Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco IP Solution Center MPLS VPN Management

Cisco Converged IP Services - MPLS, Metro, and Security

Downloads

White Paper

Cisco IP Solution Center

Service Management for Cisco Converged IP Services—MPLS, Metro, and Security

Overview

The Cisco® IP Solution Center is a carrier-class network and service-management offering for the rapid and cost-effective delivery of Multiprotocol Label Switching (MPLS) Border Gateway Protocol (BGP) virtual private network (VPN), Layer 2 VPN, security, and MPLS traffic-engineering services. Targeted to enterprise customers, these services can represent major revenue opportunities for service providers. Success in this highly competitive market requires the ability to effectively plan, provision, operate, and bill for such IP services (refer to Figure 1).

To demonstrate leadership in a competitive market, service providers and enterprise companies must deliver reliable, advanced telecommunications services in a timely manner. This competitive environment has created new business opportunities and new challenges for communications equipment providers. In addition to manufacturing hardware to support new communications technologies, communications equipment providers are expected to provide associated management products to enable rapid service delivery.

Service providers rely on communications equipment vendors to provide management systems that enable and simplify the task of operating the network and its services. Service providers also require these management products to be integrated with their existing business support systems (BSSs) and operations support systems (OSSs) infrastructure. As this infrastructure grows in size and complexity, so does the requirement for vendors to provide greater functionality beyond element and network management.


Figure 1
The Cisco IP Solution Center Accurately and Cost-Effectively Manages the Life Cycle of MPLS BGP VPNs, Any Transport over MPLS (AToM)- and Metro-Based VPNs, and Security Services

The Cisco IP Solution Center is a follow-on product to the Cisco VPN Solution Center that provides new and enhanced functionality for full-service life-cycle management of MPLS BGP VPNs, AToM- and metropolitan (metro)-based VPNs, and security services. Some of the new and enhanced Cisco IP Solution Center applications include:

  • MPLS BGP VPN management
  • Layer 2 VPN (AToM) management
  • Security management application for IP security (IPsec) VPN, firewall, and Network Address Translation (NAT) management
  • Policy-based quality of service (QoS)

The remaining sections of this white paper provide an overview of the Cisco IP Solution Center systems management architecture, systems management features, and descriptions of the various management applications.

Cisco IP Solution Center System Architecture and Infrastructure Features

The Cisco IP Solution Center is a distributed, four-tier architecture for maximizing scalability, redundancy, and robustness. The four-tier architecture enables the system to scale to large-scale installations as well as standalone, appliance-based installations.


Figure 2
Cisco IP Solution Center is a Distributed, Four-Tier Architecture for Maximizing Scalability, Redundancy, and Robustness

The four tiers are client, interface, control, and distribution. This architecture provides the modular framework that is the foundation of this scalable, carrier-class system:

  • Client Tier—Web-based graphical user interface (GUI) (HTTP to Web server) or client application (Remote Method Invocation [RMI] to Enterprise JavaBeans [EJB] container)
  • Interface Tier—Scalable Java 2 Platform, Enterprise Edition (J2EE) AppServers (Web server and EJB container)
  • Control Tier—Repository, task manager, watchdog, and scheduler
  • DistributionTier—Task worker and collection domain servers

Client Tier

The client tier is composed of a standard Web browser-based client application and a client application for programmatic access to the Cisco IP Solution Center servers.

Interface Tier

The interface tier consists of Web servers and application servers. Multiple Web servers can be instantiated to increase parallel access to the system. In addition, a standard load balancer can be installed in front of the Web servers to load balance browser traffic to the system. The distributed Web-server design allows for increased scalability for user-interface access to the system.

Control Tier

The control tier comprises the heart of the system, providing control, monitoring, and distribution of the remaining tiers of the system. The Cisco IP Solution Center takes advantage of a RDBMS (Sybase) or Oracle database as a data store, allowing users Structured Query Language (SQL) query access for information.

Distribution Tier

Distribution tiers are composed of provisioning servers and collection servers. Multiple provisioning servers can be created to increase the parallelism of computationally intensive tasks. In most cases, multiple provisioning servers facilitate faster processing of multiple, simultaneous provisioning jobs. The collection servers, on the other hand, are responsible for device configuration collection, service-level-agreement (SLA) data collection, and usage data collection. Multiple collection servers also can be created to increase the parallelism of retrieving this data in a scalable manner from the network.


Figure 3
Deployment View of Cisco IP Solution Center

A multitude of other system features complement the scalable, distributed access. Some of these system features are outlined as follows. For more detailed information on these features, refer to the detailed, technology-specific white papers.

  • Role-based access control (RBAC)—The Cisco IP Solution Center implements RBAC III for granular, role-based access control. A user can create roles for operator, administrator, customer, reseller, and other custom roles.
  • Customer-network-management (CNM) views—RBAC, together with a Web browser-based user interface, can be used to advantage to create flexible CNM views for provisioning, SLA, fault management, and troubleshooting tasks.
  • Auto-Discovery—The Cisco IP Solution Center also provides a powerful Auto-Discovery feature set to facilitate device, Layer 2, Layer 3, MPLS VPN, and Layer 2 VPN service discovery.
  • Bulk inventory manager—Auto-Discovery keeps the inventory manager appraised of the installed network inventory. The inventory manager can classify the discovered network inventory into customer edge and provider edge devices.
  • Topology views and geographical maps—Layer 2 and Layer 3 connectivity views and service topology views are available on overlay geographical maps.

Figure 4
The Cisco IP Solution Center Provides Topology Views and Geographical Maps

Complete Life-Cycle Service Management

The Cisco IP Solution Center delivers complete life-cycle management, from creating the IP service to real-time provisioning, service activation, service auditing, and service assurance. The Cisco IP Solution Center was designed to effectively accommodate the dynamic nature of IP services, facilitating fast additions of devices, device upgrades or relocations, and other changes that allow service providers to responsively address the needs of corporate clients. Designed for reliability, scalability, and flexibility, the Cisco IP Solution Center uniquely enables service providers to maintain IP services with no service disruptions.

The Cisco IP Solution Center provides the provisioning tools that enable rapid deployment and fast time to market of IP services. Simultaneously, the solution simplifies management of complex, multiaccess, multiplatform IP services, helping to reduce the service provider's overall administration and management costs. The Cisco IP Solution Center also features open application programming interfaces (APIs) and OSS interfaces to enable integration of IP services operations into existing service provider OSSs.

Real-Time Provisioning

An intelligent provisioning module (the patented Cisco Intelligence Engine) captures the intent of the IP service and translates that into an intelligent object model. Based on simple service order-entry information, the module configures the device and generates the complex instruction sets required to create the IP service. During provisioning requests, the Cisco IP Solution Center collects real-time configuration and object model information to ensure accuracy.

Automating the complexities of provisioning eliminates many operator errors, shortens service startup times, and lowers the cost of provisioning. The Cisco IP Solution Center allows customers to create IP service requests through either graphical user interface (GUI) or API and manages the entire life cycle for each service request.

· Scalable architecture—The Cisco IP Solution Center is a carrier-class network and service-management solution for the rapid and cost-effective delivery of IP services. IP-based services targeted to enterprise customers can represent major revenue opportunities for service providers.

· RBAC model—Service providers can use the flexible RBAC model of the Cisco IP Solution Center to define different user roles, including the provider's carrier model and user administrative model.

· Flexible service activation—A full task scheduler lets operators schedule the date and time of day for service activation. Cisco IOS® Software sends commands to the appropriate network elements to activate and then test services.

· High-performance service auditing—A high-performance auditor validates IP service configuration, monitors performance, and identifies faults to ensure high network integrity and service quality. The Cisco IP Solution Center can also generate reports on the status of service requests (requested, pending, deployed, or functional).

· Service quality assurance—Service-assurance features assure that IP service target devices remain provisioned correctly and that the service itself is operational. Reports and alarms can be generated based on designated requirements, such as SLA thresholds.

· SLA monitoring and reporting—An SLA subsystem monitors IP-aware SLAs for round-trip times, availability, and usage. Thresholds can be configured that allow violations to be reported.

Cisco IP Solution Center Applications

Cisco IP Solution Center: Security Management

Managed security services enable service providers to deliver private integrated data, voice, and video networking solutions to business customers. The Cisco IP Solution Center Security Solution provides robust, flexible, managed security deployment and management capabilities, and integrates functionality for managing an entire service life cycle from initial provisioning through OSS integration and SLA reporting.

Ideal for service providers delivering services in enterprise customer environments that demand maximum information privacy and access security, the security-management software line card can be used by customers to effectively manage the security offering in one place. Services include NAT, policy-based firewall, intrusion detection system (IDS), and IPsec.

Key Services

Policy-Based Firewall Service

The policy-based firewall service allows a service provider to effectively manage and deploy comprehensive security policies that protect all network resources.


Figure 5
A Policy-Based Firewall Service Allows Service Providers to Effectively Manage and Deploy Comprehensive Security Policies That Protect All Network Resources

Network Address Translation Management

NAT management has been bundled into the security service-management platform so that customers can easily manage the address translation for the integrated service offering.

IPsec VPN Management

The profitability of an IP offering directly relates to the service provider's ability to effectively and efficiently provision, bill, and monitor the performance of IP services. In the case of an IPsec VPN, provisioning is particularly complex, requiring configuration of each of the devices participating in the VPN. Without an automated provisioning tool, the service provider faces time-consuming, error-prone manual procedures—including resolving incompatible or inconsistent IPsec and Internet Key Exchange (IKE) policies among devices—that only worsen as the IP scales in size. Because of the number of tunnels that must be built, IPsec IP deployments are inherently difficult to scale. This can be a major problem for service providers who must be able to manage thousands of VPNs with tens of thousands of sites.

Cisco IP Solution Center: MPLS VPN Management

The Cisco IP Solution Center provides management of MPLS VPN services throughout the service life cycle, including service provisioning and activation on customer edge and provider edge routers, service auditing, and SLA and traffic usage data collection. The set of well-defined APIs provide external OSSs access to the full capability of the Cisco IP Solution Center, allowing flow-through provisioning, SLA monitoring, and IP VPN service billing. The Cisco IP Solution Center complements Cisco's IP solution by simplifying the planning, provisioning, service assurance, and billing processes, thereby reducing the cost of deploying and operating IP VPN services. The Cisco IP Solution Center does not contain a billing application, but the product enables billing by providing the usage data on services that a billing engine can process.

MPLS VPNs

Operators and upstream systems can add, delete, or modify customer MPLS VPNs and define the associated IP service topology (hub and spoke, full, and extranets) via the Cisco IP Solution Center user interface or APIs. Wizards assist service technicians to help simplify the process of entering requested IP service-related information, including customer and SLA profiles and QoS parameters for the service. The software then translates the IP service-request information into configurations that implement the IP service and validate the configuration. The Cisco IP Solution Center keeps track of the current IP state of the service request and scheduled tasks, including error conditions. It also supports router console provisioning and templates to allow operators to stage customer edges in a managed-service environment. The Cisco IP Solution Center can be used to activate Layer 3 configuration of the IP VPN service from initial router configuration to IP service activation.

In addition to MPLS VPNs, this Cisco IP Solution Center application blade supports IPsec access into MPLS VPNs, as well as Layer 2 (Ethernet) access into MPLS. Also supported are multicast VPN, site-of-origin features, and Virtual Route Forwarding (VRF) Lite.

Cisco IP Solution Center Layer 2 VPN Management

Today's typical Layer 2 VPNs include Frame Relay- and ATM-based VPNs using data-link connectivity and leased-line services. Cisco is developing new Layer 2 VPN technologies to transport Layer 2 data frames, metro Ethernet services, transparent LAN services, and WAN service over IP. The new technologies are allowing the overlay of Layer 2 services over a common Layer 3 IP- and MPLS-based infrastructure. Taking advantage of the Layer 3 infrastructures will allow service providers to be competitive and offer IP-based services, VPN, video, voice over IP (VoIP), Internet, and storage-based networks. Service providers today need to meet business plans and offer new services; therefore, automation and simplicity of adding new services is a key component. Layer 2 VPN simplifies subscriber services by eliminating the complexity of Layer 3 routing at the customer site, allowing service providers to rapidly deploy services. Some of the new IP- and MPLS-based technologies that enable Layer 2 VPN services are AToM, including Ethernet, Frame Relay, and ATM over MPLS (EoMPLS, FRoMPLS, ATMoMPLS), Layer 2 Tunneling Protocol (L2TP) Version 3, and Dot1Q in Dot1q (QinQ) encapsulation.

Network management and rapid deployment of Layer 2 VPN services will be essential for service providers to succeed. OSS integration and support in the Layer 2 VPN environment, including service fulfillment, service assurance, and service billing, is a necessity.

Policy-Based QoS Management Application

The Cisco IP Solution Center Traffic Management service option provides an end-to-end QoS management application coupled with an IP core MPLS traffic-engineering application.

The QoS management service provides device modeling, characterization, and automated provisioning of edge and core QoS features, including:

  • Traffic classification (protocol, port, address, and Differentiated Services code point [DSCP])
  • Traffic marking
  • Rate limiting
  • Traffic shaping
  • Congestion management (Class-Based Weighted Fair Queuing [CBWFQ] and low-latency queuing [LLQ])
  • Congestion avoidance (Weighted Random Early Detection [WRED])
  • Link efficiency (fragmentation and compression)
  • MPLS-based class of service (CoS)

Figure 6
The QoS Management Service Provides Device Modeling, Characterization, and Automated Provisioning of Edge and Core QoS Features

Business Benefits

The benefits of using the Cisco IP Solution Center to deploy and manage IP services range from faster time to market and improved network quality to reduced operational costs and lower total cost of ownership. The comprehensive management functionality of the Cisco IP Solution Center enables service providers to minimize initial investments by taking full advantage of existing infrastructures and devices. By providing a single infrastructure for all existing and future IP services, the Cisco IP Solution Center allows service providers to reduce the training costs and time to market for new services. The Cisco IP Solution Center also features APIs and OSS interfaces to enable integration of IP services operations into existing service provider OSSs.

The easy-to-use provisioning tools of the Cisco IP Solution Center enable rapid deployment and fast time to market of IP services. Automated, real-time provisioning eliminates many operator errors, shortens service startup times, and lowers the cost of provisioning. The solution also simplifies management of complex, multiaccess, multiplatform IP services, helping to reduce the service provider's overall administration and management costs.

Policy-based firewall service allows service providers to effectively manage and deploy comprehensive security policies that protect all network resources, and built-in scalability ensures that service providers can meet both current and future service requirements without having to perform complete system upgrades.

Summary of Benefits

  • Complete life-cycle service-management platform for IP VPN technology offerings
  • End-to-end simplified network management
  • Improved network quality
  • Reduced capital investment
  • Lower operations expenses
  • Rapid deployment
  • Faster time to revenue
  • Future-proof scalability

Conclusion

The Cisco IP Solution Center eliminates common deployment and management issues by elevating the service administrator's role to that of business manager, as opposed to low-level, device-specific policy manager and administrator. The Cisco IP Solution Center implements a business-centric, service-level management model that allows customers to define high-level policies, while offloading to the Cisco IP Solution Center Software the application of those policies to specific network devices.

The Cisco IP Solution Center simplifies management of complex, multiaccess, multiplatform IP services and reduces management costs. Cisco IP Solution Center service options provide service-level provisioning, service-aware performance, service-level assurance, and service-aware usage. Accepted worldwide by more than 160 leading corporations, the Cisco IP Solution Center (evolution of well-established Cisco VPNSC) is the standalone management solution for effective management of converging services, supporting a unified view of VPN, metro Ethernet, security, and QoS services through a common repository of information across all these packet-based services.

The Cisco IP Solution Center simplifies and speeds the deployment and management of packet-based services, delivering faster time to revenue while increasing operation efficiencies. The Cisco IP Solution Center is an end-to-end network management solution that scales as the organization evolves.

For More Information

Visit the Cisco IP Solution Center product page for more information.