400 likes | 737 Views
MPLS IP-VPNs Featured. Power point presentation slides bundled from Cisco Systems, Inc. presentations. MPLS based IP VPN Services in EMEA. Cisco Providing IP VPN Technology to 90%+ of Leading Service Providers in Europe, Middle East and Africa. 2. 2. 2.
E N D
MPLS IP-VPNs Featured Power point presentation slides bundled from Cisco Systems, Inc. presentations
MPLS based IP VPN Services in EMEA Cisco Providing IP VPN Technology to 90%+ of Leading Service Providers in Europe, Middle East and Africa 2 2 2 © 2003, Cisco Systems, Inc. All rights reserved.
MPLS : Network-based IP-VPN Services VPN A VPN B VPN C VPN C VPN B MPLS-Network VPN A FR, ATM, IP-Tunnel VPN A VPN B VPN C VPN C VPN B VPN A CPE-based VPN’s Direct connectivity among Selected Sites Network-based VPN’s Any-to-Any Connectivity among ALL Sites Network based VPN VPN’s are “built-in” rather than “overlaid”
MPLS : New Industry Standard for Carrier Networks • What is it ? • Multi-Protocol Label Switching • IETF industry standard (RFC’s 2702, 3031 – 3038, 3063) • based on Cisco’s Tag Switching submission • How does it work ? • Forwards packets based on Labels • Packets are switched, not routed • Best of both worlds : • Privacy and QoS of ATM, Frame Relay • Flexibility and Scalability of IP • MPLS-VPN’sarea Cisco Value Added Feature (RFC 2547bis)
Positioning VPN Services and Technologies • Performance • Availability • Security Leased Lines MPLS-based IP VPN ATM high Frame Relay IPSec-based IP VPN Reliability Public Internet low • Flexibility • Simplicity • Coverage high low Scalability
Positioning VPN Services and TechnologiesCosts versus Performance Technology development is driving the adoption of lower cost services Enterprises are seeking to reduce WAN costs Leased lines ATM Performance is increasing as technologies develop Frame relay Increasing price levels MPLS based VPN Public Internet VPN Increasing performance and capabilities
Scalability From Low to Very High speed access for Sites/Users Can use Any Access Technology Small to Very Large number of Sites Ideal platform for SP Hosted Services Security Guarantees FR/ATM equivalent without needing encryption Protection from the open Internet Flexibility Simple Any-to-Any communication Easily Add or Remove Sites/Users IP addressing freedom Flexible Site Backup/resiliency options Ready for Distributed Applications MPLS based IP-VPN vsFrame-relayValue Proposition for Corporate Customer • Performance Guarantees • MultipleClasses of Service for Data Voice & Video Applications • SLA’s with Predictable Latency, Throughput, Availability, Packet Loss, Jitter • Coverage & Reach • ONnet Coverage for highest performance, functionality and SLA • OFFnet, Global coverage for far-away Sites, Extranet extensions and Remote Users • Price/Cost Efficiency Leverage IP’s Lower price per bit Converged Network for Data/Voice/Video Best access solution for every Site Outsourced Solution
What about Security Cisco MPLS based IP-VPN provide EQUIVALENT Security to Frame-relay without Requiering the use of Encryption http://www.mier.com/reports/cisco/MPLS-VPNs.pdf In addition : Cisco Security White Paper on MPLS http://www.cisco.com/warp/public/732/Tech/mpls/docs/0701_mpls_security_pu.fm.pdf
IP-VPN Service Positioning • Three important Service Characteristics • - Functionality (incl Security) • - Service Level Agreements & Management • Price • And a an Ace Card • Cisco Powered Network (CPN)
Market Status Summary :Perception & Reality • IPSec VPN’s • The most important application of IPSec in SP managed Services is Remote Access & Extranet VPN’s. These can be stand-alone services or complements to MPLS based Intranet VPN’s. • SP managed, Site-to-Site, IPSec VPN’s are percepted to be related to Internet VPN’s and therefore Cheap VPN’s. • MPLS VPN’s • The most important application of MPLS is SP managed Site-to-Site VPN’s. • MPLS VPN’s offers a Highly Functional and Quality Service that can replace, SP managed Corporate Leased Line and FR/ATM VPN Networks (with managed CPE’s).
Service Roadmap : Value Added ServicesDeliver on Convergence • Diversity of Managed Cisco CE’s • Portfolio of Security Services (Mgd FW/IDS/Encryption) • Managed VoIP (Legacy PBX integration) • Managed LAN Services • Managed and Hosted IP Telephony • Managed IP-Video Conferencing • VPN Multicast • Move from 3/4 COS to 5/6 COS • Flexible Colocation and Hosting Services • Internet Access Integration (Same access line for VPN and Internet) • Multi-VPN CPE • Managed Internet/Intranet Caching • Private Content Services • Managed Extranet Services • ASP Services (ex. Intranet Collaboration portal for SMB) • End-to-End Service Level Agreements
MPLS based IP-VPN Services“The ideal platform for Value Added Services” Managed CE Voice VPN’s Site Backup and Resilience IP Telephony Integration Classes of Service Private Content Services Telecommuter Services Managed Videoconf. Services Travelling User Services Managed Extranet Services Internet Access Integration Managed LAN Firewall & IDS Services Virtual ISP Services Secure OFFnet Access Multicast Intranet Hosting/Coloc Services Multi-VPN CE Site-to-Site Encryption Services End-to-End SLA’s
International IP-VPN Opportunity in Emea Source : IDC & Cisco
AToM-based AToM = Any Transport over MPLS SP’s are evolving to A Single IP/MPLS Network supporting ALL Services Networks SDH ATM IP MPLS Frame-relay ATM SERVICES Leased Line Ethernet IP-VPN © 2003 Cisco Systems, Inc. All rights reserved.
VPN Services“Cisco’s Key Differentiators for SPs” • IP & MPLS Technology Leadership • Breadth of Product Portfolio (CPE, Edge and Core) • Breadth of integrated Layer3 and Layer2 VPN Solutions • Proven, E2E QoS solutions • Integrated OSS for L3 and L2 VPN • Continuous Innovation with Investment protection • Wide range of Value Added Service Solutions (Data, Voice, Video) • Joint Sales and Marketing to common customer base • Proven deployments and customer successes • Partnership you can rely on for the long term
Network ArchitectureMPLS based IP-VPN Services CE: Customer Edge Router PE: Provider Edge Router Corp A Site 2 OSS • Any Access: • LL/FR/ATM/ • Ethernet … • Dial/DSL/Cable… • IPSec… Inter-Provider : Public & Private MPLS-VPN Partner P: Provider Core Router Corp A Site 1 Internet Corp A Site 3 Corp A Site 4
IP Packet Label MPLS Labels VPN Destination and Qos Attributes • Customer Access Line is associated with VPN • Labels are applied at the edge of the Network (PE) • Forwarding based on Labels • Labels Indicates Service attributes (VPN, Qos) Provider MPLS Network Privacy (VPN) Service Class (QoS) PE IP Packet Corporate Site CE
Application-aware VPN ServicesThe foundations for Convergence IP-VPN Service Recognizes Enterprise Applications Applications IP-VPN Services Applications FR/ATM Service doesn’t understand Applications
3 to 5 Typical Classes of Service (COS) Supporting Data/Voice and Video Applications • Real-time Voice (# Voice Channels * NKbit/sec) • Real-time Video (# simultaneous Video sessions * Mkbit/sec) • Business Interactive = High Priority, Data Applications • - SNA, SAP R/3, Telnet • Business Lan-to-Lan • - Intranet Web, Video (non-interactive) • Best effort Data Applications • - File Transfer, Email, Internet, ...
Guaranteeing E2E Performance per Class How does it work (ex. 3 COS) CE Controlled Packet Classifier (=Colouring) LLQ, Shaping, Fragmenting MPLS Ingress PE Customer Classes Provider Classes CustomerPremise Mapping Egress PE • Key Qos Functions • Classification = Colouring • Low Latency Queuing (Access and/or Backbone) • - N*VoIP Channels : Priority Queue • - Business Class Traffic • - Best-Effort Traffic Customer Classes CE
Report for Thu 1/15/98 Report for Thu 1/15/98 Report for Thu 1/15/98 SLA’s : PoP-to-PoP and CPE-to-CPE (Per COS) • SAA Benefits • Standard Available in Cisco IOS. • Leverages large installed base of Cisco routers. • Measures Delay, Jitter, Packet Loss & Availability per Class of Service SAA SAA Advanced Reporting SAA SAA CPE SAA SAA SAA MultipleVPNs SAA
Value Added Services for IP-VPN’s Managed CE Voice VPN’s Site Backup and Resilience IP Telephony Integration Classes of Service Private Content Services Telecommuter Services Video Services (Multicast) Travelling User Services Managed Extranet Services Internet Access Integration ASP Services Firewall Services Virtual ISP Services Secure OFFnet Access Unified Communications Intranet Hosting/Coloc Services E-commerce Site-to-Site Encryption Services End-to-End SLA’s
Ethernet based VPN Services Jaak Defour Business Development Emea Incumbents jdefour@cisco.com 24
JAN FEB MAR APR MAY JUN JUL Enterprise requirements lead to IP-VPNSupporting Convergence and Universal Connectivity Immediate UserCompetence Convergence on the IP Protocol Platform Independence Voice Data Video 10011001 Universal Connectivity Reduced Capital and Operational Costs Reduced ApplicationDevelopment Time Telecommuters & Mobile Users Small /Medium & Large Sites Customers/Partners & Public
What are the reasons for An Enterprise to consider Ethernet VPN Services • Need a Scalable High Bandwidth Infrastructure for new business applications like LAN-Interconnect, SAN, Business Continuity, Disaster Recovery, Data Warehousing, Video, … between Key Sites. • Need lower Cost, High-bandwidth Services • Need higher Flexibility and Granularity of High-bandwidth Services (=> Bandwidth-on-Demand promise) • Want to use lower Cost, L3 and L2 Switches, as CPE • Want Shorter Initial and Upgrade Provisioning Times • Want Easier Management, by removing the need to interwork between LAN and different WAN technologies (LL, FR, ATM…)
Ovum enterprise VPN - Global Forecast 3,500 3,000 2,500 2,000 Frame Relay/ATM Connections 000s 1,500 IPVPN 1,000 500 - 2002 2003 2004 2005 2006
MPLS-VPN Services in EmeaWhere are we now ? • Numerous players • More than 50 MPLS-VPN Service Providers in Europe • Largest providers have 25.000+ Sites deployed (each) • Domestic vs. International MPLS-VPN players : • Domestic: ALL Incumbents + « surviving » Alternate(s) • ex. FT – Cegetel, BT – C&W, DT – Arcor, … • International: ex. EQ, BT, ATT, Infonet, MCI, COLT, C&W, … • MPLS represents 80% of the IP-VPN Services market • Rest is IPSec • 80%+ of the MPLS-VPN Sites have SP Managed CE
MPLS-VPN Services in EmeaWhere are we now (continued) • Access characteristics • Access lines are mix of LL/FR/ATM/xDSL/Eth… • Connection Volume growth will be driven by xDSL • Remote Access is going IPSec. • SP’s use Network-based gateways for integration with MPLS • MPLS-VPN Adoption happens in ALL segments • - MNC, Large Corporations, SMB, Teleworker • Banking, Retail, Manufacturing, … • SI’s, VNO’s… • Most SP’s offer a MPLS-VPN with extensive set of VAS • Mgt CE, COS, IA, Mgt FW/IDS, Hosted IPT, Video, Content, SLA, Multicast… • VoIP/IPT adoption is starting to become important • ~15% of customer base in some SP’s • ~80% of the New IP-VPN propositions contain a VoIP/IPT element
Virtual Private Network Defined Customer Connectivity Deployed on a SharedInfrastructure with the Same Policies as a Private Network • Intranet Site-to-Site VPN • Branch offices • Access VPN • Telecommuters and Travelling users • Extranet VPN • Business-to-business SP Shared Network VPN
MPLS : New Industry Standard for Carrier Networks • What is it ? • Multi-Protocol Label Switching • IETF industry standard (RFC’s 2702, 3031 – 3038, 3063) • based on Cisco’s Tag Switching submission • How does it work ? • Forwards packets based on Labels • Packets are switched, not routed • Best of both worlds : • Privacy and QoS of ATM, Frame Relay • Flexibility and Scalability of IP • MPLS-VPN’sarea Cisco Value Added Feature (RFC 2547bis)
Network ArchitectureMPLS based IP-VPN Services CE: Customer Edge Router PE: Provider Edge Router Corp A Site 2 OSS • Any Access: • LL/FR/ATM/ • Ethernet … • Dial/DSL/Cable… • IPSec… Inter-Provider : Public & Private MPLS-VPN Partner P: Provider Core Router Corp A Site 1 Internet Corp A Site 3 Corp A Site 4
In the Beginning …3 Classes of Service is all we need … • Real-time applications • - Voice over IP, Video over IP • Mission Critical, Interactive, Data Applications • - SNA, SAP R/3, Oracle, Peoplesoft, Telnet, Intranet Web (selected URL’s)... • Best effort Data Applications • - File Transfer, Email, Internet, ...
End-to-End Quality of Service CE Controlled Packet Classifier (=Colouring) IP Backbone with/without COS Ingress PE Customer Classes Provider Classes CustomerPremise Egress PE • Key Qos Functions • Packet Classification = Colouring • LLQ : Low Latency Queuing (Access and/or Backbone) • - N*VoIP Channels : Priority Queue ! (Up to ~25%) • - 80% Business Class Traffic • - 20% Best-Effort Traffic Customer Classes CE
IP-VPN Port Profiles Optimising the network for Class of Service Performance Actual Site Traffic Port Ressource Reservations Voice Real-Time Class RT Class 25% SNA Messaging Business Class PORT SPEED Intranet Web 80%* BUS Class Best-Effort Class HTTP / FTP BE Class 20%* * % of the remaining bandwidth
Maximising the use of the Access Line with IN and OUT of Profile Traffic. PORT Speed In-Profile BE Out-of-Profile BUS In-Profile BUS Out-of-Profile BE In-Profile Voice Out-of-Profile BUS& BE Time
After a few years of SP deployment…Evolution to 5 Typical Classes of Service • Real-time Voice (# Voice Channels * NKbit/sec) • Real-time Video (# simultaneous Video sessions * Mkbit/sec) • Business Interactive = High Priority, Data Applications • - SNA, SAP R/3, Telnet • Business Lan-to-Lan • - Intranet Web, Video (non-interactive) • Best effort Data Applications • - File Transfer, Email, Internet, ...
Integrated AccessOpportunity to reduce Access Costs • The use of a Single Access Line from the Customer premises to the Service Provider PoP to offer multiple Data/Voice and Video Services. Data Local Access Line Voice Video CPE PoP Internet