One of the key applications of the Cisco® IP Solution Center (ISC), the ISC Layer 2 VPN and Carrier Ethernet Management application helps service providers and enterprises to provision and effectively manage Layer 2 VPNs and Carrier Ethernet services.
Product Overview
Cisco IP Solution Center
Cisco IP Solution Center is a suite of four network management applications for managing Multiprotocol Label Switching (MPLS) and Carrier Ethernet services. Cisco IP Solution Center provides automated resource management and profile-based provisioning of MPLS VPNs and MPLS traffic engineering tunnels. Functions include provisioning of MPLS VPNs; Ethernet, ATM,or Frame Relay over MPLS VPNs; Ethernet services on a bridged network; and planning and configuration of MPLS traffic engineering. One ISC application, Cisco MPLS Diagnostic Expert, provides workflow-based troubleshooting and diagnostics for MPLS-based network services. All the ISC applications can operate as standalone applications or as a suite and are designed to provide a flexible application set for managing services based on MPLS and Carrier Ethernet technologies in large and small service providers or large enterprises. (Figure 1).
Figure 1. Intelligent Management Applications for MPLS and Carrier Ethernet Networks
Cisco ISC Layer 2 VPN and Carrier Ethernet Management Application
The ISC Layer 2 VPN and Carrier Ethernet Management application provides the tools for enterprises and service providers to effectively manage the entire lifecycle of Carrier Ethernet services and Layer 2 VPNs, including Any Transport over MPLS (AToM) ATM and Frame Relay services. Management features such as policy-based VPN, and configuration auditing help minimize the cost of deploying Layer 2 VPN services. The management features reduce errors and increase the efficiency of service deployment and management.
Cisco ISC Layer 2 VPN and Carrier Ethernet Provisioning Capabilities
• Management of resources such as regions, VLAN identification (ID) pools, pseudowire virtual-circuit ID pools, and service provider administrative domains
• Definition of provisioning parameters in a service policy to be used during service activation, including support of Layer 2 aggregation access domain and Layer 2 ring topologies
• Carrier Ethernet service activation, including pseudowire creation, VLAN-to-pseudowire mapping, and VLAN tag manipulation (translate, push, and pop)
• Application of Ethernet QoS templates
• Preprovisioning checks for validity of service design, including uploading of the current configuration and validation of service design against the existing network configuration
• Postprovisioning validation of the service design to determine if the Layer 2 VPN is active and functional
• A variety of service assurance reports for all deployed services, including end-to-end connection parameters as well as pseudowire parameters for a given customer VPN
ISC Planning
• Configuration and management of MPLS traffic engineering tunnels on a network; for further details about the ISC Traffic Engineering Management application, refer to the Cisco IP/MPLS Traffic Engineering Management 5.1 data sheet
• Mapping of pseudowire to traffic engineering tunnel
ISC Verification
Current capabilities for Carrier Ethernet and Layer 2 VPNs provided in Cisco IP Solution Center for postprovisioning verification include the following:
• Smart configuration audits to validate VPN configuration
• On-demand and scheduled audits for configuration diagnostics
The ISC Layer 2 VPN and Carrier Ethernet Management application can be deployed with other Cisco ISC applications to facilitate the management of integrated MPLS and Carrier Ethernet services:
• The ISC MPLS VPN Management application, for managing MPLS VPNs
For example, MPLS Layer 3 access over Ethernet
• The ISC Traffic Engineering Management application, which supports MPLS traffic engineering configuration and planning.
For example, selection of traffic engineering tunnels for pseudowire
• Cisco MPLS Diagnostics Expert for diagnosing and troubleshooting MPLS VPNs.
Carrier Ethernet business services provide VPN connections to enterprise customers using various technologies and network infrastructure. They support hub-and-spoke or ring access topologies. The service provider core network can be MPLS or Layer 2 VLAN. A service provider can offer the following services:
• E-Line: Point-to-point Ethernet connections using combinations of Ethernet over MPLS (EoMPLS) and Layer 2 VLAN infrastructure, with two types of user network interface (UNI) access: QinQ and dot1Q encapsulation. These services are also known as Ethernet Virtual Private Line (EVPL) or Ethernet Relay Service (ERS) and Ethernet Private Line (EPL) or Ethernet Wire Service (EWS).
• E-LAN: Multipoint-to-multipoint services using MPLS virtual private LAN services (VPLS) or just Layer 2 VLAN core. Both dot1q and QinQ access is supported (EP-LAN and EVP-LAN).
Figure 2 depicts the feature areas that Cisco ISC Layer 2 VPN and Carrier Ethernet Management can help configure and support as defined in the following list:
• Supports point-to-point and multipoint services (E-Line and E-LAN)
• Creates a Virtual Forwarding Instance (VFI) or cross-connect instances and activates pseudowires
• Manages VLAN per Ethernet domain and virtual circuit ID allocation for pseudowire and VFI instances on network provider edge devices (N-PEs)
• Activates UNI with port security and QoS templates
• Configures VLAN trunking between UNI and N-PE
Figure 2. Carrier Ethernet Business E-LAN and E-LINE Services
Carrier Ethernet Aggregation Applications
In Ethernet Aggregation applications, the user provider edge device (U-PE) is generally a Digital Subscriber Line Access Multiplexer (DSLAM) that needs to be connected to an N-PE and broadband remote access server. Figure 3 depicts a sample network and topology supported by Cisco ISC and points out the feature areas that Cisco ISC Layer 2 VPN and Carrier Ethernet Management can help configure and support as defined in the following list:
• Interconnection of the U-PE/DSLAM with the aggregation node and the broadband remote access server, using dot1.q VLAN interconnects or dot1.q VLAN termination to Layer 3 VRF
• Interconnection to broadband remote access server through pseudowires
• Accurate reporting on the infrastructure used in this application
Figure 3. Ethernet Aggregation in Broadband Triple-Play Networks
Carrier Ethernet Broadband Triple Play
Several service providers are deploying Ethernet to the home to provide consumers with triple-play services (voice, video, and data). Figure 4 depicts a sample network and topology supported by Cisco ISC and points out the feature areas that Cisco ISC Layer 2 VPN and Carrier Ethernet Management can help configure and support as defined in the following list:
• Accurate deployment of service VLANs, termination of service VLANs
• Interconnection to broadband remote access server through pseudowires or Layer 3 MPLS VPN
• Activation of customer UNIs
• Activation of QoS templates for the purchased rate
• Accurate reporting on the infrastructure used in this application
Figure 4. Ethernet Broadband Triple-Play Network to the Home
Carrier Ethernet Management Extensions
Cisco ISC offers a flexible extension mechanism through templates. Templates allow arbitrary pieces of configuration to be appended (or prepended) to the configuration that is provisioned to a device. This is commonly used for provisioning of quality of service but can be used for other application areas too.
Features and Benefits of Cisco ISC Layer 2 and Carrier Ethernet Management
The Cisco ISC Layer 2 VPN and Carrier Ethernet Management application helps enable any existing or emerging Layer 2 transport technology to interwork through a common, converged MPLS or IP architectural framework. The benefits to the carrier can be substantial in the long run-for example, reducing operating expenses (OpEx) by decreasing the number of networks to manage and types of platforms deployed. The Cisco ISC Layer 2 VPN and Carrier Ethernet Management application helps service providers converge multiple services on a single network infrastructure and carry traditional Layer 2 data traffic over a packet-based network. It addresses the needs of carriers with a deployed MPLS footprint. The Cisco ISC Layer 2 VPN and Carrier Ethernet Management application supports the provisioning, planning, and troubleshooting of ATM and Frame Relay services over an MPLS core (AToM).
Table 1 lists the features and benefits of the Cisco ISC Layer 2 VPN and Carrier Ethernet Management application.
Table 1. Features and Benefits
Features
Description
Benefits
Management of Layer 2 resources
• Manage regions, service provider administrative domains, customer sites, and access domains
• Automatically allocate resources such as VLAN IDs and pseudowire
• Virtual-circuit IDs
• Map a VLAN to a pseudowire virtual circuit
• Track management services and reserved VLANs per Ethernet access domain
Track all the resources allocated and to which service, customer, or site these resources were allocated. This greatly reduces the time it takes the service operator to track these resources and relieves the operator from manually entering certain parameters during service activation.
Rapid profile-based provisioning for AToM Layer 2 VPN services:
• Point-to-point EWS
• Point-to-point ERS
• Frame Relay over MPLS
• ATM over MPLS
VPLS:
• Ethernet Multipoint Service (EMS) for MPLS- and Ethernet-based provider core
Define Layer 2 VPN provisioning parameters in a service policy and upload the network-element configuration to calculate the change in configuration needed for successful service activation. Supports the configuration and management of:
• Layer 2 VPN services and VPLS
• Full-mesh VPLS support for Cisco 7600 Series platforms (802.1Q-in-802.1Q [QinQ] and dot1Q encapsulation)
• Full-mesh, hub-and-spoke, and partial-mesh VPN topologies
• VLAN translation, pushing and popping
• Ethernet QoS including hierarchical QoS through templates
• UNI port security profiling (secure MAC addresses, protocol unicast and broadcast thresholding, and protection shutdown)
• Managed and unmanaged customer-edge scenarios
Automation of these processes helps reduce provisioning fallouts due to error-prone manual procedures.
The use of service policies for service activation speeds the provisioning cycle and reduces time to market. It greatly reduces the service operator's tasks because the only parameters required for service activation have already been captured in the service policy.
By uploading the configuration prior to applying it, Cisco ISC Layer 2 VPN and Carrier Ethernet Management helps ensure that the service-activation configuration is successfully applied and does not collide with the existing configuration, reducing outages caused by incorrect provisioning.
Recognition of incorrect service configuration
Postprovisioning validation of the service design to determine if the Layer 2 VPN is active and functional
• Configuration audits
• On-demand audits for configuration troubleshooting
Reduce the time it takes to troubleshoot network outages due to incorrect service configuration by verifying that the commands for a service are present on the network elements and the links involved or VPN are working correctly.
Investment protection from Cisco IOS® Software and line-card changes
Comprehensive platform and Cisco IOS Software support. Platforms supported include:
• Cisco 7600 Series Router
• Cisco ME 6524 and ME 3400 Series Switches
• Cisco Catalyst®, 6500, 4900, 4500, 3750ME, 3550, and 2950 Series Switches
• Cisco CRS-1, 12000, 7500, and 7200 Series Routers
Reduce time to market of new services and the cost of upgrading the customer OSS due to upgrades in platforms, Cisco IOS Software or Cisco Catalyst OS versions, and line cards by providing extensive support of the latest hardware and software.
Carrier-grade infrastructure for large deployments
System features which provide a carrier-grade VPN management system:
• Four-tiered architecture
• Thin web-based GUI client
• Role-based access control (RBAC)
• Extensible Markup Language (XML)-over-HTTP northbound interface
• Data backup and restore
Cisco ISC offers a scalable and reliable architecture for large-scale operations by providing a four-tiered system consisting of client, interface, control, and distribution tiers. RBAC provides access control to service providers that want to implement strict operational processes. The backup and restore capabilities of Cisco ISC protect your data against OS crashes, file corruption, disk failures, and total machine failure.
Other Product Features and Professional Services
IP Solution Center is preintegrated with certain applications such as Cisco Info Center (CIC) and Infovista VistaInsight for Networks, augmenting trouble tickets and performance data with VPN and customer information. The ISC integration with Cisco Configuration Engine aids zero-touch provisioning. Cisco Advanced Services offers services to integrate ISC with other network management and OSS applications.
Product Specifications
Product specifications for each element-management application are found in data sheets of the respective applications at Cisco.com, and more details are available in the installation guide at http://www.cisco.com/go/isc.
