This paper provides an overview of the challenges faced by service providers that wish to efficiently streamline the rollout of "triple-play" services while lowering the total cost of ownership for video content management. The requirements for an efficient Video Back Office solution are presented, along with a solution overview and an explanation of the solution's benefits. A technical implementation is also provided as an example of a deployment architecture that can contribute to the rapid deployment of video services, allow service providers to differentiate their offerings, and protect their investments over a long life for the service delivery platform and architectures.
INTRODUCTION
With the consolidation of some of the largest service providers in the world and declining wire-line revenue, the push for "triple-play services" becomes more important than ever, including video-based services such as IPTV. Part and parcel of rolling out a successful IPTV service is video content ingestion, storage, and distribution to support an ever-growing portfolio of video and multimedia-on-demand services. To support these storage- and bandwidth-intensive services, providers are required to deploy large-scale data centers that contain many different storage, switching, and management components.
The challenges that must be faced include:
• The identification of all solution deliverables.
• Defining requirements and tracking changes during the design and deployment phases.
• Understanding the end-user expectations and demands.
• Coordinating any system integrators that are employed.
• Understanding and taking into account competitive offerings and market conditions.
Outside partners and integrators are sometimes required to create an integrated, flexible, scalable, and secure foundation for the delivery of video services. An experienced partner can ensure a low total cost of ownership (TCO) for the solution, and enable a provider to come to market faster and achieve a stronger competitive position against the traditional cable companies.
The overall requirements for a successful Video Back Office solution include efficient storage, wire rate throughout, proper quality-of-service (QoS) treatment of video, uninterrupted operations, the ability to protect important and private information, and protection from unauthorized access.
A Video Back Office solution is required to host and manage video content associated with video-on-demand (VoD) servers (see Figure 1). A typical deployment must include many technologies and systems such as VoD applications, billing and media servers, ad insertion, and security. Located in a super headend and the video headend office, the Video Back Office system encompasses the video content and supports management functions for the VoD servers.
Figure 1. Video Back Office Showing its Location Relative to the Video Transport Network and VoD Content at the Super Headend
SOLUTION REQUIREMENTS
The super headend and video headend office are very similar in architecture. The super headend is used as a backup and video depot for the video headend office; thus, the video headend office typically contains a subset of the content and is smaller in architecture than the super headend. There is also the concept of a video serving office within a complete video delivery system. The video serving office is close to the user; provides multiplexed traffic of voice, data, and video to the premise; and is usually located within a central office. The super headend and video headend office are typically deployed in protected data centers with no outside connectivity.
The requirements for a Video Back Office include:
• Digital Services (DS)-3 for connection to management systems, middleware, billing system, and other control functions, and with the potential for higher-speed wide area network (WAN) and connection versatility if required
• 10/100/1000 ports for server and VoD server connections
• VoD servers must maintain a 99.999 percent uptime measurement
• 802.1Q virtual local area network (VLAN) mapping to Internet Protocol Security (IPsec) tunnels
• High availability with potential for Nonstop Forwarding/Stateful Switchover (NSF/SSO)
• Integrated firewall, IPsec, and intrusion detection
• Ease of installation and cost of management
• Flexibility in the future to support any on-demand service to any device
• 802.1p QoS treatment to ensure the right service gets the right priority at wire rate
The Cisco® Catalyst® 6500 Series is the only platform in the industry that meets all of these project requirements from an architectural perspective. The platform provides security, high availability, performance, scalability, architecture flexibility, and investment protection throughout a long product lifecycle. A complete Video Back Office solution can be built with the following components:
• Cisco Catalyst 6509 Switch
• Supervisor 720, which adds services in hardware such as Network Address Translation (NAT), Central Processing Unit (CPU) rate limiting, and QoS
• FlexWAN
• Virtual Private Network Service Module (VPNSM)
• Firewall Service Module (FWSM)
• Intrusion Detection Service Module (IDSM)-2
• Content Switching Module (CSM)
• Network Analysis Module (NAM)-2
The performance of the Supervisor 720 engine guarantees the longevity of the module. The FlexWAN module is included to meet the WAN flexibility requirement, and allows migration from DS-3 to Synchronous Optical Network (SONET) services in the future without a forklift router upgrade. The VPNSM supports 802.1Q VLAN mapping to IPsec tunnels. The integrated FWSM provides a firewall for all partner access, and protects the internal servers from threats and malicious activity. The IDSM-2 performs user authentication using VLAN access control lists instead of requiring costly Switched Port Analyzer (SPAN) ports.
BUSINESS AND TECHNICAL BENEFITS OF A VIDEO BACK OFFICE SOLUTION
The impact of selling video services is immeasurable. A successful Video Back Office deployment using next-generation architectures will enable the rapid introduction of new services, thus giving service providers the competitive advantage needed to attract new subscribers.
Services providers can utilize and retain their installed base with new advanced services such as high-speed Internet access. Other advanced video features such as pay per view, high-definition television (HDTV), digital video recorder (DVR), and on-demand service - coupled with Web, e-mail, voice over IP (VoIP), portal services, and unified messaging - can differentiate providers from traditional cable carriers.
The proposed design of the Video Back Office offers technical benefits:
• Utilizing an IP platform allows for the integration of QoS-based services for PCs, TVs, and phones, thereby enhancing the user's experience by offering access from any device. The flexible architecture will extend the service provider's capacity for years, while allowing for expanded offerings and more choices for the consumer.
• As a video transport, Gigabit Ethernet brings a switched nature to the network. Any service can be sent from any super headend to a video headend office. A super headend may back up other video sources by sending all sources to the other super headends and video headend offices.
Using a platform like the Cisco Catalyst 6500 Series provides an architecture that can last up to 10 years. The Cisco Catalyst 6500 Series was chosen for flexibility, high availability, and simplicity of design. The Cisco Catalyst 6500 Series can also utilize WAN modules such as the OSM to provide additional connections, whether temporary or permanent. This type of architecture can also aid in the transition from broadband ASI to Gigabit Ethernet. As the next-generation video deployment continues, the Cisco Catalyst 6500 Series will play an important role in providing a standard for flexibility and availability.
IMPLEMENTATION OVERVIEW
A VoD system may be described as having three main functional parts:
• Content management: Provisioning, protection and storage of media content, media and account management, and conditional access systems.
• System control and communication: The operational management, application servers, links, and messages between the system components.
• Content delivery: The system dynamically allocates bandwidth and provides a dedicated broadband media stream that is transported through the network to reach the viewer.
This Video Back Office solution covers the content management and system control functions. The super headend houses all content available for VoD viewing, while the video headend office keeps only the most recent releases.
At the next level, within each super headend and video headend office are two server farm deployments. The first is the gateway farm, which houses network services/management, application and control services, hooks for billing, and video control. Video control services provide quality control functions such as video thumbnail captures to check video quality. If the quality is subpar, use of these application and control servers can switch VoD servers to backups. Partners also connect into the gateway farm. These partners range from the set-top box manufacturer to the interactive program guide partner. All partners connect to the gateway via an IPsec tunnel.
The second server farm is the VoD server farm that houses the VoD servers and provides a backbone connection from the super headend to the video headend office. Functions such as ad insertion into the broadband streams and VoD trickle are performed here. A secondary connection from the VoD servers to the Broadband Passive Optical Network (BPON) is used for set-top-box and VoD delivery. The illustration in Figure 2 shows the logical data flow for the server farms.
Figure 2. Server farms and data flow
When a VoD order is placed from the set-top box (STB), a Secure Socket Layer (SSL) transaction takes place from the STB back to the VoD server and billing application. Once the order is placed and the content is determined to be in the video headend office, video pumps start delivering the information to the STB at 3.75 Mbps. If the requested content is not local in the video headend office, the super headend "trickles" the video over the SONET connection to the video headend office. This model allows for smaller footprint video headend offices and a back-up plan in the event of a failure.
The other service that resides within the VoD server farm is ad insertion or Digital Program Insertion (DPI). Advertising solutions include an encoder to provide the digital equivalent of cue tones - Serial Clock Transmit External (SCTE) 35 - and a multiplexer that splices the digital program into the incoming digital stream using the SCTE 30 standard. National and local ads are inserted into the Asynchronous Serial Interfaces (ASI) streams using these digital cue tones.
Another benefit of using Gigabit Ethernet to transport video is the switched nature of the network. Any service can be sent from any super headend to the video headend office. The super headend may back up other video sources by sending all sources to the other super headends and video headend offices.
There are two separate architectures within the solution. The first involves the gateway functionality, which terminates partners at the video headend office and super headend. The gateway can use two fully populated chassis, each with a supervisor, FWSM, VPNSM, IDSM, and WAN, and utilizing chassis redundancy for connections. With proper Open Shortest Path First (OSPF) tuning, most module failover times are less than 3 seconds, which is within the management applications guidelines.
Using this gateway architecture, all security appliances are consolidated to the Cisco Catalyst 6509 Chassis, creating a simplified "cookie cutter" deployment for all super headend and video headend office sites. By managing one platform and having the ability for rapid, repetitive deployment, the TCO is reduced considerably.
A second architecture addresses the VoD servers. This server solution encompasses Gigabit server ports, server load balancing, and network analysis. Redundant Cisco Catalyst 6509 Switches can be configured with redundant Supervisor 720 Engines, fabric-enabled 10/100/1000 modules, CSM, and NAM-2. This solution connects to a SONET backbone via Gigabit Ethernet.
This second architecture, for the video servers, can also be used for ad insertion and VoD trickle, which enables movies to be updated and downloaded from the super headend to the video headend office. The CSM is used to load balance the interactive program guide for all set-top boxes and future SSL connections. The NAM-2 is used for performance measurements and capacity planning, and provides Remote Monitoring (RMON) analysis capabilities.
Design caveats that deal with the firewall configuration and routing must be taken into account. In this particular case, OSPF is used. The FWSM can reside either inside or outside of the VLAN, while the Multilayer Switch Feature Card (MSFC) will reside on the other. This design reduces the throughput of inter-VLAN traffic to 4 Gigabits since the FWSM resides on the inside. This bandwidth requirement may not pose a problem, but should be noted. This bandwidth requirement can be avoided, if necessary, by using an external router instead of the FlexWAN. It should also be noted that stateful IPsec tunnels are not yet supported when using the FlexWAN, and the VPNSM does not support Advanced Encryption Standard (AES). Future Shared Port Adapter (SPA) carrier cards will support AES.
In all cases, the super headend and video headend office locations are identical from a network module perspective, although they may vary in port count. A detailed drawing of the gateway is shown on the left side of Figure 3. The detailed VoD farm is portrayed on the right side of the diagram. The Motorola Multiplexer is a drop-and-continue device that connects ASI and Gigabit Ethernet interfaces to SONET.
Figure 3. Gateway (Left) and VoD (Right) Architectures
