliyense wolumikizana ndi netiweki, komanso kupereka "ufulu wopeza" pamaneti onse. Mukatsatira njirayi, kayendetsedwe kake kumakhala kosavuta.

Njira yoyambitsira maofesi atsopano imakhalanso yosavuta chifukwa cha ma Plug-and-Play agents pa switch. Palibe chifukwa chothamangira kudutsa dziko ndi kontrakitala, kapena kupita kumaloko nkomwe.

Nazi zitsanzo za kasinthidwe:

General status.

Zochitika zomwe woyang'anira ayenera kuwunika.

Malingaliro okhazikika pazomwe mungasinthe pazosintha.

Konzekerani kuphatikiza SD-WAN ndi SD-Access

Ndinamva kuti Cisco ili ndi mapulani otere - SD-WAN ndi SD-Access. Izi ziyenera kuchepetsa zotupa zotupa poyang'anira ma CSPD omwe amagawidwa m'malo komanso amderalo.

vManage (SD-WAN orchestrator) imayendetsedwa kudzera pa API kuchokera ku DNA Center (SD-Access controller).

Ndondomeko zamagawo ang'onoang'ono ndi ma macro-segmentation amapangidwa motere:

Pa mlingo wa phukusi, chirichonse chikuwoneka motere:

Ndani akuganiza za izi ndi chiyani?

Takhala tikugwira ntchito pa SD-WAN kuyambira 2016 mu labotale ina, komwe timayesa mayankho osiyanasiyana pazosowa zamalonda, mabanki, zoyendera ndi mafakitale.

Timalankhulana kwambiri ndi makasitomala enieni.

Ndikhoza kunena kuti malonda akuyesa kale SD-WAN molimba mtima, ndipo ena akuchita izi ndi ogulitsa (nthawi zambiri ndi Cisco), koma palinso omwe akuyesera kuthetsa vutoli paokha: akulemba zolemba zawo. mapulogalamu omwe ali ofanana ndi magwiridwe antchito a SD-WAN.

Aliyense, mwanjira ina, akufuna kukwaniritsa kasamalidwe kapakati pa zoo yonse ya zida. Iyi ndi mfundo imodzi yoyendetsera zoyika zosakhazikika komanso zokhazikika kwa ogulitsa osiyanasiyana ndi matekinoloje osiyanasiyana. Ndikofunika kuchepetsa ntchito yamanja chifukwa, choyamba, imachepetsa chiopsezo cha anthu pokhazikitsa zipangizo, ndipo kachiwiri, imamasula zipangizo za ntchito ya IT kuti athetse ntchito zina. Nthawi zambiri, kuzindikira kufunikira kumachokera kumayendedwe aatali okonzanso m'dziko lonselo. Ndipo, mwachitsanzo, ngati wogulitsa akugulitsa mowa, ndiye kuti amafunikira kulankhulana kosalekeza kwa malonda. Kusintha kapena kutsika masana kumakhudza mwachindunji ndalama.

Tsopano pakugulitsa pali kumvetsetsa bwino zomwe ntchito za IT zidzagwiritse ntchito SD-WAN:

1. Kutumiza mwachangu (nthawi zambiri kumafunika pa LTE wopereka chingwe asanafike, nthawi zambiri ndikofunikira kuti mfundo yatsopano ikwezedwe ndi woyang'anira mumzinda kudzera pa GPC, ndiyeno pakati amangoyang'ana ndikukonza).
2. Kasamalidwe kapakati, kulumikizana kwa zinthu zakunja.
3. Kuchepetsa mtengo wa telecom.
4. Ntchito zina zowonjezera (zinthu za DPI zimapangitsa kuti zikhale zotheka kuika patsogolo kutumiza kwa magalimoto kuchokera kuzinthu zofunika kwambiri monga zolembera ndalama).
5. Gwirani ntchito ndi tchanelo zokha, osati pamanja.

Ndipo palinso cheke chotsatira - aliyense amalankhula zambiri za izi, koma palibe amene amawona ngati vuto. Kusunga kuti zonse zikuyenda bwino zimagwiranso ntchito bwino mu paradigm iyi. Ambiri amakhulupirira kuti msika wonse waukadaulo wapaintaneti udzasunthira mbali iyi.

Mabanki, IMHO, akuyesa SD-WAN ngati chinthu chatsopano chaukadaulo. Akuyembekezera kutha kwa chithandizo kwa mibadwo yam'mbuyo ya zida ndipo pokhapokha adzasintha. Mabanki nthawi zambiri amakhala ndi mlengalenga wawo wapadera kudzera munjira zoyankhulirana, kotero zomwe zikuchitika masiku ano sizimawavutitsa kwambiri. Mavuto ali pa ndege zina.

Mosiyana ndi msika waku Russia, SD-WAN ikugwiritsidwa ntchito ku Europe. Njira zawo zoyankhulirana ndizokwera mtengo kwambiri, chifukwa chake makampani aku Europe amabweretsa kuchuluka kwawo kumagulu aku Russia. Ku Russia, pali kukhazikika kwina, chifukwa mtengo wamayendedwe (ngakhale chigawocho ndi okwera mtengo nthawi 25 kuposa pakati) chimawoneka ngati chabwinobwino ndipo sichimafunsa mafunso. Chaka ndi chaka, pali bajeti yopanda malire ya njira zoyankhulirana.

Nachi chitsanzo cha machitidwe apadziko lonse lapansi, pomwe kampani idasunga nthawi ndi ndalama pogwiritsa ntchito SD-WAN pa Cisco.

Pali kampani yotere - National Instruments. Panthawi ina, iwo anayamba kumvetsa kuti makompyuta a padziko lonse, "opezedwa" mwa kuphatikiza malo 88 padziko lonse lapansi, anali osagwira ntchito. Kuphatikiza apo, kampaniyo idasowa mphamvu komanso magwiridwe antchito ake amadzi otentha apanyumba. Panalibe malire pakati pa kukula kosalekeza kwa kampaniyo ndi bajeti yochepa ya IT.

SD-WAN idathandizira Zida Zadziko Lonse kuchepetsa mtengo wa MPLS ndi 25% (kupulumutsa $450 kumapeto kwa 2018), kukulitsa bandwidth ndi 3%.

Chifukwa cha kukhazikitsidwa kwa SD-WAN, kampaniyo idalandira netiweki yanzeru yomwe imatanthauzidwa ndi mapulogalamu komanso kasamalidwe ka mfundo zapakati kuti ingowonjezera kuchuluka kwa magalimoto ndi ntchito. Pano - nkhani mwatsatanetsatane.

Pomwe pano nkhani yopenga mwamtheradi kusuntha S7 ku ofesi ina, pamene poyamba zonse zinayamba zovuta, koma zosangalatsa - kunali koyenera kukonzanso madoko 1,5 zikwi. Koma kenaka china chake chinalakwika ndipo chifukwa chake, ma admins adakhala omaliza tsiku lomaliza lisanafike, omwe kuchedwa konse komwe kunapezeka kumagwera.

Werengani zambiri mu Chingerezi:

• American Banker: Wachisanu Wachitatu amaika ndalama pakukweza maukonde azaka 5 ndi SD-WAN .
• Kupanga kupambana kwa Cloud SD-WAN ku Koch.
• McKesson's SD-WAN Journey to Cost Savings .
• SD-WAN Retail PoC & Segmentation: Gap Stores.
• Koma Cisco maphunziro apadziko lonse lapansi pamayendedwe apa intaneti padziko lapansi.

Mu Russian:

• Pa CNews.
• Momwe tidakhazikitsira SD-Access ndi chifukwa chake idafunikira.
• Nsalu za intaneti za Cisco ACI data center - kuthandiza woyang'anira.
• Njira yokhazikika yotengera ma netiweki a SD-WAN ofotokozedwa ndi mapulogalamu: kuthetsa mavuto osankha njira.
• Imelo yanga, ngati muli ndi mafunso kapena mukufuna kuyesa ntchito zanu pamalo athu, - [imelo ndiotetezedwa].

Source: www.habr.com