Download
1 / 39
860 likes | 1.86k Views
Alcatel-Lucent Enterprise. Alcatel-Lucent at a Glance . Alcatel and Lucent have come together to create the first truly global communication solutions provider Executive offices in Paris and Calabasas CA. USA Worldwide presence: 130 countries Annual Revenues: $21.6 billion
E N D
Alcatel-Lucent at a Glance • Alcatel and Lucent have come together to create the first truly global communication solutions provider • Executive offices in Paris and Calabasas CA. USA • Worldwide presence: 130 countries • Annual Revenues: $21.6 billion • Market rankings: • No. 1 in wireline • No. 3 in wireless • Among top 3 in applications and services • No. 1 in Europe for enterprise communications solutions • Employees: 79,000 – including ~23,000 in R&D • R&D: $3.5 billion (14% of revenue) • Active patents held: 25,000 • Nobel Prizes won: 6
Leadership in Innovation • Alcatel-Lucent stands asan innovation powerhouse: • One of the largest global R&D capabilities in communications,leveraging the strengths of Bell Labs and Research & Innovation • Innovation centers around the world, including the USA, Canada, France, Germany, Belgium, UK, Italy, Spain, Ireland,Russia, Poland, Romania, China and India • A heritage of life-changing innovations: DSL, PON, WiMAX, as well as WDM, computer networking, transistor, digital signal processing, charge coupled device (CCD), communications satellite, laser and cellular telephony
UNMATCHED PARTNER ECOSYSTEM TECHNOLOGY PARTNERS GLOBAL PARTNERS, SYSTEM INTEGRATORS & SERVICE PROVIDERS Ionix
A TAILORED APPROACHTO INDUSTRIES EDUCATION HEALTHCARE FINANCE PUBLIC SAFETY &DEFENSE ENERGY TRANSPORT GOVERNMENT MANUFACTURING HOSPITALITY PARTNER ECOSYSTEM
APPLICATION FLUENT NETWORKSA UNIQUE VISION RESILIENT ARCHITECTURE • Simplified and secure APPLICATION FLUENT NETWORKS AUTOMATIC CONTROL • Invest in our talents while reflecting market diversity STREAMLINED OPERATIONS • Realize the potential of a connected world by developing and deploying affordable communication solutions
Product Portfolio Infrastructure SLA & Applications IP/DNS/DHCP NetworkManagement OmniVista 2500 OmniVista3600 5620 SAM Motive AAA VitalSuite LAN WLAN WAN 7750 SR OmniAccessWLAN 4x50 7450 ESS & 7705 SAR OmniAccess WLAN 6000 Network Infrastructure OmniSwitch9000E OmniSwitch 10K Enterprise Service Router OmniSwitch6900 OmniAccessWLAN 4000 OmniSwitch6850E & 6855 OmniAccess ESR OmniAccess WLAN, Instant AP & RAP OmniSwitch6450 & 6250 Integrated Security HIC/MDM/BYOD Threat Containment Network / Security Access Guardian Quarantine Manager CyberGatekeeper FortiGate
CHALLENGES RELIABILITY QUALITY OF EXPERIENCE Lack of performance to support increased multimedia traffic Inconsistent experience as you move around the enterprise - wire and wireless Difficulty to accept employee owned and guest devices Security threat Complex and costly to manage/operate COST
AVAILABILITY VIRTUAL CHASSIS LAN CORE RIGHTSIZING 10G 10G 10G 10G 20G 20G SCALABLE 10G/40G PAY AS YOU GROW LOWERCAPEX/OPEX HIGH PERFORMANCE SIMPLIFIED MANAGEMENT FAST RECOVERYON FAILURES
Solution: Server Load Balancer SLB TO Distribut SIMOULANEOUS ACCESS 5 1 2 3 4 Solution to the disaster: Install several Servers running the same Application in a Farm with Server Load Balancer
AUTOMATED VM MOBILITY TOR TOR TOR TOR TOR NP2 NP1 NP NP • VM Classification • Profile Association • QoS • Security • Priority • Bandwidth • Automated VM Mobility • Network Follows the VM • Transparent to DC Interconnect VM1 VM2
OMNIVISTA 2500 VMMHIGH-LEVEL VIEW Automatically adapt to VM Movement Visibility • Provides a unified dashboard of switches, ports, hypervisors and virtual machines • Live and historical data tracking and logging Provisioning • Definition of bindings between VM and vNP for connectivity Movement • Migration of vNP to new switch • Security & QoS parameters, VLAN configuration • Add, migrate, remove VM Inventory vNP Provisioning
Application Fingerprinting Application Visibility • Real-time applications monitoring • What applications running over your network • How much BW consumed by application • What user/user group use what application Application Control • Rate limiting/blocking non-corporate applications • Quality of Service & Network Profiling (UNP) for applications • Specify actions that are allowed or not (e.g. LinkedIn or BitTorrent no access) Application Signatures • ASCII based text file Update on the fly L7 signatures (REGEX) L7-filter reference signatures • Up to 100 application signatures in HW • Wire-rate classification/actions • HW statistic collection
AOS 6.6.4 release – 802.3az a.k.a. EEE OS6450 EEE enabled EEE enabled Introduction: • Energy Efficient Ethernet (EEE) is a protocol to allow the OS6450 PHY chipset to go to a low power mode state whenidle (ie no traffic sent). In accordance with IEEE 802.3az. • 6450 hardware and AOS 6.6.4 software are EEE capable.This feature enables EEE master mode and Enable/Disable EEE advertisement using AOS software. • Enabled/Disabled per port Platforms Supported: OmniSwitch 6450 (10, P10, 24, P24, 48, P48), not U24 ALU 8012 Deskphone PC Switch Energy Savings – up to 33% End Point Energy Savings – up to 17%
SRC=MAC 1 CAM Table MAC 1 -> 3/5 MAC 2 -> 3/5 … MAC 58035 -> 3/5 … SRC=MAC 2 3/5 SRC=MAC 58035 MAC Address Vulnerabilities • MAC address spoofing – a device can send frames with a spoofed MAC address causing changes in the CAM table • A flood of frames with different source MAC addresses can cause a switch to run out of memory
Loopback Detection LBD Benefits Limitations • Increased stability • If MSTP, edge must enable STP • Loopback detection • Check for duplicate LBD frames • Operates • Independent of STP • Per specific port • Per switch globally • Shutdown port on loop • Auto recovery port after user timer LBD frames
Top of Mind WLAN Requirements BYOD Security& Support Fast & Flexible Deployment From nomadic use to always-on & connected Dependable Wi-Fi for Mobile Apps
WLAN Challenges for the Next-Gen Workplace • More devices than capacity • Sticky Clients • Unpredictable Voice, Video & UCC • New Technology Adoption: 802.11AC
Alcatel Lucent Wireless Access Architecture Integrated Mobility Services • Centralized Control • Integrated Mobility Services and Thin Access On-ramps • Unified Access Architecture • Zero touch deployments • for BYOD, Voice, Video • Context Aware Networking • User, Device, Location and Application Aware DATACENTER Thin Access On-Ramps REMOTEOFFICE WIRELESS WIRED VPN OUTDOOR
Manage the Air Fair distribution of clients across channels eg. Ch 36, 40, 44 Fair distribution of clients across bands eg. 2.4-GHz and 5-GHz Fair distribution of air-time per radio eg. iPad vs. MacBook vs. iPod Channel 1 Channel 6 Channel 11
DHCP and HTTP signature matching within OS identifies device type and model Enables per user and per device access control, enrollment, authentication and management Device Fingerprinting Port, VLAN Aware User, Device Aware vs. • All devices and users assigned to same network access policy, increasing risk • Network operations costs increase due to manual troubleshooting and monitoring
Port / VLAN Aware ⊗ Limited policy enforcement ⊗ Hard to scale at large sites ⊗ Too costly to manage Context Aware SecurityUser, Device, Application and Location User Aware • Role based policies • Per user visibility Device Aware • Auto enrollment • Per device policies Application Aware • Per application QoS • High density of devices Cisco Borderless Date, Location Aware • Virtualized policy configuration Only Context Aware Access Network
Automated Control with ClientMatch™ technology Enabling Superior 802.11AC Experience REAL-TIME RF CORRELATION Match to another AP • Enables use of • 802.11ac Wi-Fi rates • 98% of mobile devices with higher signal quality • 94% better performance for “sticky” clients • 88% higher network performance • No client-side software required DEVICE TYPE INTERFERENCE LOCATION CONGESTION
Application Optimized • 1. Secure Connection • Authenticate User • Encrypt traffic • VPN termination • 2. Identify Application • L7 visibility • URL aware • Heuristics for encrypted applications • 3. Control Performance • Allow/Deny by policy • Prioritize/Deprioritize with QoS • Adjust RF
OV3600 Air Manager Management Platform • Centralized monitoring • Wired and wireless device discovery • Monitoring of every device and user on wireless network • Root cause analysis • Reporting on real-time status and historical trends • Centralized operations management • Configuration of wired and wireless devices • Firmware distribution • Automated compliance • Easy-to-use interface • Role-based access • Access by business/ organization unit
UNIQUE UNIFIED ACCESS VALUE-PROPOSITIONCONSISTENT NETWORK SERVICES ACROSS WLAN & LAN Integrated LAN, WLAN & BYOD solution with Professional Services • Solving the complexity of deploying network access security Network Operations • Available for existing customers, on existing products User Management Application Fluency Security QoS Device Management Unified Access 802.11n/ac FE/GigE
CORE COMPONENTS OF UNIFIED ACCESSFOUNDATION FOR BYOD DEVICE PROVISIONING • Self-Provisioning for Wired & WiFi Windows, iOS, Android devices • Simplified 802.1X deployment and management for Unified Access UNIFIED ACCESS ADVANCED GUEST MANAGEMENT ONBOARD Active Directory DHCP Server • Simplified management of HotSpot with advanced customizable portal • Guest management in enterprise with self and sponsor registrations workflows Edge Switch CLEARPASS POLICY MANAGER GUEST WLAN Controller POSTURE/HEALTH CHECKS Existing RADIUS • Enforced constantly security policy of devices accessing the corporate network • Profile and Role based security enforcement management solution Access Points MDM ONGUARD WORKSPACE APPLICATION MANAGEMENT • First integrated solution to control devices, users, network and applications altogether • Leverage investments of MDM/MAM and extends it to the Network Access Control
