Date post: | 19-Dec-2015 |
Category: |
Documents |
View: | 215 times |
Download: | 0 times |
04/18/23 Lucent Technologies – Proprietary 11
Network Based IP Services
Horace LauSenior Market Development ManagerLucent Technologies, INSIP Services Business Unit
04/18/23 Lucent Confidential 2
Public IP Services; Not The Internet
• The road to profits is in Public IP Services Networks– A best-effort Internet doesn’t deliver service provider profits– Profits continue in classic data networks because they deliver
quality service
• But…the Internet delivered some great successes– Infrastructure for common communications: The TCP/IP protocol– Infrastructure for applications: Browsers, Streaming Media
Formats, Email, Messaging, Directories
• Today, customers require the service richness of the Internet with the service quality of the classic data networks
04/18/23 Lucent Confidential 3
Value-added IP Services Deliver Competitive Advantage
AccessServices
Value-added Services Core BackboneServices
CommodityServices
CommodityServices
Marg
in %
Bandwidth-Managed ServicesIP VPNs
Managed SecurityBusiness Internet
Access Converged Services
Content Management/ Acceleration
Wholesale Subscriber Management
04/18/23 Lucent Confidential 4
Service Providers Need Business Quality IP Services Network
DataServices
BroadbandAccess
Best EffortInternet
PSTN
Public IPNetwork
• Services• Connectivity• Performance• Reliability• Security• Simplicity• Affordability• Flexibility• Scalability• Ubiquity
Investment in public data networkinfrastructure will grow from $12Bin 1999 to $22B in 2003. (IDC)
Investment in public data networkinfrastructure will grow from $12Bin 1999 to $22B in 2003. (IDC)
Wireless
Optical Core
04/18/23 Lucent Confidential 5
IP Is the New Public UNI(Network Connection)
• Public IP Networks Require• Routing functions on the edge
– Consistent interface to subscriber applications• Application-Aware Dynamic Service Delivery
– End-End Across The Network• Network Changes Behavior As Necessary
• Public IP Networks Must Provide• Application-aware priority for IP flows• Application specific behavior for different IP Flows
– Deliver bandwidth, and access privileges as required • Per application
• Dynamic signaling to support application requirements– Deliver services where and when they are needed
• By requesting them from smart network elements• Public IP Networks Cannot Use a Hop-by-Hop Internet Architecture
• Routers alone won’t support what needs to be done
04/18/23 Lucent Confidential 6
Deterministic ServiceBehavior
• Service-specific functions in virtual routers– Traffic classification
• Voice, video, data– Marking, shaping, policing
• Priority queuing of IP application traffic– Voice first, then file transfer data packets
– Mapping IP application traffic to MPLS paths• To ensure service quality
• Pre-engineered traffic paths in core– Supports MPLS paths in:
• Frame based networks (core router-based networks)• ATM multi-service networks
– Provides: bandwidth guarantees, latency commitments
– Provides: QoS
04/18/23 Lucent Confidential 7
PacketCriteria Action
Class ofService
En
terp
rise A
P
olicy
BillingClass
LDAP PolicyServer
Creating Personalized Services
Enterprise ATunnel B
FW/MPLS
LSP
Tunnel A
IPSec
Intranet IPsecVPN
Service$$$
ASP FW/MPLSSales
Automation$$
WEB NAT/FWSecure Internet
$
All Others Deny N/A N/A
Tunnel C
NAT/FW
AAAServer
Intranet
ASP
ISP #1
ISP #2
Core NetworkApplication
Stream
AccessDevice
Service IntelligentElement
Application Aware Traffic
Treatment
04/18/23 Lucent Confidential 8
Network Architecture forPublic IP Services
Key Architecture Elements
• Service Intelligence to build end-to-end services– Virtual Routing– Intelligent Agents– Service Creation Model
• MPLS to create dynamic connections in and between layers in the network
• Unified network management for provisioning, monitoring, fault recovery
• Professional services for full public network design and
lifecycle management expertise
04/18/23 Lucent Confidential 9
Complete Service Intelligent Architecture
AccessLayer
CoreLayer
RAS
DSL
Frame/ATM
Wireless
AccessNetworkCable Optical
CoreIP/
ATMCore
Switch
Intranet
Extranet
Web
ISP
ASP
IP/ATMCor
eSwitch
IP/ATMCore
Switch
ServicesLayer
•Recognizes users & their applications
•Understands their individual service needs
•Mediates on their behalf to deliver IP services
•Regardless of when, where, or how they arrive on the network
•All in a reliable and end-to-end, secure manner
Metro Optical
IP ServiceSwitch
Scalable on-ramp for IP service traffic
Actively mediates network behavior
Reliable, high-speed, transport
Intelligent, dynamic, scalable.
04/18/23 Lucent Confidential 10
MPLS for Dynamic ConnectionsIn & Between Layers
• MPLS is an integral architecture element for communication in and between the network layers – Multi-Protocol Label Switching (MPLS) is not only used for
traffic engineering in IP Networks
• A Fundamental framework for Service Intelligence in Public IP Services networks
• Benefit: Creation of highly customized services based on subscriber, application, and network requirements
04/18/23 Lucent Confidential 11
MPLS for Dynamic Connections:within the IP & ATM Transport Layers
• Multiservice ATM Core delivers infrastructure for Frame Relay, DSL, ATM Access and Multiservice MPLS
• IP Core provides infrastructure for “pure IP” networks and Packet MPLS
• MPLS between architectures provides for end-to-end IP services
IP Switching/Packet MPLS
GX550
BSTDX
PSAXFamily
ATM Multiservice/MPLS
MPLS
Signaling
NXNX
NXNX
NXNX
04/18/23 Lucent Confidential 12
MPLS for Dynamic Connections: Between Layer 1 and Layer 2
Optical Core
The service intelligent network requests bandwidth and transport from the optical core via dynamic MPLS signal requests
Benefits:•Sub-second restoration in case of failure•Automatic addition of resources in response to demand•Layer 1 & Layer 2 are active participants in service delivery
IP/ATMCore
MPLS
Signaling
04/18/23 Lucent Confidential 13
Unified Network ManagementFor IP Services
• Single service console for IP Services– Creation and management of all IP Service elements: Customer Located
Equipment (CLE), Service Switch, Core
– Service creation built within virtual routers
– Policy driven network behavior not “port-by-port” configuration using network directories– like the voice network.
• Flow-through integration with Layer 2 infrastructure– Automatic connections between devices– End-to-end within layer-two framework
• Layer-one integration with dynamic signaling: – On demand bandwidth creation driven by Service Intelligence through ODSI/OIF
Optical Interface
Benefit: scalable, single seat management with end-to end provisioning, monitoring, fault isolation
04/18/23 Lucent Confidential 14
Intelligent IP Service Management
• Provisioning– Unified – supports all network elements actively
enforcing Service Attributes– Scaleable – Virtually centralized with distributed
content– Integrated - Built on top of a single platform– Flexible – GUI or API driven
• Surveillance/Assurance– Common Fault and Performance architecture– SLA Assurance w/detailed analysis
• Capacity planning– Historical trend analysis
04/18/23 Lucent Confidential 15
Radically Different Approach
•Policy driven network behavior– Not “port-by-port” configuration
• Configure the network services, not the devices• Let the devices grab configuration elements and change
behavior as users of a service arrive at a port
• IP Framework for Services– Service creation built within virtual routers
• On edge of service provider network• Driven by central database servers
04/18/23 Lucent Confidential 16
Voice: Policy Makes The Difference
• Traditional voice services– SS7/TCAP and central services
• Service elements: circuit-based connection oriented services• Reliability, predictability, security, billable connections
5ESS5ESS
5ESS5ESS
5ESS5ESS
5ESS5ESS
TCAPUser provisioningis to a directoryBack-office
Customer care
UserService Endpoint
04/18/23 Lucent Confidential 17
Data: Policy Makes The Difference
• IP Data Services– RADIUS/LDAP user-level policy
• Service elements: predictable bandwidth, security, connection oriented IP– IP “conference calls”– Managed bandwidth services per application– Predictable “SLA’s” for customer and carrier
SINSIN
SINSIN
SINSIN
SINSIN
LDAP(Oracle)
User provisioningis to a directory
Back OfficeCustomer Care
Data User
Data ServiceEndpoint
Web/Corba
04/18/23 Lucent Confidential 18
Policy Driven Service Creation
•As with voice:– Specific subscriber profiles drive network element
behavior•Same with Data:
– Network elements interact with provisioning servers– Service Provider defines services– Active network “reacts” to policies
• Sets-up network resources on behalf of users• Uses MPLS, other technologies to signal for enforcement
of service attributes
04/18/23 Lucent Confidential 19
Web-based Service Selection
• Enables powerful flow-through provisioning– Users can “turn up” or change certain services themselves
• Users edit web pages that update LDAP service profiles• Active network elements get “change notice”
– Network elements download new profile & provide service
User browser set to User browser set to service provider service provider
homepage for homepage for service selectionservice selection
IPIPNetworkNetworkATMATM
ServiceServiceProviderProvider
User connects to User connects to VR VR
VR
User HTTP RequestUser HTTP RequestService Selection PageService Selection Page
HTMLHTML
LightShipLightShipCall Logging ReceiverCall Logging Receiver
Web ServerWeb Server
Web server, presents HTML Web server, presents HTML page collects service page collects service request, updates DB request, updates DB
DatabaseDatabaseLightShipLightShip
Configuration ServerConfiguration ServerLDAP records
HTML
04/18/23 Lucent Confidential 20
Public IPPublic IPnetworknetwork
Campus
Telecommuters
Mobile users
Branchoffices
Customers
Partner Supplier
Extranet servers
Intranetservers
Desktops
Desktops
Web servers
Campus
Business-businessextranets
Business-businessextranets
Extendedintranet
Extendedintranet
Site-siteintranet
Site-siteintranet
Key IP Service Applications
Web
eCommerceInternet
eCommerceInternet
04/18/23 Lucent Confidential 21
Site-to-Site Intranet VPN
CPE
Remote officeDNS DHCP auth acct
Central site
CPE
DNS DHCP auth
Servers
Router
FRswitch
PVC
PPP
IPSec
CPE
Remote office
VPNVPNCPECPE
Remote office
Requirements
• High bandwidth, low latency
• Selectable authentication• Authorization• Secure virtual routing• High performance IPSec
• 3DES encryption • Key management• IP address management (per VR)• Tunnel switching & concentration• Accounting for dept. bill-back
04/18/23 Lucent Confidential 22
Business-to-Business Extranet VPN
• Authentication• Authorization• Secure Virtual Routing• High performance IPSec• 3DES encryption
• Rapid, high capacity key generation• IP address management• Tunnel switching & concentration• User-granular accounting for bill-back• X.509v3 digital certificates
Requirements
Extranet HostExtranet HostCentral SiteCentral Site
Business PartnersBusiness Partners
SuppliersSuppliers
CPECPE
CPECPE
DNSDNS DHCPDHCP AuthAuth AcctAcct
ServersServers
CPECPE
CPECPE
CustomersCustomers
CACA
04/18/23 Lucent Confidential 23
Network-Based Firewall Service
Dynamicserviceprofiles
LDAPpolicyserver
DSLAM/RAS
PPPoEMobile
CPE
Remote office
ATMswitch
VC
Remote office
DSLmodem
VRVR
Backbonenetwork
Requirements
Intranet
ISP #3
Extranet
• Small-medium business• Stateful inspection, denial
of service protection• Extranet access control,
NAT• Granular user/site level
policy
• On-the-fly, Follow-me Firewall from single configuration
• Different policies for different flows within same session or site
04/18/23 Lucent Confidential 24
IP Services Vision
Service Intelligent infrastructure from edge to core to edge
Benefit: Provides a network platform for service delivery tailored to the needs to the subscriber/application
Intelligent dynamic signaling in and between the network layers
Benefit: Provides a rich framework for deploying service intelligence between the layers of the network
Benefit: Allows for efficient network operations and leverage of network investment
Scalable, end-to-end network management from single console
Full lifecycle professional services from planning to operations
Benefit: Allows for service providers to outsource to save engineering/operations costs
+
+
+
= Profitable, Value-added services