Solution Network Virtualization. Allied Telesis - delivering value with Network Virtualization



Similar documents
Allied Telesis provide virtual customer networks

Solutions Guide. Ethernet-based Network Virtualization for the Enterprise

VCStack - Powerful Simplicity. Network Virtualization for Today's Business

Case Study Ministry of Agriculture, France

Network Security. Ensuring Information Availability. Security

Solutions Guide. Resilient Networking with EPSR

Solutions Guide. Education Networks

Solutions Guide. High Availability IPv6

How To Use An At9924 For A Long Distance Connection On A Powerline On A Ppltd Network (Powerline) On A Superfast Network (Networking) On An At 9924 (Powerplt) On The P

Matsumoto Kyoritsu Hospital

St Mary MacKillop College

Penola Catholic College

Solution Profile. Branch in a Box

Reducing the burden of network management

APPLICATION NOTE. Benefits of MPLS in the Enterprise Network

x900 Switch Access Requestor

Dyrehavsbakken Amusement Park

Success Story. Kanaiwa Hospital

Tested Solution: Network Configuration and Inventory Management using Upgrade Manager

ENTERPRISE CONVERGED NETWORK SOLUTION. Deliver a quality user experience, streamline operations and reduce costs

Data Center Networking Designing Today s Data Center

Product VioCall Express Connect. VioCall Express Connect VoIP Solution for SMB/SME Market

Alcatel-Lucent Enterprise Converged Network Solution

Solutions. Secure, Intelligent Infrastructure for Healthcare

Sanko Printing Co. Ltd

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

IP Telephony in the Enterprise Network

Extreme Networks CoreFlow2 Technology TECHNOLOGY STRATEGY BRIEF

Software Defined Networking

The top 3 network management challenges

Software-Defined Networks Powered by VellOS

Network Access Control (NAC)

This How To Note describes one possible basic VRRP configuration.

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

Christ s College, Canterbury New Zealand College network infrastructure updated with state-of-the-art Allied Telesis switching technology

Feature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V

MITEL. NetSolutions. Flat Rate MPLS VPN

Hokkaido Institute of Technology

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.

convergence: preparing the enterprise network

Solution Profile. i-net Infrastructure

Network Security Solutions Implementing Network Access Control (NAC)

Easing the Enterprise transition to IPv6

July, Figure 1. Intuitive, user-friendly web-based (HTML) interface.

Brocade One Data Center Cloud-Optimized Networks

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

SummitStack in the Data Center

ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center

Jive Core: Platform, Infrastructure, and Installation

Silver Peak s Virtual Acceleration Open Architecture (VXOA)

Layer 3 Network + Dedicated Internet Connectivity

network infrastructure: getting started with VoIP

Agility has become a key initiative for business leaders. Companies need the capability

A Migration Path to Software-Defined Networking (SDN) in an Enterprise Network

Government Hospital. Case Study Gaziantep Avukat Cengiz Gokcek. The Customer

How To Build A Network For Storage Area Network (San)

November Defining the Value of MPLS VPNs

ENTERPRISE CONNECTIVITY

VMDC 3.0 Design Overview

SummitStack in the Data Center

alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence

National Hospital Organization Chiba Medical Center

Military College of Electronic and Mechanical Engineering

The Basics. Configuring Campus Switches to Support Voice

HyperQ DR Replication White Paper. The Easy Way to Protect Your Data

Simwood Carrier Ethernet

WHITE PAPER: Broadband Bonding for VoIP & UC Applications. In Brief. mushroomnetworks.com. Applications. Challenge. Solution. Benefits.

Leased Line + Remote Dial-in connectivity

Voice Over IP. MultiFlow IP Phone # 3071 Subnet # Subnet Mask IP address Telephone.

The need for bandwidth management and QoS control when using public or shared networks for disaster relief work

Making the Case for Satellite: Ensuring Business Continuity and Beyond. July 2008

Windows Server 2008 R2 Hyper-V Server and Windows Server 8 Beta Hyper-V

Transport for Enterprise VoIP Services

Cloud Networking: A Novel Network Approach for Cloud Computing Models CQ1 2009

Everything You Need to Know About Network Failover

The Financial Benefits of Using LiveAction Software for Network QoS

HIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES

Solutions for LAN Protection

Scalable Approaches for Multitenant Cloud Data Centers

Best Effort gets Better with MPLS. Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

Configure Policy-based Routing

Chapter 3. Enterprise Campus Network Design

Brocade Solution for EMC VSPEX Server Virtualization

Application Performance Management

Cisco Network Analysis Module Software 4.0

Optimizing Data Center Networks for Cloud Computing

Kushiro City Hospital, Japan, selects Allied Telesis to provide a powerful controlled access network in a medical environment.

configure WAN load balancing

Server Consolidation and Remote Disaster Recovery: The Path to Lower TCO and Higher Reliability

Central Office Testing of Network Services

Network-in-a-Box Solution. Services already integrated in the core switch Ideal concept for branch offices, schools or other small business networks

IP/MPLS Networks for Public Safety

PRODUCTS & TECHNOLOGY

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

Enhanced Enterprise SIP Communication Solutions

Virtualization, SDN and NFV

Beyond Quality of Service (QoS) Preparing Your Network for a Faster Voice over IP (VoIP)/ IP Telephony (IPT) Rollout with Lower Operating Costs

Reasons to Choose the Juniper ON Enterprise Network

Turn Your Cloud Exchange Network Into a Network-as-a-Service

Transcription:

Solution Network Virtualization Allied Telesis - delivering value with Network Virtualization

Solution Delivering value with Network Virtualization Virtualization is a central theme in current IT development and new technology implementation. With the power to maximise IT investment it is little wonder. The ability to leverage the performance of critical IT infrastructure and support converged networks, where multiple services share the underlying hardware, is proving to be an extremely high-value proposition for businesses in all industries. As applications, computers, and networks have become more and more intrinsically linked, the convergence of services on the network requires higher availability for mission critical applications. Those providing advanced services to customers are well aware of the need to balance maximizing operational efficiency with meeting Service Level Agreements (SLAs). Virtualization provides the means to meet these increasing demands, with the unique ability to also provide businesses with cost benefits that include Streamlining operational efficiency Greater flexibility to adapt to changing business needs Maximising benefit from IT investment Simplifying management of IT systems Reduction in energy consumption Improving network up-time Simplifying the integration of new hardware capacity Simplifying the upgrading of software applications Automating the movement of data storage locations Optimizing disaster recovery provisioning Virtualization this innovative solution for multiplying the effectiveness and value of network infrastructure has captured the imagination and endeavour of the networking industry. Whilst the early advances in IT virtualisation have related mainly to Server and workstation technology, there are some important virtualisation developments occurring in the underlying Ethernet infrastructure: Virtualized Dual Backbone Replacing the traditional LAN redundancy solution (a redundant pair of separate switches) with a resiliency solution based on a pair of switches operating as a single virtual switch. Network Service Virtualization Enabling network services, particularly security services, to be delivered in a distributed fashion across the network, without the requirement to deploy multiple specialized appliances for each service. Virtualized Networks Enabling multiple networks to share the same Ethernet infrastructure, but remain quite isolated from each other. This is particularly powerful when delivered in an identity-based fashion. Allied Telesis have been delivering innovation in these areas of virtualisation for some time. In this paper, the innovative Allied Telesis solutions in these areas are surveyed. That is followed by an examination of the overall compatibility that the Allied Telesis LAN switch range has with the aims and requirements of IT virtualization. Virtualized Dual Backbone This development meets the current industry trend of moving to Green IT, and is an important theme in the move to virtualisation as it helps eliminate the need for expensive, energy consuming equipment to stand effectively idle just to provide fail-over redundancy. In the virtualized network, failed hardware is simply removed from the available pool, while processing is seamlessly distributed across other units. Page 2 Allied Telesis Solution: High-Value Network Virtualization

The extension of this theme from the Server/workstation hardware into the LAN switching is embodied in the concept of the Virtualized Dual Backbone. Traditionally, high availability in LANs has been achieved by provisioning redundant switches and redundant links. This has resulted in expensive equipment sitting effectively unused for most of the time. Moreover, it has increased the complexity of network management more devices to manage, and control protocols (VRRP and Spanning Tree) to manage and troubleshoot. The Virtualized Dual Backbone removes this redundancy, and provides a high availability solution based on pairs of switches operating together as a single virtual switch, and sets of links operating together as single aggregated virtual links, as seen in figure 1. More information on the Allied Telesis high availability solution can be seen at http:///media/pdf/vcstack_solution.pdf Servers 8600 8000S SwitchBlade x908 CORE 10 Gigabit link 1 Gigabit link 10/100 link Link aggregation x900 EDGE Figure 1: Virtualized Dual Backbone Page 3 Allied Telesis Solution: High-Value Network Virtualization

Solution Delivering value with Network Virtualization Network Service Virtualization Server virtualization enables applications to be decoupled from specific server hardware units or even specific physical locations in the network. The applications can be served in whatever distribution best fits the performance characteristics of the network. The extension of the application virtualization concept from the servers onto the switches is referred to as Network Service Virtualization. The switches don t serve desktop applications, but they do provide underlying network services. The virtualization of these services, so that they are not tied to single appliances, but distributed across the switching infrastructure, increases service availability and can reduce management overhead. The most important service provided by Allied Telesis switches is security policy enforcement. The AlliedWare Plus operating system provides a unique combination of functionality for complete LAN policy enforcement: RADIUS: Embedded RADIUS server enables distribution of authentication facilities, ensuring very high availability of this service. Tri-authentication: 802.1x, MAC-based and Web-based authentication can all be used together on every port, ensuring that every device connected to the network edge can be authenticated, and forced to participate in the LAN security policy, as shown in figure 2. NAC integration: the switches can operate as the Enforcement Point within all the leading Network Access control solutions currently in the market, as seen in figure 3. EAPOL exchange RADIUS Server 802.1X authenticated device HTTP exchange x900 Tri-authentication capable switch All 3 types of authentication require data exchange with RADIUS server Web authenticated device MAC address gleaned from any packet MAC authenticated device Figure 2: Tri-authentication Page 4 Allied Telesis Solution: High-Value Network Virtualization

Policy Enforcement Point (PEP) Policy Decision Point (PDP) RADIUS Server Access Requestors (AR) x900 Switch PEP PEP AR AR Figure 3: NAC Integration By distributing this comprehensive security capability across the network switches, and divorcing them from centralized appliances, a network manager can implement a highly automated, reliable and foolproof LAN security system. Allied Telesis switches also allow the virtualized distribution of other network services like DHCP address allocation, RADIUS authentication, boot image serving and network time synchronization. By distributing these services across the network switches themselves, load is removed from application servers, and high availability of these fundamental network services is ensured. Furthermore, the software and hardware architecture of the Allied Telesis switches provides a future-proof solution, where other services (including hardware-accelerated services) can be easily integrated, increasing the distribution of the workload across the network. Page 5 Allied Telesis Solution: High-Value Network Virtualization

Solution Delivering value with Network Virtualization Virtualized Networks The capability to virtualize LANs has been inherent in Ethernet switching for some time, in the form of VLANs. The creation of Virtualized Networks is achieved by extending this concept of network separation and virtualization further. By enforcing complete endto-end data separation, Virtualized Networks truly enable multiple networks to share the same physical infrastructure. This separation can be extended across the WAN as well as the LAN, and provide different characteristics for different networks. For example, this has been used to good effect to: provide separated logical networks to businesses sharing the same physical network within multi-business environments like shopping malls, airports, and multi-tenanted office buildings. enable retail chains to provide shared data access for instore-franchises, both within and between stores. give departments within a University campus the freedom to control and design their own LANs while still being able to share inter-building backbones. ease the process of network integration between merged companies. The Allied Telesis product range provides the necessary components to build Virtualized Networks. User identification In a truly Virtualized Network, the association of an end-device to a particular shared network is based not on the location of the connecting port, but on the identity of the connected user. This enables users to roam across the network, and be able to access their particular virtualized network wherever they connect. For example, in an airport, where different airlines will use a gate at different times, an identity-based network allocation enables every airline to access their own network from any gate. Similarly, in a University campus, academic staff can access their own departmental network from any lecture theatre or even from within other departments. So, user identification is a key component of full network virtualization. The Allied Telesis tri-authentication capability ensures that any end-user device can be identified and authenticated, irrespective of whether it supports 802.1x. Path Isolation Once an end-device has been allocated to a particular network, it is essential that its data remain confined within the paths allocated to that network. The Allied Telesis product range implements reliable and scalable path isolation mechanisms at both Layer 2 and Layer 3. The technology employed for creating isolated Layer 2 paths over Layer 2 networks is VLAN stacking (QinQ double tagging), which enables multiple entire VLAN structures to share the same physical Ethernet infrastructure., as seen in figure 4. A variety of technologies have been implemented by Allied Telesis for overlaying virtual paths across Layer 3 networks L2TP, GRE, Policy Routing and transparent LAN bridging over L2TP. This provides a range of options for overlaying Layer 2 or Layer 3 networks across Layer 3 networks (including the Internet, of course). These can be combined with IPSEC to ensure full data security. Quality of Service When multiple virtual networks share the same links, it is necessary to ensure that each separate network experiences the Quality of Service that it expects. Bandwidth usage must be controlled, so that no one network can starve the others of bandwidth. Latency and jitter must also be managed for those virtual networks that are supporting real-time applications, like Voice over IP (VoIP) and streaming video. The Allied Telesis x900-series switches have an extremely feature-rich Quality of Service offering that can manage the characteristics of over 1000 separate data streams simultaneously, thereby making them ideal for the provisioning of Virtualized Networks. Page 6 Allied Telesis Solution: High-Value Network Virtualization

The tenant s VLAN structure is encapsulated in a single QinQ VLAN for secure high speed access across their own virtual network to other office space, the data center and Internet. VLAN A Management VLAN Sales B VLAN C Service VLAN 3 x900-24xt Tenant 3 VLAN 3 x900-24xt VLAN 1 Tenant 1 VLAN 2 Tenant 2 VLAN 3 Tenant 3 x900-24xt VLAN 4 Tenant 4 SwitchBlade x908 Data Center Tenant 1 Tenant 2 Tenant 3 Tenant 4 AR750S Router Internet Figure 4: Secure vitual networks over a single physical infrastructure Page 7 Allied Telesis Solution: High-Value Network Virtualization

Solution Delivering value with Network Virtualization Integration of Allied Telesis switches with server and workstation virtualisation Having recognised that the Allied Telesis product range is uniquely able to deliver virtualization within the Ethernet network itself, let us now examine how well these products integrate with the aims and requirements of Server/ workstation virtualisation. Allied Telesis has an Enterprise LAN offering that is highly compatible with successful IT virtualisation, as the Allied Telesis hardware and feature-set offering has been developed to deliver similar outcomes. Reduction of wastage, optimization of cost, and maximisation of network performance and uptime have been key drivers of Allied Telesis technology development for some time, and are among the defining characteristics of the new generation x-series switches and the AlliedWare Plus operating system. The flexible and expandable nature of the product-line, with a lowinvestment entry point, and the ability to later on add building blocks almost seamlessly, fit very well with the aims of IT virtualisation. The delivery of a full enterprise switching feature-set on a series of products with increasing performance and physical-resiliency capabilities enables an enterprise to target its investments at levels that are appropriate to the needs of different parts of its organisation. To fully understand the extent to which the Allied Telesis enterprise switch offering is compatible with IT virtualisation, we need to look at some of the specific capabilities of the IT virtualisation solutions currently available in the market. Appropriate provisioning of hardware capacity Server virtualisation enables the network to maximise the utilisation of the processing capability across all available servers. This avoids the need to over-invest in individual high-powered servers which must, alone, meet the peak requirements of particular applications, but spend much of their time underutilised. Instead, that peak load can be spread across existing lowerpowered units. As processing requirements increase, the capacity can be increased in cost-effective manner by gradually adding more units. Similarly, it is possible to have a regular program whereby sets of older units are retired (or redeployed to other tasks) and replaced by a smaller number of more modern units. This ability to provision processing capacity in a gradual and managed fashion is greatly preferable to increasing capacity in large expensive chunks, made more expensive by the need to over-provision in order to cover (unquantifiable) future growth. Similarly, Allied Telesis have taken the approach of delivering LAN switching capacity in a manner that allows for gradual increments. With a very affordable entry cost for standalone gigabit switches, further gigabit and 10-gigabit switching capacity can be gradual added by integrating new units into virtual chassis stacks. As older models are retired out of core switching roles, they can continue to be used in access or edge roles. At no point do you need to make a big investment into a single large chassis type switching unit that has no migration path when its useful life in the core is over. Moreover, building core switching capacity from discrete units provides flexibility as business needs change. Individual units of switching capacity can be moved to where there are needed, rather than having to remain concentrated in a monolithic core. Seamless addition/replacement of hardware components Virtualisation has had a remarkable affect on the ease with which physical servers can be added, removed, or replaced in the network. The ability to shift load off a particular server prior to its removal, coupled with the automatic assimilation of newly added servers, has moved the industry towards the concept of a plug-and-play data-centre. Hardware can be rearranged with zero downtime, and very little management overhead. Similarly, the Allied Telesis product line delivers hitless hardware rearrangement: Service modules can be hotswapped in and out allowing you to add extra connectivity or backbone bandwidth with zero downtime. Connectivity and bandwidth can also be rearranged within the network with zero downtime. Individual switches can be swapped in and out of a virtual chassis stack with zero downtime. Just as server processing capacity can be increased in a gradual, managed fashion, so too can core switching capacity; and without any need to schedule any network downtime. Redundant power-supplies can be hot-swapped, ensuring no downtime due to power supply failures. Reliable management of network resources The advantages of virtualization are most fully realized when the management system is able to achieve finely tuned dynamic load balancing across different machines. This requires that the management system is able to closely monitor the operation of every machine, and that machines can quickly and accurately transfer processing to each other. These activities cannot be reliable unless the communications which control them are reliable. Page 8 Allied Telesis Solution: High-Value Network Virtualization

Reliable transport of communication sessions across an Ethernet network is achieved by priority queuing within the switches. However, the increasing convergence of real-time services on the LAN creates competition for those high priority queues. VoIP, video, process control, remote desktop sessions, and Layer2 and 3 control protocols are all sensitive to loss and delay. Adding virtualisation control traffic to this mix further complicates the QoS requirements. Ensuring reliable transport of all this loss and delay sensitive data, in even the busiest circumstances, requires a sophisticated QoS implementation. The Allied Telesis advanced Enterprise switches have an unparallel QoS capability. The fine-grained data classification, flexible marking, accurate shaping, and rich queuing and scheduling functionality enable the creation of QoS policies capable of meeting the most demanding requirements. Simple, reliable disaster recovery provisioning An emerging benefit of IT virtualization is its ability to simplify the managing of a remote site to be used for disaster recovery. Once the tools had been developed which enable fine-grained control of virtual machines, and data storage, within a live site, it was a small step to then include a system replication capability. So, virtual IT management systems can automate the maintenance of replicated data storage and machine images at a remote site. A component of the effectiveness of the disaster recovery system is the provisioning of alternative data paths between the live site and the remote disaster recovery sites. The Allied Telesis solution for resilient data communication between physically separated sites is Ethernet Protection Switching Ring (EPSR), as seen in figure 5. EPSR provides carrier-grade resiliency over a ring topology. Using a simple and therefore highly reliable loop protection protocol, it can restore communication within as little as 50ms after a link or node failure. Furthermore, it can operate over aggregated links, to provide even stronger link and path resiliency. Using EPSR over one or more 10-gigabit links is a cost-effective means to enable extremely reliable and rapid communications between a live site and a disaster recovery site. Servers SwitchBlade x908 Servers Head Office SwitchBlade x908 x900-24xt Remote Storage Site 10 Gigabit link 1 Gigabit link Figure 5: Resilient data communication between physically separated sites Page 9 Allied Telesis Solution: High-Value Network Virtualization

Conclusion The Allied Telesis product range delivers unique capabilities and solutions in the virtualisation of Ethernet infrastructure. The flexible, scalable, reliable product set integrates naturally with the aims and needs of IT virtualization. The characteristic benefits of virtualized networks are enhanced by complementary features and solutions from Allied Telesis. About Allied Telesis Inc. Allied Telesis is a world class leader in delivering IP/Ethernet network solutions to the global market place. We create innovative, standards-based IP networks that seamlessly connect you with voice, video and data services. Enterprise customers can build complete end-to-end networking solutions through a single vendor, with core to edge technologies ranging from powerful 10 Gigabit Layer 3 switches right through to media converters. Allied Telesis also offer a wide range of access, aggregation and backbone solutions for Service Providers. Our products range from industry leading media gateways which allow voice, video and data services to be delivered to the home and business, right through to high-end chassis-based platforms providing significant network infrastructure. Allied Telesis flexible service and support programs are tailored to meet a wide range of needs, and are designed to protect your Allied Telesis investment well into the future. Visit us online at. USA Headquarters 19800 North Creek Parkway Suite 100 Bothell WA 98011 USA T: +1 800 424 4284 F: +1 425 481 3895 European Headquarters Via Motta 24 6830 Chiasso Switzerland T: +41 91 69769.00 F: +41 91 69769.11 Asia-Pacific Headquarters 11 Tai Seng Link Singapore 534182 T: +65 6383 3832 F: +65 6383 3830 2009 Allied Telesis Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. C618-31012-00 Rev A

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information