network design wp final
TRANSCRIPT
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 1/12
WhitePaper
Integrating Network Design with Continuity and Production Concerns to Ensure
Information Availability
SunGardAvailability Services
White Paper Series
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 2/122004
2
SunGard Availability Services White Paper Series
Letter from the Group Chief Executive Officer It’s no exaggeration to say that the communications infrastructure is the lifeline of the modern enterprise.
But when it comes to information availability planning, this precious organizational resource is widely misunderstood and too often underestimated. Programs rarely include the level of consideration necessary for primary and secondary production networks or recovery networks.
While the myriad of physical threats—from cyber attacks and terrorism to natural disasters—are outof your immediate control, they can be especially detrimental to your network connection. But, very few organizations can survive more than a few minutes of sustained downtime to their data communications.
So, what’s your plan if your network carrier goes down? And, do you know what your plan shouldbe, given your current business requirements? The best alternate sites, emergency management plans andrecovery testing in the world can’t make up for a lack of a continuous data communication link. In orderto address your thresholds for diversity, redundancy and recoverability, then, your information availability program must thoroughly examine and address network dependencies and realities.
We’ve asked our resident expert and Manager of Network and Security Product Development, ScotLeVan, to speak about this critical issue. The result is this paper, which outlines best-practices-based,step-by-step advice on evaluating, deploying and maintaining a continuously available network. We hope Scot’s insight will provide a better understanding of your production availability concerns
surrounding communications strategy and design. And, we hope that will go a long way in ensuring a comprehensive approach.
Sincerely,
Jim SimmonsGroup Chief Executive Officer, SunGard Availability Services
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 3/12
Overview Your network is absolutely essential for the
data, image and voice communications that make
your business run. It’s not farfetched to plan
for a prolonged outage. They do occur and are
crippling to organizations. However, even theslightest blip could be costly. Moreover, because
network connections support virtually all
automation and technology, they should be
of very special concern.
In other words, you are especially vulnerable
when it comes to your network. (It’s called the
backbone for a reason.) And, your information
availability plan is not complete if it doesn’t
address safety and failover issues, in addition to
recoverability and communication between theprimary and secondary sites.
To ensure comprehensive information
availability, you must take a proactive look at your
network and address business continuity (BC)
and disaster recovery (DR) within your architecture
configuration. You should start by comparing and
contrasting your overall information availability
goals with your existing network strategy and
design. Using your goals for recoverability, pro-
duction availability and cost effectiveness as yourguide, you can elevate your strategy for optimal
redundancy, diversity and recoverability.
Understanding The TermsNowhere in all of BC and DR are the terms
“diverse,” “redundant,” and “recoverable” more
important or misunderstood than in the world
of networking. But without a firm grasp of the
concepts, you cannot implement a comprehensive
program for continuous network availability.
Redundant (backup) networks and access points
provide failover capabilities, but make no accom-
modation for divergent technology. Thus, the
failover itself is not necessarily safe.
Diverse means different and dictates that there is
fundamental dissimilarity between features and
technology. Diverse access, for example, comes
into different sides of a building, thereby ensuring
that the redundancy provides an added measure
of safety.
Recoverable means capable of being resumed or
regained. Diversity and redundancy are key to
ensuring recoverability, but their main function is
to help avoid being in recovery mode in the first
place. It shouldn’t be your first line of defense to
recover any part of your infrastructure—but most
especially your data communications link. In fact,
network recovery should be your last resort, and
adequate diversity and redundancy are key
to prevention.
Integrating Network Design with Continuity and Production Concerns to Ensure Information Availability
2004
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 4/122004
4
SunGard Availability Services White Paper Series
Dedicated point-to-point
Although fairly easy to deploy and maintain
if configured properly, point-to-point (P-to-P)
networks are notoriously difficult to recover and
require more hardware to support. To compensate,
they must be fully diverse in order to be recovered,
making the technology very expensive in the end.
It’s fairly easy to deliver a diverse network using
point-to-point, however, because you can configureit using different access points and different carriers
for connectivity.
Of course, you need to make sure there is diver-
sity in the access points and carriers for this costly
approach to have any real value. And whatever sav-
ings you derive from linking points in fairly close
proximity, you risk sacrificing by way of real region-
al diversity. Furthermore, P-to-P is most often deliv-
ered on a provider backbone that is ATM or frame
relay, making the configuration entirely dependenton another technology.
Expert insight It is important to remember that circuits are not
diverse if they are traveling the same path and mostbuildings or local exchanges use the same paths or
common access points. To create diversity with
P-to-P, however, redundant circuits must run
through a structure in entirely dissimilar ways and
use two different points of presence (POPs)—and
not traverse anywhere on their paths. That means,
it is very expensive to support full diversity and
redundancy with P-to-P. Moreover, it is difficult
to setup and maintain a converged infrastructure
(voice, video and data that traverse the same
common infrastructure or travel via TCP/IP.)
Recommendations Perform a diversity check on your P-to-P
network, looking for distinct carriers and paths
and/or ask your carrier(s) to provide evidence of
this via an engineering study.
A cost-effective and prudent tactic for time of
test or disaster would be to redirect your P-to-P
circuit to a recovery facility using a third-party,
protocol-independent network. This on-demandapproach offers significant savings over a redundant
dedicated network solution, while providing the
same level of safety and assurance.
Overall rating: ★ ★ ★
Deployment
Redundancy Diversity
Recoverability
★ ★ ★ ★
★★★
★ ★ ★
★ ★
Network Design ChoicesMake no mistake about it. Your network design will directly affect the continuity and recovery of your business.
As a result, the redundancy, diversity and recoverability of your design options should be thoroughly examined as
part of any business decision that relies on technology. And if they have not been considered prior to implemen-
tation, these and their related issues should be revisited in order to ensure an optimal configuration.
Here, SunGard presents best-practices advice to balancing the relevant concerns—with a discussion on
current design alternatives, in addition to considerations for evaluating, deploying and maintaining an
operationally resilient network.
“Although fairly easy to deploy and maintain if configured properly, point-to-point (P-to-P) networks are notoriously difficult to recover and require more hardware to support.”
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 5/12
Integrating Network Design with Continuity and Production Concerns to Ensure Information Availability
2004
Frame-relay/ATM
While frame-relay and asynchronous transfer
mode (ATM) technologies are in and of themselves
extremely cost effective, making them redundant
and diverse is decidedly not—and often cost
prohibitive. Although they support point-to-multi-
point connectivity (allowing communication from
one to many on the same physical circuit), full
diversity of frame-relay and ATM means duplication
on two different network carriers with differentPOPs. Moreover, the technologies necessitate
duplication of your permanent virtual circuits
(PVCs) to a secondary data center and/or
dedication of your PVC to a back up site.
That being said, frame-relay and ATM are very
easy to recover, because most carriers have written
scripts to redirect PVCs to alternate sites in the
event of a failure. In other words, recoverability is
already programmed into the technology and simply
needs to be activated by the end-user. And sinceframe and ATM networks have quality of service
(QoS) associated with them, it’s also easier to deploy
a converged infrastructure with these technologies.
Each PVC can be set up to employ the QoS and
prioritize order of attention for traffic. Finally, both
support point-to-multi-point solutions. These fea-
tures make frame and ATM less expensive to deploy
than point-to-point networks.
Expert insight It is difficult and expensive to make frame/ATM
networks diverse and/or redundant. To achieve
redundancy, there must be two frame circuits at
every location, which doubles the expense. To
achieve diversity, there must be a totally separate
frame provider or a secondary technology (i.e.,
Internet VPNs, MPLS or P-to-P) for back up.
This will certainly add significant cost, but could
be cheaper than using a completely secondary
provider. Of course, use of a single provider means
your stability is entirely dependent on its availability.
Recommendations The optimal recovery approach for frame-relay
and ATM would also be a redirect of your circuit
to a recovery facility using a carrier’s Redirect or
Disaster Recovery Option (DRO). Look at how to
deploy alternate technologies (i.e., Internet VPNs,
MPLS or P-to-P) to help reduce the cost of a fully
redundant and diverse Frame Relay/ATM network.
Overall rating: ★ ★ ★ 1/2
Deployment
Redundancy
Diversity Recoverability
★ ★ ★ ★
★★
★ ★
★ ★
★
★ ★ ★
“While frame-relay and asynchronous transfer mode (ATM) technology are in and of themselves extremely cost effective, making them redundant and diverse is decidedly not—and often cost prohibitive.”
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 6/12
Internet VPNs
On the surface, Internet VPN networking is the
most inexpensive. After all, the network itself is
“free” and it is fairly easy to deploy. Any organ-
ization with an Internet connection and a firewall
can create an Internet VPN network by simply
adding the necessary IP security tunnel (IPSec).
No new licenses or hardware are required.
And although diversity and redundancy are notintrinsic in the option, they are easy to configure in.
By adding one additional Internet service provider
(ISP) from a diverse POP and extending band-
width, an organization can achieve Internet VPN
diversity and redundancy. And recovery is as simple
as changing configurations to a new location, which
is very easy and very quick.
But, using an Internet VPN for communication
means you assume the inherent risk of the
Internet—and it is not yours to control. The tech-nology is “best effort” and provides no guarantees,
making your network the same by definition. The
Internet routes data the best way it possibly can—
based solely on traffic—and with no hierarchical
prioritization. That is not to say, however, that the
approach lacks security. To compensate for its “wide
open” nature, the Internet includes IPSecs, which
are encrypted and helpful in recovery mode. All
you need is access to the Internet and the ability to
configure the IPSec tunnels.
20046
SunGard Availability Services White Paper Series
Expert insight It is difficult to support a converged infra-
structure on Internet VPN, because there is no
QoS or class of service. As such, all IP packets getthe same priority.
And although easy to deploy and maintain—
and always cheaper for smaller networks—the
technology becomes cost prohibitive within larger
architectures.
Because Internet VPN cannot support dynamic
routing—only static routing—automatic failover is
impossible.
Recommendation For recovery purposes, you should deploy dual
diverse Internet providers and maintain a multi-
homed environment to dynamically recover outages
on one provider’s network. You should also consider
locating backup systems at an alternate site and
performing load balancing between the primary and
secondary location.
“On the surface, Internet VPN networking is the most inexpensive. And although diversity and redundancy are not intrinsic in the option, they are easy to configure in.”
Overall rating: ★ ★ ★ 3/4
Deployment
Redundancy
Diversity Recoverability
★ ★ ★
★★★
★ ★ ★
★ ★ ★ ★ ★
★
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 7/12
Private MPLS
Although it has been around at least five years,
multi-protocol label switching (MPLS) is just now
taking off. Because it’s based on Internet Protocol
(IP), there is a perceived security issue—and it
is not yet widely available. However, this point-
to-multipoint option, which is also known as
IP-enabled Frame and Private IP VPN, does not
require multiple PVCs for multiple access points.
As a result, it is less expensive to use than framerelay and ATM technology, but as secure as these
technologies.
It is both difficult and expensive to make MPLS
networks diverse and/or redundant. To achieve
redundancy, there must be two circuits at every
location, which doubles the expense. To achieve
diversity, there must be a totally separate MPLS
provider or a secondary technology (i.e., Internet
VPNs, frame relay/ATM or P-to-P) for back up.
This will certainly add significant cost, but could becheaper than using a completely secondary provider.
However, using only one provider means your
stability is entirely dependent on its availability.
Expert insight Private MPLS can be a self-healing network if
it is designed properly, making it easy to recover.
In addition, it is easier to deploy a converged
infrastructure with this technology, because it has
class of service (CoS) associated with it.
Recommendation You should deploy dual diverse MPLS providers
and allow the network to dynamically recover outages.
Look at how to deploy alternate technologies (i.e.
Internet VPNs, frame relay/ATM or P-to-P) to help
reduce the cost of a fully redundant and diverse
MPLS network. It is also prudent to consider
locating backup systems at an alternate site and
load balance between them.
Integrating Network Design with Continuity and Production Concerns to Ensure Information Availability
2004
Overall rating: ★ ★ ★ 1/4
Deployment
Redundancy
Diversity Recoverability
★ ★ ★
★★
★ ★
★ ★ ★ ★ ★
★
“Private MPLS is less expensive to use than frame relay
and ATM technology, but as secure as these technologies.However, it is both difficult and expensive to make MPLS networks diverse and/or redundant.”
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 8/12
Ensuring Operational ResilienceOperational resilience is about continuous pro-
duction and uptime and the goal of all continuity
and recovery plans. And, maintaining information
availability—constant, uninterrupted access to
critical data—is the underlying motivation forsuch a goal.
In order to determine your optimal networking
technology for your desired level of operational
resilience, you must identify your information
availability objectives and requirements, in
addition to the locations that you need to connect.
Upon doing that, you should have the necessary
data for a risk profile, which will help you
determine your strategy for both the primary
connection and a diverse connection—withregard to deployment, redundancy, diversity,
recoverability, technology and expertise.
The ultimate aim of such an exercise is for you
to get a grasp of the gaps that exist between your
production needs and your current capabilities
and strategies. Whether that is presented as a list
or diagram is not nearly important as the areas
and issues you examine. While we have focused
here on the communications, your entire IT
infrastructure—each component individually and all components together and in relation to
the network—should be of concern. At the very
least, you need to evaluate:
• Platform processors
• Applications by platform
• Tiered applications
• Applications by business processes
• Network diagram
• Business function by business areas
Conclusion—Are You Prepared?High-speed connectivity for data, image and
voice communications has become as fundamental
to business as power and water. And because it
is the foundation of your external link, it’s even
more important to your longevity. With anunprecedented level of criticality that only grows
with technological improvements and dependence,
you must absolutely ensure that your network will
be available when you need it.
To that aim, SunGard provides key areas for
your consideration in developing a comprehensive
information availability plan:
Deployment
How much do you want to/can you spend toachieve the desired levels? What is your threshold
for a sustained network outage? How did you
calculate it and how is it reflected in your network
strategy? How many end locations have to come
back to data centers? Has your deployment
approach made your network stability entirely
dependent on parties and technologies that are
entirely out of your control?
Redundancy and diversity
What is required to have more than oneconnection and applications in more than one
place? Will your chosen approach have redundancy
configured in? If not, how can you achieve it?
Have you configured differing access points and
different carriers into your architecture? Have
you achieved any geographic diversity in your
approach? Have you thoroughly examined the
paths your carrier and circuits are taking—and
rectified any problems? What will it cost you to
not have guaranteed connectivity for the business?
Do you have multiple (rather than common)access points for your multiple connections?
20048
SunGard Availability Services White Paper Series
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 9/12
Have your local carriers proven the diversity of
your circuits with independent engineering stud-
ies? Have you examined and addressed the need
for multiple points of presence in your network
architecture? How about duplicate PVCs? Have
you explored adding frame circuits and providers?
Recoverability How critical is it that end users have access
to main systems and applications? What are the
main systems and applications in order of priority?
How dependent are they upon network commu-
nications? Is your primary site technology
recoverable to your backup site? Have you
implemented a plan that utilizes a protocol-
independent network? Have you leveraged the
scripts in your existing networking technology?
Technology How would you like to provide the connectivity
at your primary site? Can you afford it? Can you
really afford it—when you consider redundancy
and diversity issues? What network technologies
are actually available in your location? Have you
considered the specific security concerns? Is there
QoS/CoS associated with your technology choice?
Does your current architecture support your
future plans for convergence?
Expertise What skills/knowledge will you need to
maintain your desired communications infra-
structure? How much more expensive does that
make the configuration?
Finding an Experienced Partner It’s no small task to design and maintain a
network that supports information availability,helps avoid recovery mode, and is, in fact, easy to recover when necessary. Often, organizationsbenefit from expert, third-party assistance. Whenseeking a partner, consider firms that offer extensiveexperience in business continuity planning,disaster recovery and managed services.
SunGard delivers a complete array of servicesto help organizations assess risks, integrate network strategy, business continuity and disaster recovery plans, continually test and improve informationavailability plans, and implement them for fullrecovery. SunGard’s team of communicationsand availability experts help eliminate identified
concerns through targeted risk mitigation services, which address such issues as strategy, policy andprocedure, configuration design and network monitoring and recovery. In short, we help clientselevate their thinking and plans by incorporating critical network considerations.
SunGard’s Business and Technology Profileservice can help you understand both of theseenvironments. By correlating functional areas tospecific technology requirements, you can developa more effective information availability strategy. You can also identify potentially dangerous gapsbetween your production environment and yourcurrent IA capabilities.
The SunGard Global Network is a protocol-independent, multi-continental, dedicated network designed to meet your complete recovery, elec-tronic vaulting, testing and production needs andform the basis of an extremely reliable, one-stopsolution that can shorten your recovery window.
Integrating Network Design with Continuity and Production Concerns to Ensure Information Availability
2004
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 10/12
Features include:
• 25,000 miles of network backbone and
more than 48 points of presence (POPs) for
subscriber connections
• Rapid restoration of Internet-based functions• 24/7 staffing and monitoring services
• No additional usage fees for testing
• Highly flexible connectivity options that
accommodate specific business needs
• Single point of contact for disaster declarations
SunGard also offers a full suite of services that
leverage the SunGard Global Network and help
customers recover more quickly, securely and
cost-effectively. To this aim, we offer:
• Net ReDirect, where SunGard forwards your
circuit to the desired recovery facility via a
single, protocol-independent connection that
can be linked anywhere.
• Web ReDirectSM, where SunGard rapidly
re-establishes your critical Web-based functions
and provides direct connectivity to 90% of the
Internet via a Private Internet eXchange (PIX)
architecture.
• 10/100 LAN Bridging, where SunGard seam-
lessly connects multiple recovery facilities, so
your network functions as if all your systems
were directly connected through a hub or
switch.
• V*NetSM, A SunGard Private Network Service,
where SunGard provides a virtual network
architecture that integrates access to major net-
works and ISPs in order to allow you to leverage
carrier-class equipment at a fraction of the cost.
About SunGard Availability Services
From initial assessments and plan developmentthrough execution and ongoing management,SunGard Availability Services offers a one-stop
source for helping organizations integrate risk management and incident response into theirinformation availability plans.
SunGard Availability Services delivers solutionsto support information availability—keeping peopleand information connected no matter what.Information availability requires not only technology, but also people, processes and physicalinfrastructure. Therefore, SunGard offers a fullcontinuum of professional services, managed services and business continuity solutions:
• From assessing needs to designing solutions,
our professional services help clients address
availability challenges. We deliver information
security, high availability and business continuity
services, as well as services designed to help
clients address regulatory requirements.
• SunGard’s managed services provide a secure,
reliable environment to host mission-critical
systems and applications. Offering a full
portfolio of outsourcing and support services,
SunGard gives clients the option of point or
turnkey solutions.
• With one of the most extensive infrastructures
in the industry, SunGard also delivers business
continuity services. From traditional hotsites
to leading-edge high availability solutions, our
offerings enable clients to meet availability
requirements.
SunGard Availability Services is an operating
group of SunGard (NYSE:SDS), member of the Fortune 500. With more than 25 years of experience helping organizations ensure informationavailability, we are uniquely positioned to providevendor-independent recommendations and solutions.For more details on our services, visit our website at www.availability.sungard.com orcall 1-800-434-0002.
200410
SunGard Availability Services White Paper Series
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 11/12
Integrating Network Design with Continuity and Production Concerns to Ensure Information Availability
2004
AuthorsContributing Editor:Scot LeVan, Manager, Network and Security Product Development
Scot’s extensive networking background includesmore than 15 years of design, development,testing, installation and support of the variouscommunications technologies mentioned in thispaper. He also has managerial experience developing and implementing customer networks in supportof SunGard's Managed Network Services andtheir individual disaster recovery testing efforts.
Today, Scot is responsible for product develop-ment and maintenance associated with SunGard’snetwork and security services, including the
SunGard Global Network (SGN).
Managing Editor:Pat McAnally, Senior Director, ThoughtLeadership Program
7/30/2019 Network Design Wp Final
http://slidepdf.com/reader/full/network-design-wp-final 12/12
SunGard Availability Services
680 East Swedesford Road Wayne, PA 19087484.582.2000800.434.0002
www.availability.sungard.com
© 2004 SunGard Availability Services. All rights reserved.
The above material is presented as general information only and dnot constitute legal advice or a legal opinion.You should seek the of legal counsel with respect to your particular circumstances.
WPS-004