• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Network Based IP Services
 

Network Based IP Services

on

  • 1,839 views

 

Statistics

Views

Total Views
1,839
Views on SlideShare
1,839
Embed Views
0

Actions

Likes
0
Downloads
25
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Service providers are facing the cost per bit and the revenue per bit rapidly decreasing. On the access side as well things like dial access and DSL for fixed revenue are increasingly price competitve. Service providers want to deliver new value-added IP services such as the ones listed here to gain marginal revenue out of their infrastructure and customer base.
  • WE think our customers need a business quality IP network. What’s a business quality IP network?… It’s one that enables our customers to provide the services that will fuel not just their top line but also their bottom line. It’s one that is ubiquitous and provides connectivity between users AND networks. It’s one that has the performance required to enable a variety of services. This includes speed, capacity, security, and reliability. AND, it’s one that makes efficient use of all network assets. The days of “just throwing bandwidth” at the problem are no longer practical with the realities of today’s capital constraints. Finally, it’s one where the management and provisioning of the network is simple and dynamic and driven from the intelligent services layer.
  • Authentication: For secure access control To control access to valuable network assets on the SpringTide 5000 authenticates users as they request connections and then authorizes their access to specific destinations. These functions employ standard RADIUS-based authentication and authorization techniques in order to leverage existing networks and operator skill sets.
  • Virtual Private Network (VPN) Dial-up DSL Site-to-site intranet Business-to-business extranet Firewall Service Application Hosting Services ISP Wholesale/Retail Services

Network Based IP Services Network Based IP Services Presentation Transcript

  • Network Based IP Services Horace Lau Senior Market Development Manager Lucent Technologies, INS IP Services Business Unit
  • Public IP Services; Not The Internet
    • The road to profits is in Public IP Services Networks
      • A best-effort Internet doesn’t deliver service provider profits
      • Profits continue in classic data networks because they deliver quality service
    • But…the Internet delivered some great successes
      • Infrastructure for common communications: The TCP/IP protocol
      • Infrastructure for applications: Browsers, Streaming Media Formats, Email, Messaging, Directories
    • Today, customers require the service richness of the Internet with the service quality of the classic data networks
  • Value-added IP Services Deliver Competitive Advantage Access Services Value-added Services Core Backbone Services Commodity Services Commodity Services Margin % Bandwidth-Managed Services IP VPNs Managed Security Business Internet Access Converged Services Content Management/ Acceleration Wholesale Subscriber Management
  • Service Providers Need Business Quality IP Services Network Broadband Access Public IP Network
    • Services
    • Connectivity
    • Performance
    • Reliability
    • Security
    • Simplicity
    • Affordability
    • Flexibility
    • Scalability
    • Ubiquity
    Investment in public data network infrastructure will grow from $12B in 1999 to $22B in 2003. (IDC) Data Services Best Effort Internet PSTN Wireless Optical Core
  • IP Is the New Public UNI (Network Connection)
    • Public IP Networks Require
        • Routing functions on the edge
          • Consistent interface to subscriber applications
        • Application-Aware Dynamic Service Delivery
          • End-End Across The Network
            • Network Changes Behavior As Necessary
    • Public IP Networks Must Provide
        • Application-aware priority for IP flows
        • Application specific behavior for different IP Flows
          • Deliver bandwidth, and access privileges as required
            • Per application
        • Dynamic signaling to support application requirements
          • Deliver services where and when they are needed
            • By requesting them from smart network elements
    • Public IP Networks Cannot Use a Hop-by-Hop Internet Architecture
        • Routers alone won’t support what needs to be done
  • Deterministic Service Behavior
    • Service-specific functions in virtual routers
      • Traffic classification
        • Voice, video, data
      • Marking, shaping, policing
        • Priority queuing of IP application traffic
          • Voice first, then file transfer data packets
      • Mapping IP application traffic to MPLS paths
        • To ensure service quality
    • Pre-engineered traffic paths in core
      • Supports MPLS paths in:
        • Frame based networks (core router-based networks)
        • ATM multi-service networks
          • Provides: bandwidth guarantees, latency commitments
          • Provides: QoS
  • Creating Personalized Services Enterprise A Core Network Service Intelligent Element Application Aware Traffic Treatment Packet Criteria Action Class of Service Enterprise A Policy Billing Class LDAP Policy Server Tunnel B FW/MPLS LSP Tunnel A IPSec Intranet IPsec VPN Service $$$ ASP FW/MPLS Sales Automation $$ WEB NAT/FW Secure Internet $ All Others Deny N/A N/A Tunnel C NAT/FW AAA Server Intranet ASP ISP #1 ISP #2 Application Stream Access Device
  • Network Architecture for Public IP Services
    • Key Architecture Elements
    • Service Intelligence to build end-to-end services
      • Virtual Routing
      • Intelligent Agents
      • Service Creation Model
    • MPLS to create dynamic connections in and between layers in the network
    • Unified network management for provisioning, monitoring, fault recovery
    • Professional services for full public network design and lifecycle management expertise
  • Complete S ervice Intelligent Architecture Access Layer Core Layer RAS DSL Frame/ATM Wireless Cable Optical Core IP/ATMCore Switch Intranet Extranet Web ISP ASP IP/ATMCore Switch IP/ATM Core Switch Services Layer Service Intelligence
    • Recognizes users & their applications
    • Understands their individual service needs
    • Mediates on their behalf to deliver IP services
    • Regardless of when, where, or how they arrive on the network
    • All in a reliable and end-to-end, secure manner
    Metro Optical IP Service Switch Scalable on-ramp for IP service traffic Actively mediates network behavior Reliable, high-speed, transport Intelligent, dynamic, scalable. Access Network
  • MPLS for Dynamic Connections In & Between Layers
    • MPLS is an integral architecture element for communication in and between the network layers
      • Multi-Protocol Label Switching (MPLS) is not only used for traffic engineering in IP Networks
    • A Fundamental framework for Service Intelligence in Public IP Services networks
    • Benefit: Creation of highly customized services based on subscriber, application, and network requirements
  • MPLS for Dynamic Connections: within the IP & ATM Transport Layers
    • Multiservice ATM Core delivers infrastructure for Frame Relay, DSL, ATM Access and Multiservice MPLS
    • IP Core provides infrastructure for “pure IP” networks and Packet MPLS
    • MPLS between architectures provides for end-to-end IP services
    IP Switching/ Packet MPLS ATM Multiservice/ MPLS MPLS Signaling NX NX NX GX550 BSTDX PSAX Family
  • MPLS for Dynamic Connections: Between Layer 1 and Layer 2 The service intelligent network requests bandwidth and transport from the optical core via dynamic MPLS signal requests
    • Benefits:
      • Sub-second restoration in case of failure
      • Automatic addition of resources in response to demand
      • Layer 1 & Layer 2 are active participants in service delivery
    MPLS Signaling Optical Core IP/ATM Core
  • Unified Network Management For IP Services
    • Single service console for IP Services
      • Creation and management of all IP Service elements: Customer Located Equipment (CLE), Service Switch, Core
      • Service creation built within virtual routers
      • Policy driven network behavior not “port-by-port” configuration using network directories– like the voice network.
    • Flow-through integration with Layer 2 infrastructure
      • Automatic connections between devices
      • End-to-end within layer-two framework
    • Layer-one integration with dynamic signaling:
      • On demand bandwidth creation driven by Service Intelligence through ODSI/OIF Optical Interface
    • Benefit: scalable, single seat management with end-to end provisioning, monitoring, fault isolation
  • Intelligent IP Service Management
    • Provisioning
      • Unified – supports all network elements actively enforcing Service Attributes
      • Scaleable – Virtually centralized with distributed content
      • Integrated - Built on top of a single platform
      • Flexible – GUI or API driven
    • Surveillance/Assurance
      • Common Fault and Performance architecture
      • SLA Assurance w/detailed analysis
    • Capacity planning
      • Historical trend analysis
  • Radically Different Approach
    • Policy driven network behavior
      • Not “port-by-port” configuration
        • Configure the network services , not the devices
        • Let the devices grab configuration elements and change behavior as users of a service arrive at a port
    • IP Framework for Services
      • Service creation built within virtual routers
        • On edge of service provider network
        • Driven by central database servers
  • Voice: Policy Makes The Difference
    • Traditional voice services
      • SS7/TCAP and central services
        • Service elements: circuit-based connection oriented services
        • Reliability, predictability, security, billable connections
    5ESS 5ESS 5ESS 5ESS TCAP User provisioning is to a directory Back-office Customer care User Service Endpoint
  • Data: Policy Makes The Difference
    • IP Data Services
      • RADIUS/LDAP user-level policy
        • Service elements: predictable bandwidth, security, connection oriented IP
          • IP “conference calls”
          • Managed bandwidth services per application
          • Predictable “SLA’s” for customer and carrier
    SIN SIN SIN SIN LDAP (Oracle) User provisioning is to a directory Back Office Customer Care Data User Data Service Endpoint Web/ Corba
  • Policy Driven Service Creation
    • As with voice:
      • Specific subscriber profiles drive network element behavior
    • Same with Data:
      • Network elements interact with provisioning servers
      • Service Provider defines services
      • Active network “reacts” to policies
        • Sets-up network resources on behalf of users
        • Uses MPLS, other technologies to signal for enforcement of service attributes
  • Web-based Service Selection
    • Enables powerful flow-through provisioning
      • Users can “turn up” or change certain services themselves
        • Users edit web pages that update LDAP service profiles
        • Active network elements get “change notice”
      • Network elements download new profile & provide service
    User browser set to service provider homepage for service selection IP Network ATM Service Provider User connects to VR VR User HTTP Request Service Selection Page HTML LightShip Call Logging Receiver Web Server Web server, presents HTML page collects service request, updates DB Database LightShip Configuration Server LDAP records HTML
  • Key IP Service Applications Public IP network Campus Telecommuters Mobile users Branch offices Customers Partner Supplier Extranet servers Intranet servers Desktops Desktops Web servers Campus Business-business extranets Extended intranet Site-site intranet Web eCommerce Internet
  • Site-to-Site Intranet VPN DNS DHCP auth acct Central site CPE DNS DHCP auth Servers Router FR switch PVC PPP IPSec VPN CPE Remote office Requirements
    • High bandwidth, low latency
    • Selectable authentication
    • Authorization
    • Secure virtual routing
    • High performance IPSec
    • 3DES encryption
    • Key management
    • IP address management (per VR)
    • Tunnel switching & concentration
    • Accounting for dept. bill-back
    CPE Remote office CPE Remote office
  • Business-to-Business Extranet VPN
    • Authentication
    • Authorization
    • Secure Virtual Routing
    • High performance IPSec
    • 3DES encryption
    • Rapid, high capacity key generation
    • IP address management
    • Tunnel switching & concentration
    • User-granular accounting for bill-back
    • X.509v3 digital certificates
    Requirements Extranet Host Central Site Business Partners Suppliers CPE CPE DNS DHCP Auth Acct Servers CPE CPE Customers CA
  • Network-Based Firewall Service Dynamic service profiles LDAP policy server DSLAM/RAS PPPoE Mobile ATM switch VC Remote office DSL modem VR VR Backbone network Requirements Intranet ISP #3 Extranet
    • Small-medium business
    • Stateful inspection, denial of service protection
    • Extranet access control, NAT
    • Granular user/site level policy
    • On-the-fly, Follow-me Firewall from single configuration
    • Different policies for different flows within same session or site
    CPE Remote office
  • IP Services Vision
      • Service Intelligent infrastructure from edge to core to edge
    Benefit : Provides a network platform for service delivery tailored to the needs to the subscriber/application
      • Intelligent dynamic signaling in and between the network layers
    Benefit : Provides a rich framework for deploying service intelligence between the layers of the network Benefit : Allows for efficient network operations and leverage of network investment
      • Scalable, end-to-end network management from single console
      • Full lifecycle professional services from planning to operations
    Benefit : Allows for service providers to outsource to save engineering/operations costs + + + = Profitable, Value-added services