Do enterprises and other organizations need a CDC-like entity to help them in their fight against cyber attacks?
The Society for Information Management (SIM) thinks they might. Madeline Weiss, director of SIM’s Advanced Practices Council (APC), said the group is evaluating whether it’s time to create what she terms “a CDC for cybersecurity,” modeled after the U.S. Centers for Disease Control and Prevention. To that end, an APC task force last month drafted a proposal for such a body, dubbed the CIO Coalition for Open Security. Its goal? To create a framework in which companies can work together, across industries, and share information about malicious cyber activities—much like the CDC collects data and issues bulletins about outbreaks and other health-related developments to the nation as a whole.
The APC is no slouch. The council comprises 33 senior IT executives, most of whom are CIOs employed by large multinational corporations and government agencies. Although the APC usually acts behind the scenes in an advisory capacity, the cybersecurity problem is so critical that the group has been spurred to action, Weiss said in an interview conducted at SIM’s annual meeting in Denver earlier this month.
A large part of that push came from David Bray, CIO of the U.S. Federal Communications Commission, who recently spoke to the group in his capacity as a guest lecturer at Oxford University. Bray delivered a dim and “extremely scary” scenario of the future of cybersecurity, Weiss said, followed by some ideas about what the industry can do about it.
“He made the point that no one organization, no matter how big they are or how well-equipped, can solve this problem,” Weiss said. “He said success is dependent upon collaboration and openness–open in the sense that there is sharing of attacks, and that there is sharing of potential, of possibilities and observations and solutions and that there should be sharing within private, public and governmental sectors.”
Similar efforts exist within other sectors, most notably in the pharmaceutical industry, where Eli Lilly’s InnoCentive acts as a repository of crowdsourced solutions aimed at tackling unresolved R&D problems. Such an approach for cybersecurity, Weiss argued, could be equally beneficial, providing companies with early-warning information and other data they need to thwart attacks. In addition, a CDC-like organization for cybersecurity could connect security problem solvers with those experiencing security issues. For example, it might be able to produce a map of distributed denial of service alerts or act as an information clearinghouse.
“Working together, we can address this issue,” Weiss said. “Working alone, we probably can’t.”
The next step is for the APC to sketch out the framework that would support the coalition, including soliciting volunteers who would lead the initiative.
“Members have done some investigation and learned that there are [similar] activities in various industries, but they seem to be staying within their industries — in other words, lots of silos,” Weiss said.
“We plan to sponsor research that will help us understand who the current key players are and determine what has worked and what hasn’t,” she added. “We then anticipate pushing for combining efforts where feasible to facilitate broader and more open sharing [of information].”
Organisations should never be forced into a features and benefits conversation with their prospective service providers. The majority of network designs produced by our BT Business partnership surrounds hybrid technologies, perhaps VPLS across data centres, layer 3 MPLS at branch sites, fibre services within the core and IPSec / SLL for remote users. In certain sites, it makes sense to deliver a layer 3 capability, in others (such as data centres) VPLS is the clear option to deliver capability. In metropolitan areas, fibre is always a good option. This kind of features and benefits sales approach will result in missed requirements and essentially a MPLS or VPLS network solution which is not fit for purpose.
A good accompanying resource is the Techtarget version of my MPLS and VPLS step by step IT Managers procurement Mindmap which is available upon request.
The mindmap examines in detail the process and considerations to make vs your own business requirements. The overall complexity is dependent on not only your requirements today but also those which need to be predicted in the future. The IT team’s work is becoming more critical than ever to communicate needs as globalisation, security, application performance, user productivity and disaster recovery is driving a critical reliance on WAN connectivity. The ultimate goal, as ever, is to maximise uptime of resources and plan for scenario’s which are unlikely but would impact the business in a major way. The WAN may appear as though innovation is fairly stagnant, we don’t hear too much in the way of significant evolution and buzz around WAN connectivity. However, applications are evolving faster than they ever have before due to enhanced productivity, different ways of working and a desire to achieve efficiencies and this a competitive edge.
What is VPLS Ethernet
Virtual Private LAN Service networks provide the ability for companies to create a LAN structure between geographically separate sites. The traditional and default choice for IT Management is generally considered to surround layer 3 VPRn (Virtual Private Routed Network) – known as MPLS in the market place. We believe the growth of VPLS services is driven by the ubiquitous access of Ethernet coupled with private cloud based services. We will go on to to explain more about our findings later.
The key benefits of VPLS solutions surround a number of key points.
Perhaps the most popular discussion surrounds the ability to extend data centre connectivity (or essentially sites which contain resources) across geographical separation. The dream is to deliver global or national connectivity whilst maintaining a base level of configuration and thus avoiding IP address reconfiguration which is required with layer 3 networks (MPLS – Virtual Private Routed networks). We are aware that globalisation is growing with data centres located in far flung locations, the challenge of deploying applications is made easier with VPLS layer 2 WAN services. A VPLS solution will extend the deployment of your server clusters into different data centres protecting against major disruption.
In another scenario, service providers and enterprises often do not meet in terms of requirements vs capability. There are some businesses which are reluctant to allow a service provider access to their layer 3 management and routing, Perhaps the organisation is needing to serve an unsupported protocol which the service providers will not transport. In this example, the ability to layer on layer 3 is a clear advantage for VPLS based connectivity.
It would be remiss not to mention VLL (Virtual Leased Line) services as they are closely related. VLL’s are designed to emulate point to point / multipoint fibre connectivity across an MPLS core network. The benefits are clear since MPLS provides the reach and emulation for circuits which would otherwise be too great in distance for dedicated fibre provision.
VPLS provides any to any connectivity using pseudowires – Virtual Ethernet circuits provisioned as a full mesh topology
VLL – point to point or multipoint Ethernet pseudowires
A pseudowire is essentially point to point emulation of Ethernet.
One important distinction to make: VPLS is an evolution in terms of capability which is built and created on the shoulders of MPLS core networks. The majority of IT managers believe that VPLS is somehow a different platform to MPLS but the reality is, MPLS core networks are the foundation for layer 2 connectivity. In other words, todays MPLS networks facilitate layer 2 and layer 3 connectivity.
Prior to VPLS becoming a mainstream technology, organisations were not only limited by distance related issues across layer 2 fibre but also dedicated high speed data circuits equalled high costs. The telco’s already owned significant core networks with layer 3 capability, the addition of a layer 2 VPN capability made sense.
Some serious benefits to consider
An organisation with a private cloud (their own hosting facility) requires further virtual servers on the same LAN segment. However, space is running out fast. In this scenario, a further data centre could be added with a connection into VPLS. Once connected, further virtual servers are able to be installed which will appear on the same connected LAN as the older full data centre facility. The plus point is clearly demonstrated to surround seamless LAN connectivity. The added benefits of a geographically separated site surrounds disaster recovery and resilience since the loss of a DC will ultimately partially remove some connected hosts but not all of them which offers greater uptime.
You have the desire and capability manage your own routed network. As the name suggest, the procurement of VPLS is at layer 2 which leaves layer 3 routing to be setup as required. Service providers set a base level of capability for MPLS.
We worked with a client recently which had decided to implement a cloud server cluster strategy for redundancy and scalability. With each cluster needing to reside in the same VLAN and network but with geographical separation for further redundancy, the organisation looked to VPLS. which enables extended VLAN. In addition, their data centres were encountering issues with power and cooling. The addition of a further datacenter allowed the client (as per point 1)
Consideration of VPLS vs MPLS
VPLS is built using a service provider product term called EVC’s (Ethernet Virtual Circuits). This is a marked difference when making a comparison to MPLS. The use of EVC’s is perceived as a scalability issue since, as network grows, the network performance may be impacted meaning there is an ultimate ceiling in terms of how many EVCs each provider router may support. The majority of providers will brush over scalability since their core networks are, over time, increasing in their ability to scale which increases their ability to support greater EVC’s. In the majority of cases, there is no need to worry or be overly concerned but clarity should always be requested depending on which provider readers are considering. On the counter point, MPLS (or rather layer 3 routed networks) are truly connectionless from the perspective of scalability.
VPLS network terminology
As I have previously mentioned, VPLS is a layer 2 VPN across an MPLS core network. When considering providers, procurement teams will often be faced with acronyms such as PE or P which refer to the edge and core devices within a network.
The PE device refers to the Provider Edge which is essentially the edge node into a service providers network. IT Managers are advised to understand the true PE capability of prospective service providers since PE coverage determines scale and diversity options. The P device is the ‘Provider’ core aggregation devices within the centre of their network used to scale the MPLS core network.
Some thoughts regarding VPLS network procurement
In general, VPLS is sold as an unmanaged service with Ethernet handoff. With this said, in some instances, the provider will offer a managed service whether this is based on a Layer 3 switch or a router. As with any WAN procurement project, the advice is to carefully consider the service capability vs your specific requirements. The Mindmap not only details some of the specifics of VPLS but also the key vectors we know to matter across application performance, uptime, topology, strategy and budget. In general VPLS services should be viewed in the same way as the more traditional layer 3 from the perspective of SLA which includes latency, jitter and uptime guarantees. Clearly an unmanaged service creates a very different adds, moves and changes process vs managed services. The typical approach when making changes is often surrounded by ‘clunky’ processes which creates delay. One of the real plus points of VPLS, as we have mentioned within this article, is the ease of self managed services. We are seeing growth within the managed services sector where organisations are outsourcing the management to specialist organisations which overlay their services with the providers supplying the connectivity. This, we believe, is a major shift in thinking since the traditional approach is to use a single provider for connectivity and management. VPLS is creating an environment of adoption which creates a little more freedom when considering how to manage services on an ongoing basis.
All of the concerns surrounding MPLS procurement are essentially the same when considering VPLS. We are in effect talking about layer 3 vs layer 2 which both using an underlying MPLS core network.
We have written a fair amount of content on WAN procurement, both MPLS and VPLS but the core of our approach remains the same. It is clear that organisations which achieve better outcomes when they are able to align their business specifics vs the service provider capability. In short, if you consider applications (as an example), our approach to execute WAN procurement involves understand how the application performs today but also how performance may be increased to improve productivity. In some instances, improving application performance may not relate to the technical aspects of a capability but perhaps admin tasks such as adds, moves and changes. As organisations begin to understand how each provider might provide a capability which adds a competitive edge, the WAN becomes and enabler rather than the typical bottleneck.
VPLS is a growing technology which, in part, is due to the emergence of cloud based solutions, whether private or public. Server clusters often require geographical diversity, VPLS networks add a unique capability here. The ability to add, remove servers as required across a layer 2 Ethernet WAN with any to any connectivity. The simplicity of layer 2 is now available across the WAN offering seamless connectivity on a Global basis. As a counter point, layer 3 services offer an out of the box routed network supporting a standard capability. As I wrote toward the beginning of this article, we are finding most project result in a hybrid approach for design. This means that VPLS is a another building block for organisations to use in their pursuit of connectivity and cloud excellence.
Additional reading: MPLS Network long form article
WAN Service Providers long form article
Wi-Fi connectivity is a great luxury to have in public places to power your favorite app, but what if your life-saving medical device relied on the wireless LAN to work?
Hospitals are using wireless devices and equipment — ranging from small patient monitoring sensors, to pharmacy inventory systems, all the way to large imaging systems — to care for patients. Needless to say, reliable, consistent Wi-Fi connectivity has become a critical network asset, rather than just a “nice to have” feature for many healthcare facilities.
As the Internet of Things (IoT) gains traction, Wi-Fi vendors are working to ensure they can offer their customers the functionality and management tools they’ll need to support the influx of Wi-Fi-enabled devices requiring network access and attention from IT. “It’s clear that for a lot of our customers, more devices are ‘turning on,’ or requiring network access, rather than just the typical user devices people are carrying in,” said Bruce Miller, vice president of product marketing for Xirrus, a Thousand Oaks, Calif.-based Wi-Fi vendor.
Healthcare certainly isn’t the only industry grappling with supporting IoT devices. However, most other verticals aren’t faced with the challenge of supporting devices that are saving lives. Xirrus is currently working with healthcare customers, as well as customers that develop Wi-Fi-enabled medical tools and devices for the IoT. Miller also highlighted some of the wireless LAN design considerations enterprise IT teams supporting IoT devices should know.
Right out of the gate, many medical devices aren’t easy for IT teams to support. This equipment often comes with low-end wireless cards because they don’t have high bandwidth needs — especially in the case of a sensor that is reporting patient data, not streaming live video. Additionally, healthcare environments are also very “noisy” from an RF and coverage perspective, Miller said. “There are a lot of devices than can interfere [with Wi-Fi signals] – we’ve even heard of up to 20 devices in one patient room,” he said. “The number of devices is getting extreme, and in some situations, that can pose a lot of challenges.” Most healthcare facilities are also filled with many small rooms with a lot of walls that cut signal strength down, and radiology labs with metal-coated walls that are difficult to penetrate, he said.
Xirrus is encouraging its healthcare customers to design for dense environments by deploying direct, in-room Wi-Fi close to the client. This means more access points are needed in an IoT-enabled environment.
Once the wireless LAN has been bolstered to address the sheer number of devices that need support, IT must be able to understand and identify all Wi-Fi-enabled equipment in their environment, Miller said.”It’s key to be able to separate out what kind of device something is, what it does, how it operates differently from another kind of device, and lastly, how it [needs to be] supported,” he said. “We’ve been doing this for a while — helping customers understand the difference between a laptop, tablet or phone, so now it’s just extending that visibility further.”
In addition to understanding what the device is, IT has to be able to make sense of the data coming from the device in an intelligent way. Then, the information must go to the right place, like patient stats to a monitoring nurse or physician or alerts to IT if a device has been moved or stolen, Miller said. “We’ve had to look at the health of…a greater variety of clients, and put those capabilities into our systems to allow IT to troubleshoot,” he said. If a device keeps disconnecting and reconnecting, or generating a lot of errors, Xirrus’ network management tools can monitor those network health stats and provide alerts to IT. “Sometimes, it’s as simple as updating a driver or software on a device, or maybe [the device] is in a bad coverage area, and IT needs to know about that, too,” he said.
Wireless LAN design and deployment has changed dramatically over the years, and they also can vary by industry. “On our side, we’ve turned our procedures and best practices upside down from what we used to do just a few years ago…We also base our products on upgradable hardware so business don’t have to roll out a whole new set of products when things change in their environment,” Miller said. “We recommend higher signal strength everywhere, 5 gig everywhere, and being able to support an adaptable infrastructure that can conform to new requirements.”
If your idea of obtaining good MPLS costs is to throw a spreadsheet of sites together and hope for the best, you might be disappointed. In this article I share some of my experience where projects have achieved some excellent results.
Part of creating a WAN proposal is building a specific capability aligned with your business. A capability and not a bottleneck. The truth is, most clients I speak with regarding change are in a poor situation because there was never any work completed to understand whether their existing WAN was in alignment with their business. A major component of this work revolves around understanding which areas of both your organisation and the service provider capability are matched. To complete this work requires an understanding of both sides of the coin. In the first instance, IT Managers need to consider particular aspects of their business from strategy through to application performance requirements. On the provider side, each and every key area which has the potential to impact your business should also be clearly understood. I’ve often been involved in a situation where the information provided by an organisation in order to price up their WAN is little more than addresses and bandwidths. In this scenario. the decision making process defaults to little more than a commodity based purchase. In the absence of value, all you are left with is price.
Dealing with special pricing teams
I have also been involved in a good amount of special bid’s. You know the kind of situation. One provider is more expensive than the other but features appear equal. Senior members of a business don’t really get the value and therefore instruct their IT management team to obtain MPLS costs at their best available rates. The problem occurs when the provider is faced with the spreadsheet I mentioned earlier. The special bid team working on your account is unable to determine whether their is serious buying intent because they don’t have a well aligned design in addition to the spreadsheet. The answer then is fairly simple. Providers (and special pricing teams) need to see buying intent, they need to know that their hard work will not be wasted on a fruitless exercise. So, whilst your intent may well be mostly ‘lowest possible pricing’ based, remember that the teams within the provider recognise which deals are more likely to result in a sale.
A base level of data to achieve great MPLS costs
If you consider a base level of data which should be the minimum required to achieve good pricing, I would suggest the following elements.
- Topology diagram presented in Visio format (including failover)
- Applications, listed by priority with QoS (Quality of Service) settings
- Your business strategy in terms of decision making process with time scales
Over and above these elements, a complete statement of requirements (SoR) will provide a major benefit to both your project and the goal of achieving MPLS costs from the providers with which you are in discussions. An SoR is a thorough document which is designed to look at every aspect of your particular business including the motivation for your project, the existing service provider and their pain points and issues together with a revised design based on these specifics. When preparing SoR content, a templates approach is required to ensure certain elements are not missed when creating the documentation. In the day job, we consider every aspect including:
User experience to the user behaviour which is increasingly mobile on a global basis. The users within your network require ubiquitous access to resources no matter where they are located.
Quality of Service – The level of bandwidth a priority required for each application on the network. Careful consideration must be given to where the traffic is sourced and destined.
Failover – Consideration of failover design and type. For example, the failover product should be designed whether the uptime is based on fibre primary and fibre failover or most cost effective copper including EFM and broadband.
US readers will no doubt tune out but wait. Although BT IP Clear is a UK based service, the technology refers (as a rule, there are exceptions) to unmanaged connectivity from BT. The US market is largely unmanaged vs the UK’s preference for managed services when procuring WAN connectivity. So, take a read through and compare a flagship UK product vs your US service provider capability. BT are no longer using BT IP Clear as a product name but the majority of IT Managers still refer to their wires only product using this brand reference. BT IP Connect is now the flagship product which also includes a wires only version together with fully managed routers where required, both Global and UK. Within the rest of this article, we’ll talk generically about the BT IP Clear capability.
- Reach and Diversity for failover – BT’s national coverage of Provider Edge (PE) devices to terminate your circuits
- SLA – The national latency, jitter, uptime and install figures
- Circuit types – From Gigabit Ethernet through to ADSL
- Other services – cloud, SIP and remote access
We have been spending a substantial amount of time over the last 18 months improving and honing our WAN procurement content. In some respects, this work is slight selfish since we are, in tandem, documenting our own sales process. Our original WAN Mindmap was generic and contained the pitfalls, risks and opportunities associated with MPLS & VPLS procurement. It is still, by far, our most requested content. Good news – when we embarked on the BT IP Clear version, we really wanted to create something which would specifically detail the procurement process as it relates to a particular product. The IP Clear service is generally positioned as wires only product and therefore attention should be paid to the attributes of a self managed service.
BT’s MPLS network is known to be well engineered and essentially covers the UK and, in the case of Global Services, the rest of the world. Gartner recently announced BT would remain within their magic quadrant because of their capability to serve global Enterprise clients. You may be forgiven for wondering how BT Global MPLS has anything to do with the BT IP Clear UK product? The same resources and investment is put into the network as a whole. As the global network evolves, so does the UK capability which increased bandwidth and presence with POP’s (Points of Presence) becoming more wide spread adding diversity and performance increases. If you ever read BT product description, the capability also mentions global reach. This said, IP Clear has always been associated with UK coverage. However, it is possible to procure a UK VPN from BT and connect international sites at a later date should your organisation grow by acquisition.
The following map details existing coverage in the UK.
It’s pretty easy to notice that the UK is well covered. Ultimately, this means your sites have less distance to travel to the nearest point of network entry. This not only reduces costs but also has the added benefit of diversity choices and the best possible latency.
The more PE nodes a provider has, the easier it is to create a diverse network. Within the generic procurement Mindmap, we always advise asking any potential provider for their true PE coverage as this will demonstrate your ability to create diversity and also demonstrate the providers true MPLS capability which is often covered up by marketing.
Let’s look at an example.
The BT Secure Plus product is designed to avoid any single point of failure. With full diversity, two routers will be configured running HSRP (Hot Standby Routing Protocol) or load balanced depending on your requirements. (Being self managed).
From the routers, BT will look to use two different points of exit from the building. Whether or not this is possible depends a) whether two points of entry exist and b) whether or not there are any restrictions on the building from the perspective of creating another entry point. Once the circuits leave the building, diverse paths will be attempted to ensure seperacy is maintained with dual BT local Exchanges used where possible. From the exchange, the circuits will ultimately arrive at dual BT Provider Edge POP’s.
As an MPLS network can carry both your voice and data traffic, you are effectively putting all of your applications under one circuit without diversity. Although you can achieve economies of scale by using MPLS a reliable service becomes essential or any savings you make by using the technology can quickly be eroded via productivity losses in the event of failure. By having so many POPs in so many key business locations BT can provide that piece of mind that we can reach a resilient POP sooner than any other provider in the UK.
There are a number of different ways to access the network, including connectivity from 1Gbit/s all the way through to standard broadband. One of the clients we are working with now are using the IP Clear ADSL product across 106 sites, only two of them are fibre based leased line products. There is a mix of availability with regards to DSL from standard ADSL2 through to FTTC (Fibre to the Cabinet). In terms of site issues, there are only 3 of the sites which are suffering from poor performance due to the locations being remote. BT are able to check site addresses to understand the kind of performance you will experience in the real world. The actual performance has been pretty good in terms of latency, here’s a live ping from the network which includes the LAN from HQ to a site connected via DSL:
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms
CE_Router#ping 10.10.165.254.254 .254 0.254
Type escape sequence to abort.
The performance of the above ping is more than good enough for VoIP (SIP) based services and mission critical applications. The upstream bandwidth may potentially become an issue over the longer term but, for now, all is looking good.
- Lower cost fibre access direct to your site
- EFM access, aggregating copper pairs (telephone lines) to offer a single Ethernet service with built in resilience and a lower cost compared to fibre
- ADSL2+ integration as an access technology onto our WAN services
- Superfast access through Fibre To The Cabinet (FTTC) and Fibre To The Premises (FTTP)
- EMF and GEA access providers
BT IP Clear SLA (Full granular figures are included within the Mindmap)
The SLA is a commercial agreement, we always suggest organisations never design based on SLA figures and NEVER commit to the business that circuits will always perform to SLA parameters.
This said, the SLA will provide you with a good overview of predicted performance. If we know that traffic across the UK POP to POP will perform on average Xms depicted within the SLA, we are at least able to consider worst case performance. In general, latency performs better than projected SLA figures since they are always set as a monthly average.
The uptime guarantee is perhaps the most useless of all, in my opinion of course. (Not BT’s by the way, just SLA’s in general). For years we have seen figures of 99.9% as the standard for fibre based leased line connectivity. The fact remains that the SLA is of little comfort if your site is down and falls outside of these amazing averages. In this sense, it is important to design uptime based on the specific requirements of that site. The IP Clear product allows you to ensure services are built to maximise both productivity and performance regardless of the SLA figure.
Clearly the WAN is an enabler to additional services such as the cloud and SIP. BT provide a number of different cloud based options for managed services which include hosting and colocation. These services may not be as applicable for clients looking to buy IP Clear self managed IT infrastructure but it possible to create a hybrid of services. Access to SIP is a possibility by two methods. The first involves separate access using a BTNet leased line.
The other alternative is directly via the MPLS platform. However, the BTNet variant is a much easier product to implement since the product allows interface into existing ISDN-2 or ISDN-30 circuits – a Samsung device converts ISDN to IP. However, if true end to end SIP is required, access will need to be via the MPLS platform.
BT IP Clear Pricing
We are finding that project we are working on are producing some excellent commercials. As an IT Manager, you need to be aware that any project will likely yield better savings and costs when the requirements are fully outlined. The special pricing teams within BT are busy and therefore they take the projects with a good statement of requirements more seriously than those which consist of a spreadsheet and bandwidths.
Our senior designer has Distilled everything we know about BT IP Clear procurement into one of our single step by step A2 Mindmap. We borrowed some of our Techtarget MPLS VPN procurement workflows and essentially layered on the specifics of IP Clear service from the perspective of reach, latency, QoS (Quality of Service), fix times, uptime, change requests and additional BT products which interface into the capability including SIP and Cloud. Request the hybrid procurement Mindmap with added IP Clear capability.
It’s not often we’d open an article quoting Einstein. “The significant problems we face cannot be solved by the same level of thinking that created them.”
As a companion, readers may wish to request the Techtarget version of our IT Managers step by step VPN procurement Mindmap.
In other words, if you are considering changing your Global MPLS provider, something must change within your procurement process to avoid the same problems and issues occurring again.
The overall intent of any WAN procurement project is as follows:
- Avoid the typical pitfalls, issues and problems faced by the majority of Enterprise and Medium sized organisations when procuring international MPLS providers
- Align the specifics of your business strategy, applications, business continuity and process to the service provider market place
- Understand the impact of engaging with a provider which doesn’t operate a repeatable process to identify your business needs – the issues are often felt for years
- The Mindmap is designed to help you follow along as you move through the procurement process
Read on to understand some of our thoughts and ideas surrounding specific Global MPLS providers challenges.
The first steps, align your business
We all like to think we know and understand aspects of our business. In many ways, it’s not the knowledge we have but taking that knowledge and ensuring suppliers understand your value and your competitive edge – what makes your business unique. In the respect of Global MPLS network procurement, this means ensuring that any prospective provider clearly relates the specifics of your business to their capability to deliver a Global MPLS network providers service. When IT and business are mis-aligned, the business is seriously impacted. We’ve witnessed clients facing simply frustrating issues such as incorrect billing but also those clients which have suffered huge downtime and productivity issues. If you follow a repeatable process within the international service provides procurement process, you are in a better position to tick off the boxes as you complete the project ensuring good practice and due diligence is adhered to throughout your project.
The workflow for network procurement sounds vast. If you consider everything from application performance through to high availability, adds, moves and changes, delivery and migration, you gain an understanding why some companies just keep plodding on with their existing supplier. However, we know it doesn’t make sense to do more of what simply isn’t working.
Of course, being able to find a perfect provider is most certainly a futile task as there will always be aspects which don’t fit. However, if you know and clearly understand where these weaknesses exist, you are able to either work around them or adapt your business. As an example, you might find a provider which takes time to make bandwidth upgrades. This fact may either be a show stopper of something which you are able to work with depending on the detail.
In short, the areas we consider are as follows:
- Business Strategy
- Business Continuity and DR (Disaster Recovery)
- Documentation and process
- Due Diligence throughout contract
- SLA (Service Level Agreement)
- How to achieve Global and UK proposal and pricing excellence
Becoming a strategic thinker
Strategy is the direct link between your business specifics and your provider. The subject of strategy often conjures up thoughts of huge amounts of work but in reality, and as far as Global MPLS network providers procurement is concerned, strategy is about defining the key areas which make your business successful. We see this time and time again, the businesses which are successful within their particular niche really understand their go-to-market strategy, the areas which result in customer retention.
When we think about strategy, we consider your business and the impact of particular MPLS network areas. As an example, your key sites where you deliver services or data to customers must offer up a capability which contains no single point of failure. Or, perhaps there is a particular application which must perform well – the performance is key to customer satisfaction. Although these aspects will no doubt be covered in the technical design, outlining them and defining these key areas as part of your strategy will have a profound effect on the overall outcome.
Application performance and enhancements
Understanding applications is the basis of productivity for both internal users and customers engaging with your business in various forms. The way in which applications rely on MPLS varies but the key aspects cover latency, jitter, uptime and packet loss. Service providers are able to offer feature rich solutions which include QoS (Quality of Service) to provide confidence in the performance attributes. However, an SLA is only a commercial agreement – the network should never be engineered based on an SLA but there is a good indication of overall performance. The mindmap will also point you to areas which you may not have considered such as the impact of ‘chatty’ applications.
Keeping those applications running with maximum uptime
Clearly, having well performing applications is great from a business perspective. A major part of your applications performance is uptime. We recently wrote an content on the BT RA02 (Resilient Access) product where we described some of the aspects of achieving a solution with no single point of failure. We are pleased with all areas of the mindmap but particularly within the resilience and diversity section. Here, you’re able to easily see the pitfalls and the questions you need to ask of network suppliers ensuring there are no single points of failure within your capability.
Topology, any to any
The native topology of MPLS facilitates any to any connectivity. However, topology is also concerned with restricting access to certain areas of the business. As an example, clients create multiple VPN’s within a single VPN for voice and video to keep them seperate. More than applications, MPLS solutions allow you to create separation for extranet clients – you may have a supplier which requires access to areas of your network such as procurement of goods or services. The topology maybe created to facilitate this capability.
Within topology, you need to consider reach. If your organisation is looking at expanding into particular areas on a global basis, the future reach of your provider becomes a critical aspect. Even if we consider UK clients, opening a data centre in a location which is not well served by a particular provider of choice will impact you in terms of cost and potentially uptime.
Projects which need to be factored
With many organisations, there will always be a future project in the wings. We see this with various departments considering new initiatives or the business as a whole might on an acquisition trail. You may believe this area to be part of strategy but our belief is that these aspects require a section of their own. The situation you need to avoid is one where you put in place a solution which isn’t fit for purpose because the business launches a new initiative or procures another business.
Keeping up to date with documentation and due diligence
One of the major disappointments clients experience relates to poor network documentation and due diligence throughout their contract. We worked with a client recently where their network has not been configured correctly from day 1 with a serious knock on effect to their business. Applications performed but very badly and nobody from the service provider had a good understanding of configuration.
In order to avoid this situation, global MPLS providers need to define how they maintain documentation and also where the documentation is stored to avoid versioning problems. The mindmap will provide details on the areas we recommend you consider.
Throughout contract, due diligence with documentation is important. Just as a repeatable process is required for WAN supplier selection, a workflow is also required to maintain good practice covering such areas as trend reporting and SLA breaches.
Global MPLS Providers & Service Levels, Delivery and Migration
The Global MPLS network mindmap provides a focus on the key areas of service levels including the usual suspects from latency, jitter throughput to uptime and packet loss. Within each of the service areas, we point you to pitfalls and where the service provider marketing may miss out some of the key points. The SLA is a good indication of the providers performance, not only from the perspective of ongoing service but also delivery aspects of the service including adds, moves and changes.
Perhaps one of the biggest areas of weakness surrounds slow and painful adds, moves and changes. Some providers are more agile than others in respect of changes but we find that the process is often improved if the client has a clear understanding of the workflow from raising a change through to placing an order for the change and delivery. Some aspects of changes will be fast, others will take time. Again, which of these aspects that will impact your business will be understood when the specifics of your organisation are aligned with the product.
On the delivery side, the SLA will apply to lead times. There are certainly aspects to consider here which are going to become critical to your project including the actual process to take you from a design through to ordering, acceptance, and circuit delivery milestones. On top of this, you will also want to be thinking about migration and how you will take your service from one provider to another.
Budget, achieving the best international MPLS providers commercials
Obtaining a good deal requires knowledge of process. In addition to our knowledge of MPLS network pricing workflows, the mindmap does a good job of bringing other areas to your attention which make a commercial difference. An example of which is creating your statement of requirements. Any service provider prefers to work on a well qualified set of requirements and presenting your needs in this way has a dramatic effect on how they approach the commercials of your solution. If, for example, you present a list of sites on a spreadsheet, the provider will not take your requirements seriously and will forward out standard pricing.
If you have any further questions, let us know. The organisations on our PDF are also able to offer VPLS providers services.
By Chuck Moozakis
Private equity investment firm M/C Partners has a long pedigree in telecommunications investing. The Boston-based firm, formerly known as Media Communications Partners, has overseen more than $1.5 billion in placements over the past two decades as it focused on companies spawned from the landmark Telecommunications Deregulation Act of 1996.
So, when Managing Partner Gillis Cashman talks about the firm’s latest investment–$50 million equity funding in data center services company Involta—his thoughts bear at least a cursory listen. Why, after previously investing in heavyweight companies that included Metro PCS and Level 3 Communications, does M/C now believe Involta, with just a handful of data centers in towns such as Duluth, Minn., and Marion, Iowa, is a good bet?
The simple answer? Application performance. Or more specifically, the lack thereof.
“There is a view in cloud computing that data centers are now becoming commodities and that proximity doesn’t matter; you can host your servers anywhere,” Cashman said. But concerns about application performance, and to a lesser extent security, are inhibiting cloud’s success, he said. “When you think about application performance, it really requires a different architecture, where you need to get those servers and applications very close to the end user.
“Instead of 50 servers being in a data center in the middle of nowhere, now what you need is 50 servers at 50 data centers close to the edge where the redundancy is in the network itself.”
And, Cashman said, those DCs should be located where the need is greatest: to serve enterprises in communities that are not served by Tier 1 or Tier 2 providers. These companies, he said, still have mission-critical applications, but they can’t get the service-level agreements they need to ensure their employees and customers are getting the application performance they deserve.
“There is far more insourcing going on in smaller markets,” Cashman said. “The reason is they either don’t trust the facilities in the market or there are no facilities in the market, so they are forced to deploy their applications internally.” To target these types of customers, Involta builds a dedicated fiber link from the DC to the enterprise, effectively creating a leased line. “Performance across this network is guaranteed because it never touches the public Internet, and to me, that is a critical factor that will drive more outsourcing [to data centers]. You need to have that infrastructure in place to effectively place these private cloud architectures.”
Ensuring that Acme Manufacturing in central Iowa has the same broadband capability and application performance as XYZ MegaCorp. in New York City is smart business–and as M/C Partners almost surely agrees, it’s good business, too.
The default for the Enterprise is to typically progress their MPLS proposal with the larger end of the market which is understandable. An Enterprise requires the stability of a service provider of equal stature in terms of size to provide comfort in stability. On the flip side, smaller organisations (think SME) are always avoiding the larger service provider in favour of the agility and focus which smaller providers typically offer.
I personally worked for a large service provider in the mid 2000’s and recall a strategy change where the CEO decided to effectively segment their business. In short, the provider decided they were expending way too much of their employees time supporting SME businesses which represented a fraction of their revenue. As a business decision, it was probably the right one to make but I imagine the SME’s being given the news that they were effectively being forced into a different support channel were not impressed. Within the same provider, they also launched a new program of professional services where the large enterprise would be expected to pay for service and project management – i.e. these resources were no longer being provided by default. I’m not judging their decision and in many ways the service and support increased for their Enterprise clients which probably had the budget.
The smaller SME therefore should be wary of entering into contracts with the larger providers since they may not achieve the focus and service of the larger paying clients. I appreciate this is a broad statement to make and larger service providers are making strides into changing how they support the SME market. An an example, BT have launched a specific product which is dedicated to the SME market but the release is early days so we will have to see how things pan out.
Let’s look at some of the comparisons.
Clearly larger service providers have huge revenue streams which offers stability associated with similar institutions to themselves. This said, profitability is still very important as we have witnessed large providers such as WorldCom enter Chapter 11 so size is not always a given from the perspective of stability. However, all things being equal, a large stable company provides long term comfort when signing WAN contracts. The smaller providers are often good profitable organisations but they very much have a shorter way to fall if things should go wrong. We know of companies which are reliant on a few contracts for the source of their income and profitability which clearly is a risk. And there are some which have a good broad range of contracts so are more stable and further along their business growth path. It is also true that smaller providers are more prone to strategy changes. In any given month, they may decide to invest which changes their financial position and increases risk.
Staff and coverage is also an area which requires clarification. Using another example, a provider we worked with under a consultancy arrangement had only two main POP’s (Point of Presence) in the UK with only a few staff. We asked how they would support offices over large distances and they said “We would put replacement hardware in a van and ask one of the engineers to drive it over”. Whilst this approach may work, it’s clearly not a particularly robust support process.
The coverage of a provider is very variable with smaller providers. Our experience ranges from companies with hardware in an office (yes really) through to a couple of core POP’s up to well engineered networks. I always recommend IT Management looking at procurement to clearly understand the true MPLS coverage of services providers.
Over and above coverage, process for adds, moves and changes very much varies when comparing the larger organisations vs the smaller companies in the market place. In my experience, smaller represents agility with larger service providers often creating more bureaucracy.
Over the years there has been on constant split between UK based organisations vs their US counterparts. The US appear to procure their MPLS capability as wires only, i.e. self managed vs the UK’s tendency to outsource.
We are witnessing companies such as BT experience more traction with self managed WAN products such as IP Connect unmanaged which allows clients to procure network connectivity and not management. Note: For UK readers, IP Connect replaces the IP Clear product.
As a rule, service providers are traditionally a little cumbersome to deal with when making adds, moves and changes. in many ways, the lack of agility when making changes is perhaps one of the main reasons why there is so much churn in the industry. In our past life, we assisted organisations with WAN procurement which provided an insight into why businesses were looking to change service provider. One of the main reasons? Making changes to the network took way too long, the change was often incorrect and the documentation reflecting the updated network was poor.
With the above in mind, I would have expected to see less churn in the US market simply because businesses are in a position to make their own changes to the network. I believe this tells us that the frustration with service provider agility is simply one reason why an organisation procures a brand new WAN and the sum reflects a number of issues and problems.
When outsourcing to a service provider, you are effectively reliant on the provider to configure and maintain the capability of your edge routers (and switches potentially). There is an obvious benefit here since outsourcing allows your IT team to focus on other areas of the business rather than the WAN. However, the negative occurs when the provider simply does not act quickly enough and / or misunderstands requirements resulting in incorrect delivery of the change. In my experience of working with and for large service providers, we’ve seen the simplest of changes take weeks which has a profoundly negative effect on the business. When these kind of delays occur, the WAN becomes a bottleneck rather than an enabler. In 2014, you would also expect to see innovations in the field of change requests and for sure we are seeing some improvements. However, the majority of providers are very much still reliant on the same bureaucratic processes. This said, we have seen some real innovations with portals now providing an easy to access method of requesting changes with real time updates as progress is made. These portals generally only support a ‘base’ level of changes though and the more complex or un-productised changes still very much require a manual process.
The clients which adopt an in-house managed service approach are well positioned to make changes as and when required. However, any changes which require the provider to also alter the configuration on their network may still result in similar delays to those experienced with outsourced capability. In general though, straight forward changes are completed quickly as and when required which provides an agility which the service providers generally cannot meet. The negatives revolve around having to ensure your IT staff are well positioned to troubleshoot, configure and maintain the required due diligence required with a corporate network. As MPLS is a provider network protocol (and not deployed on your edge router), the actual configuration required is relatively simple. Self managed networks are more often than not fully monitored by the service provider which is key to leveraging their knowledge and insight into the end to end connectivity.
The last point to make is that outsourcing does not have to be provided by the service provider. There are many opportunities to leverage the ability of niche managed IT companies to look at providing an alternative. As cloud services are becoming more prevalent, IT companies are leveraging their capability to provide a ‘one stop shop’ for managed services. I believe we will see this occur more as we move forward.
Riverbed Technology conducted a short survey of Interop attendees at its booth during the Las Vegas conference in April, but the findings didn’t stay in Vegas. The survey of IT professionals revealed that IT knows that poor performance by mission-critical applications can hurt their businesses, but too few of them are doing anything about it, according to Riverbed.
Riverbed asked 210 Interop attendees about their awareness of the technologies that exist to mitigate app performance problems, and if their company was taking proactive steps to avoid application issues, said Steve Riley, Technical Director for the CTO’s office at Riverbed.The top three causes of performance problems, according to Riverbed’s survey, are insufficient bandwidth, too much latency, and slow servers. But a gap remains between those who are aware of the problem, and those who are actually implementing solutions, Riley said. In fact, the results found that 80% of respondents know that slow business-critical applications can have a moderate to extreme impact on overall business performance, but only 50% of then were actually doing something to solve application performance issues.
While budget constraints are undeniable, Riverbed believes that overall willingness to adopt application delivery and performance management technology that can help is “missing to a certain degree,” he said.
“Seventy percent of respondents said, ‘let’s throw more bandwidth at the problem and see if it goes away, but only 50% of businesses actually have bought more bandwidth,” he said. And 67% of respondents believe that WAN optimization solutions are a good way to combat application performance issues, but only 42% of businesses were using WAN optimization tools. Finally, 52% of respondents believe that they can solve some performance problems by geographically distributing application workloads, but just 28% of businesses have followed through with that method.
So what can businesses with budget constraints do to mitigate application performance problems? First, Riverbed suggests that businesses evaluate their mission-critical apps before buying a bunch of bandwidth. Some applications won’t simply begin performing better with more bandwidth because latency and jitter could still be an issue, Riley said.
“Don’t just guess at what your performance problems are,” he said. “We really suggest that people analyze and diagnose their application problems first.”
Businesses should also think about geographic distribution, Riley said. “Keep in mind that it does take time for applications located in one place to move to another place. With major cloud providers scattered all over the world, multiple instances of workloads is becoming an easier thing for people to do, so [users] can access that data anywhere.”
Last, but certainly not least in the opinion of a vendor focused on IT performance, businesses should also put WAN optimization tools where they make sense. “The whole purpose of that technology is mitigating latency, and allowing end users to access applications as if they are local, even if they are on the other side of the world,” Riley said.