Global transit network architectures with Virtual WAN BRK3138

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

good morning everyone well doing today give me some noise some energy you've had your breakfast right alright good so tell me how many of you are customers awesome we love you and how many of you are our partners we love you as well okay so there's a ton of content in this level 300 session today so you have to hang in there with me it's a lot of content some of the content if I'm not able to go through they are in the hidden slides so when you download this presentation after you will see a lot of it it's a 45-minute session I now have 43 minutes to cover all of that content so there is a demo one in a demo two so depending on the time I will show you what I can to as the end of the session so what I wanted to share with you here was an interesting story I always like to start with something that I've learned along the way and what I do is I do this taxi ride in the morning to just to kind of you know clear up my thoughts and anxiety I guess so this morning I was in a taxi right and I asked you know just like how I asked everyone a same question year over year like what's the three essential things in your life these days and my son basically said the other day you know it's to be secure we need money in life and you also need your mom and dad's a relationship and I was like okay networking I equate that with networking so the taxi driver basically said you know security is very important these days that's very important money is there is a requirement and relationships and so I was like okay this is also networking and then there was a cloud architect who was sitting right with me in the taxi and the cloud architect says hey you know that's my life and the cloud security this cost aspect of it money and then there is networking so I asked them what about food water and air now you don't you think those are the essentials for a good life and then they were like you know that's just basics those are quintessential things you don't think about it and I was like really okay but you know in the cloud you have the three quintessential 's compute storage and network and I equate the network with the air because when you don't have enough air you get hypoxia and if your packets don't reach from one end to the other and you have latency and other things like that you get Network hypoxia we at Microsoft do not want that and that was my morning humour for you that's the best I can do so this is where it's awesome to show you this lovely slide which you may have seen throughout the week and the reason why I say this is because the network is super important to us this is the Microsoft global backbone and the scale of it is what we need to internalize you need to internalize as customers we want you to know that because once you fathom the breadth of it you know the moment the packet enters our network at the edge which are those spots we are popping up one pop almost every other week and the packet travels to those data centers those 54 regions that we are in through hundreds and thousands of miles of fiber imagine the possibilities this is battle tested with all our services so this is a slide that I really like to focus on because this kind of gives you the possibilities that you can do with the same network ok so now let's take the conversation a bit further the topic today is global transit architecture with virtual one I am going to walk you through what it is I'll share with you a few examples I will touch upon of key architecture elements of it because it's a l300 there's a ton of content we have some partners stories so you know I'll also remind some movies for you but the reason why I bring this up is because when you think about the network there's users right so you are actually thinking about the users and what does that mean that means there's an explosion of users out there in your network there could be users that are branch offices they could be users from private endpoints from your private one there could be users that are mobile users remote users you know last time I checked it's 50% now so what happens when you have so many users you have to start rethinking okay I have to start thinking about my network I have to start thinking about my security parameter you know the the whole radius is changing this is where we believe we can help you with were children so before I get into what is virtual van let's remind this movie so remember when you first started in the cloud and if you haven't started this is where you know it'll actually help you as well in your planning further on so when you first started you had probably a bunch of V nuts virtual networks you had your resources in there you also had a few users from on-premise you were just testing it out you had some VPNs coming in your private connectivity with Express route and then are you started to think okay I like this thing right and it's easy it's cost-effective it's operationally very cool so let's take it further and then what happened was your users started multiplying your branches started multiplying your endpoints started multiplying so the team became more and more and more you know and some people who want to race they basically keep saying more and more and more is good so as you started exploring these things in the cloud in any public cloud the team became quickly very complicated like you had a lot more we nuts you had a lot of workloads and then you started to think okay I need to simplify my network I need some ease-of-use I don't want to be thinking that I have to connect this wire to that far I have to connect this network to that network there was a huge plethora of issues that you could come up with that could be complex so you wanted ease-of-use with operational savings so this is where I believe that virtual van comes in very helpful so let's do a quick recap of what is virtual man and then I'll get into global transit architecture Virgil van is a managed hub in service provided by Microsoft it has different kinds of endpoints that can come in public connectivity which is VPN endpoints can connect to us private connectivity which is Express route connecting to us it's got scale it's got global scale the scales growing so a hub which is a region per region in virtual van can accommodate up to 20 gigs of VPN aggregate in that hub which is a Wii net it can also additionally do 20 gigs of express route you cannot do that outside of virtual 120 gigs of Xpress right if you have remote users connecting in to our user VPN or the pointer side gateways you can do additionally 20 gigs so it's 20 plus 20 plus 20 and that's the number very good to kind of internalize because that's in one region it's one hub so that's scale that's number two number three its transit routing and I'm going to cover a lot more about it in my examples shortly so hang in there and forth but now the list is the automation that we've done with our wonderful partners so we have a family of CPE VPN and Software Defined when Sdn partners that basically have built in a magic button to connect to us and what that means is they have automated this connectivity so you don't need to know what parameter what protocol you know we do the handshake behind the scene once this information of the device is uploaded into Azure there is a background handshake that's going on that looks at all these parameters sets up the connectivity and you don't have to do a single thing all you do is upload and then on our side you make some decisions as to which hubs you want and you're done so that's the automation aspect I mean we undermine it but it's amazing so much operational excellence you could get out of it so that's what children as a recap and in a summary okay so now what if we could have all of these hubs remember that journey I just spoke about you know you had all these wee nets you had all these users coming in and you had to start managing this v-net so are these hubs customer managed hubs so what if we could connect all of it in full mesh hubs just magically you don't have to do anything you don't have to like think about okay what's my redundancy story what's my you know connectivity story we'll just connect it up for you what if you could come in from anywhere if you could come in from a branch through any kind of flow let's say you are in the West code of US and you are in Europe or you are in Australia and you have some branches that come in and you want those branches to be able to access as your resources anywhere you may have a workload in the US you may have a workload in Australia and you want that to be happening seamlessly you don't have to think about it what if you could actually connect across meaning your Australian branch or your European branch can actually talk to the US counterpart and you don't have to think about that as well you could just use our backbone to do that and what if you didn't have to think is this a VPN branch or is this a private endpoint like an Express route site or is this a remote user what if I could just crisscross I don't have to do that all you have to do is just connect into Azure and we take care of it so that's what is the magic of this branch to branch connectivity through the Microsoft backbone what if you had lots of Venis lots of resources your front-end back-end they all have to talk and you need the transitive functionality in those hubs because when you start with one hub it's easy you know you're thinking okay I'll put in a bunch of VMs in there I'll manage it it's easy peasy right but when you start multiplying that region after region after region it starts to get a lot and this is what we provide and we call as the any to any connectivity we also you know the hub to hub functionality which is a very sought after functionality that gives you the transitive routing is also called the any-to-any functionality because you can connect anywhere across but what does this do for you this gives you the simplified network that I just spoke about gives you ease of use and gives you operational savings if you take a step back just look at how much you spend in troubleshooting an issue how much you spend in calling 2-way 3-way you know four-way different kind of companies how much time you spend figuring out what networks should talk to which network it's a lot of time right and this is definitely going to give you some operational savings this my dear friends is the global transit architecture with Azure virtual okay so now you understand what global transit architecture is so let's get to what's new right so we announced virtual when last year at ignite here and it was a wonderful session so what's new this year so well here is the roster of announcements first any to any connectivity I just mentioned about that that's that's in preview right now wilsaan g8 but typically we like to preview the functionality to a certain time and then we gather input and and that's when we GA it we also are have made Express route and use a VPN which is point to site VPN generally available so this is out for you remember I spoke about the private connectivity and this remote user connectivity this is it we also have added Express not encryption a lot of our customers want the ability to encrypt the express route traffic with the endpoints being the azure native gateways so now this functionality is available in GA in virtual we have added a very new capability which is called the multi link as your path selection and I'm going to talk to you a little bit more about it there is a nice story around it about the possibilities or what this can do for you we also have other capabilities in side to side like custom IPSec so if you are an IPSec nerd like me then maybe you can do custom IPSec we give you the capabilities for picking the different I qui one and I could be two options and the possibilities and some of you have already asked me many times about it can we connect a non-virtual van VPN gateway to a virtual van VPN gateway and that is now available so that works so we heard you and here it is for you we are also available now international clouds and gov cloud and in China so give it a shot and as well as the newest addition to the event set of functionality is the as your firewall integration it is huge this is the NOC this is network as a service with network and security and what children can do that now with the azure firewall individual hubs all right pricing cost is very important I am going to cover some pricing updates you're going to be super pleased with it because we have reduced the price and we have some new entries so hang in there that's in the end and then we are going to announce a few partnerships and I'll share with you who are the new entrants here there's a ton of content and speaking of partnerships here is the list so on the top band is the connectivity partners of the solutions that are available remember that magic button I spoke about where you can automatically connect after you upload the information those are the partners we have a few new ones and now we have four Dannette we have new arch Nokia we have silver peak we have versa we have cloud genex and we have a few others that have been doing really well we on the coming soon partners we have a few super happy to add a few new additions like Cisco Aruba and open systems this has been a long-standing ask Romania for customers so here it is and what this means is we have an intent to work together to integrate the product and hopefully it'll be available it in the next three to six months okay there is some security partners also listed in here and please feel free to attend the security session which is tomorrow on the azure firewall there's a ton of stuff they do these security partners enable us to do internet access through through them okay so we now understand what global transit architecture is I want to walk you through a customer example this is an example of what a customer had and what they are moving to with Azure watch and this will kind of give it put it into perspective of the possibilities that you may have okay so here is a customer that basically has a lot of venous they are available in four regions today it's a customer managed via net four regions they're available in 70 countries with hundreds of sites and I couldn't accommodate hundreds of sites in this slide but it's a lot of slides they are available in many regions with 24 minutes and they are growing so 24 is the current number but they are probably going to double it up and what this means is they started to look at virtual 1a a few weeks ago and worldwide technologies this is their largest multinational customer in the biopharmaceutical industry and what challenges they came to us with was child scale issues they basically said it's a routing nightmare because it just you know when you have so many v nets you have to start thinking about how do i connect how do i manage how do i do transitive routing all of that and they also wanted some more capabilities in terms of how many weenus they could connect to using their premium circuit so this is how their network looked and I tried to simplify this network because it's the slide and this is what its gonna look like with virtual LAN it's amazing because it's very hard to do simple things right it's very easy to make something very complicated that's the easy part you complicated you put bandaid upon bandage it gets harder right but it's very hard to make simple and with virtual when you get simplicity you get ease-of-use here you have these hubs you have four hubs in here you have all the minutes coming in you have the branches connecting in you have the Express route links coming in you have the user VPNs coming in you know those users on top there's a lot of them over 10,000 per region so you have all of that coming in and it can just talk to each other this transitive routing you don't have to think about it that's amazing so this is an example of global transit architecture with any to any connectivity in virtual web ok so now let's move on to the generally available features I'm going to double click on each of those features so that when you walk out of here you feel good about it that you know a little bit more okay so the first one that I want to talk about is what Jill went type so we had a bunch of customers who basically wanted plain VPN they want to take care of everything so we decided okay let's do one thing let's introduce this type of van so you have a basic one and you have a standard word children in the basic van its VPN only so the branches can connect in you can do branch to Azure you can do branch to branch it all works and if you wanted to connect your Winx you can do it yourself so do it yourself by we net peering which is a platform capability that you have today in your minutes and the hubs are not connected they are not full mesh connected magically that magic doesn't happen in the basic version in the standard version it basically means you get all the new capabilities like Express route use a VPN you get this any to any connectivity and of course the hubs are all connected in full mesh like you don't have to go and say okay can I connect this hub or that habit just happens automatically for you so this is the basic and the standard were children okay so now moving on I spoke about the multi link support in VPN sites it's for as your path selection so imagine the possibilities add a branch you are thinking of downsizing downsizing your caste and you decide to go and get another is pealing because you know you just want a primary or a secondary or maybe you want another third backup link what if you could do path selection from the device into Azure so if one is Pia link fails it just magically fails over so all of that information of links is now extracted through this VPN site API switch our partners use to upload their branch information to us so on the azure side you will now be able to see the link information and then the magic happens at the branch where the branch partner can basically do path selection across these links Barracuda is the first partner to actually have done it and so let's look at what they have in store for us the barracuda cloud gen firewall and as your virtual LAN offers seamless cloud connectivity for multi-link branches providing always-on access to azure connecting is easy a simple one-step set up populates VPNs site and link information in the virtual LAN and establishes VPN tunnels without the need for additional interaction for sites with multiple links Barracuda sdu an intelligently routes traffic to provide the most efficient path selection across all available ISPs using multiple ISPs increases network performance by distributing traffic over multiple paths it also provides sites in remote locations which may not have access to high-speed internet lines with high-performance cloud connectivity leveraging multiple links also provides redundancy and automatic failover support in case one is P goes down the Barracuda SD ran immediately detects this and traffic is redirected via the remaining paths resuming normal operations within seconds when deployed together Azure virtual land provides powerful and advanced distributed networking while the Barracuda cloud gen firewall ensures efficient high-speed cloud connectivity and strength in security this is super powerful because this is always on Azure from the branch add in Azure we can control all that but at the branch is also always on into Azure path selection Thank You Barracuda and these api's are open so all of our partners a family of even CPE and as DeWine partners are going to be integrating that shortly ok so moving on the next feature that I want to talk about is Express route it's generally available it is available in standard virtual van it's not in the basic the scale let's internalize that it's 20 gigs outside of virtual when you get up to 10 gigs so here you actually get a 20 gig Express route aggregate gateway in the virtual one per hub and each hub is per region private connectivity this is private connectivity so it's available to the premium circuit and it's available in global reach locations as you know global reach Express route 2 Express route on premise is the fastest way to connect across the Microsoft backbone and VLAN basically makes this possible in global reach locations to come to the hub and to be able to do that in terms of Express route and VPN interconnectivity so if you had a branch that's connected through internet VPN and if you had Express route you can do that VPN Express route interconnectivity magically you don't have to worry about that but if you wanted to do Express route to Express route that's available to the global reach means of course we've done a bunch of work on health resource health and the metrics that's also available in Azure monitor so if you wanted to take a look at how the packets flowing all of that stuff is out there ok so here's a teaser of the portal and we wanted to kind of keep it simple so we worked really really hard to keep the design very simple and I kept back going to my UI designer saying that make it easy I don't want to think about it so you can basically select the circuit very easy plain English you can connect disconnect the circuit you can go view or delete your Express route gateways you can change the scale unit and the scale unit concept is your aggregate throughput so in express route 1 scale unit is 2 GB PS and so you can go multiple if you want 20 that's 10 G that's 10 scale units so you can basically go change it it's right there and when you download these slides you can look at it but it's exactly how it looks and you can also go and set the default route on each of those connection types so speaking of express route an Express route encryption this is the latest addition to that function to that functionality set and what this is is basically IPSec over here and this is IPSec with the as your VPN gateway inside the hub but here you don't have to really go and do anything once you actually set up the VPN connection from that partner device to the azure hub all you have to do is go edit the connection and just basically say use private as your IP and then the ER encryption just magically works it just takes that path encrypts the ER traffic comes in to the ER Highway and terminates on that VPN endpoint on in the azure which Allah okay so we spoke about path selection and that was part selection between ISPs what if you could do path selection between Express route and the private connected branches so for Dannette has done that path selection between Express route and plan public connectivity at the branch and the SI that provides them is TC tier so let's hear what they have in store for us IT leaders need solutions that support digital innovation as they migrate to hybrid and multi cloud environments for Dannette provides secure on-premises connectivity between locations and asha based applications are combined solution with Tata Communications transformation services offers fast and reliable connectivity with Azure virtual LAN it features fast and automated deployment with Azure functions and FortiGate REST API we can automatically provision new connectivity requests and you can add or update a branch in less than 30 minutes and dynamic application aware path selection for Dannette SD when actively measures packet loss latency and jitter of each application and utilizes the best available when link to deliver optimal quality of experience this is especially needed when mixing between private link connectivity by express routes and IPSec VPN connectivity over the Internet to Azure be hub this domain solution with as your virtual van helps customers to simplify on-ramp clouds so this was part selection between Express route and IPSec and it's amazing because you know this basically gives you a one leg up for always on as you okay so customers we love you all you are the lifeblood of Microsoft we really need you and we want to hear from you more and more many of you have reached out to me personally and I love to hear from you further about how we can make which will whine better but please welcome another customer of ours KPMG lead infrastructure lead in theory good morning everybody [Applause] so KPMG is a multinational entity and we are providing services to many customers myself and the team I walk out we provide service internally to KPMG that means that we have many business lines coming to us and asking us hey provide me a solution I see us as the land developers where the application owners and application builders coming to us and ask us hey construct us something I need to go I need to plow the land I need to put the roads down signage electricity plumbing everything that whenever they're going to drop the application they have all the proper hooks to use it the tenants of the house they're going to build on that lot needs to have access of the users to come in and live in a safe and secure manner so whatever I do and whenever I build something it has to be redundant it has to be scalable and it has to make sure that whatever I drop can actually connect and interact with the infrastructure that we have at hand we opted to use a hub-and-spoke model for our network control in order to minimize footprint of virtual devices that control either internet egress routing or IPSec my goal of virtual one gateway was to go form a named drug to a generic drug here the remain reason is to reduce cost increase availability and hopefully reduce my time to market when thinking about building a new concept or offering a new design pattern it is very important to look at that as a business plan it is important to go and gather all the right points that you need to make that a successful venture you need to define what is your requirements what do you need to do and how do you want to do that for example one of my key requirements is to have encryption in transit encrypt all transit on top of express route not only do I need Express route I also required to have an IPSec over the Internet for resiliency in case my co-locations arvind or all the sudden is out of business or there is some other catastrophe event when I'm looking into that I now move to the success criteria which also needs to define what is the win for me and to show the success criteria a scorecard in my opinion is in need quantifiable data is king so measuring things and showing how you added value to the business is the key to success TCO is the biggest thing here I would like to reduce my total cost of ownership I would like to minimize my usage of other products or other infrastructure I need to support that I would like to keep things simple I would like to keep things cheap be able to deliver them fast to the business while not increasing my risk exposure so what you see here I'm going to start from the top all the way to the bottom on the top we have different subscriptions we use subscriptions and not only separating by V nerds so a subscription can be an application can be a business line can be a part of an application we are separating those and allow our business units or the solutions to run its own area now I need to take that traffic and in some cases backhaul some of that back to on-prem allow my monitoring tools from on-prem yes I do have some on Prem to access that environment and I also need to get my users on administrative tasks to be able to connect to those subscriptions I said earlier I'm trying to aggregate things in order to keep things simple and minimize my cost so in the transcription that you see in the middle you have two main entities and it illustrates as one box but again those asked scaling groups and there are not a single device I have an entity that does routing that entity is there to provide termination of IPSec and to do all the bgp routing all the traffic northbound to the subscription on the top is done via IPSec and the reason we opted to do that was an ease of route propagation upstream and downstream you will notice on the bottom left I have two data centers and on the bottom right I have two collocations the data centers on the Left have Internet connectivity where we have an IPSec running over the Internet to their routing device and then on the right side I have my collocations running this Express route the challenge with Express route that natively there is no encryption I have the requirement to encrypt all the traffic so I had to go ahead and huh and run another IPSec layer on top of that Express route as previously it was not supported I had to go ahead and terminate my Express route on my route in devices the security device is there to provide an enhanced security functions for example we use the security devices to inspect all the Internet egress traffic we use those security devices to inspect east-to-west and other components are there such an AV IPS ideas and so on so how virtual one helps me why I think it's so great I'm taking all that big mess and simplifying that there is less lines in the diagram now this is a simplified diagram my copper diagram is huge and the amount of clearance that you get in the video by moving to that is amazing but the diagram is not everything moving from the IPSec on the top to pairing as you can see here is a big win for us we are no longer need to manage those connections those are scalable I am not limited to the 1.25 gigs as I was before I don't need to take care of the MTU overheads it make things it'd make things stick better furthermore when you go down to the center you will notice that two things that were there as routing devices are no longer there I can now go and conceal them the generic version I can now go and take it as a pass instead of an Aya's I can move from a capex model to an optics model I don't need to write anything on my books and take depreciation every year we new licenses an agreement business need something I can go and spin and connect them without asking for capital of investment Express routers mentioned earlier by Rashmi can now terminate the IPSec connectivity into the virtual one which again remove the mean for those routing devices security devices are still there we have now peering to the virtual one where all traffic is being inspected by those devices that was awesome it's very good to hear the practical truth from our customers because that's what keeps us grounded and again we love you all ok so back to the available features we have exactly eleven more minutes so I'm going to rush through a few and you can download the information later on ok so moving on to the next set of features use a VPN also known as point to site functionality is also generally available in standard virtual where the scale is up to 20 gigs this is different from the 20 gigs of extra Strout or the VPN endpoints that come in from your branches the scale is huge it's 20 gigs we allow up to 10,000 users per hub so you feel have 10,000 users that's the tested number and if you're connecting to one region that's 10k per region so if you have let's say four five regions it's ten thousand for each one of those regions we have also provided the capabilities to work with different clients OpenVPN that's kind of the standard line these days also ikely to clients is available with that we support both authentication third base as well as radius authentication in terms of any to any use cases the use case for user repiy n is the user to Azure as well as the user to a branch and we support both of that and of course always important to make sure that you can monitor so we have a bunch of metrics that's available in Azure monitor always good to see the portal because that kind of gives you the perspective it is again very simple my designer did a great job but basically the idea was it you know you create a config you download the config you can create delete your gateways you can change the scale unit you pretty much are there I mean you just have to download the configure ply it to your device and you can just connect so it's as simple as that and this is how it looks all right the newest edition which is as your firewall in virtual wine there's an entire 45 minute session on it tomorrow so I wouldn't be doing tumor justice but take note of the session from Yair that's covered in November 7th but basically the azure firewall is now available in the virtual hub provides centralized policy and route management it it provides the internet breakout so you can do we knit to Internet you can do branch coming into Azure to internet you can do all these flows provides you seamless policy and routing management it's amazing and this is a ton of content that er is gonna cover tomorrow ok so I wanted to talk about this program which is an MSP program that we announced this July and the reason why I wanted to talk about it is a year ago many of our customers said hey can we get can you recommend a telco or an SI or an MSP partner that can provide end-to-end management because we just don't want to invest in that we just want to outsource it to that company and the company will take care of it that's what God is thinking and this year we announced the MSP program where you can now leverage or use your favorite telco si MSP and have them manage the network end-to-end and it's just not as a virtual van it could be anything networking there are professionals there's a ton of stuff that they do if you want to look for them the place to look for is the azure marketplace and here are the logos of all our lovely family members and they provide a bunch of services a few of them are providing currently the Azure virtual van as well so if you're looking for help for any one of your customers or for yourself this is the place to go okay so since this is a level 300 I wanted to cover the architecture part like how does a telco man coexist with the Azure virtual bank what exactly happens well it's up to you you know I go into a restaurant I want to be able to pick what I want I want to be able to pick what I eat today what I eat tomorrow so just like that you can talk to them about your use cases but basically the idea is there is sd1 branch connectivity to their one they could also be a connectivity to the azure one so in some of the areas where maybe their network doesn't reach it's something to consider these two winds can actually coexist the telcos already are our partners for expressed also the private connectivity is covered right there but they also now provide as divine services which means you can choose which when and how you want the connectivity use case to look like so that's the architecture part now let's hear from BT what they have done with the newest addition of Sdn partners from nuage Nokia [Music] here at Exxon we're a manufacturing a trader of chemicals and ingredients Microsoft Azure is fundamental in LIC topology it runs our data center we run everything there including s ap we want to be able to access Asia in the most simple and fast way possible the new Asia virtual LAN allows us to remove a number of links that normally exist between a user and the resource in Asia that they're using as part of our drive to innovate and to do digital transformation we needed to overhaul our network the solution was there agile Connect products which is based on a new age technology so the scope of work was to move us into a more simple Network based on that SDRAM we couldn't have achieved this without our great partnership with VT it's been great teamwork and the technical expertise that they bring to the table is ensured we've always been able to solve things bubbly that summarizes in a minute the possibilities of sd-1 and virtual one okay pricing very important cost topic so we have a bunch of updates and listen carefully so the whole pricing concept of what children is to pay for the connections that are coming in the traffic that's flowing through and the aggregate capacity of these hubs so if you were to build your own data center you would be thinking okay I'm sending my traffic from the u.s. to Australia I need to probably pay a little differently than going to Europe or within the US so that's basically the theme that we wanted to land with the first unit that I want to talk about is the connection unit so when your branch is coming in there is a connection charge we have now reduced the price thank you for all the suggestions and we are much cheaper than our friends across the lake in Seattle the second important announcement in pricing is we have new pricing for express route as well as user VPN so check those out in the pricing page for virtual 1 scale unit is the aggregate throughput so for VPN but its side to side where this user VPN which is point to site 500 Mbps is one scale unit and you can do all the way up to 20 gigs we multiply in 500 in express route is 2 gigs there is a price element in it it's much cheaper than outside of virtual 1 so check this out again and for the hub the basic hub there is no cost for standard hub which has all these lovely functionalities of transitive routing hub to hub these newer services we are going to charge 25 cents an hour we are also looking at what we would want to charge for data processing across regions I use an example west us to Australia so we are looking at that there'll be more updates but until then which is beginning of next year it's free so give it a try okay so presentation is never complete without a demo and I have a few minutes that I can cover this in okay so first I wanted to show you a teaser of the portal and I'm going to just walk you through just the you know the skeleton of it but basically it's a knock it's your dashboard for network and security basically you look at hubs you have a view of each one of your hubs and you double click on them you'll see a bunch of things you have all your branches which are your VPN sites you have your user VPN configurations which is your remote user configurations you have Express route circuits you can take a look at those and if you wanted to connect your workloads which is those V Nets to each one of those hubs there's a very simple experience out there quickly clicking on the hubs here is the new look that we have introduced but basically now you can go into each one of those hubs and be able to connect in come on ok so you can go into each one of those hubs it will tell you the overview of it you can go click through each one of the experiences and be able to go over it so what I wanted to show you as demo number 2 since we have another minute is to be able to see what you can do with any to any connectivity so here is a system where I have a jump box in Azure that I'm going to access and that's going to do a bunch of things and it will speak for itself as we go through it so here is my jump box and I have two we nets in two hubs one is an East US and one is in Southeast Asia I have a branch which is a velo cloud branch well oh by the way is one of the coming soon partners and they are going to make their solution of auto connectivity Auto VPN to Azure available in the first half of next year so what we have done is we've clicked couple more clicks which is basically the difference and manually set it up and they connecting to these hubs we also have a net foundry branch in Southeast Asia so what I'm going to do is I'm going to try to get to a site which is be behind this way low cloud branch and let's see if that works because this is library as we speak this is what it is so the picture showed up the we are trying to reach from my jump box to the bellow cloud site which is right behind the Velo branch the next one is the flow which is to a VPN to express route site so here when I click on this this flow kicks in where I can go from a wellö branch which is VPN as divine connected to a j''r to an express route to an Express route endpoint and this happens to be we am we're on Azure this is the Avs service was super cool that you can actually use a wellö branch device to get to your VMware workload in azure behind an Express route and that's kicking in the VPN Express route interconnectivity the third use case which also brings out the beauty about the system is they have to hop so I have a hub in Southeast Asia right and I didn't have to do anything all I did was I connected my branches on each to each one of those hubs and I reached out to my v-net which is in Southeast Asia without having to think about all those plumbing that you have to do today so this is the azure to v-net across hubs and the fourth use case is branch to branch through our beautiful global backbone and here we are going to go from my East US branch to my Southeast Asian branch and this is the flow that you get so what I want to talk here is that the possibilities are many and it's up to you as to what works for you so let's do a quick recap of what we learned today we did well okay so we learnt about global transit architecture with any to any connectivity you can basically connect whatever across whatever we have expressed route user VPN in GA today any-to-any is in public preview we also announced a bunch of features like multi-link path selection to Azure custom IPSec availability in standard cloud as well as ability to connect from a B and G or a virtual network gateway VPN to even so what you learnt was a bunch of features as a ton of content that's in the hidden slide so when you download this presentation you will see a little bit more than what I could cover today we also announced a bunch of partners that have the magic button to connect to us so feel free to check them out if they are if a partner is not listed here they most likely are going to make it available soon so talk to us you can always send us an email so to wrap it up as your virtual Van provides ubiquitous connectivity with ease-of-use and it's truly the global transit architecture that we want you to use it's been a pleasure thank you very much [Applause]

Info

Channel: Marc Kean

Views: 2,579

Rating: 4.8000002 out of 5

Keywords:

Id: iBCy8Vvl7rk

Channel Id: undefined

Length: 47min 23sec (2843 seconds)

Published: Sat Nov 09 2019

Global transit network architectures with Virtual WAN​ BRK3138

Global transit network architectures with Virtual WAN BRK3138