Turning BestEffort Networks Into Great Networks Unleashing The
Turning Best-Effort Networks Into Great Networks Unleashing The Power Of The Internet For Business
What is it? Corporate Environment Routers Switches Firewalls IDS/IPS Content Filters VPN Concentrators Etc. PABX SMME/Small & Medium Sites
Development Open Source Software – Branded – Modular Open Source Hardware – Mini-ITX or 3, 5” SBC Based Form Factor – Open Standard
What do you get? Router Switch/Bridge Gateway Firewall Failover IDS/IPS Content Filter VPNs Load Balancer Traffic Steering Management Reporting Wi-Fi Access Point PABX And more…
Most Common Deployments Router – Failover, Traffic Steering, Load Balancing Firewall IDS/IPS Security – Content Control DMZ Bandwidth Management VPNs
Firewall Stateful Deep Packet Inspection Next Generation Policy Enforced Packet Filtering
Security Intrusion Detection, Prevention and Protection including – Malware Protection & Mitigation – Botnets Detection & Mitigation – Phishing & Fraud Protection Automate Security with Contextual Awareness Threat Detection Provided:
IDS/IPS Overview (NGIPS) Next-generation IPS (NGIPS) with contextual awareness Rule-driven language combining the benefits of signature, protocol and anomaly-based inspection methods. The single most widely deployed intrusion detection and prevention technology in the world Fastest and most accurate detection tested by NSS Labs* Leader in the Gartner Magic Quadrant for Network IPS Appliances* Best IDS/IPS from SC Magazine* ICSA Labs Certified* * 82 XX Hardware
NSS Labs
Gartner
Frost & Sullivan
Open. DNS
Content Filtering World DNS leader Best-in-class Web security Comprehensive Web content filtering Web-based reporting and administration Global cloud service – 25 Data Centres More than 50 million customers More than 70, 000, 000 requests per day! Zero downtime in 9 years
VPN Open. VPN (SSL) IPSec PPTP L 2 TP Branch-to-Branch & Mobile Origination & Termination
Bandwidth Management Layer 7 or Protocol & OS-based Bandwidth Prioritisation Web Category-based Allocation Time-based Allocation Committed & Burstable Bandwidth Logging & Reporting Automatic Failover Load Balancing Traffic Steering Qo. S
Management System Integration SNMP Net. Flow IPFix Nagios Cacti Zabbix
Dashboard
Reporting Historical Reports - RRD Graphs CPU utilization Total throughput Firewall states Individual throughput for all interfaces Packets per second rates for all interfaces WAN interface gateway/s ping response times Traffic shaper queues on systems with traffic shaping enabled Real Time Reports – SVG Graphs Real time throughput for each interface. For traffic shaper users, the Status -> Queues screen provides a real time display of queue usage using AJAX updated gauges. The front page includes AJAX gauges for display of real time CPU, memory, swap and disk usage, and state table size. Internet User Reports Downloads and web sites visited per user, time per user and website statistics Top Site Reports Top User Reports Short, medium and long term reports
Connectivity ADSL 2+ 3 G HSPA+/LTE Wi-Fi (802. 11) with Captive Portal Ethernet, Gigabit Ethernet, Metro Ethernet, Fibre, Diginet VSAT Wi-Max Etc. All low-latency Intel NICs
Vo. IP Asterisk/Fusion PABX Full IVR System Increased Productivity More Agility: – Access - Via any internet connection, crucial for a mobile workforce, accommodating workers stationed abroad, in transit, or simply telecommuting from home. With Vo. IP, users can check voicemail and email, access project data, and place calls--all over a single network, using a single communication device. – Integration - Integrates with other communication technology, i. e. CRM and Outlook. – Flexibility Scales immediately to a business’ needs. Functionality - Many advanced functions that are either a luxury or unavailable on PBX systems come standard with Vo. IP. These features include advanced call forwarding and electronic messaging, custom auto-attendant, three-way conferencing, videoconferencing, and Advanced Call Distribution (ACD) functions such as skills-based call routing. Lower Total Cost of Ownership Cut telecommunications costs by about 30% when switching to Vo. IP i. e. : – Lower start-up costs – No initial investment in PBX and other expensive equipment. – Lower maintenance costs – Dramatically reduces maintenance costs. – Lower monthly phone bills
Vo. IP Features Call Features ADSI On-Screen Menu System Alarm Receiver Append Message Authentication Automated Attendant Blacklists Blind Transfer Call Detail Records Call Forward on Busy Call Forward on No Answer Call Forward Variable Call Monitoring Call Parking Call Queuing Call Recording Call Retrieval Call Routing (DID & ANI) Call Snooping Call Transfer Call Waiting Caller ID Blocking Caller ID on Call Waiting Calling Cards Conference Bridging Database Store / Retrieve Database Integration Dial by Name Direct Inward System Access Distinctive Ring Distributed Universal Number Discovery (DUNDi™) Do Not Disturb E 911 ENUM Fax Transmit and Receive Flexible Extension Logic Interactive Directory Listing Interactive Voice Response (IVR) Local and Remote Call Agents Macros Music On Hold Music On Transfer: - Flexible Mp 3 -based System - Random or Linear Play - Volume Control Predictive Dialler Privacy Open Settlement Protocol (OSP) Overhead Paging Protocol Conversion Remote Call Pickup Remote Office Support Roaming Extensions Route by Caller ID SMS Messaging Spell / Say Streaming Media Access Supervised Transfer Talk Detection Text-to-Speech (via Festival) Three-way Calling Time and Date Transcoding Trunking Vo. IP Gateways Voicemail: - Visual Indicator for Message Waiting - Stutter Dialtone for Message Waiting - Voicemail to email - Voicemail Groups - Web Voicemail Interface Zapateller
WAN Virtualization
Were we visionary? Gartner Names Silver Peak a Magic Quadrant Leader in the WAN Silver Peak Solves Critical Requirements of an SD-WAN According to Gartner, as WAN optimisation appliances increasingly include WAN path control and local link load balancing capabilities, these products are morphing into SD-WAN solutions. “WAN requirements are evolving rapidly as enterprises become more frustrated with the high cost and complexity of MPLS networking, and until now, an inability to easily leverage lower-cost Internet in a secure, controlled and optimised manner, ” said David Hughes, CEO of Silver Peak. “We believe Silver Peak is best-positioned to help customers meet these new WAN requirements. With Dynamic Path Control, Silver Peak offers customers the most comprehensive solution today for building an SD-WAN fabric that helps enterprises migrate to an enterprise-grade WAN using hybrid or all-Internet WAN connectivity across a distributed environment. ” 23 March 2015
The Need To Rethink The WAN In the past few decades, technology advances in the Internet, cloud computing, virtualisation and other technologies have proceeded at a brisk pace. During that same time, however, traditional service providers have not deployed new WAN services based on technologies that are a successor to the currently used MPLS. In fact, WAN technologies in use in most branch offices today have changed little, if at all, since the 1990 s. Challenges of Branch Office Networking The growing number and importance of Branch Offices Anticipated change in WAN traffic by service Impact of poor application performance Mobility Cloud Computing The limitations of the traditional WAN Implementing a new approach to Wide Area Networking 06 May 2015
The new WAN - Continued Using the Network-as-a-Service model, the hybrid WAN of Figure 1 can eliminate complexity by having cloud-based configuration, real-time monitoring and the easy provisioning of a range of L 4 – L 7 services – including performance-related functionality such as Qo. S and link optimisation as well as security functionality such as stateful and application-aware firewalls. To support these L 4 – L 7 services on and end-to-end basis, some type of device will be necessary at each edge of the network. However, to ensure that this new approach to designing a WAN doesn’t have the same complexity as the traditional design, it is critical that this edge device be zero-touch.
Wi-i. Di. G (OEM) Ultra low-cost Zero Config Plug & Play Mesh Network Use in hotels, apartments, offices, villages, coffee shops, malls, campgrounds, marinas - and just about anywhere else. Cloud Managed - you can set the bandwidth for individual users, design your own splash pages, track users, monitor your network's health and much more, using just a browser from anywhere in the world.
Wi-i. Di. G Management
Wi-i. Di. G - Reseller
Wi-i. Di. G – Gated Community
Customers ICEBERG
Pricing – i. Di. G – ZAR - FOB 400000 380000 360000 340000 320000 300000 280000 260000 240000 2200000 180000 160000 140000 120000 100000 80000 60000 40000 20000 0 Mountain. Box Opt B (excl Opt C (excl Opt D (excl Opt E (excl Opt F (excl Opt G (incl Opt H (incl Support Licences, Licences, licences excl & Support & Support & Management) Management)
Pricing – Wi-i. Di. G – ZAR - FOB 14000 12000 10000 8000 6000 4000 2000 0 Mountain. Box Wi-i. Di. G 2 P Option B Options B & C exclude Controller and Licences Option C
What? We leverage the best of Open Source to produce a Family of Best Performance and Hardened Network Appliances.
Why? Increasing Customer’s “Sphere of Influence” – Adding value to Existing Customers – Capturing new Customers and Sites (Unrestricted Geography)
Thank You
- Slides: 36