Enhanced VPN Service - National Communications Group
Download
Report
Transcript Enhanced VPN Service - National Communications Group
AT&T Enhanced VPN
Presenter: Sam Levine-866-624-2008 x111
The world’s networking company
© 2005 AT&T, All Rights Reserved.
SM
Agenda
IP Networking Presents Choices
AT&T’s Network-based IP VPN Connectivity
The AT&T Network
•
AT&T Global Network (AGN)
AT&T Enhanced VPN Services
•
•
•
•
•
Service Features
Benefits
Country Availability
Service Level Agreements (SLAs) - Our Targets
Resiliency Options
VoIP Option
Class of Service
AT&T integrated Global Enterprise Management System (iGEMS)
Managed Services Support Centers
Web-based Reporting
Integrated VPNs - Value Added Services
Wrap UP / Q&A
© 2005 AT&T, All Rights Reserved.
2
IP Networking Presents Choices
Network-based IP VPN
Storage
Integrated VPN
Web /
App
Server
MPLS VPN
AT&T Global
MPLS Network
Network Based
Firewall
VPN is delivered over MPLS-enabled
backbone and is built in the network cloud.
Internet
Data
Center
Premises-based IP VPN
Branch
Office
Remote
Offices
and
Workers
Remote
Workers
Suppliers/Distributors
Headquarters
VPN is delivered over the Internet, Public IP
or Private IP backbone networks, and
requires premises devices and utilizes
tunneling protocols such as IPSec, Secure
Socket Layer (SSL), L2TP and PPTP.
Enterprise networking often demands a
combination of VPNs with flexible access, levels
of management, continuity choices and enhanced
features. These technologies are complementary,
not competing.
© 2005 AT&T, All Rights Reserved.
3
AT&T’s Network-based IP VPN Connectivity
Provides a management continuum of customer managed, hybrid
and AT&T managed options
Remote
Access
Remote
Access
LAN
Router
DSU
LAN
Router
DSU
Internet
NB
FW
PE
VPN
GW
AT&T
Network
PE
DSU
Router
LAN
DSU
Router
LAN
Local Loop
VPN IP Transport Management
VPN with Managed Router and Managed Encryption extends
AT&T logical network management to the customer premises
Managed Network Application Services extend AT&T logical
network management to the customer LAN and applications
© 2005 AT&T, All Rights Reserved.
4
AT&T’s Network-based IP VPN Services
AT&T Enhanced VPN Services
Provisioned via AT&T Global Network
WAN/LAN
Mgmt
AT&T fully managed CPE (DSU / CSU and the router)
Plan, Design, Deploy and Managed End-to-End Environment
Enhanced SLAs to the router
24 X 7 Customer Care with Proactive Management
Enhanced Web-based Reporting
Proactive
Management
Monitoring &
Management
powered by iGEMS
A
le
rt
s
AT&T IP Enabled Frame Relay / ATM PLUS Service
Proactive
Monitoring
Provisioned via AT&T Global Network
AT&T managed DSU
Plan, Design, Deploy and Monitor Environment
SLAs to the DSU
24 X 7 Customer Care with Proactive Monitoring
DSU Web-based Reporting
Transport
AT&T IP Enabled Frame Relay / ATM Service
Network
Services
Provisioned via AT&T Global Network
AT&T Managed Transport only
Plan, Design and Deploy environment
Network Level SLAs
24 X 7 Customer Care
Web-based Reporting
AT&T MPL Private Network
Transport Service
Provisioned via AT&T IP
Backbone
Customer Managed or AT&T
Managed CPE
Plan, Design and Deploy
Environment with proactive
management capabilities
Network Level SLAs
24 X 7 Customer Care
Web-based Reporting
Monitoring & Management Choices - Increasing the Value
© 2005 AT&T, All Rights Reserved.
5
AT&T Global Enhanced Network
Plus 600+
US POPs
• $300M Investment
• Fully Integrated
• Supports All Services
• Common Management Platform
• Global Processes
• In-country Personnel
© 2005 AT&T, All Rights Reserved.
6
Leveraging AT&T’s Global Network Strength
Global MPLS-enabled IP Network at the Core and at the Edge
Industry-leading performance: end-to-end reliability, jitter and latency
Protected by AT&T’s robust Network Disaster Recovery Program
More than 147 countries covered through 7,000+ Remote Access Points
© 2005 AT&T, All Rights Reserved.
7
AT&T Enhanced VPN Services
Customer
Site C
Enterprise Solution
• Single Virtual Global Network
• Consistent feature functionality
• Converged network
Access Line
Maint. Modem
Access
Access Line
Maint. Modem
Customer
Site D
PE
PE
CE
PE
Ease of Operations
• Comprehensive network design
• Project management deployment
Customer Site
• Edge-to-edge service
CE
B
Access Line
• Intimate Lifecycle Care
• On-line portal for Visibility
Maint. Modem
CE
MPLS
Flexible Functions
• Any to any connectivity
• Transport independent
• Classes of Service / Prioritization
PE
Access
Maint.
Modem
Access Line
CE
Customer Site A
AT&T
End-to-End
Management
© 2005 AT&T, All Rights Reserved.
Performance
• Resiliency options
• Availability commitments
• Latency commitments
• Responsiveness commitments
8
Enhanced VPN Supports Your Network
Headquarters
Overseas
Offices
Networking
MPLS Core
Suppliers
(Traffic
Prioritization)
Global Remote
Access
AT&T Global Network
End-to-End
Business
Application
View
Remote Workers
Branch Office
Increasing levels of management support to meet your needs
Deploy
Design
Design Centers of Excellence /
Solutions Center
Experienced Engineers and
Designers
Define Architecture and Topology
Network and Access
Security
Hardware/Software
Engineer for Performance and
Business Continuity
Creation, Execution & Management
of Project Plans
Global Procurement & Provisioning
Including access connections
Global Configure/Test/Installation
Establish & Integrate operational
Infrastructure (performance
reporting, web reporting access, etc.)
Trained Professionals using Proven
Processes (3,500 global individuals)
© 2005 AT&T, All Rights Reserved.
Manage
Service Management (Proactive,
Reactive & Predictive)
Single Global Platform ( iGEMS)
Performance Management (Network /
Application)
Service Level, Availability and
Performance reporting
Global Managed Service Support
Centers
In-country, in-language help desks
9
Service Features
AT&T Global Network
•
•
•
•
End-to-End Management
•
Globally consistent seamless network
Available in 60+ countries
Access independent
Uniform, Global, MPLS-enabled
•
Any-to-Any connectivity
•
Predicatable Performance (QoS)
•
Multiple Classes of Service supported to
accomodate all types of applications
Security
•
•
•
Web-based Reporting
•
Layer 3 reports (IP level)
Simplicity of One Stop Shop
•
MPLS inherent security on par with Frame Relay
Additional optional AT&T Security Services
High Performance Network
•
•
Using MPLS in core and at the edge
Comprehensive network solution design
leveraging AT&T engineering and operational
expertise
Project and deployment management utilizing
global tool set to develop, document and drive
implementations globally
Proactive network management with leading
edge iGEMS tool
Industry-leading Service Level Objectives (SLOs)
/ Service Level Agreements (SLA)
Back-up and Resiliency Options
One contract, one price schedule, one
servicing model deployment / operation /
customer care, one bill
Multimedia-enabled
•
Supports Voice-over-IP and other applications
Global Help Desk Support - 24X7
•
© 2005 AT&T, All Rights Reserved.
Regional Helpdesks supporting multiple
languages
10
Benefits of AT&T Enhanced VPN
Global Coverage - Provides ease of global implementation among all locations with consistent
feature functionality so that each location, no matter where in the world can perform the same
tasks.
Management Continuum - Network facilities, network management and monitoring on a 24x7
basis ensuring network reliability and availability and reduces cost of ownership in network
technology, thus improving return on investment within the network.
Cost Efficiencies - AT&T managed services provide cost savings in the recruiting, training and
maintenance of head count. Costs are reduced with a fully meshed network, with no need for large
bandwidth and CPE at a Hub site, plus flexibility of bandwidth / CPE can be up- or down-graded for
minimal charge. IT budgets are slashed, but return on your communications are up.
One-Stop-Shopping - For global ordering and implementation, with in-country support providing
ease of implementation saving time and assuring network productivity and your productivity since
you do not need to keep track of many vendors - only AT&T.
Flexible, Robust Network Architecture - MPLS-based network architecture provides any-to-any
connectivity allowing for a unified connection for intranet, extranet and Internet access for constant
communications among all locations without the burden of configuring numerous PVCs allowing for
operational and cost efficiencies.
Simplified Pricing and Packaging - Providing consistent monthly recurring charges for ease of
budgeting, accounting, and reconciliation, enabling operational and cost-efficiencies.
Service Level Agreements - Available for standard solutions provide assurance that the network
will perform as required. Reduced down time keeps productivity up.
© 2005 AT&T, All Rights Reserved.
11
Benefits of AT&T Enhanced VPN
Operational Efficiencies - Divisions working together, information received faster and direct
keep organizations working smarter not harder. Project Implementation Managers (PIMs)
oversee the implementation of your network and provide you updates, your network is installed
faster - your communicating sooner and productivity is increased. Moves, adds, changes and
deletes within your network happen faster, keeping your network streamlined. Reconciliation of
invoices completed faster because there is only one vendor, one invoice to reconcile.
Operational efficiencies that keep your bottom line healthy.
Application awareness - Allows you to define the priority of different applications and assign
the appropriate Class of Service to each application at every location enabling a single network
to accurately and consistently prioritize traffic, ensuring the delivery of higher priority traffic
ahead of lower priority traffic.
Superior scalability - Significant reduction in effort and time to install to add new locations,
including the CPE, in a comparable meshed frame relay network allowing the network to
change as your company does.
Flexible access options - Simplification and flexibility of access options provides you with the
ability to connect your remote workers and branch offices to headquarters.
Increased security - MPLS provides for greater security through the creation and assignment
of unique VRF tables to your individual VPN ensuring secured networking - no one but those
your want to get your information.
Simplified transition - A simple and efficient way to transition from more traditional data
networking to IP-enabled networking or from unmanaged to managed service providing
operational and cost efficiencies.
© 2005 AT&T, All Rights Reserved.
12
Country Availability - VoIP Option
Argentina
Australia
Austria
Belgium
Brazil
Bulgaria
Canada
Chile
China
Colombia
Croatia
Cyprus
Czech Republic
Denmark
Ecuador
Estonia
Finland
France
Germany
Greece
Hong Kong
Hungary
India
Indonesia
Ireland
Israel
Italy
Japan
Korea (South)
Luxembourg
Malaysia
Mexico
Netherlands
Neth. Antilles
New Zealand
Norway
Peru
Philippines
Poland
Portugal
Romania
Russia
Singapore
Slovak Republic
Slovenia
Spain
Sweden
Switzerland
Taiwan
Thailand
United Kingdom
USA
Venezuela
Latvia, Liechtenstein, Lithuania, South Africa, Turkey and Ukraine available via custom bid
© 2005 AT&T, All Rights Reserved.
13
Standard Plan SLAs – The Targets
Time to install
Site availability
• Set by PIM + customer, dependent
on country, type router, line speed
etc.
Time to implement SW Change
(Move, Add, Change, Delete)
• Set by PIM + customer, dependent
on complexity of change
Time to implement HW Change
(Move, Add, Change, Delete)
• Up to 99.99%, dependent on
backup options, country
Site to site latency
• Dependent on country endpoints,
tail circuit size and CoS
Site to site packet delivery
• Dependent on country end points
and CoS
Time to restore
• Set by PIM + customer, dependent
on complexity of change
© 2005 AT&T, All Rights Reserved.
• Generally 4 hours, dependent on
country and backup
14
Resiliency Options
Resiliency Options
•
•
•
•
Resiliency Option 1: Single Router, Single Access Line and ISDN
Resiliency Option 2: Single Router, Dual Access Line
Resiliency Option 3: Dual Routers, Single Access Line (Optional ISDN)
Resiliency Option 4: Dual Routers, Dual Access Lines
© 2005 AT&T, All Rights Reserved.
15
VoIP Option: Value Added Support for
Your Applications
Branch
Home Office
PSTN
T1/E1 with CAS
Key
Voice
E&M
V+D
VoIP on EVPN
P
B
X
V+D
Voice
Gateway
Router
Voice
Gateway
Router
AT&T Management Center
•VoIP Technical Assistance
•Centralized dial plan
•Internal QoS auto ticketing by
the center
•Web call detail reports
•Calls rated for VoIP quality
by NPR customer report
© 2005 AT&T, All Rights Reserved.
16
IP Applications
VoIP
ERP
Multimedia
Low Latency
Low Bandwidth
VPN
WWW
Latency Tolerant
Bursty Bandwidth
Non-Uniform Network Traffic demands Traffic
Management
© 2005 AT&T, All Rights Reserved.
17
How AT&T Achieves Class of Service
By applying several techniques in the customer site router
because this is where most of the problems take place ...
Classification
Traffic Shaping
Classification of packets into different
lists is done in the customer router
based on customer requirements
Queues the access traffic
Fair Queuing
Provides minimum bandwidth guarantee
to each class. One queue used for
each class
Marking
Controls the amount of traffic accepted
for each class
Policing
Congestion mechanism
In case of congestion, traffic of the
lowest priority class is discarded first
Discards the excess traffic
... combined with QoS information from the network core.
© 2005 AT&T, All Rights Reserved.
18
Network-based IP VPN
Class of Service Structure
Network-based IP VPN Model – Port, CoS template option
CoS 1
CoS 2
Port
CoS 3
CoS bandwidth
allocation applied
at port level
CoS 4
Frame Relay Model – Port, PVC
PVC bursting
to port speed
Port
PVC
© 2005 AT&T, All Rights Reserved.
19
Differentiated Classes of Service
Traffic
Class
Traffic Type
Suggested Examples
CoS 1
Designed to carry real time
applications
Voice over IP , high speed
video
CoS 2
Designed to carry critical
business applications
Transactional applications,
videoconferencing
CoS 3
Designed to carry standard
business applications
Database applications,
commercial business
applications
CoS 4
Designed to carry general
business applications
File transfer, batch, e-mail,
Web browsing and database
replication
Burst to Port available on Class of Service CDRs (Commited Data Rate)
© 2005 AT&T, All Rights Reserved.
20
Seamless Network Management
AT&T‘s agile Global Enterprise Management System (iGEMS)
• Converged managed
services platform
• Supports the full range of
AT&T Services
• Reactive, proactive and
predictive network and
systems management
• Allows AT&T to deliver
application-specific SLAs
with end-to-end visibility
(only provider in industry
to do so)
• Executes more than 100
different third-party
management applications
• Correlates and pinpoints
alarms for faster diagnosis
and resolution.
© 2005 AT&T, All Rights Reserved.
21
Service Centers at a Glance
• Global Deployment
• Highly skilled networking
professionals
• 7 X 24 X 365 Support
• Access to “best in class”
technology partners &
suppliers
• Access to the next
generation networking
professionals through local
labor force and universities
• Integrated Technology
Platform
• Common Processes
Alpharetta, GA
Durham/Tampa/Schaumburg
Amsterdam, NL
Redditch/Vilvoorde/Ehningen
Toronto, Canada
Phoenix, AZ
Birmingham, UK
Mitaka/Sydney
Sao Paolo
© 2005 AT&T, All Rights Reserved.
22
Global Managed Services Support Centers
(MSSC)
Qualified, Trained Professionals
90% of Tier 2 Techs have one certifications, 24% have 2 or more of the certifications, 11% of the org has 3 or
more certifications
Cisco certified: CCNA, CCNP & CCIE
7.5 average years of experience for Tier 2 support
Dedicated trained Network Performance Group
•
High level dedicated Tier 3 Techs with areas of expertise
– Strong in-depth SNA expertise
•
A number of Level 2 teams exist to support the MSSC within AT&T within their areas of expertise:
– NetTech – Provides logical router, config support and troubleshooting
– NetPerf – Provides router PD on throughput issues
– IP Network Ops – Supports the infrastructure for the Network security and access
– Change Team – Responsible for implementing scheduled changes to customer routers
– DIALSW – Remote Access end-to-end support
– LIGSUP2 – Remote Access gateway technical support
Real-Time Call and Problem Management Systems
•
•
24-hours-per-day, 7-days-per-week with live call specialists / Technical Support answers the call
On-line Website for Incident Submissions / Updates
– Electronically bonded to customer, requiring userid and password
– View progress reports on-line
© 2005 AT&T, All Rights Reserved.
23
Global Helpdesk Support
Managed Data services presently provides Regional helpdesks
supporting multiple languages
Network Management 24-hours-per-day, 7-days-per-week
Integrated Processes, procedures and tools
• Standardized Ticketing
Defined escalation process
SPOC, Single point of issue ownership / resolution
© 2005 AT&T, All Rights Reserved.
24
AT&T BusinessDirect® - Personalized Home Page
Alerts!
New Services &
Announcements
Site
Management
Current Tools &
Messages
A single view on all AT&T services
Uses iGems technology to underpin
multiple different services
Secure customized view into your managed
infrastructure
Service Line specific - Network Topology Maps;
Performance Reporting; Ticketing and Ordering
© 2005 AT&T, All Rights Reserved.
25
Standard Web-based Reports
Monthly Overview Reports
• Backbone Measurements
– Availability/Latency/Reliability measured around the clock
• Site Availability
– Average site availability for all attached DTEs for the month
• Site to Site Latency by CoS
– Average packet delivery measured between qualifying site pairs by CoS
Accessed from iGEMS Global Measurements System
• Traffic Usage by CoS
– Regular Polling, reporting measurements and exceptions for each CoS per site connection
• Traffic Behavior by CoS
– Report lists measured CoS distribution compared with contracted rates
• CE Statistics
–
–
–
–
Access Link
Access Method (ATM, Frame Relay)
CE Router Performance
LAN Port
• Exception Reports
– Measurements compared with thresholds
• Forecast Reports
– 30/60/90 day projections based on historic data
© 2005 AT&T, All Rights Reserved.
26
Gold Plan Web-based Reports
All Standard Level Reports
Network operation
– Site Availability
– Site to Site Response Time by CoS
– Site to Site Packet Delivery by CoS
Installation and change
– On Time Installation of New Site
– On Time Physical Change (hardware)
– On Time Logical Change (software)
• Service restoration (available only in the U.S.)
© 2005 AT&T, All Rights Reserved.
27
Integrated Enterprise VPN - Value Added Services
Storage
Branch
Managed
Router
Supplier
Intrusion
Detection
MPLS VPN
VoIP
Web / App
Server
Network Based
Firewall
AT&T Global
Network
Internet
Ultra-Available
Ring
VPN Remote
Access
AT&T
Internet Data
Center
Managed
Firewall
Data Center
Web Site
VPN Remote
Access
Application Performance Mgmt
Voice over IP / LAN Telephony
Content Hosting
Storage Management
Security Management
Managed Firewall
Managed Authentication
Intrusion Detection
Anti-Virus Scanning
© 2005 AT&T, All Rights Reserved.
Customer
Transport / Access
Private Line
Frame Relay / ATM
Remote Access
28
Customer Scenario Enhanced VPN
Business Challenge
Company Information
• To rapidly replace the existing FR network
by the end of March 2002
• Common network for all divisions with quality
of service and to support future services,
technologies and requirements
• Compliant with existing US network
Solution
Sara Lee Corporation is a global manufacturer and marketer of high-quality, brand-name
products for consumers throughout the world. With headquarters in Chicago, Sara Lee
Corporation has operations in 58 countries and markets branded products in more than
180 nations. The corporation employs 141,500 worldwide. In EMEA, Sara Lee operates 4
separate divisions.
(http://www.saralee.com)
External Reference
• 140 sites connected to the AT&T MPLS
backbone based on EVPN service.
• Four global applications centers connected
to MPLS network.
• All divisions connected to MPLS backbone.
YES
EMEA & Asia/Pacific
•
•
Client Benefits
• Open and flexible architecture that meets
current needs of migration and future
evolution.
• Meets Sara Lee's functional, operational,
global and budgetary requirements.
Americas
Hundreds of
locations connected
via fully managed
EVPN service
© 2005 AT&T, All Rights Reserved.
•
Operations in 58
countries
Markets branded
products in more than
180 nations
141,500 employees
worldwide
29
Customer Scenario Enhanced VPN
Business Challenge
• Global expansion created the need for
seamless flow of data and other critical
information across all locations
• Simplifying the frame relay infrastructure of
LafargeNet was a strong requisite
Company Information
Lafarge is the world's leading producer of building materials. The Group holds top-ranking
positions in each of its four divisions: Cement, Aggregates and Concrete, Roofing,
Gypsum. In 2001, Group sales amounted to €13.7 billion. With a workforce of 83,000
people, Lafarge is now present in 75 countries.
Lafarge offers all construction industry sectors - from architect to tradesman, from
distributor to end user - a comprehensive range of products and solutions for each stage of
the building process. (http://www.lafarge.com)
Solution
• Internet Protocol Virtual Private Network
(IVPN) connections for remote sites and
AT&T Managed Data Network Services
(MDNS) and MPLS based services
(EVPN) for critical appli. & main locations
• 50 sites being connected to the Lafarge
hub in 26 countries on all 5 continents
Client Benefits
YES
External Reference
EMEA
Americas
Lafarge North America largest diversified
construction materials
company and supplier of
cement, aggregates and
concrete in the U.S. and
Canada
1 EVPN site in Canada
All locations connect to
LafargeNet Hub
EVPN, MDNS Frame
Relay & IVPN services
12 EVPN connections
Asia Pacific
• Worldwide network connectivity
Global MDNS
• Security policy protecting the LafargeNet
Frame Relay Service in
Worldwide
against any unwelcome intrusion
Japan, Singapore, Thailand
1 EVPN site in Singapore
• High-performance multi-protocol solution
Lafarge, a world leader in
building materials that is
(EVPN) that supports all kinds of business
active in 75 countries, and
applications and any to any connectivity
employs more than 85,000
• Connectivity solution in countries without a
people.
local AT&T presence with IVPN
• Hybrid VPN to meet different specific needs
• Flexible billing
AT&T was instrumental simplifying the global infrastructure of Lafarge’s intranet (LafargeNet)
© 2005 AT&T, All Rights Reserved.
30
Enhanced VPN Offers End-to-End Management
• Experienced Engineering and Operations
Personnel
– Network design and consultation
– Solutions Centers
– Installation and implementation project
management globally
• Proactive and Predictive Network
Management
– Continuous 24x7x365 proactive monitoring
with notifications via phone, e-mail or pages
– Fault management
– Auto detection tools that receive alarms
on the network and CPE
– Automatic maintenance tickets
generated with resolution notification
– Enhanced SLAs offering proactive credits
• Responsive to your Networking Needs
– Perform as internal telecommunication / IT
Department acting like an extension of your
personnel
– In-country, in-language technical help desk
support
• Historical and Near Real Time Reporting
– Extensive Performance and Service Level
Reporting
– Common, Unified way to Interface with AT&T
Business
© 2005 AT&T, All Rights Reserved.
31
What the Analysts are Saying
“AT&T is the best in the VPN business …,” demonstrating a
“future-proof global VPN architecture,” an extensive breadth of
offerings with SLAs to guarantee service
IDC rates AT&T top of all US IP VPN managed carriers for
market share, performance, and leadership
AT&T awarded top ratings of all IP VPN carriers for global reach
and leadership in IP VPN functionality
AT&T IP VPNs rated “Best in Class” by Telemark based on
survey of multi-national corporations
© 2005 AT&T, All Rights Reserved.
32
Thank You!!
© 2005 AT&T, All Rights Reserved.
33
Back Up Charts
© 2005 AT&T, All Rights Reserved.
34
iGEMS Processes: Disciplined Delivery of Predictable
Performance
Rigorous Proven Processes
Application Due Diligence & Stress Testing
Service Level and Configuration Engineering
Project, Change, Capacity, Configuration &
Inventory Management
Customer Acceptance Testing
Operational Metrics
Time to Respond
Time to Restore/Repair
Proactive & Predictive Fault
Management
Availability Monitoring & Management
Application Performance Management
Quick Fault Isolation & Performance Restoration
Ticketing & Escalations
Rapid Root Cause Analysis
End-to-End Service Views
Performance Analysis & Consulting
© 2005 AT&T, All Rights Reserved.
35
AT&T Network-based IP VPN Remote Access
Firewall
DSL
Router
VPN
Gateway
Internet or
AT&T IP
Backbone
Regional
Office
AT&T MPLS
VPN
HQ
VPN
GW
Secure
Tunnel
DSL
Router
© 2005 AT&T, All Rights Reserved.
Routed
Connection
36