Network Based IP Services

04/21/23 Lucent Technologies – Proprietary 11

Network Based IP Services

Horace LauSenior Market Development ManagerLucent Technologies, INSIP Services Business Unit

04/21/23 Lucent Confidential 2

Public IP Services; Not The Internet

• The road to profits is in Public IP Services Networks– A best-effort Internet doesn’t deliver service provider profits– Profits continue in classic data networks because they deliver

quality service

• But…the Internet delivered some great successes– Infrastructure for common communications: The TCP/IP protocol– Infrastructure for applications: Browsers, Streaming Media

Formats, Email, Messaging, Directories

• Today, customers require the service richness of the Internet with the service quality of the classic data networks


Value-added IP Services Deliver Competitive Advantage

AccessServices

Value-added Services Core BackboneServices

CommodityServices

CommodityServices

Marg

in %

Bandwidth-Managed ServicesIP VPNs

Managed SecurityBusiness Internet

Access Converged Services

Content Management/ Acceleration

Wholesale Subscriber Management


Service Providers Need Business Quality IP Services Network

DataServices

BroadbandAccess

Best EffortInternet

PSTN

Public IPNetwork

• Services• Connectivity• Performance• Reliability• Security• Simplicity• Affordability• Flexibility• Scalability• Ubiquity

Investment in public data networkinfrastructure will grow from $12Bin 1999 to $22B in 2003. (IDC)

Investment in public data networkinfrastructure will grow from $12Bin 1999 to $22B in 2003. (IDC)

Wireless

Optical Core


IP Is the New Public UNI(Network Connection)

• Public IP Networks Require• Routing functions on the edge

– Consistent interface to subscriber applications• Application-Aware Dynamic Service Delivery

– End-End Across The Network• Network Changes Behavior As Necessary

• Public IP Networks Must Provide• Application-aware priority for IP flows• Application specific behavior for different IP Flows

– Deliver bandwidth, and access privileges as required • Per application

• Dynamic signaling to support application requirements– Deliver services where and when they are needed

• By requesting them from smart network elements• Public IP Networks Cannot Use a Hop-by-Hop Internet Architecture

• Routers alone won’t support what needs to be done


Deterministic ServiceBehavior

• Service-specific functions in virtual routers– Traffic classification

• Voice, video, data– Marking, shaping, policing

• Priority queuing of IP application traffic– Voice first, then file transfer data packets

– Mapping IP application traffic to MPLS paths• To ensure service quality

• Pre-engineered traffic paths in core– Supports MPLS paths in:

• Frame based networks (core router-based networks)• ATM multi-service networks

– Provides: bandwidth guarantees, latency commitments

– Provides: QoS


PacketCriteria Action

Class ofService

En

terp

rise A

P

olicy

BillingClass

LDAP PolicyServer

Creating Personalized Services

Enterprise ATunnel B

FW/MPLS

LSP

Tunnel A

IPSec

Intranet IPsecVPN

Service$$$

ASP FW/MPLSSales

Automation$$

WEB NAT/FWSecure Internet

$

All Others Deny N/A N/A

Tunnel C

NAT/FW

AAAServer

Intranet

ASP

ISP #1

ISP #2

Core NetworkApplication

Stream

AccessDevice

Service IntelligentElement

Application Aware Traffic

Treatment


Network Architecture forPublic IP Services

Key Architecture Elements

• Service Intelligence to build end-to-end services– Virtual Routing– Intelligent Agents– Service Creation Model

• MPLS to create dynamic connections in and between layers in the network

• Unified network management for provisioning, monitoring, fault recovery

• Professional services for full public network design and

lifecycle management expertise


Complete Service Intelligent Architecture

AccessLayer

CoreLayer

RAS

DSL

Frame/ATM

Wireless

AccessNetworkCable Optical

CoreIP/

ATMCore

Switch

Intranet

Extranet

Web

ISP

ASP

IP/ATMCor

eSwitch

IP/ATMCore

Switch

ServicesLayer

•Recognizes users & their applications

•Understands their individual service needs

•Mediates on their behalf to deliver IP services

•Regardless of when, where, or how they arrive on the network

•All in a reliable and end-to-end, secure manner

Metro Optical

IP ServiceSwitch

Scalable on-ramp for IP service traffic

Actively mediates network behavior

Reliable, high-speed, transport

Intelligent, dynamic, scalable.


MPLS for Dynamic ConnectionsIn & Between Layers

• MPLS is an integral architecture element for communication in and between the network layers – Multi-Protocol Label Switching (MPLS) is not only used for

traffic engineering in IP Networks

• A Fundamental framework for Service Intelligence in Public IP Services networks

• Benefit: Creation of highly customized services based on subscriber, application, and network requirements


MPLS for Dynamic Connections:within the IP & ATM Transport Layers

• Multiservice ATM Core delivers infrastructure for Frame Relay, DSL, ATM Access and Multiservice MPLS

• IP Core provides infrastructure for “pure IP” networks and Packet MPLS

• MPLS between architectures provides for end-to-end IP services

IP Switching/Packet MPLS

GX550

BSTDX

PSAXFamily

ATM Multiservice/MPLS

MPLS

Signaling

NXNX

NXNX

NXNX


MPLS for Dynamic Connections: Between Layer 1 and Layer 2

Optical Core

The service intelligent network requests bandwidth and transport from the optical core via dynamic MPLS signal requests

Benefits:•Sub-second restoration in case of failure•Automatic addition of resources in response to demand•Layer 1 & Layer 2 are active participants in service delivery

IP/ATMCore

MPLS

Signaling


Unified Network ManagementFor IP Services

• Single service console for IP Services– Creation and management of all IP Service elements: Customer Located

Equipment (CLE), Service Switch, Core

– Service creation built within virtual routers

– Policy driven network behavior not “port-by-port” configuration using network directories– like the voice network.

• Flow-through integration with Layer 2 infrastructure– Automatic connections between devices– End-to-end within layer-two framework

• Layer-one integration with dynamic signaling: – On demand bandwidth creation driven by Service Intelligence through ODSI/OIF

Optical Interface

Benefit: scalable, single seat management with end-to end provisioning, monitoring, fault isolation


Intelligent IP Service Management

• Provisioning– Unified – supports all network elements actively

enforcing Service Attributes– Scaleable – Virtually centralized with distributed

content– Integrated - Built on top of a single platform– Flexible – GUI or API driven

• Surveillance/Assurance– Common Fault and Performance architecture– SLA Assurance w/detailed analysis

• Capacity planning– Historical trend analysis


Radically Different Approach

•Policy driven network behavior– Not “port-by-port” configuration

• Configure the network services, not the devices• Let the devices grab configuration elements and change

behavior as users of a service arrive at a port

• IP Framework for Services– Service creation built within virtual routers

• On edge of service provider network• Driven by central database servers


Voice: Policy Makes The Difference

• Traditional voice services– SS7/TCAP and central services

• Service elements: circuit-based connection oriented services• Reliability, predictability, security, billable connections

5ESS5ESS

5ESS5ESS

5ESS5ESS

5ESS5ESS

TCAPUser provisioningis to a directoryBack-office

Customer care

UserService Endpoint


Data: Policy Makes The Difference

• IP Data Services– RADIUS/LDAP user-level policy

• Service elements: predictable bandwidth, security, connection oriented IP– IP “conference calls”– Managed bandwidth services per application– Predictable “SLA’s” for customer and carrier

SINSIN

SINSIN

SINSIN

SINSIN

LDAP(Oracle)

User provisioningis to a directory

Back OfficeCustomer Care

Data User

Data ServiceEndpoint

Web/Corba


Policy Driven Service Creation

•As with voice:– Specific subscriber profiles drive network element

behavior•Same with Data:

– Network elements interact with provisioning servers– Service Provider defines services– Active network “reacts” to policies

• Sets-up network resources on behalf of users• Uses MPLS, other technologies to signal for enforcement

of service attributes


Web-based Service Selection

• Enables powerful flow-through provisioning– Users can “turn up” or change certain services themselves

• Users edit web pages that update LDAP service profiles• Active network elements get “change notice”

– Network elements download new profile & provide service

User browser set to User browser set to service provider service provider

homepage for homepage for service selectionservice selection

IPIPNetworkNetworkATMATM

ServiceServiceProviderProvider

User connects to User connects to VR VR

VR

User HTTP RequestUser HTTP RequestService Selection PageService Selection Page

HTMLHTML

LightShipLightShipCall Logging ReceiverCall Logging Receiver

Web ServerWeb Server

Web server, presents HTML Web server, presents HTML page collects service page collects service request, updates DB request, updates DB

DatabaseDatabaseLightShipLightShip

Configuration ServerConfiguration ServerLDAP records

HTML


Public IPPublic IPnetworknetwork

Campus

Telecommuters

Mobile users

Branchoffices

Customers

Partner Supplier

Extranet servers

Intranetservers

Desktops

Desktops

Web servers

Campus

Business-businessextranets

Business-businessextranets

Extendedintranet

Extendedintranet

Site-siteintranet

Site-siteintranet

Key IP Service Applications

Web

eCommerceInternet

eCommerceInternet


Site-to-Site Intranet VPN

CPE

Remote officeDNS DHCP auth acct

Central site

CPE

DNS DHCP auth

Servers

Router

FRswitch

PVC

PPP

IPSec

CPE

Remote office

VPNVPNCPECPE

Remote office

Requirements

• High bandwidth, low latency

• Selectable authentication• Authorization• Secure virtual routing• High performance IPSec

• 3DES encryption • Key management• IP address management (per VR)• Tunnel switching & concentration• Accounting for dept. bill-back


Business-to-Business Extranet VPN

• Authentication• Authorization• Secure Virtual Routing• High performance IPSec• 3DES encryption

• Rapid, high capacity key generation• IP address management• Tunnel switching & concentration• User-granular accounting for bill-back• X.509v3 digital certificates

Requirements

Extranet HostExtranet HostCentral SiteCentral Site

Business PartnersBusiness Partners

SuppliersSuppliers

CPECPE

CPECPE

DNSDNS DHCPDHCP AuthAuth AcctAcct

ServersServers

CPECPE

CPECPE

CustomersCustomers

CACA


Network-Based Firewall Service

Dynamicserviceprofiles

LDAPpolicyserver

DSLAM/RAS

PPPoEMobile

CPE

Remote office

ATMswitch

VC

Remote office

DSLmodem

VRVR

Backbonenetwork

Requirements

Intranet

ISP #3

Extranet

• Small-medium business• Stateful inspection, denial

of service protection• Extranet access control,

NAT• Granular user/site level

policy

• On-the-fly, Follow-me Firewall from single configuration

• Different policies for different flows within same session or site


IP Services Vision

Service Intelligent infrastructure from edge to core to edge

Benefit: Provides a network platform for service delivery tailored to the needs to the subscriber/application

Intelligent dynamic signaling in and between the network layers

Benefit: Provides a rich framework for deploying service intelligence between the layers of the network

Benefit: Allows for efficient network operations and leverage of network investment

Scalable, end-to-end network management from single console

Full lifecycle professional services from planning to operations

Benefit: Allows for service providers to outsource to save engineering/operations costs

+

+

+

= Profitable, Value-added services

Network Based IP Services

Documents

Transcript of Network Based IP Services