Upload
owen-schneider
View
223
Download
2
Tags:
Embed Size (px)
Citation preview
Alcatel IP infrastructure solution
Data Business Development
Alcatel IP infrastructure solution
Data Business Development
Presentation Title – DATA — 2 All rights reserved © 2002, Alcatel
> To succeed in the transition to e-business, companies are dissolving borders…• between “local” and “remote”
– (markets, employees, partners,...)
• between “owned” and “consumed” – (networks, managed services,
applications, supply chain,…)
Borderless Enterprise
BorderlessEnterprise
Mission-critical NetworkingMission-critical Networking
BusinessFlexibility
Employeeand CustomerRelationships
NewEconomicModels
Presentation Title – DATA — 3 All rights reserved © 2002, Alcatel
Standard Based : a must have
> Standards cover every need• IETF for Layer 3 and aboveIETF for Layer 3 and above• IEEE for layer 2IEEE for layer 2
> Standards to improve cost saving• Interoperability with existing equipmentInteroperability with existing equipment• Solutions have to last : important to protect the Solutions have to last : important to protect the
investmentinvestment• Standards remove the greatest part of installation Standards remove the greatest part of installation
hazards hazards • The end user can select a single sourceThe end user can select a single source without being without being
lockedlocked foreverforever
Presentation Title – DATA — 4 All rights reserved © 2002, Alcatel
Standard Based What supports that
Standard
based
Standard
based
RIP, OSPF, BGP4, IGMPRIP, OSPF, BGP4, IGMP
802.1p/Q, TOS, DiffServ,802.1p/Q, TOS, DiffServ, H323, SIP, H323, SIP, SNMP, HTTPSNMP, HTTP
LDAP, RADIUSLDAP, RADIUS……..
Compliant with all relevant standardsCompliant with all relevant standards
Support of all standard protocols forSupport of all standard protocols for
IP RoutingIP RoutingRIP, OSPF, BGP4, VRRP, PIMRIP, OSPF, BGP4, VRRP, PIM
QoS tagging and mappingQoS tagging and mapping802.1p, ToS, DiffServ802.1p, ToS, DiffServ
Network ManagementNetwork ManagementSNMP V1&V3, HTTPs, SSL, SSHSNMP V1&V3, HTTPs, SSL, SSH
VoIPVoIPH323, SIPH323, SIP
Directory based servicesDirectory based servicesLDAP, RADIUSLDAP, RADIUS
SecuritySecurity802.1x802.1x
Presentation Title – DATA — 5 All rights reserved © 2002, Alcatel
Avaibility concerns
> End-users need continuous data network access
> Every vendor claims “high availability”
> Can your data network deliver the carrier class availability for voice? And at what cost?
Let’s look at what can go wrong…
Network operations
Disaster recovery
Branch Office
Business partners
Wiringcloset
PBX
Remote user
Data Center
InternetInternet
WANWAN
PSTNPSTN
Presentation Title – DATA — 6 All rights reserved © 2002, Alcatel
Availability
> The network operates equal to or better than 99.999%99.999% of the time• Equals 5.26 minutes5.26 minutes of downtime per year
> Carrier class availability consists of…• No traffic interruptionNo traffic interruption w/component or SW failure or Configuration loads• Non stop operation when management module failover• No capacity loss with fabric module failover• On-line component swapping• Load sharing components• Networking recovery components• Network component availability monitoring
> At the edge; not simply at the coreAt the edge; not simply at the core• Users require dial tone availability at the edge• Data centers require highest availability also
Presentation Title – DATA — 7 All rights reserved © 2002, Alcatel
Smart Continuous SwitchingSmart Continuous Switching
Fast switch management restorationFast switch management restoration
Ability to maintainAbility to maintain ... ... Existing connections, L2 topologyExisting connections, L2 topology Ability to reactAbility to react … … L2 topology changeL2 topology change Ability to learnAbility to learn … … New addresses, new flowsNew addresses, new flows
Element resiliencyElement resiliency
Redundancy everywhereRedundancy everywhere Hot swap everythingHot swap everything Equipment protectionEquipment protection
• Thermal shutdownThermal shutdown
Service protectionService protection• Dual image / configDual image / config• Automatic rollbackAutomatic rollback
Network resiliencyNetwork resiliency
Layer 2, Layer 3Layer 2, Layer 3• FSTP, OSPF ECMP, VRRPFSTP, OSPF ECMP, VRRP
Powerful aggregationPowerful aggregation• 802.3ad802.3ad• Cross moduleCross module• 32 aggr – up to 16 links per aggr32 aggr – up to 16 links per aggr
Carrier Class Availability What supports that
Presentation Title – DATA — 8 All rights reserved © 2002, Alcatel
Performances concerns
Switching technology has matured…offering wire-rate performance and scalability in the core
In the wiring closet, L2 & L2/L3 stackable and chassis switches
In the backbone and data center, L3 chassis switches
Network operations
Disaster recovery
Branch Office
Business partners
Wiringcloset
PBX
Remote user
Data Center
InternetInternet
WANWAN
PSTNPSTN
Presentation Title – DATA — 9 All rights reserved © 2002, Alcatel
Performance AND Intelligence
> Pure Horse Power is NOT enoughPure Horse Power is NOT enough
> The ability to tailor the network performance based on users, services tailor the network performance based on users, services or resources typesor resources types regardless of location
> Distributed Intelligence is not only horsepower• Wirespeed servicesWirespeed services; not just capacity• VoIPVoIP needs more than big pipes• Intelligence means ensuring mission critical and delay sensitive applicationsmission critical and delay sensitive applications
get through despite inevitableinevitable network bottlenecks (servers access, WAN access, aggregation points )
> Distributed Intelligence consists of…• Wirespeed everywhere:Wirespeed everywhere: No feature or performance bottleneck• Wirespeed everything:Wirespeed everything: L2/L3/L4, ACLs, Load Balancing, QoS• Prioritization, Bandwidth management & Congestion control• … All in 10-Gig ready architecture
Presentation Title – DATA — 10 All rights reserved © 2002, Alcatel
Performance&Scalability What supports that
PerformancePerformance
Superior performances&ScalabilitySuperior performances&Scalability
Unprecedented capabilitiesUnprecedented capabilitiesUp to 512 Gbps of switching per nodeUp to 512 Gbps of switching per nodeUp to 16 10 gigabit portsUp to 16 10 gigabit portsUp to 384 Gigabit portsUp to 384 Gigabit portsUp to 400 10/100 portsUp to 400 10/100 ports
Scalability for every segment Scalability for every segment WorkgroupWorkgroupConcentrationConcentrationCore backboneCore backbone
All network services at wirespeedAll network services at wirespeed
Solutions for all legacy technologiesSolutions for all legacy technologies
Presentation Title – DATA — 11 All rights reserved © 2002, Alcatel
Wirespeed Intelligence What supports that
IntelligenceIntelligence
Distributed ArchitectureDistributed Architecture
Unprecedented acceleration of servicesUnprecedented acceleration of services ASIC-based ACL, QoS, NAT, SLBASIC-based ACL, QoS, NAT, SLB Distributed Parallel software processingDistributed Parallel software processing
Quality of ServiceQuality of Service Extensive L2,3,4 classificationExtensive L2,3,4 classification Unique QoS mapping capabilityUnique QoS mapping capability Bandwidth management: 2048 queues / bladeBandwidth management: 2048 queues / blade One Touch QoSOne Touch QoS
Native Server Load BalancingNative Server Load Balancing Virtual IP based, server health checkVirtual IP based, server health check Enterprise focused implementationEnterprise focused implementation Simple, Native, WirerateSimple, Native, Wirerate
Presentation Title – DATA — 12 All rights reserved © 2002, Alcatel
Ready for Convergence What supports that
Embedded VoIP supportEmbedded VoIP support IP Phone Power feedingIP Phone Power feeding IP Phone automatic detectionIP Phone automatic detection
Readiness for converged networkReadiness for converged network Complete voice and data offerComplete voice and data offer Advanced QoSAdvanced QoS Wirespeed processingWirespeed processing Coherent management systemCoherent management system
ConvergenceConvergence
Presentation Title – DATA — 13 All rights reserved © 2002, Alcatel
Disaster recovery
Branch Office
Wiringcloset
PBX
Remote user
Data Center
InternetInternet
WANWAN
PSTNPSTN
Manageability concerns
> Generally IT staff…• Set thresholds
• Interpret traps
• React to alarms
• Report
> Whatever happened to policy based networking? QoS? Security?
Just too complex…Just too complex…Business partners
Network operations
Presentation Title – DATA — 14 All rights reserved © 2002, Alcatel
OneTouch Manageability?
> Easy configurationEasy configuration of a network’s users and/or elements with little to no administration effortlittle to no administration effort
> OneTouch Manageability consists of…• Push button ease of usePush button ease of use• Automatic settings of complex network Automatic settings of complex network
functions (QoS, Security)functions (QoS, Security)• Dynamic and secured support of mobilityDynamic and secured support of mobility• Settings automatically replicated to all switches in
network• Policy-based management with an LDAP architecture • Single GUISingle GUI and full switch access capacity through
Web based managed or NMS console • Coherent NMS system to supportCoherent NMS system to support
data and voicedata and voice
Presentation Title – DATA — 15 All rights reserved © 2002, Alcatel
Manageability What supports that
ManageabilityManageability
Easy and sophisticated managementEasy and sophisticated management
End-to-End consistent solutionEnd-to-End consistent solution
A single application for all data productsA single application for all data productsNetwork wide configurationNetwork wide configurationsame system for voice and datasame system for voice and dataCentralized configuration databaseCentralized configuration database
Easy sharing of network management tasksEasy sharing of network management tasks
partitioned managementpartitioned management
Flexible solutionFlexible solution
Embedded Web based application with Embedded Web based application with access to all functionsaccess to all functions
Presentation Title – DATA — 16 All rights reserved © 2002, Alcatel
Dynamic Mobility What supports that
MobilityMobility Unmatched VLAN Flexibility for Unmatched VLAN Flexibility for secure mobilitysecure mobility
SecuritySecurity Binding VLAN: Based on Binding VLAN: Based on
simultaneous traffic criteriasimultaneous traffic criteria• port, Mac, protocol, addrport, Mac, protocol, addr
A-VLAN: User placed in VLAN based A-VLAN: User placed in VLAN based on 802.1x or advanced authenticationon 802.1x or advanced authentication
Mobile VLAN: Device placed in VLAN Mobile VLAN: Device placed in VLAN based on traffic characteristicsbased on traffic characteristics• PortPort• MacMac• ProtocolProtocol• SubnetSubnet• DHCP port ruleDHCP port rule• DHCP mac ruleDHCP mac rule• CustomCustom
Presentation Title – DATA — 17 All rights reserved © 2002, Alcatel
Disaster recovery
Branch Office
Wiringcloset
PBX
Remote user
Data Center
InternetInternet
WANWAN
PSTNPSTN
Business partners
Network operations
Security concerns
Unauthorized use of device ports
Accidental or negligent configurations
After hours network access
External security breaches
End-users:Different levels of accessInternal security breaches
Authorized users misbehaving
Remote users:Unprotected assets
Presentation Title – DATA — 18 All rights reserved © 2002, Alcatel
Multi-Layer Security
> Controlling user access and the protection from unintentional or malicious network infrastructure corruption
> Multi-layer Security consists of…• Controlling access to the network, components and resources• Protection OF the device, TO the device, THROUGH the deviceOF the device, TO the device, THROUGH the device• Isolating user groups• Defending against snooping, hostile intrusion, DoS attacks• Providing configuration and administration granularityProviding configuration and administration granularity
> Distributed Multi-layer securityDistributed Multi-layer security
Presentation Title – DATA — 19 All rights reserved © 2002, Alcatel
Distributed Multi-Layer Security What supports that
SecuritySecurity
Secure Switch ManagementSecure Switch Management
Security out of the boxSecurity out of the box Device access: IPSA to management servicesDevice access: IPSA to management services User access: standard user authenticationUser access: standard user authentication User privilege: User privilege: partitioned managementpartitioned management Secure traffic: SSL, SSH, SNMPv3Secure traffic: SSL, SSH, SNMPv3 Accounting: extensive logsAccounting: extensive logs
Secure Network AccessSecure Network Access
ACL, NAT: ASIC-basedACL, NAT: ASIC-based Unmatched VLAN: Unmatched VLAN: mobile, binding, authenticatedmobile, binding, authenticated
Enabled Switch SecurityEnabled Switch Security
DOS defenseDOS defense Router AuthenticationRouter Authentication High Availability Application support: stonebeatHigh Availability Application support: stonebeat
Distributed Security strategyDistributed Security strategy
Switches from edge to coreSwitches from edge to core IP enabled voice productsIP enabled voice products
Presentation Title – DATA — 20 All rights reserved © 2002, Alcatel
CoreCore EdgeEdge BranchBranchWANWAN
90’s Era Components
SecuritySecurity
IntelligenceIntelligence
Manageability Manageability
AvailabilityAvailability
New EraNew EraNetworkingNetworking
IP CommunicationsIP Communications
The New Era Dimension