ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells

Feature Article
March 2000


Internet Telephony Online Exclusive The New Public Network: Building Smart Services Into IP Networks


The purveyors of the new information economy are pushing the edges of business models, content, and communications with fresh new products and ideas. But network service providers (NSP) and Internet service providers (ISP) are grappling with a very old problem: How to differentiate services and create new revenue from established customers.

It's a well-known marketing axiom that it's less expensive to "up sell" an established customer than acquire a new one. Faced with intense competition in the marketplace for network access dollars, NSP/ISPs are casting about for new services and network features that retain and improve revenue per customer. Many see the answer in an emerging public network architecture built around embedding "smart" switches into a service layer over and above the network's basic transport level. This intelligent service layer allows service providers to quickly and cost-effectively deliver new IP-based services and increase revenue streams.

Value-Added IP Services
The new public network will make it easy to deliver a wide range of value-added services. These services include:

  • Network-based VPNs: Using the public network to deliver private networking services;
  • Network-based firewalls: Protecting the consumer customer and small businesses from new and changing threats (for example the recent "Zombie" and Distributed Denial of Service (DDoS) attacks);
  • Broadband access wholesaling: Simplified and cost-effective delivery of broadband customers by access NSPs to ISPs and other value-added network providers;
  • B2B communications: Building virtual trading and partner networks with security and address management to support the burgeoning business-to-business networking;
  • Content delivery: Secure, quality of service-based delivery of entertainment, financial, meetings, and other high-value content;
  • Converged services: Combining voice, video, and data in a seamless network transparent to the users.

The real power of the new public network is its ability to quickly deliver new services with minimal investment in equipment or installation.

Impediments To Service Rollout
While there is a clear need for service providers to roll out new services, the current, prevailing technical architecture does not support scalable, cost-effective service delivery. First-generation service provider VPNs and outsourced firewall services are based on the same customer premise equipment (CPE) architecture that enterprises have used. The only difference is that the service provider now owns and operates the equipment. This approach requires significant service provider investment in equipment, provisioning manpower and ongoing maintenance and management. From the customer's perspective, these services take a long time to be delivered and are generally only incrementally less expensive than alternatives like frame relay services.

To truly scale and meet customers' expectations, service providers need a different network platform that provides improved services, quicker delivery and costs less to deploy.

The IP Service Architecture
This new network architecture is the service layer architecture. The service layer architecture provides an intelligent switching layer that delivers new services from the network rather than from CPE equipment. Figure 1, below, shows a simplified diagram of a new public network based on the service layer architecture.

This architecture presents a new layer in the service provider network that logically separates the access network from the core. This architectural layer supports user-oriented, session-aware services and processing. The service layer contains a new class of networking products called IP service switches. Providers of these types of new generation service platforms include Spring Tide Networks, CoSine Networks, and the Shasta division of Nortel Networks for data services, and Sonus Networks and Convergent Networks for converged voice services.

The IP service switch provides high speed, high touch packet processing coupled with specialized hardware to perform security, QoS, voice gateway, firewall, and other intensive processes. They have multiple types of interfaces and rich protocol support to allow service providers to support any customer interface and multiple access and core technologies. They provide a highly granular packet classification and user classification. Based on this classification, multiple services can be delivered from the same user session. These services might include wholesaling of the user based on RADIUS authentication, encryption services, address management (Network Address Translation), state-aware firewall services, and QoS. Tunnel switching is a new and important service that allows the conversion of any tunneling technology to another. For instance, in a broadband digital subscriber line (DSL) application, tunnel switching would conduct conversion of point-to-point protocol over Ethernet (PPPoE) subscriber sessions into layer two tunneling protocol (L2TP) or IP security (IPSec) connections to allow secure remote access to a corporate intranet.

IP service switches have the high performance, scalability and reliability necessary to support a carrier-based service. Typically, these new switching platforms support tens of thousands to hundreds of thousands of user and site connections. They operate at high performance levels and concentrate the expensive processing elements in one location in the network thus saving costs, maximizing efficiencies, and taking advantage of the statistical properties of use in a network. These services are hosted on highly reliable and redundant processing platforms that provide automatic recovery operations.

The service layer concept greatly enhances service providers' ability to quickly provision and control the use of their network resources. The IP service switches, which comprise the service layer, are typically provisioned using centralized policy servers and management platforms. This provides a new, simplified, and consistent method for provisioning and managing new services. In addition, the services can be automatically downloaded into the switches based on the type and actions of the users accessing the network.

These new switches use directory and policy platforms such as RADIUS, LDAP, and CORBA to control the actions of the switch. These actions can be granular to the individual user or application. IP service switches also typically provide a rich set of statistics, call records and other billing information to meter and monitor the use and performance of the services. By using centralized policy services, IP service switches can support "follow me" services. This allows a user to access the service provider network through any access method (DSL, cable, dial-up, wireless�) and obtain the same services. Figure 2, below, illustrates a typical user session using policy-based provisioning.

Characteristics Of The New Public Network
To be successfully adopted, the new public network architecture built on the IP service layer would have to be characterized by the following:

  • Concentration of "high touch" packet processing in the service layer to improve performance and lower overall network cost;
  • Consistent service provisioning and delivery independent of access technology;
  • Session and user awareness allowing per-user and per-flow services. Examples might be encryption services for certain applications, improved QoS for premium users, and address translation for particular users and networks;
  • Simplified CPE equipment with less cost and complexity at the edge that provides an even richer set of services;
  • Rapid turn-up of new services by simply provisioning the IP service switch with different policies for the user or site;
  • High scalability and concentration, including support for tens of thousands to hundreds of thousands of connections and users per switch.

A Call To Action
The service layer architecture is a major step towards enabling a "smart" network. The benefits and potential revenue enhancements this architecture provides are extremely compelling. The advent of broadband access technologies, outsourced service trends (witness the rise of application service providers), and enhanced online content point to an explosion of network-based services. The right network architecture and infrastructure must be in place to meet the anticipated demand. Most of the forward-looking ISPs, inter-exchange carriers (IXCs), incumbent local exchange carriers (ILECs), and competitive local exchange carriers (CLECs) are deploying or evaluating the IP service switch products and the service layer architecture. The time is now for all service providers to evaluate where and when the service layer architecture fits into their network.

Scott Hilton is director of product marketing at Spring Tide Networks. He is responsible for the product management and strategic positioning of the IP Service Switch product line. Spring Tide Networks is a developer of carrier-class network equipment that enables service providers to offer new revenue-enhancing value-added IP services. By creating a new service layer in the public IP network infrastructure, Spring Tide Networks delivers the network intelligence required for the widespread deployment of network-based IP services such as virtual private networks (VPN) and firewall services. Spring Tide Networks products will evolve today's "best effort" Internet infrastructure into tomorrow's business-quality public IP network supporting a rich set of IP services for data, voice and video applications.

Protocols And Services To Expect From IP Service Switches

Access and core network interfaces:

  • 10/100/1000 BaseT Ethernet
  • Packet over SONET (OC-3, OC-12)
  • SONET based ATM (OC-3, OC-12)
  • Frame Relay (DS3)

User/site network interfaces:

  • Routed IP Traffic
  • PPP over ATM (PPPoA)
  • PPP over Ethernet (PPPoE)
  • Layer 2 Tunneling Protocol (L2TP)
  • Point to Point Tunneling Protocol (PPTP)
  • IP Security and Internet Key Exchange (IPSec/IKE)
  • IP in IP tunneling (GRE)
  • MPLS
  • DiffServ

Routing and switching support:

  • ATM PVCs and SVCs
  • IGP protocols - OSPF and RIP
  • EGP protocols - BGP and IS-IS

Authentication, provisioning and management interfaces:

  • Public Key Infrastructure and Certificate Authorities (PKI/CA)
  • Lightweight Directory Access Protocol (LDAP)
  • SNMP
  • XML

Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas