Virtual networks orchestration (VNO)
Maximize total network ROI and increase average revenue per branch through virtual networks orchestration across the WAN, SD-WAN, and datacenter.
The Nokia Virtual Networks Orchestration (VNO) solution leverages Nuage Networks delivered SD-WAN services to dynamically connect existing WAN services and new hybrid services to branches faster, and to automate setup for rapid delivery of revenue-generating virtualized cloud services to branch sites.
Nokia VNO automates the setup of SD-WAN overlay services from the datacenter to branch sites across the private cloud of the service provider, or across the public cloud, with security being enabled by using IPsec, for example. Additionally, a broad range of multi-vendor virtualized security and other value-added service (VAS) applications can be enabled through establishing network connectivity through service chains in the datacenter. This is achieved by enterprise portal-defined and customized services that VNO automates and creates across WAN, the SD-WAN and the datacenter. The scope of automation includes enterprise-customized service chains in the datacenter, as well as the various network connectivity deployment options established all the way from the enterprise branches through the datacenter, as well as across the network equipment supporting the service.
Off-footprint and on-net branches with Nuage-controlled network endpoints, or bridged devices terminated onto a provider-side CPE virtualization application on the Nokia Virtualized Service Router (VSR) become interconnected through automation within the same enterprise private domain.
Multi-vendor VAS applications, such as virtualized firewalls, NAT, Anti-DDoS, access control, WAN optimization, load-balancing, mail-scanners, and even virtualized routing with the Nokia VSR, can be automatically chained into the enterprise private domain through VNO.
With VNO, network providers gain end-to-end network orchestration and the automation needed for the rapid deployment of dynamic enterprise services. What’s more, they get DevOps agility, allowing incremental use cases to be added or updated efficiently with the quickest time to market. Simplicity and flexibility are also assured.
VNO enhances Nuage Virtualized Network Services and Virtualized Cloud Services
Nuage Networks Virtualized Network Services (VNS) is an SD-WAN solution that automates branch site connectivity to help service providers and enterprises reduce operational overhead and launch new services faster.
The Nokia VNO provides further abstraction to third-party, northbound systems integrating with VNS. This significantly reduces API calls, simplifying integration for faster deployment times. The abstraction provided by VNO also enables simplifed customer portal development by separating business-related parameters from the details of network connectivity implementation in the WAN or at the branch. This shields end users from network complexity, improving their user experience and ability to buy services more easily.
The Nuage VNS customer portal, which provides self-service management of customer VPNs and branch offices, is also enhanced by the Nokia VNO solution. In addition, the VNO solution allows further customization during portal development to enable the inclusion of value-added services (VAS) from the datacenter with VPN self-service workflows. The customer portal can act as the starting point for Nokia VNO automation.
Provisioning, configuration, and optimization of the network and security policies is completely automated through the VNS SD-WAN controller.
The Nuage Networks 7850 Network Services Gateway (NSG) is the managed network endpoint at the remote WAN site. When the customer bootstraps the NSG at the branch site, the Nokia VNO is triggered into action to orchestrate and automate through integration with VNS and Nuage Networks Virtualized Cloud Services (VCS).
The VCS solution is the datacenter and cloud networking framework of the Nuage Networks Virtualized Services Platform (VSP).
The Nokia VNO solution adds value to deployments where VCS is used in conjunction with VNS. The VNO delivers further automation that reduces manual setup or the need for development of further automation in northbound systems. It fully automates the configuration needed for network connectivity between the datacenter and wide area network (WAN).
With the Nokia VNO, Nuage VNS and VCS are enhanced with richer automation for delivering dynamic enterprise services.
Example of VNO automation in DC-WAN service deployments
When a branch customer receives and bootstraps a Nuage NSG, the branch customer uses a portal to order new branch connectivity or to add new, value-added services. This VAS tie-in would happen, for example, if anti-DDoS and a firewall were required as part of the service chain to allow for internet break-out out from the private enterprise. Upon confirmation in the portal, the portal then asks the VNO through its northbound interface to instantiate the service. At this point, the VNO automatically triggers the Nuage VSP to instantiate the network for the VAS applications in the datacenter that the customer has ordered. Next, the VNO instructs the application management software in the datacenter to install each VAS, then further connects each VAS with the required DC network connection points to create the service chain. The VNO then establishes or updates the branch network connectivity required for each applicable site. This branch connectivity is through the Nuage VNS or, alternatively, through a provider-side CPE virtualization application on the VSR or 7750 SR for bridged devices not under Nuage control. From there, the VNO can update customer service entitlements through the northbound service operations systems integration.
Similarly, branch-to-branch connectivity, hub-and-spoke, as well as Public Cloud Service Provider break-out can be automated. Moreover, other connectivity services can be imagined, given that multiple combinations of virtual applications can be chained-in. This also includes Nokia VSR applications such as secure IPsec VPN gateway, Network Address Translation (NAT), and Application Assurance (AA). (See Figure 1 for illustration of this example).