Do enterprises and other organizations need a CDC-like entity to help them in their fight against cyber attacks?
The Society for Information Management (SIM) thinks they might. Madeline Weiss, director of SIM’s Advanced Practices Council (APC), said the group is evaluating whether it’s time to create what she terms “a CDC for cybersecurity,” modeled after the U.S. Centers for Disease Control and Prevention. To that end, an APC task force last month drafted a proposal for such a body, dubbed the CIO Coalition for Open Security. Its goal? To create a framework in which companies can work together, across industries, and share information about malicious cyber activities—much like the CDC collects data and issues bulletins about outbreaks and other health-related developments to the nation as a whole.
The APC is no slouch. The council comprises 33 senior IT executives, most of whom are CIOs employed by large multinational corporations and government agencies. Although the APC usually acts behind the scenes in an advisory capacity, the cybersecurity problem is so critical that the group has been spurred to action, Weiss said in an interview conducted at SIM’s annual meeting in Denver earlier this month.
A large part of that push came from David Bray, CIO of the U.S. Federal Communications Commission, who recently spoke to the group in his capacity as a guest lecturer at Oxford University. Bray delivered a dim and “extremely scary” scenario of the future of cybersecurity, Weiss said, followed by some ideas about what the industry can do about it.
“He made the point that no one organization, no matter how big they are or how well-equipped, can solve this problem,” Weiss said. “He said success is dependent upon collaboration and openness–open in the sense that there is sharing of attacks, and that there is sharing of potential, of possibilities and observations and solutions and that there should be sharing within private, public and governmental sectors.”
Similar efforts exist within other sectors, most notably in the pharmaceutical industry, where Eli Lilly’s InnoCentive acts as a repository of crowdsourced solutions aimed at tackling unresolved R&D problems. Such an approach for cybersecurity, Weiss argued, could be equally beneficial, providing companies with early-warning information and other data they need to thwart attacks. In addition, a CDC-like organization for cybersecurity could connect security problem solvers with those experiencing security issues. For example, it might be able to produce a map of distributed denial of service alerts or act as an information clearinghouse.
“Working together, we can address this issue,” Weiss said. “Working alone, we probably can’t.”
The next step is for the APC to sketch out the framework that would support the coalition, including soliciting volunteers who would lead the initiative.
“Members have done some investigation and learned that there are [similar] activities in various industries, but they seem to be staying within their industries — in other words, lots of silos,” Weiss said.
“We plan to sponsor research that will help us understand who the current key players are and determine what has worked and what hasn’t,” she added. “We then anticipate pushing for combining efforts where feasible to facilitate broader and more open sharing [of information].”
In line with our MPLS layer 3 content production, we have created a step by step guide to VPLS VPN procurement. Request the Techtarget version of our Mindmap here. Once requested, read on as we attempt to explain how enterprise organisations are benefiting by leveraging VPLS network capability for data centre, cloud and site to site connectivity.
Organisations should never be forced into a features and benefits conversation with their prospective service providers. The majority of network designs produced by our BT Business partnership surrounds hybrid technologies, perhaps VPLS across data centres, layer 3 MPLS at branch sites, fibre services within the core and IPSec / SLL for remote users. In certain sites, it makes sense to deliver a layer 3 capability, in others (such as data centres) VPLS is the clear option to deliver capability. In metropolitan areas, fibre is always a good option. This kind of features and benefits sales approach will result in missed requirements and essentially a MPLS or VPLS network solution which is not fit for purpose.
The mindmap examines in detail the process and considerations to make vs your own business requirements. The overall complexity is dependent on not only your requirements today but also those which need to be predicted in the future. The IT team’s work is becoming more critical than ever to communicate needs as globalisation, security, application performance, user productivity and disaster recovery is driving a critical reliance on WAN connectivity. The ultimate goal, as ever, is to maximise uptime of resources and plan for scenario’s which are unlikely but would impact the business in a major way. The WAN may appear as though innovation is fairly stagnant, we don’t hear too much in the way of significant evolution and buzz around WAN connectivity. However, applications are evolving faster than they ever have before due to enhanced productivity, different ways of working and a desire to achieve efficiencies and this a competitive edge.
What is VPLS Ethernet
Virtual Private LAN Service networks provide the ability for companies to create a LAN structure between geographically separate sites. The traditional and default choice for IT Management is generally considered to surround layer 3 VPRn (Virtual Private Routed Network) – known as MPLS in the market place. We believe the growth of VPLS services is driven by the ubiquitous access of Ethernet coupled with private cloud based services. We will go on to to explain more about our findings later.
The key benefits of VPLS solutions surround a number of key points.
Perhaps the most popular discussion surrounds the ability to extend data centre connectivity (or essentially sites which contain resources) across geographical separation. The dream is to deliver global or national connectivity whilst maintaining a base level of configuration and thus avoiding IP address reconfiguration which is required with layer 3 networks (MPLS – Virtual Private Routed networks). We are aware that globalisation is growing with data centres located in far flung locations, the challenge of deploying applications is made easier with VPLS layer 2 WAN services. A VPLS solution will extend the deployment of your server clusters into different data centres protecting against major disruption.
In another scenario, service providers and enterprises often do not meet in terms of requirements vs capability. There are some businesses which are reluctant to allow a service provider access to their layer 3 management and routing, Perhaps the organisation is needing to serve an unsupported protocol which the service providers will not transport. In this example, the ability to layer on layer 3 is a clear advantage for VPLS based connectivity.
It would be remiss not to mention VLL (Virtual Leased Line) services as they are closely related. VLL’s are designed to emulate point to point / multipoint fibre connectivity across an MPLS core network. The benefits are clear since MPLS provides the reach and emulation for circuits which would otherwise be too great in distance for dedicated fibre provision.
VPLS provides any to any connectivity using pseudowires – Virtual Ethernet circuits provisioned as a full mesh topology
VLL – point to point or multipoint Ethernet pseudowires
A pseudowire is essentially point to point emulation of Ethernet.
One important distinction to make: VPLS is an evolution in terms of capability which is built and created on the shoulders of MPLS core networks. The majority of IT managers believe that VPLS is somehow a different platform to MPLS but the reality is, MPLS core networks are the foundation for layer 2 connectivity. In other words, todays MPLS networks facilitate layer 2 and layer 3 connectivity.
Prior to VPLS becoming a mainstream technology, organisations were not only limited by distance related issues across layer 2 fibre but also dedicated high speed data circuits equalled high costs. The telco’s already owned significant core networks with layer 3 capability, the addition of a layer 2 VPN capability made sense.
Some serious benefits to consider
An organisation with a private cloud (their own hosting facility) requires further virtual servers on the same LAN segment. However, space is running out fast. In this scenario, a further data centre could be added with a connection into VPLS. Once connected, further virtual servers are able to be installed which will appear on the same connected LAN as the older full data centre facility. The plus point is clearly demonstrated to surround seamless LAN connectivity. The added benefits of a geographically separated site surrounds disaster recovery and resilience since the loss of a DC will ultimately partially remove some connected hosts but not all of them which offers greater uptime.
You have the desire and capability manage your own routed network. As the name suggest, the procurement of VPLS is at layer 2 which leaves layer 3 routing to be setup as required. Service providers set a base level of capability for MPLS.
We worked with a client recently which had decided to implement a cloud server cluster strategy for redundancy and scalability. With each cluster needing to reside in the same VLAN and network but with geographical separation for further redundancy, the organisation looked to VPLS. which enables extended VLAN. In addition, their data centres were encountering issues with power and cooling. The addition of a further datacenter allowed the client (as per point 1)
Consideration of VPLS vs MPLS
VPLS is built using a service provider product term called EVC’s (Ethernet Virtual Circuits). This is a marked difference when making a comparison to MPLS. The use of EVC’s is perceived as a scalability issue since, as network grows, the network performance may be impacted meaning there is an ultimate ceiling in terms of how many EVCs each provider router may support. The majority of providers will brush over scalability since their core networks are, over time, increasing in their ability to scale which increases their ability to support greater EVC’s. In the majority of cases, there is no need to worry or be overly concerned but clarity should always be requested depending on which provider readers are considering. On the counter point, MPLS (or rather layer 3 routed networks) are truly connectionless from the perspective of scalability.
VPLS network terminology
As I have previously mentioned, VPLS is a layer 2 VPN across an MPLS core network. When considering providers, procurement teams will often be faced with acronyms such as PE or P which refer to the edge and core devices within a network.
The PE device refers to the Provider Edge which is essentially the edge node into a service providers network. IT Managers are advised to understand the true PE capability of prospective service providers since PE coverage determines scale and diversity options. The P device is the ‘Provider’ core aggregation devices within the centre of their network used to scale the MPLS core network.
Some thoughts regarding VPLS network procurement
In general, VPLS is sold as an unmanaged service with Ethernet handoff. With this said, in some instances, the provider will offer a managed service whether this is based on a Layer 3 switch or a router. As with any WAN procurement project, the advice is to carefully consider the service capability vs your specific requirements. The Mindmap not only details some of the specifics of VPLS but also the key vectors we know to matter across application performance, uptime, topology, strategy and budget. In general VPLS services should be viewed in the same way as the more traditional layer 3 from the perspective of SLA which includes latency, jitter and uptime guarantees. Clearly an unmanaged service creates a very different adds, moves and changes process vs managed services. The typical approach when making changes is often surrounded by ‘clunky’ processes which creates delay. One of the real plus points of VPLS, as we have mentioned within this article, is the ease of self managed services. We are seeing growth within the managed services sector where organisations are outsourcing the management to specialist organisations which overlay their services with the providers supplying the connectivity. This, we believe, is a major shift in thinking since the traditional approach is to use a single provider for connectivity and management. VPLS is creating an environment of adoption which creates a little more freedom when considering how to manage services on an ongoing basis.
All of the concerns surrounding MPLS procurement are essentially the same when considering VPLS. We are in effect talking about layer 3 vs layer 2 which both using an underlying MPLS core network.
We have written a fair amount of content on WAN procurement, both MPLS and VPLS but the core of our approach remains the same. It is clear that organisations which achieve better outcomes when they are able to align their business specifics vs the service provider capability. In short, if you consider applications (as an example), our approach to execute WAN procurement involves understand how the application performs today but also how performance may be increased to improve productivity. In some instances, improving application performance may not relate to the technical aspects of a capability but perhaps admin tasks such as adds, moves and changes. As organisations begin to understand how each provider might provide a capability which adds a competitive edge, the WAN becomes and enabler rather than the typical bottleneck.
VPLS is a growing technology which, in part, is due to the emergence of cloud based solutions, whether private or public. Server clusters often require geographical diversity, VPLS networks add a unique capability here. The ability to add, remove servers as required across a layer 2 Ethernet WAN with any to any connectivity. The simplicity of layer 2 is now available across the WAN offering seamless connectivity on a Global basis. As a counter point, layer 3 services offer an out of the box routed network supporting a standard capability. As I wrote toward the beginning of this article, we are finding most project result in a hybrid approach for design. This means that VPLS is a another building block for organisations to use in their pursuit of connectivity and cloud excellence.
Some time back, we decided to distill all of our experience and knowledge of IP VPN MPLS – Virtual Private Network – procurement into a single step by step Mindmap. Available for free, the Mindmap is a great way to align your business across applications, strategy and budget with the service provider market place.
We have adapted our BT Business version for Techtarget and created a specific IP VPN version << access your copy now.
IT Managers within UK and Global organisations are becoming paralysed by the fear of WAN service provider change. And I totally understand why. How do IT Managers force transparency and align their business specifics?
I now have approximately 16 years experience within the presales arena, designing and proposing MPLS (formally Frame Relay and ATM back in the day) for global organisations. Today, I head up a BT Business Partnership specialising in the design and proposal of WAN connectivity. Over the years, technology has changed from legacy WAN services to the newer feature rich Ethernet MPLS and VPLS capability offered by service providers. However, the one area which has remained pretty stagnant is the sales process. When I say sales process, I am talking about how telco’s, VNO’s, resellers and so forth align the specifics of your business across applications, strategy, topology, cloud and budget with the goal of creating a fit for purpose design. During the years from 1998 to 2009, I (and members of my Global team) witnessed what we consistently referred to as ‘typical issues and problems’. On some occasions, these problems were simply frustrating but on other counts, they were totally detrimental to the business and were the cause of downtime and poor user productivity. We established that these issues were down to process. If we could design a workflow which considered each critical area of a business and used the data to create new designs, we could help businesses to understand strengths vs weaknesses within their IP VPN MPLS design. The Mindmap offered at the start of this article is our sales process used within our BT agency at NU.
Today, the IP VPN must be an enabler to your business and not a bottleneck, especially if you are moving to a new MPLS or VPLS service provider. With IT Managers essentially responsible for service provider selection, it really more than their job is worth to make a catastrophic decision. In the most part, service providers all have a fundamental capability to deliver network capability. So where does it go wrong?
Let’s discuss a few of the areas we find are often problematic.
IP VPN MPLS Coverage and Reach
The challenges are different but similar for Global or National organisations. Within the IP VPN UK market, understanding the true reach and coverage of your prospective service provider is often difficult to uncover. With many resellers and MPLS providers claiming 98% coverage of the UK, how do you understand true IP VPN MPLS capability in terms of reach? MPLS edge nodes are known as Provider Edge devices (PE) – it is the PE nodes which defines true provider coverage. When discussing reach with potential providers, ask to see their true PE coverage which will let your organisation understand reach. When dealing with Global providers, the same question regarding PE coverage should be asked. However, Global providers are normally more transparent with regards to their specific in-country coverage. BT coverage examples here.
The Cloud component
Some would argue that the cloud has been a feature before the buzz and branding of cloud based services started. Whether or not you feel this is true, the cloud has become a productised service across IaaS (Infrastructure as a Service) and PaaS (Platform as a Service). The productisation is driving take up of services which are either managed within a private cloud or outsourced to public based cloud services. In ether instance, the WAN is a key component in terms of access performance which will be governed by bandwidth vs latency vs uptime.
Single tail circuit provider or multiple?
The question of whether to use providers which deal with a single tail provider or multiple providers only applies to national based services. Using BT as an example, the retail business partners with Open Reach to provide tail circuits. Whereas other service providers will use multiple wholesalers, i.e. Open Reach, COLT, Virgin etc. The decision here surrounds whether or not you have confidence in the providers ability to manage multiple providers. Readers should note that tail circuit provision is often the most difficult component to manage in terms of keeping track of delivery milestones, surveys and handover. If your organisation is Global, multiple tail providers will always be leveraged since no one single supplier is able to cover the globe in terms of wholesale tail provision.
Resiliency and Diversity
Maximising IP VPN connection uptime is critical, especially if you are hosting cloud based resources. And lets face it, whether private or public, which company isn’t? There are many misunderstood areas when considering how to achieve the best possible uptime. The first common mistake we see is when service providers suggest that by using two wholesale tail circuits, your site will gain the best possible diversity.
However, neither service providers knows or has access to the other providers tail circuit reach. Whilst it very much appears be good common sense that two providers would offer diversity, their tails will often route over the same paths to the local exchange resulting in single points of failure everywhere. Not the desired outcome. To avoid this scenario, organisations are advised to order a true diverse and resilient product from a single provider. Using BT as an example, their Secure Plus product takes two circuits and plans for no single point of failure. In some cases, there will be pinch points but a site survey will inform your business where these points of failure exist and potentially allow you to remove them for additional cost.
Fig 1 – BT Secure Plus – maximise your users uptime
Service Level Agreements – Uptime, latency and jitter
The percentage of IT Management which buy services based on an SLA is high. We always advise our clients to use the SLA as an indication of performance and not to engineer any design based on the figures included. As an example, latency will often only include the providers core network performance. First, if your organisation is considering Global MPLS or VPLS, the distance between your site and and the nearest POP (Point of Presence) will add further delay. When deploying delay sensitive applications, clearly every ms (milliseconds) counts when your business is getting close to the latency limits of voice or video. Understanding the distance between your office site and the providers edge node will provide a good indication. On occasion, for global clients, the service provider may not be able to reach certain locations. In this instance, an NNI (Network to Network Interconnect) might be used to bridge the missing location. IT Managers must consider how any NNI would impact latency and jitter together with any restrictions in terms of maintaining Quality of Service throughout. Second, national. The challenges are certainly less when looking at national based providers (e.g. UK or US) since the latency and jitter are fairly predictable. In terms of uptime, the SLA should largely be an indication of the providers overall performance. The section of diversity and resilience explains more about the science behind this area of design.
Application performance and Statistics
Understanding the applications within your organisation is completed either via using existing statistics or via an audit. The majority of IP VPN MPLS WAN providers are offering end to end statistics which include application performance reporting, usage and downtime. However, all too often, a legacy WAN may not include this level of performance insights. Whether you decide to engage professional services to complete the audit or stats are actually available, documentation of applications and their current performance is critical to understanding where improvements or risks exist. In some instances, applications will move to cloud based environments away from self hosted infrastructures which means predictions must be made to understand performance. The past trends of applications from the perspective of latency and uptime provides some real insights into the network including both technically and may also pin point service issues. As an example, there may have been a period of downtime or slow performance on selected IP VPN connections. How did the business react to these issues and how did your existing service provider manage the support process. What improvement and could be made based on lessons learned.
Everybody recognises Visio network drawings. You know the ones we are talking about, fluffy cloud, sites hanging off with lightening connecting you to the network. How often are these Visio’s up to date? In my experience, not too often. We have witnessed network diagrams which are being used as points of reference for support which are years out of date. Our experience suggest that drawings should be used as a point of high level reference, an at a glance view of the network infrastructure. The actual granular data and references are better represented using a live portal systems such as Netflow where the information, references, stats and support information are shown with the most up to date clarity. Ask any prospective supplier how they ensure the very latest service information is presented to you since this area of capability has a profound impact from a support and change perspective.
Setting expectations and Project Management
Sales teams are eager to make a sale and will often be a little over confident with regards to installation dates. Depending on your project timescales, setting your managements expectation regarding delivery timescales is critical. The reality of the time taken from order to delivery is somewhat different depending on each site location and the type of product ordered. In addition, readers should note that the actual lead time clock does not begin until orders are placed and accepted on the service provider systems. In the lead up to order placement, there is a fair amount of work to do in order to populate your IP addressing, application IP VPN QoS (Quality of Service) requirements, installation demarcation points, routing and overall design requirements. Without a fair amount of work up front, this part of the project may take days to complete which further impacts timescales. We advise due diligence to ensure the information is factually correct and no errors are created between documenting these requirements and entering the data on order management systems. The whole process should be project managed in order to ensure tasks are fully documented and associated risks are highlighted. As with every resource, PM capability is dependent directly on their experience working for similar organisations to your business. In this respect, we advise meeting with your allocated PM resource before signing any contracts. The indecision of IT Management when deducing whether to stay with an existing provider or move to a new WAN infrastructure is largely due to pain of migration. Even with great workflows and attention to process, moving supplier is, like moving home, a stressful experience. This said, in order to leverage new capabilities, service levels and performance enhancement, migration is necessary. With a good process which distills the risks and pain points, IT Managers are able to align their resource with project management to complete the tasks required.
Adds, moves and changes
If you or your team have ever been at the mercy of simple change requests taking weeks, you will understand the pain caused by a bureaucratic change control process. Thankfully, slow change requests are becoming less prevalent as providers catch up with the need to quickly but accurately implement changes. However, simply changes should take no more than 48 hours as a rule in order to provide the agility required for your business. In certain circumstances, urgent change requests may be required which could be chargeable. Whether there is a cost associated or not, readers are advised to understand the overall process here.
Lastly for this article, we are going to look at due diligence. We mentioned earlier within this article that IP VPN service providers often do not focus enough on their clients during contract. And yet, the contract term is where any organisation is given the opportunity to perform long term and retain business. When we talk about due diligence, we refer to trend reporting, review meetings, technical workshops, SLA breach reports and so on. We would advise prospective buyers of IP VPN MPLS services to consider their providers workflows throughout contract.
The term IP VPN used to be the catch all term for IPSec implementations where sites would be secured using encrypted tunnels across the Internet. However, today the term is used to capture requirements for MPLS VPRn (Virtual Private Routed networks) and secure Internet IPSec implementations. IPSec very much still has a place within IP VPN procurement since mobile users require access to the network.
Other links: IP VPN Costs
Wi-Fi connectivity is a great luxury to have in public places to power your favorite app, but what if your life-saving medical device relied on the wireless LAN to work?
Hospitals are using wireless devices and equipment — ranging from small patient monitoring sensors, to pharmacy inventory systems, all the way to large imaging systems — to care for patients. Needless to say, reliable, consistent Wi-Fi connectivity has become a critical network asset, rather than just a “nice to have” feature for many healthcare facilities.
As the Internet of Things (IoT) gains traction, Wi-Fi vendors are working to ensure they can offer their customers the functionality and management tools they’ll need to support the influx of Wi-Fi-enabled devices requiring network access and attention from IT. “It’s clear that for a lot of our customers, more devices are ‘turning on,’ or requiring network access, rather than just the typical user devices people are carrying in,” said Bruce Miller, vice president of product marketing for Xirrus, a Thousand Oaks, Calif.-based Wi-Fi vendor.
Healthcare certainly isn’t the only industry grappling with supporting IoT devices. However, most other verticals aren’t faced with the challenge of supporting devices that are saving lives. Xirrus is currently working with healthcare customers, as well as customers that develop Wi-Fi-enabled medical tools and devices for the IoT. Miller also highlighted some of the wireless LAN design considerations enterprise IT teams supporting IoT devices should know.
Right out of the gate, many medical devices aren’t easy for IT teams to support. This equipment often comes with low-end wireless cards because they don’t have high bandwidth needs — especially in the case of a sensor that is reporting patient data, not streaming live video. Additionally, healthcare environments are also very “noisy” from an RF and coverage perspective, Miller said. “There are a lot of devices than can interfere [with Wi-Fi signals] – we’ve even heard of up to 20 devices in one patient room,” he said. “The number of devices is getting extreme, and in some situations, that can pose a lot of challenges.” Most healthcare facilities are also filled with many small rooms with a lot of walls that cut signal strength down, and radiology labs with metal-coated walls that are difficult to penetrate, he said.
Xirrus is encouraging its healthcare customers to design for dense environments by deploying direct, in-room Wi-Fi close to the client. This means more access points are needed in an IoT-enabled environment.
Once the wireless LAN has been bolstered to address the sheer number of devices that need support, IT must be able to understand and identify all Wi-Fi-enabled equipment in their environment, Miller said.”It’s key to be able to separate out what kind of device something is, what it does, how it operates differently from another kind of device, and lastly, how it [needs to be] supported,” he said. “We’ve been doing this for a while — helping customers understand the difference between a laptop, tablet or phone, so now it’s just extending that visibility further.”
In addition to understanding what the device is, IT has to be able to make sense of the data coming from the device in an intelligent way. Then, the information must go to the right place, like patient stats to a monitoring nurse or physician or alerts to IT if a device has been moved or stolen, Miller said. “We’ve had to look at the health of…a greater variety of clients, and put those capabilities into our systems to allow IT to troubleshoot,” he said. If a device keeps disconnecting and reconnecting, or generating a lot of errors, Xirrus’ network management tools can monitor those network health stats and provide alerts to IT. “Sometimes, it’s as simple as updating a driver or software on a device, or maybe [the device] is in a bad coverage area, and IT needs to know about that, too,” he said.
Wireless LAN design and deployment has changed dramatically over the years, and they also can vary by industry. “On our side, we’ve turned our procedures and best practices upside down from what we used to do just a few years ago…We also base our products on upgradable hardware so business don’t have to roll out a whole new set of products when things change in their environment,” Miller said. “We recommend higher signal strength everywhere, 5 gig everywhere, and being able to support an adaptable infrastructure that can conform to new requirements.”
If your idea of obtaining good MPLS costs is to throw a spreadsheet of sites together and hope for the best, you might be disappointed. In this article I share some of my experience where projects have achieved some excellent results.
Part of creating a WAN proposal is building a specific capability aligned with your business. A capability and not a bottleneck. The truth is, most clients I speak with regarding change are in a poor situation because there was never any work completed to understand whether their existing WAN was in alignment with their business. A major component of this work revolves around understanding which areas of both your organisation and the service provider capability are matched. To complete this work requires an understanding of both sides of the coin. In the first instance, IT Managers need to consider particular aspects of their business from strategy through to application performance requirements. On the provider side, each and every key area which has the potential to impact your business should also be clearly understood. I’ve often been involved in a situation where the information provided by an organisation in order to price up their WAN is little more than addresses and bandwidths. In this scenario. the decision making process defaults to little more than a commodity based purchase. In the absence of value, all you are left with is price.
Dealing with special pricing teams
I have also been involved in a good amount of special bid’s. You know the kind of situation. One provider is more expensive than the other but features appear equal. Senior members of a business don’t really get the value and therefore instruct their IT management team to obtain MPLS costs at their best available rates. The problem occurs when the provider is faced with the spreadsheet I mentioned earlier. The special bid team working on your account is unable to determine whether their is serious buying intent because they don’t have a well aligned design in addition to the spreadsheet. The answer then is fairly simple. Providers (and special pricing teams) need to see buying intent, they need to know that their hard work will not be wasted on a fruitless exercise. So, whilst your intent may well be mostly ‘lowest possible pricing’ based, remember that the teams within the provider recognise which deals are more likely to result in a sale.
A base level of data to achieve great MPLS costs
If you consider a base level of data which should be the minimum required to achieve good pricing, I would suggest the following elements.
- Topology diagram presented in Visio format (including failover)
- Applications, listed by priority with QoS (Quality of Service) settings
- Your business strategy in terms of decision making process with time scales
Over and above these elements, a complete statement of requirements (SoR) will provide a major benefit to both your project and the goal of achieving MPLS costs from the providers with which you are in discussions. An SoR is a thorough document which is designed to look at every aspect of your particular business including the motivation for your project, the existing service provider and their pain points and issues together with a revised design based on these specifics. When preparing SoR content, a templates approach is required to ensure certain elements are not missed when creating the documentation. In the day job, we consider every aspect including:
User experience to the user behaviour which is increasingly mobile on a global basis. The users within your network require ubiquitous access to resources no matter where they are located.
Quality of Service – The level of bandwidth a priority required for each application on the network. Careful consideration must be given to where the traffic is sourced and destined.
Failover – Consideration of failover design and type. For example, the failover product should be designed whether the uptime is based on fibre primary and fibre failover or most cost effective copper including EFM and broadband.
Further reading: Step by Step MPLS Procurement Mindmap
Whenever we talk to IT Management about their MPLS VPN, they invariably talk about various ‘typical’ issues and problems. When we say typical, we mean anything from poor account management, incorrect billing and slow change request through to serious miss-designs creating downtime and application performance. The other common element is often a reluctance to change service provider because organisations are unsure whether or not the new service will be any different.
What we do know is that it doesn’t make sense to keep doing more of the same when things don’t work
In this article, I’ll talk about how to clearly define your current WAN strengths and weaknesses and create a new SoR (Statement of requirements). Each section covers off areas of consideration, the questions you need to ask and the pitfalls to avoid. I have essentially seen it all (nearly!) over our 15 years in the industry.
Some of the key areas to consider are as follows:
- Business strategy
- Business continuity
- Technical topology and routing
Good repeatable procurement workflows are the enabler to understanding and clarity across your WAN and how the service impacts your business. This means you cannot just focus on the technical. You’ll need to understand the business process, the business strategy and align strengths and weaknesses.
Before the documentation process begins, there’s a level of work required to understand the opportunities and threats to the future of your organisation in relation to the WAN. We’re not strategy consultants but we appreciate the value in understanding your business and how the WAN may help with productivity and provide a competitive advantage. Today, more than ever, strategy is a critical element. This initial thought process forms the introduction to the documentation workflow and helps us keep in mind the high level thoughts and intention within the company.
It’s clear that companies who align technology to their business processes gain a competitive edge in the market place. Without this alignment technology which includes your Global MPLS or UK becomes a commodity and a potential bottleneck to future projects and business growth. Strategy means different things to different people but to us it means understanding what makes your business successful and how technology may further this success either by providing a framework for growth or by improving the client engagement process. Using the WAN as part of your strategy is essential as we become more mobile using tablets, smartphones and laptops to work wherever we are in the globe. The WAN enables clients to engage quicker, more efficiently and with better reach into customer care. Our mindmap describes using an outliner tool to depict your strategy and what future projects are currently scoped which may impact the WAN. As part of our BT Global MPLS strategy section, we look at:
How the WAN enables your business to react quickly. Process which inhibits agility provides an environment which stops growth.
- What do we want to achieve?
- What do we think is possible?
- What do we need to do to achieve our goals?
- Does our existing WAN align with the company strategy?
- When should we react to new opportunities and adapt plans?
- What budget is available?
- How are we going to get there?
- What are the challenges right now and how to we prioritise solving problems.
- What other initiatives do we need to consider – i.e. environmental initiatives.
Thorough documentation of all aspects is key to successful WAN implementation and ongoing support. The intrinsic link between your company strategy and process to the WAN architecture allows solutions to become and enabler rather than a bottleneck to future projects and business growth. The more comprehensive the documentation, the better positioned the business will be to take advantage of efficiencies created by the networking of your sites. We find most existing documentation is poor, incomplete and lacking in detail. When new projects occur, or support issues escalate, IT teams are unclear on the path forward. The challenge is to ensure a resource is available with a clear process to enable documentation to take place initially and throughout a contract term.
MPLS VPN Technical, defining data flows, topology and routing
Understanding the technical aspects of your WAN requires a methodology to ensure each aspect is documented and then related to the potential business impact any weaknesses may cause. Although we base the technical section of our workflows on Cisco methodology, our top down approach to design and documentation ensures our content remains relevant regardless of manufacturer. With a top down approach to design and documentation, we include the following components when designing BT Global MPLS VPN or UK MPLS solutions:
- Data flow, types and the processes that access or change the data.
- Topology, understanding the location, applications and user requirements together with site analysis to understand single points of failure.
- Router configurations including the CE (Customer Edge, your site router) and the PE (Provider Edge, your provider router). The detail acquired includes IP routing, bandwidths and Quality of Service match statements.
- Routing and IP addressing. Understand the flow of data across the WAN and protocols / addressing which are in place today.
- Statistics, depending on availability, we look to understand performance, usage, latency and jitter per application.
- Security. Private MPLS VPN technologies are inherently secure. However, we recognise some sectors require additional security such as Government and Financial organisations for example. Clients with extranet clients and partner access also use security to separate traffic.
- Remote Access. Access via multiple technologies are documented together with the associated security.
To achieve excellence in design, it is essential to gain a firm understanding and breakdown of the existing solution. The past shows us where pain points and issues have occurred and how a fresh approach will minimise or even totally alleviate such issues. Within the our BT process, all designs are initially provider agnostic to define an ideal world solution for your organisation. Viewers will find out more on the agnostic approach within the Provider Agnostic Design section.
The WAN is only one part of the network. With this statement in mind, it is important to ensure you also consider the LAN (Local Area Network) and any hosting which may be utlised by the business today. Other WAN impacting technologies include WAN acceleration and encryption. With our experience in presales design, we’re ideally placed to consider all aspects.
Documentation of your process is just as important as the MLPS network technical aspects
Surrounding the technical aspects of the existing WAN are the processes which have a direct impact on every day operation. These processes include:
Adds, moves and changes: Issues with delivery and ongoing changes to a network are caused in part by the internal processes and the level of bureaucracy which exists within the service provider. Often, service providers direct their investment into the network and sales staff used to drive revenue. This clearly has a positive effect in some aspects but a negative effect when broken processes cause delays and issues for clients. To fully understand whether or not processes for delivery and adds, moves and changes are a weakness, the process must be documented to understand how they may be improved using due diligence. The documentation of process relates to all aspects of a service leading out from the core WAN product.
Surround yourself with a fantastic team, it may make all the difference
Account Management, Presales, Postsales, Service Management, Project Management, Design Engineering & Support. The internal available resources should be documented to understand where improvements may be made: This process establishes existing MPLS VPN supplier suitability to deliver against your strategy. Once documented, we gain an understanding of strengths and weaknesses and how they may impact delivery of a new solution and every day WAN operational aspects.
The account manager is your first port of call for service related issues and new projects. The ability of your account manager to add value will depend on the remit and scope they’re given by the service provider and their experience and all round ability to understand how solutions relate to business benefits. The mindmap discusses our account management workflow to understand how much of a resource is applied to your account on an ogoing basis and how they look to add value moving forward.
Delivery of upgrades and major changes should be project managed, if the Project Management resource is weak, this may result in delays and issues with the delivery process. Analysis of previous projects which relate to interpretation of requirements, supplier contract checklist, operational readiness, migration plan, milestones, management process for 3rd parties, incident process is required to get a good handle on existing Project Management limitations and the capability of a new MPLS VPN supplier. Over and above real world examples, qualifications and processes are also documented.
Other resources such as Service Management are either available as part of the contract or maybe available for an additional cost. Whatever the case maybe, it’s important to understand the resource applied to your account with and without service management. This is achieved by comparing workflows for the standard levels of service vs service management and how this resource works to add value.
The Presales resource provided by service provider varies in terms of quality and often lessens once any deal is signed and the sales focus is removed. Designs which include a detailed overview of requirements are the exception, rather than the norm. With this in mind, thorough analysis of process both from the client side and the service provider needs to be analysed to build on any areas of weakness.
Finally, there’s Postsales. Postsales encompasses the resource provided by the MPLS VPN providers detailed design team and the resource applied during the contract term. When a new contract is signed, the process of translating presales requirements to the providers detailed design team should be documented to be confident their expertise is suited to your particular MPLS VPN. Within postsales, we find many service providers are adding professional services to their consultancy to replace work which was, in recent years, performed under presales at no additional cost. Therefore, the your process should document the resource included within the postsales environment and the resource which will fall under additional professional services. Throughout a contract, presales are often responsible for new projects and the validation of adds, moves and changes under the guise of postsales resource. How these projects are tackled, who is involved is key.
Contracts & Service Levels, time to negotiate
The negotiation and wording within a service provider contract is often an overlooked part of the sales process. However, when change occurs within your business, the contract becomes a focus both placing restrictions on adds, moves and changes and incurring a penalty should the business wish to step outside the contract terms. Therefore both existing contracts and new contracts need to be taken apart and examined. The content needs to align with your strategy and future projects to ensure your business will not face restrictions or commercial penalties.
Example: A construction firm requires a contract which may allow them to close 10% of sites due to short term contracts without major penalties. If no prior agreement is in place, the construction firm will face penalties when site closures occur or they will be liable for the full contract term. In addition, the contract wording must be carefully examined to ensure issues concerning delivery and the overall milestones within the project are successfully and satisfactorily delivered.
The MPLS VPN SLA (Service Level Agreement) is a commercial document and does not impact the overall technical solution and therefore should be treated outside of the design process. That said, the SLA does provide an indication of service parameters from delivery timescales to network performance and mean time to repair. With this in mind, the overall expected performance of the network may be ascertained by examination of the SLA document.
Note: Our process analyses existing contracts and SLA’s and whether they fit your business strategy. Further on, our workflows negotiate the build of replacements when any new solution is investigated. We ensure any breaches of SLA or contract are flagged on a monthly basis.
ESR Billing, not particularly glamorous but another key, important area
Service provider billing is an area which could provide a bottleneck due to restrictions. Organisations have differing requirements ranging from simple consolidated billing to charging other internal areas of the business for MPLS VPN access. We relate billing to future project and growth which may allow our clients to use billing to their advantage by portioning certain aspects of WAN costs internally. During any contract, a resource is required to analyse billing vs contract to ensure any discrepancies are covered and highlighted. This is achieved by our standard BT workflows.
ESR Statistics and trend reporting, being able to tell the future
Many service providers now offer comprehensive tools to examine the performance of WAN connectivity. The output ranges from simple usage statistics through to application performance and the mean opinion scoring of Voice solutions. Together with SLA reporting, the examination of statistics on a monthly basis will highlight areas of concern and equally report areas of under usage where perhaps commercial savings may be made. We also find trend reporting to be a valuable aspect of statistics allowing clients to plan and better understand how their business is using WAN connectivity. The ESR analyses the capability of your current statistics package.
Commercials, negotiation of the best MPLS VPN costs possible
The commercial structure includes non-recurring elements, monthly recurring elements and whether or not any provision has been made for benchmarking during the contract. Toward the end of any contract, analysis of the costs, and which components the costs are attributed to, will help us to fully understand the commercial impact of the WAN to your business.
Order validation and management, keep the value
We use the following process to ensure orders are correct vs your VPN design. The ordering process is an area which is often overlooked by IT management since the work exists after the order has been signed. You may believe order management is part of the project management process which to an excitant, is correct. However, you should also be aware of and check the detail which is added to each order because, often, data is entered incorrectly which may have a massive impact to your future network.
Whichever provider you are considering, our mindmap will put you on the right track. However, for those of you considering BT Global MPLS or UK, the mindmap includes a fast-track service showing the exact process to some of the best BT resources within BT Business.
I have created a Techtarget IT Managers step by step A2 Mindmap to assist readers embarking on an MPLS VPN procurement projects. The original version of the Mindmap won British Telecom’s BT Business Innovation Award in 2014.
US readers will no doubt tune out but wait. Although BT IP Clear is a UK based service, the technology refers (as a rule, there are exceptions) to unmanaged connectivity from BT. The US market is largely unmanaged vs the UK’s preference for managed services when procuring WAN connectivity. So, take a read through and compare a flagship UK product vs your US service provider capability. BT are no longer using BT IP Clear as a product name but the majority of IT Managers still refer to their wires only product using this brand reference. BT IP Connect is now the flagship product which also includes a wires only version together with fully managed routers where required, both Global and UK. Within the rest of this article, we’ll talk generically about the BT IP Clear capability.
- Reach and Diversity for failover – BT’s national coverage of Provider Edge (PE) devices to terminate your circuits
- SLA – The national latency, jitter, uptime and install figures
- Circuit types – From Gigabit Ethernet through to ADSL
- Other services – cloud, SIP and remote access
We have been spending a substantial amount of time over the last 18 months improving and honing our WAN procurement content. In some respects, this work is slight selfish since we are, in tandem, documenting our own sales process. Our original WAN Mindmap was generic and contained the pitfalls, risks and opportunities associated with MPLS & VPLS procurement. It is still, by far, our most requested content. Good news – when we embarked on the BT IP Clear version, we really wanted to create something which would specifically detail the procurement process as it relates to a particular product. The IP Clear service is generally positioned as wires only product and therefore attention should be paid to the attributes of a self managed service.
BT’s MPLS network is known to be well engineered and essentially covers the UK and, in the case of Global Services, the rest of the world. Gartner recently announced BT would remain within their magic quadrant because of their capability to serve global Enterprise clients. You may be forgiven for wondering how BT Global MPLS has anything to do with the BT IP Clear UK product? The same resources and investment is put into the network as a whole. As the global network evolves, so does the UK capability which increased bandwidth and presence with POP’s (Points of Presence) becoming more wide spread adding diversity and performance increases. If you ever read BT product description, the capability also mentions global reach. This said, IP Clear has always been associated with UK coverage. However, it is possible to procure a UK VPN from BT and connect international sites at a later date should your organisation grow by acquisition.
The following map details existing coverage in the UK.
It’s pretty easy to notice that the UK is well covered. Ultimately, this means your sites have less distance to travel to the nearest point of network entry. This not only reduces costs but also has the added benefit of diversity choices and the best possible latency.
The more PE nodes a provider has, the easier it is to create a diverse network. Within the generic procurement Mindmap, we always advise asking any potential provider for their true PE coverage as this will demonstrate your ability to create diversity and also demonstrate the providers true MPLS capability which is often covered up by marketing.
Let’s look at an example.
The BT Secure Plus product is designed to avoid any single point of failure. With full diversity, two routers will be configured running HSRP (Hot Standby Routing Protocol) or load balanced depending on your requirements. (Being self managed).
From the routers, BT will look to use two different points of exit from the building. Whether or not this is possible depends a) whether two points of entry exist and b) whether or not there are any restrictions on the building from the perspective of creating another entry point. Once the circuits leave the building, diverse paths will be attempted to ensure seperacy is maintained with dual BT local Exchanges used where possible. From the exchange, the circuits will ultimately arrive at dual BT Provider Edge POP’s.
As an MPLS network can carry both your voice and data traffic, you are effectively putting all of your applications under one circuit without diversity. Although you can achieve economies of scale by using MPLS a reliable service becomes essential or any savings you make by using the technology can quickly be eroded via productivity losses in the event of failure. By having so many POPs in so many key business locations BT can provide that piece of mind that we can reach a resilient POP sooner than any other provider in the UK.
There are a number of different ways to access the network, including connectivity from 1Gbit/s all the way through to standard broadband. One of the clients we are working with now are using the IP Clear ADSL product across 106 sites, only two of them are fibre based leased line products. There is a mix of availability with regards to DSL from standard ADSL2 through to FTTC (Fibre to the Cabinet). In terms of site issues, there are only 3 of the sites which are suffering from poor performance due to the locations being remote. BT are able to check site addresses to understand the kind of performance you will experience in the real world. The actual performance has been pretty good in terms of latency, here’s a live ping from the network which includes the LAN from HQ to a site connected via DSL:
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms
CE_Router#ping 10.10.165.254.254 .254 0.254
Type escape sequence to abort.
The performance of the above ping is more than good enough for VoIP (SIP) based services and mission critical applications. The upstream bandwidth may potentially become an issue over the longer term but, for now, all is looking good.
- Lower cost fibre access direct to your site
- EFM access, aggregating copper pairs (telephone lines) to offer a single Ethernet service with built in resilience and a lower cost compared to fibre
- ADSL2+ integration as an access technology onto our WAN services
- Superfast access through Fibre To The Cabinet (FTTC) and Fibre To The Premises (FTTP)
- EMF and GEA access providers
BT IP Clear SLA (Full granular figures are included within the Mindmap)
The SLA is a commercial agreement, we always suggest organisations never design based on SLA figures and NEVER commit to the business that circuits will always perform to SLA parameters.
This said, the SLA will provide you with a good overview of predicted performance. If we know that traffic across the UK POP to POP will perform on average Xms depicted within the SLA, we are at least able to consider worst case performance. In general, latency performs better than projected SLA figures since they are always set as a monthly average.
The uptime guarantee is perhaps the most useless of all, in my opinion of course. (Not BT’s by the way, just SLA’s in general). For years we have seen figures of 99.9% as the standard for fibre based leased line connectivity. The fact remains that the SLA is of little comfort if your site is down and falls outside of these amazing averages. In this sense, it is important to design uptime based on the specific requirements of that site. The IP Clear product allows you to ensure services are built to maximise both productivity and performance regardless of the SLA figure.
Clearly the WAN is an enabler to additional services such as the cloud and SIP. BT provide a number of different cloud based options for managed services which include hosting and colocation. These services may not be as applicable for clients looking to buy IP Clear self managed IT infrastructure but it possible to create a hybrid of services. Access to SIP is a possibility by two methods. The first involves separate access using a BTNet leased line.
The other alternative is directly via the MPLS platform. However, the BTNet variant is a much easier product to implement since the product allows interface into existing ISDN-2 or ISDN-30 circuits – a Samsung device converts ISDN to IP. However, if true end to end SIP is required, access will need to be via the MPLS platform.
BT IP Clear Pricing
We are finding that project we are working on are producing some excellent commercials. As an IT Manager, you need to be aware that any project will likely yield better savings and costs when the requirements are fully outlined. The special pricing teams within BT are busy and therefore they take the projects with a good statement of requirements more seriously than those which consist of a spreadsheet and bandwidths.
Our senior designer has Distilled everything we know about BT IP Clear procurement into one of our single step by step A2 Mindmap. We borrowed some of our Techtarget MPLS VPN procurement workflows and essentially layered on the specifics of IP Clear service from the perspective of reach, latency, QoS (Quality of Service), fix times, uptime, change requests and additional BT products which interface into the capability including SIP and Cloud. Request the hybrid procurement Mindmap with added IP Clear capability.
It’s not often we’d open an article quoting Einstein. “The significant problems we face cannot be solved by the same level of thinking that created them.”
In other words, if you are considering changing your Global MPLS provider, something must change within your procurement process to avoid the same problems and issues occurring again.
Kindly provided by Dave Herington (WAN procurement expert), Dave is recommending three Global providers within his PDF – I was pleased to be included (spoiler!). (And thanks Dave, I know we hassled you for to share the other two!)
The overall intent of any WAN procurement project is as follows:
- Avoid the typical pitfalls, issues and problems faced by the majority of Enterprise and Medium sized organisations when procuring international MPLS providers
- Align the specifics of your business strategy, applications, business continuity and process to the service provider market place
- Understand the impact of engaging with a provider which doesn’t operate a repeatable process to identify your business needs – the issues are often felt for years
- The Mindmap is designed to help you follow along as you move through the procurement process
Read on to understand some of our thoughts and ideas surrounding specific Global MPLS providers challenges.
The first steps, align your business
We all like to think we know and understand aspects of our business. In many ways, it’s not the knowledge we have but taking that knowledge and ensuring suppliers understand your value and your competitive edge – what makes your business unique. In the respect of Global MPLS network procurement, this means ensuring that any prospective provider clearly relates the specifics of your business to their capability to deliver a Global MPLS network providers service. When IT and business are mis-aligned, the business is seriously impacted. We’ve witnessed clients facing simply frustrating issues such as incorrect billing but also those clients which have suffered huge downtime and productivity issues. If you follow a repeatable process within the international service provides procurement process, you are in a better position to tick off the boxes as you complete the project ensuring good practice and due diligence is adhered to throughout your project.
The workflow for network procurement sounds vast. If you consider everything from application performance through to high availability, adds, moves and changes, delivery and migration, you gain an understanding why some companies just keep plodding on with their existing supplier. However, we know it doesn’t make sense to do more of what simply isn’t working.
Of course, being able to find a perfect provider is most certainly a futile task as there will always be aspects which don’t fit. However, if you know and clearly understand where these weaknesses exist, you are able to either work around them or adapt your business. As an example, you might find a provider which takes time to make bandwidth upgrades. This fact may either be a show stopper of something which you are able to work with depending on the detail.
In short, the areas we consider are as follows:
- Business Strategy
- Business Continuity and DR (Disaster Recovery)
- Documentation and process
- Due Diligence throughout contract
- SLA (Service Level Agreement)
- How to achieve Global and UK proposal and pricing excellence
Becoming a strategic thinker
Strategy is the direct link between your business specifics and your provider. The subject of strategy often conjures up thoughts of huge amounts of work but in reality, and as far as Global MPLS network providers procurement is concerned, strategy is about defining the key areas which make your business successful. We see this time and time again, the businesses which are successful within their particular niche really understand their go-to-market strategy, the areas which result in customer retention.
When we think about strategy, we consider your business and the impact of particular MPLS network areas. As an example, your key sites where you deliver services or data to customers must offer up a capability which contains no single point of failure. Or, perhaps there is a particular application which must perform well – the performance is key to customer satisfaction. Although these aspects will no doubt be covered in the technical design, outlining them and defining these key areas as part of your strategy will have a profound effect on the overall outcome.
Application performance and enhancements
Understanding applications is the basis of productivity for both internal users and customers engaging with your business in various forms. The way in which applications rely on MPLS varies but the key aspects cover latency, jitter, uptime and packet loss. Service providers are able to offer feature rich solutions which include QoS (Quality of Service) to provide confidence in the performance attributes. However, an SLA is only a commercial agreement – the network should never be engineered based on an SLA but there is a good indication of overall performance. The mindmap will also point you to areas which you may not have considered such as the impact of ‘chatty’ applications.
Keeping those applications running with maximum uptime
Clearly, having well performing applications is great from a business perspective. A major part of your applications performance is uptime. We recently wrote an content on the BT RA02 (Resilient Access) product where we described some of the aspects of achieving a solution with no single point of failure. We are pleased with all areas of the mindmap but particularly within the resilience and diversity section. Here, you’re able to easily see the pitfalls and the questions you need to ask of network suppliers ensuring there are no single points of failure within your capability.
Topology, any to any
The native topology of MPLS facilitates any to any connectivity. However, topology is also concerned with restricting access to certain areas of the business. As an example, clients create multiple VPN’s within a single VPN for voice and video to keep them seperate. More than applications, MPLS solutions allow you to create separation for extranet clients – you may have a supplier which requires access to areas of your network such as procurement of goods or services. The topology maybe created to facilitate this capability.
Within topology, you need to consider reach. If your organisation is looking at expanding into particular areas on a global basis, the future reach of your provider becomes a critical aspect. Even if we consider UK clients, opening a data centre in a location which is not well served by a particular provider of choice will impact you in terms of cost and potentially uptime.
Projects which need to be factored
With many organisations, there will always be a future project in the wings. We see this with various departments considering new initiatives or the business as a whole might on an acquisition trail. You may believe this area to be part of strategy but our belief is that these aspects require a section of their own. The situation you need to avoid is one where you put in place a solution which isn’t fit for purpose because the business launches a new initiative or procures another business.
Keeping up to date with documentation and due diligence
One of the major disappointments clients experience relates to poor network documentation and due diligence throughout their contract. We worked with a client recently where their network has not been configured correctly from day 1 with a serious knock on effect to their business. Applications performed but very badly and nobody from the service provider had a good understanding of configuration.
In order to avoid this situation, global MPLS providers need to define how they maintain documentation and also where the documentation is stored to avoid versioning problems. The mindmap will provide details on the areas we recommend you consider.
Throughout contract, due diligence with documentation is important. Just as a repeatable process is required for WAN supplier selection, a workflow is also required to maintain good practice covering such areas as trend reporting and SLA breaches.
Global MPLS Providers & Service Levels, Delivery and Migration
The Global MPLS network mindmap provides a focus on the key areas of service levels including the usual suspects from latency, jitter throughput to uptime and packet loss. Within each of the service areas, we point you to pitfalls and where the service provider marketing may miss out some of the key points. The SLA is a good indication of the providers performance, not only from the perspective of ongoing service but also delivery aspects of the service including adds, moves and changes.
Perhaps one of the biggest areas of weakness surrounds slow and painful adds, moves and changes. Some providers are more agile than others in respect of changes but we find that the process is often improved if the client has a clear understanding of the workflow from raising a change through to placing an order for the change and delivery. Some aspects of changes will be fast, others will take time. Again, which of these aspects that will impact your business will be understood when the specifics of your organisation are aligned with the product.
On the delivery side, the SLA will apply to lead times. There are certainly aspects to consider here which are going to become critical to your project including the actual process to take you from a design through to ordering, acceptance, and circuit delivery milestones. On top of this, you will also want to be thinking about migration and how you will take your service from one provider to another.
Budget, achieving the best international MPLS providers commercials
Obtaining a good deal requires knowledge of process. In addition to our knowledge of MPLS network pricing workflows, the mindmap does a good job of bringing other areas to your attention which make a commercial difference. An example of which is creating your statement of requirements. Any service provider prefers to work on a well qualified set of requirements and presenting your needs in this way has a dramatic effect on how they approach the commercials of your solution. If, for example, you present a list of sites on a spreadsheet, the provider will not take your requirements seriously and will forward out standard pricing.
If you have any further questions, let us know. The organisations on our PDF are also able to offer VPLS providers services.
In part one of two articles, I provide some thoughts and ideas surrounding the critical areas of UK MPLS providers & general procurement. Part 2 will include more detail on procurement but with a focus on Global. If readers are interested in a selection of recommended providers, please request the PDF by clicking the link.
WAN Procurement – evolution
Within my work as a consultant, I produced bespoke RFP content with a focus on: Strategy, applications, topology, bandwidth, QoS, Migration, Documentation, Dual Diligence, Security, Remote Users, Account Team, Support, Contracts, Cloud Strategy, Internet, Ordering Process, Migration, Product Capability, Statistics, Process and more.
Introduction, some of the key challenges within the WAN service provider market
Organisations are looking to understand which UK MPLS providers offer capability vs their specific business requirements. The market place, in the main, is still talking features and benefits which results in the majority of providers sounding the same through the sales process. One of the methods to achieving a successful WAN procurement outcome is to follow a repeatable process which provides a focus on each key vector of the procurement process. (This is the high level intent of the Mindmap) A large percentage of IT Management analyse the UK MPLS providers market place with the expectation of being in a position to decide from several providers with ease. In the majority of cases, organisations are looking at between 3 to 10 different contenders for their WAN business. The reality is that, more often than not, each WAN service provider sounds the same from the perspective of marketing. The sales process is often overloaded with features and benefits which are presented to prospects alongside the convince and persuade sales methodology. The conclusion often ends up in a decision making process based on commodity buying. In the absence of tangible business value, all we are left with is price. Whilst commercials are clearly important, the WAN must actually meet the needs of the business as the first priority. To put this statement into context, business to business sellers from service providers are unable to provide clarity with regards to complete capability. And as such, they will have no alternative but to sell on price. A wrong decision impacts contracts, delivery, support, change requests, uptime, application performance and more.
Not all providers are equal, understanding their reach
When considering which UK providers, uncovering their true network reach is often difficult. This is in the main caused by marketing statements which profess reach in the realms of 98 throughout the nation. These kind of statements are misleading and therefore clarity surrounding the reach of your prospective UK MPLS providers is critical. Whilst a provider stating a coverage ability of 98% may be true, the reach would be made up of wholesale tail circuit agreements from multiple providers such as BT Open Reach, Virgin Media Business, COLT (just a few examples). The reality is, a provider could operate one central core POP and aggregate tail circuit traffic back into this POP.
Ask to see PE (Provider Edge) coverage
In order to achieve transparency, an overview of the providers Provider Edge (PE) nodes must be analysed. The PE refers to the entry point into the providers core network and represents their true MPLS coverage. The diagram below shows how MPLS is architected vs the typical site deployment.
The diagram above details how your site connects to the local telco exchange, through to the providers first point of entry (typically a transmission POP) where traffic is backhauled to the nearest Provider Edge node. The breadth and capability of your prospective UK MPLS providers is generally defined by understanding Provider Edge devices deployed around their network.
Migrating to a new UK MPLS provider
One of the reasons why MPLS procurement projects fail is down to decision not to change provider. The value of prospective UK MPLS providers is not made clear during the sales process and therefore the confidence is not high enough and the decision not to change is made. This is common with complex procurement projects. With the above statement in mind, the value from any provider must be made clear and analysis of their migration resources should be understood. There are multiple technical methods for migrating from one supplier to another but the critical elements surround a good set of data on the existing network (think IP addressing, Quality of Services, applications and so on) to ensure migration engineers are clear regarding delivery requirements. This kind of detail should be understood from a sales process perspective since your organisation is at the stage of consider the UK MPLS providers market place. The experience of your project manager should not be overlooked. The PM resource is a major component of network delivery since they are clearly responsible for co-ordination of resources. As we discuss within our content, there are multiple moving parts with any complex IT solution and knowing the risks and pitfalls will provide benefits. In some instances, escalations will need to be used to progress issues. The PM will need to convey how the escalation process will be managed throughout delivery.
High availability and diversity
The logical progression from reach is to discuss defining prospective UK MPLS providers ability to provide high availability and failover at selected sites. The reach and coverage of MPLS Provider Edge nodes dictates the capability of the provider to build a highly resilient network. A high availability site will require connectivity to both a primary and a failover MPLS mode with geographic seperation. Aside from MPLS PE coverage, it is also important to consider the ability of tail circuit providers to offer diverse connectivity. The tail elements are detailed below.
The general industry thinking is that a single tail provider is the best route to achieving tail circuit diversity. This is at odds with the wider based IT Management perspective which suggests using multiple tail providers provides further resiliency. Let’s look at the scenario’s.
Single site, dual tail circuits
When considering one geographical location, using a single tail provider to deliver diversity is the better option. This is largely because, in a dual provider scenario, neither provider possesses knowledge of their espective tail circuit paths which results in commonality and single points of failure. The major telco’s have a specific product which is deigned to complete a site survey with a view to designing with no commonality / single point of failure. The BT RA02 product (BT Resilient Access 02) is an example of a true diverse product where primary and failover are engineered correctly (subject to survey).
Dual sites, dual tail circuits (geographic separation)
A UK MPLS providers design where sites are separated by distance allows organisations to consider using tail circuits from multiple providers. Whether there is any real benefit in designing a network in this way is a subject for further discussion since managing dual providers will require extra resource. The nature of geographic distance between each location provides confidence in the natural serration of distance. In order for both sites to communicate, a point to point circuit would be required between each site in the form of dedicated fibre (metro areas) or an Ethernet VLL (Virtual Leased Line) for greater distances.
Adds, moves and changes
In January 2012 a large global enterprise changed provider because of their frustration surrounding the adds, moves and change process of their incumbent. To the un-inititated, this may seem an extreme decision but the bureaucratic change process with their large global provider of WAN services was slow, inaccurate and business impacting. Imagine the simplest of changes taking weeks and in some cases months. The global enterprise discovered that there were alternatives – providers which provided portals and change processes which could be completed in a matter of seconds. On this basis alone, the decision was made to change. Understanding the change process of UK MPLS providers requires analsys of process. The end to end process from beginning to end should be carefully considered to ensure adds, moves and changes does not become a bottle neck to your business.
What to expect from support
When considering support, it is often the basics which take the majority of focus. In this day and age, support is almost always offered on a 24/7 basis with a good fix time for replacement hardware. As organisations look deeper into the detail, the way in which your network is supported, the skills sets and the real replacement hardware fix times is brought to the surface. For example, hardware replacement times may only begin from the point a hardware fault is diagnosed. At a high level, this is reasonable. However, there are providers which do not commit to a fault diagnosis time. The process of logging faults is a much more efficient task if the engineering team you are engaging with (via email, web or phone) is in a position to make a change and troubleshoot the hardware. More often than not, tickets are processed via a handling team which are not able to progress your issue – the knock on effect is further delay. With the previous statement in mind, the importance of engaging with service providers which offer a direct interface into engineering is clearly beneficial.
The WAN architecture vs UK MPLS Providers capability
Finally, for this wiki entry, the WAN architecture will be limited by any prospective providers overall capability including cloud services. We would not say that one element is more important than another – each organisation is different. The cloud is a hot topic with the term banded around to cover a huge array of capability. When embarking on an MPLS procurement project, the documentation of your network, the application flows, the high availability requirements and future will feed into an architecture to support the organisation – private cloud, public cloud or otherwise. The service provider market place will have a want to throw their capability in your direction to see what elements may be of interest. However, this approach is often too much and will create an environment where the capability is not clear. Therefore it is better to architect based on your specific business and request providers to meet these needs via their capability.
IT Managers are responsible for many different areas of an organisations IT infrastructure. The fact remains that it is clearly difficult to become an expert within every single product, especially as products are becoming more vast and complex. Whilst the content we produce at telecoms.wiki will not remove every issue or problem encountered within the UK MPLS providers procurement space, we hope typical issues and problems will be vastly reduced. With a repeatable diagnostic approach to procurement, organisations are at least confident that the key vectors are being covered in an ordered approach. The engagement with the wider service provider market (as previously mentioned) becomes much simpler since providers are working to your requirements rather than what ‘they believe’ to be a good fit. We see a pattern across the selection of UK MPLS providers – once companies make a commitment to follow a process through, they will enjoy a better outcome. Typically, these organisations keep on getting better, more efficient and profitable with the WAN as an enabler at the core of everything they do from a business perspective. The top performing IT Managers define how they do business and put together the processes required to meet current and future operations. If you are interested in learning more about MPLS service providers in UK markets, let us know.
In 2014 my team and I won the 2014 BT Business Innovation award for my step by step MPLS Network procurement Mindmap. A guide which any IT Manager could use within their own day job – to move themselves through the service provider decision making process.
As I’ve started writing more content for IT Knowledge Exchange, I have created a specific Techtarget version which is available for free to readers.
Watch the video below or read on to learn more.
IT Managers are often unaware of the key areas and vectors to consider when embarking on a WAN procurement project. In the race to the best features and benefits, the typical service provider sales process will often miss key strategic elements of MPLS Network procurement – it is critical that IT Management and procurement teams are armed with the best possible workflows to ensure this does not occur.
In 2010, we started work on our step by step, guided approach to BT MPLS procurement, specifically their IP Connect & IP Clear products. The brief was to create a single document which transpired to become a mindmap containing all the key vectors, risks, pitfalls and opportunities IT Managers are faced with when they embark on an MPLS network procurement project. Within this post, I will expand on some of the content found within the mindmap guide. The success of this particular content project has been measured on the feedback we have received.
In the last six months, I’ve started to consider how Network Union could evolve our content and whether or not additional value could be provided. What if we could bring the mindmap to life, a document which evolves to help IT Management with procurement of Wide Area Networks, specifically MPLS, VPLS and Ethernet?
In July, the idea struck me to arrange an internal workshop session to discuss the successes and failures of our BT Global MPLS and UK MPLS network procurement projects. What if the content could evolve on a monthly basis based on hard won, real world customer experience? Ultimately, we’d end up with material which would become incredibly valuable when IT management looked to procure WAN connectivity (whether BT MPLS or otherwise). The guide was written specifically for BT MPLS network procurement but is easily adaptable to any service provider. (Note: We have specific BT IP Connect & BT IP Clear mindmaps).
With the above in mind, I thought I’d write this post to provide any organisation looking at MPLS network procurement with some thoughts and ideas which will describe the kind of detail we include within the mindmap. Incidentally, we also have a version for VPLS (Virtual Private LAN Service) which is available too depending on your requirements.
Why the need for an MPLS or VPLS Mindmap?
The simple truth is that WAN procurement projects need better alignment between a customers requirements and the service providers capability. We knew this based on the fact the majority of BT MPLS projects we had previously involved in (prior to 2009) were afflicted by the same typical issues and problems. Some of these problems were not avoidable since some service providers appeared to be liberal with the truth and avoided confrontation with their clients. The result was incorrect expectations which had a profound effect on how a business delivered other IT projects which are reliant on WAN connectivity. IT Managers are faced with a huge pull on their resources and are expected to be the fountain of knowledge across the IT spectrum, this is the general view of ‘C’level positions within large enterprise organisations. In reality, this level of knowledge simply isn’t possible because, to become an MPLS network or VPLS procurement expert, the level of study and work required would preclude the every day operational work.
To be totally honest, there were two reasons we created our content. The first is purely selfish, we needed to create and hone our own internal processes into a repeatable workflow we could use with any client. Our consultants needed to be aware of the implications of each decision made within the BT MPLS & BT VPLS procurement arena. The second was to produce a good resource which an IT Manager could use within their own day job – to guide themselves through the service provider decision making process.
In the early days, our content was very focussed on the technical side of the decision making process. As we evolved the content, we added strategy which included elements such as business growth, downsizing, methods of working, cloud and so on.
IT Strategy for WAN Procurement and your organisations specific business strategy
The IT strategy element is perhaps one of the most powerful areas because, when used correctly, IT Managers are well positioned to align their specific business requirements vs the MPLS network or VPLS service provider capability. When you add some of the issues, risks, pitfalls and opportunities from live accounts, the content is certainly powerful.
Strategy encompasses two elements. The first is your company strategy, competitive edge and business growth. The second is the procurement strategy your business will follow in order align your organisation with future WAN network capability.
Over long periods of time, your WAN network abilities and limitations are directly related to your organisations productivity. How your users are able to really interact and make use of the network will affect their overall performance. And this is where the real problems begin. The majority of service provider sales teams have a product to sell and will focus on your sites and bandwidth with the result being generic commercials and capability. But perhaps not correctly aligned. In some cases, IT Managers believe the approach of a quotation vs spreadsheet is an acceptable strategy. However, we stress the need to think a little more in-depth because connectivity is a major leading competitive edge for your organisation. The wrong decision will impact the business. When outsourcing to an MPLS provider a major point is to consider that your business goals may not align with those of the provider. A procurement strategy must be in place to ensure the best possible outcome.
Your organisations strategy
Strategy means different things to different people. When considering company strategy, IT management will need to think about what makes the organisation competitive in the market place and the capabilities which relate to digital process and workflows. A recent article discussed how a Japanese retailer digitised their processes to allow rapid replenishment of stock. The underlying architecture was based on 70,000 computers which collected data of sold items each and every day. The data is analysed and a robust network delivered stock replenishment orders. In addition, even the weather is considered. A strategic initiative such as this one must have an underlying network to deliver the data with maximum uptime. Without a robust architecture which supports resiliency, traffic growth and application priority, these projects will ultimately fail.
The complete life cycle of your VPLS or MPLS network sometimes involves growth, other times the network is subject to down sizing. When we talk about growth, discussions should surround both increasing size (sites) but also capability in terms of new application services. Growth is sometimes organic or the result of mergers or acquisitions. On the decrease of network sites, the reason could be again organic or perhaps areas of the business have divested.
Start with a diagnosis of your current situation
I’ll start with a statement (probably obvious but worth stating): “It doesn’t make sense to keep doing more of what doesn’t work”.
With BT MPLS network procurement projects we have been involved in over the years, perhaps one of the main reasons that projects do not succeed is indecision. IT Managers are faced with a tonne of service provider presentations which surround features and benefits which all sound the same. In the absence of tangible value, the decision is then based on price alone. If the savings are not significant, it takes a confident IT Manager to change service provider simply because the impact of another wrong decision is significant.
Avoiding a commodity based MPLS procurement project
I need to ensure readers understand the sentiment here. We are not adverse to gaining a great commercial outcome when procuring MPLS & VPLS VPN or Ethernet solutions. However, out goal first should be to align the specifics of your business requirements with the capability of the WAN service provider.
The value proposition is discussed as a ‘throw away’ term whenever we’ve experienced the standard sales meeting over the years. “We provide tremendous value” is spoken about as if it’s the gospel of account managers worldwide. And, let’s be honest, organisations continue to invest in ‘value’ solutions and services which should solve their problems, provide growth and provide a competitive edge. The percentage of businesses which succeed in obtaining this kind of value is pretty low, especially within the complex sales arena.
We believe clarity is required because it is so difficult to quantify value. In the WAN market place, this requires a repeatable process which will surround the following core areas:
Your existing situation
The existing situation is perhaps an overlooked element but discovering was it and isn’t working for your organisation is the best place to start. We suggest starting with how the network is managed, consider some of the way in which you are supported. Armed with this data, we recommend creating a statement of requirements based on the issues and problems or opportunities you uncover. Let’s talk about some of the necessary areas now.
Topology and user flows
The MPLS cloud (there’s an overused term), mobile working and globalisation is changing the way in which typical network topology is designed. When looking at your existing network, consider how the traffic flows from users through to applications. What are the potential risks associated with application downtime within the current network? What are the restrictions surrounding the existing VPN in terms of points of failure with failover?
This analysis will support your recommendations when considering any new proposals. Diagnosing your existing situation is a key component of the mindmap and will ultimately ensure you minimise the typical problems we see in the marketplace.
The technical aspects of any WAN surround, in the main, applications. The core subject of apps are how the connectivity performs between the user and application.
MPLS Network Application type
Understanding the properties of applications is a critical component of WAN procurement. The majority of apps fall into categories which align well to the typical QoS (Quality of Service) settings offered by service providers including the BT MPLS platform.
Voice and Video are typical delay sensitive applications and require strict priority end to end. Any delay outside of performance parameters will result in frustrating conversations. When considering a network, focus is required on end to end latency and performance to ensure you business is armed with the best possible user experience. Beyond voice and video, other critical applications include, as an example, Citrix. Although Citrix will stand a little delay and jitter, a consistent performance will be required to avoid user frustration.
When considering the technical design of applications, the flow between user and server should be documented.
Application latency and jitter
The performance of your applications is governed by latency, and in the case of voice, jitter performance. When considering the SLA’s provided by service providers, we need be be mindful that the figures will almost certainly only provide core network performance. When deploying global networks, IT Management should be aware that the tail circuit (distance between your site and the provider network) will have an impact on latency. In some instances, NNI (Network to Network Interconnects) will be used where the service provider does not have local presence. In the instance of NNI connections, the SLA in terms of latency and jitter may well not be known and therefore your organisations expectations should be set accordingly.
Provisioning sites with dual access requires consideration of the following elements:
- Building entry point
- Resilient CPE (Cisco routers and switches)
- Dual local exchange points
- Dual tail circuits with diverse routing
- Dual transmission POP’s
- Dual Provider Edge (PE) devices
Our list above demonstrates there are a number of points to seriously consider. The entry point into your building is largely determined by the availability of dual access points. In some instances, dual access is simply not possible due to listed status resulting in no structural work being allowed. If dual points are provided, the circuits will typically route via either ends of a building.
Resilient CPE, using Cisco as an example, involves two routers running HSRP (Hot Standby Routing Protocol). The configuration is quite simple, if one route fails, the other takes responsibility for the network.
The most common placed misconception is that using two providers is the best way to achieve network diversity – this is not the case. When implementing dual providers, consider that neither wholesale provider has access to the other providers network plans. This means that tail circuits will often follow exactly the same routes out of the building which will result in an outage if a fibre chop occurs. In fact. the only way to achieve dual provider resiliency is to create geographical separation if your business is intent on using dual providers.
Tail circuits should always be ordered as an official diverse product. With BT MPLS, this will essentially be called either Secure Access or RA02 (Resilient Access). Other service providers will clearly have their own branding for diversity products.
Dual local exchanges is largely down to wholesale provider infrastructure availability and is often not known until site survey occurs. When a diverse order is placed, the provider will attempt to create as much separation as possible. If a single exchange is delivered, diverse equipment will be used to minimise the risk of an outage and traffic downtime.
With geographical diversity, a point to point link will be required between sites. The latency must be low to support the keep alives created by HSRP. However, when to offices are located in different locations, the tail circuit routing to the provider will clearly be different.
Dual Provider Edge devices on the provider network are largely dependent on their scale. The critical question to ask any MPLS VPN service provider concerns their true MPLS Provider Edge scale. In some instances, marketing may state that a particular provider has 98% coverage and yet, when you focus in on the detail, the statement reflects wholesale access and not true provider edge coverage.
On the subject of MPLS BGP Routing and Internet, considering using dual providers for MPLS services is a daunting task. The Internet works differently to private based networks
Operating a multi provider BGP solution is never an easy proposition.
The cloud is the fix all solution for every IT problem, or so marketing would have you believe. As an example of where the cloud doesn’t necessarily provide a match for every solution, consider the mobile revolution which we are in the midst of right now. The result of this explosive mobile growth is creativity. Users which create often need huge, fast local processing and storage together with the need to change and later a mixed collection of media. Consider an online magazine where photography retouching of photo’s or video production may be required. The theory that everyone is positioned well to replace local processing and storage with the cloud is not strictly true. With this said, the cloud does offer a global, highly resilient, on demand capability for key applications which do not require a local presence. The success of cloud performance will be reliant on the underlying WAN connectivity or local Internet connectivity. Some applications should only be made available across the private based MPLS VPN due to security and the requirement for a consistent, predictable delivery. The take away is to understand your specifics, applications, user set vs local and cloud based storage to begin the design process.
Always remember that although the cloud is marketed as a cost effective method of outsourcing our IT requirements, delivery of application traffic is a cost.
Service and process
When reading this article, it is all too easy to focus on the up front elements of MPLS network procurement. The overall long term contract experience will be defined by service. How the provider deals with issues and problems, changes to the network and reports on service impacting issues on a regular basis. Service management may be an additional resource or you ay receive some components as part of your contract.
Adds, moves and changes
Perhaps one of the areas which creates the most frustration for business is within the area of change control. I have personally witnessed simple changes take weeks to complete creating frustration and delay for customer projects. The reason surrounds service provider process and the lack of agility surrounding the end to end workflow from deciding on the change through to implementation. In some instances, delay is understandable since MPLS network changes could be complex in nature and impact the user and application performance.
However, sometimes simple changes are required fast because there might be an underlying issue which in it’s self is creating problems for the business. With some lead-times taking weeks to complete, this very process has a severe and detrimental impact.
With this in mind, the change control process should be documented and thoroughly understood. In addition, there is often a cost implication with change control. Some simple changes will be completed free of charge but more complex changes will require professional services charges.
The MPLS network diagram is always the key focus of any design. The way in which the VPN topology is designed, the associated LAN addressing, routing, hardware specifications and bandwidths are nearly always depicted on a Visio. Let me know if you require an example Visio by the way.
The Visio is one component we nearly always find out of date throughout a contract. This is the result of poor storage (often on someone’s laptop) and the fact adds, moves and changes are often not co-ordinated with an update of the Visio documentation. We recommend a cloud based system such as Base Camp or Sharepoint which provides a central, secure storage point for network documentation.
Moving from one supplier to another certainly has challenges. The dual running of networks, user disruption, presales documentation, tail circuit issues, test planning and so on. Without careful thought and planning, migration could turn into a real business impacting issue. However, organisations are in a position to minimise these issues by using experienced project managers which follow and end to end process.
Many of the issues which occur during the migration phase are not actually the result of the actual migration work, they more revolve around projects being inadequately planned and poorly managed. However, there are project managers we work with today which consistently succeed. Do they iron out every single issue? No, but they minimise and forewarn of problems as they occur and manage to steer the company around them.
But. Even with the best and most experienced WAN project manager could be potentially doomed to failure with poorly defined business requirements and unrealistic delivery dates.
A quick health check starts with the following example questions:
- Are your organisations objectives clear and are you able to measure them?
- Do you currently have documentation in terms of project deliverables, timescales and required resources
- At first glance, do the deliverables look realistic next to the timescales?
- If work has already been started on your project, is their an audit trail?
- Is everyone within your business aligned to the end goal and do they understand what they expect to achieve?
Project planning is a major component of any network (unless you are talking about only a couple of sites). The need to clarify objectives is important to ensure everybody involved in the project is fully onboard with the requirements. If objectives appear hazy then your project may well descend into a commodity based buying decision. In addition, and this is a real point of clarity, IT management need to distinguish between an objective and a requirement. The two are very different with requirements being more specific in terms of the expected outcome. Pinning down the scope helps here since this describes the boundary to be drawn around what the project will and will not deliver.
Contract due diligence and service management
With the network installed, it’s time to relax. Unfortunately, this is rarely the case. Good networks require constant due diligence to ensure documentation is up to date, network growth and application performance is analysed. Upon install, there are a number of unknowns from the perspective of future adds, moves and changes, trouble tickets, app performance and so on. If the service provider is to provide a good experience moving forward, a number of different approaches are required including a good set of monitoring statistics (see network management)
As an example, in a retail environment, PCI/DSS compliance is required to protect customers credit card transactions and details. The PCI/DSS regulations is one example of compliance but many others exist within financial and government institutions.
The security of MPLS is almost a given. A private based network with no requirements to add further encryption such as IPSec is, as a general statement, the standard deployment. However, there are institutions (Government for example) which require additional security.
The point to remember is that no network is 100% secure. The security of a BT MPLS network, and whether the capability is ‘secure enough’ for your organization is dependent on whether or not your organisation understands how everything is tied together. The only real way to determine whether or not you are building the most secure capability possible is to conduct an audit of applications. In some instances, you may decide that your data is so sensitive that only a secure dedicated fibre circuit would be suitable. And this conclusion is fine, remember that a WAN is, more often than not, a hybrid of many connectivity options.
There is no doubt that mobility is now firmly in the driving seat with users requiring access to their data wherever they are located. Mobility brings greater challenges with the variety of devices (some of which are brought by the users into the organization) and ever more feature rich applications. The users workflows should be documented, how they access applications and resources, where they save data and the security surrounding their work. However, no matter how secure and accessible our data might be, the underlying latency across the WAN will ultimately dictate the user experience.
We discussed reach briefly earlier within our article, from the perspective of gaining clarity on marketing sales information presented to you from service providers. The truth is that most virtual network operators (VNO’s) will attempt to show they have 98% coverage of certain locations or regions. This of course is not true MPLS capability but a reflection of the relationships in place with wholesale providers
The way in which to achieve an excellent cost base is to first ensure the capability you are procuring is fit for purpose. In general, a budget should be given to the project which needs to be understood early on within the initial phases. The biggest risk to any WAN procurement project surrounds commodity based buying decisions. We have mentioned commodity on several occasions throughout this blog post which is the result of our experiences.
If your IT management team are not aware of MPLS costs, there maybe a smaller project up front to acertain the kind of budget required. In many instances, it may not be possible to achieve the complete objectives on day 1 – certain aspects of the design may need to be dropped. Without the due diligence to understand your project requirements, you will not understand which capability may wait until there is additional budget.