Printer Friendly

IP/MPLS network management--automate or disintegrate!

As a network architect for a telecommunications service provider, your task is to realise the strategic vision laid out for the company at board level. Your plans will determine how the overall aims are achieved: how services are delivered and profits generated

In particular, you are largely responsible for deciding how network operations are managed, how services are provisioned and how the engineering task force configures and maintains the network equipment. You will help define the next-generation OSS architecture--and cope with the challenges and shortfalls of existing manual systems.

The harsh reality is that in the majority of today's carrier networks, there is a gap in thinking between the grand ideas of the boardroom (driven naturally by business criteria) and the practicalities of running and managing a service-oriented infrastructure (driven by pragmatism, experience and available resources).

Most telcos have either already invested in or are seriously considering MPLS-based IP networks with the promise of advanced services. This paper aims to show how their success--perhaps--even their long-term commercial survival--depends on the OSS being an essential part of that business strategy and the design of the network.

What has traditionally been the exclusive domain of engineers is now a crucial component in an IP-based carrier infrastructure--an OSS system where automation is integral and paramount.

1. Are you running to stand still?

OSS systems have not kept pace with the demands of IP networking. That fact has slowed the pace of IP implementation not one jot. This should concern anyone involved in network planning and design.

Firstly, the various processes involved in trying to maintain the network are not only manually run but are, secondly, not integrated with one another. Network operations runs its set of processes, provisioning a different set, network engineering another and security yet another view, leading very often to conflicting interests and overlap in processes, resulting in wasted time and high error rates.

Thirdly, the scale of the task of managing a modern IP network outstrips conventional manual methods. There is a massive increase in complexity, based on an increase in network capability and, most importantly, due to the range of new, converged high value services. There is now a huge diversity of devices from numerous vendors, each with its own vendor operating and management software and command language.

Some form of vendor-specific software productivity tool or scripting application offers a measure of configuration, management and service activation control to each active network element, such as routers and switches. This proprietary software demands specific, expensive engineering knowledge and experience.

Carriers are forced to juggle these disparate proprietary software elements in a necessarily fragmented approach. They must try to manage multiple activities at the infrastructure layer while attempting to plug the gaps in management. There is no true integration--there are far too many discrete "touch points" and changes of ownership across the network to manage with any consistency.

A major appeal of IP-based networking is the new advanced services it supports. As the quantity of services grows, so does the pressure on what has become the fraying fabric of conventional OSS. Eventually the weakest parts will unravel at enormous expense and bringing service quality problems in its wake. And this is the very structure upon which the vast majority of today's carriers are aiming to build and grow the next generation new communications services.

With these three drawbacks, no wonder about 40% of an experienced engineer's time is spent doing what are essentially clerical CLI-based tasks. No wonder up to 50% of manual service configurations fail the first time around and no wonder around 80% of network budget is spent keeping it operational--fire fighting and running to stand still. Perhaps most depressing of all for the network planner is that this is accepted as an unfortunate but unavoidable fact of life. It is not!

It is time for those responsible for service provider strategy and those responsible for implementing that vision to wake up and smell the coffee. Carriers embracing VPN/MPLS networking as the basis for the next generation of their service portfolio, maintain this disconnected approach at their peril.

2. Old-fashioned techniques, old-fashioned results

Service providers worldwide are investing in MPLS VPN platforms so as to offer converged, IP services with CoS differentiation and QoS assurances, backed up by SLA guarantees.

The high-level strategy document is agreed by the board and reaches the networks planners who, after due consideration as to how to proceed, issue tender invitations and begin discussions with the major equipment vendors. The planners and network architects then work out the practicalities and decide processes, standards and protocols.

They purchase the components with a sackful of potential functions--vendor ticks in boxes--but little or no thought is given to how the new network will or, indeed, can be managed effectively, other than relying on vendor-specific tools and the experience of the network professionals. The lifetime costs of maintaining the MPLS network--the bright hope of the carrier's future--and running the converged services it enables, are forgotten in the rush to implement the new equipment and be recognised by the marketplace as offering an advanced portfolio.

Further "downstream" still, the engineering task force implement the processes at the operational level across the actual network. Until recently, this workflow has more or less kept pace with the changes in technology--but not any more.

Until the advent of IP, the engineers had a reasonable chance of keeping up with the configuration changes and event monitoring. Today's customer demand unprecedented flexibility so it quickly becomes impossible to support customers' needs in anything like a timely fashion. At the same time, the margin on services is dependent on delivering them at the lowest cost to the carrier. This simply cannot be done through the traditional manual OSS. The question arises: how will these high-value services be defined, tailored and automated?

"As routers and LAN switches have continued to provide more capabilities over the years, they've also become increasingly complex to manage, resulting in a device configuration nightmare for network operators. To manually configure a device in today's complex networking environment means that a senior-level network engineer must know the device's detailed command-line syntax and semantics, which many times means entering thousands of lines of code. Unfortunately, the end result in today's highly competitive environment is lower operational efficiency, higher costs, reduced network optimisation and shrinking margins."

Debra Curtis, Research Director, Gartner Inc.

3. The Emperor's new clothes At board level very few service providers recognise that the new technology they are embracing as the vanguard of new revenue is, in fact, the organisation's single most unstable asset. The Emperor might promise much, but as he stands at the moment, he has an acute shortage of clothes ...

The explosion in complexity, the rate of change and diffusion of services, the speed at which new services are being introduced and the lack of true integration with existing systems mean that the IP layer is wobbling. It is the only layer in their network still driven by proprietary operating systems, such as Cisco's IOS, Juniper's Junos and the equivalents from Alcatel and Nortel Networks. A non-standard element means maintaining specialised in-house skills that are "single threaded", applying only to a particular set of devices or vendor products silo--it is, of necessity, silo thinking.

Similarly, ask any carrier asked about the deployment of a new product and where their concerns are, and the answer will be: 'How do I activate the service so I can bill for it?" This focus on service is also single-threaded, leading to the creation of application silos in response to new products.

The vendors are constantly developing new features while, at the same time, it is a dynamic environment with a high rate of technological and customer-related change--factors combining to produce a highly unstable environment.

Several additional critical points are often being ignored:

--The investment in multi-service infrastructure means that often more than one service will be delivered over the infrastructure. The infrastructure is "multi-personality", so that introducing an activation platform specifically for MPLS VPNs covers only one product set.

--The on-going management of the platform in these cases is often being ignored. Crucial questions are being forgotten, such as: "How do I deal with changes that are not activiation-related? How do I control and upgrade the platform to support new services? How do I build services that extend beyond one technology layer (such as from VPN to VLAN)?

Effective platform management is not just about activation it is about the holistic and automated management of the whole environment.

The solution lies in automated integrated processes for IP network management, delivered as an essential part of the carrier's strategy.

4. "Abstraction"--hide the complexity Automation is the way to progress from the "old" world where, for instance, circuits were put in place then retained often for many years, to the new age of customer-driven, on-demand, highly flexible services.

But "automation" in this context does not mean simply speeding up the old discrete manual processes. State-of-the-art OSS automation, such as the Intelliden R-Series suite means a new set of integrated processes designed for an IP environment. Intelliden software provides, in effect, an operating system for automated intelligent networking.

Abstraction represents something complicated in a simple fashion, not removing but, instead, hiding the complexity behind a straightforward presentation. An example is the way Windows is able to hide the complexity of DOS, while retaining its functionality. Users do not have to type in specialist DOS commands; they simply click icons with a mouse. The detailed operations of the computer and network are already programmed into the system, which understands the complexity behind the user's basic instructions. The manual commands have been "abstracted" by the software developer and turned into automatic processes.

The same idea is now applied to state-of-the-art network devices and their configurations. A "knowledge base" of software and hardware capabilities is "modelled". Complex, repetitive and time-consuming tasks are defined at this abstract level by turning them into functions carried out transparently and automatically by intelligent OSS software.

In the same way a layperson can use a computer's functions easily today, next-generation users will, transparently, be users of complex network devices. The action of downloading a film, for instance, will automatically set in motion the means to enable a network to provide the bandwidth for the film to be downloaded.

5. "Model-based" networking

Intelliden enables authorized non-specialist end users to interact with the OSS by "abstracting" the specific complex commands of each network device into a common format: XML language*. Abstraction provides common ground or a "lingua franca" for managing dissimilar devices from a variety of vendors--from firewalls to Ethernet switches. The platform is independent, yet each device can retain its specialist functions and each carrier can maintain its differentiating features: just as the Windows operating system does not care what particular PC hardware it runs on, and just as Windows applications developers are able to write to a higher level of abstraction, no longer having to write in underlying DOS.

Intelliden claims to be the only company in the world with this "model-based intelligent networking" approach--the foundation for an extensible platform that delivers network automation. Its automated device-modelling capability parses the existing command syntax of a device and translates the device commands into a XML-based schema that depicts the command structure of the device.

"Every network device has its VTMOS combination. In unlocking it, Intelliden translates the proprietary vendor CLI commands into an open standard plan or schema that end users can understand. This schema allows Intelliden to manage the syntax and semantics of every possible VPN configuration, for example.

Users interact with the abstracted schema of each device through the Intelliden GUI interface and can automate the entire network management process, including IPSec, MPLS and QoS configurations.

Among the significant benefits of this abstraction approach, it becomes possible to apply systems logic to the XML schema, enabling users to drive, manage and manipulate the complex device with straightforward instructions. Instead of having to employ expensive, highly skilled individuals who know the details of each specific network device, such tasks can be handled as part of single, integrated system.

This systems-level approach, replacing the old one-to-one relationship with each device, is not only far more accurate, but this larger-scale, more engineered approach is also more reliable, increases transaction volumes and handles greater complexity. And all the tasks can be carried out far quicker than before.

* Structured XML (Extensible Markup Language) is a globally recognized cross-platform, software- and hardware-independent language used for data manipulation and data transmission.

6. Automated OSS--who are the users?

Intelliden software automates four main aspects of network activity: activation and provisioning, network management integration and configuration, and change management:

--It carries out these tasks on a scale that would be impossible to do manually.

--It is designed specifically for Layer 3 (IP-based VPN/MPLS networks) and Layer 2 (Metro and Gigabit Ethernet Access) networking

--It takes pressure off the engineering task force through radical levels of automation.

--It carries out tasks with an accuracy and consistency beyond any current methods

--It captures and validates all human activity on the network, so no more blind spots.

--It addresses and solves the very real OSS problems facing today's carriers as they migrate to VPN/MPLS, VoIP and metro Ethernet products.

So, within a carrier, who are Intelliden system users? They can be divided into two broad types:

--Network professionals who design and set up the network OSS, who set the parameters, rules and decide the criteria and permissions for service activation, reports and the myriad of network configuration and administration activities.

--Those who have certain job functions allowing them access to parts of the network or types of service. They might have permission to establish or remove particular services or functions or view specific customers, for example. They are unlikely to know how the network is actually configured . beyond a basic level.

Put another way, users who would come into direct contact with their automated system include:

--Those who "provide": creating new services and deploying new customers or new locations.

--Those who "assure": who manage customers day to day, managing their needs once customers are up and running.

The GUI-based front end is designed to be accessible to all types of authorised user, from the experienced engineer to the non-technician whose job function happens to include interacting with the OSS.

7. The telcos' Tower of Babel

Each network equipment vendor produces operating and management systems for its particular devices, such as routers, switches and firewalls. Just three years ago, understanding the capability of each such device demanded knowledge of around 400 lines of commands--the CLI. Today that figure is around 1,500 lines and rising. Five years ago, one major US carrier had CLIs averaging 25 lines per device five years ago; it now averages 1,000 per device and some devices exceed 50,000 lines.

The initial cost of these devices is often relatively low, while vendors add functionality with each succeeding release. As a result, the demands on the knowledge and skill of the already hard-pressed engineer, however, grow exponentially with each different device and each release from each vendor.

The vendors themselves reassure carriers that their devices can be configured and controlled, although the software is largely confined to that vendor's particular equipment. The element management software is designed to make the engineer more productive in relation to that specific piece of equipment. In reality, it only addresses one isolated entity in a massive, complex network. Most importantly, it still relies on manual interaction.

With IP networks capable of thousands of logical connections coming from a single point in the network and because the paths through the network are shared, making end-to-end control of a single path in the traditional fashion impossible, today's network engineers face an impossible task. Their problems are aggravated by the inherent flexibility of the IP-based services carriers want to offer customers and, as mentioned, the continuing complexity and individuality of network devices.

The challenge they face is the networking equivalent of being fluent in every EU language and dialect and being able to translate between any two or more. They must understand the "language" of every chosen vendor's network devices (as set out in innumerable CLIs and other machine level instructions). They must also be able to switch from one to another at the drop of a hat--such as customer requests for a particular alteration or new service activation.

This is the reality of modern VPN/MPLS networks and the scale of the task facing network architects, planners and engineers of carriers who are stuck in the traditional manual ways of working.

These challenges are met through the use of a common language for network devices, enabling a unique level of automation while retaining a carrier's service differentiation. The following sections explain how ...

8. Common language; unique features

The introduction of Microsoft Windows on PCs replaced the need to type DOS commands and served as a common platform for many applications, irrespective of the brand of computer. Model-based networking applies the same thinking to IP network management, creating an interface for the user that does not demand knowledge of the underlying command language (CLIs) and is both easy to use and device-independent.

The Intelliden software is, in essence, an operating system for IP-based networks that enables the user to control and automate device configuration, service provisioning, security and auditing--not in the traditional isolated "silo" fashion, but in an integrated, holistic fashion.

It represents, in essence, a Fourth-Generation Language (4GL) for the network. 1GL CLI, 2GL PERL scripts, 3GL Productivity tools such as CiscoWorks or Activation tools are designed for single tasks. Intelliden's operating platform enables the construction of building blocks. These blocks can then be woven together to form automated process flows and integrated with other applications to create whole new workflows and operating practices.

This approach eliminates errors, inefficiencies and inconsistencies and the Net effect is service flexibility, stable cost and predictability of service delivery--all issues high on the boardroom agenda of most service providers.

The process is straightforward and quick. Its first task is a discovery process--an audit of devices attached the network. It creates databases linked to each component's IP address noting, among many parameters, the vendor, model and operating system. It then translates the CLIs into XML--the industry standard cross-platform, software- and hardware independent language used for data manipulation and data transmission.

Intelliden uses various modelling processes to build up a knowledge base of the configuration and capabilities of each network device--each router, switch, firewall, server. It "models" the specific rules and CLIs of each vendor's equipment and each area of functionality before turning them into structured XML. As XML, the various manual processes such as configuration--can be automated. The keystrokes and parameters--and the knowledge and experience of the individual engineer--are now "abstracted" by the Intelliden system. This is then the "model-based architecture".

Not only does the software note the features currently enabled on a device, it can also access a huge database of potential commands--an encyclopaedia of functions and features--ready to be implemented on demand by authorised users, without those users needing to know the CLI.

As a result, the system builds up a picture of the network-the various "realms" identifying specific customers with particular devices, connections, locations, services and configurations; the often numerous VPNs and the geography, equipment, services and customers associated with them.

The seemingly impossible challenge of understanding each vendor's peculiarities is neutralised: the Intelliden system is vendor agnostic, with every command translated to XML. In short, engineers now do not themselves have to understand every language and every dialect, but have all the advantages: the system does it for them.

Software can be implemented retrospectively into an existing VPN/MPLS installation as into a green field site. For carders perhaps two years down the line with their VPN/MPLS infrastructure, for whom coping with the demands of a growing IP customer base has become a logistical nightmare.

As well as the network devices themselves, the network involves software applications, human users and the business policies by which they run the company. Intelliden enables the network planners to incorporate policy-based network management into the carrier's automation strategy. Users, applications and processes as well as the devices can be managed according to the relevant business policies and needs.

By abstracting the various components of the network and relating them to one another, they can be controlled by the network operators and decision-makers with a high degree of automation--aligned with and in support of the company's strategic goals.

9. Preserve your differentiation; preserve your investment

The vast majority of organisations offering an automated OSS solution of some description have their roots in Layers 1 and 2 of the OSI model:

--Layer 1 is the Physical layer governing transport and transmission (such as circuit-switching of voice and SDH and optical transport).

--Layer 2 is the Data Link layer governing "switched" technologies such as the traditional ATM, frame relay services and, more recently, the important carrier products based on xDSL and Gigabit and Metro Ethernet.

They are only now beginning to embrace Layer 3 technologies--the Network layer governing routing and IP. The complexities and nuances of IP are almost literally a different world from what has gone before and there are obvious limitations in trying to present such "new world" capabilities with their "old world" mindset: applying lower layer thinking to higher layer problems.

For Intelliden, Layer 3 is its natural territory. It occupies all Layer 3 and some of Layer 2 (including ATM, frame relay and Gigabit/Metro Ethernet). Emerging in an IP world of VoIP and converged services, it has not had to attempt to drag its non-IP portfolio and attitudes into an IP-focused way of working: it is already there. Unlike organisations with their origins in Layer 1 connectivity and Layer 2 information management, Intelliden does not approach IP as a "bolt-on".

For Intelliden's "model-based" architecture, Layer 3 IP-where the complexity lies--is integral.

With this in mind, it is useful to highlight a couple of caveats regarding network automation:

--As vendor commands differ fundamentally in their structure, there is a danger that in tackling any translation into a common format, the result is a generic way carrying out network functions: a lowest common denominator that ignores any particular benefits or bells and whistles delivered by specific vendor devices.

The Intelliden system does the CLI to XML translation but retains all the individual features of a device, enabling service providers to retain their service differentiators. As a result, customer Carder A can introduce a service with particular characteristics; customer Carrier B can choose to adopt different characteristics, with both using the same type of equipment from the same vendor.

--Beware, too, network "automation" systems that cannot cope with existing manually configured aspects of the network. Their only solution is highly disruptive--tear out the manual work and introduce the new software. Intelliden's discovery process examines and reports on what already exists then sets to work automating what it has found.

Nor is it obligatory for the network designer to input all the network's rules governing devices and services into the system on Day One to gain immediate benefit. The network professionals can set the system on its discovery task immediately, quickly creating the configuration database and reporting functions. Initially, the Intelliden system can augment existing manual processes by checking device conformance--reporting, for example, whether devices are configured according to the network policy.

Once the fundamental auditing and conformance tasks are in place, the network controllers can then widen the scope of Intelliden, including giving access to other levels of authorised users. It can include those without knowledge of command lines or the internal workings of network devices--they will be able to take full advantage of the system's inherent abilities to abstract complex functions and present them with a user friendly, mouse-driven graphical interface.

10. Automation--from option to necessity

It is now impossible manually to effectively support an IPVPN/MPLS-based carrier network. Tinkering with small productivity increases simply clouds the issue: the solution lies in a commitment at the highest level to automating as much of the operational and support processes as possible, using state-of-the-art toolsets designed for an IP/MPLS environment.

Ironically, having spawned the fastest-developing industry in history (the development of 1T and networking) the carrier community has remained steeped in a tradition of slow, careful evolution. Now with the advent of self-service, highly flexible networks, its traditional cost base is under threat. Many other major sectors have undergone fundamental transformation in order to survive--the developed world has had to re-invent car manufacturing, air travel and financial services, for example--now it is the turn of the communications industry.

The capability is here--as the equipment vendors are quick to point out--but in a customer-driven, tailored market of high complexity and equally high expectations, the carriers' manual-driven delivery processes are outmoded and unable to cope.

Your business demands a foundation platform upon which any variety of services can quickly be built, delivered and assured. It can as easily be the configuration of new Ethernet services as the provisioning of IP services over DSL or the provisioning of VoIP services over a VPN--no matter how complex the services, the business need is for a single, integrated platform that adapts accordingly.

With the advent of "IP-based everything", from routers to road signs and even household appliances linked to a communications network, automation is the only credible way to handle the diversity of devices and vendor-specific CLIs and the size of the management/configuration task facing today's service providers.

Without an automated OSS, a carrier cannot offer advanced services competitively in today's IP-focused environment.

In moving from an error-prone (average 40%) manual system to a consistently accurate, structured, automated platform, a carrier can impose standards, procedures and policies on its new or existing IP based infrastructure to a degree of accuracy and granularity that previously would have simply been impossible.

11. Conclusion

Tomorrow's service provider will have to harness increasingly complex technologies and deliver them in a way that offers an almost endless array of customer options. One thing is certainty: that variation and complexity will increase as services become more diffused and differentiated.

New services and service variations can be designed quickly and "plugged" directly into the platform: no more costly training, process re-engineering or increases in headcount. It amounts to a "short-order" services menu!


ATM: Asynchronous Transfer Mode

CLI: Command Line Interface

CoS: Class of Service

xDSL: Digital Subscriber Line

DoS: Denial of Service

DOS: Disk Operating System (the forerunner to Windows)

IP: Internet Protocol

MPLS: Multi-Protocol Label Switching

OSS: Operation & Support System

QoS: Quality of Service

SDH: Synchronous Digital Hierarchy

SLA: Service Level Agreement

XML: eXtensible Markup Language

VoIP: Voice over IP

VPN: Virtual Private Network

VTMOS: Vendor, Type, Model & Operating System

Rahul Sachdev, VP Strategy, Intelliden
COPYRIGHT 2008 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2008 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Sachdev, Rahul
Publication:Database and Network Journal
Article Type:Company overview
Date:Apr 1, 2008
Previous Article:Sophos welcomes formation of Anti-Malware Testing Standards Organization.
Next Article:The good, the bad and the ugly of protecting data in a retail environment--Part 1.

Related Articles
Broadband access: the wave of the future.
Sheer Networks Now Provides Leading Integrated Solution for the Management of IP-VPN Services.
MPLS IP anywhere. (Database and Network News & Products).
Manual Network Configuration Impedes MPLS Network Adoption.
NetLogic Microsystems delivers data plane products for 7670 router-switch platform.
Metrobility Announces 'MPLS-Ready' Fourth Generation of Intelligent Optical Ethernet Demarcation Devices; Newest Solution Enables EFM/OAM Management...
Service automation and dynamic provisioning techniques in IP/MPLS environments.

Terms of use | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters