kaztranscom - openstack summit 2016/red hat nfv mini summit
TRANSCRIPT
![Page 1: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/1.jpg)
Business class telecommunications
Maxim PopovHead of R&D
kCloud
Platform for IT/Telco service
![Page 2: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/2.jpg)
VALUESCustomer focusedWe know about our clients concerns and care about them by creation of products and solutions that will be valued and serve our clients in accordance with our promises and their expectations
ResponsibilityWe achieve our goals and execute our commitments
Innovation abilityWe are constantly looking for new technologies and creating solutions dedicated to significant improvement in business efficiency
ProfessionalismWe are taking deep knowledge in our business and rich experience of its practical realization
![Page 3: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/3.jpg)
3The case for OpenStack
Virtualize Network Control Plane
OpenStack - solid foundation for telco virtualization
Reduce provisioning time & costsLower OpEx on common virtualized infraEndorse short-lived cases
Deploy faster, with optimal sizingScale & relocate easilyNatural fit to integrate client's NW & Cloud
Virtualize Enterprise Customer Premises Equipment
Minimal CapEx & OpEx on virtualized x86-COTS Painless scaling with Software Defined Storage
Virtualize Video Processing and Storage
![Page 4: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/4.jpg)
4DPI
DPIDeep Packet Inspection
- functionality allows you to analyze the traffic, manage it and collect statistical information.
Restricting the use of the Internet access for any purpose, for example- enterprise policy, low policy etc.
Management and collection traffic usage statistics.
Centralized automatic update lists of prohibited Internet resources, with the possibility of configuration in manual mode.
![Page 5: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/5.jpg)
5DPI functionality
DPI
Controlling filtering rules
Collection and analysis of statistical
information
Centralized configuration & management
Monitoring Internet channel load
4Manage lists of prohibited Internet resources
4Control Management Access: by dates, schedule, content, speed (managers)
4Notify / redirect users when they attempt to visit a blocked web site.
4Filtering traffic based on the categories (Database system continuity sites continuously updated and contains more than 500? million. sites)
4Perform URL categorization and interlock, black / white lists
4By domain names, websites, protocols, dates, etc.
4Running for any arbitrary period of time indicating the load on the incoming and outgoing traffic
![Page 6: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/6.jpg)
6How it deployed
TH
kCloud
kCloudTH
TH
management subsystem
clients
internal
Hardware traffic handler. Where we can’t set virtual
handler
TH - traffic handler
Internet
Data traffic Data traffic
Management traffic
![Page 7: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/7.jpg)
7DDoS Protection
DDoSProtection
– Efficient counteraction to DDoS-attacks at any OSI Level
Maintenance of Internet resources smooth functioning at 24/7
Funds savings on qualified IT-specialists, expensive hardware and software
Protection from overload
![Page 8: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/8.jpg)
Legitimate traffic in usual mode
Legitimate traffic at DDoS-attack
DDoS-traffic
8How it deployed
Legitimate usersInternet
Control
Hacker
DDoS-attack
Botnet
DDoSController
DDoSAnalyzer
API
DDoS-GUARD Traffic Filtration
Blackhole
Internet Service
BGP-session
sFlow
BGP-Session
GRE-tunnel
![Page 9: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/9.jpg)
9kSpot
kSpot - Managed Wi-Fi with analytics
organization of access to the Internet via Wi-Fi technology for your customers
personalized delivery of advertising and information messages to mobile devices your customers
authorization your customers via SMS according law
– Wireless LAN Controller– Authorization portal– Management portal
![Page 10: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/10.jpg)
AP. . .
Client’s side
How it deployed
AP
. . .
vWLC
Authorization Server
Management portal
10
Internet
![Page 11: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/11.jpg)
1111CSR1000v (Enterprise cloud border router)
CSR1000v
- Extending Enterprise WAN to Cloud
Security IPSec VPN, L2TP Route-based VPNs (DMVPN, ..) Firewall, ACL, AAA
Enterprise Services NAT, QoS, OSPF, BGP, Tunneling, IOS-XE CLI,
Flexible policies for bandwidth and features set (from 10 Mbps up to 1 Gbps)
![Page 12: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/12.jpg)
Cisco ASAv (Enterprise cloud firewall) 1212
ASAvAdapative Security Virtual Appliance
- Protects enterprise cloud
Security firewall functionality
Secure mobility VPN virtual appliance used in a virtual environment. It runs within your cloud as a VM, and supports site to site VPN, remote access VPN, and clientless VPN functionality.
Scalability ASAv15, ASAv30
![Page 13: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/13.jpg)
13How it works
SLA
CPE InternetvASA
vRouterClient’s office
TENANT in kCloud
…SDNL2/3 VPN
kServers
kServers
SDN
![Page 14: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/14.jpg)
14Future plan
kVideovSaaS
- Remotevideo-control for business
Cost effective
Fast and easy deplay
Always on Access
![Page 15: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/15.jpg)
15How it works
PC
Smart-phones
Laptop
Videostreamer
Videostorage
IP cams
IP cams
Web portal management system
![Page 16: Kaztranscom - OpenStack Summit 2016/Red Hat NFV Mini Summit](https://reader031.vdocument.in/reader031/viewer/2022022412/58f12a5c1a28abfc748b45b9/html5/thumbnails/16.jpg)
Business-class telecommunications
© KazTransCom, 2016
Thank you for attention!