Lucent Slide Guide - Asia Pacific Regional Internet
Download
Report
Transcript Lucent Slide Guide - Asia Pacific Regional Internet
Network Based IP Services
Horace Lau
Senior Market Development Manager
Lucent Technologies, INS
IP Services Business Unit
7/18/2015
Lucent Technologies – Proprietary
1
Public IP Services;
Not The Internet
• The road to profits is in Public IP Services
Networks
– A best-effort Internet doesn’t deliver service provider profits
– Profits continue in classic data networks because they
deliver quality service
• But…the Internet delivered some great
successes
– Infrastructure for common communications: The TCP/IP
protocol
– Infrastructure for applications: Browsers, Streaming Media
Formats, Email, Messaging, Directories
• Today, customers require the service richness of the Internet
with the service quality of the classic data networks
7/18/2015
Lucent Confidential
2
Value-added IP Services Deliver
Competitive Advantage
Margin %
Commodity
Services
Access
Services
7/18/2015
Bandwidth-Managed
Services
IP VPNs
Managed Security
Business Internet
Access
Converged Services
Content Management/
Acceleration
Wholesale Subscriber
Management
Value-added Services
Lucent Confidential
Commodity
Services
Core Backbone
Services
3
Service Providers Need Business
Quality IP Services Network
Wireless
PSTN
Data
Services
Public IP
Network
Optical Core
• Services
• Connectivity
• Performance
• Reliability
• Security
• Simplicity
• Affordability
• Flexibility
• Scalability
• Ubiquity
Best Effort
Internet
Broadband
Access
7/18/2015
Investment in public data network
infrastructure will grow from $12B
in 1999 to $22B in 2003. (IDC)
Lucent Confidential
4
IP Is the New Public UNI
(Network Connection)
•
Public IP Networks Require
• Routing functions on the edge
– Consistent interface to subscriber applications
• Application-Aware Dynamic Service Delivery
– End-End Across The Network
• Network Changes Behavior As Necessary
•
Public IP Networks Must Provide
• Application-aware priority for IP flows
• Application specific behavior for different IP Flows
– Deliver bandwidth, and access privileges as required
• Per application
• Dynamic signaling to support application
requirements
– Deliver services where and when they are needed
• By requesting them from smart network elements
•
Public IP Networks Cannot Use a Hop-by-Hop Internet
Architecture
• Routers alone won’t support what needs to be done
7/18/2015
Lucent Confidential
5
Deterministic Service
Behavior
• Service-specific functions in virtual
routers
–
–
–
Traffic classification
• Voice, video, data
Marking, shaping, policing
• Priority queuing of IP application traffic
– Voice first, then file transfer data packets
Mapping IP application traffic to MPLS paths
• To ensure service quality
• Pre-engineered traffic paths in core
–
7/18/2015
Supports MPLS paths in:
• Frame based networks (core router-based networks)
• ATM multi-service networks
– Provides: bandwidth guarantees, latency
commitments
– Provides: QoS
Lucent Confidential
6
Enterprise A Policy
Creating Personalized Services
Packet
Criteria
Action
Intranet
IPsec
ASP
FW/MPLS
WEB
NAT/FW
All Others
Deny
Class of
Service
VPN
Service
Sales
Automation
Secure
Internet
N/A
Billing
Class
$$$
$$
$
N/A
Intranet
Application Aware
Traffic
Treatment
LDAP Policy
Server
ASP
AAA
Server
Enterprise A
ISP #1
Application
Stream
Access
Device
7/18/2015
Core Network
Service Intelligent
Element
Lucent Confidential
Tunnel C
ISP #2
7
Network Architecture for
Public IP Services
Key Architecture Elements
• Service Intelligence to build end-to-end services
– Virtual Routing
– Intelligent Agents
– Service Creation Model
• MPLS to create dynamic connections in and between layers
in the network
• Unified network management for provisioning,
monitoring, fault recovery
• Professional services for full public network design and
lifecycle management expertise
7/18/2015
Lucent Confidential
8
Complete Service Intelligent
Architecture
Scalable
on-ramp for IP
service traffic
Actively mediates
network behavior
Reliable, highspeed, transport
•Understands their
individual service
needs
Metro
Optical
Intranet
RAS
IP/ATM
Core
Switch
DSL
Cable
Access
Network
IP
Service
Switch
Frame/
ATM
IP/ATM
Core
Switch
Optical
Core
Extranet
Web
IP/ATM
Core
Switch
ISP
ASP
Wireless
Access
Layer
•Recognizes users &
their applications
Services
Layer
Core
Layer
•Mediates on their
behalf to deliver IP
services
•Regardless of when,
where, or how they
arrive on the network
•All in a reliable and
end-to-end, secure
manner
Intelligent, dynamic, scalable.
7/18/2015
Lucent Confidential
9
• MPLS is an integral architecture element for
communication in and between the network layers
– Multi-Protocol Label Switching (MPLS) is not only used for
traffic engineering in IP Networks
• A Fundamental framework for Service Intelligence in
Public IP Services networks
• Benefit: Creation of highly customized services
based on subscriber, application, and network
requirements
7/18/2015
Lucent Confidential
10
MPLS for Dynamic Connections:
within the IP & ATM Transport Layers
• Multiservice ATM Core
delivers infrastructure for
Frame Relay, DSL, ATM
Access and Multiservice
MPLS
ATM Multiservice/
MPLS
• IP Core provides
infrastructure for “pure IP”
networks and Packet MPLS
BSTDX
GX550
PSAX
Family
NX
NX
• MPLS between
architectures provides for
end-to-end IP services
NX
IP Switching/
Packet MPLS
7/18/2015
Lucent Confidential
11
MPLS for Dynamic Connections:
Between Layer 1 and Layer 2
The service intelligent
network requests bandwidth
and transport from the optical
core via dynamic MPLS signal
requests
IP/ATM
Core
Benefits:
•Sub-second restoration
in case of failure
•Automatic addition of resources in
response to demand
•Layer 1 & Layer 2 are active
participants in service delivery
7/18/2015
Lucent Confidential
Optical Core
12
Unified Network Management
For IP Services
• Single service console for IP Services
–
Creation and management of all IP Service elements: Customer Located
Equipment (CLE), Service Switch, Core
–
Service creation built within virtual routers
–
Policy driven network behavior not “port-by-port” configuration using
network directories– like the voice network.
• Flow-through integration with Layer 2 infrastructure
–
–
Automatic connections between devices
End-to-end within layer-two framework
• Layer-one integration with dynamic signaling:
–
On demand bandwidth creation driven by Service Intelligence through
ODSI/OIF Optical Interface
Benefit: scalable, single seat management with end-to
end provisioning, monitoring, fault isolation
7/18/2015
Lucent Confidential
13
Intelligent IP Service Management
• Provisioning
–
–
–
–
Unified – supports all network elements actively
enforcing Service Attributes
Scaleable – Virtually centralized with distributed
content
Integrated - Built on top of a single platform
Flexible – GUI or API driven
• Surveillance/Assurance
–
–
Common Fault and Performance architecture
SLA Assurance w/detailed analysis
• Capacity planning
–
7/18/2015
Historical trend analysis
Lucent Confidential
14
Radically Different Approach
• Policy driven network behavior
– Not “port-by-port” configuration
• Configure the network services, not the devices
• Let the devices grab configuration elements and change
behavior as users of a service arrive at a port
• IP Framework for Services
– Service creation built within virtual routers
• On edge of service provider network
• Driven by central database servers
7/18/2015
Lucent Confidential
15
Voice:
Policy Makes The Difference
TCAP
Back-office
Customer care
User provisioning
is to a directory
5ESS
5ESS
User
5ESS
Service
Endpoint
5ESS
• Traditional voice services
–
SS7/TCAP and central services
• Service elements: circuit-based connection oriented
services
• Reliability, predictability, security, billable connections
7/18/2015
Lucent Confidential
16
Data: Policy Makes The Difference
Web/
Corba
LDAP
(Oracle)
Back Office
Customer Care
User provisioning
is to a directory
SIN
SIN
SIN
Data User
Data Service
Endpoint
SIN
• IP Data Services
–
RADIUS/LDAP user-level policy
• Service elements: predictable bandwidth, security,
connection oriented IP
– IP “conference calls”
– Managed bandwidth services per application
– Predictable “SLA’s” for customer and carrier
7/18/2015
Lucent Confidential
17
Policy Driven Service Creation
• As with voice:
– Specific subscriber profiles drive network element
behavior
• Same with Data:
– Network elements interact with provisioning servers
– Service Provider defines services
– Active network “reacts” to policies
• Sets-up network resources on behalf of users
• Uses MPLS, other technologies to signal for enforcement
of service attributes
7/18/2015
Lucent Confidential
18
Web-based Service Selection
Service
Provider
User connects to
VR
User HTTP Request
Service Selection Page
Web server, presents HTML
page collects service
request, updates DB
HTML
VR
ATM
User browser set to
service provider
homepage for
service selection
IP
Network
Web Server
HTML
LightShip
Call Logging Receiver
Database LDAP records
LightShip
Configuration Server
• Enables powerful flow-through provisioning
–
Users can “turn up” or change certain services themselves
• Users edit web pages that update LDAP service profiles
• Active network elements get “change notice”
–
7/18/2015
Network elements download new profile & provide service
Lucent Confidential
19
Key IP Service Applications
Desktops
Site-site
intranet
Intranet
servers
eCommerce
Internet
Telecommuters
Campus
Branch
offices
Extended
intranet
Extranet servers
Campus
Customers
7/18/2015
Web
Mobile users
Public IP
network
Business-business
extranets
Web servers
Partner
Supplier
Lucent Confidential
Desktops
20
Site-to-Site Intranet VPN
Remote office
DNS DHCP auth acct
CPE
PVC
DNS DHCP auth
FR
switch
Remote office
CPE
Servers
PPP
CPE
Router
Remote office
VPN
CPE
Central site
IPSec
Requirements
• High bandwidth, low
•
•
•
•
7/18/2015
latency
Selectable authentication
Authorization
Secure virtual routing
High performance IPSec
•
•
•
•
•
3DES encryption
Key management
IP address management (per VR)
Tunnel switching & concentration
Accounting for dept. bill-back
Lucent Confidential
21
Business-to-Business Extranet
VPN
Suppliers
DNS DHCP Auth Acct
CA
Extranet Host
Central Site
CPE
Servers
Business Partners
CPE
CPE
Customers
CPE
Requirements
•
•
•
•
•
7/18/2015
Authentication
Authorization
Secure Virtual Routing
High performance
IPSec
3DES encryption
•
•
•
•
•
Rapid, high capacity key generation
IP address management
Tunnel switching & concentration
User-granular accounting for bill-back
X.509v3 digital certificates
Lucent Confidential
22
Network-Based Firewall Service
Dynamic
service
profiles
Remote office
CPE
Remote office
DSL
modem
Mobile
VC
LDAP
policy
server
ISP #3
ATM
switch
VR
VR
DSLAM/
RAS
Backbone
network
Intranet
PPPoE
Extranet
Requirements
• Small-medium business
• On-the-fly, Follow-me Firewall
from single configuration
• Stateful inspection, denial
of service protection
• Different policies for different
• Extranet access control,
flows within same session or site
•
7/18/2015
NAT
Granular user/site level
policy
Lucent Confidential
23
IP Services Vision
Service Intelligent
Benefit: Provides a network platform for
infrastructure from edge service delivery tailored to the needs to
to core to edge
the subscriber/application
+
Intelligent dynamic
signaling in and
between the network
layers
Benefit: Provides a rich framework for
deploying service intelligence between the
layers of the network
+
Scalable, end-to-end
network management
from single console
Benefit: Allows for efficient network
operations and leverage of network
investment
+
Full lifecycle
professional services
from planning to
operations
Benefit: Allows for service
providers to outsource to save
engineering/operations costs
=
7/18/2015
Profitable, Value-added services
Lucent Confidential
24