Extending SDN: Extending Enterprise Networks to Azure. Symon Perriman

Extending SDN: Extending Enterprise Networks to Azure. Symon Perriman Ganesh Srinivasan

Agenda Module 1: Demystifying Software Defined Networking Module 2: Realizing SDN - Microsoft’s Software Defined Networking Solutions with Windows Server 2012 R2 and System Center 2012 R2 Module 3: Extending SDN - Extending enterprise networks to Windows Azure Module 4: Scaling SDN - Network Performance and Reliability improvements with Windows Server 2012 R2

Meet the Speakers

Ganesh Srinivasan S enior Program Manager, Microsoft Ganesh Srinivasan is a Senior Program Manager in the Windows Azure Networking team, primarily focused on hybrid networking and virtual appliances. Ganesh works on services such as Windows Azure Virtual Network, Windows Azure ExpressRoute and virtual appliances. Prior to this, Ganesh worked on the Windows TCP/IP stack and network offload technologies such as TCP chimney, RSS and RDMA. Ganesh holds a PhD in Electrical Engineering from Syracuse University, NY.

Agenda What Customers Want ExpressRoute

What Customers Want

What Customers Want Private network Private cloud WA N Private cloud Internet Azure Security Azure is connected to the customer’s WAN No internet in the path Performance Assured bandwidth to Azure Availability Hoster No single point of failure

Customers want Windows Azure on their network Customer site 2 Customer site 2 Public cloud Customer site 1 Public cloud WA N Customer site 1 WA N Public internet Public internet Customer DC IPsec VPN over Internet Greater networking costs and latency since data is hair pinned through a customer data center Data travels over the open Internet to connect to cloud Bandwidth is limited Customer DC Cloud on your WAN Avoids risks from exposure to Internet Avoids complexity and added costs Provides lower latency, higher bandwidth and greater availability

Windows Azure hybrid offerings Cloud Customer Secure point-to-site connectivity Virtual Network (Point-to-Site) Secure site-to-site VPN connectivity Virtual Network (Site-to-Site) Private site-to-site connectivity ExpressRoute Segment and workloads Developers POC Efforts Small scale deployments Connect from anywhere SMB, Enterprises Connect to Azure Compute IaaS and PaaS workloads SMB & Enterprises Mission critical workloads Backup/DR, Media, HPC Connect to all hardware

ExpressRo ute

What is ExpressRoute? ExpressRoute provides organizations a private, dedicated, high-throughput network connection between Windows Azure datacenters and their on-premises IT environment. Predictable performance Security High throughput Lower cost

Enable mission critical workloads Storage, backup, and recovery Dev/test lab BI/big data Media Hybrid apps Productivity apps

Virtual Network and Scenario 1: IPSec Scenario 2: ExpressRoute VPN over internet Exchange Provider Public internet Scenario 3: Network Service Provider Public internet Customer site 3 Windows Azure Windows Azure Customer site 2 WAN Customer DC Windows Azure Connect via an encrypted link over public internet Virtual Network - Compute only. Customer site ExpressRoute partner location Peer at an ExpressRoute location, an Exchange Provider facility Customer site 1 Public internet Connection from a WAN provided by Network Service Provider. Azure becomes another site on the customer’s WAN network. ExpressRoute - Provides customer choice and include access to compute, storage, and other Azure services.

Customer Connectivity Windows Azure Public services Customer’s dedicated connection Customer’s network Connectivit y Provider Infrastructur e Azure Edge Windows Azure Compute Traffic to public IP addresses in Windows Azure Traffic to Virtual Networks in Windows Azure

ExpressRoute Partners Exchange Provider Public internet Network Service Provider scenario Customer site 3 Windows Azure Windows Azure Customer site 2 WAN Customer site ExpressRoute partner location Public internet Customer site 1

ExpressRoute Locations Locations: During public preview Washington D.C. Silicon Valley, CA After GA (CY14 summer) London Hong Kong Singapore What can we tell customers? 1. Ok to share upcoming locations under NDA 2. More global partnerships and locations through Global datacenters ExpressRoute locations Public preview Summer CY 2014

Public and Private peering Azure service access Internet bound Cross Premises Direct internet traffic Contoso SQL Farm Internet (10.0.0.0/16) IIS Servers AD/DNS Exchange Proxy/ Internet edge Monitoring Netbound– ExpressRou te Circuit Storage SQL Websites Azure public services AD/DNS Contoso virtual networks/Vms Window s Azure

Customer Experience : Exchange Provider Workflow Customer requests Customer up enables forrouting connectivity Configuration configures through complete Exchange signs Provider between Customer their connects to all Azure and ExpressRoute Exchange Provider premises connection services via ExpressRoute Azure Customer provided with listcircuit of for customer connectivity and Signs up for aproviders, Windowslocations, Azure Customer passes sets up service 2 pairs of BGP key (s-key) and supported bandwidths subscription sessions (onetofor public peering and other details Exchange Provider Customer selects best option and makes Signs up for ExpressRoute service one for private peering) necessary to facilitate peering request specifies IP subnets for BGP a Customer Exchange receives Provider enables akey pair(s-key) of virtual Customer a service sessions, AS number and MD5 hash crossconnects for customers Customer services in responselinks to the request per circuit (optional) Exchange Provider sends confirmation to Links virtual networks to private Microsoft (programmatically) and other peering BGP sessions customers to public peering Connectivity services and NAT enabled as soon as BGP session has been configured ute o R ress p x for E p u ns g i s mer o t s u 1. C ts change s e equ gh Ex r r e u tom ty thro s u y 2. C ectivi s-ke n t n e co ider rg e m v Pro usto C . 3 Customer IXP Windows Azure Microsoft 4. Custome r other deta passes s-key & ils 5. Customer configures routing 6. Customer links services Exchange Provider

Customer Experience : Network Service Provider Workflow Customer requests Customer links services Customer signs up forNSP connectivity Configuration through complete NSP enables connection Links virtual networks to private ExpressRoute provided connects with to all list Azure of forCustomer customer peering BGP session connectivity services via ExpressRoute providers, locations, circuit from and Customer passes on service key (s-key) to Connectivity to public peering supported WAN bandwidths Signs up for a Windows Azure NSP along with other details necessary to services and NAT enabled as soon Customer selects best option and makes subscription facilitate peeringhas andbeen routing as BGP session configured a request Signs up for ExpressRoute service NSP enables connectivity and configures Customer receives a service key (s-key) routes for both public and private peering in response to the request sessions NSP sends confirmation to Microsoft (programmatically) and customer ute o R ress p x for E p u ns g i s mer o t s u 1. C sts etwork e u req ugh N r e stom ity thro u C y v r 2. ecti rovide s-ke n t n e co ice P rg e v m r Se usto C . 3 Customer 4. Custome r other deta passes s-key & ils IXP Windows Azure Microsoft WAN 5. Customer links services Network Service Provi

ExpressRoute Pricing Exchange Provider Network Service Provider Monthly fee with included data transfer Tiers with hard caps on bandwidth unlimited data transfer 1Gbps Port 15 TB included egress Per month: 600 Free Ingres s Overage: 0.035/GB Zone 1 0.07/GB Zone 2 10Gbps Port 250 TB included egress Per month: 10,00 0 Free Ingres s Overage: 0.035/GB Zone 1 0.07/GB Zone 2 10 Mbps 50 Mbps 600 1,20 1,80 0 1 Gbps 0 Per month: 500 Mbps Per month: 100 Mbps Per month: Per month: Per month: 7,20 12,0

Cloud access evolution Efficient and scalable cloud consumption requires something new Internet access Cross connects Virtual connections Cloud provide r Cloud customer 1,10G B Virtual connection Physical cross connect fiber Physical cross connect Alcatel Lucent Switch Cloud customers Physical cross connect Physical cross connect Physical cross connect EQUIX

Equinix cloud exchange and ExpressRoute Seamless automated provisioning Custome r cage Custome r cage Custome r cage Ban 1G dwi dth 1G Bandwidth 10 G idth w Band equinix cloud exchange Microsoft managed ExpressRoute Secure and private Consistent throughput Flexible and dynamic Reduced provisioning times

Extend your AT&T VPN to Windows Azure AT&T NetBond and Windows Azure ExpressRoute seamlessly integrate to allow you to extend your MPLS VPN into Windows Azure isolating your traffic from other cloud traffic Enterprise A Users IT resources – on demand, self service, consumption based, dynamically scalable, logically isolated Private Cloud Internal IT VPN Compute Base or persistent loads Enterprise B Storage* VPN Windows Azure *Storage will be supported upon service launch VPN access – Today: fixed connections Future: on demand, self service, consumption based connections

TechNet Virtual Labs Deep technical content and free product evaluations Hands-on deep technical labs Free, online, technical courses At the TechNet Evaluation Center you can download free, trial versions of Microsoft software, with no feature limits. Dozens of trials are available – all at no cost. Microsoft Hands On Labs offer virtual environments that will take you through guided, technically deep product learning experience. Microsoft Virtual Academy provides free online training on the IT scenarios that are important to your company and your career. Try Windows Server 2012 R2 for up to 180 days. Download the Windows 8.1 Enterprise 90-day evaluation. Or try Windows Azure at no-cost for up to 90 days. Learn at your own pace in labs that you can complete in 90 minutes or less. There is no complex setup or installation is required to use TechNet Virtual Labs. Download Microsoft software trials today. Find Hand On Labs. Learn at your own pace and boost your IT skills with over 100 courses across more than 15 Microsoft technologies including Windows Server, Windows 8, Windows Azure, Office 365, virtualization, Windows Phone, and more. Technet.microsoft.com/ evalcenter Technet.microsoft.com/ virtuallabs Take a free online course. microsoftvirtualacademy.com

2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.