Date post: | 15-Apr-2017 |
Category: |
Technology |
Upload: | kimw001 |
View: | 64 times |
Download: | 0 times |
Business class telecommunications
Maxim PopovHead of R&D
kCloud
Platform for IT/Telco service
VALUESCustomer focusedWe know about our clients concerns and care about them by creation of products and solutions that will be valued and serve our clients in accordance with our promises and their expectations
ResponsibilityWe achieve our goals and execute our commitments
Innovation abilityWe are constantly looking for new technologies and creating solutions dedicated to significant improvement in business efficiency
ProfessionalismWe are taking deep knowledge in our business and rich experience of its practical realization
3The case for OpenStack
Virtualize Network Control Plane
OpenStack - solid foundation for telco virtualization
Reduce provisioning time & costsLower OpEx on common virtualized infraEndorse short-lived cases
Deploy faster, with optimal sizingScale & relocate easilyNatural fit to integrate client's NW & Cloud
Virtualize Enterprise Customer Premises Equipment
Minimal CapEx & OpEx on virtualized x86-COTS Painless scaling with Software Defined Storage
Virtualize Video Processing and Storage
4DPI
DPIDeep Packet Inspection
- functionality allows you to analyze the traffic, manage it and collect statistical information.
Restricting the use of the Internet access for any purpose, for example- enterprise policy, low policy etc.
Management and collection traffic usage statistics.
Centralized automatic update lists of prohibited Internet resources, with the possibility of configuration in manual mode.
5DPI functionality
DPI
Controlling filtering rules
Collection and analysis of statistical
information
Centralized configuration & management
Monitoring Internet channel load
4Manage lists of prohibited Internet resources
4Control Management Access: by dates, schedule, content, speed (managers)
4Notify / redirect users when they attempt to visit a blocked web site.
4Filtering traffic based on the categories (Database system continuity sites continuously updated and contains more than 500? million. sites)
4Perform URL categorization and interlock, black / white lists
4By domain names, websites, protocols, dates, etc.
4Running for any arbitrary period of time indicating the load on the incoming and outgoing traffic
6How it deployed
TH
kCloud
kCloudTH
TH
management subsystem
clients
internal
Hardware traffic handler. Where we can’t set virtual
handler
TH - traffic handler
Internet
Data traffic Data traffic
Management traffic
7DDoS Protection
DDoSProtection
– Efficient counteraction to DDoS-attacks at any OSI Level
Maintenance of Internet resources smooth functioning at 24/7
Funds savings on qualified IT-specialists, expensive hardware and software
Protection from overload
Legitimate traffic in usual mode
Legitimate traffic at DDoS-attack
DDoS-traffic
8How it deployed
Legitimate usersInternet
Control
Hacker
DDoS-attack
Botnet
DDoSController
DDoSAnalyzer
API
DDoS-GUARD Traffic Filtration
Blackhole
Internet Service
BGP-session
sFlow
BGP-Session
GRE-tunnel
9kSpot
kSpot - Managed Wi-Fi with analytics
organization of access to the Internet via Wi-Fi technology for your customers
personalized delivery of advertising and information messages to mobile devices your customers
authorization your customers via SMS according law
– Wireless LAN Controller– Authorization portal– Management portal
AP. . .
Client’s side
How it deployed
AP
. . .
vWLC
Authorization Server
Management portal
10
Internet
1111CSR1000v (Enterprise cloud border router)
CSR1000v
- Extending Enterprise WAN to Cloud
Security IPSec VPN, L2TP Route-based VPNs (DMVPN, ..) Firewall, ACL, AAA
Enterprise Services NAT, QoS, OSPF, BGP, Tunneling, IOS-XE CLI,
Flexible policies for bandwidth and features set (from 10 Mbps up to 1 Gbps)
Cisco ASAv (Enterprise cloud firewall) 1212
ASAvAdapative Security Virtual Appliance
- Protects enterprise cloud
Security firewall functionality
Secure mobility VPN virtual appliance used in a virtual environment. It runs within your cloud as a VM, and supports site to site VPN, remote access VPN, and clientless VPN functionality.
Scalability ASAv15, ASAv30
13How it works
SLA
CPE InternetvASA
vRouterClient’s office
TENANT in kCloud
…SDNL2/3 VPN
kServers
kServers
SDN
14Future plan
kVideovSaaS
- Remotevideo-control for business
Cost effective
Fast and easy deplay
Always on Access
15How it works
PC
Smart-phones
Laptop
Videostreamer
Videostorage
IP cams
IP cams
Web portal management system
Business-class telecommunications
© KazTransCom, 2016
Thank you for attention!