Transcript Lucent Slide Guide - Asia Pacific Regional Internet
Network Based IP Services
Horace Lau Senior Market Development Manager Lucent Technologies, INS IP Services Business Unit
Lucent Technologies – Proprietary 4/25/2020
1
Public IP Services;
Not The Internet
• The road to profits is in Public IP Services
Networks
– A best-effort Internet doesn’t deliver service provider profits – Profits continue in classic data networks because they deliver quality service • But…the Internet delivered some great
successes
– Infrastructure for common communications: The TCP/IP protocol – Infrastructure for applications: Browsers, Streaming Media Formats, Email, Messaging, Directories • Today, customers require the service richness of the Internet with the service quality of the classic data networks 4/25/2020 Lucent Confidential 2
Value-added IP Services Deliver Competitive Advantage
4/25/2020
Commodity Services
Access Services
Bandwidth-Managed Services IP VPNs Managed Security Business Internet Access Converged Services Content Management/ Acceleration Wholesale Subscriber Management Value-added Services
Lucent Confidential
Commodity Services
Core Backbone Services 3
Service Providers Need Business
Quality IP Services Network
PSTN Data Services Wireless
Public IP Network
Optical Core
• • • • • • • • • •
Services Connectivity Performance Reliability Security Simplicity Affordability Flexibility Scalability Ubiquity Best Effort Internet
4/25/2020
Broadband Access
Investment in public data network infrastructure will grow from $12B in 1999 to $22B in 2003. (IDC) Lucent Confidential 4
IP Is the New Public UNI (Network Connection)
• Public IP Networks Require • Routing functions on the edge – Consistent interface to subscriber applications • Application-Aware Dynamic Service Delivery – End-End Across The Network • Network Changes Behavior As Necessary • Public IP Networks Must Provide • Application-aware priority for IP flows • Application specific behavior for different IP Flows – Deliver bandwidth, and access privileges as required • Per application • Dynamic signaling to support application
requirements
– Deliver services where and when they are needed
Architecture
•
By requesting them from smart network elements
• Public IP Networks Cannot Use a Hop-by-Hop Internet • Routers alone won’t support what needs to be done 4/25/2020 Lucent Confidential 5
Deterministic Service Behavior
• Service-specific functions in virtual
routers
– Traffic classification • Voice, video, data – – Marking, shaping, policing • Priority queuing of IP application traffic – Voice first, then file transfer data packets Mapping IP application traffic to MPLS paths • To ensure service quality • Pre-engineered traffic paths in core – Supports MPLS paths in: • Frame based networks (core router-based networks) • ATM multi-service networks – Provides: bandwidth guarantees, latency commitments – Provides: QoS 4/25/2020 Lucent Confidential 6
Creating Personalized Services
Packet Criteria Intranet ASP WEB All Others Action IPsec FW/MPLS NAT/FW Deny Class of Service VPN Service Sales Automation Secure Internet N/A Billing Class $$$ $$ $ N/A Intranet Application Aware Traffic Treatment Enterprise A Application Stream LDAP Policy Server AAA Server
4/25/2020
Access Device Service Intelligent Element
Lucent Confidential
Core Network Tunnel C ASP ISP #1 ISP #2
7
Network Architecture for Public IP Services
Key Architecture Elements
• Service Intelligence to build end-to-end services – Virtual Routing – Intelligent Agents – Service Creation Model • MPLS to create dynamic connections in and between layers in the network • Unified network management for provisioning, monitoring, fault recovery • Professional services for full public network design and lifecycle management expertise 4/25/2020 Lucent Confidential 8
Complete Service Intelligent Architecture
Scalable on-ramp for IP service traffic Metro Optical RAS Actively mediates network behavior Reliable, high speed, transport Intranet DSL Cable Access Network IP Service Switch IP/ATM Core Switch IP/ATM Core Switch Optical Core IP/ATM Core Switch Extranet Web Frame/ ATM ISP Wireless
Access Layer
4/25/2020
Services Layer Core Layer Intelligent, dynamic, scalable.
Lucent Confidential
ASP
•Recognizes users &
their applications
•Understands their
individual service needs
•Mediates on their
behalf to deliver IP services
•Regardless of when,
where, or how they arrive on the network
•All in a reliable and
end-to-end, secure manner
9
• MPLS is an integral architecture element for communication in and between the network layers – Multi-Protocol Label Switching (MPLS) is not only used for traffic engineering in IP Networks • A Fundamental framework for Service Intelligence in Public IP Services networks • Benefit: Creation of highly customized services
based on subscriber, application, and network requirements
4/25/2020 Lucent Confidential 10
MPLS for Dynamic Connections: within the IP & ATM Transport Layers
4/25/2020
ATM Multiservice/ MPLS PSAX Family BSTDX GX550 NX NX NX IP Switching/ Packet MPLS
• Multiservice ATM Core
delivers infrastructure for Frame Relay, DSL, ATM Access and Multiservice MPLS
• IP Core provides
infrastructure for “pure IP” networks and Packet MPLS
• MPLS between
architectures provides for end-to-end IP services
Lucent Confidential 11
MPLS for Dynamic Connections: Between Layer 1 and Layer 2
The service intelligent network requests bandwidth and transport from the optical core via dynamic MPLS signal requests IP/ATM Core
Benefits:
•
Sub-second restoration in case of failure
•
Automatic addition of resources in response to demand
•
Layer 1 & Layer 2 are active participants in service delivery
4/25/2020 Lucent Confidential
Optical Core
12
Unified Network Management For IP Services
• Single service console for IP Services – Creation and management of all IP Service elements: Customer Located Equipment (CLE), Service Switch, Core – – Service creation built within virtual routers Policy driven network behavior not “port-by-port” configuration using network directories– like the voice network.
• Flow-through integration with Layer 2 infrastructure – Automatic connections between devices – End-to-end within layer-two framework • Layer-one integration with dynamic signaling: – On demand bandwidth creation driven by Service Intelligence through ODSI/OIF Optical Interface
Benefit: scalable, single seat management with end-to end provisioning, monitoring, fault isolation
4/25/2020 Lucent Confidential 13
Intelligent IP Service Management
• Provisioning – Unified – supports all network elements actively enforcing Service Attributes – – – Scaleable – Virtually centralized with distributed content Integrated - Built on top of a single platform Flexible – GUI or API driven • Surveillance/Assurance – Common Fault and Performance architecture – SLA Assurance w/detailed analysis • Capacity planning – Historical trend analysis 4/25/2020 Lucent Confidential 14
Radically Different Approach
• Policy driven network behavior – Not “port-by-port” configuration • Configure the network services, not the devices • Let the devices grab configuration elements and change behavior as users of a service arrive at a port • IP Framework for Services – Service creation built within virtual routers • On edge of service provider network • Driven by central database servers 4/25/2020 Lucent Confidential 15
Voice:
Policy Makes The Difference
Back-office Customer care TCAP
User provisioning is to a directory 5ESS
User
5ESS 5ESS
Service Endpoint
5ESS
• Traditional voice services – SS7/TCAP and central services • Service elements: circuit-based connection oriented services • Reliability, predictability, security, billable connections 4/25/2020 Lucent Confidential 16
Data: Policy Makes The Difference
Web/ Corba Back Office Customer Care LDAP (Oracle)
User provisioning is to a directory SIN
Data User
SIN SIN
Data Service Endpoint
SIN
• IP Data Services – RADIUS/LDAP user-level policy • Service elements: predictable bandwidth, security,
connection oriented IP
– IP “conference calls” – Managed bandwidth services per application – Predictable “SLA’s” for customer and carrier 4/25/2020 Lucent Confidential 17
Policy Driven Service Creation
• As with voice: – Specific subscriber profiles drive network element behavior • Same with Data: – Network elements interact with provisioning servers – Service Provider defines services – Active network “reacts” to policies • Sets-up network resources on behalf of users • Uses MPLS, other technologies to signal for enforcement of service attributes 4/25/2020 Lucent Confidential 18
Web-based Service Selection
Service Provider
User connects to VR ATM User browser set to service provider homepage for service selection LightShip Call Logging Receiver User HTTP Request Service Selection Page VR Web server, presents HTML page collects service request, updates DB HTML IP Network Web Server
HTML
Database LDAP records LightShip Configuration Server
• Enables powerful flow-through provisioning – Users can “turn up” or change certain services themselves • Users edit web pages that update LDAP service profiles • Active network elements get “change notice” – Network elements download new profile & provide service 4/25/2020 Lucent Confidential 19
Key IP Service Applications
Site-site intranet Branch offices Desktops
Campus
eCommerce Internet Intranet servers Telecommuters
Public IP network
Web servers
Web
Mobile users Extended intranet Extranet servers
Campus
Customers Business-business extranets Partner Supplier Desktops 4/25/2020 Lucent Confidential 20
Site-to-Site Intranet VPN
Remote office CPE PVC DNS DHCP auth acct DNS DHCP auth Remote office CPE FR switch PPP Servers CPE Remote office VPN CPE Router IPSec Central site
4/25/2020 • • • • •
Requirements High bandwidth, low latency Selectable authentication Authorization Secure virtual routing High performance IPSec
• • • • •
3DES encryption Key management IP address management (per VR) Tunnel switching & concentration Accounting for dept. bill-back
Lucent Confidential 21
Business-to-Business Extranet VPN
Suppliers DNS DHCP Auth Acct CA CPE Extranet Host Central Site Servers Business Partners CPE CPE Customers
4/25/2020 • • • • •
CPE Authentication Authorization Secure Virtual Routing High performance IPSec 3DES encryption Requirements
• • • • •
Rapid, high capacity key generation IP address management Tunnel switching & concentration User-granular accounting for bill-back X.509v3 digital certificates
Lucent Confidential 22
Network-Based Firewall Service
Remote office CPE Remote office DSL modem Mobile VC ATM switch DSLAM/ RAS PPPoE Dynamic service profiles VR VR LDAP policy server Backbone network ISP #3 Intranet Extranet Requirements
• • • • 4/25/2020
Small-medium business Stateful inspection, denial of service protection Extranet access control, NAT Granular user/site level policy
• •
On-the-fly, Follow-me Firewall from single configuration Different policies for different flows within same session or site
Lucent Confidential 23
IP Services Vision
+ + + = 4/25/2020
Service Intelligent infrastructure from edge to core to edge
Benefit: Provides a network platform for service delivery tailored to the needs to the subscriber/application
Intelligent dynamic signaling in and between the network layers
Benefit: Provides a rich framework for deploying service intelligence between the layers of the network
Scalable, end-to-end network management from single console Full lifecycle professional services from planning to operations
Benefit: Allows for efficient network operations and leverage of network investment Benefit: Allows for service providers to outsource to save engineering/operations costs
Profitable, Value-added services
Lucent Confidential 24