Why SingleRAN is

HU

AW

EI CO

MM

UN

ICA

TEM

AR

2011 ISSUE 59

MAR 2011 ISSUE 59

HU

AW

EI CO

MM

UN

ICA

TEM

AR

2011 ISSUE 59

How to solve storage issues in a data center

Using NFC to boost mobile payment

A brief analysis of IPv6 security

KDDI embraces multi-access mobile Internet

Why SingleRAN is becoming ubiquitous

Sponsor: Huawei COMMUNICATE Editorial Board,Huawei Technologies Co., Ltd.

Consultants: Hu Houkun, Xu Zhijun, Xu WenweiYu Chengdong, Ding Yun, Zhang PinganZhang Hongxi, Zhu Yonggang

Editor-in-Chief: Gao Xianrui ([email protected])

Editors: Long Ji, Huang Zhuojian, Yao HaifeiZhu Wenli, Fan Ruijuan, Ranajit Sankar DamXu Ping, Pan Tao, Li Xuefeng, Xu PengXue Hua, Chen Yuhong, Zhou Shumin

Contributors: Wu Peng, Zheng Zhibin, Jiang Tianlu, Yu DongDong Yizhe, Pang Xin, Pang Geliang Yang Zhichun Yang Yong, Fan Ruiqi, Zhu Chunli

E-mail: [email protected]

Tel: +86 755 28789348, 28789343

Fax: +86 755 28787923

Address: B1, Huawei Industrial Base, Bantian, Longgang, Shenzhen 518129, China

Publication registration No.: Yue B No.10148

Copyright © Huawei Technologies Co., Ltd. 2011. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

NO WARRANTYThe contents of this document are for information purpose only, and provided “as is”. Except as required by applicable laws, no warranties of any kind, either express or implied, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose, are made in relation to contents of this document. To the maximum extent permitted by applicable law, in no case shall Huawei Technologies Co., Ltd be liable for any special, incidental, indirect, or consequential damages, or lost profits, business, revenue, data, goodwill or anticipated savings arising out of or in connection with any use of this document.

In his opening speech at the 2011 MWC, GSMA CEO Robert Conway defined three waves of mobile communications – connecting people, connecting the world to the Internet, and connecting everything in our lives. We are now in the second wave, where mobile broadband has developed phenomenally, enabled by such technologies as UMTS, HSPA and LTE.

The increasing LTE rollouts and commitments have ushered in a new era of mobile broadband and convergence. Solutions such as the SingleRAN have come about to integrate major wireless access technologies and maximize the efficiency of operators’ assets. To accommodate explosive mobile data growth, Japanese operator KDDI has been reinforcing its wireless infrastructure by improving bandwidth and spectrum efficiency and increasing base station density, and is planning a LTE rollout for 2012.

As mobile broadband is all about smart thinking, solutions such as SMART MBB help operators manage their networks efficiently and profitably. By introducing the visualized EV-DO traffic monitoring platform, China Telecom Inner Mongolia has put a smart element in its infrastructure or pipe. As a result, its otherwise dumb pipe has become intelligent, making it possible to operate 3G services in a lean manner.

The third wave is already on the way. As everything in life gets connected, be it things, transactions, communications or applications, an exa-flood of data and network security threats are on the horizon. For this the ICT industry has to brace itself, especially in the areas of storage and security. For storage, various solutions have been developed, including scale-out, dynamic tiering and virtualization. As traditional security gateways are not up to the challenge, next-generation firewalls are being offered to improve network security performance significantly. While alleviating the shortage of IPv4 addresses, IPv6 provides more network security by means of introducing IPSec and the approach of transmission devices using permanent IP addresses.

With everything connected, productivity will grow, and people’s lives improve, which is the ultimate goal of communications. Huawei is ready to work with the whole industry and bring this connected world to reality.

Toward a connected world

Yu Chengdong

Chief Strategy & Marketing Officer, Huawei

01 Huawei iODN Solution wins widespread recognition at FTTH Conference 2011

News

01 Etisalat and Huawei sign agreement to deliver the Middle East’s first LTE network

07 Smart mobile broadband: Manage your bit business

By Cai Liqun

09 KDDI embraces multi-access mobile Internet

By Julia Yao

14 A brief analysis of IPv6 security By Zhang Dong

17 A close look at Seamless MPLS networking

By Sun Guangyu

20 Explorations on service-awarecharging and control

By Shan Mingjun

Main Topic

11 Smooth and cost-efficientIPv4-to-IPv6 transition

By Jin Xi

03 Why SingleRAN is becoming ubiquitousHuawei’s SingleRAN is revolutionizing the global mobile communications industry to the benefit of operators and end users worldwide.

By Yu Chengdong

Expert’s Forum

What’s inside:

P.23 P.25

Let’s COMMUNICATE beyond technology and share understandings of the latest industry trends,

successful operational cases, leading technologies and more. Based on in-depth analysis of the

matters that lie close to your heart, we will help you stay on top in the competitive telecom industry.

37 Next-generation firewall: A shield for the future

By Lv Yingxuan

32 Virtual tape library:Your efficient backup expert

By Wu Junhai

25 Exploiting a new businessmodel for enterprise services

By Jin Shuai

29 How to solve storage issues in a data centerThe efficiency of an IT ecological process is determined by whether or not the storage system, the source of data for the entire IT ecological chain, is able to effectively transmit data.

By Zhang Dong

Storage & Security

39 Solid state disk starts a low-carbon revolution

By Du Yumin

35 Scale-out NAS: Its development and applicationAs data has grown explosively, finding a solution for data storage has become an increasingly complex endeavor for enterprise users.

By Liu Qilong

How to Operate

23 China Telecom Inner Mongolia:Leading with visualized EV-DO traffic monitoring

By EV-DO Traffic Monitoring Workgroupof China Telecom Inner Mongolia

27 Using NFC to boost mobile paymentBy Jose M. Huidobro

P.30 P.39

MAR 2011 . ISSUE 59

News

1

Etisalat and Huawei sign agreement to deliver the Middle East’s first LTE network

Barcelona, Spain, 17 February,

2011 , E t i sa l a t , the Midd le

E a s t a n d A f r i c a ' s l e a d i n g

telecom operator, and Huawei

announced the signing of a

commercial LTE contract to

commence deployment of the

region's widest LTE network. Mr.

Nasser bin Obood Acting CEO

Etisalat UAE, and Mr. Yi Xiang,

President for Huawei Middle

East, witnessed the signing

ceremony at the Etisalat-Huawei

Summit 2011.

The advanced LTE technology,

which has already been tested

and deployed on the Etisalat

network, enables the existing

network to reach a download

speed of 173Mbps. LTE can

accommoda te mu l t imed i a

appl icat ions such as v ideo

conferencing, high definition

content t ransmiss ion, h igh

speed video downloads and

social networks, giving Etisalat's

customers unbeatable mobile

broadband.

Huawei announces WAC-enabled app store – fostering a global mobile application ecosystem

Barcelona, Spain, 16 Feb, 2011,

Huawei announced the launch of

the first global commercial WAC-

enabled app store and mobile

phone with the Philippines' leading

carrier, Smart Communications

(SMART). The solution is fully

compliant with the Wholesale

Applications Community (WAC)'s

1.0 specifications.

Huawei’s industry-leading

end - to - end WAC so l u t i on

has revolutionized the entire

experience, bringing about a

paradigmatic shift in positioning

ca r r i e r member s a s a l i nk

anywhere in the applications

value chain by enabling app

store, sett lement platform,

gateway and mobile devices

such as Android.

Under this paradigm, global

developers can now access a

common set of network APIs

across all carriers' networks,

including powerful network

functions such as location-based

service, messaging services (SMS/

MMS) and in-application billing.

This will be a boon to application

d e v e l o p m e n t l i f e c y c l e ,

modularity, engineering efforts

and reusability of modules.

Carriers can also look to

and leverage the capabilities

that a WAC-enabled settlement

p la t fo rm de l i ve r s to fu l f i l l

their needs for ful l partner

lifecycle management, ranging

f rom pa r tne r reg i s t ra t ion ,

to settlement, payment and

repo r t i ng . The se modu l a r

functionalities, coupled with the

built-in product and customer

i n t e l l i g e n c e , a re w o r k i n g

together seamlessly to foster

an applications development

environment that enables the

developers to focus on creating

innovative and compelling end-

user applications, and for the

operators to shorten time-to-

market and remain competitive

in their respective countries.

Huawei iODN Solution wins widespread recognition at FTTH Conference 2011

Milan, Italy, 21 February,

2011, Huawei recently unveiled

and demonstrated its eID-based

intelligent optical distribution

network (iODN) at the FTTH

Con fe rence 2011 he l d b y

the FTTH Counci l Europe in

Milan, Italy. The solution won

widespread applause from the

conference attendees.

Huawei's iODN solution uses

the globally unique eID and

the field engineering assistant

software, iField. This innovative

solution achieves automatic

identification and management

of fiber connections, intelligent

indication of fiber connection

operat ions, and inte l l igent

management of optical splitters,

while retaining the passiveness

of ODN. With iODN, operators

a re ab l e t o au toma t i c a l l y

identify the target optical fiber

and appropriately operate it,

paving the way for efficient

FTTH rollouts and significantly

lowering the rollout and O&M

costs.

In 2010, Huawei submitted

the eID-based iODN proposal

to the ITU-T SG15 working

group, which will be discussed

in meetings in 2011 for further

improvement.

As o f D e c e m b e r 2 0 1 0 ,

Huawei's ODN offerings have

served world-leading operators,

including British Telecom (BT),

Etisalat, Nucleus Connect, Maxis,

Saudi Telecom Company (STC),

and Qatar Telecom (Qtel).

MAR 2011 . ISSUE 59

Huawei’s SingleRAN incorporates GSM, UMTS and LTE as three features

Shenzhen, China, 23 February,

2011, “SingleRAN represents the

future of mobile networks, and the

core of SingleRAN is rooted in the

idea of 'One Network, Three Features

(GSM/UMTS/LTE),” said Richard Yu,

Chief Strategy & Marketing Officer,

Huawei, during the Mobile World

Congress 2011 in Spain. Huawei's

SingleRAN solution allows operators

to comprehensively maximize

their core assets, including sites,

spectrum, users, staff and pipeline, by

transforming various technical modes

into SingleRAN features.

Huawei's SingleRAN solution

adopts integrated BTS, BSC, OSS

and site solutions to drive the

three radio features within a single

network, therefore operators can

easily choose different feature

combinations on a one-for-all

network according to their business.

SingleRAN can reduce the risks

associated with technology selection

and evolution and can simplify

strategic decision making so that

operators no longer have to focus

on which mobile technologies they

should deploy, and when and how

they should deploy them.

This solution is the embodiment

of an industry trend that will

revolutionize the global mobile

communication industry. Since

it launched the industry's first

commercial SingleRAN solution,

Huawei has deployed over 80

SingleRAN networks for operators

around the world.

Vodafone & the Vodafone Foundation partner with TSF to help deliver emergency mobile communications

1 6 Fe b r u a r y, 2 0 1 1 , The

Vodafone Foundation is deepening

its partnership with disaster relief

agency Télécoms Sans Frontières

(TSF) to help bring emergency

mobile communications to disaster

zones.

U n d e r t h e t h r e e - y e a r

par tnersh ip , the Vodafone

Foundation will give the agency

financial support of EUR1million

toward its core costs. Vodafone

will also be on-hand to provide

TSF with innovat ive mobi le

equipment for use in emergency

situations alongside technical

expertise from its employees.

Vodafone has sealed the

partnership by designing and

trialing a portable mobile network

that can help relief workers

reach victims more quickly. In

the wake of a humanitarian

disaster, the f i rst few days

are critical in establishing an

effective relief effort. One of the

major challenges facing relief

agencies operating in these

chaotic conditions is the lack of

an effective communications

network to get help where it is

most needed.

To help solve this problem,

Vodafone experts, working

alongside Huawei at its Mobile

Innovation Centre in Madrid, have

developed a prototype portable

GSM network that can be set up

to handle free local calls among

relief workers in less than 40

minutes.

Vodafone, in collaboration

with Télécoms Sans Frontières

and Huawei, recently ran trials

of the prototype in a simulated

emergency situation in the Pyrenees

in Spain. The organizations are

now evaluating the technology to

see how effectively it could be used

in real operations.

Huawei releases Nodal IP and Gbps IP microwave products


2011, Huawei unveiled the OptiX

RTN 980 – the industry's first

Nodal IP microwave product to

integrate hybrid and pure packet

microwave transmissions. Huawei

also announced an upgraded

version of its OptiX 900 series

that provides a throughput of

1Gbps per frequency carrier.

The OptiX RTN 980 supports

the aggregation of microwave

transmission in 14 RF directions

and can evo lve to support

aggregat ion of mic rowave

transmission in 28 RF directions. It

supports TDM and packet cross-

connections, enabling evolution

from TDM to All-IP services. With

a 22Gbps packet cross-connection

capacity, it also supports high

density microwave deployment.

The new OptiX RTN 900 series

– which includes the OptiX RTN

910, OptiX RTN 950, and OptiX

RTN 980 products – integrates

advanced compression technology

to increase throughput per

frequency carrier from 400Mbps to

1Gbps. In addition, the upgraded

series supports All-IP services

evolution with multiprotocol label

switching (MPLS) technology.

A global leader in transmission,

Huawei provides unified carriers and

intelligent transmission solutions

to global operators integrating

WDM/OTN, MSTP/Hybrid MSTP

and microwave systems. According

to the most recent statistics from

SkyLight Financial Group, Huawei

ranks in the top three global IP

providers and first in the global IP

microwave market.

Huawei deploys NGBSS solution for Cell C in South Africa


2011, Huawei announced the live

deployment of its NGBSS solution

for Cell C in South Africa. The

deployment will enable Cell C

to focus its resources on rolling

out and delivering compelling

services and experiences.

The NGBSS solution provides

Cell C with the capabilities to

generate accurate and real-

time usage data for its postpaid,

prepaid and hybrid services and

offer a single bill for all services.

This enables Cell C to launch

innovative and unique products

and services to the market,

reduce time to market for new

products and more importantly

a d d re s s i s s u e s p re v i o u s l y

exper i enced by cus tomers

around billing.

2

Expert’s Forum

MAR 2011 . ISSUE 59

Why SingleRAN is

Becoming Ubiquitous

perators today face an inevitable overlap. Anticipating and responding to the

burgeoning demand for mobile broadband (MBB), LTE is emerging faster than expected, while GSM and UMTS continue to meet the needs of the vast majority of the world’s mobile subscribers. To support three coexisting modes, GSM, UMTS, and LTE, traditional models call for three sets of equipment and three networks, placing major pressure on operators from deployment to operation and maintenance (O&M). Issues such as repeated equipment investment, continuous site upgrades, and the inevitable complexity of O&M only add to the overlap headache. The cause and the cure are both found by addressing the true requirements of MBB.

MBB is all about smart thinking: decreasing network update investments while increasing the intelligence of the same to improve end-user experience. Using an integrated network to realize the features of MBB, such as HSPA+/LTE, will help operators effectively and flexibly tackle the aforementioned challenge. But then, as the new industry gradually matures, the inevitability of escalating market competition compels a return to a recurring fundamental question: How can we more efficiently utilize assets? Huawei worked with leading operators to conduct an in-depth analysis of

By Yu Chengdong

O

Yu Chengdong,

Chief Strategy & Marketing Officer, Huawei


3

Huawei’s SingleRAN is revolutionizing the global mobile communications industry to the benefit of operators and end users worldwide.

MAR 2011 . ISSUE 59

Huawei Communicate

quickly and in a cost-effective manner. From network deployment, to choosing between various modes changes and between different features of the same network, SingleRAN offers precisely the flexibility that is needed. Operators can choose different features according to the stages of market development. At the equipment level, SingleRAN realizes one network supporting multi-mode deployment. SingleRAN also enables comprehensive integration of GSM, UMTS, and LTE features. All features can be deployed within the same network and resources including spectrum, PA, and O&M can be dynamically shared for greater effect and greater efficiency. With SingleRAN, only one integrated management system is required for all deployments, regardless of whether GSM, UMTS, or LTE. In place of three, just one team is now required for seamless O&M of a multi-mode network. Thus, SingleRAN is both simple and smart.

SingleRAN maximizes the efficiency of key related assets

Site assets: Broader, closer, and greener

As emphasis on private property rights and environmental protection continues to increase, the implications of appropriate site acquisition become more challenging. When considering multi-network deployment, the cost of leasing sites across numerous countries and regions is prohibitive and far exceeds that of purchasing equipment. Looking to maintain existing customer loyalty cost-effectively while profitably expanding business bases and attracting new users, operators clearly need to enhance and expand network coverage, but only if the construction of new sites can be kept to an absolute minimum. To this, has to be added the need for minimal disruption of any existing site without which lease terms can be broken, and legacy sites lost.

In response, Huawei’s SingleRAN solution addresses three critical site development criteria: broader, closer, and greener.

In a world where rapidly increasing data rates represent a tremendous challenge for mobile networks, broader efficiencies are mandatory. With Huawei’s SingleRAN solution, mobile networks minimize the need to add new sites

what really mattered most, and found the most important to be site, spectrum, pipeline, user and staff assets. Fortunately for carriers around the world, protecting and maximizing the value of these and other assets is achievable. Huawei’s SingleRAN solution comprehensively assists operators in achieving maximum asset utilization by transforming various technical modes into the advantages of just one radio access network. SingleRAN also allows operators to distance themselves from the technology and equipment layers and consider network development strategies in terms of true end-to-end O&M efficiency.

SingleRAN turns GSM, UMTS, and LTE into features

Huawei introduced the SingleRAN solution in 2008 to adapt to rapidly evolving telecommunication networks. At the core of SingleRAN is convergence, allowing operators to easily accept and assimilate continuing technological innovations. Huawei’s SingleRAN provides an integrated BTS, BSC, O&M management and site solution, supporting the convergence and evolution of different technologies. From an operator’s perspective, SingleRAN substantially lowers OPEX and decreases risks conventionally associated with new technology selection and network evolution; helping to simplify strategy decisions and cost duplication related to the selection of varied technical modes through the deployment of multiple RANs. With these objectives in mind, SingleRAN is becoming the simple, single decision of choice for leading operators around the world.

Over the past few years, Huawei has continuously worked to promote network convergence, ensuring the SingleRAN solution provides end-to-end support for integrated network deployment and O&M. As a result of this ongoing dedication, Huawei’s SingleRAN solution also includes a series of new products such as integrated multi-mode BSC, SDR-based RRU with dual-transmitter capability and SingleOSS, significantly strengthening and enhancing the convergence of multi-mode mobile networks. Huawei’s SingleOSS products provide co-management for multi-mode mobile networks and greatly increase O&M efficiency.

In today’s fast changing and highly competitive environment, operators must be able to respond

4

Expert’s Forum

MAR 2011 . ISSUE 59

or disturb existing leased space. With a much smaller footprint than any traditional BTS, just one SingleRAN site or cabinet supports five frequency bands and three modes, providing high capacity and high power with much more efficient resource management. This assists wireless operators worldwide in achieving ultimately efficient single-network deployment of GSM, UMTS, and LTE as well as single-network O&M. Through SingleRAN’s “broader” features, operators are able to more easily meet the challenge of rapidly increasing data rates.

“Closer” refers to using Huawei’s femtocell pico technologies to supplement any mobile network, bringing deployment and applications closer to users. As data rates exponentially increase, femtocell pico also help reduce the pressure on the network by sharing the ever expanding load.

“Greener” means lowering the power consumption of sites from year to year through technical solutions. Huawei technologies, such as IP microwave backhaul, can also substantially reduce the cost of site construction.

Spectrum assets: Increasing efficiency

With the majority of spectrum already allocated, an operator’s existing spectrum resources largely dictate its competitive strength. And with a scarcity of available spectrum, operators wishing to purchase additional spectrum resources must spend exorbitant sums of money. The ideal solution is for operators to leverage extant spectrum resources to deploy different modes of mobile networks or reuse legacy spectrum resources as new generations of networks evolve. Only in this fashion will operator spectrum resources become a continuous source of profit while also gaining in value.

With this well-documented need to protect and enhance spectrum assets in mind, Huawei’s SingleRAN solution

improves spectrum efficiency through two key techniques.

Multiplication: Multiple-Input Multiple-Output (MIMO) technology achieves improved spectrum efficiency. The majority of Huawei BTS products are currently being optimized to support MIMO, with single modules supporting two transmitters.

Coordination: Huawei’s SingleRAN supports and coordinates deployment of GSM/UMTS, UMTS/LTE, GSM/LTE, and GSM/UMTS/LTE over shared frequency bands. Huawei’s multi-frequency, multi-mode Software Defined Radio (MFMMSDR) can also be used to increase spectrum efficiency. In the near future, Huawei’s MFMMSDR will also support combinations spanning across technologies and frequency bands.

User assets: Providing five billion users with the perfect experience

Users are clearly an operator’s most precious asset. As mobile networks continuously evolve, loss of users during a network upgrade process is the greatest risk facing operators. Ensuring smooth network evolution and maintaining a level of service that satisfies users becomes a topic of utmost concern.

Despite rapid development of data services, voice remains at the core of mobile service. Consequently, SingleRAN continues to focus on and improve the experience of the five billion voice service users worldwide, working to ensure crystal-clear sound quality. Working with our operator partners, Huawei is carefully leading users into an age of rich mobile broadband communication while ensuring the combined development of data, voice, and GSM/UMTS services. As LTE becomes a more widespread reality, high-quality, seamless connections will become the norm, providing an always-on and always-connected experience.

As a true end-to-end solution, Huawei’s SingleRAN is all about end-

As a true end-to-end solution, Huawei’s SingleRAN is all about end-user experience. The management systems help operators quickly respond to user complaints, precisely locate and resolve issues, and continuously improve user satisfaction.


5

MAR 2011 . ISSUE 59

Huawei Communicate

network performance. In addition, it reduces the complexity of O&M operations, lowers skill requirements for O&M staff, and lowers the costs stemming of network planning, optimization, and deployment.

Looking ahead, the accelerating application from Huawei’s SingleRAN solution will contribute to a world where integrated mobile networks will become ubiquitous and SingleRAN will also be essentially responsible for helping operators realize future network experiences such as HSPA+/LTE. Supporting our prediction and the viability of Huawei’s SingleRAN, as of Q4 2010, Huawei had deployed more than 80 SingleRAN networks for leading carriers including Telefónica O2 Germany, Telenor, Net4Mobility and TeliaSonera.

Editor: Ranajit S. Dam ranajit. [email protected]

The electronic version and subscription information are available at www.huawei.com/communicate. Questions and suggestions may be directed to the editor concerned.

user experience. The management systems help operators quickly respond to user complaints, precisely locate and resolve issues, and continuously improve user satisfaction.

Staff assets: Increasing productivity without added cost

Skilled engineers, network management and maintenance employees are a major asset for all carriers but, when added human resources are required for improvement of network performance and capacity, these same assets also create added pressure in the form of increased payroll, benefit and liability costs. In this fashion, a final primary concern of operators relates to avoidance of any large-scale growth in personnel while enhancing existing networks and expanding for future growth.

Huawei’s SingleRAN solution assists operators in achieving integrated management of equipment and sites,

of various modes of technology, and of the entire end-to-end network without challenges to human resource overheads. This same integrated management system allows integrated O&M of GSM, UMTS, and LTE networks, which lowers OPEX while increasing the efficiency of CAPEX. The same integrated O&M also includes a valuable transition of focus from equipment alone to O&M responding to and enhancing the experience of users.

Huawei also stands at the forefront of self-organizing network (SON) technology. Early in the second quarter of 2009, Huawei announced a SON commercial solution, forming an important component of Huawei’s leading LTE solution package. SON is a crucial aspect of LTE network technology, allowing LTE networks to achieve self-configuration, self-optimization, and self-recovery. When the network topology changes, Huawei’s SON technology ensures network connectivity and maintains optimal

6

Expert’s Forum

MAR 2011 . ISSUE 59

t is believed that mobile broadband (MBB) will replace voice as the main source of revenue for operators. However,

some are worried that MBB will lead to a price war in the same way voice did. Operators are busy expanding capacity instead of enhancing MBB user experience, which will cause users to demand lower price data packages. They switch between operators, causing a rapid decline in operator profits.

Unfortunately, these things are inevitable. Some European tier-1 operators have seen the MBB ARPU of contracted users drop by 10% in just one year and their churn rate increase by 5%. Some operators have even experienced a churn rate of up to 50%. It is clear that operators investing in increased bandwidth need to find a balance between providing quality services and sustaining profit.

There is a significant pressure to expand due to the growth of MBB. We see that network congestion is often limited to five to ten percent of cells at any given time. However, regular bandwidth management solutions are unable to improve bandwidth performance because they simply restrict traffic instead of utilizing available idle cells.

The truth is that operators are able to control high traffic during peak hours by using SMART MBB. This is because SMART MBB can be implemented in specific locations by integrating current network usage, service and customer

7

Smart Mobile Broadband

Manage Your Bit Business

IBy Cai Liqun

Cai Liqun, President of Core Network Product Line, Huawei

Smart mobile broadband: Manage your bit business

Going SMART would be the way for most operators because it plays a major balancing role between providing cutting-edge broadband services and sustaining profit.

MAR 2011 . ISSUE 59

Huawei Communicate

8

categories, and analyzing the time factor. SMART MBB also implements the policy across the whole network. For example, while core network limits some traffic in one congested cell, in where GSM radio capacity will be used for UMTS because more UMTS traffic happened. In one commercial case, bandwidth consumption was reduced by 37.5% during peak hours by deploying SMART MBB.

With SMART MBB, operators will have smarter, more precise and effective ways of optimizing hotspots and overall throughput, and thus be able to guarantee a satisfactory user experience.

The rapid penetration of iPhones and other smartphones is greatly affecting networks far beyond our imagination. On some networks, signaling has increased five-fold in just one year, creating a big burden for operators. According to statistics, smartphones make up only 8% of the total amount of terminals, but contribute to 55% of total signaling.

Many always-on applications and push services are the main causes signaling storms. With optimized signaling flow and resource allocation, Smartphone solution can reduce mobile phone signal loading by more than 20% and extend standby time of terminals by 40%. At the same time Smartphone solution will prioritize voice signaling prior to data signaling because voice still brings the larger share of revenue to operators. This allows operators to reduce investment costs and improve user experience.

Video is also one of the main drivers of MBB’s growth. In many networks, throughput of video conferencing contributes to more than half of total data usage and increases CAGR by 150%. But there is a dilemma. Video is not a greatly profitable service compared with others. Its revenue per bit is as low as 2.5% that of web browsing.

There are two alternative solutions – video speedup and offload. These solutions can offload video throughput directly onto the Internet. They can also cache popular content at different levels within the network and improve user experience, saving operators millions in settlement fees, investment and resources.

With the SMART MBB network, operators no longer need to constantly expand their network and overcome high churn rates. This is because the SMART MBB network offers two key advantages:

Maximize value per bit: build a value-oriented bandwidth investment model, expand network and manage bandwidth with intelligence and provide

Editor: Fan Ruijuan [email protected]

attractive packages and business models. Improve user experience and loyalty: especially

amongst VIP users with the aid of tiered user management. Operators are able to both meet user expectations and maximize bandwidth efficiency and usage.

Research done on live networks has also proved that SMART network can improve network efficiency by more than 20% while keeping user satisfaction levels constant.

End-to-end visibility is the foundation of the whole SMART network. Operators can accurately determine actual user experiences, the usage of different kinds of services, and the usage of network resources in the wireless network, bearer network and core network.

It allows operators to effectively explore the value of, and locate bottlenecks within the entire MBB business.

A policy center will examine and analyze reports produced by SMART. It will also implement SMART solutions based on information gathered about network resources, location, users and services. Presently, many of these tasks are conducted manually. In the future, such tasks will be carried out routinely by a dynamic policy center which is the core value of the SMART MBB network.

It is a continuous process. The helical procedure begins from view to analysis and strategy generation and is followed by strategy execution and network optimization. Then it goes back to review, analysis and network optimization. To sum it up, the SMART MBB network makes it possible for operators to optimize network efficiency and improve user experience.

SMART MBB is composed of a suite of solutions based on practical requirements such as: the Smartphone solution to deal with signaling storms; the E2E QoS solution to improve user experience; the SMART content delivery solution to improve video experience and increase revenue; and the SMART offload solution to offload low-value throughput. These solutions will evolve as network requirements and services change.

Going SMART would be the way for most operators because it plays a major balancing role between providing cutting-edge broadband services and sustaining profit.

Thanks for your reading, the electronic version and subscription information are available at www.huawei.com/communicate. Questions and suggestions may be directed to the editor concerned.

Expert’s Forum

MAR 2011 . ISSUE 59

The multi-access, multi-device environment

Communicate: Can you describe KDDI’s broadband service portfolio?

Yumoto: By leveraging its advantage of being a comprehensive communication company operating both fixed-line and mobile communication services, KDDI is able to promote Fixed Mobile and Broadcast Convergence (FMBC) services to more than 32 million mobile subscribers. We believe that this is an area in which only KDDI, with various modes of access, can explore the full potential in Japanese market.

As a result of this, we offer the largest broadband service portfolio in the market, including mobile broadband operating on the CDMA2000 1X EV-DO network, fixed broadband through FTTH and ADSL, WiMAX through our affiliate UQ Communications, and cable TV.

Communicate: The number of registered 3G subscribers accounted for 93.8% of the total Japanese mobile market at the end of the first quarter of 2010. How has mobile data traffic grown on KDDI’s network, and how do you expect it to grow in the future?

Yumoto: Globally, Cisco has forecast 3.6 exa-bytes of mobile data traffic per

traffic growth. In summer 2010, we added smartphones to our mobile device lineup. According to our observation, smartphone users consume five to six times more data than feature phone users, but at the same time, they are contributing more to our revenue, as they tend to select the highest flat rate. In addition to smartphones, we are also proactively introducing new devices such as ebook readers, tablet-type terminals, and digital photo frames.

Given the rapid data traffic growth and our multi-access, multi-device environment, the challenge for us in the mobile Internet era is how to balance traffic-load between multi-radio access and the increase in total mobile/wireless system capacity.

Strengthening wireless infrastructure

Communicate: Can you describe KDDI’s overall mobile and wireless broadband infrastructure roadmap?

Yumoto: To accommodate mobile data growth, KDDI is strengthening its mobile/wireless infrastructure. As you may already know, KDDI operates on the CDMA2000 network. In 2006, we introduced EV-DO Rev. A. In autumn 2010, we introduced multi-carrier on EV-DO (a subset of EV-DO

By Julia Yao

9

month by 2014, which is equivalent to a 40-fold growth in five years. In the case of KDDI, we have seen mobile access data volume growing 1.5 times in a year. Data traffic volume are soaring due to the availability of richer content, and the growing popularity of data cards and smartphones.

More than 90% of mobile access involves our handset browser called EzWeb. EzWeb lets subscribers enjoy the Internet on our au mobile phones. In addition, we have seen a rapid increase in access to YouTube and Japanese social networking sites.

Device innovations are also driving

KDDI Embraces Multi-access Mobile InternetAs one of the world’s most mature telecom markets, Japan is often a good indicator of how the industry will take shape. With approximately 94% of mobile market on 3G and a predicted 15-fold growth in data traffic from 2009 to 2014, operators are strengthening their mobile infrastructure to gear up for the coming data explosion. Toshihiko Yumoto, Vice President, General Manager of Mobile Network Development Division at KDDI, discusses the operator’s mobile network development strategy and LTE plan.

Toshihiko Yumoto

KDDI embraces multi-access mobile Internet

MAR 2011 . ISSUE 59

Huawei Communicate

10

Rev. B), which increased downlink and uplink speeds to 9.2Mbps and 5.5Mbps respectively. In December 2012, we will introduce commercial LTE. We adopted Broadcast and Multicast Service (BCMCS) in 2006, and investigate the introduction of eMBMS when LTE happens. Our WiMAX services of UQ Communications, which is our affiliate, started in 2009, now offer maximum DL/UL speeds of 40Mbps and 10Mbps, respectively.

As mobile broadband spreads, having our own fixed-line networks becomes more of an advantage. So in addition to strengthening wireless infrastructure, fixed-line broadband has become as important in the mobile broadband era as backhaul of mobile communications, and the off-loading of data traffic.

Communicate: Given the aforementioned mobile data growth, where does KDDI see the capacity enhancement potential coming from?

Yumoto: There are three ways of enhancing capacity. First is increasing total bandwidth resource. According to the Ministry of Internal Affairs and Communications (MIC) in Japan, twice the number of the current spectrums for mobile will be released over the next five years. That will be helpful. Second is spectrum efficiency. Some say that from around 2014 or 2015, Japan’s frequency resources will no longer be able to cope with the increase in data traffic. To deal with this, we plan to launch LTE in December 2012 which can offer about twice the capacity of EV-DO Rev. A. Finally we are actively looking into increasing base station density. The Heterogeneous Network (HetNet), that is the co-existence of macro and pico eNB, is key to improving our system capacity. According to Huawei’s presentation at the Mobile World Congress 2010 in Barcelona, capacity can be increased ten times by utilizing micro, pico and femtocell, but this, of course, depends on operators. In our case, we have 500-meter spacing in residential areas, so the only feasible way

Communicate: How is KDDI planning to ensure interworking between LTE and CDMA2000? And how does it aim to tackle the issue of voice over LTE?

Yumoto: To provide a premium and consistent LTE experience, we will adopt Circuit Switched Fallback (CSFB), and minimize call setup duration. Also we will optimize handovers to minimize data interruption duration. Voice traffic will be carried by the current CDMA2000 1X network, and data traffic outside the LTE area will be carried by CDMA2000 EV-DO network. Last, as we have been adapting Japan-specific mobile terminals, we will make sure that “global phones”, which are Simultaneous Voice and LTE (SVLTE) with non-optimized handover, can be used on the KDDI LTE network.

As an interim solution, we plan to adopt CSFB and we have already started technical evaluation of VoIP over LTE (VoLTE), a promising voice service on LTE.

Communicate: Apart from the mobile infrastructure, how do you leverage your WiMAX and Wi-Fi resources?

Yumoto: The interworking of radio access technologies such as LTE, WiMAX (mobile) and Wi-Fi (nomadic) are also important in dealing with mobile data traffic explosion. Currently, WiMAX and CDMA are available through our dual-mode terminals. But this has room for improvement, because the handover from WiMAX to CDMA takes time. Wi-Fi is important for offloading. If you take a close look at our hourly EV-DO data traffic, you can find peak traffic in the late evening hours, which suggests the use in residential areas. So it is crucial to offload via the Wi-Fi home network effectively to fixed broadband. Editor: Gao Xianrui [email protected]

is to introduce pico eNB and femtocell. Combining the three aforementioned

measures together, we can foresee a roughly 40 times (2×2×10) capacity increasing by. But it’s not enough. That’s why we are also utilizing existing CDMA EV-DO potential, multicast and WiMAX and Wi-Fi resources.

Communicate: We know KDDI upgraded from EV-DO Rev. A to EV-DO multi-carrier last autumn. What are the benefits customers can expect from this?

Yumoto: EV-DO multi-carrier supports bundling of three carriers, and can be completed solely by the software upgrade of radio access network equipment. Till the end of 2010, the new software has been introduced in about 20,000 base stations. According to our simulated user throughput over the national EV-DO network, previously only 53% customers had access speeds slower than 500Kbps. Now the percentage for this segment has been reduced to 26%, and 23% customers can enjoy speed of more than 1Mbps. So the improvement in speed has been remarkable.

Communicate: Japan is the most advanced telecommunications market in the world, with all operators committed to LTE. Can you tell us more about KDDI’s LTE plan?

Yumoto: As I said, KDDI is aiming to launch LTE in December 2012. By March 2015, we will have covered 96.5% of the population, equivalent to EV-DO Rev. A area. How can we achieve such an aggressive coverage target? Fortunately, we will be able to deploy LTE at 800MHz (10MHz × 2) for nationwide coverage and 1.5GHz (10MHz × 2) for urban/suburban areas.

To make sure that LTE really reduces costs per megabyte, our deployment approach will include RF equipment sharing between LTE and CDMA2000, introduction of SON, and backhaul migration to Giga bit Ethernet (GbE) over optics.


Main Topic

MAR 2011 . ISSUE 59

According to the latest survey conducted by the Internet Corporation for Assigned Names and Numbers (ICANN), there are only 252 million free IPv4 addresses, counting for less than 6% of the total, and these will be used up by the end of August 2011. As applications such as the Internet of Things, mobile Internet, IPTV, and broadband Internet access grow as never before, operators are busy expanding their networks, and this is also accelerating the extinction of IPv4 addresses. Most industry insiders recognize that IPv6 is the solution to IPv4 address shortage that has met with the least resistance.

By Jin Xi

11

Smooth and cost-efficient IPv4-to-IPv6 transition

Operator concernshe process for an operator to upgrade its IPv4 network to IPv6 is like a hotel owner who upgrades the rooms

and facilities without having to suspend business and attempts to accommodate even more guests at the same time. This is surely an uphill task. To make the upgrade a success, the operator has to tackle the following three challenges.

Numerous solutions

“The biggest weakness of IPv6 is its incompatibility with IPv4,” states the Internet Engineer Task Force (IETF). This is why multiple evolution solutions have been put forth for IPv4-to-IPv6 transition. Though they usually adopt three technologies – dual stacks, tunnels, and address translation, these solutions often come in more than 20 varieties technically, such as NAT444, NAT64, NAT-PT, DS-Lite, 6RD, and IVI.

TSome of these varieties can temporarily

solve the IPv4 shortage problem and others help operators address IPv6 deployment requirements of terminal users or networks. As they are scenario specific and network conditions vary, operators often have difficulty coming up with the right choice.

Cost sensitivity

As the telecommunications industry i s no longer a sunrise industry as it once was, operators have to stay competitive by cutting costs. Inevitably hit by the 2008 financial crisis, the telecommunications industry has seen a decline in investments. While on the path of evolution to IPv6, operators wi l l have to bas ical ly reconstruct entire networks, involving terminals, access networks, metro networks, and backbone networks. This reconstruction will require spending billions on new devices and equipment. TCO reduction and investment protection is thus of

great concern to operators.

Smooth evolution

Ev o l u t i o n t o I P v 6 c a n n o t b e comple ted over n ight . Di f f e rent evolution solutions are required for different telecom services, application scenarios , and phases . Therefore, operators have to se lect the most suitable combination of transition solutions based on the advancement of numerous transition technologies while balancing evolution and the need to address the imminent address shortage for investment protection.

Evolution path to IPv6To meet operators’ expectations, an

IPv6 evolution solution must be easy to deploy and mature technology must be available that is capable of solving the IPv4 address shortage. Also the IPv6 evolution solution must be future-proof. During reconstruction of the entire


MAR 2011 . ISSUE 59

Huawei Communicate

12

network, operators have to control investments and ensure the maximum use of existing equipment.

Initial transition solution: NAT444

Pr o p o s e d b y N T T o f J a p a n , NAT444 focuses on moving up NAT44 deployment so that operators can deploy carrier-grade NAT (CGN) devices that work with user-side NAT devices to perform address translation at both levels. It is called NAT444 because some customers’ connections to public servers would pass through three different IPv4 addressing domains: the customer’s own private network, the carrier’s private network, and the public Internet.

The NAT444 solution improves the reuse of IPv4 addresses to ease the address shortage. It is also easy to deploy, only requiring the addition of CGN devices at the aggregation or core layer without a large-scale replacement of devices. From the perspectives of

user experience, technical maturity, and ease of deployment, NAT444 is an appropriate solution for the time being.

NAT444 is also the most financially feasible among the available solutions. Assume that, to support one million broadband subscribers, a metro network is to be built with NAT444, 6RD, or DS-Lite. NAT444 is easy to deploy and does not need the support of home gateways. For an NAT444 deployment, only metro network infrastructure needs to be upgraded by adding CGN devices, costing about USD4 million. When the 6RD or DS-Lite solution is selected, dedicated gateways need to be deployed on the metro network and home gateways have to be upgraded as well. If each home gateway costs USD43, the total costs will be more than USD47 million if either of these solutions is chosen. Thus, NAT444 is the most cost-efficient.

Long-term evolution solution: DS-Lite

NAT444 does not actually transition IPv4 to IPv6, even though it is mature, reliable, easy to deploy, reduces costs, and effectively solves urgent issues for operators. The industry has come to realize that DS-Lite, an improved version of the dual-stack technology, is suitable for medium- and long-term evolution.

DS-Lite enables IPv4 or dual-stack users to access IPv4 services through operators’ IPv6 networks. Operators provide only IPv6 access and assign IPv6 prefixes for customer premise equipment (CPE), which then assigns IPv6 addre s s e s and pr i va t e IPv4 addresses for the internal network and also enables IPv4 DNS proxy and IPv4-based DNS query. Terminals send IPv4 packets, CEP encapsulates packets into IPv6 tunnels, and CGN decapsulates packets and translates private IPv4 addresses into public IPv4 addresses.

In the future, IPv4-based terminals and services will fade away and operators’ networks will run IPv6 only. Then, the IPv4-to-IPv6 transition will be complete.

Main Topic

MAR 2011 . ISSUE 5913

Huawei CGN solution

Huawei’s CGN solution, based on the high-end firewall Eudemon8000E (E8000E for short) and the log collection system Elog, supports NAT44, NAT444, and DS-Lite applications to help operators extend the life of their IPv4 networks and evolve their IPv4 networks to IPv6.

Two types of Huawei CGN solutions

Huawei’s CGN solutions come in two types: plug-in card and standalone device.

Huawei’s plug-in CGN products are applicable to Huawei-developed routers and gateways (such as the NE40E, NE80E, and ME60) that are deployed in a distributed or centralized manner. To accommodate multiple IPv4-to-IPv6 transition technologies, Huawei CGN products feature “one board for multiple uses”, which is implemented through software. By the end of 2010, Huawei CGN products supported all the current IPv4-to-IPv6 transition technologies, such as DS-Lite, 6RD, PNAT, NAT64, NAT44, and IVI.

In some application scenarios that require high performance, standalone CGN devices have to be deployed. A standalone CGN solution is based on the distributed hardware architecture where the control plane and data processing plane are separated. Huawei standalone CGN devices provide NAT44 and NAT444 features and are also designed to support DS-Lite, NAT64 and the features of other plug-in cards. These attributes make it easy for operators to find the right solution. Currently, Huawei standalone CGN solutions have been successfully deployed for commercial use by China Telecom and China Mobile.

Major features

The E8000E, a key network e lement in Huawei’s CGN solution, has NAT features such as NAT application layer gateways (NAT ALG), bidirectional NAT, and log collection.

Unlike a device based on traditional NAT implementation, the E8000E not only saves source addresses and ports but also produces destination addresses, ports and protocol information, before and after source address translation. Though adding to the space overheads in NAT tables, it makes infinite address translation possible, reduces the demand for IP addresses on the Internet, and improves address efficiency.

Some application layer protocols will negotiate for the ports to be used before data transmission starts, and port information will be carried in the negotiation messages. NAT devices cannot run these protocols correctly if they are incapable of processing application layer information. By supervising negotiations conducted by application layer protocols such as H.323 and SIP, the E8000E obtains information about the ports for both parties to communicate and sets up a session to ensure correct NAT conversion.

In some scenarios, one host receives access requests while accessing other hosts. The E8000E, capable of bidirectional address translation, replaces the source addresses and ports (known to the destination) while accessing other hosts, and shows user-definable virtual addresses and then converts them to real addresses used by the host while replying to external access requests.

Elog, a professional log collection system, runs on a server and can save all the information produced when the E8000E converts addresses, covering device information, time information, source address and port information before and after conversion, and destination address and port information. In the event that an exception occurs, the administrator can identify the cause by viewing the information.

Thanks to primary/secondary deployment and a redundancy design, the E8000E has never malfunctioned on a live network since it was launched in 2008. It can be deployed in primary-primary or primary-secondary mode to ensure high availability. If one E8000E device experiences a link failure, the control information and session table entries on the E8000E device will be backed up on the other E8000E device and switchover will occur within one second. On each E8000E device, the system control boards are under 1+1 protection and switching boards are under 3+1 protection; interface boards equally load traffic according to their mapping relationships with service processing boards (when one service processing board is malfunctioning, the traffic carried by the malfunctioning board will be evenly offloaded to the other service processing boards). Moreover, other important components such as power interface boards and fans are designed with redundancy.

Editor: Xue Hua [email protected]



MAR 2011 . ISSUE 59

Huawei Communicate

14


Security design of IPv6

s a transmission protocol intended for the network layer, IPv6 is the generation following IPv4. The 32-

bit address space of IPv4 was expanded to 128-bit for IPv6, which i s the fundamental driving force behind IPv6’s selection as the bearing protocol for new networks and increas ing commercialization.

On IPv4 networks, addresses are randomly assigned and even multiple hosts share an address. Unlike IPv4, IPv6 provides a unique address for each object, like an ID for a person or a license-plate number for a vehicle. And tracking of source is made feasible and easy, as IPv6 addresses are assigned level by level.

IPv6 a l so prov ides a new k ind of addresses, among others, called cryptographically generated addresses (CGA). Each IPv6 address thus created is bound with a pair of public and private keys, like a fingerprint on a vehicle plate, making the address unique and unable to be forged.

A s o r i g i n a l l y d e s i g n e d , a n authentication header (AH) and the encapsulation security payload (ESP) in

“Poor security is an inherited vulnerability of the Internet, regardless of whether IPv6 is used or not,” says Wei Leping, Director of China Telecom Science and Technology Committee. “In practice, IPv6 has not introduced any new security threats. On the contrary, introduction of IPSec and the approach of transmission devices using permanent IP addresses enable tracking back to sources at the network layer, and thereby provide an end-to-end solution for network security.”

By Zhang Dong

the IP security (IPSec) protocol family are built in the IPv6 protocol stack. In an IP packet, the AH and ESP are used as an extension header, ensuring packet integrity, confidentiality, and source authentication, and thereby significantly improving communication security.

In stark contrast , the IPv4 was

no t de s i gned w i th such s ecur i t y considerations and its vulnerability to IP-address spoofing makes it hard to monitor the network effectively. When IPv4 networks are facing attacks or security threats, no efficient technical solutions are available to beat attacks from hackers head on, except prevention

A

Main Topic

MAR 2011 . ISSUE 59


15

beforehand, and detection and filtering afterwards.

Unlike IPv4, IPv6 networks are endowed with a stringent security control mechanism to monitor a user’s online behavior closely, as any attack can be traced to corresponding packet and user and thus users are held accountable for their online behavior.

IPv6 helps mitigating attacks

Scanning is always the first step before any attack, as hackers use that to locate the target hosts or devices by pinging IP addresses and collecting data of target networks. Based on analysis of collected data, hackers can derive valuable information about target networks, such as network topology, services opened, and port information as a basis for attacks.

As each IPv6 address has 128 bits and a network prefix of 64 bits, it is much more difficult for hackers to do the scanning, and incurs heavy costs. It will take up to 50,000 years for an attacker to finish the scanning of a network segment that contains 264 addresses, even at a scanning rate of 10Mbps. The high cost that attackers have to pay to invade the zombie hosts, to a certain extent reduces the possibility of Distributed Denial of Service (DDoS) attacks.

In addition, IPv6 defines multicast addresses to replace the broadcast addresses that are used in IPv4. This effectively prevents broadcast storm attacks and DDoS attacks initiated via broadcast addresses. Moreover, IPv6 does not allow ICMPv6 response to packets with multicast addresses, preventing amplification attacks by ICMPv6.

In IPv6, cryptographically generated addresses are a new kind of addresses which are bound with a pair of public and private keys, making a source IPv6 address unique and hard to forge. Each

packet transmitted on an IPv6 network with this new security mechanism is bound to a host and therefore any attack or malicious action can be traced back to the host.

Security challenges for IPv6

Compared with IPv4, radical changes to IPv6 are with the IP layer. Therefore, packet headers and extension headers could easily become targets for security attacks, and preparations need to be made in this regard. The common attacks against extension headers include DDoS attacks, and amplification attacks on networks by using type 0 routing headers in addition to fragmentation attacks by using fragmentation extension headers to escape the detection of firewalls or the intrusion detection system (IDS).

In the transition from IPv4 to IPv6, hidden security issues of transition technologies and transition schemes have to be taken into consideration. In the period when IPv4 and IPv6 coexist and interconnect with each other, security threats must not be passed over from one to the other. So far, various transition technologies adopted by operators are yet to be proven in practice and potential risks are still there.

Specifically, the tunneling technology, as one of the options, is designed to encapsulate packets. When packets using that technology go through network security devices for checking or filtering, the network security device must support various new tunnel protocols and thus be able to de-capsulate tunnels and process the encapsulated packets. It is also very important to authenticate tunnels section by section when setting up tunnels. Otherwise, unauthenticated tunnels can easily be used by hackers or attackers as paths into target networks.

W h e n i n t e r c o n n e c t i n g I P v 6 networks with IPv4 networks v ia network address translation (NAT), the

In IPv6, addresses cryptographically generated are a new kind of addresses which are bound with a pair of public and private keys, making a source IPv6 address unique and hard to forge. With this new security mechanism , any attack or malicious action can be traced back to the host.

MAR 2011 . ISSUE 59

Huawei Communicate

16

Editor: Xu Peng [email protected]

related information about packets at the IP layer and transport layer needs to be changed. This will adversely affect end-to-end security, and IPSec 3-layer tunnels will experience break points when going through address conversion devices. Key to the interconnection, translation devices could easily become the main targets for DDoS attacks.

In summary, the root causes of latent security issues are network protocol design defects, network device bugs, or deployment or usage issues of network protocols. It is highly recommended that we first resolve the similar known threats to IPv4 by using the security features of IPv6 at the very beginning of its commercial use. With expansion of IPv6 networks and the migration and increase of applications, IPv6 may face more new threats.

Security mechanisms and policies of IPv6

Full use of built-in address security features

In certain scenarios, use of the CGA helps detect spoofing and forgery for the Neighbor Discovery (ND) protocol and Dynamic Host Configuration Protocol IPv6 (DHCPv6). With pairs of public and private keys, CGA can also be used for IPSec negotiation and can simplify the negotiation process in some scenarios to improve IPSec performance.

The other security mechanism is privacy extension. Due to there being no need for address translation, network address translation devices are not involved in IPv6 networks and therefore internal network topology is vulnerable to exposure. With the privacy extension mechanism, addresses will be changed periodically and this helps prevent information exposure.

Accurate filtering policies

Given the changes in address structures and protocols for IPv6, accurate filtering policies need to be set on firewalls or network edge devices to prevent source address spoofing.

Firewalls need to reject the packets to access frequently-used internal multicast addresses, disable unnecessary service ports, and filter the addresses used by internal networks. IPv6 has much stronger dependence on ICMPv6 than IPv4

does. In addition to ping and error messaging functions, ICMPv6 has more new functions like address assignment, address resolution, multicast management, and usage of mobile IPv6. Therefore, filtering policies for ICMPv6 packets need to carefully set up, preventing interruption of services and applications.

To protect extension headers, firewalls need to verify the validity of IPv6 extension headers. For fragmented packets, firewalls must be able to reject fragmentation packets that are sent to the intermediate network device, support fragmentation reassembly, prevent DDoS attacks, and identify and filter type 0 routing headers. An entrance filtering mechanism is also necessary for firewalls and network edge devices, so as to alleviate threats caused by source address forgery between networks.

Proper deployment policies

During the period that IPv6 and IPv4 coexist, secure deployment of transition technologies is very important. Each type of network security devices must be capable of fighting against IPv4 and IPv6 security threats. It is recommended that static tunnels be used to reduce illegal access or forgery threats brought by dynamic tunnels. Firewalls need to filter packets from unauthorized tunnels, identify various tunnel protocols, and control the access to encapsulated packets in tunnels. And address translation devices must be capable of defending themselves against DDoS attacks.

2010 saw the beginning of commercial use for IPv6 networks, with many mainstream operators developing transition schemes, announcing evolution plans, and deploying IPv6 networks in pilot cities. Huawei has long been fully ready for the commercial use of IPv6. In 2009, it received the IPv6 Ready logo and was the first company with its IPv6 firewalls passing the enhanced certification of IPv6 Ready phase 2 in China. In addition, Huawei is capable of integrating various mainstream transition technologies and solutions on the same device, fully satisfying the requirements of IPv6 commercial use.


Main Topic

MAR 2011 . ISSUE 59

eamless MPLS networking refers to the formation of a unified IP/MPLS control plane for all the IP devices

managed by operators , inc luding access (fixed/mobile), convergence, and backbone devices. The Seamless MPLS networking architecture greatly reduces cooperation between different network layers when services are deployed, allows operators to quickly provide services, and lowers deployment costs. Reliability/OAM detection can be deployed easily through the end to end IP/MPLS control plane and unified networking technology.

Technology overview

S e a m l e s s M P L S n e t w o r k i n g technology is not new and is widely

S

A close look at Seamless MPLS networking

17

applied to backbone networks, MANs, and the mobile backhaul. Application experiences indicate that Seamless MPLS networking is a mature and r e l i ab l e b e a r e r t e chno logy w i th excellent scalability. Seamless MPLS can eliminate the gap between network layers to implement end-to-end MPLS networking.

With Seamless MPLS architecture, the entire network uses unified IP/MPLS networking technology, with an end-to-end control plane. As a result, the V interface between the AN and Ethernet convergence is eliminated. Through Seamless MPLS networking technology, operators can flexibly handle connection requirements so that services are provided quickly. Thus, new services are deployed quickly and service deployment costs are reduced, which strengthens the competitiveness

of operators. In addi t ion to the V inte r face

between the access and convergence network, the VLAN may be configured for service interconnection between the MAN and backbone network. Seamless MPLS networking can meet this requirement and enable dynamic establishment through the end-to-end MPLS pipes for inter-metro services.

In the Seamless MPLS networking model, all services can be transferred to the specified service processing points through the MPLS pipe at service access points. The entire bearer solution is simple and consistent. With the dynamic end-to-end MPLS pipe establishment capability, services can be transferred to any service processing points or peer service access points through the MPLS pipe/PWE3 pseudo wire, according to requirements.

A close look at

Seamless MPLS networkingBy Sun Guangyu

MAR 2011 . ISSUE 59

Huawei Communicate

Business and operational benefits

Seamles s ne twork ing can he lp to simplify bearer technology. With seamless networking technology, the access (fixed/mobile), convergence, and backbone devices connect through the unified IP/MPLS control layer. In addition, it also brings a number of benefits as follows:

Flexible wholesale in FTTx access

Fu t u r e - o r i e n t e d n e t w o r k i n g technology requires more flexible and scalable network architecture. In the case of copper access, the LLU is the main wholesale mode. In the case of FTTx access, the LLU is not applicable. The bit stream access will become the mainstream wholesale mode.

The POP device can be deployed in any network layer according to the network scale of the competitor operator. For BSA wholesa le , the network must be flexible and simple so that wholesale user services can be handed over to a competitor operator at any point. Through end-to-end MPLS pipes between the ANs and service transfer points, seamless architecture meets flexible connection requirements. In TR101 a rch i t ec ture , the AN, convergence devices, and service transfer points are conf igured. When the service transfer points are in the inter-metro area, the distributed nodes and backbone PE devices in the MAN must be configured.

Sometimes, the competitor operator needs to identify different users and services through the 2-layer VLAN TAG. To meet this requirement, the incumbent operator must identify the competitor operator and its users and services on the AN. If TR101 architecture is used, the distribution policy of the S-TAG and C-TAG must be planned carefully. In the seamless architecture, the PW identifies different

competitor operators. It is easier to identify users and services.

Inter-MAN enterprise Ethernet services

Enterprise Ethernet services are not l imited just in the MAN. The connection of Ethernet private lines may be required between MANs. In TR101 architecture, multiple nodes such as access nodes, metro UPE, metro PE-AGG, and the backbone PE must be configured to provide Ethernet private line services between the inter-metro DSLAMs. In addition, the VLAN planning is required.

In s e aml e s s n e twork ing , on l y the access nodes on both sides are configured in the dynamic PWE3 mode to provide Ethernet private line services.

Ensuring service provision and interoperability

To provide wholesale and enterprise private l ine services under TR101 architecture, the access, metro, and backbone devices of different layers must cooperate. For service deployment, cross-departmental coordination is required between the management entities of different layers. As a result, it takes a long time to provide services.

With seamless networking, operators need to only configure user access po int s . Ser v ice s can be prov ided quickly, user satisfaction increases, and service deployment costs are reduced. Thus, operators’ competitiveness is strengthened.

Based on IP/MPLS technology, s e a m l e s s n e t w o r k i n g e a s i l y implements end-to-end protection through the reliable and mature IP/MPLS technology and OAM. The interoperability between the devices of different manufacturers is excellent.

In TR101 architecture, protection between each layer requires both IP/MPLS and Ethernet re l iabi l i ty to cooperate with OAM technology. Dep loyment i s compl i c a t ed and

interoperability may fail.

How to implement

Networking challenges

Through IP/MPLS technology, the seamless MPLS connects the access layer, convergence layer, and backbone layer, and provides flexible and scalable networking architecture for operators. It is improper to directly inherit all technologies from the old IP network.

After the devices of each layer are seamlessly connected, the scale of the IP/MPLS domain improves by orders of magnitude compared with the original networks. For example, in a network with 20 million users, if each DSLAM connects 100 users in FTTC access mode, the number of nodes in the entire network is over 200,000. If each OLT connects 1,000 users in FTTB/FTTH access mode, the number of nodes in the entire network is 20,000.

In the original networking mode, the order of magnitude of the number of nodes in the backbone and metro route domains is in the 1,000s. Hence, the scale of the route domain in Seamless MPLS networking increases by an order of magnitude of one or two. In a large-scale network, engineers have to consider how to construct the route and MPLS tunnel, and how to guarantee the availability of the networks.

In addition, a large number of access devices, such as DSLAMs and OLTs, are available in the network, taking up a high ratio of network investment. Hence, the introduction of the IP/MPLS should not obviously affect the cost of access devices. In Seamless MPLS networking, the complexity of the access device control plane and performance specifications of the forwarding layer must be reduced. A large number of nodes in Seamless MPLS networking must a l so be divided with layers . According to the layers, the Seamless MPLS includes area-based networking and AS-based networking.

18

Main Topic

MAR 2011 . ISSUE 59

Editor: Michael [email protected]

Seamless MPLS area-based networking

In the area-based networking mode, all devices belong to the same autonomous system (AS). The IGP (OSPF/ISIS) is used to exchange route information between nodes. The devices of each metro are divided into different IGP areas. The IP backbone devices constitute backbone areas or a level-2 area to ensure that the number of nodes in each area is appropriate. The access node may adopt static routing, without supporting the dynamic IGP protocol.

The entire route domain of the Seamless MPLS is divided into three layers: the backbone node, metro convergence node, and AN node. Serving as the ABR, the PE in the backbone network converges area routes and advertises them to other areas, which reduces the route capacity requirements of each device. Besides reducing the routing table capacity of each device, route area-based deployment is helpful for isolating inter-area faults and enabling fast route convergence.

PW labels are distributed in end-to-end T-LDP mode. Tunnel labels are distributed in hierarchical mode. In the dynamic IGP range, the LDP DU label release mode is used. The LDP DoD label release mode is used between the UPE and AN. The AN must be cost-effective; therefore, DoD mode allows the AN to request the needed labels on demand. As a result, the specification requirement of the MPLS forwarding table is reduced. The LDP DU labels are distributed to the edge of the area according to a certain policy. In the backbone area (or level-2), the route label is distributed to the common area (level-1). The route label of common areas is not distributed to the backbone area. In this way, the UPE can establish the LSP tunnel to the edge direction in any area.

The inter-area labels are distributed in Labeled BGP (RFC 3107) mode. The iBGP runs through the UPE. Many UPEs are available; therefore, the 2-level reflector structure is used. The Core-PE functions as the UPE reflector of this area, and the core-RR functions as the Core-PE reflector. The Core-PE is not a simple reflector. Upon receipt of the BGP Label from the UPE, the Core-PE changes the Next-hop of this label route information to the Core-PE, and re-allocates the labels. When the Core-RR receives the label route information, it reflects it to the UPE, without changing any information.

The PW label is directly allocated through the T-LD session between DSLAM-A and DSLAM-B.

The external LSP tunnel from DSLAM-A to DSLAM-B is actually divided into four segments:

S e g m e n t 1 : L D P Do D l a b e l f r o m t h e DSLAM-A to the UPE-A, which is the DSLAM-B label requested by the DSLAM-A from the UPE-A on demand. According to the self BGP label table, the UPE-A searches the DSLAM-B to allocate to the DSLAM-A LDP label and establish the matching relation between them (many-to-one).

Segment 2: Two-layer tunnel from the UPE-A to ARB-B. The external layer is the tunnel established in the LDP DU mode from the UPE-A to the ARB-B. The internal layer is the tunnel distributed to the DSLAM-B through the Labeled BGP for the UPE-A by the ARB-B. The labels of the external tunnel are changed hop by hop during forwarding. The labels of the internal tunnel are invisible between the UPE-A and ARB-B, and remain unchanged.

Segment 3: Tunnel from the ABR-B to the UPE-B. This segment is similar to segment 2, which is a two-layer tunnel.

Segment 4: Tunnel from the UPE-B to the DSLAM-B. This tunnel is obtained through the UPE-B request to the DSLAM-B in LDP DoD mode according to the static route.

Seamless MPLS AS-based networking

In the AS-based networking mode, each metro and backbone are in different AS domains. The metro can use the private AS number. The IGP protocol is independently deployed on each AS domain. EBGP switching route information is used between the metro and backbone area. When the EBGP advertises route information, routes are converged. As a result, the number of routes decreases. Route deployment of the access nodes is the same as area-based networking; that is, static route mode.

Label distribution is similar to that in area-based networking. The LDP DU mode is used in the AS-domain. In the inter-AS domain, labeled BGP is used to release label routes. The DoD is used between the AN and UPE. In ASBR position, the BGP labels perform bidirectional Next-Hop Self operations. The labels are reallocated locally. Therefore, the requirements for BGP label forwarding table capacity at the metro egress and Core-PE position are high.

A close look at Seamless MPLS networking

19


MAR 2011 . ISSUE 59

Huawei Communicate

Industry requirements

Decoupling of bandwidth traffic from revenue

h e r e i s n o d o u b t t h a t smartphones, and particularly the iPhone, have placed a strain on mobile broadband in the

last two years. Case studies have shown that data needs to be charged in a different way from voice, and similarly, in terms of both operation and policy planning, an innovative technology is needed to meet this requirement.

Along with the iPhone’s success, flat rate data plans for mobile broadband have also been driving customer adoption of mobile data services. This, in some cases, has led to the unintended consequences of revenue-less traffic growth and services substitution, pre sent ing s ign i f i cant and c r i t i ca l challenges to operator business models. At the other endpoint of the value chain, however, service providers like Google, and Apple’s App Store have been witnessing significant growth.

All these factors call for mobile broadband operators to strengthen their role in the value chain. Moves by technology bodies have echoed this call. In the 3GPP area, groups like SA2, SA5, CT1 and CT3 have been debating this situation

Service-aware charging and control has been the focal point of the billing and packet core industry for some time now. Yet so far, no single benchmark or best practice has emerged. Complexity of the technology, and also the value chain are undoubtedly the culprits. What are the most important factors to consider in relation to them? And what can we expect from a technical perspective, and also from the technical architect?

Explorations on service-aware charging and control

T

By Shan Mingjun

20

Main Topic

MAR 2011 . ISSUE 59

in two ways, either by using existing protocol, and extending in some degree to support the policy request, or by introducing a neutral interface solely for policy enforcement.

There are many sources for the generation of policy: online charging system (in this case, the OCS refers to the 3GPP standard), offline charging system, constituted by CDF, CGF, mediation, billing system and so on, and other systems that may be armed with data collection/counting functions, such as SPF or UDC. It will be more beneficial to flexibly support any source of the policy.

Moves of standards bodies

Standards bodies like 3GPP and TM Forum are all working in this area from different angles. Following the 3GPP track, work items have been created in Rel-11 to address the interaction between PCEF and external policy enforcement entity. With the completion of required definition, a comprehensive interface will be made concrete for creation of policy. But the refinement of the interface and the policy trigger point are taking time in Rel-11, and will even extend into Rel-12.

In TM Forum, there is no dedicated community focusing on the issue. Actually it involves most groups. In particular, policy based management, revenue management initiative, data analytics and PIE are the most concerned working groups. TM Forum could play an important role in promoting this technology into a commercially adopted business plan, through its best practice offering and putting the abstract data model for policy into practice. Among the technologies, the most abstract part might be the data model concerning the policy definition and the governing data, like account, spending accumulation, credit, balance, user subscription profile, charging advice and so on.

The policy enforcement point, or called policy execution point, a channel to load the policy, an appropriate policy trigger point, and the policy model/best practice constitute the four fundamental pillars of the mobile broadband business. Efforts have been made on execution point and policy load channel. It is believed that the stage for policy model refinement and comprehensive policy triggering will come soon.

A brief historyGoing back to the GPRS era, similar technical

questions arose when GPRS was implemented.

since 2008. At the TM Forum, discussions about possible solutions have been drawing continuous attention. This is also the case in many billing and charging oriented forums, like ATIS.

Service aware charging: Core competitiveness

As demonstra ted by some lawsui t s , the capability of service-aware charging might provide the core competitive edge to carriers.

Take for example an incident in December 2010, when one subscriber of China Unicom was charged RMB3900 (about USD550) for posting three times on Sina Weibo, the Chinese equivalent of Twitter, while roaming in Moscow.

Similar incidents have occurred in the US. In 2009, AT&T Mobility and RadioShack were accused of common law fraud and violation of state consumer protection acts in connection with allegedly false, misleading and inaccurate advertising of a netbook data plan. The plaintiff purchased a USD100 netbook at a RadioShack bundled with a two-year data contract from AT&T, and found her first bill to be more than USD5,000.

Clearly, the need for a policy that takes into account both the customer’s account management and bandwidth management is becoming more critical than ever. Thanks to the efforts of the industry, policy and charging control (PCC) has become an important packet core technology over the past year, receiving top priority. Service-aware charging and control, PCC and QoS based on spending limit and plan, are emerging over time.

Technical complexity

Technically, complexity of the issue is first caused by the evolving packet core network technology. Since the introduct ion of pol icy charging enforcement function (PCEF) into PCC, PCEF has been the core functionality for the service-aware charging trigger and is designed to implement policy and the charging rule proxy function. As different people may have different understandings of this policy, a clear definition is necessary. This is quite an exceptional case, as normally 3GPP defines only very stable, specific interfaces.

Secondly, the factor making the issue so complex may be the horizontal one. Currently, there are two camps in the industry, with diverging stances. From the nature of technology, the issue can be addressed

Explorations on service-aware charging and control

21

MAR 2011 . ISSUE 59

Huawei Communicate

What was lagging behind was the accurate charging requirement. For example, when China Mobile adopted GPRS around the year of 2000, it raised a significant charging requirement as to how to make a comprehensive bill for the customer when the subscriber consumed an MMS service, which was charged per item without taking traffic volume into account. With the service requests going along the MMS server and GGSN, two separate CDRs/bills were generated at the GGSN and MMS levels. Question arose as to how to build a correlation between the bills/CDRs to achieve accurate charging and avoid repeated charging of items. So the early requirement was to inspect IP packet to identify the relationship between them. Traffic plan function (TPF) as the charging control execution point came into being technically.

Wi th the evo lu t ion o f mob i l e broadband, another aggressive idea was raised, i.e. to enable operators to be deeply involved in IP packet delivery, instead of only as an IP packet channel. Here, the policy enforcement approach became another issue to deal with. TPF came in as the candidate to do the policy enforcement. A new avatar, so-called PCEF is designed to offer a combined charging and policy control function.

The way to deploy PCEF at Gi interface is another issue. Performance and signaling complexity between PCEF and GGSN/PDN GW (IP flow stream handling) are the two conflicting sides. Currently, implementations of standalone PCEF or PCEF residing in GGSN still exist. This has become the current industry focal point in service-aware charging and control: whether to use an existing interface like 3GPP Gy interface to load policy, or to use a neutral dedicated interface to load policy. It is a question of great concern for most.

Unquestionably this is an issue across technology domains, and multiple international technical bodies. Only concerted efforts by technical bodies can make the solution complete and profitable for most roles in the value

chain. TM Forum is now attracting the majority of BSS/charging vendors, which are providing service provider tools for f inance management. In contrast, 3GPP is populated by main core network providers which, are always interface oriented. Players with different backgrounds react differently to the same issue. But it’s believed only collaboration and compromise between them will ensure benefits for all.

Prospects for the future

The service-aware and charging control has become widely visible in the industry, but implementation methods vary substantially. There isn’t a single benchmark for implementation. Policy enforcement/execution point, interfacing approach, policy trigger points and policy and account model are all dynamic and flexible. Conceptually, it is time to shift focus from policy execution point, to supporting system and data model. A best practice will be a good catalyst to drive the business to reach its full scale success height.

Pos i t ive ly, foundat ions a iming towards that have been laid. The channel to load the policy to IP packet flow has been molded. What follows is to deal

Editor: Zhu Wenli [email protected]


with the weak points, like a data model concerning policy, to reach a unified policy definition.

An id e a l end - to - end so lu t i on would include a well organized policy definition, especially through data mining and analysis technology to conduct a precise policy enforcement. But before that, a new data model understood across all the entities must be designed and mapped for account based broadband packet flow control. The enforced policy will rely on the data like CDR, historical service visits data, user subscription data and so on. The data model might be the key factor to promote the implementation of service-aware and charging.

Policy execution can be triggered by many sources, such as charging and billing domain, user profile domain, or newly crafted entity tasked to do so. But charging and billing domain, as it can keep full scale user data, accumulated service consumption data, account and subscription information, might weigh enough to take the best position to trigger the policy based network control.

22

How to Operate

MAR 2011 . ISSUE 59

With the rise of mobile Internet, traffic has increased significantly. If operators are to take advantage of this, they must transform from being simply voice-based businesses to smart traffic operations, as shown by China Telecom in Inner Mongolia.

By EV-DO Traffic Monitoring Workgroup of China Telecom Inner Mongolia

China Telecom Inner Mongolia

Leading with visualized EV-DO traffic monitoring

users; all these contributed greatly to the operator’s revenue growth.

At the time of launching 3G services, China Telecom Inner Mongolia realized that a lack of 3G network monitoring tools would greatly impact the growth of 3G services. The growing number of data cards would lower mobile network speed, degrade user experience, and lead to customer complaints as a result.

However, the Customer Service Center and the Network O&M department of the operator could not find a viable solution, as they lacked an effective tool to analyze and manage the data traffic.

Developing a smart pipe

In May 2009, China Telecom Inner

3G data traffic challenges

n 2009, China granted its first 3G licenses. The past two years have witnessed a rapid increase in mobile data traffic, and created a new

revenue stream for China Telecom, which is acquiring more than 50% of its revenue from non-voice services.

As the first operator to provide 3G services in Inner Mongolia, China Telecom took only three months to deploy the 3G network, covering the province’s leagues (cities) and banners (counties), in addition to key towns, transportation trunks and tourist attractions. By the end of 2009, China Telecom Inner Mongolia had more than one million CDMA users, including 10,000 EV-DO data card

23

I

China Telecom Inner Mongolia: Leading with visualized EV-DO traffic

MAR 2011 . ISSUE 59

Huawei Communicate

Mongolia brought Huawei onboard as its strategy partner and established a joint workgroup to develop a system to monitor and manage the EV-DO traffic.

EV-DO networks have a large user base, yet there was a lack of mature solutions on the market for EV-DO traffic monitoring. As a result, wireless network bandwidth was being consumed ineffectively. In addition, operators had limited means to learn about network resource usage, while user data could not be mined from the data traffic for future business development.

With the joint efforts of several departments, including the Network Development, O&M, Customer Service and Marketing departments, China Telecom Inner Mongolia decided to monitor the EV-DO network traffic from two perspectives: network and service.

In September 2009, the EV-DO traffic monitoring system developed by the two parties was successfully launched. From the network side, the system provides analysis data on cells, base stations, BSCs, and PCFs, and can effectively manage specific devices and terminals. From the service side, the system can help analyze services at different layers, and generate various statistics reports on services like P2P, HTTP, IM, and video. Engineers can manage the traffic load and realize visualized management of data traffic.

Enabling innovation

Based on the traffic monitoring system, China Telecom Inner Mongolia has overhauled its marketing, resource management and services.

Innovations in marketing: The operator has used the traffic monitoring system to collect EV-DO network data, analyze services and track traffic changes on each base station and cell. This helps the operator understand user behaviors and preferences so it can launch attractive tariff packages and effective marketing campaigns.

Innovations in resource management: Based on the data collected through the traffic monitoring system, China Telecom Inner Mongolia can analyze the traffic volume of hotspot areas, which provides a sound basis to plan and build a wireless network for the mobile office service. In addition, network resource usage has been greatly enhanced by diverting WLAN traffic or deploying multiple carrier wavelengths. Moreover, the efficiency has also been greatly improved thanks to the analysis of users’ online access protocols and proper control of low-value traffic.

Service innovation: The system can give a detailed analysis of each user’s resource usage and revenue contribution, and then help the operator classify the user in a specific user group. In addition, the system can help identify the cause of complaints and suggest necessary measures to improve user experience.

The jo int workgroup has been

con t inu ing to op t imi ze the EV-DO traffic monitoring platform and wireless network monitoring tools, helping China Telecom Inner Mongolia effectively manage its 3G network and services. This traffic monitoring system is the very first of its kind not only in China, but also in the world, and the operator is in the process of applying for patents for the relevant EV-DO traffic monitoring technology and solutions.

Leading the group

“While strengthening the network infrastructure, China Telecom will further benefit from the mobile Internet traffic growth, open service platform, enhance cooperation with partners in applications and terminals, and differentiate us from our competitors,” says Wang Xiaochu, President of China Telecom.

Based on Wang’s s t r a t egy, the network development department of China Telecom has put together a three-year wireless network construction plan, with precise management and differentiated operation as one of the targets. These concepts also coincide with China Telecom Inner Mongolia’s. After realizing precise management, China Telecom Inner Mongolia is striving for differentiated operations based on classified user groups. The operator is now set to provide enhanced mobile broadband services to the customers.

The new concept and practice of EV-DO traffic monitoring has been well received within the China Telecom Group. For example, China Telecom Shanxi is also introducing a similar system to manage the EV-DO traffic, while China Telecom Guangdong and Zhejiang are also evaluating the system.

With its innovative spirit and technology, China Telecom is poised to explore the full potential of mobile data business.

Editor: Chen Yuhong [email protected]


24

How to Operate

MAR 2011 . ISSUE 59

Exploiting a new business model for enterprise services

25

Exploiting a new business model for enterprise servicesOperators are searching for a new business model to offset increasing competition. An optimal solution is to provide end-to-end ICT solutions to enterprises based on their IT and communication needs.

nterprises are util izing an increasing amount of network equipment to meet growing IT requirements, including

routers , switches , f i rewal l s , VPN gateways, voice gateways, application servers, wireless access terminals, and others. All these may require complex networking, occupy large amount of space, consume large amounts of power, and be costly to maintain. Highly-integrated devices and one-stop solutions would greatly help enterprises address these issues.

Competition is everywhere and enterprise customers are of strategic importance to operators, as they have an intensive customer base, are apt to use more value added services, and can contribute more revenue. An increasing number of operators have set up independent departments to expand their enterprise

By Jin Shuai

E business and deliver tailor-made services. Examples include Vodafone, China Mobile, China Telecom and China Unicom.

Meeting enterprises’ ICT needs

Operators generally provide ICT services and integrated communication services to address the diverse demands of enterprises.

ICT services help provide enterprises with communications, Internet access, enterprise applications, and integration of the three. Spanning from the backbone to local access, ICT services can also help operators build the infrastructure, and then deliver comprehensive communications services and applications to enterprises.

Operators may be well-versed in areas like network storage, application hosting, call centers, and conference management;

however, they still need to work harder on LAN construction, network solution, office system, and data management for enterprise customers. Compared with IT service providers, operators are generally lagging behind in understanding the specific demands of enterprises, integrating IT technology with applications, and providing one-stop communication solutions to enterprises.

Operators can leverage their network resources and rich operating experience to intensify their ICT services and provide enterprises with infrastructure, application systems, information services, and more. With a strong backbone network, operators can help enterprise customers tailor their LAN. In this context, operators can extend their reach into the enterprises, and explore new business growth during the convergence of the Internet and communication networks.

MAR 2011 . ISSUE 59

Huawei Communicate

26

Applications, networks and terminals

When entering the resale business, operators can integrate the enterprise ICT service with the convergent service, and give full play of applications, networks, and terminals.

SaaS is immerging as the key to meet the future information demand of enterprises. Compared with traditional applications, SaaS features low costs, better services, and ease of use, preparing it for future development trends. Like the smart grid that has freed people from buying expensive power generators, SaaS will also enable enterprises to enjoy more applications. With lowered costs, enterprises don’t need to install complex hardware and software, or upgrade and maintain the systems. All applications are presented as icons and easy to use, and enterprises can buy the software as needed.

The future network will consist of wireline and wireless modes. A number of factors can affect the choice of technology utilized, the mode of networking used and also the amount of wireline and wireless network coverage. These factors include equipment costs, network accessories, installation, maintenance, power consumption, and rental costs. As countries and regions have different policies on licensing, regulations, and land, the applicable solutions will also vary.

Accommodating various services and applications, enterprise terminals will be an open gateway for multi-services. The terminals will help operators realize functions like input/output of data and voice services, WAN access, and wireline/wireless access, while accommodating convergent ICT applications and open services.

The new “EGW + app store” business model

Apple’s App Store has provided a good example for operators looking to extend their reach to individual users and new markets. Creating a “user-generated

market”, the App Store has given operators, suppliers and Apple a new business model.

Through a comprehensive enterprise gateway (EGW), operators can initiate an “EGW + application store” business model for the enterprise market.

By integrating the information network, Internet data centers (IDCs) and computing capability, operators can provide cloud services to various enterprises. Moreover, operators can build an application store, which is opened to application and software providers to deliver solutions to enterprises, such as network security, push-mail system, office system, online conference, customer management, accounting software, inventory management, and unified communication systems. Through the enterprise gateway, enterprises can subscribe to the software and applications, while operators and suppliers can share profit based on a set percentage.

Thanks to the cloud-based office system, enterprises need to deploy only one enterprise gateway, and can access an intelligent office environment by logging into the applied account from operators.

SOHOs

SOHOs generally demand simple IT systems thanks to their smaller size. The enterprise gateway provides Internet and LAN access, and allows SOHOs to visit cloud-based services like application data center and service delivery platform. On the other hand, operators can provide hosting-based services like an online office system, mobile email, and an inventory management system.

Small enterprises

Small enterprises require a relatively complex and solid IT system to enhance efficiency. The enterprise gateway delivers a secured virtual private network (VPN), through which enterprises can connect to the virtual office environment enabled by operators’ cloud service center. In the virtual office environment, enterprises can use services like online storage, company contact list, email, electronic fax, and more. Providing a transparent and secured channel,

Editor: Pan Tao [email protected]

the enterprise gateway can also enable external terminals to connect to the virtual office environment for convenient access.

Large and medium enterprises

The IT systems of large and medium-sized enterprises are complex and sophisticated to enhance efficiency. With integrated ICT capability, the enterprise gateway can connect to both operators’ CT service gateway (cloud service) and enterprises’ IT system. The enterprise gateway boasts components that help connect to the IT system quickly, and provides open API for enterprises. The enterprise gateway also provides typical applications spanning teleconferencing, production, mobile customer management, mobile enterprise management, instant messaging, and others.

Widely applied and highly integrated, the Huawei enterprise gateway can provide one-stop solutions that cover data, voice, security, wireless access, and ICT applications. The enterprise gateway can be seamless integrated with operators’ cloud service platforms like application data center, service delivery platform, Internet data center and integrated data center, delivering comprehensive enterprise services and enhancing network value. In addition, as an intelligent terminal to access cloud services, the enterprise gateway can provide access, QoS assurance, and convergent ICT services.

For example, Vodafone has adopted Huawei’s enterprise gateway solution. As a result, the operator can provide enterprises with an independent VPN service, fixed ADSL access, HSDPA data services, and other software services.

By launching the “EGW + application store” business model, operators can integrate various enterprise solutions and software suppliers, while providing one-stop ICT solutions to gain a dominant position in the value chain.


How to Operate

MAR 2011 . ISSUE 59

Using NFC to boost mobile payment

27

Using NFC to boost mobile paymentBy Jose M. Huidobro

ohn owns a pizza shop in the US and when he del ivers his homemade pizza to customers, accepting credit cards for payment

becomes an issue – as it requires an expensive terminal and every transaction costs him a priced fee. In late 2010, John started using Square, which provided him a matchbook-size credit card reader for free and John can plug the reader into his iPhone and swipe the customers’ credit cards easily with lowered transaction fee.

An increasing number of entrepreneurs and individuals in the US and other part of the worlds are using smartphone card readers for their daily transactions, which gives bigger momentum to the growth of Near-Field Communications (NFC) technology. Recent reports are indicating that Google is intending to include m-commerce support in the planned Nexus S device and future versions of the Android platform. While Apple is also believed to be exploring the technology for the future iPhone evolution, and other smartphone providers are searching into the business potential of NFC.

As a set of short-range wireless technologies, NFC operates in the 13.56MHz band and allows the exchange of information between two devices within a very short range. NFC is based on a wireless solution combined with radio frequency identification (RFID), which consists of a reader and a tag. When the reader is on, it emits a radio signal that triggers a short-range microchip on the label, which allows the reading of a small amount of data that can be stored.

With a mobile equipped with NFC technology, users can easily access services or perform operations on the different functions of the device, without need for physical contact, just by tapping the phone in a reader. The “tap-and-go” technology will allow consumers to pay for newspapers, coffee or sandwiches etc.,

quickly and easily without having to input their PIN or fumble at the till for change.

Racing to the game

For years, industry leaders have been expecting NFC to turn smartphones into electronic wallets. With cheaper and more accessible NFC chips, a growing number of smartphones are set to be equipped with this technology and they will potentially replace many cash registers and credit cards.

Mobile operators are racing to launch systems for mobile payments using NFC. Orange is applying for an e-money license for NFC payments and also preparing to launch UK’s first mobile payment system. In France, Orange has teamed up with a number of partners for the year-long plan in Nice, where about 3,000 residents can use NFC-enabled phone to use on internal trams and at 1,000 internal retailers.

Deutsche Telekom plans to launch “mobile wallets” based on NFC tech in Europe in 2011. “That’s our opportunity,”

says Deutsche Telekom Chief Technology and Innovation Officer Ed Kozel in an interview (source: Bloomberg). According to Kozel, Google’s lack of a billing relationship with its customers and Apple’s preference for proprietary systems may become a hurdle in developing their mobile payment services.

Missing the game might mean a big loss. According to IE Market Research, NFC payments have great potential for growth, and are likely to account for a third of the USD1.13 trillion global markets in mobile transactions by 2014.

One possible advantage for operators entering the mobile payment field would be the right timing. “You could argue that it’s the right time for new payment services, as there’s less trust in banks due to the financial crisis,” says Christophe Uzureau, Research Director at Gartner. On the other hand, operators can explore a new market segment with NFC. By becoming the applications portal for the mobile wallet, operators may gain a leading position in the mobile payment game, though they are lagging behind in online apps. Whatever the motivation would be, more players are

J

MAR 2011 . ISSUE 59

Huawei Communicate

28

entering the game and fighting for a chance to win more.

Vodafone has gained great success on M-PESA, a mobile-phone based money transfer service launched in six developing countries including Kenya and South Africa. In November 2010, China Unicom started the commercial application of its mobile payment service in four Chinese cities. While in the US, AT&T, Verizon and T-Mobile have teamed up to develop ISIS, a mobile phone commerce technology based on NFC communications, which is expected to be rolled out in key areas by mid-2012.

Early practices around the world

In some countries, such as Japan, for years the use of mobile phones to access public transport or to buy in stores has been a reality for years. An NFC chip inside the case allows the transaction and it is only necessary to pass the phone near the reader and go. The system works like a debit card that can be recharged from an application on the mobile phone itself, but is not directly associated with a banking account or operator.

In the United States there are many shops that have opted for new forms of payment via mobile phone. The most innovative is to send money via text messages (Venmo) with no processing fees for individuals – Venmo is 100% free to use, or by swapping the credit card on a mobile device (Square), but there are many others: VeriFone, Mophie, etc.

In Europe some experiences with mobile payment systems have been tested, most of them using short text messages (SMS). But the reality is that very few have passed the test phase. Weak infrastructure and low support from the manufacturers and traders, as well as the lack of support from credit payment institutions (Visa, MasterCard, etc.), which have seen m-commerce as a threat to their credit card business and the substantial fees charged for use, thus hindering its implementation.

Although the use of payment methods via mobiles is marginal – only 2% of mobile users (as of Europe, Middle East and Africa)

– the situation, however, could change during next years, thanks to the emergence of new payment systems based on mobile platforms. For example, Square does nothing more than transform the phone in a credit card reader; Visa now has shown interest in entering this business with determination and also PayPal, is positioning itself in the payment via mobiles.

Most of these solutions are either software applications or an update of the traditional systems, such as credit card magnetic stripe, but there are enough clues to suggest that in 2011 the manufacturers will make a serious effort to integrate NFC chips in their phones and strongly support mobile payment. Consequently, we could end up soon with a system similar to Japan, which besides being a wallet could be used for other applications, although some consultants think that the growth of payments through mobile is going to stall until a friendly model environment for end users is created.

A possible barrier to the widespread adoption of the technology could be the many consumers concerns over security, but regarding this, most mobile phone users around the world feel safe while using their mobile devices. For example, buying boarding passes, making small payments or accessing online banking. The reality is that the system is especially safe when used appropriately with the right passwords, even more than using the traditional systems.

Moreover, the so-called “mobile money” is rapidly progressing in Africa. For example, in Kenya, where banks have few branches, M-PESA is an alternative to banks. Most M-PESA customers have no bank account, but they can make payments and send money using their mobile phones. Similar initiatives exist in the Philippines and South Africa, which, together with that in Kenya, are among the most successful pioneer experiences worldwide.

An emerging ecosystem

Though NFC is becoming a hot topic, its eco-system still needs time to become mature. To be commercially viable, the NFC system will require NFC-enabled handsets,

Michael [email protected]

point-of-sale terminals, software, security, and transaction processing platforms.

At the Mobile World Congress 2011, 16 operators – including Vodafone, Telefónica, Bharti, China Unicom, Deutsche Telekom, and more – announced their intention to launch commercial NFC services by 2012. GSMA Chairman Franco Bernabe noted that NFC will not only enable mobile payments but also other services and applications like mobile ticketing, mobile couponing, and control access to cars, homes and hotels. In addition, GSMA “will develop the necessary certification and testing standards to ensure global interoperability of NFC services.”

Several manufacturers are developing plans to incorporate NFC technology for the new smartphones, which allow the exchange of data – not in massive amounts as Wi-Fi or Bluetooth do – but is intended for communication between devices with processing capacity. Nokia announced in June 2010 that almost all smartphones will include NFC in 2011. Samsung has been testing phones for some time, the new Google´s Nexus S comes with NFC technology, and it is confirmed that both Apple and RIM are working on bringing NFC to their handsets, while Sony Ericsson, HTC and LG have yet to release NFC-ready handsets promising the technology later in 2011, so it takes time for the technology to become a little more widespread.

Moreover, there are several entities that are beginning to use technology, such as La Caixa, BBVA, Barclays, Bank of America, Citibank and Visa, which are running a series of tests with the NFC system, that will allow to make payments via smartphones without the need for cash or credit cards, and the transaction amount is added to the user’s monthly bill.

The fact that the largest US bank and the largest worldwide payment processing company are carrying out these tests, gives us an idea of the enormous leap that payment with mobile phones is taking.


Storage & Security

MAR 2011 . ISSUE 59


29

The efficiency of an IT ecological process is determined by whether or not the storage system, the source of data for the entire IT ecological chain, is able to effectively transmit data.


performance. Over recent years, though, they have come to recognize that a single, powerful engine is not enough to resolve the issue and that, as a trend, revolutionary storage architecture is required instead where multiple engines work in tandem.

Sharp increase in heterogeneous platform management costs

Data flow has to speed up in data centers to meet the diversity of application systems, ever-changing user demands, and increasingly shorter information

How to sca le up i s the b igges t issue for a traditional storage system. A storage system needs to feature an architecture where one backplane enables interconnections between more components with better specifications. This need creates both technical and economic bottlenecks. Mid-/low-end scale-up storage systems have limited performance and capacities, while high-end systems, though with better performance and higher capacities, result in high CAPEX and OPEX.

As access bandwidth is increasing with the advent of the Web 2.0 era, the Internet is teeming with numerous types of rich media. This proliferation has strained storage systems as data sources, slowing down the flow of data. To tackle this challenge, storage systems are needed that enable larger data throughput with better performance. As a solution, most storage suppliers tried to improve individual controllers in terms of specifications and

owadays , meet ing ever-increasing human needs and wants results in massive amounts of waste when more

and more resources, such as water, food and electricity, are consumed. Worse, waste disposal cannot keep up with the waste that is being produced. Similarly in the IT ecology, the ever-growing number of applications is eating up CPU and memory resources and turning out a large amount of data, some of which is waste and occupies storage capacity that could otherwise be better used.

Top three issues for a storage system

A storage system lies at the bottom of an IT ecology

chain. Data, after being retr ieved from the

storage system, flows

over this chain. In this process, new

data i s genera ted and then stored in the

storage system – and the process repeats itself. The

efficiency of an IT ecological process is determined by whether

or not the storage system, the source of data for the entire IT ecological chain, is able to effectively transmit data.

Performance and scalability bottlenecks

By Zhang Dong

N

MAR 2011 . ISSUE 59

Huawei Communicate

(ILM). ILM ensures that resources with diversified performance are allocated to data to address diverse needs, provide resources on-demand, save resources, and reduce costs . As a method of implementing ILM, a mechanism called hierarchical storage management (HSM) is required.

For the time being, though, most enterprises are not implementing HSM. As a result, hot data is not stored in high-performance disks in data centers while most cold data occupies high-performance disks. This leads to sharp increases in O&M costs.

Three innovative approaches

To the aforementioned issues, there are three innovative approaches: scale-out, dynamic storage tiering, and virtualization.

lifecycle. A large number of heterogeneous storage platforms, however, may turn into information islands and create impassable obstacles for data flow.

Heterogeneous storage systems pieced together with equipment from different suppliers are generally deployed in large data centers and disaster-tolerance centers. Accordingly, multiple pieces of storage management software are installed to run these storage systems and additional software such as multipath navigators and snapshot agents have to be installed on host systems. At the network layer, multiple logical links for remote data replication are maintained and supervised, which pushes up management costs. According to a survey conducted by Gartner, the management cost per GB is four times the storage device cost per GB on storage systems in data centers.

Severe resource waste and rising O&M costs

30

systems based on scale-out architecture, including scale-out SAN and scale-out NAS. In the meantime, pNFS, part of the latest NFSv4.1, has also been released to support access to storage devices in parallel.

In the future, storage systems will evolve into multi-node scale-out storage architecture, and the development of cloud computing will provide a solid foundation for this. Only in recent years have cluster storage systems been commercialized, and outstanding issues in terms of architecture, performance, capacity, and scalability remain.

Huawei anticipated early on that cluster storage would become one of the most sought-after solutions and launched the N8000 scale-out NAS storage system ahead of other storage suppliers. With an advanced architecture, this system eliminates performance bottlenecks and availability issues that have bothered legacy scale-

As enterprise data is incessantly flowing, its value changes, and so does the performance requirements for the bottom storage systems. When data is initially generated, it has high computing and storage requirements. As the clock ticks, the requirements get lower for bottom storage resources. Then the data is stored (archived) offline, and may be deleted in the end.

From generation to deletion, an effective mechanism is required to manage the data and it is referred to as information lifecycle management

Scale-out: Scale-out is an optimal approach to el iminating data I/O performance bottlenecks and capacity limitations. In this approach, multiple inexpensive X86 processor nodes are used to achieve a level of performance that is impossible with legacy high-end storage systems. The multi-node scale-out architecture is equivalent to a powerful stackable engine, eliminating performance bottlenecks and raising the upper capacity limit in a linear manner for investment protection. Currently, a number of storage suppliers have launched their storage

out NAS storage systems.Dynamic storage tiering (DST):

DST is an approach that effectively tackles issues with the mixed storage of cold and hot data in data centers.

Virtualization: Legacy storage systems with scale-up architecture cause a disintegrated bottom layer of the IT ecological chain, in addition to poor flexibility and difficulty in migration. To overcome this, storage islands must be virtualized for integration and then output in order, with powerful value-added services provided at the upper

Storage & Security

MAR 2011 . ISSUE 59

layer. In this way, the islands can be integrated as one.

N8000 scale-out NAS system: Eliminating bottlenecks

Legacy NAS systems with scale-up architecture face issues such as poor availability, performance and scalability. In addition, they present problems such as an active/standby mode (not applicable to parallel data access), unavailability of dynamic data grading, and complex backup networks that have created capacity and performance bottlenecks.

The N8000 is a sca le-out NAS s y s t em deve loped by Huawe i t o solve these two issues effectively. It implements performance enhancement b y a d d i n g N A S e n g i n e s o n l i n e smoothly and quickly and supporting l inea r improvement o f s ca l e -out performance. And it addresses the need for linear increases in storage capacity by supporting the online addition of storage units.

What’s more, the entire system supports a maximum storage capacity of 15PB and enables f lexible port configurations on hosts. Each NAS engine provides four or six GE service ports. All scale-out NAS engine nodes can share bottom storage space, allowing multiple engine nodes to access hot data in parallel and ensuring effective usage of engine node resources. A scale-out NAS engine node’s fault is transparent to services and automatic fai lover ensures that services are uninterrupted.

In add i t i on , the N8000 ha s a powerful HSM data grading function. According to data lifecycle policies, data not accessed over a long term can be migrated to inexpensive secondary storage media for cost reduction. Data migration is transparent to applications, and service hosts can directly access files from the secondary storage after the migration. The data can also be

migrated back to the primary storage, if necessary, to improve data access.

In short, the N8000 scale-out NAS system eliminates performance and capacity bottlenecks of a legacy NAS system, and provides a dynamic grading storage solution.

S8000 SAN storage system: Divide and rule

The trend today is for the storage system to adopt an open, scale-out architecture to implement the divide-and-rule strategy. The Huawei S8000 is a new-generation storage system that best represents this trend and fully embodies the “divide” thinking and characteristics by providing complete openness, a dual-layer drive, equal-length I/O paths, dual switching planes, and modular full redundancy.

The S8000 serves as a huge storage pool for major operators, enterprises and government agencies, and provides a variety of robust data protection and disaster-tolerant solutions. With the snapshot feature, the system can generate multiple traceable versions, and the snapshot agent at the host end ensures consistency between mainstream databases such as Oracle and SQL servers. The system also ensures consistency among associated data arrays using the consistency array technology. Multiple disaster-tolerant solutions such as point-to-point disaster tolerance, multi-level disaster tolerance, and centralized tolerance are available based on Lun coping and Lun mirroring technologies.

To sum up, the S8000 s torage system provides centralized storage and supports dynamic linear expansion, numerous value-added functions, and disaster-tolerant features.

VIS system: Synergizing heterogeneous platforms

Heterogeneous storage islands and

resources must be synergized. Huawei’s VIS system enables complete storage virtualization and combines complex heterogeneous storage systems into one storage pool. Thus, storage resources are centralized and can be allocated uniformly. In addition, value-added functions such as snapshot and remote replication can be deployed on the VIS to mask the difference between heterogeneous arrays at the backend.

Through virtualization, Huawei’s VIS system serves all storage devices under its management so that operators do not have to pay for value-added functions on a device-by-device basis. The system also enables centralized deployment and management of value-added services, which reduces CAPEX and OPEX. Also it solves the problem that some storage devices do not support value-added functions, maximizing return on investments in storage assets.

Huawei’s VIS system improves its continuity through cross-platform remote duplication, cross-platform snapshot and mirroring, and dynamic data migration. Cross-platform remote duplication enables remote disaster tolerance for heterogeneous platforms by restoring data at any time from log volumes. Cross-platform snapshot and mirroring enable mirroring volumes to substitute or restore data from snapshots in case of a malfunctioning array of source volumes without any impact on the host. Dynamic data migration enables data migration that does not interrupt services.

At present, Huawei’s VIS systems a r e s a t i s f a c to r i l y s e r v ing Ch ina Mobile Chongqing, China Unicom Heilongjiang, MTN Nigeria, etc.

With their optimized architectural designs and powerful value-added solutions, Huawei’s N8000, S8000, and VIS systems have helped to tackle storage issues in data centers thoroughly.


Editor: Pan Tao [email protected]

31


MAR 2011 . ISSUE 59

Huawei Communicate

By Wu Junhai

Virtual tape library

Your efficient backup expertAccording to Gartner, 40% of companies that suffer a catastrophic data loss are rendered unable to continue operations, while one-third of the remainder close within two years. Data backup is particularly important for operators, and an efficient data backup solution is required to meet the growing service and data volume.

A call for new solutions

ost operators are currently u s i n g s o f t w a r e a n d physical tape libraries to store critical information

in data centers. Physical tape libraries have long played an important role in data backup. As services expand, h owe ve r, o p e r a t o r s h a ve h i g h e r requirements from backup systems while requiring shortened backup time. Physical tape libraries are becoming inadequate for data backup because of high failure rates and low efficiency.

Enabled by dramatic increases in tapes capacities and greatly reduced prices, SATA disk-based backup systems have been widely deployed in operators’ data centers. These disks ensure high-speed random access and the RAID technology enables disks to provide unparalleled reliability. Thanks to these features, disk-based backup systems have become the popular choice to replace physical tape libraries.

While resolving the reliability and performance issues of physical tape libraries, disk-based backup systems also have bottlenecks like poor security management and low cost performance.

Operators are seeking a new solution that combines the advantages of both tape-based and disk-based backup systems, which can address the new requirements of data centers in terms of performance, security, and input/output

ratio. D r i v e n b y this demand, virtual tape libraries are beginning to make an appearance.

VTL arises

Virtual tape library (VTL) is a data storage virtualization technology used typical ly for backup and recovery purposes. According to Wikipedia, VTL presents a storage component as tape libraries or tape drives for use with backup software.

Compared with a physical tape

M

library, VTL is more

p o w e r f u l a n d h a s the advantages of both disks

and tapes, such as high performance, low fa i lure ra te , h igh re l i ab i l i ty, and low investment and operation costs. Furthermore, VTL can also be integrated into a physical tape library to improve security and performance, while reducing costs in data maintenance. As a backup system, VTL is similar to a real and automated physical tape library, except that a physical tape library stores data on hard disks.

VTL has been widely recognized as an ideal solution for backup in data

32

Storage & Security

MAR 2011 . ISSUE 59

centers and is used by an increasing number of operators. According to research firm IDC, the global VTL market has been booming, with sales revenue reaching USD1.1 billion in 2010 and expected to hit USD1.3 billion in 2011.

However, not all VTLs are fit for operators’ data centers. A data center may consist of thousands of servers, backing up some 100TB data and requiring a complex and difficult backup process. In this context, the VTL must be capable of providing high performance, scalability, and reliability in addition to value-added functions.

To help operators deal with backup issues and challenges in their data centers, Huawei has launched the OceanStor VTL6000 solution.

Improve backup performance

As an operator develops, information in its data center increases and subsequently the existing backup approaches cannot finish data backup as scheduled. This eventually degrades the system performance. According to Robert Amatruda, Research Director of Data Protection and Recovery at IDC, many companies are expanding their data volume, yet they often fail to back up data within the specified time.

By using a VTL, operators can back up their data daily rather than spend hours backing up during weekends, thus significantly improving efficiency. As a result, many operators have begun to deploy VTL systems.

Huawei OceanStor VTL6000 allows configuring multiple nodes in one cluster, which improves backup efficiency and ensures high availability. The OceanStor VTL6000 provides 4GB bandwidth over fibers – either when connecting to a backup server at the front end or a disk array and tape library at the back end – ensuring sufficient bandwidth in the entire backup process.

In addition, OceanStor VTL6000 can back up data with multiple streams in parallel order, meaning that the system can concurrently connect to multiple servers to back up data, which drastically shortens backup time. Moreover, by using intelligent I/O load balancing, the OceanStor VTL6000 can automatically allocate and write backup data into disk arrays. Supporting 1400Mbps data backup, the OceanStor VTL6000 can help operators finish data backup in a short time.

Simplify backup management

After years of development, the IT architecture

of an operator’s data center is often complex and uses different types of heterogeneous software and hardware platforms from different vendors. Only a VTL that is highly compatible can be seamlessly integrated with the legacy data center while ensuring smooth migration.

The OceanStor VTL6000 provides GUIs and is compatible with mainstream physical tape libraries/drives and operating systems, and can be seamlessly connected to mainstream backup software. The OceanStor VTL6000 also provides value-added functions such as tape caching and network data management protocol (NDMP) functions.

The VTL improves the backup efficiency instead of replacing the physical tape library. As a storage medium with low unit cost, a tape is capable of storing data offline for a long time, helping operators comply with relevant regulations.

OceanStor VTL6000 supports tape caching function, allowing backup data to be read from the VTL into a tape library, and then generate an identical tape. In this context, operators can concurrently back up data to a VTL and a physical tape quickly, without increasing the load on the server, thereby simplifying the backup process and improving data recovery efficiency.

Contribute to energy conservation

Operators are increasingly concerned about energy conservation. Data backup consumes large storage space due to duplicate data. Take a full backup for example: More than 90% of the data backed up at one time is the same as the previous backup.

Although VTL allows operators to delete duplicate data to release storage space, the backup performance is far more important for the released storage space. If backup efficiency deteriorates because of the deleting of duplicate data, operators would not be able to finish the backup within the backup window. In this case, the loss suffered will be much greater than the benefit gained. Therefore, VTL must ensure that deleting duplicate data does not compromise backup efficiency, not to mention the performance of application servers.

The OceanStor VTL6000 supports deleting duplicate data and massive array of idle disks (MAID), which helps reduce the disk space required, investment and energy consumption. Compared with VTLs that do not support these features, OceanStor VTL6000 can help slash energy consumption by over 50%.

Virtual tape library: Your efficient backup expert

33

MAR 2011 . ISSUE 59

Huawei Communicate

34

Editor: Xu Ping [email protected]


In addition, OceanStor VTL6000 uses post-processing to delete duplicate data, ensuring data backup efficiency by separat ing data de le t ion f rom data backup. This feature makes the OceanStor VTL6000 especially suitable for a data center that needs to back up a large amount of data within a tight backup schedule. Supporting remote data deletion and backup, the OceanStor VTL6000 can back up the needed data with less bandwidth, as the duplicate data has been deleted.

Meeting expectations

The OceanStor VTL6000 has been adopted by operators globally, including China Mobile, STC, and Safaricom.

Take the OCS system of an operator for example. This system consists of dozens of servers and backs up data by using physical tape libraries. As service develops, the data volume increases

greatly. Using physical tape libraries for data backup incurs higher cost and it is hard to back up data in a timely fashion. Moreover, services will be endangered if important data cannot be backed up in time.

In addition, data backup by using tape libraries is unreliable. Even when data is successfully backed up, data recovery may fail because of poor tape quality; however, this can hardly be verified until the data recovery begins, and this is potentially a very risky situation.

With OceanStor VTL6000, the OCS system can finish data backup within a tight schedule, which not only saves time but also ensures accurate data recovery in case of system failure.

By using the remote data backup function, the operator can secure its critical OCS data by copying it to another disaster recovery site. The OceanStor VTL6000 will transfer the data only after the duplicate data is

deleted. This requires less bandwidth a n d h e l p s t h e o p e r a t o r r e d u c e investment.

“While ensuring the normal operation of OCS, we also need to enhance the performance of the backup system. Huawei VTL provides an optimal solution, which has ful ly met our expectations on data backup and recovery performance, enhancing the data security,” says an IT manager of the operator.

Compared with traditional systems, VTL f ea tu re s f a s t e r speed and a smoother backup process. An increasing number of operators are adopting VTL as their main backup system to protect their data. As an optimal solution, OceanStor VTL6000 sets to help operators solve their backup challenges and build a competitive edge.

Storage & Security

MAR 2011 . ISSUE 5935

Scale-out NAS: Its development and application

Scale-out NASIts development and applicationAs data has grown explosively, finding a solution for data storage has become an increasingly complex endeavor for enterprise users.

By Liu Qilong

ccording to statistics from research firm IDC, non-structured fi le-type data is increasing at the fastest

rate and predicted to occupy 80% of the total storage capacity by the end of 2012. Highly valuable for an enterprise, per formance data generated from operations must be securely stored like bank account information. How to deal with skyrocketing data growth is a challenge to enterprise users.

Scale-out storage

It is well known that network attached storage (NAS) is the best option for

storing non-structured data that may be scattered throughout millions of files. In an enterprise data center, NAS enables users to share data among multiple servers using an IP network. However, as services and data are increasingly faster, NAS devices and even those with petabyte-level capacity can hardly keep up. To store the ever-increasing amount of data, enterprises have to acquire more and more NAS devices, which, like the legacy direct attached storage (DAS) and storage area network (SAN) devices, give rise to “information islands” – multiple file systems, multiple naming spaces, multiple attachment points. It is these “information islands” that are a headache for O&M engineers.

There was a rivalry between the NAS and SAN camps – both trying to dominate the market. As time went by, more users have found that NAS and SAN meet diverse demands, and supplement each other. NAS is used to store non-structured data such as web files and image files while SAN is ideal for storing structured data such as databases. So, merging NAS and SAN solutions has been a natural outcome.

Scale-out NAS marks a new trend in storage. The scale-up model is coming to an end, be it NAS or SAN, much in the same way CPU technology is evolving from frequency improvement to kernel enhancement.

Scale-out storage has an unparalleled

A

MAR 2011 . ISSUE 59

Huawei Communicate

36

l eve l . In terms of expans ion, the advantage is clear in the improvement of computing capability, cache buffer, and storage space for the entire system. In reliability, the system is always available as long as at least one node in the system is functioning normally.

The two architectures have their strengths and weaknesses. The cluster architecture has an advantage in response time while the RAIN architecture is strong in scalability. Scale-out NAS systems will keep improving if the two architectures can compete and develop over the long term.

In recent years, scale-out NAS has grown like never before and cloud storage has also had its share of growth. Scale-out NAS and cloud storage have similarities in terms of their technical basis. It can be said that scale-out NAS is a prelude or subset of cloud storage. Both storage solutions intend to store non-structured data in rapid growth, combining storage devices and applications and functioning as a system to provide data storage and access services. Unlike scale-out NAS, cloud storage covers a far larger scale, far outperforming the range of legacy data centers and surpassing the LAN, WAN, and Internet, including network technologies and distributed file systems.

Now, there are signs of scale-out NAS being used in more and more data centers. In the future, scale-out NAS will be merged with cloud storage as the latter advances.

Two types of applications

Legacy s torage f i t s t ransact ion applications, especially block-based database applications. As digital devices have become popular in recent years, a great number of digital photo and video files have been generated that have caused storage demands to skyrocket. In addition, the development of network applications, especially Web2.0, has created cost and scalability challenges for storage, which legacy storage cannot meet.

Scale-out NAS has come to the rescue,

fitting two types of applications: web applications and file archival applications.

Web applications: Common web applications are blogs, online social communities, and online stores as users of these applications demand spacious storage for an uncountable amount of digital photos and video files uploaded onto blogs and online social community s i t e s , not to ment ion the d ig i t a l photos and flash files for thousands of commodities on online stores. Each user demands increasingly larger storage space while the storage dilemma is compacted by more and more new users. Unlike storage demands in an enterprise’s data center, storage demands of these applications are not really predictable. To address these storage demands, a highly scalable storage architecture that enables storage to scale out with service growth is required. Scale-out NAS has its advantages in this regard.

File archival applications: Hardcopy paper records are hard to save or retrieve. Advancements in high-speed scan and storage technologies have driven digitizing paper records such as manually processed bills in the financial field and criminal case files in the legal field. Such applications do not have high requirements for performance but do have high capacity requirements, meaning that they are cost-sensitive. Scale-out NAS addresses these demands with its unparalleled scalability.

Scale-out NAS, though helping enterprise users to take on the challenges in surging demands for storing non-structured data with its scalability and manageability, has weaknesses in some functions such as snapshot management and restoration, remote duplication-based disaster tolerance, and multi-protocol support.

Despite its weaknesses, scale-out NAS has seen its users increasing constantly, evidencing its ability to deal with the explosive growth of data.

advantage in flexibility that enables enterprise users to purchase storage on-demand. Enterprise users can purchase storage for whatever performance or capacity levels they require. Without having to acquire expensive large-capacity devices immediately, they can save on CAPEX significantly.

Another advantage of scale-out storage lies in its excellent manageability. No matter how many controllers and disks a user has bought and deployed, they work as one single system. And managing one system is definitely easier than managing multiple ones.

Technical advancements of scale-out NAS

Sca le-out NAS can actua l ly be understood as an NAS system that scales out. Unlike scale-up NAS, scale-out NAS is implemented under either of two common architectures: cluster and redundant array of independent nodes (RAIN).

Cluster architecture: As indicated by its name, this architecture is built on the clustered file system. It enables multiple engine nodes to share volumes on a group of SAN devices and provides a global naming system, which evenly distributes access requests onto the engine nodes by running the load balance algorithm. It also provides a set of file lockout mechanisms, ensuring that all engine nodes can access data on the same volume. Huawei’s N8000 is a series of scale-up NAS products that achieve load balance on nodes. The cluster architecture and load balance design eliminate risks from node failures, so even when a server in a data center fails, data access service is uninterrupted.

RAIN architecture: An NAS system with this architecture consists of multiple standalone nodes, each of which has its own computation and storage resources. The RAIN architecture has advantages in costs, expansion, and reliability. In terms of costs, standalone nodes cost less and are structured on X86 hardware platforms, which means that system expansion costs are kept to a moderate

Editor: Xu Peng [email protected]


Storage & Security

MAR 2011 . ISSUE 59

Next-generation firewall: A shield for the future

37

Changing network security threats

ccording to data provided by an anti-virus company, 596 million Internet users in China were attacked

by viruses and malware in the first half of 2010, or about 3.31 million daily. However, viruses which can severely damage computers are on the decline.Instead hackers are focusing increasingly on financial crimes, which can sometimes be impossible to detect until it’s too late. When a user’s computer is infected, there are no obvious symptoms. The computer continues to run properly, but the user’s personal information is stolen, and this may result in financial losses.

File downloading is quite common in the Internet era. To ensure they are not detected by anti-virus software, viruses

Next-generation firewall

A shield for the futureWith the rapid growth in Internet usage, network threats are on rise. Traditional firewalls and unified threat management (UTM) products can no longer withstand various malicious threats at the application and file layers. So how will we protect our networks in future?

By Lv Yingxuan

and Trojan horses are sometimes hidden in binary files or even in compressed files.

This kind of increasingly hidden security threat is becoming a major vehicle of hackers.

Traditional security gateways, not up to the challengeJust 1+1, no synergy

Given that the threats facing the Internet are changing from network-layer attacks to application-layer and file-layer attacks, traditional firewalls, which mainly tackle network-layer threats, fall far behind today’s security requirements. Meanwhile, unified threat management (UTM) products are able to deal with application-layer threats, such as viruses and Trojan horses hidden in application software, and detect

Amalicious codes. Yet, there are two serious disadvantages to UTM’s way of stacking security modules on security gateways.

First, when multiple security modules are enabled at a security gateway, the gateway’s forwarding capability is severely compromised and becomes a bottleneck for network forwarding. The deteriorating speed and user experience leaves users no choice but to disable these security modules.

Secondly, it brings about a lot of problems affecting network administration, like redundancy configurations and mutually exclusive configurations.

Moreover, UTM products are far too limited in terms of file control. They can only detect file-layer threats for certain protocols, such as the HTTP and email protocols. For most applications such as HTTPS, P2P, IM, on-line games, on-line videos, and user service systems, UTM can do nothing about their file-layer control.

MAR 2011 . ISSUE 59

Huawei Communicate

38

Collaboration between RAC and SFE

The RAC module defines security policies based on the three dimensions of what the role of user is, what the user is doing, and what the content is, resolving the complex and t ime consuming configurations inherent with UTM.

And three-dimensional information becomes the input for the SFE. The SFE receives, disassembles, and then merges file packet as per various security requests such as the ACL, anti-DDOS, black list and white list, identification of applications for visualization, keyword filtering, contents filtering, anti-virus, IPS, and anti-spam, from the three dimensions. And with one single detection, it can determine the validity of a packet.

In addition to the RAC and SFE, Huawei next-generation firewalls offer a powerful application parser that can parse and re-encapsulate a large number of application protocols, therefore providing more input content for the SFE. By using the application parser, Huawei next-generation firewalls can detect a wide range of threats, including hidden ones in files of various types and in encrypted traffic. Against the backdrop of virtualization and cloud technology trend, Huawei next-generation firewalls also support new architectures by virtualizing a device into multiple devices, ensuring flexible allocation of hardware resources while minimizing management and expansion difficulties.

Though today’s networks are under severe threats, security solution providers can help users withstand these threats via their offering of effective protection devices and tools. Huawei has deployed honeynets in over 200 countries worldwide to collect various kinds of network threat information and set up strong security expertise. With the support of information and expertise, and an ever-updating anti-threat system, Huawei’s network security assurance capability is constantly improving.

Editor: Li Xuefeng [email protected]


No visibility into applications

Given the flood of applications, network administrators are in urgent need of visibility, like what these applications are, whether they are authorized, and whether they occupy too much bandwidth. Still, a traditional security gateway can do little in this field, as its core security control principle is to detect and shield unauthorized traffic but not to detect authorized traffic. What’s more, Web 2.0 applications open the door for potential hackers to release malware.

ACL-based security management, not role-based

Nowadays, a user can access the Internet in different ways, such as through personal computer at the office, wireless access using a laptop in a meeting room, or remote access at home or on a business trip. For such users, IP address-based security management is no longer applicable. Instead, the security management must be shifted to being based on the user’s role, irrespective of the user’s physical locations. This poses a challenge that goes beyond the capabilities of traditional security gateway.

Traditional security gateways divide a physical network into security domains based on IP addresses and assign different security attributes to these security domains. Specifically, traditional gateways determine whether data traffic can pass authentication based on lower-layer attributes such as the source address, source port, destination address, destination port, protocol ID, or application type in data traffic. These attributes are specified in security policies or the access control list (ACL).

Powerful next-generation firewall

According to Gartner Consulting, next-generation firewalls must be able to identify application traffic, withstand various new attacks such as BotNets, synergize various security modules with

little impact on network performance, and support virtualization and cloud technologies, with customization to prepare for future threats.

Huawei has always been dedicated to the development of next-generation firewalls to better protect user networks and services. User-based Huawei next-generation firewalls are capable of detecting threats deep in applications and files with high precision, wide coverage, and low error rates.

RAC modules: Brand new security perspective

Huawei next-generation firewalls offer the industry-leading RAC module, which boasts a brand new security policy based on user roles, applications, and file contents, completely different from that of traditional security gateway.

Roles : Securi ty management i s implemented based on user roles, instead of IP addresses or network segments of traditional ones.

Applications: Applications of user roles are identified and controlled in a visualized mode. In addition, bandwidth control of authorized traffic and blocking of unauthorized traffic are also achieved.

Contents: Contents in files are parsed and then re-encapsulated, maximizing the threat detection possibility. In this manner, threats in any network applications, even applications running encryption protocols such as HTTPS can be detected, achieving security control at the file layer.

SFE: A highly effective, secure engine

Huawei next-generation firewalls also provide a secure forward engine (SFE) that can detect and filter packets based on the security policies delivered by the RAC module. The main advantage of the SFE is that it can determine whether a packet is authorized by detecting the packet only once, regardless of the number of enabled security modules. This ensures the minimum impact of security management on network performance, providing security while ensuring the high speed of Internet access for users.

Storage & Security

MAR 2011 . ISSUE 59

By Du Yumin

Moore’s Law for the computer system

he major three components of a computer system, the CPU, memory, and hard disk have been developing

at different paces. Since 1997, hard disk and memory capacities have been increasing at a rate outpacing Moore’s Law, while the performances of the CPU, I/O device, and memory have basically been in line with it.

Today’s mainstream X86 CPU, whose dominant frequency has already exceeded 3GHz, delivers more than one billion read/write instructions per second, or 1,000 million instructions per second (MIPS) when working with technologies such as multi-kernel, multi-streamline, and multi-thread. Memory technology is so developed that DDR3 will soon be replaced by DDR4 that will support more than 100,000 read/write operations every second.

U n f o r t u n a t e l y , h a r d d i s k performance has been developing at a relatively slow pace, having increased only 1.5 times in the past decade. Today, a SATA hard disk al lows a maximum of 150 read/write operations per second (80 operations/second on average), and even a high-performance FC or SAS hard disk only allows 300 input/output operations per second (IOPS).

39

Solid state disk starts a low-carbon revolution

T

SSDSolid state disk starts a low-carbon revolution

MAR 2011 . ISSUE 59

Huawei Communicate

Why is there such an imbalance between the development of CPUs and hard disks?

A conventional mechanical hard disk i s manufactured using magnetic disk sheets and its performance is in direct proportion to the rotational speed of the magnetic disk sheets. Since 1997, the rotational speed of SATA disk sheets has increased by 33% from 5,400 to 7,200rpm while that of FC and SAS disk sheets has increased by 50% from 10,000 to 15,000rpm. However, if the rotational speed of disk sheets increases further, the hard disk will consume more power since the power consumption of a mechanical hard disk is directly proportional to 2.8th power of the disk sheets’ rotational speed. The power consumption of the existing hard disk has reached the limit of the computer system, leaving no room for further performance improvement.

We are left with a frustrating situation: The overall performance of a computer system will deteriorate sharply, only allowing for a maximum of 300 read/write operations per second when writing or reading data on hard disks, regardless of the speeds of the CPU and memory unit. How can we find a way of breaking this bottleneck so that hard disk performance can develop in line with Moore’s Law? – This is a challenge facing ICT.

SSD fully improves hard disk performance

Unlike a mechanical hard disk, an SSD uses an electronic flash chip as its data storage medium.

An SSD is actually a mini computer system and has its own CPU, memory unit, and storage unit. However, it uses ARM or PowerPC that consumes less power than the X86 CPU and adopts flash memory chips instead of a hard disk as its storage unit at the backend. A compact storage unit that ensures security and rapid operations, a flash memory chip provides large capacity and features low power consumption. It ensures zero data loss in case of a power failure. One flash memory chip allows 2,000 to 4,000 read/write operations per second with its power consumption below 150mW. Currently, an SSD supports a maximum of 128 flash memory chips.

With its own complete computing system, the SSD can be imbedded with flash-supported fine-tuning algorithms. Further, it allows multiple flash memory chips to perform concurrent read/write operations. Therefore, an SSD can easily

perform10000IOPS while consuming only 2.5W of power. The HSSD, developed recently by Huawei Symantec, allows for 35,000 IOPS (read) and 10,000 (write) per second, improving the processing speed by 100 times over an FC hard disk. This completely removes the hard disk performance bottleneck of the computer system.

An SSD not only offers users higher speed when using a computer but also provides the following features.

Zero noise. When a hard disk is reading or writing data, there is friction between the read/write head and rotating disk sheets, generating 10 to 20dB of noise. But an SSD does not generate any noise because it uses electronic flash memory chips instead of mechanical devices such as motors.

Extended lifecycle. While a reliable FC hard disk can run for 1.2 million hours, an SSD can run for 2.4 million hours, because it is free from mechanical wear and tear and has built-in reliability algorithms such as the flash bad block management algorithm and data verification algorithm in its CPU.

Energy and cost efficiency. When starting, the rotation of a mechanical hard disk accelerates from 0 to 15,000rpm and the starting current is three times higher than its average working current. In addition, the extra current generated during a read/write operation is 2.5 times higher than its average working current. In other words, a computer system must be able to ensure 50W or higher to support a 20W hard disk, which requires the design of higher power redundancy for the system power supply unit and therefore increases the system costs. The starting current of an SSD is only 5% higher than its average working current because it is composed entirely of electronic components. While working, the SSD keeps its working current stable without generating any extra current, ensuring high system reliability.

Superb random read/write capability. When a conventional hard disk reads or writes data, the read/write head must keep moving or waiting until the target data sector turns under the read/write head if data is randomly distributed on the disk. This dramatically reduces read/write efficiency. Even for an FC hard disk, the random read/write efficiency is below 100IOPS. In comparison, an SSD only needs to check up a table, locate the flash memory chip where data is stored, and then read/write data accordingly. Therefore, an SSD’s random read/write performance is very close to its sequential read/write performance. For web servers,

40

Storage & Security

MAR 2011 . ISSUE 594141

database servers, and file servers that require high random read/write performance, SSDs are the best choice as they can boost the performance by 100 times at least.

Superb adaptability. A conventional hard disk rotates by 15,000rpm. Even a high-precision conventional hard disk is environment-sensitive and shows poor shockproof performance. With a power consumption of 17W, a conventional hard disk cannot work in an enclosed high-temperature environment. An SSD, using no mechanical parts, features strong shockproof capabilities and is adaptive to all environments: natural heat dissipation, enclosed space, ultra-low temperatures. The SSD developed by Huawei Symantec was used by China’s Antarctica Exploration Team in the South Pole, where it worked well at a temperature of minus 40 degrees Celsius.

Low-carbon economy leads the trend

Though first developed in 1989, the SSD is not yet widely used today. High price has been one of the major constraints, for the price of a high-performance SSD is seven times higher than that of an FC hard disk. Actually, the SSD helps customers reduce expenditure considerably, especially in applications requiring high read/write efficiency.

We can compare the operational expenditure incurred by using the SSD and the FC hard disk over a span of five years. When running at 10,000IOPS, an SSD is 30 times faster than an FC hard disk in data processing but consumes only 1/7 of the power otherwise consumed by the FC hard disk. On an IOPS per watt (IOPS/W) basis, one SSD is equivalent to 210 FC or SAS hard disks.

This means that a computer system using a conventional hard disk has to consume a power of 510W to ensure 10,000IOPS, but a computer system using an SSD requires only 2.5W.

According to Energy Star, 1W power saved in a hard disk means a 1.85W power reduction in a user’s computer system or telecom equipment room. When calculated by RMB1 for 1KW, a computer system that requires a performance of 10,000IOPS can save RMB60,000 (USD9,100) within five years by using only one SSD – a benefit well above the cost of an SSD.

A lifecycle analysis (LCA) of the FC hard disk and SSD shows that an FC hard disk emits 525kg of carbon dioxide during its lifecycle from raw

material, processing, transportation, use, and recycling within five years. In contrast, an SSD discharges a mere 110kg of carbon dioxide in the same period. In other words, using an SSD other than a conventional hard disk is equivalent to planting four trees.

Furthermore, as the SSD is composed of only electronic parts, the price of an SSD will drop by half every 18 or 24 months, at a pace close to that defined by Moore’s Law. It is predicted that an SSD will cost almost the same as an FC or SAS hard disk in three years time and SSDs will supersede FC or SAS hard disks in mainstream storage markets.

Revolution of computer system architecture

While helping cut power consumption by computer backend devices and improve the overall performance by more than 100 times, the SSD has a profound influence on computer system architecture and will further push the development of the CPU and memory. In addition, it improves the percentage of computer parts influenced by Moore’s Law so that the computer system can develop at the pace defined by the Law. Thanks to the SSD, the computer system is transforming into a low-carbon IT system with ever-improving energy/efficiency ratio.

In the future, a high-end computer system, which is based on servers and storage arrays, will consist of four major parts: the CPU, memory unit, SSD, and mechanical hard disk. Real-time access data will be stored in the memory unit; non-volatile data that requires high read/write performance will be stored on the SSD, and files that do not require high read/write performance will be stored in hard disks. This will ensure not only high system performance but also a large storage capacity, thereby reducing system costs and balancing the system performance/price ratio and energy/efficiency ratio.

The computer has changed the course of human history and is now part of people’s everyday lives. With computer technologies advancing, the SSD will probably change the world again by changing the computer system.

Editor: Xu Ping [email protected]


Solid state disk starts a low-carbon revolution

MAR 2011 . ISSUE 59

Huawei Communicate

4242

Leading Edge

NOV 2010 . ISSUE 58 43

Why SingleRAN is

Documents

Transcript of Why SingleRAN is