IP Infrastructure
Download
Report
Transcript IP Infrastructure
Alcatel IP infrastructure solution
Data Business Development
Borderless Enterprise
>
To succeed in the transition to e-business,
companies are dissolving borders…
•
between “local” and “remote”
–
•
(markets, employees, partners,...)
between “owned” and “consumed”
–
(networks, managed services,
applications, supply chain,…)
Employee
and Customer
Relationships
New
Economic
Models
Borderless
Enterprise
Business
Flexibility
Mission-critical Networking
Presentation Title – DATA — 2
All rights reserved © 2002, Alcatel
Standard Based : a must have
>
Standards cover every need
•
IETF for Layer 3 and above
• IEEE for layer 2
>
Standards to improve cost saving
•
Interoperability with existing equipment
• Solutions have to last : important to protect the investment
• Standards remove the greatest part of installation hazards
• The end user can select a single source without being locked
forever
Presentation Title – DATA — 3
All rights reserved © 2002, Alcatel
Standard Based
What supports that
Compliant with all relevant standards
Support
of all standard protocols for
Standard
based
IP
Routing
RIP, OSPF, BGP4, VRRP, PIM
QoS
tagging and mapping
802.1p, ToS, DiffServ
Network
Management
SNMP V1&V3, HTTPs, SSL, SSH
VoIP
H323, SIP
Directory
based services
LDAP, RADIUS
RIP, OSPF, BGP4, IGMP
802.1p/Q, TOS, DiffServ,
H323, SIP,
SNMP, HTTP
LDAP, RADIUS
….
Presentation Title – DATA — 4
Security
802.1x
All rights reserved © 2002, Alcatel
Avaibility concerns
>
End-users need continuous data network access
>
Every vendor claims “high availability”
>
Can your data network deliver the carrier class availability for voice?
And at what cost?
Let’s look at what can go wrong…
Disaster recovery
Wiring
closet
Data Center
Business partners
Network
operations
Internet
Remote
user
WAN
PSTN
Branch Office
PBX
Presentation Title – DATA — 5
All rights reserved © 2002, Alcatel
Availability
>
The network operates equal to or better than 99.999% of the time
•
>
Carrier class availability consists of…
•
•
•
•
•
•
•
>
Equals 5.26 minutes of downtime per year
No traffic interruption w/component or SW failure or Configuration loads
Non stop operation when management module failover
No capacity loss with fabric module failover
On-line component swapping
Load sharing components
Networking recovery components
Network component availability monitoring
At the edge; not simply at the core
•
•
Users require dial tone availability at the edge
Data centers require highest availability also
Presentation Title – DATA — 6
All rights reserved © 2002, Alcatel
Carrier Class Availability
What supports that
Element resiliency
Redundancy everywhere
Hot swap everything
Equipment protection
•
Network resiliency
•
Thermal shutdown
Dual image / config
Automatic rollback
FSTP, OSPF ECMP, VRRP
Powerful aggregation
•
•
•
Service protection
•
•
Layer 2, Layer 3
802.3ad
Cross module
32 aggr – up to 16 links per aggr
Smart Continuous Switching
Fast switch management restoration
Ability to maintain ... Existing connections, L2 topology
Ability to react
… L2 topology change
Ability to learn
… New addresses, new flows
Presentation Title – DATA — 7
All rights reserved © 2002, Alcatel
Performances concerns
Switching technology has matured…offering
wire-rate performance and scalability in the core
In the wiring closet, L2 & L2/L3 stackable and chassis switches
In the backbone and data center, L3 chassis switches
Disaster recovery
Wiring
closet
Data Center
Business partners
Network
operations
Internet
Remote
user
WAN
PSTN
Branch Office
PBX
Presentation Title – DATA — 8
All rights reserved © 2002, Alcatel
Performance AND Intelligence
>
Pure Horse Power is NOT enough
>
The ability to tailor the network performance based on users, services or resources
types regardless of location
>
Distributed Intelligence is not only horsepower
•
•
•
>
Wirespeed services; not just capacity
VoIP needs more than big pipes
Intelligence means ensuring mission critical and delay sensitive applications get through
despite inevitable network bottlenecks (servers access, WAN access, aggregation points )
Distributed Intelligence consists of…
•
•
•
•
Wirespeed everywhere: No feature or performance bottleneck
Wirespeed everything: L2/L3/L4, ACLs, Load Balancing, QoS
Prioritization, Bandwidth management & Congestion control
… All in 10-Gig ready architecture
Presentation Title – DATA — 9
All rights reserved © 2002, Alcatel
Performance&Scalability
What supports that
Superior performances&Scalability
Unprecedented capabilities
Up to 512 Gbps of switching per node
Up to 16 10 gigabit ports
Up to 384 Gigabit ports
Up to 400 10/100 ports
Scalability for every segment
Performance
Workgroup
Concentration
Core backbone
Presentation Title – DATA — 10
All network services at wirespeed
Solutions for all legacy technologies
All rights reserved © 2002, Alcatel
Wirespeed Intelligence
What supports that
Distributed Architecture
Intelligence
Unprecedented acceleration of services
ASIC-based ACL, QoS, NAT, SLB
Distributed Parallel software processing
Quality of Service
Extensive L2,3,4 classification
Unique QoS mapping capability
Bandwidth management: 2048 queues / blade
One Touch QoS
Native Server Load Balancing
Presentation Title – DATA — 11
Virtual IP based, server health check
Enterprise focused implementation
Simple, Native, Wirerate
All rights reserved © 2002, Alcatel
Ready for Convergence
What supports that
Embedded VoIP support
Convergence
IP Phone Power feeding
IP Phone automatic detection
Readiness for converged network
Presentation Title – DATA — 12
Complete voice and data offer
Advanced QoS
Wirespeed processing
Coherent management system
All rights reserved © 2002, Alcatel
Manageability concerns
>
>
Generally IT staff…
•
Set thresholds
•
Interpret traps
•
React to alarms
•
Report
Whatever happened to policy based
networking? QoS? Security?
Just too complex…
Disaster recovery
Wiring
closet
Data Center
Business partners
Network
operations
Internet
Remote
user
WAN
PSTN
Presentation Title – DATA — 13
PBX All rights reserved © 2002, Alcatel
Branch Office
OneTouch Manageability?
>
Easy configuration of a network’s users and/or elements
with little to no administration effort
>
OneTouch Manageability consists of…
•
•
•
•
•
•
•
Push button ease of use
Automatic settings of complex network functions (QoS,
Security)
Dynamic and secured support of mobility
Settings automatically replicated to all switches in network
Policy-based management with an LDAP architecture
Single GUI and full switch access capacity through Web
based managed or NMS console
Coherent NMS system to support
data and voice
Presentation Title – DATA — 14
All rights reserved © 2002, Alcatel
Manageability
What supports that
Easy and sophisticated management
Manageability
End-to-End
consistent solution
A single application for all data products
Network wide configuration
same system for voice and data
Centralized configuration database
Easy
sharing of network management tasks
partitioned management
Flexible
solution
Embedded Web based application with
access to all functions
Presentation Title – DATA — 15
All rights reserved © 2002, Alcatel
Dynamic Mobility
What supports that
Mobility
Security
Presentation Title – DATA — 16
Unmatched VLAN Flexibility for
secure mobility
Mobile VLAN: Device placed in VLAN
based on traffic characteristics
• Port
• Mac
• Protocol
• Subnet
• DHCP port rule
• DHCP mac rule
• Custom
Binding VLAN: Based on
simultaneous traffic criteria
• port, Mac, protocol, addr
A-VLAN: User placed in VLAN based
on 802.1x or advanced authentication
All rights reserved © 2002, Alcatel
Security concerns
End-users:
Different levels of access
Internal security breaches
Authorized users misbehaving
Remote users:
Unprotected assets
External
security breaches
Accidental or negligent
configurations
After hours
network access
Unauthorized use
of device ports
Disaster recovery
Wiring
closet
Business partners
Data Center
Network
operations
Internet
Remote
user
WAN
PSTN
Branch Office
PBX
Presentation Title – DATA — 17
All rights reserved © 2002, Alcatel
Multi-Layer Security
>
Controlling user access and the protection from unintentional or malicious network
infrastructure corruption
>
Multi-layer Security consists of…
•
•
•
•
•
>
Controlling access to the network, components and resources
Protection OF the device, TO the device, THROUGH the device
Isolating user groups
Defending against snooping, hostile intrusion, DoS attacks
Providing configuration and administration granularity
Distributed Multi-layer security
Presentation Title – DATA — 18
All rights reserved © 2002, Alcatel
Distributed Multi-Layer Security
What supports that
Distributed Security strategy
Security
Switches from edge to core
IP enabled voice products
Enabled Switch Security
DOS defense
Router Authentication
High Availability Application support: stonebeat
Secure Switch Management
Security out of the box
Device access: IPSA to management services
User access: standard user authentication
User privilege: partitioned management
Secure traffic: SSL, SSH, SNMPv3
Accounting: extensive logs
Secure Network Access
Presentation Title – DATA — 19
ACL, NAT: ASIC-based
Unmatched VLAN: mobile, binding, authenticated
All rights reserved © 2002, Alcatel
The New Era Dimension
Core
Edge
WAN
Branch
Availability
Security
New Era
Networking
Intelligence
Manageability
IP Communications
90’s Era Components
Presentation Title – DATA — 20
All rights reserved © 2002, Alcatel