200 likes | 324 Views
Alcatel IP infrastructure solution Data Business Development. Borderless Enterprise. To succeed in the transition to e-business, companies are dissolving borders… between “local” and “remote” (markets, employees, partners,...) between “owned” and “consumed”
E N D
Alcatel IP infrastructure solution Data Business Development
Borderless Enterprise • To succeed in the transition to e-business, companies are dissolving borders… • between “local” and “remote” • (markets, employees, partners,...) • between “owned” and “consumed” • (networks, managed services, applications, supply chain,…) NewEconomicModels Employeeand CustomerRelationships Borderless Enterprise BusinessFlexibility Mission-critical Networking
Standard Based : a must have • Standards cover every need • IETF for Layer 3 and above • IEEE for layer 2 • Standards to improve cost saving • Interoperability with existing equipment • Solutions have to last : important to protect the investment • Standards remove the greatest part of installation hazards • The end user can select a single sourcewithout being lockedforever
Standard Based What supports that Compliant with all relevant standards • Support of all standard protocols for • IP Routing RIP, OSPF, BGP4, VRRP, PIM • QoS tagging and mapping 802.1p, ToS, DiffServ • Network Management SNMP V1&V3, HTTPs, SSL, SSH • VoIP H323, SIP • Directory based services LDAP, RADIUS • Security 802.1x Standard based RIP, OSPF, BGP4, IGMP 802.1p/Q, TOS, DiffServ, H323, SIP, SNMP, HTTP LDAP, RADIUS ….
Business partners Disaster recovery Wiring closet Data Center Network operations Internet Remote user WAN PSTN Branch Office PBX Avaibility concerns • End-users need continuous data network access • Every vendor claims “high availability” • Can your data network deliver the carrier class availability for voice? And at what cost? Let’s look at what can go wrong…
Availability • The network operates equal to or better than 99.999% of the time • Equals 5.26 minutes of downtime per year • Carrier class availability consists of… • No traffic interruption w/component or SW failure or Configuration loads • Non stop operation when management module failover • No capacity loss with fabric module failover • On-line component swapping • Load sharing components • Networking recovery components • Network component availability monitoring • At the edge; not simply at the core • Users require dial tone availability at the edge • Data centers require highest availability also
Element resiliency • Redundancy everywhere • Hot swap everything • Equipment protection • Thermal shutdown • Service protection • Dual image / config • Automatic rollback Network resiliency • Layer 2, Layer 3 • FSTP, OSPF ECMP, VRRP • Powerful aggregation • 802.3ad • Cross module • 32 aggr – up to 16 links per aggr Smart Continuous Switching • Fast switch management restoration • Ability to maintain ... Existing connections, L2 topology • Ability to react … L2 topology change • Ability to learn … New addresses, new flows Carrier Class Availability What supports that
Business partners Disaster recovery Wiring closet Data Center Network operations Internet Remote user WAN PSTN Branch Office PBX Performances concerns • Switching technology has matured…offering wire-rate performance and scalability in the core • In the wiring closet, L2 & L2/L3 stackable and chassis switches • In the backbone and data center, L3 chassis switches
Performance AND Intelligence • Pure Horse Power is NOT enough • The ability to tailor the network performance based on users, services or resources types regardless of location • Distributed Intelligence is not only horsepower • Wirespeed services; not just capacity • VoIP needs more than big pipes • Intelligence means ensuring mission critical and delay sensitive applications get through despite inevitable network bottlenecks (servers access, WAN access, aggregation points ) • Distributed Intelligence consists of… • Wirespeed everywhere: No feature or performance bottleneck • Wirespeed everything: L2/L3/L4, ACLs, Load Balancing, QoS • Prioritization, Bandwidth management & Congestion control • … All in 10-Gig ready architecture
Performance&Scalability What supports that Superior performances&Scalability • Unprecedented capabilities Up to 512 Gbps of switching per node Up to 16 10 gigabit ports Up to 384 Gigabit ports Up to 400 10/100 ports • Scalability for every segment Workgroup Concentration Core backbone • All network services at wirespeed • Solutions for all legacy technologies Performance
Distributed Architecture • Unprecedented acceleration of services • ASIC-based ACL, QoS, NAT, SLB • Distributed Parallel software processing Quality of Service • Extensive L2,3,4 classification • Unique QoS mapping capability • Bandwidth management: 2048 queues / blade • One Touch QoS Native Server Load Balancing • Virtual IP based, server health check • Enterprise focused implementation • Simple, Native, Wirerate Wirespeed Intelligence What supports that Intelligence
Embedded VoIP support • IP Phone Power feeding • IP Phone automatic detection Readiness for converged network • Complete voice and data offer • Advanced QoS • Wirespeed processing • Coherent management system Ready for Convergence What supports that Convergence
Manageability concerns • Generally IT staff… • Set thresholds • Interpret traps • React to alarms • Report • Whatever happened to policy based networking? QoS? Security? Just too complex… Business partners Disaster recovery Wiring closet Data Center Network operations Internet Remote user WAN PSTN Branch Office PBX
OneTouch Manageability? • Easy configuration of a network’s users and/or elements with little to no administration effort • OneTouch Manageability consists of… • Push button ease of use • Automatic settings of complex network functions (QoS, Security) • Dynamic and secured support of mobility • Settings automatically replicated to all switches in network • Policy-based management with an LDAP architecture • Single GUI and full switch access capacity through Web based managed or NMS console • Coherent NMS system to supportdata and voice
Manageability What supports that Easy and sophisticated management • End-to-End consistent solution A single application for all data products Network wide configuration same system for voice and data Centralized configuration database • Easy sharing of network management tasks partitioned management • Flexible solution Embedded Web based application with access to all functions Manageability
Security Mobility Dynamic Mobility What supports that Unmatched VLAN Flexibility for secure mobility • Mobile VLAN: Device placed in VLAN based on traffic characteristics • Port • Mac • Protocol • Subnet • DHCP port rule • DHCP mac rule • Custom • Binding VLAN: Based on simultaneous traffic criteria • port, Mac, protocol, addr • A-VLAN: User placed in VLAN based on 802.1x or advanced authentication
Remote users: Unprotected assets External security breaches End-users: Different levels of access Internal security breaches Authorized users misbehaving Accidental or negligent configurations After hours network access Unauthorized use of device ports Security concerns Business partners Disaster recovery Wiring closet Data Center Network operations Internet Remote user WAN PSTN Branch Office PBX
Multi-Layer Security • Controlling user access and the protection from unintentional or malicious network infrastructure corruption • Multi-layer Security consists of… • Controlling access to the network, components and resources • Protection OF the device, TO the device, THROUGH the device • Isolating user groups • Defending against snooping, hostile intrusion, DoS attacks • Providing configuration and administration granularity • Distributed Multi-layer security
Enabled Switch Security • DOS defense • Router Authentication • High Availability Application support: stonebeat Security Secure Switch Management • Security out of the box • Device access: IPSA to management services • User access: standard user authentication • User privilege: partitioned management • Secure traffic: SSL, SSH, SNMPv3 • Accounting: extensive logs Secure Network Access • ACL, NAT: ASIC-based • Unmatched VLAN: mobile, binding, authenticated Distributed Security strategy • Switches from edge to core • IP enabled voice products Distributed Multi-Layer Security What supports that
Availability Security New Era Networking Intelligence Manageability IP Communications The New Era Dimension Core Edge WAN Branch 90’s Era Components