Professional Documents
Culture Documents
Executive Summary
SECTION 1: CHALLENGE 2
The Challenges of Managing Service Provider
Networks
Managing Thousands of Devices
Managing a Myriad of Services
Managing International Operations
Managing Equipment from Multiple Vendors
SECTION 2: OPPORTUNITY 3
The CA SPECTRUM® Opportunity
Distributed Server Architecture
Fault Tolerant Architecture
Distributed Viewing and Navigation — OneClick
Architecture
Efficient Service Assurance
Reduced Operator Intervention
Reduced Network Traffic
Multi-Vendor Management
SECTION 3: BENEFITS 10
CA SPECTRUM — Designed for Service Assurance
SECTION 4: CONCLUSIONS 10
Copyright © 2007 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. To the extent permitted
by applicable law, CA provides this document “As Is” without warranty of any kind, including, without limitation, any implied warranties of merchantability or fitness for a particular purpose, or non-infringement. In no event will CA be
liable for any loss or damage, direct or indirect, from the use of this document including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised of such damages.
Executive Summary
Challenge
Service providers are rapidly rolling out managed Virtual Private Network (VPN) services,
including MLPS VPNs, which enable carriers to offer differentiated levels of service
commensurate with customer needs. One of the concerns that carriers face is how to
effectively manage these large scale networks to ensure that customers are receiving the
level of service for which they have contracted. Factors adding to the complexity of
managing MPLS VPNs include:
• Managing thousands of devices
• Managing a myriad of services
• Managing international operations
• Managing equipment from multiple vendors
Opportunity
CA SPECTRUM® Network Fault Manager is suited to manage these challenges while
increasing operator efficiency and lowering costs. CA SPECTRUM provides advanced tools
and policies that are essential to delivering reliable, scalable and profitable VPN services.
CA SPECTRUM provides a distributed, fault tolerant architecture built to support the
world’s largest service provider networks offering complex services over network
equipment spanning hundreds of different vendors. CA SPECTRUM also provides an
efficient services architecture to proactively monitor the health of service delivery from
edge to edge, and provides efficient dashboard views into service quality. With all of its
capabilities, CA SPECTRUM gives service providers the opportunity to increase revenue
through differentiated services and offers.
Benefits
CA SPECTRUM can manage the complexities of MPLS VPN services, enabling service
providers to take advantage of this growing market opportunity. Using a combination of
historical performance data and real-time monitoring and assessment, along with a
distributed and fault tolerant architecture, CA SPECTRUM offers the essential capabilities
required for large scale, managed VPN environments:
• Scalability • Reduced operator cost
• Service assurance • Multivendor support
• Multivendor support
As device count increases, total port count increases even more significantly. Current devices
have the capacity to connect to potentially hundreds of other devices. While these additional
connections provide increased service and connectivity options, this greatly increases the
complexity of management. This increased complexity is due to the additional dependencies
on services provided by these other devices. Without proper control, outages and configuration
errors can negatively and quickly propagate throughout the network, affecting a large number
of other devices. This cascading of a fault would cause expensive downtime and loss of service
for a large number of customers. It is essential for the management system to understand and
accurately model these critical relationships between devices.
Today we stand at a critical junction of network, systems and service management brought
about by the increase in:
• Device count
• Device port density
• Device dependencies
The increase in devices, ports and services leads to an explosion in the number of managed
objects that must be handled by the management system. As the number of managed objects
increases, the cost of managing this environment also increases. There are some indications
that these increases are not simply linear, but increasing more rapidly than the total number
of objects.
Efficient Service Assurance with CA SPECTRUM® Network Fault Manager MPLS VPN
Manager (CA SPECTRUM NFM MPLS VPN Manager)
There are two primary techniques to provide service assurance, each having unique strengths
and weaknesses. Passive techniques typically require fewer resources to operate, but they
provide limited information to the user. Active techniques provide richer information at the cost
of increased resources. In order to better serve customer needs, CA SPECTRUM NFM MPLS
VPN Manager provides both types of service assurance techniques in its management suite:
• Passive techniques: Trap handling, interface to site rollup
• Active techniques: MPLS-aware VRF Ping and Traceroute
In environments where traps are used, this provides the most resource efficient way to
manage these services. Examples include the following traps, which are sent when the VRF
changes state:
• VRF interface up
• VRF interface down
As network devices become more capable, there will be increased reliance on active service
assurance techniques.
While the VRF-aware ping is a useful tool in managing MPLS VPN environments, judicious use
is required to ensure maximum effectiveness. Testing to ensure that all sites in a VPN can
reach one another becomes impractical when the number of sites is greater than 50. A full
mesh test scenario is an “n squared” problem and would lead to 2,500 tests per test cycle.
Large VPNs present even greater capacity limitations.
In order to scale to VPNs with a large number of member sites, CA SPECTRUM offers several
techniques and user-definable options to ensure performance and scalability. These are:
• Disable VRF ping completely
• Enable VRF ping per VPN (useful for premium VPN services)
• Enable VRF ping per site
In addition to being able to include or exclude a site in the testing process, CA SPECTRUM
allows the user to define what role the site plays in the network. Rarely do all sites in a VPN
need to connect directly to all other sites. Instead, a more common scenario is all remote
offices need to connect back to servers at the corporate headquarters — greatly reducing the
number of tests that need to be provisioned. In addition, common hub and spoke topologies
can also reduce the number of tests. Each communicates to one hub directly instead of dozens
of other sites.
CA SPECTRUM delivers superior flexibility, allowing the user to define the test role of each site.
The possible roles include the following:
• Testing Disabled
• Source Testing Role (VPN site is a originator for VRF testing)
• Destination Testing Role (VPN site is the destination for VRF testing)
• Source and Destination Testing Role
VRF AWARE TRACEROUTE VRF Aware Traceroute is the other active service assurance tool
available in the CA SPECTRUM NFM MPLS VPN Manager module. Similar to the ping tool that
creates end-to-end connectivity tests, this creates end-to-end path tracing tests. These tests
are used to determine stability of the core network (MPLS LSPs). For example, one service
provider has discovered that if more than 10% of paths are changing in a single cycle, it
indicates a critical problem. In their case, the service provider created alarms to highlight
whenever that occurs.
The automated service management capability allows the system to discover and model new
MPLS services as new network devices are managed in CA SPECTRUM or as new services are
provisioned on existing devices. This greatly reduces the amount of time and effort required
for operators to configure the system. In addition, these features may be configured so that
service discovery happens only at certain times or to conform to local policies or practices.
For example, it may be desirable to limit discovery operations to off-peak hours.
The remaining items in the list provide operator efficiencies in viewing, navigation and
searching. These enhancements give operators the tools to work efficiently in the numerous
large networks. The global policy control provides a great asset to managing server policies in a
multi server environment. This feature allows an operator to set the policy on a single Assurance
Server and push that policy to all other Assurance Servers. Examples of the types of attributes
which may be set include:
• Enable Dynamic Discovery
• Enable Trap-based management
• Enable Port Polling on PE routers
• Model Inactive VPNs
• Enable VRF Ping / Set Polling Interval / Set Timeout
• Enable VRF Trace / Set Polling Interval / Set Timeout
• Enable Cross Server Service Assurance
The distributed fault tolerant architecture of CA SPECTRUM is a key part of the service
assurance that is essential for premium service offerings. Active tests for end-to-end
connectivity and response testing go one step further in maintaining quality service.
Reduced operator costs through automation, advanced techniques for viewing, navigation and
searching, and global policy control are just some of the ways that the CA solution enables
premium services to be offered at a reasonable cost, keeping your business profitable and
competitive.
SECTION 4: CONCLUSIONS CA SPECTRUM has a long history in large-scale distributed network and service management.
The CA SPECTRUM NFM MPLS VPN Manager builds on this foundation and extends the
capability to handle the largest service provider and enterprise networks where MPLS VPNs
exist. This advanced capability is one member of a large and growing family of complementary
management applications in the CA SPECTRUM suite, which includes modules such as:
• Service Manager
• Network Configuration Manager
• Report Manager
The single goal of this family of applications is to minimize the operational expenses of
managing large, complex networks. This is accomplished by automating the tasks associated
with network, systems and applications management and allowing the management staff to
visualize and monitor their network at a higher level.
The CA SPECTRUM team continues to focus on developing advanced management tools with
the aim to unify and simplify management operations.
To learn more about the CA SPECTRUM architecture and technical approach, visit
ca.com/spectrum
TB05ESMSPEC01E MP322361107