Rich Hill, iQuila’s CTO, recently gave a presentation at MSP Summit London, introducing the concept of Software Defined Networks. This talk has now been adapted to a video, available on YouTube, or below for convenience.
The following is a transcript of the video:
This video is an introduction to software defined networks, which is the technology that underpins the iQuila solutions. So, what is an SDN? It stands for software defined network, and it’s very similar to cloud computing, except that instead of virtualizing servers, we’re doing it for connectivity. We have a virtualized network solution. This includes virtual switches, VLANs, central control, it’s highly scalable and secure, and is optimised. Essentially all the benefits that you’re accustomed to through cloud computing are now available for cloud and virtualized networks.
This is the standard OSI data model. We’re only really concerned with layers 2 add to 3. Existing products, such as SD-WAN and VPN, operate at layer 3, and MPLS is somewhere in between at layer 2.5. iQuila is the only solution that operates at layer two. This has got lots of advantages, essentially recreating a global network that is the same as being in the same office; connecting multiple sites and multiple hybrid workers in one layer two network.
How do we do this? It’s via our virtual extended network protocol, or VEN for short. We take standard layer two traffic, chop it up into small bits, encrypt them, and then transmit them over TCP IP. By default, we have eight streams of data, but this could be just one or it could be up to 32. It’s configurable.
There are two main advantages of doing this. The first is that by using eight streams of data, if one or two of them drop out, there’s no interruption to service. We basically operate in a similar manner to RAID servers. We strip data across those streams.
It also grabs more bandwidth. Something that happened often during the pandemic is that home workers were having really poor connectivity because the kids were playing on the PlayStation or watching Netflix. This doesn’t happen with iQuila. It’s essentially the same as being at home, but having eight computers all connected together. So you hog that bandwidth and get a much stronger connection. Obviously, you’re still limited to whatever service you get at home, but you get a much larger portion of that service.
Then we do exactly the same thing in reverse, and it comes out at layer two traffic at the other side. Obviously this diagram just explains the process sequentially, but in reality it goes both ways this direction.
To recap, the virtual extended network protocol is layer two, over layer three, has multiple streams of data, which gives bandwidth grabbing technology and low latency. It also works really well over traditionally difficult environments, such as 4G, 5G and satellite.
It has a really low overhead for encryption, just 0. 5%, the reason for this is that it operates at layer two not layer three.
Let’s see how it works in practice. Here we have our main data centre or head office, and the iQuila server is connected to existing servers and printers etc.
We have hybrid users, and they need to have the iQuila client software installed. This comes in multiple flavours, Windows and Mac OS and Linux but also for mobile. So IoS and Android.
Let’s take windows as an example. The drivers are signed off by Microsoft and they boot in kernel mode. It’s essentially the same as having a virtual network guard. As soon as the user opens up their laptop, they’re connected to iQuila, even before they login to Windows.
Remote or satellite sites work slightly differently. Instead of having to install the client software, each device will use a bridge and that bridge will connect up the entire network. This can be just normal computers, printers, file servers. They can also be any sort of IoT device, such as security cameras, HVAC systems, or even a Bluetooth thermometer. Anything on that network will be connected via the bridge into one large global extended layer two network.
We also have an option for failover for disaster recovery. If you have a separate data centre, ready for disaster recovery, someone drives a bus into your main office or data centre. Then within five seconds, everything switches and the disaster recovery centre becomes the main data centre. There’s no loss of service apart from that initial five second gap. Hybrid users, or remote sites, don’t need to change IP addresses or configs. Everything just gets handled automatically.
Let’s go over the advantages one more time. iQuila is layer two over layer three, centralised provisioning. High, rapid scalability. It’s very secure, with a very low overhead of 0.5 for encryption. From early 2023, we’re going to have quantum encryption as an option as well. This is a hardware solution, using lasers and photons detectors, with very high entropy, which means the quality of the random numbers is better, so it’s harder to guess the keys, almost impossible in fact.
Reduced hardware footprint. You don’t actually need hardware at all but though it is an option for convenience, and it’s AI optimised. This bit is a little bit like teaching people how to suck eggs, in terms of what it can do. At home or in the office you still need to have your Wi-Fi router or switch, to physically plug in your Ethernet cable into the back of your PC.
Otherwise everything else is virtualised. It’s a replacement for VPN, SD-WAN and MPLS. We’re layer two, not layer three or layer 2.5. We’re much more competitive on price.
VPN is very unreliable. Often people log several support calls daily.
That’s not required for iQuila. It’s an always on solution and is incredibly stable.
SD-WAN and MPLS require hardware. There’s no option to only have software, and there is currently a big delay in getting that hardware.
We do also have hardware options, but we have plenty in stock and are able to fulfil requirements very quickly.
iQuila comes in two flavours, Cloud and Enterprise. The main difference here, or the analogy here, is buying clothes. Cloud is off the peg, walk into a store and you get it in five minutes. Enterprise is a bespoke solution tailored for companies and organisations. Cloud is suitable for smaller companies. It’s hosted on Azure. There’s a web portal, it’s really clean and easy to use. People can literally add devices and bridges and be set up within minutes.
There’s no long-term commitment. It’s a simple monthly contract. People simply pay for a device or a bridge on a monthly basis.
Enterprise is for larger companies or organisations and is self-hosted. There’s more about that on the next slide.
There’s a Windows portal. As hinted at, there’s a lot more options. It’s completely custom. You can have multiple virtual switches, you can integrate for authentication purposes with Active Directory. Lots and lots of different things you can do that aren’t available to cloud.
It’s an annual contract. In practice, companies normally ask for a 3- or 5-year quote, because when they change their network infrastructure, they don’t want to do it again a year later. Consequently, the pricing is bespoke. It’s down to the requirements and the needs of the client, and typically we work with them to do the network analysis and work out exactly what they need.
In terms of installing enterprise, there’s both software and hardware options, or hybrid you can mix and match. For software, there’s Windows, Linux and VMware. For hardware, there’s three different sizes. The 500 is often used as a bridge, is quite small, probably same sort of size as a home broadband router, and it’s easy to use. There’s also a web portal for configuration. The 3500 and 7500 are for large organisations which require higher capacity and throughput. They’re rack mountable are go in a server cabinet, and they also have a lot more Ethernet ports on the back, so you can have multiple WANs.
That’s it. That’s the overview. Hopefully that’s useful if you’re interested, please contact us.
Thank you very much.