© 2005 AT&T, All Rights Reserved.
The world’s networking company SM
AT&T Enhanced VPN
Presenter: Sam Levine-866-624-2008 x111
© 2005 AT&T, All Rights Reserved. 2
Agenda IP Networking Presents Choices AT&T’s Network-based IP VPN Connectivity The AT&T Network
• AT&T Global Network (AGN)
AT&T Enhanced VPN Services• Service Features• Benefits• Country Availability • Service Level Agreements (SLAs) - Our Targets• Resiliency Options
VoIP Option Class of Service AT&T integrated Global Enterprise Management System (iGEMS) Managed Services Support Centers Web-based Reporting Integrated VPNs - Value Added Services Wrap UP / Q&A
© 2005 AT&T, All Rights Reserved. 3
Web / App
Server
IP Networking Presents ChoicesNetwork-based IP VPN
Premises-based IP VPN
Integrated VPN
VPN is delivered over the Internet, Public IP or Private IP backbone networks, and requires premises devices and utilizes tunneling protocols such as IPSec, Secure Socket Layer (SSL), L2TP and PPTP.
VPN is delivered over MPLS-enabled backbone and is built in the network cloud.
Enterprise networking often demands a combination of VPNs with flexible access, levels of management, continuity choices and enhanced features. These technologies are complementary, not competing.
AT&T GlobalMPLS Network
Internet
Network BasedFirewall
MPLS VPN
Data Center
Storage
Branch Office
Remote Offices
and Workers
Suppliers/Distributors
Remote Workers
Headquarters
© 2005 AT&T, All Rights Reserved. 4
AT&T’s Network-based IP VPN Connectivity
Local Loop
DSU
VPN IP Transport Management
Managed Network Application Services extend AT&T logical network management to the customer LAN and applications
AT&T Network
PEPE PEPE
VPN with Managed Router and Managed Encryption extends AT&T logical network management to the customer premises
LANLAN
VPN GW
VPN GW
NBFW
NBFW
Internet
LANDSULAN
RemoteAccess
RemoteAccess
RemoteAccess
RemoteAccess
Provides a management continuum of customer managed, hybrid and AT&T managed options
Router
RouterDSU
DSURouter
Router
© 2005 AT&T, All Rights Reserved. 5
AT&T’s Network-based IP VPN Services
AT&T IP Enabled Frame Relay / ATM PLUS Service Provisioned via AT&T Global Network AT&T managed DSU Plan, Design, Deploy and Monitor Environment SLAs to the DSU 24 X 7 Customer Care with Proactive Monitoring DSU Web-based Reporting
Monitoring & Management Choices - Increasing the Value
AT&T IP Enabled Frame Relay / ATM Service Provisioned via AT&T Global Network AT&T Managed Transport only Plan, Design and Deploy environment Network Level SLAs 24 X 7 Customer Care Web-based Reporting
AT&T Enhanced VPN Services Provisioned via AT&T Global Network AT&T fully managed CPE (DSU / CSU and the router) Plan, Design, Deploy and Managed End-to-End Environment Enhanced SLAs to the router 24 X 7 Customer Care with Proactive Management Enhanced Web-based Reporting
Performance Data
Monitoring & Management
powered by iGEMS
Alarms
Alerts
Availability Data
NetworkServices
Transport
Proactive Monitoring
WAN/LANMgmt
Proactive Management
AT&T MPL Private Network Transport Service
Provisioned via AT&T IP Backbone
Customer Managed or AT&T Managed CPE
Plan, Design and Deploy Environment with proactive management capabilities
Network Level SLAs 24 X 7 Customer Care Web-based Reporting
© 2005 AT&T, All Rights Reserved. 6
AT&T Global Enhanced NetworkAT&T Global Enhanced Network
Plus 600+ US POPsPlus 600+ US POPs
• $300M Investment
• Fully Integrated
• Supports All Services
• Common Management Platform
• Global Processes
• In-country Personnel
© 2005 AT&T, All Rights Reserved. 7
Leveraging AT&T’s Global Network Strength
Global MPLS-enabled IP Network at the Core and at the Edge
Industry-leading performance: end-to-end reliability, jitter and latency
Protected by AT&T’s robust Network Disaster Recovery Program
More than 147 countries covered through 7,000+ Remote Access Points
© 2005 AT&T, All Rights Reserved. 8
AT&T Enhanced VPN Services
Ease of Operations• Comprehensive network design• Project management deployment• Edge-to-edge service• Intimate Lifecycle Care• On-line portal for Visibility
Flexible Functions• Any to any connectivity• Transport independent• Classes of Service / Prioritization
Performance• Resiliency options• Availability commitments• Latency commitments• Responsiveness commitments
Enterprise Solution• Single Virtual Global Network• Consistent feature functionality• Converged network
Maint. Modem
MPLS
AT&T
Global Network
Access
Access
PE CE
CE
PE
Customer Site B
Customer Site A
AT&T End-to-End
Management
Access Line
Access LineMaint. Modem
Maint. Modem
CE
Customer Site C
Access Line
Maint. Modem
CE
Customer Site D
Access LinePE
PE
© 2005 AT&T, All Rights Reserved. 9
Enhanced VPN Supports Your NetworkHeadquarters
Overseas Offices
Design Deploy Manage Design Centers of Excellence /
Solutions Center Experienced Engineers and
Designers Define Architecture and Topology
Network and Access Security Hardware/Software
Engineer for Performance and Business Continuity
Service Management (Proactive, Reactive & Predictive)
Single Global Platform ( iGEMS) Performance Management (Network /
Application) Service Level, Availability and
Performance reporting Global Managed Service Support
Centers In-country, in-language help desks
Creation, Execution & Management of Project Plans
Global Procurement & Provisioning Including access connections
Global Configure/Test/Installation Establish & Integrate operational
Infrastructure (performance reporting, web reporting access, etc.)
Trained Professionals using Proven Processes (3,500 global individuals)
Remote Workers
Suppliers
Global Remote Access
Networking
End-to-EndBusiness
Application View
MPLS Core (Traffic
Prioritization) AT&T Global Network
Branch Office
Increasing levels of management support to meet your needs
© 2005 AT&T, All Rights Reserved. 10
Service Features
AT&T Global Network• Globally consistent seamless network• Available in 60+ countries • Access independent• Uniform, Global, MPLS-enabled
Any-to-Any connectivity• Using MPLS in core and at the edge
Predicatable Performance (QoS)• Multiple Classes of Service supported to
accomodate all types of applications
Security• MPLS inherent security on par with Frame Relay• Additional optional AT&T Security Services
High Performance Network• Industry-leading Service Level Objectives
(SLOs) / Service Level Agreements (SLA)• Back-up and Resiliency Options
End-to-End Management• Comprehensive network solution design
leveraging AT&T engineering and operational expertise
• Project and deployment management utilizing global tool set to develop, document and drive implementations globally
• Proactive network management with leading edge iGEMS tool
Web-based Reporting• Layer 3 reports (IP level)
Simplicity of One Stop Shop• One contract, one price schedule, one
servicing model deployment / operation / customer care, one bill
Multimedia-enabled• Supports Voice-over-IP and other applications
Global Help Desk Support - 24X7• Regional Helpdesks supporting multiple
languages
© 2005 AT&T, All Rights Reserved. 11
Benefits of AT&T Enhanced VPN Global Coverage - Provides ease of global implementation among all locations with consistent feature
functionality so that each location, no matter where in the world can perform the same tasks.
Management Continuum - Network facilities, network management and monitoring on a 24x7 basis ensuring network reliability and availability and reduces cost of ownership in network technology, thus improving return on investment within the network.
Cost Efficiencies - AT&T managed services provide cost savings in the recruiting, training and maintenance of head count. Costs are reduced with a fully meshed network, with no need for large bandwidth and CPE at a Hub site, plus flexibility of bandwidth / CPE can be up- or down-graded for minimal charge. IT budgets are slashed, but return on your communications are up.
One-Stop-Shopping - For global ordering and implementation, with in-country support providing ease of implementation saving time and assuring network productivity and your productivity since you do not need to keep track of many vendors - only AT&T.
Flexible, Robust Network Architecture - MPLS-based network architecture provides any-to-any connectivity allowing for a unified connection for intranet, extranet and Internet access for constant communications among all locations without the burden of configuring numerous PVCs allowing for operational and cost efficiencies.
Simplified Pricing and Packaging - Providing consistent monthly recurring charges for ease of budgeting, accounting, and reconciliation, enabling operational and cost-efficiencies.
Service Level Agreements - Available for standard solutions provide assurance that the network will perform as required. Reduced down time keeps productivity up.
© 2005 AT&T, All Rights Reserved. 12
Benefits of AT&T Enhanced VPN Operational Efficiencies - Divisions working together, information received faster and direct keep
organizations working smarter not harder. Project Implementation Managers (PIMs) oversee the implementation of your network and provide you updates, your network is installed faster - your communicating sooner and productivity is increased. Moves, adds, changes and deletes within your network happen faster, keeping your network streamlined. Reconciliation of invoices completed faster because there is only one vendor, one invoice to reconcile. Operational efficiencies that keep your bottom line healthy.
Application awareness - Allows you to define the priority of different applications and assign the appropriate Class of Service to each application at every location enabling a single network to accurately and consistently prioritize traffic, ensuring the delivery of higher priority traffic ahead of lower priority traffic.
Superior scalability - Significant reduction in effort and time to install to add new locations, including the CPE, in a comparable meshed frame relay network allowing the network to change as your company does.
Flexible access options - Simplification and flexibility of access options provides you with the ability to connect your remote workers and branch offices to headquarters.
Increased security - MPLS provides for greater security through the creation and assignment of unique VRF tables to your individual VPN ensuring secured networking - no one but those your want to get your information.
Simplified transition - A simple and efficient way to transition from more traditional data networking to IP-enabled networking or from unmanaged to managed service providing operational and cost efficiencies.
© 2005 AT&T, All Rights Reserved. 13
Country Availability - VoIP Option
Latvia, Liechtenstein, Lithuania, South Africa, Turkey and Ukraine available via custom bid
ArgentinaAustraliaAustriaBelgiumBrazilBulgariaCanadaChileChinaColombiaCroatiaCyprusCzech RepublicDenmarkEcuadorEstonia
FinlandFranceGermanyGreeceHong KongHungaryIndiaIndonesiaIrelandIsraelItaly
PortugalRomaniaRussiaSingaporeSlovak RepublicSloveniaSpainSwedenSwitzerlandTaiwanThailandUnited KingdomUSAVenezuela
JapanKorea (South)LuxembourgMalaysiaMexicoNetherlandsNeth. AntillesNew ZealandNorwayPeruPhilippinesPoland
© 2005 AT&T, All Rights Reserved. 14
Standard Plan SLAs – The Targets
Time to install• Set by PIM + customer, dependent
on country, type router, line speed etc.
Time to implement SW Change (Move, Add, Change, Delete)
• Set by PIM + customer, dependent on complexity of change
Time to implement HW Change (Move, Add, Change, Delete)
• Set by PIM + customer, dependent on complexity of change
Site availability• Up to 99.99%, dependent on
backup options, country
Site to site latency• Dependent on country endpoints,
tail circuit size and CoS
Site to site packet delivery• Dependent on country end points
and CoS
Time to restore• Generally 4 hours, dependent on
country and backup
© 2005 AT&T, All Rights Reserved. 15
Resiliency Options
Resiliency Options• Resiliency Option 1: Single Router, Single Access Line and ISDN• Resiliency Option 2: Single Router, Dual Access Line• Resiliency Option 3: Dual Routers, Single Access Line (Optional ISDN)• Resiliency Option 4: Dual Routers, Dual Access Lines
© 2005 AT&T, All Rights Reserved. 16
VoIP Option: Value Added Support for Your Applications
VoIP on EVPNVoIP on EVPN
BranchBranch
PSTNPSTNKeyKey
VoiceGatewayRouter
E&M
T1/E1 with CAS
VoiceVoice
V+D
AT&T Management Center•VoIP Technical Assistance•Centralized dial plan•Internal QoS auto ticketing by the center•Web call detail reports•Calls rated for VoIP quality by NPR customer report
Home OfficeHome Office
V+DVoiceGatewayRouter
PBX
© 2005 AT&T, All Rights Reserved. 17
IP Applications
VoIP ERP Multimedia VPN WWW
Low LatencyLow Bandwidth
Latency TolerantBursty Bandwidth
Non-Uniform Network Traffic demands Traffic Management
© 2005 AT&T, All Rights Reserved. 18
How AT&T Achieves Class of Service
ClassificationClassification of packets into different
lists is done in the customer router based on customer requirements
MarkingControls the amount of traffic accepted
for each class
PolicingDiscards the excess traffic
Traffic ShapingQueues the access traffic
Fair QueuingProvides minimum bandwidth guarantee
to each class. One queue used for each class
Congestion mechanismIn case of congestion, traffic of the
lowest priority class is discarded first
By applying several techniques in the customer site routerbecause this is where most of the problems take place ...
... combined with QoS information from the network core.
© 2005 AT&T, All Rights Reserved. 19
Network-based IP VPN Class of Service Structure
Port
PVC
PVC bursting to port speed
Frame Relay Model – Port, PVC
Port
CoS 4
CoS 3
CoS 2
CoS 1CoS bandwidth allocation applied at port level
Network-based IP VPN Model – Port, CoS template option
© 2005 AT&T, All Rights Reserved. 20
Differentiated Classes of Service
Traffic Class
Traffic Type Suggested Examples
CoS 1 Designed to carry real time applications
Voice over IP , high speed video
CoS 2 Designed to carry critical business applications
Transactional applications, videoconferencing
CoS 3 Designed to carry standard business applications
Database applications, commercial business applications
CoS 4 Designed to carry general business applications
File transfer, batch, e-mail, Web browsing and database replication
Burst to Port available on Class of Service CDRs (Commited Data Rate)
© 2005 AT&T, All Rights Reserved. 21
Seamless Network ManagementAT&T‘s agile Global Enterprise Management System (iGEMS)
• Converged managed services platform
• Supports the full range of AT&T Services
• Reactive, proactive and predictive network and systems management
• Allows AT&T to deliver application-specific SLAs with end-to-end visibility (only provider in industry to do so)
• Executes more than 100 different third-party management applications
• Correlates and pinpoints alarms for faster diagnosis and resolution.
© 2005 AT&T, All Rights Reserved. 22
Service Centers at a Glance
• Global Deployment
• Highly skilled networking professionals
• 7 X 24 X 365 Support
• Access to “best in class” technology partners & suppliers
• Access to the next generation networking professionals through local labor force and universities
• Integrated Technology Platform
• Common Processes
Amsterdam, NLAmsterdam, NL
Birmingham, UKBirmingham, UKPhoenix, AZPhoenix, AZ
Toronto, CanadaToronto, Canada
Alpharetta, GAAlpharetta, GA
Redditch/Vilvoorde/EhningenRedditch/Vilvoorde/Ehningen
Mitaka/SydneyMitaka/SydneySao PaoloSao Paolo
Durham/Tampa/SchaumburgDurham/Tampa/Schaumburg
© 2005 AT&T, All Rights Reserved. 23
Global Managed Services Support Centers (MSSC) Qualified, Trained Professionals
90% of Tier 2 Techs have one certifications, 24% have 2 or more of the certifications, 11% of the org has 3 or more certifications
Cisco certified: CCNA, CCNP & CCIE 7.5 average years of experience for Tier 2 support
Dedicated trained Network Performance Group • High level dedicated Tier 3 Techs with areas of expertise
– Strong in-depth SNA expertise
• A number of Level 2 teams exist to support the MSSC within AT&T within their areas of expertise: – NetTech – Provides logical router, config support and troubleshooting– NetPerf – Provides router PD on throughput issues – IP Network Ops – Supports the infrastructure for the Network security and access– Change Team – Responsible for implementing scheduled changes to customer routers – DIALSW – Remote Access end-to-end support– LIGSUP2 – Remote Access gateway technical support
Real-Time Call and Problem Management Systems• 24-hours-per-day, 7-days-per-week with live call specialists / Technical Support answers the call• On-line Website for Incident Submissions / Updates
– Electronically bonded to customer, requiring userid and password– View progress reports on-line
© 2005 AT&T, All Rights Reserved. 24
Global Helpdesk Support
Managed Data services presently provides Regional helpdesks supporting multiple languages
Network Management 24-hours-per-day, 7-days-per-week Integrated Processes, procedures and tools
• Standardized Ticketing
Defined escalation process SPOC, Single point of issue ownership / resolution
© 2005 AT&T, All Rights Reserved. 25
AT&T BusinessDirect® - Personalized Home Page
A single view on all AT&T services
Uses iGems technology to underpin multiple different services
Current Tools & Messages
Site Management
New Services & Announcements
Alerts!
Secure customized view into your managed infrastructure
Service Line specific - Network Topology Maps; Performance Reporting; Ticketing and Ordering
© 2005 AT&T, All Rights Reserved. 26
Monthly Overview Reports • Backbone Measurements
– Availability/Latency/Reliability measured around the clock
• Site Availability– Average site availability for all attached DTEs for the month
• Site to Site Latency by CoS– Average packet delivery measured between qualifying site pairs by CoS
Accessed from iGEMS Global Measurements System• Traffic Usage by CoS
– Regular Polling, reporting measurements and exceptions for each CoS per site connection
• Traffic Behavior by CoS– Report lists measured CoS distribution compared with contracted rates
• CE Statistics– Access Link– Access Method (ATM, Frame Relay)– CE Router Performance– LAN Port
• Exception Reports– Measurements compared with thresholds
• Forecast Reports– 30/60/90 day projections based on historic data
Standard Web-based Reports
© 2005 AT&T, All Rights Reserved. 27
Gold Plan Web-based Reports
All Standard Level Reports Network operation
– Site Availability– Site to Site Response Time by CoS– Site to Site Packet Delivery by CoS
Installation and change– On Time Installation of New Site– On Time Physical Change (hardware)– On Time Logical Change (software)
• Service restoration (available only in the U.S.)
© 2005 AT&T, All Rights Reserved. 28
Integrated Enterprise VPN - Value Added Services
Data Center
Customer
Branch
AT&T GlobalNetwork
AT&T Internet Data
Center
Internet
Storage
Web / App Server
Ultra-AvailableRing
Supplier
VPN Remote Access
Network BasedFirewall
Managed Router
Web SiteManaged Firewall
VoIP
MPLS VPN
Intrusion Detection
VPN Remote Access
Application Performance Mgmt Voice over IP / LAN Telephony Content Hosting Storage Management
Security Management Managed Firewall Managed Authentication Intrusion Detection Anti-Virus Scanning
Transport / Access Private Line Frame Relay / ATM Remote Access
© 2005 AT&T, All Rights Reserved. 29
Customer Scenario Enhanced VPN
Business Challenge
Solution
Client Benefits
• To rapidly replace the existing FR network by the end of March 2002
• Common network for all divisions with quality of service and to support future services, technologies and requirements
• Compliant with existing US network
• 140 sites connected to the AT&T MPLS backbone based on EVPN service.
• Four global applications centers connected to MPLS network.
• All divisions connected to MPLS backbone.
• Open and flexible architecture that meets current needs of migration and future evolution.
• Meets Sara Lee's functional, operational, global and budgetary requirements.
Company Information
Sara Lee Corporation is a global manufacturer and marketer of high-quality, brand-name products for consumers throughout the world. With headquarters in Chicago, Sara Lee Corporation has operations in 58 countries and markets branded products in more than 180 nations. The corporation employs 141,500 worldwide. In EMEA, Sara Lee operates 4 separate divisions. (http://www.saralee.com)
Hundreds of locations connected via fully managed EVPN service
Americas
• Operations in 58 countries
• Markets branded products in more than 180 nations
• 141,500 employees worldwide
EMEA & Asia/Pacific
External Reference YES
© 2005 AT&T, All Rights Reserved. 30
Customer Scenario Enhanced VPN
Company Information
External Reference YES
Business Challenge
Solution
Client Benefits
• Global expansion created the need for seamless flow of data and other critical information across all locations
• Simplifying the frame relay infrastructure of LafargeNet was a strong requisite
• Internet Protocol Virtual Private Network (IVPN) connections for remote sites and AT&T Managed Data Network Services (MDNS) and MPLS based services (EVPN) for critical appli. & main locations
• 50 sites being connected to the Lafarge hub in 26 countries on all 5 continents
• Worldwide network connectivity • Security policy protecting the LafargeNet
against any unwelcome intrusion• High-performance multi-protocol solution
(EVPN) that supports all kinds of business applications and any to any connectivity
• Connectivity solution in countries without a local AT&T presence with IVPN
• Hybrid VPN to meet different specific needs• Flexible billing
Lafarge is the world's leading producer of building materials. The Group holds top-ranking positions in each of its four divisions: Cement, Aggregates and Concrete, Roofing, Gypsum. In 2001, Group sales amounted to €13.7 billion. With a workforce of 83,000 people, Lafarge is now present in 75 countries. Lafarge offers all construction industry sectors - from architect to tradesman, from distributor to end user - a comprehensive range of products and solutions for each stage of the building process. (http://www.lafarge.com)
Americas
All locations connect to LafargeNet Hub
EVPN, MDNS Frame Relay & IVPN services
12 EVPN connections
EMEA
Lafarge North America - largest diversified construction materials company and supplier of cement, aggregates and concrete in the U.S. and Canada
1 EVPN site in Canada
Lafarge, a world leader in building materials that is active in 75 countries, and employs more than 85,000 people.
Worldwide
Global MDNS Frame Relay Service in
Japan, Singapore, Thailand 1 EVPN site in Singapore
Asia Pacific
AT&T was instrumental simplifying the global infrastructure of Lafarge’s intranet (LafargeNet)AT&T was instrumental simplifying the global infrastructure of Lafarge’s intranet (LafargeNet)
© 2005 AT&T, All Rights Reserved. 31
Enhanced VPN Offers End-to-End Management
• Responsive to your Networking Needs– Perform as internal telecommunication / IT
Department acting like an extension of your personnel
– In-country, in-language technical help desk support
• Historical and Near Real Time Reporting– Extensive Performance and Service Level
Reporting– Common, Unified way to Interface with AT&T
Business
• Experienced Engineering and Operations
Personnel – Network design and consultation
– Solutions Centers – Installation and implementation project
management globally
• Proactive and Predictive Network Management
– Continuous 24x7x365 proactive monitoring with notifications via phone, e-mail or pages
– Fault management– Auto detection tools that receive alarms
on the network and CPE– Automatic maintenance tickets
generated with resolution notification– Enhanced SLAs offering proactive credits
© 2005 AT&T, All Rights Reserved. 32
What the Analysts are Saying
“AT&T is the best in the VPN business …,” demonstrating a “future-proof global VPN architecture,” an extensive breadth of offerings with SLAs to guarantee service
IDC rates AT&T top of all US IP VPN managed carriers for market share, performance, and leadership
AT&T awarded top ratings of all IP VPN carriers for global reach and leadership in IP VPN functionality
AT&T IP VPNs rated “Best in Class” by Telemark based on survey of multi-national corporations
© 2005 AT&T, All Rights Reserved. 35
iGEMS Processes: Disciplined Delivery of Predictable Performance Rigorous Proven Processes
Application Due Diligence & Stress Testing
Service Level and Configuration Engineering
Project, Change, Capacity, Configuration & Inventory Management
Customer Acceptance Testing
Operational Metrics
Time to Respond
Time to Restore/Repair
Proactive & Predictive Fault Management
Availability Monitoring & Management Application Performance Management Quick Fault Isolation & Performance Restoration Ticketing & Escalations Rapid Root Cause Analysis End-to-End Service Views Performance Analysis & Consulting