Preview only show first 10 pages with watermark. For full document please download

幻灯片 0 - Actfornet

Rating
Date

November 2018
Size

11.8MB
Views

5,328
Categories

Computers & electronics Networking Hardware firewalls

Transcript

Enterprise Application Router in the Cloud Era ——Introduction to AR G3 Series Routers Contents 1 Challenges of Enterprise Routers in the Cloud Era 2 AR G3, Application Router in the Cloud Era 3 Introduction to AR G3 Series 4 Application Scenarios of AR G3 Products 5 AR G3 Success Stories 1 Skyrocketing of Digital Services CPU: 4.77 MHz Disk: 1.44 MB WAN port: 56 KB CPU: 266 MHz Disk: 2 GB WAN port: 56 KB CPU: 1.8 MHz x 2-core Disk: 160 GB WAN port: 2 MB CPU: Intel Core i7 Disk: 1 TB + Cloud WAN port: 100 MB PC Time High bandwidth promotes user experience. 2 In 2010, 10GE enterprise leased lines of Deutsche TeleKom increase by 100%. IT Development Trend: Integration Form feature phones to smart phones Do enterprise customers require a one-stop box? Router Changes of electronic devices Firewall Switch VPN Multi-functional devices appear in offices Printer Fax Copy Scanner Storage PBX Printer Server AP/AC Enterprise services require innovation and evolution. Changes in the offices 3 Easy Operation, Better Experience Configuration file conversion CLI translation tool Visualized operation reduces technical barriers and improves management efficiency. 4 Challenges of Cloud Branch Cloud branch Cloud center Services are migrated to the cloud center. Various enterprise applications are emerging. APP platform • Severe network delay • Unavoidable traffic congestion • Throughput of a common application on the WAN less than 1% of that on the LAN • Customized service applications 5 Cloud gateway with high performance, easy extensibility, and high bandwidth utilization Seeking for a Solution to Overcome Challenges Integration of enterprise services Demand for high bandwidth Easy operation and maintenance Service challenges in the cloud era Integration of multiple services such as data, voice, security, and WLAN over CATV (WOC) Ensuring cloud service experience with 40 Gbit/s throughput and hardware-level QoS Open Service Platform (OSP), open Linux/Windows/VM system, and on-demand customized services 6 Contents 1 Challenges of Enterprise Routers in the Cloud Era 2 AR G3, Application Router in the Cloud Era 3 Introduction to AR G3 Series 4 Application Scenarios of AR G3 Products 5 AR G3 Success Stories 7 Cloud Era Application Router, AR G3 "A-B-C" A Applications in one box Reducing at least 30％ TCO Better experience nonstop service B Ensuring transmission Cooperation platform Meeting customized C applications 8 Contents 2 AR G3, Application Router in the Cloud Era  Applications in One Box Reducing at Least 30％ TCO  Better Experience Ensuring Nonstop Service Transmission  Cooperation Platform Meeting Customized Applications 9 Highlight 1: Applications in One Box –Reducing at Least 30％ TCO Routing Abundant access and uplink interfaces High-density switching card Functioning as PBX to provide various services Switching router Switching IPSec VPN/DSVPN/ Voice AR G3 Firewall hot standby (HSB) SSL VPN/MPLS VPN Security VPN WLAN Built-in AC and fat AP One AR provides six functions. 10 Routing and switching WLAN Voice VPN Security Abundant Interfaces, Allowing Flexible Access Enterprise branch Egress gateway WAN interconnection Plenty of uplink interfaces Flexible WAN interconnection Abundant access interfaces Adapting to various terminals AR 150&160&200 Wired interfaces Data interface  FE/GE  SA/AS  Wi-Fi AR 1200 AR 2200 Voice interface        EPON/GPON ADSL2+/VDSL2/G.SHDSL E1/E3 PRI/BRI/FXO POS/CPOS FE/GE/10GE SA/AS Wireless interfaces  FXS/FXO  ISDN  VE1  2G/3G  LTE AR 3200 11 Routing and switching WLAN Voice VPN Security Integration of Routing and Switching WAN Switching router AR2220 Service server/PC 2 x E1 or Eth Terminal/PC AR2201-48FE 8FE1GE 24GE IP phone AR2202-48FE AP … … … … Switching router, a router with a high-density switching card  Inserts high-density 24GE, 8FE1GE, or 4GE Ethernet card to different LPU slots of an AR router.  The AR2201-48FE and AR2202-48FE provide 48 FE LAN interfaces and integrate with E1 and SA interfaces on the WAN side.  With the built-in AC function, one AR router provides functions of an AC, an aggregation router, and a traditional egress router. 12 Routing and switching WLAN Voice Wireless Access, Allowing Flexible WAN Interconnection Mobile access Multiple WLAN access modes • • • Flexible 2G/3G switchover Telecom CDMA EV-DO or Unicom WCDMA LTE FDD AR G3 Headquarters Enterprise branch AR G3 AR G3 LTE/HSPA SAE/IMS  3G/LTE card and external 3G/LTE data card  Built-in 3G box device  WLAN access through whip antennas or remote antennas 13 VPN Security Routing and switching WLAN Voice VPN Built-in AC, Reducing Wi-Fi Deployment Costs Data center Headquarters or branch network AP Policy center WAN RADIUS server AP AR (with a built-in AC) Application scenarios  Applies to integrated wired and wireless networking of small- and medium-scale enterprises.  Supports AP local forwarding and centralized user authentication on the AR.  The APs can connect to the AC across a Layer 2 or Layer 3 network. Secure and flexible access     14 Portal authentication 802.1x authentication MAC address authentication Intra-VLAN/Inter-VLAN roaming on the same AC eSight Industry's first built-in AC  All series AR routers support the builtin AC function.  Cisco high-end ISR series must be equipped with AC interface cards.  H3C MSR series do not support the AC function. Security Routing and switching WLAN Voice VPN Security Enterprise Voice Gateway, Reducing Communication Costs Branch Voice Gateway Headquarters Analog phone PSTN eSight Fax Plenty product models IAD IP phone USM/U19xx Server IP phone PSTN Intranet Large branch NxE1 AR32XX/ AR22XX Small branch NxE1 AR1200 /AR200 VOICE /AR150 VOICE Analog phone Fax IP phone IP phone IMS/NGN IP phone IP phone AG application NxE1/ NxFXO SIP/H.248 Intranet AR32xx/22xx AR1200/200/150 PBX application IP phone Analog phone Fax AG mode about IMS/NGN（<500） 15 PC  Supports 2000 concurrent calls. AR32xx/22xx AR1200/200/150 Analog phone Abundant voice functions  Mainstream SIP and H.248 and H.323 signaling VOICE IP phone IP phone  Plenty of voice cards apply to all the ARs. Analog phone Fax PSTN VOICE  All the AR series have product models supporting the voice function, meeting needs on campus networks of different scales. Fax Individual PBX about Medium branch（<500）  Analog voice and VoIP  Flexible networking in PBX or AG mode Routing and switching WLAN Voice VPN High-quality voice meeting Voice meeting Access on the way AR Voice Gateway Access at home • Any time, any places and any terminals: access easily and conveniently • System calling, chairman convening, initiate a meeting: rich access means • Reserved meeting, instant meeting: hold a meeting optionally 16 Security Routing and switching WLAN Voice VPN Built-in Voice Mailbox* Analog phone Mobile phone Leaving a message • • Message notification • The calling user leaves a message when the called user is busy, offline, or does not answer the call. The longest voice message of a user can last 20 minutes. The message waiting indicator (MWI) instructs that there is an unread voice message. IP phone Obtaining a message • The called user obtains a message with a unified code.  All the AR G3 series voice models support the built-in voice mailbox function, including leaving a message and obtaining a message.  There is no need for an external voice mailbox, reducing costs.  The AR has enough space to store 20 messages for each user, the maximum recording time for each message can be up to 120s. ** Roadmap is 2013Q4 17 Security Routing and switching WLAN Voice VPN New series IP phones, rich services High-level visual enjoyment Conference control system eSpace 7910: 2.83-inch color screen eSpace 7950: 16 million pixel 5-inch color screen Invite participants /get somebody off line/ mute set Initiate or terminate a meeting Dual GE interface（PoE） Pristine sound HD voice, enjoy the wonderful melody Simplify desktop network deployment Adapt to PC data transmission 18 Ultra-thin light Ultra-thin design，lead the fashion at IP phone Support Bluetooth earphone （Adapt to eSpace 7950） Relax your hands, feel natural and elegant life Security Routing and switching WLAN Voice VPN Security H.323 Gateway&Built-in SBC, Flexible Networking H.323 network SIP network IP phone Voice gateway SBC inside PC POTS phone H.323 PBX AR G3 (IP PBX) H.323 trunk Private network H.323 network H.323 gateway Public phone IMS network Built-in SBC H.323 gateway/gatekeeper  Functions as the media and signaling proxy, allowing transmission of IP voice data across different subnets.  Converts H.323 signaling to SIP signaling and connects to gateways or gatekeepers on the original H.323 network.  Connects enterprise users to the VoIP network of the carrier, ensuring private service transmission.  Be compatible with the original H.323 voice system, increasing return on investment. 19 Conversion between H.323 and SIP signaling SIP signaling flow RTP media flow H.323 trunk  Supports the H.323 trunk.  Implements communication across networks. Routing and switching WLAN Voice VPN Security Enrich Enterprise PBX Voice Services Dial 28180101 Welcome to xxx company. Enterprise switchboard center 28180101 Sales Dial 1 VOICE Customer Ring back tone Ring back tone Customer service center Dial 2 AR G3 Consulting functions as PBX Dial 0 IVR navigation  The called users use user-defined music or sound effects to replace the common ring back tone, and play the music or sound effects to calling users.  Enterprises publish switchboard numbers to enhance brand image. 20 85112001 13905712002 13905713001 13905713002 82554001 13905714002 A uniform number  The interactive voice response (IVR) service provides the automated attendant function and allows enterprises to make their own IVR menus and voice prompts.  Multi-terminals correspond to a uniform number  IVR navigation meets the customization requirement of an enterprise, improving user experience.  Fixed telephone, mobile phone or PC phone can be answered expediently.  No call will be missed at any time or any place. Routing and switching WLAN Voice VPN IPSec VPN Deployment For secure access of networks with simple topology Branch A eSight VPN Enterprise management system data center Uses the Hub-Spoke topology to dynamically establish tunnels between branches. Internet VPN server For secure access of small networks Branch B Headquarters For remote access of traveling staff Branch C For secure access of small networks VPN client Traveling staff Partners Flexible networking, secure access  Partners and branches: Communicate with the headquarters through gateways or as clients based on the their size.  Travelling staff: Visit the internal network of the enterprise as VPN clients as their locations frequently change.  Enterprise headquarters: Establish tunnels between gateways or between gateway and VPN clients.  VPN management system: Monitors VPN gateways and tunnels in centralized manner to implement visualized management. 21 Security Routing and switching WLAN Voice VPN Security DSVPN Deployment Traditional VPN solution Complex and too many static tunnels, high maintenance cost DSVPN solution Headquarters Hub RADIUS/AAA Headquarters Spokes register with the hub Internet Internet Branch 3 Branch 1 Static tunnel Dynamic tunnel Branch 3 Spoke 3 Branch 1 Spoke 1 Static IP address Spoke 2 Branch 2 Branch 2 Dynamic IP address Dynamic deployment, easy access from multiple branches  Establishes and maintains tunnels between devices that dynamically acquire IP addresses and provides identity authentication, encryption for control packets and IPSec for data packets to ensure data security. Supports IP multicast, dynamic routing, NAT traversal, voice, video and non-IP traffic.  Reduces the load of hubs and is applicable to large enterprise VPN networks with multiple branches.  Facilitates deployment and maintenance with simple configuration on hubs and spokes. 22 Routing and switching WLAN Voice VPN SSL VPN Deployment Plain text SSL VPN tunnel SSL VPN GW Partner server zone Partner Internet Traveling staff Router FW LSW Internal server zone AR G3 enterprise access router (SSL VPN firewall/gateway) Customer VPN start/end points DMZ server zone Refined application access control  Improves customer access security by providing encryption and authentication functions.  Reduces deployment and maintenance costs by refined access control on applications such as file sharing, email, and Web.  Simplifies server configurations based on TCP/UDP and NAT traversal.  Reduces the total investment and upgrade costs as AR G3 supports routing, switching, firewall, and SSL/IPSec VPN gateway functions. 23 Security Routing and switching WLAN Voice VPN Security MPLS L3 VPN Deployment CE PE OSPF/RIP/ Static/BGP CE PE MPLS network OSPF/RIP/ Static/BGP Headquarters PE Branch A PE CE PE OSPF/RIP/ Static/BGP MPLS leased line Enterprise VPN Branch B Interconnection of medium- and large branches  Realizes full-mesh connections between branches and the headquarters and among branches based on Layer 3 interconnection.  Uses MPLS leased lines to connect to the MPLS network. 24 MP-eBGP High security and reliability and flexible bandwidth  Supports BFD to implement millisecond-level protection switching.  Supports LDP FRR and TE FRR to ensure service reliability.  Supports MPLS-TE to effectively use bandwidth and balance network traffic. Routing and switching WLAN Voice VPN Integrated Firewall, Ensuring Enterprise Network Security Malformed packet attacks Attacks at the application layer Web Apps Notes Apps Internet AR G3 AR G3 DDoS Remote access Large traffic attacks Headquarters E-mail Security guarantee  Security domain (H3C MSR series do not support.) Firewall throughput (Mbit/s)  Packet filtering firewall  Application specific packet filter (ASPF)  Blacklist and whitelist  Firewall logs  Traffic statistics collection and monitoring Small enterprise Medium-scale Large enterprise enterprise 25 Large enterprise  Attack defense Security Routing and switching WLAN Voice VPN Security Secure Enterprise Gateway—IPS, enhance security ability IPS： Satisfy the security demands of Government, Finance and Education industries  Attack detection database can achieve1200+, the detection rate of false positives can be up to 90+%. Branch Enterprise HQ internal network  Support updating database online.  Enterprise branch Interconnection Enterprise internal monitor Internet verge protection IPS L7 attack packets Filter Traffic L2-L4 attack packets Normal packets About 70% attack come from 7th layer。The firewall can only prevent L2~l4 attack packets. 26 IPS can provide 7 layers security defend ability. IPS database include Trojan, Worm, Botnet, Spyware, Loophole Attack and Web Attack etc., which based on network behavior.  Build-in function of AR G3. No need to deploy fault monitor, reduce cost. Contents 2 AR G3, Application Router in the Cloud Era  Applications in One Box Reducing at Least 30％ TCO  Better Experience Ensuring Nonstop Service Transmission  Cooperation Platform Meeting Customized Applications 27 Highlight 2: Better Experience - Ensuring Nonstop Service Transmission High performance Enhanced cloud service experience with industry's highest throughput (40 Gbit/s) and hardware-level QoS High reliability Ensuring service reliability with hot swapping cards and protection switching within 50 ms Protection switching within 50 ms BFD and NQA High speed Enhanced experience World's first 100 M LTE enterprise access solution Brand new experience of integrated services Link backup Dual SIM cards LTE uplink Reliable network AR G3 Video LAN Voice Data Branch Exchange for Survivable Telephony (BEST) Blacklist and whitelist 28 High performance High reliability High speed Enhanced experience High performace, Super Cloud Experience Effectively supporting various cloud services  Integrates 2 x 10 GE physical interfaces, maximizing return on investment. . High performance SRU400 29 us us 30 22 40 U ) ag 60 er av er (S a g e R U 80 ) try (S R av ) e e ag 40 er e e In du AR stry 32 av 60 er (S a g e R U 40 ) In du s try AR av 32 er 60 ag (S e R U 80 ) AR 40 us 22 In d AR U av (S R try ag ag 20 er 22 av AR try try 40 us us us 22 In d AR In d In d er 20 av 12 try AR us av e AR rag 20 e 0 try av e AR rag 15 e 0 try In d In d In d Mbit/s High performance High reliability High speed Multi-core and non-blocking switching ensure high performance. Enhanced experience Distributed Service Processing, Enhanced Performance Service forwarding performance; IMIX flow Industry average Huawei High performance High reliability High speed Enhanced experience Multi-core Architecture, High Performance and Service Processing Capability All series support multi-core AR150&200&1200 (2-core) AR2200 (4-core) N engines working together, performance increased N times Optimized packet forwarding commands, speeding up forwarding and processing of data packets High performance SRUs (8-core to 32-core) OSP Multi-core architecture Improving service processing capability N cores process services concurrently. Core_1 Built-in hardware acceleration engine, ensuring high performance Core_2 OSP with X86 architecture and enterprise-class iPhone, performance guaranteed, Core_3 Core_N 31 Concurrently processing different services Preventing interference between services High performance High reliability High speed Enhanced experience Hardware-level QoS, High Forwarding Performance Traditional routers Forwarding performance AR G3 QoS enabled QoS disabled 35% Effective cooperation Forwarding performance Forwarding performance is not decreased after QoS is enabled. VS Smooth voice communication Seamless video conference High-quality UC • • High performance SRUs 32 AR G3 uses hardware-level QoS of high-end routers. HQoS ensures service quality without compromising forwarding performance. High performance High speed High reliability Enhanced experience Carrier-level Device Reliability Key reliability technologies Hot swap cards Power module redundancy Fan redundancy Online maintenance and • Stable power input • Timely heat dissipation upgrade • Sufficient power supply • Protecting devices against • More services • Ensuring normal running of • More access users • More functions • devices • • Two SRUs working in 1+1 backup mode high temperature • Restoration in a short period Preventing chips and cards • Avoiding service from being burnt 33 SRU redundancy interruption High performance High reliability High speed Enhanced experience Reliable Interconnection—Dual SRUs， Hot backup Dual SRUs，Hot backup Services backup in time Video SRU40 Voice SRU80 Data AR3260 Faults switch quickly Faults can’t be awared by the peer. SRU400 The whole series SRUs can support Dual SRUs function. NSR(Non-Stop Routing) NSF(Non-Stop Forwarding)  Services are not affected  Separation of control plane and forwarding plane  Without neighbors switching  Line-card forwarding information redundant backup  Non-stop control traffic  Support Graceful Restart 34 High performance High reliability High speed Dual SRUs, Escort for Cloud Access High reliability    Dual SRUs, forwarding data simultaneously NSF/GR Ensuring branches to reliably access cloud services High performance SRU400 2 x 10GE  Hardware encryption and decryption, hardware-level QoS, and hardware attack detection engine  Millions of routing entries  Helping enterprises effectively use cloud services Multiple services AR3260 35  Value-added services, such as IPS/IDS, OSP, and built-in AC  Clock synchronization and circuit emulation  Allowing enterprises to support new services Enhanced experience High performance High reliability High speed Enhanced experience 3G or 4G Dual-homed Access, Realizing WLAN-based Load Balancing AR G3 Branch Mobile carrier B AR G3 Headquarters •Active link AR G3 Mobile carrier A •Standby link SIC-HSPA+7 SIC-LTE Branch • High reliability: The AR supports dual USB dongles and dual SIC cards to connect to two WLANs that work in active/standby mode or load balancing mode. • High performance: The 3G interface provides a maximum downlink rate of 21 Mbit/s (HSPA+7), while the 4G interface provides a maximum downlink rate of 100 Mbit/s (FDD). • SIC cards: The AR provides hot swappable SIC cards which can be inserted in any slot. 36 High performance High reliability High speed Enhanced experience BFD Improving Network Reliability Static/Dynamic BFD Dynamic BFD Dynamic negotiation Single-hop BFD BFD packet Static BFD Manually configuring BFD on two routers Huawei supports dynamic BFD and static BFD, which extends the IEIF standard. To use static BFD, you need to manually specify local and remote discriminators. • • • Single-hop/Multi-hop BFD Multi-hop BFD BFD packet Single-hop BFD: Detects faults of direct links between routers on the same network segment. Multi-hop BFD: Detects faults of indirect links between routers on different network segments. BFD provides fast fault detection independent of media and routing protocols. It detects link faults between neighboring network devices. BFD detects faults at an interval of 10 ms and can detect a fault within 30 ms. BFD implements millisecond-level fault detection, reducing service interruption duration and improving network reliability. 37 High performance High reliability High speed Enhanced experience CS+PS Dual Domains, High Quality 3G Voice Backup Solution Carrier network High-quality voice backup IMS Core SBC1  Data services are transmitted over the PS domain and voice services are transmitted over the CS domain. Or both data and voice services are transmitted over the PS domain and the CS domain is the backup for voice services. SBC2 IP MAN  The CS domain is used to ensure high reliability of important voice services, improving customer satisfaction.  CS+PS dual domains provide high-quality voice backup even if there is only 2G network. SIP Trunk AR G3 Enterprise Wi-Fi High bandwidth  Supports HSPA+7.  Provides a maximum downlink rate of 21 Mbit/s and a maximum uplink rate of 5.76 Mbit/s. POTS FAX PC/SIP software client 38 NOTE：3G CS function will be supported in following versions. High performance High speed High reliability Enhanced experience High anti-interference VDSL access 17a Downstream data rates v.s. loop length (24 users) 69% 120 IP Network No vectoring Vectoring 63% 76% 65% 40%~60% Date rates(Mbps) 100 56% 80 45% 39% 60 40 34% 20 0 200 VDSL2 300 400 500 600 Loop length (m) 700 800 900 With Huawei DSLAM, supporting VDSL2 Vectoring AR G3 High bandwidth: uplink 50M, downlink100M Enhanced anti-interference capability: Enhance the line bandwidth of 40% to 60%, improve the user experience. Good compatibility: VDSL2 compatible with ADSL2 / 2 +, smooth evolution to VDSL2, no need to replace the device hardware, reducing the network transformation investments of operators. 39 VDSL Vectoring Technology Crosstalk cancellation(always call Vectoreing)  Define Without Vectoring in ITU-T G.993.5, base on VDSL2  Crosstalk is removed in vectored DSL system  +  Rate, stability are improved greatly Original Signal Received Signal Crosstalk 17a Downstream data rates v.s. loop length (24 users) 69% 120 No vectoring Vectoring 63% 76% 65% Date rates(Mbps) 100  + 56% 80 45% Precoded Signal 39% Crosstalk Received Signal 60 40 + 34% 20 0 200 Original Signal 300 400 500 600 Loop length (m) 700 40 800 900 Precoding With Vectoring High performance High reliability High speed BEST, Improving Branch Voice Reliability AR3200 (Call Manager) 3. Enable BEST. Active Standby AR 2200 (VG) 1. Branch IP phones and VG register with the CM. Headquarters VoIP PSTN backup for long-distance calls Emergency line 2. WAN fails or the active and standby CMs are unreachable. Branch A AR200 (VG) BEST enabled Branch B • • Comprehensive reliability • 41 AR1200 (VG) BEST enabled BEST: When the WAN fails, the branch VG controls local calls. Route backup: Users can make calls to the headquarters or other branches through the PSTN's egress. Power outrage survival: When the VG is powered off, analog phones can make calls. NOTE：BEST function under AG mode will be supported in following versions. Enhanced experience High performance High reliability High speed DISA, Allowing Only Authorized Users to Use Services 6. Authorization succeeds and services can be used 1. Dial DISA trunk number Remote branch user 2. Enter user account Make local calls 85112001 85112002 85112003 Make toll calls 0755-85714008 0049-1728888888 3. Enter XXXX 4. Enter user password AR G3 Traveling staff 5. Enter XXXX Ensure that resources are properly used 42 Headquarters • Authorized access, ensuring service security • Proper line usage, saving communication costs NOTE：This function will be supported in following versions. Enhanced experience High performance High reliability High speed Blacklist and Whitelist, Ensuring Call Security 075528560003 075528560001 Trunk 0 AR 3200 075528560032 Headquarters WAN&P STN 02564085222 Trunk 0 AR 2200 Branch • Calling number discrimination, flexibly triggering service operations • Configurable rules, specifying calls to be rejected Ensure call security 43 Enhanced experience High performance High reliability High speed Enhanced experience LTE High Speed Wireless Access Headquarters Headquarters LTE SIP Trunk AR IP PBX Fax LTE link backup LTE VPN Analog phone Voice software IP phone LTE voice  Supports LTE SICs and LTE dongle.  Provides an uplink bandwidth of 50 M bit/s and a downlink bandwidth of 100 M bit/s.  Dual Access Point Names (APNs): Two APNs work together to transmit data and voice services separately. 44 High performance High reliability High speed Enhanced experience High Density and High Speed WAN Interconnection E1 POS/CPOS Branch SDH POS Headquarters CPOS Branch Interface Type Card type E1  Unchannelized card with 1 or 2 interface channelized  Unchannelized card with 4 interfaces channelized  Unchannelized card with 8 interfaces channelized Matching product POS CPOS  1-port 155M POS optical interface card  1-port 622M POS optical interface card  1-port 155M channelized POS optical interface card AR1200/AR2200/AR3200 Various card types, line-speed forwarding, channelization, and high bandwidth utilization 45 High performance High reliability High speed Enhanced experience Hierarchical Quality of Service Subscriber queue Flow queue VC 2 Site 2 WAN AR G3 Site 1 WAN-side interface 3 level queues, refined scheduling Level 1 Flow queue Level 2 Subscriber queue Level 3 Port queue …… PQ/WFQ …… PQ/WFQ Subscriber queue Flow queue Site 3 Ensuring transmission quality • Realizes hierarchical traffic management. • Manages multiple subscribers and services. • Provides a refined QoS guarantee. • Lowers network operation and maintenance costs. …… …… VC 3 RR 46 High performance High reliability High speed Enhanced experience LTE QoS, Meeting Service Level Agreement 1. Delivere QoS policies Phone 2. Create service tunnels PC IMS 3. Detect bandwidth utilization using NQA AR G3 Server LTE module 4. Schedule in real time Service flow Traffic shaping and scheduling High Medium Low Solution highlight End-to-end LTE QoS solution     The IMS core network delivers QoS policies to base stations and ARs. ARs create service tunnels based on QoS policies and map service flows to different tunnels. ARs detect the LTE uplink bandwidth using NQA. The AR egress bandwidth is controlled in real time according to the agreement. 47  LTE resources are allocated according to the agreement.  Service quality of high priority services is guaranteed, providing DSL level QoS experience.  LTE replaces dedicated leased lines, lowering development costs and shortening the service deployment time High performance High reliability High speed Enhanced experience Smart Application Control, Ensuring Service Security Voice Interactive video Call signaling Network control Interactive program File transfer Web page browsing Junk data Application server OSS server Traffic statistics analysis VoIP traffic WAN VPN access BitTorrent/eMule/QQ/Game AR G3 Intelligently identify programs and differentiate service types Marking, scheduling, and shaping QoS policy applied to the egress • Normal traffic Application identification VoIP • VoD www and E-mail QoS policy Unexpected traffic Unauthorized VoIP • P2P bandwidth misuse Junk mails, worms, viruses 48 DPI and QoS: Intelligently classify traffic based on the data packet, PVC/VLAN/DLCI, and port, and identify packets of key features. Policy management and control: Block unexpected traffic, limit the rate of such traffic, and control traffic based on the time range. Report traffic statistics to the NMS to help the administrators optimize control policies based on the traffic statistics analysis. High performance High reliability High speed Enhanced experience Smart Policy Routing for Multi-link Load Balancing Video, voice Data ISP A AR G3 ISP B Branch Data center 3G best-effort link Link group The traditional routing policies select the shortest path as the route, regardless of the path quality. Different types of key services such as voice, video, and data require routes of different quality demands. SPR NQA NQA is the basis of SPR and is used for path quality detection. 49 SPR selects the optimal path to forward service data, preventing network blackholes and flapping. Traffic policy SPR provides high-quality links for key services. Traffic policy identifies key services and selects proper paths for these services. High performance High reliability High speed Enhanced experience Voice QoE Test, Verified Enhanced Three types of voice trunks PSTN/ISDN FXO Trunk  SIP: for communication between a small branch and the headquarters  PRA: for communication between a large branch and the headquarters  AT0: for communication between the headquarters and the PSTN network. Headquarters SIP Trunk Small branch VE1 Large branch 50 Miercom simulated three access scenarios to test voice quality of the three trunks. The test result shows that Huawei was excellent in evaluation of voice quality, function, and quality of experience (QoE). High performance High reliability High speed Association Between BFD and NQA, Fast Convergence Router A (Master) VRRP LAN A BFD/NQA C IP/MPLS LAN B BFD Router C Router B (backup) Association between BFD and NQA   BFD detects faults between neighboring devices, speeds up convergence of static routing, OSPF, BGP, IS-IS, and PIM, and triggers VRRP switchover and interface backup. NQA supports ICMP, FTP, HTTP, TCP, UDP, Jitter, DNS, DHCP, Trace, and SNMP tests and sends reports to the operation support system (OSS). Through ICMP tests, NQA can trigger VRRP switchover, routing policy switching, and interface backup. 51 Cost-effective and suitable solution  Detects faults at an interval of 10 ms and can detect a fault within 30 ms.  Facilitates maintenance and improves network stability.  Ensures stable network running and service transmission.  Allows users to associate different protocols. Enhanced experience Zero Touch Configuration, Easier Operation and Maintenance High reliability High performance Headquarters High speed Enhanced experience BSS/OSS ACS NMS DHCP server AR G3 AR G3 ACS AR G3 Product Highlights and Benefits • • • AR G3 supports TR069 and works with ACS and NMS to implement zero-touch configuration. Batch configuration delivery and upgrading reduces costs on device deployment and maintenance. AR G3 monitors network operating status using TR069, making network operation and maintenance simpler. 52 High performance High reliability High speed Enhanced experience Batch Deployment Using USB Flash Drive OSS/ACS 1 Plan the network 2 Generate configuration files Data planning personnel 5 The device downloads system software and configuration files 3 Hardware installation personnel 4 AR G3 Product Highlights and Benefits • The operation is easy. Onsite installation personnel just need to insert the USB disk to finish the configuration, requiring no specialized training. • Service configurations can be loaded to CPEs manually or automatically using SNMP/TR069 so long as their IP addresses are reachable. USB-based deployment applies to batch deployment of many devices. 53 High performance High reliability Web-based NMS, Visible GUI Operation and Maintenance Branch GUI configuration page WAN/Internet Branch Headquarters Product Highlights and Benefits •Uses the web browser to configure and maintain devices, reducing investments on the NMS server. • Simplifies maintenance due to the easy-to-learn management method. • Provides better user experience with GUI-based operation and maintenance. 54 High speed Enhanced experience High performance High reliability High speed Enhanced experience Overall authentication、Refined control—BRAS Overall authentication BRAS AAA •Support PPPoE, PPPoA, PPPoEoA •Support DHCP Policy •802.1x •WEB authentication •MAC Portal Ensure various services’ bandwidth BRAS Multi authentication means，meet the demands of managing various terminals Refined traffic control VIP •Bandwidth management based on users Need BT download, but limited User A bandwidth Customize VOIP service， experience differ services •Bandwidth management based on time VOIP/IPTV/Download/Game … •Bandwidth management based on services Refined traffic control can be based on an enterprise, a team, a user or a service. User B 55 Contents 2 AR G3: Cloud Era Application Router  Applications in One Box Reducing at Least 30% TCO  Better Experience Ensuring Nonstop Service Transmission  Cooperation Platform Meeting Customized Applications 56 Highlight 3: Cooperation Platform, Meeting Customized Applications ICT integration  Nonstop service transmission Enterprise IT and CT integration simplifies branch deployment and management. Voice PBX  When the headquarters server becomes faulty, the local backup server is used. This ensures nonstop service transmission.   On-demand development meets value-added service and personalized scenarios. Customers and integrators can integrate third-party services on their devices. Headquarters server Routing and switching Application server WLAN AP Customized development Firewall WAN Local backup server Integrating a service platform has become a trend of branch access gateways. 57 Third-party application Encryption and security Integration with Microsoft Lync Server, Ubiquitous UC http://technet.microsoft.com/en-us/lync/gg131938#tab=1 The AR G3 router has obtained Microsoft Lync server certification, and is used in Microsoft Lync UC solution. AR G3 Mediation server VOICE OCS server PSTN 58 Open Service Platform Service Accelerated Engine (SAE) 1000M to AR G3 OSP card SAE550     OSP: Open Service Platform X86 architecture, high-performance server platform Supporting mainstream operating systems: Linux, Windows server, and VMware virtualized OS Flexible cooperation mode  Development by a third party and Huawei  Agent development  Customer development 2*GE SAE220 Third-party application Encryption and security Strong software and hardware openness 59 2G/4G Memory 500GB hard disk Energy Efficiency Management Centralized Building Efficiency Management System (CBEMS) Device management system Energy efficiency analysis system Building N Building 2   The Head-End is integrated on the AR equipped with the OSP card. Each building has one deployed. Control logic Benefits Solution  Define control policy 3G, LTE, GE VPN Building 1 Statistical report system The BEMS and application server are installed in the equipment room server or small machine. The OSP is integrated with Huawei developed Head-End. The Head-End sends terminal data to the CBEMS through the AR router. 60  The CBEMS implements converged energy management, and reduces server deployment and management expenses. With basic network capabilities of AR G3, the CBEMS remotely adjusts energy allocation of some areas to reduce maintenance costs. Network O&M Management Integrated management platform AR G3 OSP CISCO HP Integrated management: network topology, alarms, performance, and configuration file   Solution 1: The X86 card in the enterprise branch is integrated with eSight NMS as the backup of the enterprise headquarters NMS. On small- and medium-scale enterprise networks, the X86 card can be integrated with eSight NMS to implement network management.   Benefits: You do not need to deploy extra eSight server, reducing investments, and operation and maintenance costs. 61 Solution 2: Benefits: When the enterprise headquarters NMS becomes faulty or the link between the enterprise headquarters and branch is unreachable, the branch can use eSight NMS to implement local management. Contents 1 Challenges of Enterprise Routers in the Cloud Era 2 AR G3, Application Router in the Cloud Era 3 Introduction to AR G3 Series 4 Application Scenarios of AR G3 Products 5 AR G3 Success Stories 62 AR Series Models AR3200 series AR3260 Headquarters/Largescale branch (>350 users) AR2200 series AR2201-48FE/ AR2202-48FE AR2204 AR2220 AR2240 Medium-scale branch (50-350 users) AR1200 series AR1220 AR1220F AR1220V AR1220W/ AR1220VW Small-scale branch (<50 users) AR201/AR201VW-P AR150&160& 200 series SOHO&SMB (<30 users) AR161FG-L/ AR161FGW-L AR156/AR156W/AR15 7G-HSPA+7/AR 157W /AR157VW AR206/AR207/207V/207V-P AR207G-HSPA+7/AR207VW AR208E AR168F AR169F 63 AR151/AR 151W-P /AR 151G-HSPA+7 /AR151G-C AR158E/ AR158EVW Huawei AR 3200 Series Specifications SRU40 Item AR3260 (Supporting Four Types of SRUs) WAN speed with services 600 Mbps (SRU40), 1800 Mbps (SRU80), 4.5 Gbps(SRU200), 5.5Gbps(SRU400) Switching capacity 160 Gbit/s SIC slot quantity 4 WSIC slot quantity 2 XSIC slot quantity 4 Attached routing interface 3GE (2 combo)/4*GE Combo+ 2*10GE DSP slot quantity 0/3 Memory 2 GB/8 GB Flash (default/maximum) 2 GB/4 GB USB 2.0 2 Dimensions (W x D x H) 442 mm x 470 mm x 130.5 mm SRU80 SRU200 SRU400  Hot swapping of the SRU, cards, and power modules  3G USB data card  Up to 384 DSP channels  Up to 147 Ethernet interfaces 64 Huawei AR 2200 Series Specifications Item AR2240 (Supporting Three Types of SRUs) AR2220 WAN speed with services 600 Mbps (With SRU40) 1800 Mbps (With SRU80) 4.5Gbps(With SRU200) 400 Mbps Switching capacity 80 Gbit/s 32 Gbit/s SIC slot quantity 4 4 WSIC slot quantity 2 2 XSIC slot quantity 2 0 Attached routing interface 3GE (2 combo)/4*GE Combo+ 2*10GE 3GE (1 combo) DSP slot quantity 0/3 1 Memory 2 GB/8GB 2 GB Flash (default/maximum) 2 GB/4 GB 2 GB/4 GB Dimensions (W x D x H) 442 mm x 470 mm x 88.1 mm 442 mm x 420 mm x 44.5 mm All series support card hot swapping and 3G data card. 65 Huawei AR 2200 Series Specifications Item AR2204(Controlled sale) AR2202-48FE AR2201-48FE WAN speed with services 200 Mbps 200 Mbps 200 Mbps Switching capacity 10Gbps 10Gbps 10Gbps SIC slot quantity 4 0 0 WSIC slot quantity 0 0 0 XSIC slot quantity 0 0 0 Attached routing interface 3 GE (1 combo) 2 GE (1 combo), 1E1,1SA 2 GE (1 combo) DSP slot quantity Memory Flash (default/maximum) 2 0 0 1G 512 MB 512 MB 512 MB/4 GB 512 MB 512 MB USB 2.0 2 1 1 Whether RPS is supported Y Y Y Dimensions (W x D x H) 442 mm x 420 mm x 44.5 mm 442 mm x 310 mm x 44.5 mm 442 mm x 310 mm x 44.5 mm AR220X-48FE is 1 U high, and supports 48 Ethernet interfaces and RPS. 66 Huawei AR 1200 Series Specifications Item AR1220 AR1220F AR1220V AR1220W AR1220VW 200 Mbps 200 Mbps 200 Mbps 200 Mbps 200 Mbps 8 Gbit/s 8 Gbit/s 8 Gbit/s 8 Gbit/s 8 Gbit/s SIC slot quantity 2 2 2 2 2 Attached routing interface 2GE 2GE(1 Combo) 2GE 2GE 2GE Attached switching interface 8FE 8FE 8FE (4FE supporting PoE) DSP slot quantity 0 0 8FE (4FE supporting PoE) 0 (32 calls are supported by default) 8FE (4FE supporting PoE) 0 (32 calls are supported by default) Built-in WiFi -- -- -- 802.11b/g/n 802.11b/g/n Memory 512 MB 512 MB 512 MB 512 MB 512 MB Flash memory 256 MB 256 MB 256 MB 256 MB 256 MB USB 2.0 2 2 2 2 2 Dimensions (W x D x H) 390 mm x 220 mm x 44.5 mm 390 mm x 220 mm x 44.5 mm 390 mm x 220 mm x 44.5 mm 390 mm x 220 mm x 44.5 mm 390 mm x 220 mm x 44.5 mm WAN speed with services Switching capacity All series support card hot swapping and 3G data card. 67 0 Huawei AR 200 Series Specifications Item AR201 AR201VW-P AR206 AR208E WAN speed with services 150 Mbps 150 Mbps 150 Mbps 150 Mbps Fixed WAN interface (FE0 can be configured as WAN interface) 2*FE 2*FE 1 ADSL2+ Annex B,1FE 1 x G.SHDSL 8-wire,1FE Fixed switching interface 8FE 8FE(PoE) 8FE 8FE Fixed voice interface - 4*FXS+ 1*FXO - - Built-in 3G - - -- -- Built-in WiFi - 802.11a/b/g/n AP - - USB 2.0 Memory Flash memory 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB Dimensions (W x D x H) 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm All series use dual-core processor, dual WAN uplink ports, and fanless design. 68 Huawei AR 200 Series Specifications Item AR207 AR207V AR207V-P AR207VW AR207G-HSPA+7 WAN speed with services 150 Mbps 150 Mbps 150 Mbps 150 Mbps 150 Mbps 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 8FE 8FE 8FE 8FE 8FE - 4*FXS+ 1*FXO 4*FXS+ 1*FXO 4*FXS+ 1*FXO - Built-in 3G -- -- -- - Built-in Built-in WiFi - - - 802.11a/b/g/n AP - USB 2.0 Memory Flash memory 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB Dimensions (W x D x H) 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm Fixed WAN interface (FE0 can be configured as WAN interface) Fixed switching interface Fixed voice interface All series use dual-core processor, dual WAN uplink ports, and fanless design. 69 Huawei AR 160 Series Specifications AR161FG-L Item WAN speed with services Fixed WAN interface (GE0 can be configured as WAN interface) Fixed switching interface Fixed voice interface AR161FGW-L AR168F AR169F 150 Mbps 150 Mbps 150 Mbps 150 Mbps 1 x GE Combo, 1GE 1 x GE Combo, 1GE 1 x G.SHDSL 8-wire, 1 x GE Combo, 1GE 1 x VDSL2 compatible with ADSL2+ Annex A/M, 1 x GE Combo, 1GE 4GE 4GE 4GE 4GE - - - - Built-in LTE FDD LTE FDD LTE - - Built-in 3G Compatible with WCDMA Compatible with WCDMA -- -- Built-in WiFi - 802.11 b/g/n AP - - USB 2.0 Memory Flash memory 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB 1 512 MB 512 MB Dimensions (W x D x H) 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm 300 mm x 220 mm x 44.5 mm High speed fixed GE LAN port, fixed GE Combo WAN port. 70 Huawei AR 150 Series Specifications Item AR151 AR151W-P AR151G-HSPA+7 AR151G-C AR157W AR157VW WAN speed with services 100 Mbps 100 Mbps 100 Mbps 100 Mbps 100 Mbps 100 Mbps 2*FE 2*FE 2*FE 2*FE 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 4FE 4FE (PoE) 4FE 4FE 4FE 4FE - - - - - 4*FXS+ 1*FXO Built-in 3G - - Built-in (WCDMA) Built-in (EVDO) - - Built-in WiFi USB 2.0 Memory Flash memory Dimensions (W x D x H) 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 802.11b/g/n AP 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 802.11b/g/n AP 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 802.11b/g/n AP 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm Fixed WAN interface (FE0 can be configured as WAN interface) Fixed switching interface Fixed voice interface All series use dual-core processor, dual WAN uplink ports, and fanless design. 71 Huawei AR 150 Series Specifications Item AR157 AR157GHSPA+ AR156 AR156W AR158E AR158EVW WAN speed with services 100 Mbps 100 Mbps 100 Mbps 100 Mbps 100 Mbps 100 Mbps Fixed WAN interface (FE0 can be configured as WAN interface) 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex A/M,1FE 1 ADSL2+ Annex B,1FE 1 ADSL2+ Annex B,1FE 1 G.SHDSL,8 wire,1FE 1 G.SHDSL 4-wire,1FE Fixed switching interface 4FE 4FE 4FE 4FE 4FE 4FE Fixed voice interface - - - - 4*FXS+ 1*FXO Built-in 3G - - - - - Built-in WiFi USB 2.0 Memory Flash memory 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm Built-in (WCDMA) 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 802.11 b/g/n AP 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm 802.11 b/g/n AP 1 512 MB 512 MB 300 mm x 220 mm x 44.5 mm Dimensions (W x D x H) All series use dual-core processor, dual WAN uplink ports, and fan-less design. 72 Contents 1 Challenges of Enterprise Routers in the Cloud Era 2 AR G3, Application Router in the Cloud Era 3 Introduction to AR G3 Series 4 Application Scenarios of AR G3 Products 5 AR G3 Success Stories 73 AR as the Enterprise Egress Gateway AR Router Application and Benefits Enterprise headquarters Mini branch AR150/200/A R1200 Server system WAN Internet Medium-scale branch AR3200 Server area Large-scale branch Small-scale branch AR200/ AR1200 PSTN AR2200 3G base station 3G link Server area Dedicated link Internet link PSTN link 74 Application: AR G3 enterprise router can be applied to the enterprise headquarters and branch egress gateway to provide a cost-efficient, highly reliable, and easy-to-deploy interconnection solution. Benefits:  The AR integrates routing, switching, voice, security, and WLAN functions. You need to deploy only one device at the egress to meet multi-service requirements, which reduces the TCO and protects investments.  The AR supports high-density voice card 32FXS and high-density Ethernet card 24GE to connect many voice and data terminals.  The AR provides built-in AC, leading in industry. It provides cost-efficient WLAN access solution without deploying extra cards.  The AR supports dual SRUs and hot standby, ensuring nonstop service transmission. Scenario 1: LAN Egress Gateway Headquarters WAN AR G3 LAN Server area Highlight: • Highest performance: The performance is twice the industry average and the service experience is improved. • High security: The AR has built-in firewall, and provides SAC, security log, and P2P traffic limit. • High integration: The AR integrates switch, PBX, and WiFi functions, simplifying networking. • Easy maintenance and management: The AR supports web platform and eSight. Recommended configuration: • SMB: AR200 (Fixed 8FE, various models, dual FE uplinks, ADSL, G.SHDSL, 3G) • Small-scale enterprise: AR1200 (built-in dual GE interfaces, 8-port switch, 2 slots) • Medium-scale enterprise: AR2200 (built-in 3 GE interfaces and 8 slots, optional 24-port GE card) • Large-scale enterprise: AR3200 (built-in 3 GE interfaces and 10 slots, optional 24-port GE card) Target customer: vertical industry, large enterprise, SMB 75 Scenario 2: 3G/LTE Wireless Access Gateway Highlight: • Huawei ranks No. 2 in the wireless market and provides specialized wireless access solution. Headquarters AR 3260 Wired Wireless • The AR provides Smart Policy Routing (SPR) and NQA. Recommended configuration WAN • Host: AR1220, AR2220, AR2240, AR3260, AR200,AR160 • 3G USB dongle: K4605、E177、E372、E303、E3131 • LTE USB dongle: E392 • 3G SIC module: HSPA+, EVDO AR 160/200/1220 SMB/Smallscale branch (0-50 users) AR 2220 AR 2240& AR 3260 Medium-scale branch Large-scale branch (50-350 users) 76 (350-1000 users) • LTE SIC Card: FDD-LTE Target customer: vertical industry, large- and mediumscale enterprises Scenario 3: VPN Gateway • IPSec VPN Headquarters Highlight: • The AR supports various VPN technologies. • The AR has built-in hardware encryption, without the need to purchase the hardware independently. • The AR provides 2 Gbit/s encryption and decryption, leading in industry. • The AR provides various security functions to ensure enterprise information security. • GRE VPN Dedicated line&Internet • MPLS VPN • L2TP VPN • SSL VPN AR 200/1220 AR 2240& AR 3260 AR 2220 Recommended configuration: • SMB: AR200, VPN performance 100 Mbit/s • Small-scale enterprise: AR1220, VPN performance 200 Mbit/s • Medium-scale enterprise: AR2220, VPN performance 500 Mbit/s • Large-scale enterprise: AR2240, VPN performance 1 Gbit/s AR3260, VPN performance 2 Gbit/s Target customer: vertical industry, large- and SMB/Smallscale branch (0-50 users) Medium-scale branch Large-scale branch (50-350 users) 77 (350-1000 users) medium-scale enterprises Scenario 4: Enterprise Voice Gateway Small-scale branch (0-50 users) AR 1220V Enterprise headquarters (350-1000 users) WAN Medium-scale branch (50-350 users) AR 3260 (PBX& SIP server) PSTN AR 2200 AR2240 Scenario Recommended Configuration Highlight SMB AR207V (8-channel DSP) • Small-scale branch AR1220V (32-channel DSP) • Medium-scale branch AR2220 (1 DSP slot), AR2240 (3 DSP slots) Headquarters AR3260 (3 DSP slots) • • To use the PBX functions, apply for and purchase the license. You can select 16/32/64/128-channel DSP based on users and 2CE1/1CE1/4FXS1FXO based on links on ARs except AR1220V. • Multi scenes: carriers SMB voice access, local large enterprises or independent PBX applications. Full service: built-in PBX, RBT, IVR, and multiparty call Good quality: highest performance, fine-grained CBQ, and intelligent call route backup Easy maintenance: diagnosis test and simulation test High reliability: BEST, local server, and power outage survival Target customer: Carrier SMB voice access, large enterprise, large- and medium-scale enterprises 78 AR Application in WAN Interconnection Scenario Unified NMS Mobile office IPSec Video surveillance App system PC Video conference Internet PC VoIP LAN Video conference Internet AR IPSec P PE (AR) PE P App App LAN Video VoIP conference Monitoring center App Application platform Branch AR PE(AR ) Access Headquarters P Aggregation Application Data center Branch PE P App center NOC Call center Backbone Benefits  AR G3 can be used as the access or aggregation node and work with NE series routers in the end-to-end WAN interconnection solution.  AR series uses VRP platform (4 million sets of VRP platforms have been sold) with unified experience and great stability. 79  The AR provides various WAN interfaces including Ethernet interfaces, E1/E3 interfaces, serial interfaces, PON interfaces, and 3G/LTE interfaces.  The AR supports dual SRUs, link bundling, hardware-based BFD, VPN FRR, LDP FRR, and TE Auto FRR, and provides high reliability.  The AR supports HQoS, MPLS TE, SPR, and WOC to meet multi-service requirements.  The AR is easy to maintain, and provides visualized management. AR Managed Connectivity Convergence Managed Fixed Access for Enterprise service Managed Mobile Access for Enterprise service Managed Secure VPN Service Managed MPLS VPN Service 80 Scenario 1: Managed Fixed Access for Enterprise Service VDSL2 bonding/vectoring(100M) ADSL2+ Annex A/B/M/J(24M) Headquarter G.SHDSL.bis(5.6M/11.2M/22.4M) FE/GE(100M/1G) EPON/GPON(1.2G/2.4G) Branch POS/CPOS(155M) SA/AS(2M) WAN E1/T1(2M/1.5M) • • Service Model • Varieties of Bandwidth and SLA Combo Packages Challenge • over existing network infrastructure for whole-scale enterprise customers • GPON for FTTO 81 Provide abundant access, cover as many sites as possible • Compatibility with mainstreaming fixed/access network • Get more returns from existing investments Scenario 2: Managed Mobile Access for Enterprise service • Headquarter AR3200 Wired Line LTE/3G/2G • 3G CS Domain CS-MGW (CS Domain) Internet Challenge • High-speed LTE access requirements from enterprises • Wireless links as backup for wired, or dual main wireless links • Wireless QoS and SLA guarantee Highlights • Multi-Operating Bands: LTE FDD/HSPA+/EDGE/GPRS • LTE access rate up to 100Mbps, high bandwidth • Wireless Backup for wired link, lower cost, shorter launch cycle • Wireless Uplink Redundancy, LTE/3G uplinks load sharing (MultiCarrier) • Redundancy Backup AR2200 Large Branch CS Call AR1200 Medium & Small Office AR200/150 SOHO or Mobile User 82 • DSL-class QoS experience, E2E LTE for Enterprise solutions Key Value • LTE Dual APN, dedicated path for voice, quality guarantee • CS call, ensure voice quality, keep important business uninterrupted • NQA over wireless technology to detect link quality, traffic shaping • End-to-end LTE QoS based on PCC(Policy Charging Control) • Good compatibility in wireless field (LTE/3G/2G) Scenario 3: Managed Secure VPN Service • Challenge • management Branch A AR G3 • AR G3 Internet • Interoperability of multi-vendor’ s devices • Diverse services on secure VPN pipes Highlights • AR G3 IPSec EVPN and DSVPN features to simplify network deployment Partner Headquarters Easy and scalable VPN services launching and • • Wired and wireless integrated access mode • Interoperability proven with Cisco routers • High-bandwidth, easy to expend by rich interfaces Key Value • Embedded hardware encryption, no additional hardware charges • Mobile AR G3 83 Industry-leading Gbps encryption performance Scenario 4: Managed MPLS VPN Service • Challenge • • Provide lower-cost, larger bandwidth, and richer Highlights • services over MPLS • • Abundant WAN interfaces to connect headquarter with branch offices Enhance service quality and flexibility Key Value • Converged gateway, multiple services over a unified network to lower the cost • Leading forwarding performance, double of Industry • Hierarchical QoS, ensure E2E monitoring capability • Hardware-based QoS, better differentiated services • High reliability, BFD and FRR 84 Contents 1 Challenges of Enterprise Routers in the Cloud Era 2 AR G3, Application Router in the Cloud Era 3 Introduction to AR G3 Series 4 Application Scenarios of AR G3 Products 5 AR G3 Success Stories 85 Australia NSW First Aid Solution Background  New South Wales First Aid Service is a state-owned Australian institution that provides high-quality medical and health care services for 6.7 million people living in an 801,600 square kilometer area.  The institution required a reliable, stable, high performance WAN based on 3G/4G technologies to connect its headquarters with 260 outlets and 1500 ambulances. Solution  Deploys AR1220VWs, AR2220s, AR2240s, and AR3260s to provide ADSL, Ethernet, and 3G/4G dual uplink access.  Employs network quality analysis (NQA) to monitor wireless uplink and define an appropriate QoS policy to improve network stability and ensure nonstop data forwarding on a QoS-incapable network. Customer Benefit  Better network performance than competitors  Smooth switchover of important applications and flexible, efficient link backup  Powerful QoS guarantee without additional fees, network security, and voice services Government 86 Shanxi Province e-Government Network Background  Shanxi Province e-Government Network is the largest network construction project of the Shanxi Province government in recent years. This network connects cities, counties, and government institutions, and provides emergency processing capabilities, public service, resource sharing, service cooperation, ensuring security and reliability. The network must meet the following requirements: 1. The network is highly reliable and provides fast fault detection and switching. 2. Resource sharing and service cooperation are ensured for basic and strategic government information. 3. O&M management is simple and graphical. Provincelevel AR3260 AR3260 Solution  Uses AR3260s on the provincial-level and city-level networks to connect to new province and city government departments and province core routers by binding El lines to form a 8 Mbit/s leased line. AR G3 provides high performance and multi-service access capability, allowing for service expansion on the province-level network.  Connects county-level nodes to city-level core router through the E1 line of the AR3260, meeting high-speed access requirements and providing OA services for county institutions.  Deploys MPLS VPN to implement secure isolation and ensure security of resource sharing and service coordination, and uses eSight NMS and USB-based deployment of AR G3 to implement intelligent operation and management.  Uses hot swapping AR G3 cards and deploys millisecond-level BFD and FRR to improve network reliability. Benefits to Customer  Huawei AR G3 router supports various VPN technologies. MPLS VPN on the entire network implements secure isolation and ensures security of resource sharing and service coordination.  eSight NMS and USB-based deployment of AR G3 implement intelligent operation and management, saving over 35% costs. Government 87 IDC 100M 8M 45 new government departments SDH AR2621 10 Mbit/s backup line 155M AR2621 AR3260 City-level Core router NE40 52 government departments 24 institutions County-level access device New devices for 10M expansion 10 Mbit/s backup line Original city-level network device County-level ISP County-level access device New devices for expansion 10M AR3260 AR Project for Gas Stations of Sinopec Group's Guangdong Branch Background  As business of the Guangdong branch of Sinopec expands and more services are provided, gas stations require higher bandwidth (from 2 Mbit/s to 10 Mbit/s) for OA, billing, surveillance, and other services. The egress routers TP-LINKs on the live network have become the bandwidth bottlenecks on the branch network. Solution  Deploys 2200 sets of AR1220 routers in gas stations of the Guangdong branch. The AR1220 routers provide distributed multi-service processing capabilities through multi-core CPUs and have a high forwarding performance of 450 kpps. Additionally, the routers integrate data, voice, security, routing, and VPN functions, provide various interfaces, and use a carrier-class reliability design to guarantee 7x24 service. Gas station AR 1220 Eth Benefits to Customer  Good forwarding capability and powerful service processing capability of AR1220 routers meet service requirements, and there is sufficient access capacity for service development in the future. Energy 88 WLAN One-stop Outlet Solution for Industrial and Commercial Bank of China (ICBC) Background  ICBC outlets are transitioning from simple banking transactions stations to multifaceted service marketing centers. Customer-centered, real-time, and customized financial services bring in changes of network applications in outlets. Based on traditional real-time services and OA applications, outlets need to provide unified communications (UC), cooperation, digital media advertisements, and high-quality video services.  ICBC requires a high-quality network that provides more and better multimedia services and ubiquitous access to support this transformation of outlets. Bank outlet Solution    Deploys NE series routers at branches and AR G3 routers at outlets to provide ubiquitous network access. A wide variety of products can meet the needs of outlets of all sizes. Uses IPSec to encrypt production and office data, protecting enterprise information security. Uses BFD between branches and outlets to detect faults in milliseconds and implements network switchovers to provide uninterrupted services. AS Eth/FXS Eth AR G3 IPSec VPN WLAN Benefits to Customer Based on its capability in WLAN, wireless, and 3G data card, Huawei provides customers with high bandwidth, highly reliable, and stable wireless and mobile outlets that allow delivery of bank services far and wide. Finance 89 WAN Branch NE series routers AR G3 Helps CTDI Implement Inter-Country Communication Background  China Third Design Institute (CTDI) is subordinate to China Machinery Industry Group Co., Ltd. (SINOMACH), and its headquarters is located in Chongqing. With business development, it establishes branches outside China, such as Laos.  Voice traffic is frequently transmitted between the headquarters and the branch. Because international lines are used to transmit voice traffic, the cost is high and voice functions are limited. CTDI is in need of new devices to improve communication efficiency and decrease international communication cost. Solution  Deploys AR2240s as IP PBXs in the Chongqing headquarters, and deploys AR1220Vs as IP PBXs in the Laos branch to implement VoIP services between the headquarters and branch using SIP trunks over the Internet.  Adds only subcards and IP phones to cope with increasing service requirements due to the extended enterprise scale. Benefits to Customer  Provides abundant services including teleconference, voice mailbox, IVR, call waiting, call forwarding, call transfer, secretary service, and remote office.  Has low costs and is easy to deploy.  Decreases costs for inter-country communication to 10% of the original costs.  Uses industry-leading VPN and IPSec plans to ensure call and communication security.  Deploys HQoS to implement service guarantee.  Uses whitelist and blacklist technology to authenticate terminals, preventing resource wastage and malicious attacks. Large enterprise 90 Vodafone OneNet Project Background  The OneNet global program was set up with the objective to “Deliver a consistent set of differentiated multi-media services to wholesale, business and residential customers, Huawei ARG3’s: “AR1220 fully tested by Vodafone, and scored extremely good in their test lab beating Cisco‘s SRP 547 independent of last mile copper / fiber or other access media delivery. Deploy a network that delivers a clear path to common core infrastructure, allowing FMC services and the reuse of core infrastructure for mobile and fixed”. Huawei Solution  Huawei provide all-in-one CPE router AR G3 with full support of build-in voice, high speed internet access, WIFI/3G/4G wireless access solution, abundant interfaces and Zero-Touch O&M Solution to simplify the network design and service launch. Vodafone Operators CPE Management Fixed Mobile Convergence Network Application Server IMS HTTP(S) CSCF Benefits SNMP/TR-069 SBC SIP Access and Transport Network Vodafone IP core Network Corporate Network Internet Vodafone Access Network DHCP Server . ATA  Provide Voice, Internet, VPN, Security services only by one-box, and Vodafone can expand services easy and quick.  Because of the good interoperability with existing vendors equipments, a lot of interoperable test and version development work can be saved. FAX WiFi WiFi Laptop Web Server Desktop Resale 91 Ip phone PBX BT-GS Carrier Enterprise Business Huawei ARG3’s: “Extremely tested in 5 different scenarios, performance is around 50% higher than current vendor equipment”. Background      Lower cost of managed WAN/LAN service, increase cash flow Rich LAN/WAN service involved, Global application Third partner OSS integration to realize zero-touch management Expand new services Do you believe that it is better? Huawei Solution  Delivering since second quarter 2011 All-in-one multi-service WAN/LAN products  ARG3 routers can be integrated with several third partner OSS systems, to provide effective support.  Establishment of B2B platform simplifies customer orders, service process Benefits  Improve financial figures: cost reduced and cash flow increase  Good interoperability with current suppliers, less effects of vendor change enterprise customers  Uniform OS, reduce the configuration complexity and maintenance CAPEX  Fewer device types, satisfying several application scenario  Support Zero Touch, Plug and play Resale 92 on the HUAWEI ENTERPRISE ICT SOLUTIONS A BETTER WAY Copyright © 2013 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice.

幻灯片 0 - Actfornet

Rating

Date

Size

Views

Categories

Share

Transcript

Forgot your password?.