NFV ISG PoC Proposal A.1 NFV ISG PoC Proposal

Similar documents
WAN, NFV and Cloud Services Orchestration

UC4 AUTOMATED VIRTUALIZATION Intelligent Service Automation for Physical and Virtual Environments

NFV ISG PoC Proposal Virtual Function State Migration and Interoperability

The Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future

Best Practices for Optimizing Performance and Availability in Virtual Infrastructures

Process Automation With VMware

CNS-205: Citrix NetScaler 11 Essentials and Networking

Data Abstraction Best Practices with Cisco Data Virtualization

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)

Gateway Agent - First Amendment to the High Level Design Document

HP ExpertOne. HP2-T21: Administering HP Server Solutions. Table of Contents

Serv-U Distributed Architecture Guide

OnX is uniquely positioned to help your organization rapidly gain the necessary skills to enable the successful deployment of SDN.

Online Learning Portal best practices guide

CNS-205 Citrix NetScaler 10.5 Essentials and Networking

BT Applications Assured Infrastructure (AAI) Application Optimisation Service (AOS) Optimising business performance

Cloud Services Frequently Asked Questions FAQ

OR 2) Implement and customize an off the shelf product that would suit the requirements

ITIL Release Control & Validation (RCV) Certification Program - 5 Days

WEB APPLICATION SECURITY TESTING

State of Wisconsin. File Server Service Service Offering Definition

Mobile Device Manager Admin Guide. Reports and Alerts

State of Wisconsin DET Agency Managed Virtual Services Service Offering Definition

POSITION DESCRIPTION. Classification Higher Education Worker, Level 7. Responsible to. I.T Manager. The Position

Build the cloud OpenStack Installation & Configuration Integration with existing tools and processes Cloud Migration

Mobilizing Healthcare Staff with Cloud Services

Mobile Workforce. Improving Productivity, Improving Profitability

Interworks Cloud Platform Citrix CPSM Integration Specification

How To Write Insurance Quotation Software For Gthaer Vericherungen Insurance Prducts

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Nimsoft for Server Monitoring A Nimsoft Service Level Management Solution White Paper

9 ITS Standards Specification Catalog and Testing Framework

Pexip Infinity and Cisco UCM Deployment Guide

Zimbra Professional Services Portfolio, Purchasing Guide & Price List

Document Management Versioning Strategy

ALM in the Cloud an Overview of Oracle Developer Cloud Service. Introduction. By Dana Singleterry

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.

How Does Cloud Computing Work?

Firewall/Proxy Server Settings to Access Hosted Environment. For Access Control Method (also known as access lists and usually used on routers)

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp

Change Management Process

Microsoft Exchange 2010 on VMware Design and Sizing Examples

G-CLOUD FRAMEWORK SERVICE DEFINITION. Solution Architecture for Cloud Service. Copyright: point6 Ltd

1)What hardware is available for installing/configuring MOSS 2010?

Copernicus & Big Data: A Perspective from the European EO Services Industry. Geoff Sawyer: EARSC Secretary General

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

The Organizational NOS (Network Operating System)

An Oracle White Paper January Oracle WebLogic Server on Oracle Database Appliance

Information Services Hosting Arrangements

Using Sentry-go Enterprise/ASPX for Sentry-go Quick & Plus! monitors

Knowledge Base Article

QAD Operations BI Metrics Demonstration Guide. May 2015 BI 3.11

ITIL V3 Planning, Protection and Optimization (PPO) Certification Program - 5 Days

Licensing Windows Server 2012 for use with virtualization technologies

Integrating With incontact dbprovider & Screen Pops

Serv-U Distributed Architecture Guide

ITIL Service Offerings & Agreement (SOA) Certification Program - 5 Days

Real life experience implementing monitoring & services management Andreas Tsangaris, CTO, PERFORMANCE

Process Improvement Center of Excellence Service Proposal Recommendation. Operational Oversight Committee Report Submission

Cross Agency Priority Goal Quarterly Progress Update

Guidelines on Data Management in Horizon 2020

Restricted Document. Pulsant Technical Specification

Feature Guide. Virto Commerce Platform

HarePoint HelpDesk for SharePoint. For SharePoint Server 2010, SharePoint Foundation User Guide

Installation Guide Marshal Reporting Console

CorasWorks v11 Essentials Distance Learning

2. When logging is used, which severity level indicates that a device is unusable?

Professional Leaders/Specialists

COE: Hybrid Course Request for Proposals. The goals of the College of Education Hybrid Course Funding Program are:

THOMSON REUTERS C-TRACK CASE MANAGEMENT SYSTEM SOFTWARE AS A SERVICE SERVICE DEFINITION FOR G-CLOUD 6

BRISTOL CITY COUNCIL ROLE AND EMPLOYEE PROFILE: Architect (Practitioner Level) Specific Role Data Architect

CMS Eligibility Requirements Checklist for MSSP ACO Participation

Integrate Marketing Automation, Lead Management and CRM

Performance Test Modeling with ANALYTICS

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN

Corente Cloud Services Exchange (CSX) Corente Cloud Services Gateway Site Survey Form

Project Startup Report Presented to the IT Committee June 26, 2012

Datasheet. PV4E Management Software Features

Licensing Windows Server 2012 R2 for use with virtualization technologies

Transcription:

NFV ISG PC Prpsal A.1 NFV ISG PC Prpsal A.1.1 PC Team Members PC Prject Name: Multi-vendr Distributed NFV Netwrk Operatrs/ Service Prviders: CenturyLink Manufacturer A: Cntact: Kevin McBride (Prject Lead) (Kevin.M.Mcbride@centurylink.cm) Cntact: Michael K Bugenhagen (Crdinatin Architect) (Michael.K.Bugenhagen@centurylink.cm) Certes Cntact: Walt Halaswski (walt.halaswski@certesnetwrks.cm) Manufacturer B: Cntact: Nirav Mdi (nirav.mdi@cyaninc.cm) Manufacturer C: Frtinet Cntact: Chris Lpez (clpez@frtinet.cm) Manufacturer D: RAD Cntact: Yuri Gittik (yuri_g@rad.cm) This PC will be cnducted in several phases. This dcument prvides detailed descriptin f Phase 1 and utlines the Phase 2 scpe. We are pen t inclusin f ther peratrs/vendrs in ur prcess subject t resurce cnstraints in subsequent phases. A.1.2 Intrductin PC Prject Gals The advantages f Netwrk Functin Virtualizatin is well understd and several Prf-f-Cncepts (PC) are being develped based n centralized NFVI architectures and centralized deplyment. This type f centralized architecture leverages ecnmies f scale and enables efficient resurce sharing. s such as virtualized BGP rutereflectrs, virtualized evlved-packet cre (EPC), virtualized IP multimedia-subsystem (IMS) are traditinal distributed in a few physical lcatins tday and can benefit frm high-scale and centralized NFVI. Hwever, there is als a need t deply sme functins ut at the custmer edge functins that dn t necessarily require the scale and elasticity available in a large-scale centralized NFVI, and cnversely, require highly specialized and ften lcalized cnfiguratin and deplyment. The ability t supprt the deplyment f virtualized functins at the custmer edge requires a Distributed NFV (D-NFV) architecture. D-NFV enables the placement f virtualized netwrk functins (s) thrughut the netwrk, where they are mst effective and highly custmized t a specific applicatin r user. s may be lcated in data centers, netwrk ndes and at the custmer premises. Running s at the custmer site is justified in certain cases, fr example, when the netwrk functin is mst effective when lcated as clse as pssible t the end-user. Such is the case fr firewalls, diagnstic tls, WAN ptimizer, security encryptin, NATs, t name a few. An mniscient D-NFV rchestratr handles all s and virtual machine (VM) infrastructure, wherever they may be lcated, and explits SDN-like mechanisms t achieve ptimal placement. ETSI 1

It is well-understd that the NFV Orchestratin platfrm must be designed t be netwrk-functin and vendr neutral. This flexible apprach enables netwrk peratrs t deply best-in-breed s, withut creating management and peratinal sils that are s prevalent in their netwrks tday. This PC aims t validate the requirements, behaviur as well as general architecture (interfaces, assciated infrmatin mdels, etc.) f an innvative and pen D-NFV deplyment mdel cmprised f multiple vendrs cllabrating t deliver varius physical and virtual cmpnents and single/multi-functin s that are deplyed in high-vlume. This PC will demnstrate: 1. The rchestratr that manages and rchestrates a netwrk cmprised f a physical (NID and VM infrastructure) and virtual (firewall and encryptin appliances) cmpnents. 2. The RAD NID with built-in cmpute infrastructure that integrates physical and virtual cmpnents and enables NFV deplyment at the custmer edge (site). 3. The Frtinet next generatin firewall and unified threat management functins are delivered as s utilizing FrtiGate VM appliances and virtual dmains (VDOMs) t supprt dynamic ruting prtcls in bth IPv4 and IPv6 (including BGP and OSPF) netwrks, prviding separate security plicies, enhanced levels f security and data segregatin needed, including running s at the custmer premises fr imprve service delivery. 4. Hw the Certes Netwrks virtual encryptrs (vceps) can be deplyed by an NFV rchestratin platfrm and cexist successfully with ther s while being custmized by the end user. The vcep will be able t encrypt and decrypt netwrk traffic via L2, L3 r L4 using standard AES 256bit cipher and can be either be pint t pint r pint t multipint. The cntrl f the keys and plicies can be managed by the end user using Certes Netwrks TrustNet Manager, the key and plicy manager. PC Phase 1 Gals PC Prject Gal #1: Validate suitability f the ETSI NFV ISG architecture framewrk, as described in ETSI GS NFV 002 v1.1.1 (2013-10) fr a multi-nfvi distributed envirnment, cmprised f bth centralized and remte virtualized resurces. PC Prject Gal #2: Demnstrate real-wrld deplyable cases, specifically the ve-cpe slutins (defined in Use Case #2 in ETSI GS 001 Use Cases dcument), based n D-NFV deplyment at the custmer edge. These cases include the fllwing s: Firewall Encryptin engine PC Prject Gal #3: Demnstrate the rchestratin cmpnents required t realize a distributed NFV (D- NFV) architecture, including: Frmat and cntent f the descriptr fr tw different s (multi-vendr rchestratin) Variety f deplyment tplgies f s and flws therein Interactins with the virtualized infrastructure manager t rganize/place and manage a distributed NFV envirnment PC Prject Gal #4: Demnstrate service chaining between physical netwrk functins (PNFs) and single/multiple s. Specifically, MEF Carrier Ethernet (CE2.0) capabilities are service-chained with a virtual firewall r/and virtual encryptin implemented as. Such implementatin will als demnstrate pssibility t prvide multiple service ffering with different ptins per-flw service creatin. PC Prject Gal #5: Test and dcument the inter- interactins and wrk required t ensure that tw different s, frm independent vendrs can c-exist and functin prperly within a single D-NFV cmpute server (nde). PC Prject Gal #6: Demnstrate template-driven rchestratin f s, allwing per-instance custmizatin and enable a cnsistent deplyment frame. The infrmatin mdels assciated with the templates will be included in the results. ETSI 2

PC Prject Gal #7: Validate the ability fr t supprt a D-NFV infrastructure and identify gaps and peratinal prcedures that are required t supprt this innvative use-case. PC Subsequent Phase Gals In subsequent phases f the PC, we are pen t including ther peratr spnsrs as well as ther vendrs. Fcus in subsequent phases will be n the peratinal aspects f D-NFV as well as the rchestratin f s in a multidmain envirnment, cmprised f decentralized and centralized NFVIs. A.1.3 PC Demnstratin The PC will be initially hsted in s Lab lcated in Petaluma, Califrnia, USA, with a replicated envirnment being available in the CenturyLink Integrated Testing Facilities in Littletn, Clrad, USA. Demnstratin f the PC will ccur at the fllwing industry events: Venue fr the demnstratin f the PC: Phase 1 Phase 2 Official - PC Dem: Netwrk Virtualizatin and SDN Wrld, 27-30 May, 2014 (Lndn) http://sdnwrldevent.cm/ Additinal demnstratins: Summit, 12-16 May, 2014 http://www.penstack.rg/summit/penstack-summit-atlanta-2014/ The fficial scpe and final timeline fr Phase 2 are t be determined. The current plan is t shwcase additinal features and functinality fr this D-NFV use-case in 2H2014. A.1.4 Publicatin What wuld be the publicatin channel(s) fr the PC. The PC results dcument will be published t the ETSI NFV ISG mailing grup as well as n the PC participant (peratr spnsr and vendrs) websites. What wuld be the planned publicatin date(s)? A PC reprt will be published after each cmpleted phase. The target date fr the Phase 1 reprt is 1 August, 2014. URLs where applicable: TBD A.1.5 PC Prject Timeline What is the PC start date: The prject is already in prgress. Demnstratin target date: 27-30 May, 2014 (http://sdnwrldevent.cm) PC Reprt target date: 1 August, 2014 When is the PC cnsidered cmpleted: Phase 1 cmpletin date nce the PC reprt has been published n 1 August, 2014. ETSI 3

A.1.6 Call fr Participatin fr Phase 2 In 2H2014, we are planning t augment the PC platfrm with ther s t shw additinal uses cases. The additinal use-cases will include NFV rchestratin f bth centralized and decentralized NFVI resurces effectively cmbining D-NFV with centralized DC-based NFV deplyment. Phase 2 will als fcus n the peratinal aspects f NFV. Other service prviders wh are interested in D-NFV architectures and use-cases are als invited t becme spnsrs and submit their use-cases. ETSI 4

A.2 NFV PC Technical Details A.2.1 PC Overview The fllwing diagram illustrates the functinal cmpnents that will make up the multi-vendr, multi-functin D-NFV PC fr Phase 1. Fr Phase 2, we will include centralized NFVI. Netwrk Operatr Prtal Virtualized Applica ns Deplyed @ Enterprise r DC Fr Manager TrustNet Manager Os-Nfv NFV Management and Orchestra n Orchestratr Blue Planet Virtualized Applica ns Deplyed @ Enterprise r DC Fr Manager TrustNet Manager Fr Gate Vn-Nf vcep Ve-Vnfm Management Blue Planet Ve-Vnfm Fr Gate Vn-Nf vcep NFVI Hypervisr Opera ng System Cmpute/Strage/ Netwrk Hardware Nf-Vi VIM Nf-Vi NFVI Hypervisr Opera ng System Cmpute/Strage/ Netwrk Hardware Metr Netwrk Enterprise Enterprise Certes Fr net Linux OS RAD Figure 1: Overall PC Framewrk fr Phase 1 ETSI 5

NFV Cmpnent NFVI1 NFVI2 VIM 1 2 1 2 Manager(s) NFV Orchestratr Vendr Cntributin RAD ETX-205A/NFV (Virtualized with /KVM hypervisr) Centrally lcated x86 server serving VIM functin ( Cntrller) Certes vcep (virtual encryptin) Frtinet FrtiGate (virtual firewall) Certes TrustNet Manager FrtiManager Blue Planet Blue Planet Table 1: PC Cmpnents A.2.2 Phase 1 Scenaris PC Scenaris Scenari 1 Service Definitin Demnstrate hw a Service Prvider administratr can define and create tw service fferings fr their Enterprise Custmers. The prducts that the Service Prvide wuld sell are described belw. 1. Firewall Service 2. Encryptin Service Demnstrate the flexibility and innvatin enabled by NFV an a la carte ffering f services, bth via a prtal and via RESTful APIs that can be leveraged by the enterprise-custmer thus enabling a level f autmatin that is abslutely nt pssible in a PNF-based slutin. Scenari 2 - Instantiatin Demnstrate the instantiatin f the specified when a enterprise custmer has selected n f the prducts ffered by the Service Prvider. This scenari includes the service-chaining and assembly f a -FG between the virtual firewall and virtual encryptin appliances, as well as the instantiatin f either n it s wn. We will als demnstrate pwerful service applicatins where multiple service chains are created: Flws that filtered thrugh the firewall (e.g. internet-bund traffic) Flws that are encrypted/decrypted (e.g. inter-enterprise traffic) Flws that pass transparently thrugh the CPE (e.g. flws that may be subject t plicy enfrcement in a DC r centralized enfrcement pint). This type f capability requires rich and flexibility classificatin capabilities n the ve-cpe devices, and intelligent rchestratin f the service-chain. Service-chaining is a fundamental cnstruct f NFV and an rchestratin platfrm must supprt flexible chaining t deliver higher-rder services. Intercnnectin f the services is critical, but there may als be sequencing and cnfiguratin dependencies that need t be cnsidered by the rchestratr. The interactins between the virtual firewall ETSI 6

and virtual encryptin applicatins will be identified and dcumented. The infrmatin mdels required (cnsumed by the rchestratr), netwrk service descriptin, descriptrs and -FG mdels will be presented. Orchestratin f the encryptin engine: 1. The Certes management implementatin uses a single cnsle t administer multiple encryptin enfrcement pints. This simplifies plicy management and maintenance. 2. Lgging and reprt functins f the encryptin engines will als be demnstrated. Scenari 3 - Fault and Perfrmance Management In an D-NFV architecture, redundancy may nt always be available nr ffered. Hwever, it is still imprtant t detect, islate and reprt failure events and cnditins and if pssible pre-emptively act befre the failure. In this scenari we will demnstrate the management and rchestratin f the fllwing: Fault NFVI Fault Perfrmance mnitring (VM/CPU utilizatin fr each, as well as any ther specified KPIs by the vendr) Recvery may ften nt be pssible in case f D-NFV since there may nt be redundant cmpute (server) hardware available at edge deplyment (NFVI). Nevertheless, we will explre recvery techniques (sme last-resrt techniques) as well as cncepts such as dying-gasp t alert the rchestratr f impending failure. Scenari 4 - D-NFV NFVI Deplyment One f the fundamental challenges with D-NFV is management f the distributed NFVI. This includes discvery and n-barding f NFVI as well as the management thereafter. As part f this scenari, we will demnstrate the nbarding f a new distributed cmpute nde (server) and identify the interface requirements between the rchestratr and the VIM t perfrm the turn-up f a new cmpute nde. In Phase 1, sme base assumptins will be made regarding the nature f the remte device and available cmputing platfrm. In a subsequent phase, we will study the pssibilities t aut-discver and n-bard the NFVI. ETSI 7

Phase 2 Scenaris The tentative plan fr the Phase 2 is t enhance the architecture with centrally-lcated s (in additin t the s at the custmer edge) and add new capabilities, in rder t explre the fllwing scenaris: Orchestratin f a subset f the Phase 1 scenaris between a D-NFVI and centralized NFVI shwing the flexibility f a multi-dmain rchestratin platfrm, the rich services enabled by ve-cpes, as well as the versatility f the firewall and encryptin s. Aut-discvery f NFVI type, n-barding f NFVI Pwer-saving mdes selective pwer-dwn f cmpnents when nt in use r during idle perids Migratin f applicatins/services between centralized and distributed NFVI Fault islatin/recvery, including chain-rebuilding, migratin t centralized NFVI as a wrk-arund, etc. High-availability scaling Certes encryptin engine allws dynamic reallcatin f x86 resurces (CPU cres, fr example) lad-balancing Orchestratin f multiple s (e.g. Certes encryptin engine) and lad-balancing acrss the instances snapshtting (rapid backup/restre fr + cnfiguratin) cmmissining perfrmance test/birth certificate (turn-up and test) In Phase 2 we will intrduce a cmbinatin f bth central and remte deplyment. As such, we will demnstrate the rchestratin f s acrss ve-cpes and a central DC lcatin. The fllwing figure shws this tplgy. Virtualized Applica ns Deplyed @ Enterprise r DC Fr Manager TrustNet Manager Netwrk Operatr Prtal Os-Nfv NFV Management and Orchestra n Orchestratr Blue Planet Virtualized Applica ns Deplyed @ Enterprise r DC Fr Manager TrustNet Manager Fr Gate Vn-Nf vcep Ve-Vnfm Management Blue Planet Ve-Vnfm Fr Gate Vn-Nf vcep NFVI Hypervisr Opera ng System Cmpute/Strage/ Netwrk Hardware Nf-Vi VIM Nf-Vi NFVI Hypervisr Opera ng System Cmpute/Strage/ Netwrk Hardware Enterprise Metr Netwrk Data Center Certes Fr net Linux OS RAD Figure 2: Centralized DC NFVI (COTS Server-based) added in Phase 2 ETSI 8

A.2.3 Mapping t NFV ISG Wrk Describe hw this PC relates t the NFV ISG wrk: 1) Specify belw the mst relevant NFV ISG end-t-end cncept frm the NFV Use Cases [Errr! Reference surce nt fund.], Requirements [Errr! Reference surce nt fund.], and Architectural Framewrk functinal blcks r reference pints [Errr! Reference surce nt fund.] addressed by the different PC scenaris: Use Case Requirement E2E Arch Cmments Scenari 2 UC#2 aas Scenari 2 UC#4 -FG This PC will demnstrate the ve-cpe use-case This PC will demnstrate several unique servicechains that span bth PNFs and s, as well as multiple service-flws thrugh the same x86 HW shwcasing the flexibility f the D-NFV architecture and innvatin enabled by NFV A.2.4 PC Success Criteria This prf-f-cncept will be cnducted in phases. As such, Phase 1 will be cnsidered successful when all included scenaris have been successfully implemented, integrated and demnstrated and findings published in the PC reprt. A.2.5 Expected PC Cntributin List f cntributins twards specific NFV ISG Grups expected t result frm the PC Prject: PC Prject Cntributin #1: n-barding requirements and prcess NFV Grup: MAN PC Prject Cntributin #2: Orchestratr/VIM interface requirements NFV Grup: MAN PC Prject Cntributin #3: NFVI perfrmance requirements NFV Grup: PER ETSI 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information