Solutions | Network Virtualization
Allied Telesis provide virtual customer networks
over shared Ethernet infrastructure
Solutions | Network Virtualization
Today’s building management companies can derive revenue
from their commercial tenants by providing facilities beyond
just floor space. Reliable and secure network connectivity and
data storage services are now highly attractive to commercial
tenants. However, when your company manages a multiple tenant
building – this could be a shopping mall or office block – how
do you provide these services securely, affordably, and simply?
They key is to be able to build a single network infrastructure
through the building, and then allow the individual tenants
to overlay their own virtual networks over this shared
infrastructure. Moreover, it is vital that you achieve this
network vir tualization securely. Individual tenants need to
be 100% confident that their virtual network is completely
invulnerable to snooping or infection by other tenants.
In addition, to meet your network management needs the
infrastructure must be resilient, scalable, and simple to manage.
Allied Telesis have developed a combination of products and features
that provide remarkably secure, reliable, high-performance virtual
network infrastructure at extremely cost-effective price points.
Virtualisation
The key component in this solution is the standards-compliant
VLAN encapsulation (known as VLAN double tagging or QinQ).
This makes it possible for each tenant to have their own
complete VLAN structure overlaid onto the physical network,
running parallel with every other tenant’s VLAN structure,
even if they are using the same VLAN IDs as other tenants.
Each tenant is assigned a unique encapsulating VLAN, which forms
their own vir tual tunnel right across the whole shared network.
On the shared segments, each tenant’s data runs within its own
tunnel, completely separated from anyone else’s data, with no
possibility of cross-over from one virtual network to another.
Resilience
Allied Telesis premium ring resiliency technology, Ethernet Protected
Switching Ring (EPSR), has been developed and hardened in
demanding Service Provider and Telco sectors. This technology
provides true carrier-class network resiliency, and has been made
available on Allied Telesis switches at an Enterprise-level price point
with absolutely no drop in reliability or performance.
The layout of typical commercial premises, such as office blocks,
shopping malls, and airports, lends itself to the use of a core ring of
switches as a high-speed backbone of the network infrastructure.
This highly resilient network technology is perfect to overlay
multiple virtual networks for many tenants or clients, where
everyone benefits from the maximum network uptime and high
bandwidth provided.
More information on using EPSR in enterprise applications can be
found in the “Resilient Networking with EPSR” technology solution
available here:
http://www.alliedtelesis.com/resources/literature/literature.aspx?id=5
Other features such as excellent network storm control and
prioritisation of network control traffic also contribute to creating
extremely high network availability. Add switch hardware features
like dual hot-swappable power supplies, and continuation of services
is all but guaranteed.
Security
Allied Telesis switches combine leading LAN security with
comprehensive privacy protection to ensure complete
security for end-customers who vir tualize their LANs
over a shared physical infrastructure. More information
on the advanced LAN security features found in Allied
Telesis switches can be found on our website:
http://www.alliedtelesis.com/solutions/category.aspx?5
The IP-binding and Private VLAN (using MAC-Forced Forwarding)
implementations in Allied Telesis products have been developed
to meet the stringent user privacy and data security requirements
of Service Providers. Private VLANs ensure that no traffic from a
switch port can be seen from another switch port. The addition
of MAC-Forced Forwarding adds fur ther security by sending
all traffic only to a specific known destination, making snooping
on your neighbour near impossible. Commercial tenants can
be fully confident that their privacy and security is ensured.
2 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
Ne t w o r k re s i l i e N c y so l u t i o N s
| VCStack + Link aggregation
Performance
As the corporate world comes to rely more than ever on
Information Technology resources and applications, a high
performance, high availability infrastructure is vital. An EPSR ring at
the core of the network provides these performance benefits:
High bandwidth: An EPSR ring can run at up to 10Gbps (or ■
multiples of 10Gbps), utilizing today's fastest Ethernet standard
for maximum data throughput.
Immediate access: Seamless connectivity via voice, video, or ■
email is maintained, and network servers are accessible with no
delay.
High availability: With no single point of failure, continuous ■
access to critical business data and network resources is
maintained.
Application versatility: High bandwidth and ultra-fast failover ■
lend themselves to multiple applications simultaneously using
the network. Real-time applications like surveillance, video
streaming and voice over IP can be used right alongside data
and Internet access.
The Allied Telesis SwitchBlade x908 and x900 series switching
fabrics provide extremely powerful and reliable forwarding engines
over which to lay the network infrastructure. All Layer 2 and Layer
3 forwarding, traffic filtering, data encapsulation, traffic prioritization,
and network storm protection are carried out at wire-speed on all
interfaces with low latency.
Scalability
The flexibility of the SwitchBlade x908 and x900 series switches
makes network expansion incredibly simple. The modular chassis
design, coupled with the hot-swappable interface modules, mean
that it is possible, for example, to upgrade the bandwidth of the
core ring with absolutely ZERO downtime.
Similarly, as client device numbers increase, new sets of clientfacing ports can be hot-swapped into the chassis, and new clients
connected, with no service disruption.
The advanced design of the switching hardware provides a platform
that will not be obsolete for many years to come. The hardware is
already completely IPv6 capable. The Layer 2 and Layer 3 forwarding
table and hardware ACL table capacities are measured in the
thousands – this is a platform that is well able to support major
network and service expansions, and network technology advances.
Solution overview
The virtualization of a single physical network infrastructure (seen
in Figure 1) can provide a real private network for a number of
different tenants. By using VLAN encapsulation over an EPSR ring,
and deploying Allied Telesis secure LAN switches, this network is
resilient, secure, scalable, and high performing.
As well as providing these core data storage and Internet services,
Allied Telesis switch technology allows you to make additional
services available to tenants.
A combination of a Power over Ethernet (PoE) access layer with
the high-speed shared core is ideal for having a video surveillance
network overlaid on it. Multicast streams from multiple cameras
attached to diverse locations on the network are carried back to a
central control centre via a dedicated video VLAN that is laid across
the physical network. Camera control signalling is also transported
in this same VLAN.
A separate virtual Voice over IP (VoIP) network can also be
provided for multiple tenants, providing them with the many benefits
that advanced VoIP systems have to offer.
Figure 2 shows VoIP and Video sur veillance vir tual networks
overlaying the physical network infrastructure.
3 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
Solutions | Network Virtualization
SwitchBlade
x908
Data
Center
AR750S
Router
Internet
x900-24XT
x900-24XT
VLAN 3
Tenant 1
VLAN 2
VLAN 3
VLAN 4
Tenant 2
Tenant 3
Tenant 4
Tenant 1
Tenant 2
Tenant 3
Tenant 4
VLAN C
Service
VLAN A
Management
VLAN B
Sales
x900-24XT
The tenant’s VLAN structure is
encapsulated in a single QinQ
VLAN for secure high speed
access across their own ‘virtual’
network to other office space,
the data center and Internet.
VLAN 3
Tenant 3
VLAN 1
Figure 1: Secure virtual networks over a single physical infrastructure
4 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
Ne t w o r k re s i l i e N c y so l u t i o N s
x908
Data
Center
x900-24XT
x900-24XT
Tenant 1
8624PoE
Tenant 2
Tenant 3
Tenant 4
8624PoE
8624PoE
8624PoE
IP PBX
PSTN
Gateway
Secure virtual voice
and video networks
overlaying the
physical network
Public Switched
Telephone
Network
Tenant 3
8624PoE
VoIP virtual network
Video vir tual network
| VCStack + Link aggregation
Summary
Figure 2: Secure virtual voice and video networks
By ensuring always-available online applications and resources, and total security of data for tenants, building management companies can
offer advanced network technology solutions to prospective tenants as a real value-added service. The addition of VoIP phone systems and
video surveillance for building security simply makes the value proposition offered outstanding.
Tenants receive the best in leading edge networking and data services without the large capital outlay required to build a complete physical
network themselves. They can also be confident in their choice of location, with leading-edge IP multicast building security ensuring 24/7
surveillance of their premises.
High performance networking made available with the Allied Telesis network virtualization solution.
5 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
Solutions | Network Virtualization
Products
The following Allied Telesis advanced switching products are
highlighted in this Network Vir tualization Solution
SwitchBlade® x908
SwitchBlade x908
Advanced Layer 3 Modular Switch
8 x 60Gbps Expansion Bays ■
x900 Family
x900-24XS
2 x 60Gbps Expansion Bays ■
24 x 100/1000BASE-X SFP ports ■
x900-12XT/S
1 x 60Gbps Expansion Bay ■
12 x combo ports (10/100/1000BASE-T copper or SFP) ■
AT8600 series
AT-8600 Series
Layer 3 Fast Ethernet Switches
AT-8624T/2M
24 x 10/100BASE-T ports ■
2 x Uplink Module Bays ■
x900 Family
AT-8648T/2SP
x900-12X and 24X Series
Advanced Gigabit Layer 3+ Expandable Switches
x900-24XT
2 x 60Gbps Expansion Bays ■
24 x 10/100/1000BASE-T (RJ-45) copper por ts ■
x900-24XT-N
48 x 10/100BASE-T ports ■
2 x SFP ports in combo with 2 x 10/100/1000T uplink por ts ■
(RJ-45)
AT-8624POE
24 x 10/100BASE-T ports with PoE ■
2 x Uplink Module Bays ■
NEBS Compliant
2 x 60Gbps Expansion Bays ■
24 x 10/100/1000BASE-T (RJ-45) copper por ts ■
6 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
Ne t w o r k re s i l i e N c y so l u t i o N s
| VCStack + Link aggregation
About Allied Telesis Inc.
Allied Telesis is a world class leader in delivering IP/Ethernet
network solutions to the global market place.We create innovative,
standards-based IP networks that seamlessly connect you with voice,
video and data services.
Enterprise customers can build complete end-to-end networking
solutions through a single vendor, with core to edge technologies
ranging from powerful 10 Gigabit Layer 3 switches right through to
media converters.
Allied Telesis also offer a wide range of access, aggregation and
backbone solutions for Service Providers. Our products range from
industry leading media gateways which allow voice, video and data
services to be delivered to the home and business, right through
to high-end chassis-based platforms providing significant network
infrastructure.
Allied Telesis' flexible service and support programs are tailored to
meet a wide range of needs, and are designed to protect your Allied
Telesis investment well into the future.
Visit us online at www.alliedtelesis.com
7 | Allied Telesis Solutions: Network Virtualisation www.alliedtelesis.com
USA Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895
European Headquarters | Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91 69769.11
Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830
www.alliedtelesis.com
© 2008 Allied Telesis Inc. All rights reser ved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. C618-31009-00 Rev. A
Loading...