• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
The ProCurve Networking Adaptive EDGE Architecture
 

The ProCurve Networking Adaptive EDGE Architecture

on

  • 429 views

 

Statistics

Views

Total Views
429
Views on SlideShare
429
Embed Views
0

Actions

Likes
0
Downloads
7
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    The ProCurve Networking Adaptive EDGE Architecture The ProCurve Networking Adaptive EDGE Architecture Document Transcript

    • ProCurve Networking by HP The ProCurve Networking Adaptive EDGE ArchitectureTM Introduction ............................................................................................................... 2 The Changing Enterprise Network .................................................................................. 2 The Evolution of Ethernet Networks ............................................................................... 3 Meeting the Need – ProCurve Networking Adaptive EDGE Architecture ................................ 4 Control to the Edge .................................................................................................. 7 Command from the Center ........................................................................................ 7 Getting from Here to There........................................................................................ 8 The ProCurve Networking Adaptive EDGE Architecture Is Real Today ................................ 11 Industry Approaches.................................................................................................. 12 Summary................................................................................................................. 13 For more information ................................................................................................. 14
    • Introduction To gain competitive advantage, business decision-makers are looking for new ways to create communication efficiencies in their enterprise networks and at the same time maximize network investments to achieve real business value. Today’s CIOs must focus on business value rather than on technology for technology’s sake. As such, they need to simplify their infrastructures by developing inclusive networks based on one pervasive technology (Ethernet). They need those networks to deliver robust, integrated functionality in the areas of security, mobility, and convergence. They need the networks to be flexible, reliable, and cost effective. And they need them to last as a next-generation network. New applications can make users more efficient, but also make networks more complex if not deployed appropriately. Decisions about network access, traffic prioritization, traffic flows and bandwidth optimization can no longer be centralized. As new applications become pervasive, more functionality must move to the edge of the network to effectively support users while making efficient use of the network resources. The edge of the network is not a destination; it’s where the user connects. It’s where users must be authorized to access applications and resources to accomplish their jobs, but no more. The edge is like a set of intelligent keyed doorways that lead the user to the appropriate zones of information and services that they need to achieve their business goals and objectives. Doors can be opened and closed as the needs of the business change. The keys to the doors can be handed out to the appropriate users only -- protecting private information from prying eyes. The edge of the network creates the right doorway to connect users to the information, services and applications they need. This paper introduces an innovative network architecture from ProCurve Networking by HP  the ProCurve Networking Adaptive EDGE Architecture™  based on open industry standards. It makes possible a network that can change or adapt to meet changing network needs. The network enabled by the Adaptive EDGE Architecture will be a transparent network that just works – as safely, dependably, and simply as an electric utility – whenever and wherever it’s needed. The Changing Enterprise Network Three major and interdependent forces are driving the transformation of the enterprise network: the Internet, communications, and an increasingly mobile workforce. Because of the Internet, the traditional enterprise network will become more like a public network – requiring new levels and types of security. Convergence of data, voice, video and other digital technologies will mean the convergence of the separate enterprise networks that formerly hosted those data types – resulting in a single multi-service network that must support a broad range of applications. High- bandwidth wireless access and other mobile technologies are meeting crucial needs of the increasingly mobile, 24/7 workforce – and turning the network into an anytime, anywhere resource that must support secure mobility and access. As the network becomes more public, more converged, and more mobile, companies need to understand and support new security methods, new applications, and new connection management solutions for a mobile workforce. That’s because traditional solutions don’t provide the level and type of protection, detection, and response that businesses need to safeguard their assets. Businesses need more effective ways to respond to the changing business environment, and to the growing numbers and types of users. Traditional solutions are based on one- dimensional architectures that address only one area of network design at a time, such as voice, video or data. Design rules and product features for voice, video and data were sufficient to supply quality of service (QoS) for these applications, but were too rigid and insufficient to address mobility or security at the same time. 2
    • These new and emerging requirements need solutions that are based on a fundamental, multi-dimensional architecture that addresses the complexity and flexibility required to handle all solution areas at the same time (See Figure 1). Table 1 Key business issues Network implications The enterprise network is becoming Security becomes pervasive at every point of increasing public with an ever increasing access and must provide the right network range of users. resources to achieve a business result. The network is becoming a universal resource Users need access from many different for a broad range of needs. locations and secure mobility of the work force must be support inside and outside the office. The enterprise data network is becoming the A multitude of applications from traditional “one” network. data to VoIP to virtual presence applications must be easily deployable and co-exist on a single, converged network. The Evolution of Ethernet Networks This new network will probably not come from a revolutionary, new technology but from the evolution of a known technology – Ethernet. For most of its life, Ethernet has existed primarily to move data in the form of transactions and files. Until recently, its evolution was driven by the need to move data faster (10Mbps to 100Mbps to Gigabit to 10 Gigabit) and without interference (switching). In the process, Ethernet has become a truly pervasive network technology in business, education and government around the world for building increasingly cost effective and robust local area networks. While this rate of change seems remarkable in retrospect, the future – driven by security, convergence and mobility requirements – holds even more remarkable potential for change. Ethernet is now moving into both new geographic domains, such as metropolitan area networks and mobile wireless connectivity, as well as new classes of converged applications. These new applications and technologies bring with them new traffic types that include: • voice (VoIP or IP telephony) focused on small packet transport with low packet loss and latency requirements • video distribution and teleconferencing and other presence applications with sustained throughput and multicast requirements for large packets • storage (Network Attached Storage and block-mode iSCSI) requiring high burst data rates and low latency • inter-process communication (emerging Remote Direct Memory Access over Ethernet standard) requiring efficient and reliable low latency message and data transfer to support clustering and grid computing • trusted traffic (and its opposite, unwanted traffic) authenticated and encrypted end-to-end Ethernet/IP networks, both public and private, will ultimately span the planet and transport all types of digital traffic in support of every conceivable digital application. This will transition Ethernet/IP from being “a” network to Ethernet/IP being the “one” network. This evolution will mean Ethernet/IP everywhere for everything digital. 3
    • It will also mean something else: the end-game of network evolution is that Ethernet/IP networks become utility-like, transparent networks. The transparent network is one that works much as utility companies do today. When you plug an appliance into an electric socket, you assume the electricity will be there without even thinking about it – and it is. Moreover, you can plug any standard appliance – food processor, lamp, clock – into the wall socket and it will work, regardless of its function. You don’t have to worry about accessing the electricity. You don’t have to configure your appliance for the electric current. And when you bring home new appliances that weren’t invented a few years ago, you know you can just plug them into the wall socket, as well. Electricity is a transparent utility, one that you don’t notice until, as in a blackout, it’s not there. The utility-like transparent network will be much like the electric utility. You won’t need to think about it or manually configure devices for it. Nor will you have to reconfigure the network for new applications or services. The network itself won’t be nearly as important as what it makes possible: converged data services with access from any device, any time, anywhere, to any resource on the network that you are allowed to use. It will have a high degree of reliability – often characterized as “five- nines” or 99.999 percent uptime. Applications will run the same way from anywhere; for example, a video-conferencing application will run as effectively over a wireless connection at the airport as it does from the office. And putting a new application into service won’t inadvertently cause other applications to break. Meeting the Need – ProCurve Networking Adaptive EDGE Architecture To enable the utility-like, transparent network, ProCurve Networking has developed the ProCurve Networking Adaptive EDGE Architecture. It is an architecture that, unlike traditional network design, can change or “adapt” to meet changing network needs (See Figure 2). 4
    • Figure 1 A new, unified approach • Network functionality A unified holistic approach must migrate to the to secure, mobile, edge where users multi-service networks connect • Network functionality Security must be cost effective and manageable • Network functionality Secure, mobile, must support all current multi-service networks and future traffic types Convergence Mobility The Adaptive EDGE Architecture, like any architecture, is an approach or philosophy to network design, rather than a product or set of products. The products and solutions that participate in the transparent network must be based on a new, unified approach to secure, mobile, multi-service networks. They must be designed and engineered with right functionality built-in from their inception, and with the capability to expand that functionality as needed, eliminating much of the need to bolt-on additional products to achieve new functionality in the future. ProCurve Networking products are designed to meet these requirements. The Adaptive EDGE Architecture is a strategy for solution design that contrasts to the traditional design in which all intelligence is located at the core (see Figure 3). 5
    • Figure 2 Traditional Core Network Traditional core network Wireless Clients • Cost/performance curve for core Wireless Access Points switches is not linear Servers • Many decision Switches Clients functions SHOULD Core NOT or in some Routing Switches cases CANNOT be Clients Switches deferred to the Core Router core Core Network • Static management driven by manual change processes Edge Internet Wireless Clients This new strategy is built on two key principles: to maintain complete command of the network in a centralized manner, and to push out control – and intelligence – to the network edge where users connect. ProCurve Networking solutions deliver on these principles, making it possible to shift the network infrastructure from being network- centric to user-centric (see Figure 4). Figure 3 An Intelligent EDGE network An Intelligent EDGE network Servers • Every EDGE Intelligent Wireless Clients device adds EDGE “decision making” capacity • EDGE devices are standardized Intelligent Switches Clients volume Fabric components Switches Intelligent • A simple high- Clients Switches bandwidth interconnect is Interconnect sufficient Edge Portal Wireless • Event & identity Access Points EDGE driven dynamic Network automated Wireless Internet configuration Clients Command from the Center The Adaptive EDGE Architecture approach of distributed– or scaled-out– intelligence is more cost effective for organizations than vertically scaled – i.e., traditional, core- 6
    • centric – network designs. In this respect, distributed intelligence has followed an evolutionary path similar to that of distributed computing (see Figure 5). Originally, centralized computing ruled the computing world much as “traditional core” networking architectures predominate today. Figure 4 Industry trends – a familiar evolution Industry trends - a familiar evolution… Central Server Distributed Computing Computing Computing Centralized Distributed Traditional Hybrid Next Core Network Generation Network Network Mini-computers and servers gradually moved intelligence and functionality closer to the end-user -- similar to the “hybrid” network design in which the traditional core remains but is augmented by intelligent switches that bring intelligence to the edge. And finally, the advent of distributed, PC-based computing moved nearly all of the computing power, intelligence and functionality closer to the individual’s desktop, similar to the migration of intelligence to the network edge in network design. Control to the Edge By definition, it is the network edge where users and applications connect, where network traffic enters and exits the network, and where the network must determine how that traffic should be handled. The edge is where security policies must be enforced, where the user connects after being authenticated at a central command resource. Without control to the edge, decisions about security and traffic must be deferred to the network core, impacting core performance and scalability while at the same time requiring more bandwidth in all parts of the network driving up cost and complexity. In addition, this opens the network to security attacks between where access is physically attained and where authorization is granted. With the Adaptive EDGE Architecture’s control to the edge approach, access decisions can be made automatically. Known users attempting to access the network, regardless of where they are connecting from, are identified and given access to the same VLANs and network services they have always had. Unknown users are denied all but the most basic access – guest services or a “virtual lobby” – or perhaps none at all. Command from the Center One of the basic principles of command from the center is to provide controlled access to critical network components based on an individual user’s business needs, thereby protecting secure data and applications not needed by that user. The ProCurve Networking strategy enables enterprises to protect their digital assets with what 7
    • amounts to a lightweight operating system that provides robust and dynamic access control based on factors including the user, the device they are using, the application, time, the system or network peripheral function, and performance. As a result, an organization is able to preserve its network integrity while increasing productivity and efficiency. With potential threats to security coming from any number of directions, it is essential that network access be easily controlled from the center but enforced at the edge, where it can most effectively protect network assets. Effective network management from the center of the network becomes ever more critical as the edge takes over the processing of access requests and the network begins to accommodate increasing traffic. Command from the center makes this easy by enabling the network to adapt itself to each user’s unique needs. At the network center, security and other user-specific parameters can be set, stored in a database, and then pushed out to the edge, where users connect. These parameters are triggered by user authentication at the network edge, giving an organization more control without added complexity. In networking terminology, control to the edge places selected layer 2, 3, 4 and higher functions in edge switches. These switches control access and traffic flows to ensure the increasing set of applications can function correctly and concurrently without interference. ProCurve Networking Adaptive EDGE networks support both centralized cores and distributed cores with equal facility because either interior core configuration can enforce the key decisions made at the edge. Ultimately, the ProCurve EDGE Architecture will enable highly available meshed networks, a grid of functionally uniform switching devices, to scale out to virtually unlimited dimensions and performance thanks to the distributed decision making of control to the edge. Getting from Here to There Organizations have options in how they incorporate the ProCurve Networking Adaptive Edge Architecture principles into their network (see Figure 6). The choice they make depends on the infrastructure they have in place now, the functionality they wish to add, and the timing of the investments they wish to make to achieve that functionality. 8
    • Figure 5 Migrating Customers from Today to Tomorrow Optimizing Upgrading the Interconnect Traditional the Edge Interconnect Fabric Design Traditional Core + + Intelligent Edge Traditional Core Intelligent Edge + Benefits Tradition Edge Benefits • 25-30% lower cost • Easy, incremental versus traditional Benefits upgrade • Very high • Familiar • Security, mobility availability and • In-place & convergence resiliency Migration Drivers Migration Drivers • Lower complexity • Security • Performance • Highly scalable • N ew application • Reduced • Secure, mobile & support complexity multi-service • EDGE performance • High availability Migrating Customers from Today to Tomorrow The first step is adopting the intelligent edge switches and other intelligent edge devices that are the foundation of the Adaptive EDGE Architecture. Organizations gain the benefit of being able to push control to the edge, while extending their existing investment in core devices. Most organizations with existing networks will find that an upgrade at the network edge gives them an appropriate balance between functionality and investment and is a major step forward in creating a next-generation network. To further optimize their network, organizations can augment their current core technology with, or migrate that core technology to, fabric interconnect technology designed specifically to optimize the impact of intelligence edge devices (See Figure 7.). Fabric devices simplify the interconnection of intelligent EDGE switches and provide additional options for designing, migrating, and deploying high-performance networks. Flexibility and choice are hallmarks of the Adaptive EDGE Architecture. Organizations can choose where and when to implement the key principles of the Adaptive EDGE Architecture. They can choose how much to invest and what incremental steps to take in creating a next-generation network. There is no single, right choice to implementing an Adaptive EDGE Architected network; the right choice for any organization depends on its needs, abilities and investment strategy. 9
    • Figure 6 The Future of the Intelligent EDGE The Future of the Intelligent EDGE Servers • Every port holds Intelligent EDGE an application with Virtual per Port Distributed Processors Wireless Clients hosting environment • Each port incorporates a rich set of network Clients capabilities Interconnect Fabric (IF) • Robust support Clients High performance forwarding fabric for emerging distributed applications • Adaptive/dynamic Internet/ control of network Wireless Clients Intranet behavior Command Center from the The ProCurve Networking Adaptive EDGE Architecture focuses on: • Implementation of intelligent edge devices for control to the edge based on industry standards including features for access security, traffic prioritization, traffic routing, bandwidth control, and virus protection. Over time these devices will deliver sophisticated packet processing applications that can be “ignited” at the port as required by demands of users, devices and applications in real time • Implementation of software solutions for command from the center to maintain network infrastructure health and to automate the configuration of intelligent edge decisions based on user, device and application needs • Choice and flexibility in interconnecting the edge with the use of industry-standard routing and switch meshing with robust multi-path and path failover for high availability and resiliency • Delivering the best business value by optimizing return on investment and reducing complexity, as well as by providing security, unmatched reliability backed by a lifetime warranty, and the flexibility and choice that come with industry-standard implementations -- all at an affordable price. 10
    • The ProCurve Networking Adaptive EDGE Architecture Is Real Today Figure 7 Delivering the Adaptive EDGE Architecture Delivering the Adaptive EDGE Architecture AEA Based Solutions Security Solutions Secure Mobility Solutions Convergence Solutions Edge Devices Interconnect Command from the Intelligent EDGE Edge Intelligent EDGE Switches Center Portal Routers Switches Switches ProCurve 7000dl Series 6400 Series Manager Plus Secure R outer 10 GbE Stackable Device Management Platform with Stateful 4100 Series 5300 Series 6 CX4 + 2 Flex Firewall and add-on 10/ 100/ 1000 6 X2 + 2 Flex 10/ 100/ 1000 VPN support Chassis, 4&8 Slot Chassis, 4&8 Slot PoE Available Intelligent EDGE Identity Driven 2800 Series 3400 Series Wireless Gig Stackables Stackable 24/ 48 Gig Manager (IDM) 9300 Series 9400 Series Access Management with optional 10/ 100/ 1000 & Gig & 10GbE 10 GbE Uplinks (2) 10GbE Chassis Chassis 8 Slot W i-Fi Access 2600 Series 4, 8 & 16 Slot 10/ 100 Stackables Points Gig Uplinks PoE Available Interconnect Fabric Chassis 700 Series Gig/ 10GbE Secure W ireless 8 & 16 Slot Coming in Late 2005 Access Control The Adaptive EDGE Architecture is a network design approach that will ultimately deliver utility-like transparent networks. But it is not just a vision; organizations can begin the development of these networks today with a broad range of products and solutions that are already available (see Figure 8). These products and solutions enable organizations to do the following: • Create a long-lasting physical network infrastructure. • Build the intelligent edge with products like the 5300 and 3400 series. • Provide access anywhere across the site with secure wireless products like the new Access Control Module for the 5300 series switches and ProCurve wireless access points. • Connect securely to other sites and the Internet while providing secure remote user access with the ProCurve 7000 series edge portal secure routers. • Interconnect the edge with products including the new 9400 series core routing switch with high density 10GE (and, soon through a new class of interconnect product called interconnect fabric switches). • Manage and configure the physical network with ProCurve Manager Plus to keep the infrastructure healthy. • Control network access with Identity Driven Manager to ensure users get appropriate access to resources by dynamically configuring the intelligent based on business needs. To solve specific business needs, organizations can turn to Adaptive EDGE Architecture-based solutions in security, mobility, and convergence as they need 11
    • them. ProCurve Networking by HP will be there to help organizations to build the next-generation networks that will support their business needs well into the future. Industry Approaches Networking equipment vendors have attempted two different tactics to address customer concerns for new network architectures without addressing the root issues. The first is to develop a rigid set of design rules and product requirements to “enforce” a one-dimensional network design. For example, design rules and product features are sufficient to supply quality of service (QoS) for voice applications, but commonly are too rigid and largely inadequate to address mobility or security at the same time. These one-dimensional approaches are limited in reach, create additional network complexity, and restrict an enterprise’s ability to choose best-in-class products and ultimately act as a lock-in for a vendor’s proprietary architecture. Another strategy for addressing these advanced applications is to take so-called “high- end” or “core” products and reposition them into relatively focused roles at the edge of the customer’s network. These high-end products are costly to buy and support, overly complex due to the dramatically different role they were designed to play and fundamentally inappropriate to address the access level roles at the edge of the network. Today’s enterprise networks require solutions based on a unified, holistic architecture that provides reduced complexity, security, reliability and flexibility. ProCurve Networking edge products are designed from the ground up to play this unique role. There are no other products in the industry that can match their performance, flexibility, features and affordability at the edge of the network. Creating solutions that reduce complexities and are easy to use is a core component of the ProCurve strategy. Quality is never compromised. With industry-leading simplicity, customers deploying ProCurve solutions do not require custom network designs and expensive consulting contracts. Also, with ProCurve solutions, network managers can work smarter because they have greater visibility at the network edge, and can focus their attention on deploying next- generation applications more quickly. ProCurve networking solutions have several layers of built-in security. The company has heavily invested in ensuring ProCurve products comply with the newest and most stringent standards. In fact, ProCurve leads the establishment of many of these standards, such as 802.1X. Based on the Adaptive EDGE Architecture, ProCurve security solutions enable the creation of intelligence throughout the enterprise network to the edge where the user connects. This approach enables enterprises to mitigate risks more effectively as they protect their digital assets. Furthermore, it allows cost-effective partitioning of the network to create zones of similar users with similar access needs. ProCurve Networking solutions are highly reliable. The reliability is based on the legendary ProCurve quality customers have come to expect, and includes fault- tolerant designs, high levels of integration, hot-swappable components, and a free lifetime warranty. With a highly reliable infrastructure, enterprises can avoid costly and potentially detrimental downtime, improve internal performance, and enhance external service levels. ProCurve provides customers with maximum flexibility. ProCurve enables interoperability by supporting and driving open industry standard and addressing customers’ business needs with an integrated approach to secure, mobile and converged networks. 12
    • The Adaptive EDGE Architecture provides a guide for building a foundation for today’s and tomorrow’s applications that simplifies convergence deployments, and as a result, makes communications more efficient for users. ProCurve recognizes that security, mobility and convergence are interdependent forces, and ProCurve takes it a step further by helping customers to address these network forces simultaneously. Being a holistic, non-proprietary architecture that does not require expensive service agreements, ProCurve eliminates the cycle of continual network redesigns to keep up with changing business needs and emerging applications. And since the architecture is based on industry standards, customers can be confident their infrastructure will grow across all areas of their business, including client devices, and applications. As a company, ProCurve has built its business on interoperability, and supports cross- compatible, open industry standards to protect its customers’ investments. ProCurve is committed to continuously updating their products as new standards become final and available to implement. This strategy is focused on the customer’s future, enabling easy network scalability for increased performance and functionality. The ProCurve Networking Adaptive EDGE Architecture is designed to meet the needs of the next-generation network, today and tomorrow. Summary The future of enterprise networking is clear. Companies must deploy infrastructures to support converged, mobile, highly secure networks. These three needs are all related, interactive and interdependent. As a result, enterprises should adopt a three- dimensional architecture that fully integrates and leverages each focus area. Next generation networks cannot be effectively deployed without having critical functionality at the edge of the network. In short, control to the edge is the only way to offer full support for today and tomorrow’s applications while ensuring secure, appropriate and mobile access. Command from the center is required to automate the configuration of edge intelligence to deliver the appropriate business-oriented behavior of the network to support the applications. The ProCurve Networking Adaptive EDGE Architecture recognizes the necessary migration of functionality to the network edge and gives customers a cost-effective, easy-to-manage solution to achieve command from the center with control to the edge. ProCurve Networking Adaptive EDGE Architecture enables companies to preserve networking investments while readying their networks for the future to support business needs and priorities. With ProCurve Networking Adaptive EDGE Architecture, a company’s network can truly become an anywhere, anytime resource. 13
    • For more information To learn more about ProCurve solutions, contact your local ProCurve sales representative or visit the company’s website at http://www.procurve.com. For a list of ProCurve Elite Partners that can provide ProCurve security solutions, go to http://www.procurve.com. To find out more about ProCurve Networking products and solutions, visit our web site at www.procurve.com © 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA0-0365ENW, 4/2005