scalable, secure, programmable – cloud connectivity for the future

Scalable, Secure, Programmable – Cloud Connectivity for the Future

Ulrich Kohn, CISSP Director Technical Marketing

© 2015 ADVA Optical Networking. All rights reserved. Confidential. 2

• Introduction

• Scalability

• Security

• Programmability

Cloud Connectivity for the Future


Different Types of Data Centers

Business Continuity / Disaster Recovery

SAN - Fibre Channel, FCoE, InfiniBand

Fortune 500 Enterprise

Cloud / Hosting

IaaS, Paas, SaaS

Rackspace, SoftLayer, AWS, Terramark, Workday, Salesforce

Content Distribution Networks

Video, audio, web caching

Akamai, Amazon, Limelight, Level(3), VZ, AT&T, PTTs

Content Providers

Content, software, apps

1M+ servers, 100M+ users, 1BN+ transactions /day

Apple, Amazon, Google, Microsoft, Facebook, eBay


Optical Spectrum Provides Huge Amounts of Electrical Bandwidth

100 nm of optical spectrum equals 12 Tbit/s of electrical

spectrum @ 1,55 µm

first window

second window

third window


Business Continuity / Disaster Recovery

• Key applications: data mirroring, remote backup, server clustering

• Protocols: 8/16G Fibre Channel, 40G/100G Ethernet, InfiniBand, FICON

• Typical distances: 10-150km

• Point to point, rings with low number of nodes

• Fixed optical layer predominantly used today

SAN, HPC Interfaces Ethernet

Terminal

Server

Storage


Long-Distance Datacenter Connectivity

• Content distribution, synchronization

• Strategic locations: energy, security, network junctions

• Multi-Tbit/s reconfigurable optical layer, 100G network interfaces

• Optical layer protection and restoration in combination with resilience in electrical layer e.g. IP/MPLS FRR

Ethernet ROADM

Server

Storage


Solution Overview

• 7HU Shelf (20 slots) hosting:

• Optical amplifiers

• Configurable filters

• Optical switches

• Transponders

• Aggregation

• Redundant power supply

• Control and management

• Optical service channels

• 1HU Slimline shelf (2 slots)

• Optical filters

• Active cards e.g. transponders

• Redundant power supply

• Control and management


Global

Data Center and Cloud Innovation

Private DC (Business Continuity)

Multi-Site Regional DC

Hyper-scalable Global DC

Finance, Operators, Gov., Health et.al.

Regional

SAN interfaces, certification, scalability

Encryption, Metro 100G, Control Plane

Open, programmable; Software Defined Networking

Content and Cloud Providers / XaaS

+ Content and Cloud Service Providers


• Introduction

• Scalability

• Security

• Programmability



Data Growth with Traditional and Cloud Data Centers


10G Metro

• Highest power efficiency with 1.92Tbit/s capacity per fiber

100G Metro

• Highest space efficiency with 4.8Tbit/s capacity per fiber

• Increases capacity to 9.6Tbit/s with coherent pluggable CFP

100G Core

• Reduced space and power efficiency with 9.6Tbit/s capacity per fiber, maximum reach

100G muxponder coherent CFP 100G transponder coherent CFP

3.2Tbit/s

Space Efficiency (capacity/rack*)

1.6Tbit/s

10G transponders

100G Metro transponder muxponder

Pow

er

effic

iency

(Gb/W

)

DD 1

100G Core transponder muxponder

*300mm depth

Circle area= C-Band fiber capacity

Space and Power Efficiency Optimization


Spectral Efficiency Needs to Increase

On/off-keying faces limitations when data rates reach 100 Gbps

OOK (10Gbps)

OOK (100Gbps)

50GHz 50GHz

DP-QPSK (100Gbps)

Channel Interference

Direct Detection • Simple hardware • Wide spectrum • High dispersion

impairment

Coherent Transmission • Complex hardware • Narrow spectrum • Low dispersion

impairment


Emerging Technologies Push the Limits

Innovation in direct detection

• PAM and Multi-Carrier

• Cost- and power-efficient

• x2 capacity per fiber

Innovation in coherent technology

• Higher modulation index

• Longest reach

• x2/x4 capacity per fiber


• Introduction

• Scalability

• Security

• Programmability



Defense in Depth – Multi-Layered Security

DMZ (Demilitarized Zone): web servers, content-caching et.al.

Intrusion prevention

system

Firewalls

Access control lists

Physical separation

Authentication & authorization

High-security zone


Data Center Environment & Security

APPS APPS


Fiber Optic Networks Tapping Possibilities

Y-Bridge for service activities

Fiber coupling device

Street cabinet

How to get access?

Where to get access?

Splice boxes / cassettes (outdoor / inhouse)

There are many ways to access a fiber

Protocol analyzer


Securing Optical Transmission

Protection Building Blocks

• Authentication by initialization key to protect from “man in the middle” attacks

• AES256 encryption to offer maximum data security

• Diffie-Hellman (DH) key exchange for secure encryption key generation

• New encryption key every 1min/10mins for additional security

• Lowest latency (100ns) while providing 100% throughput

http://moss/pub/marketing/3D Product Pictures/FSP_3000_SH7HU--NoBackground.png

http://moss/pub/marketing/3D Product Pictures/FSP_3000_SH7HU--NoBackground.png


• First with 100G in-flight (line-speed) encryption

• Bulk encryption includes full header and checksum for integrity

• Zero overhead means 100% throughput, even with short packets

• All LAN, WAN, SAN, and HPC traffic can be combined on single wavelength

100 G Line-rate Encryption

CFP

4x 28G

100G Network Port

Encryption Engine

10 Client Ports

SFP+ 10x 10GbE

10x 4/8G FC

8x 10G FC

7x 16G FC

10x STM-64

10x OC-192

10x 5/10G IB

SFP+

SFP+

SFP+

SFP+

SFP+

SFP+

SFP+

SFP+

SFP+


• Introduction

• Scalability

• Security

• Programmability



Virtualization in the Cloud

VM (virtual machines) can be allocated, moved and scaled - decoupled from the physical network infrastructure.

Data Center Fabric

VM VM VM VM VM VM

vSwitch vSwitch


Marist SDN Demo @ NY Symposium

• Software Defined Networking (SDN): compute, storage and network resources are allocated on demand (orchestration)

• Joint ADVA and IBM demo showcased applicability of open software to implement SDN functionality


Summary

Cloud connectivity for the future

SDN (Software

Defined Networking)

automated connectivity

Programmable

Direct and coherent

Cost-Distance Optimized

Scalable

Encryption Integrity

Monitoring Secure

www.advaoptical.com

Thank You

IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited.

The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation.

Copyright © for the entire content of this presentation: ADVA Optical Networking.

http://www.linkedin.com/company/adva-optical-networking

http://twitter.com/ADVAOpticalNews

http://www.facebook.com/pages/ADVA-Optical-Networking/37630238931?ref=ts#!/pages/ADVA-Optical-Networking/37630238931?v=wall

http://www.youtube.com/user/ADVAOptical

http://advaopticalnews.tumblr.com/

http://www.slideshare.net/ADVAOpticalNetworking

scalable, secure, programmable – cloud connectivity for the future

Technology

adva optical networking

nm of optical spectrum

cloud data centers

cloud providers xaas

cloud service providers

ptts content providers

tbits capacity

tbits of electrical