Delivering Profitable Services with Greater Availability, Flexibility, Manageability, and Security
Since the introduction of Ethernet as an access technology for enterprise services, businesses have been shifting their spending away from older technology such as Frame Relay, ATM, and TDM private-line services toward Ethernet. Low cost, scalability, and simplicity are key benefits that make Ethernet attractive for enterprises in the beginning. However, as more businesses transition to Ethernet for their VPNs and users become more familiar with the new technology, enterprises start to demand more features and functionalities from their service providers.
The Cisco® ME 3400E Series Ethernet Access Switches are next-generation Carrier Ethernet access switches designed for service providers. By further adding to and enhancing the features of the Cisco ME 3400 Series, one of the most successful Ethernet access switch on the market today, the Cisco ME 3400E Series is designed to help service providers to deliver four key attributes that are essential to next-generation Carrier Ethernet service: availability, flexibility, manageability, and security.
Service providers have recognized many benefits of Ethernet technology for business VPN services. Ethernet is familiar to enterprise customers and their IT staffs, it can scale to deliver bandwidth up to 10 Gbps without expensive truck rolls to support demanding corporate applications, and its bandwidth can be customized to deliver performance that meets the needs of specific business applications. Advanced Ethernet services can deliver network security and rich quality-of-service (QoS) capabilities, allowing providers to offer a customized mix of services and data rates for both point-to-point and multipoint connections.
Ethernet can help service providers reduce operating expenses (OpEx); make more efficient capital expenditures; and introduce profitable, high-margin services. The cost of introducing new Ethernet services is relatively low because the technology is easily integrated into the service provider's existing transport infrastructure (Ethernet over SONET/SDH, for example). By offering Ethernet-based services that can support more advanced applications, service providers can differentiate their offerings from the competition and improve their revenue potential over the long term.
As more and more enterprise users turn to Ethernet-based VPN services, service providers must meet the ever-increasing demands from their customers and the need to diiferentiate themselves from competitors in order to capture more revenue.
Heavy Reading, in its "Carrier Ethernet Services: The View From the Enterprise" report (February 2008), states: "While enterprises are enthusiastic about using Ethernet, many are placing high demands on operators to deliver more robust services. This is especially true now that more of their mission-critical data is likely to ride on top of Ethernet. Respondents identified service uptime, reliability, and security as the most important features."
The same report further states that: "Now is a good time for operators to move aggressively to broaden their Ethernet-based applications portfolio, if they have not done so already. Competition is heating up in the Ethernet market, and being able to support more than a few applications could prove critical in helping to close enterprise deals, according to survey feedback."
If service providers can meet their customers' needs, Ethernet VPN services represent a significant source of future revenue. Infonetics Research estimates that worldwide Ethernet service revenue reached US$12.5 billion in 2007, which represents a 33 percent growth from 2006. Furthermore, Infonetics Research predicts that worldwide Ethernet service revenue will grow to US$27.7 billion in 2011, a compound annual growth rate (CAGR) of 22 percent from 2007 to 2011. ("Ethernet and IP MPLS VPN Services Market Size and Forecasts," June 2008).
To solve these challenges and capture the growth opportunities, providers need an easily deployed carrier-class solution with the intelligence to meet their needs for Ethernet-to-the-business (ETTB) Layer 2 and Layer 3 VPN services. Furthermore, the solution needs to be highly available and resilient, flexible to adapt to changing customer needs, easily manageable, and loaded with carrier-class security tools.
• Providers need to deliver services with high availability and flexibility.
• Providers need manageability and security tools from vendors to reduce operational expenditure and increase customer confidence.
The Cisco ME 3400E Series is an enhancement to the Cisco ME 3400 Series, one of the most successful Carrier Ethernet access switch in the market today. The Cisco ME 3400E Series addresses the areas of service availability, flexibility, manageability, and security in the Carrier Ethernet access network. With "pay-as-service providers-grow" feature images and pricing customized to service providers' specific deployment model, the Cisco ME 3400E Series enables service providers' service provider business to deliver high-profit ETTB VPN services.
Next-Generation Metro Access Switch Built for Service Providers
The Cisco ME 3400E is the next generation of metro access switches built for service providers. Cisco has taken advantage of its experience with the Cisco ME 3400 Series to develop the ME 3400E Series. This new access switch has a service-provider-friendly form factor: a single rack unit (1RU) with reduced depth to save space, a higher temperature range for harsh environments, redundant and modular AC/DC power and fan modules, traffic loopback, external alarm input, Ethernet management console for remote management, ports and cables in front for easy access, and compliance with Network Equipment Business Standards 3 (NEBS3) and European Telecommunications Standards Institute (ETSI) standards. These attributes simplify deployment, ultimately reducing operating expenses and total cost of ownership (TCO).
On the software side, the Cisco ME 3400E Series offers telco-friendly User-Network Interface/Enhanced-Network Interface/Network Node Interface (UNI/ENI/NNI) for simpler deployment, management, and troubleshooting. A two-rate, three-color policer with granular egress shaper allows service providers to provide more QoS capabilities for demanding enterprise applications. Selective QinQ and 1:1 VLAN translation help service providers to offer more types of services without complicated network changes.
Service availability is a critical requirement for service provider networks since most enterprise customers expect the same level of availability from Carrier Ethernet as compared to traditional leased-line networks. The Cisco ME 3400E Series supports redundant, field-replaceable, integrated power supply and fan modules. To help service providers quickly activate and troubleshoot services, the Cisco ME 3400E Series offers traffic loopback capabilities so service providers can remotely verify and monitor services. Four external alarm inputs allow service providers to quickly respond to changes in environmental conditions before a switch failure occurs.
To further increase service availability on a networkwide level, the Cisco ME 3400E Series offers Flexlink for sub-50-millisecond failover, Resilient Ethernet Protocol (REP), Link-State Tracking, IEEE 802.1w Rapid Spanning Tree Protocol (RSTP), per-VLAN Rapid Spanning Tree Plus (PVRST+), and the Cisco Hot Standby Router Protocol (HSRP) to create redundant, fail-safe topologies. Strong, built-in security in three tiers - network, switch, and subscriber-based - helps prevent the device and the network from succumbing to malicious attacks, thereby increasing network uptime.
As more enterprises adopt Carrier Ethernet technology, the demand on service providers' service provider organization to offer new services increases. The Cisco ME 3400E Series offers 1:1 VLAN translation, which allows end customers the flexibility of choosing their own internal VLANs without affecting service providers' core network. And with the Selective QinQ feature, service providers can offer multiple Ethernet Virtual Private Line (EVPL) services on a single UNI.
Customers are also looking for more QoS functionality to support different types of applications. To help service providers meet stringent QoS requirements from customers, the Cisco ME 3400E Series offers two-rate three-color policer with byte-level statistics and inner-to-outer CoS mapping. The ability to offer greater QoS can directly impact service providers' profit margins.
With today's sophisticated networks, service providers are always looking for ways to reduce OpEx and increase profit margins. The Cisco ME 3400E Series provides the following tools to help service providers simplify the management of service providers' Ethernet services.
Traffic loopback capabilities help service providers activate and troubleshoot new and existing services without expensive truck rolls. Dying gasp for power indicators and four external alarm inputs to detect changes in remote sites further help service providers manage the health of service providers' equipment. An Ethernet management port provides dedicated access for service providers to monitor and provision the switch.
In addition, the Cisco ME 3400E Series includes Generic On-Line Diagnostics (GOLD) and Onboard Failure Logging (OBFL) to help service providers avoid potential problems before they occur and to troubleshoot and diagnose issues once they happen. Including the Embedded Event Manager (EEM), Ethernet Operations, Administration, and Management (OAM), and Time-Domain Reflectometer (TDR), the Cisco ME 3400E Series provides a comprehensive set of tools to help service providers to manage Ethernet services.
Multitier security capabilities provide comprehensive security. Network-based security protects the network from unauthorized traffic, switch security maintains continuous operation of the switch, and subscriber security shields users from other malicious subscribers.
For network-based security, the Cisco ME 3400E Series uses access control lists (ACLs) and 802.1x features to identify the users that are allowed to transmit traffic through the switch and filter all incoming traffic to help ensure that only valid traffic is allowed.
The Cisco ME 3400E Series has built-in protection from attacks to the switch itself. For example, local ports are disabled by default, to prevent unauthorized physical access to the switch. All Cisco ME 3400E Series Switches have four external alarm inputs to help detect unauthorized attempts to access the devices. In addition, the switches offer features to protect the CPU and the configuration file from attacks.
The CPU is a critical component of an Ethernet switch, responsible for process control protocols such as Spanning Tree Protocol and routing updates. If the CPU is under denial-of-service (DoS) attack, those control packets could be dropped, resulting in network outage. Features such as Control Plane Protection and Storm Control protect the CPU against malicious attacks. Port Security allows service providers to control how many MAC addresses are allowed from each subscriber, thereby protecting the memory from being overwhelmed.
Subscriber security shields users from other malicious subscribers by creating a protective barrier between users. The UNI/ENI/NNI feature creates a circuit-like behavior to separate each customer's traffic from other customers' traffic. DHCP Snooping, Dynamic ARP Inspection (DAI), and IP Source Guard help service providers identify each customer's MAC address, IP address, and port information, thereby preventing malicious users from spoofing attacks.
Protection of the network at the access point is critical. These devices are a front-line defense against attacks and the potential costly and debilitating problems that may result, caused maliciously or otherwise.
Software Images Optimized for Business Services
The Cisco ME 3400E Series is available with two different software images customized for business VPN deployments: METROACCESS and METROIPACCESS. The METROACCESS image includes features such as advanced QoS, robust multicast, and a comprehensive security solution. In addition, the METROACCESS image includes features for advanced Layer 2 VPN services such as 802.1q Tunneling and Layer 2 Protocol Tunneling (L2PT), configurable per-VLAN MAC Learning, Resilient Ethernet Protocol (REP), Link-State Tracking, and Flexlink. The METROIPACCESS image contains features for Layer 3 VPN services such as a range of routing protocols, Multi-VRF CE, and policy-based routing (PBR) (incremental to the METROACCESS feature set).
The Cisco ME 3400 and ME 3400E Series support the same METROACCESS and METROIPACCESS software images. This makes it easy for service providers who have already deployed the Cisco ME 3400 Series but are looking to use the Cisco ME 3400E Series for more advanced Ethernet services.
Service providers can customize the features required for each deployment at the appropriate pricing level. Simple software upgrades to a more feature-rich image provide a "pay-as-service providers-grow" capability, so service providers can upgrade when necessary.
With these image options, service providers can base service providers' service-level offerings on what service providers need to achieve with the deployment, at a price that works best in service providers' marketplace. With the flexible, feature-rich Cisco ME 3400E Series, service providers can standardize on a single platform for deployments across different business VPN markets, thereby reducing costs for sparing, easing management and training requirements, and reducing overall operational costs in the process.
IP Next-Generation Networks
Almost every major service provider worldwide is pursuing IP Next-Generation Networks (NGNs). These networks are critical for service providers to provide current and future services, increase infrastructure efficiencies, and enable the value-added network and service control that they need for competitive differentiation and long-term profitability.
With its global commitment to service providers, massive investment in innovation, superior IP expertise, and a comprehensive approach to both the network and business needs of its customers, Cisco focuses on helping service providers make this journey to the IP NGN as quickly, smoothly, and profitably as their goals dictate.
The Cisco IP NGN architecture focuses on three primary areas of convergence that are already well established in service provider networks today:
• Application convergence: Where a profusion of new capabilities and end-user devices can provide a multitude of new service opportunities for carriers.
• Service convergence or or "quad play" which combines consumer, business, wholesale, and mobile services.Where far more peronsalized application- and subscriber-level service control intelligence is needed to facilitate the efficient and profitable delivery of any service to any device anywhere.
• Network convergence: Where disparate networks need to be brought together over a more efficient and cost-effective common infrastructure.
From the perspective of the network and network convergence, providers are migrating from deploying, managing, and maintaining many service-specific networks to delivering all services on a single IP/MPLS-based network. Cisco is delivering innovative technology to accelerate network convergence and help customers significantly reduce infrastructure costs.
The secure network layer of the Cisco IP NGN comprises customer elements, access and aggregation realms, intelligent IP/MPLS edge, and multiservice core components with transport and interconnect elements layered below and above. This layer is undergoing dramatic and fundamental changes compared to only a few years ago. IP/MPLS is being integrated throughout each section of the network. Edge and core areas are converging, with each adopting capabilities of the other and providing greater efficiencies to the provider. Customer elements, whether they are end-user devices or routers at the network gateway of a business, are converging as well. Service providers can take advantage of this convergence to offer new, more, and better services.
Conversely, one area in the network that is not converging is access and aggregation. In fact, this area is evolving. More and more types of technologies are being offered in the access realm, from third-generation (3G) and Wi-Fi, Ethernet and cable, to DSL and fiber, in addition to traditional technologies that remain in place such as ATM, Frame Relay, and TDM. The list continues to grow, and these new technologies introduce new challenges to the network because it now has to adapt to whatever access means - even multiple ones - customers choose to receive their services.
A significant portion of the marketplace believes that Ethernet - a new, carrier-class evolution of Carrier Ethernet - is the ideal technology to underpin IP NGNs. With new carrier-class attributes such as high levels of availability, integrated security and QoS features, and ATM/Frame Relay and TDM interoperability, Ethernet not only can provide high levels of bandwidth at low cost, it is also ubiquitous throughout the network, and it is easy to implement and deploy.
As a leader in metro networking solutions, Cisco offers service providers important advantages:
• A service-rich solution: The Cisco solution helps service providers build a broad portfolio of Carrier Ethernet services. Advanced QoS capabilities allow service providers to differentiate their offerings through SLAs. Additional bundled offerings can be delivered over Carrier Ethernet, taking advantage of Cisco extensive CPE offerings and partner programs.
• Architectural flexibility: In the diverse metro market, Cisco solutions can be implemented using Ethernet, optical, and IP/MPLS technologies. When combined with capabilities such as Frame Relay and ATM interworking, these technologies give service providers the ability to extend their service footprints.
• Proven carrier-class solutions: Cisco Carrier Ethernet solutions have been deployed by service providers in different regions for delivering business and residential services. Validated through large-scale deployments, Cisco carrier-class Carrier Ethernet solutions meet service providers' requirements for reliability, scalability, and manageability.
• Service provider market leadership: Cisco has an extensive product portfolio to deliver end-to-end solutions to its customers. Cisco's superior deployment experience includes more than 250 MPLS customers, 1000 optical customers, and hundreds of Carrier Ethernet customers. Cisco will invest billions of dollars during the next five years to continue bringing innovation to the service provider market.
• Market leadership in enterprise networking: More enterprises have built their IP infrastructures with Cisco equipment than with any other vendor's. Service providers that work with Cisco can quickly and smoothly connect with their customers, gaining the benefit of accelerated demand for services that increase overall network usage, reduce cost per user, and generate a faster ROI.
• Standards leadership: For more than a decade, Cisco has been a major force in the development of innovative Ethernet, Layer 2, and IP/MPLS features. The company continues to lead support for Metro Ethernet standardization in the IEEE, ITU, IETF, and Metro Ethernet Forum (MEF), as well as in the MPLS and Frame Relay Alliance, Ethernet in the First Mile Alliance (EFMA), and ATM Forum.
• Comprehensive support programs: Cisco helps service providers' transition to a multiservice packet network with support services addressing device-, network-, and application-level challenges. Service providers that choose Cisco gain access to one of the industry's largest pool of networking experts, who collaborate in the planning, design, and implementation stages of a project, as well as with ongoing operational support and network optimization.