VPN explosion: Service providers automate VPN provisioning to meet demand
The demand for virtual private networks is exploding as businesses move from building their own data networks and transfer their data services onto public networks. To reap the benefits of this next great wave of customer demand, service providers have to manage the creation and activation of large-scale VPN services.
Industry News
Blogs
Briefing Room
advertisement
However, consistent, timely and profitable VPN service deployment over multiple technologies and vendor networks is impossible with manual or ad hoc operations support system (OSS) processes. Automation that uses open standards-based applications is vital for service providers that want to sustain and grow their subscriber base during times of exponential market growth.
Ready for the future?
To prepare for the onslaught of demand for VPNs from corporations, carriers need to evaluate their VPN requirements within the greater context of the new public network. Delivering VPN services must be considered within the framework of managing current and future network resources to optimize billable capacity, improve revenues and maximize profits. Carriers do not need to build separate networks for VPNs but can instead create VPN services over existing networks. From a business perspective, this means making efficient use of network resources to generate profits; from a technical perspective, it means developing the ability to provision business-class VPN services over heterogeneous networks, protocols and equipment. The only way to meet the increased demand for VPN services is to automate service creation and activation end-to-end, across both the core network and all the access networks. By automating service provisioning on the new public network, carriers can gain competitive advantages and aggressively market business-class VPN services - safe in the knowledge that they can accommodate demand. Only a sophisticated, automated provisioning solution that lets the carrier determine network operational information in real time will let carriers make service commitments in advance of order acceptance.
By gaining the ability to automatically upload physical network assets, inventory and logical topology, carriers can automate the network to enable flexible VPN services. They can scale new services to accommodate demands by uploading real-time information about network resources. They can automate service creation and activation by deriving real-time information on physical network inventory - including equipment, bandwidth and virtual circuits - into back-end OSS applications and repositories. They can guarantee the timely delivery of VPN services by automatically populating customer care applications such as order management, customer service, billing, and inventory management systems with real-time information.
By automating service creation and activation, they can eliminate the manual, error-prone processes that restrict the ability to profitably scale VPN resources.
Delivery dilemmas
The use of VPNs still is in its infancy, largely because of the complexity involved. The allure of reducing bandwidth charges and outsourcing network operations to carriers, however, is driving increased demands for VPN services (Figure 1).
An increasingly mobile and disparate work force needs reliable, low-cost remote connectivity to business applications and resources. Further, companies are building extranets that closely connect customers, vendors and business partners.
The promise of simplified network operations, combined with better service at a lower cost, has created a value proposition that most companies are embracing. Enterprise networks can outsource their business networks.
To meet these demands, however, carriers must successfully address the following VPN service delivery issues:
Scalability. Carriers must manage the size of existing VPNs and the demands for new VPNs. Layer 3 services delivered over frame relay, ATM or multiprotocol label switching (MPLS) also require the management of permanent virtual circuit or label-switched paths in the network.
Security. Any corporation willing to outsource its data network requires security assurances. They are particularly sensitive because they know their data will be carried over a common network that could be shared by competitors. Service providers can provide security by using encryption to tunnel traffic to remote locations.
Customer isolation. Because multiple customers share common network resources, each VPN service must be logically isolated so that one customer cannot usurp network resources committed to another customer. Effective isolation allows carriers to optimize network efficiency and avoid investments in idle bandwidth to accommodate spikes in demand.
Guaranteed quality of service (QOS). Customers insist upon guaranteed QOS levels and measurable service level agreements.
Optimization of network resources. Because the business model underlying VPN services is based on the concept of shared resources, carriers must tune the network to optimize the use of network resources. These resources include not only the physical network equipment but also the bandwidth and the use of customer care and network support staff.
Efficient activation. Customers are not willing to wait for service activation once they have placed their order. Historically, this has been a major obstacle in the delivery of VPNs because carriers can take weeks or even months to activate a newVPN service with manual provisioning.
Automation advantages
Automation enables the fast and predictable provisioning cycles required by enterprise networks. Carriers can respond quickly to new service requests and accelerate revenue recognition. They also can gain an edge over competitors that rely on manual provisioning by offering guaranteed service delivery commitments (Figure 2).
Carriers can benefit from lower operational costs. They can re-assign customer care staff to alternative positions because orders can flow through back-end OSS applications to automatically activate VPN services. They can recover stranded assets, make improved use of network inventory and optimize the use of network resources and personnel. In fact, studies have found that automation reduces end-to-end service provisioning time from an average of two hours per customer to less than two minutes.
By implementing customer self-service, carriers can offer `zero-touch' VPN provisioning. They can develop secure, custom portals that allow corporate customers to select new services, expand the scope of existing VPNs and determine real-time availability of network resources.
Covering all bases
For automation to be successful, it must cover all aspects of the service delivery process, including:
Customer care. This category includes all OSS applications that manage customer information and directly relate to the delivery and support of the VPN service.
Order management. The flow of each order is automatically tracked throughout the service activation lifecycle.
Service creation. This process creates a service profile that includes all the necessary service policies. This profile can define the characteristics of a given VPN service so that the profile can be automatically applied later to any number of VPN customers.
Service activation. The application of the service profile to a customer request for service that results in the delivery of the respective VPN service.
Service assurance. The statistically measured guarantee that the service is being delivered according to service level agreement requirements committed to the customer.
Fault reports. The ability to flow fault information through the various element management systems in real time to the network operations center (NOC) for immediate resolution and recovery.
Traffic engineering. Now that real-time information is available for review, NOC staff can tune the network to engineer the optimal use of bandwidth.
Performance statistics. Automated provisioning captures historical traffic information so carriers can generate usage information to model future demand and predict future network behaviors.
Creating service
A holistic view of the new public network is required in evaluating how to create and activate a VPN service. Automation is an all-or-nothing scenario because if even one element of the network does not support an automated service delivery process, that service will fail to activate without human intervention.
Provisioning even a simple VPN service can be complicated because multiple equipment types - usually from multiple vendors - must be configured in tandem to enable end-to-end connectivity.
This complexity has become a bottleneck to VPN deployments, and until now, provisioning largely has been accomplished by manual methods. Manual provisioning is slow, error-prone and limits the carrier's ability to scale a service because the revenues generated from increased customer demand is usually offset by increased labor costs for additional customer care representatives.
Automation creates opportunities to improve operational efficiency and enhance revenue. It allows the service provider to offer new services as the most powerful means for differentiation between carriers. Perhaps the best way to visualize the benefits of automating the provisioning of VPN service is to consider a simple example. In this scenario, a customer requests a VPN service that connects corporate headquarters to two remote branch locations (Figure 3).
The headquarters connect to the carrier's core network via an optical access network, and the two remote locations connect to the MPLS, ATM or optical core network over frame relay and DSL access networks. To successfully provision this service, the carrier must seamlessly configure the following network components and segments:
- The routers at the company's headquarters and branch locations at the edge of the subscriber's corporate network
- The optical access network connecting the headquarter location to the nearest point of presence (POP)
- The frame relay access network connecting branch A to the nearest POP
- The DSL access network connecting branch B to the nearest POP
- The provider edge routers, mapping the different sites into the respective VPNs using MPLS
- The switches within the core network
An error at any step will fail to deliver the VPN service. To ensure provisioning success, the provider must understand the availability of each of these network resources before accepting the order. In this application, the carrier could accommodate any number of customer requests for additional remote VPN connections automatically.
The carrier could commit to tight service deployment time frames because order entry operators could instantly ascertain whether the network resources were in place to successfully provision incremental services.
Automated provisioning allows seamless service creation and activation across a disparate network infrastructure. It allows carriers to view the entire new public network in the context of delivering revenue-generating services. Whether the access network is optical, frame relay, DSL, fixed wireless or cable and whether the core network is MPLS, ATM or optical is irrelevant.
Provisioning of the VPN service is reduced to managing the customer information, configuring the subscriber equipment at Layer 3, associating each site with specific VPN services, authenticating each site and classifying and treating each traffic flow according to pre-defined parameters.
Automated provisioning also allows carriers to support multivendor interoperability. For example, the routers could be from three different vendors. The ATM switches in the core of the network could even be replaced with equipment from a different vendor, and the carrier could migrate existing services by uploading configuration and topology information from the existing network and downloading it to the new equipment.
`The network is the database'
Yesterday's static, one-directional approach is yielding to today's bidirectional solution where customer service information is always in sync with network information, and data flows both to and from applications and equipment. In the traditional static service catalog and connection management paradigm, network capability and capacity assessments were based on information in databases that was largely incorrect, and decisions were necessarily based on obsolete or inaccurate information.
Static service catalogs and connection management, combined with obsolete or inaccurate asset information, significantly restrict a carrier's ability to quickly deliver scalable and efficient differentiated services.
Carriers can deploy automated provisioning to deliver customized and differentiated services to subscribers and realize revenue opportunities. Automated provisioning allows carriers to implement the concept that `the network is the database.' Providers can create dynamic service applications based on real-time information on network equipment, topology, resources and customers.
Providers can capture the traditional parameters and also can incorporate dynamic elements of a VPN service such as routing and QOS policies, as well as policies for recovering from network failures. They can garner real-time information from the actual network resources to better manage capacity and maximize revenue-producing bandwidth. Real-time capability and capacity validation allows providers to nimbly evolve the network to capitalize on VPN opportunities.
For VPN information to flow downward from the OSS infrastructure to the network, it also must flow upward from the network to guarantee accuracy of the physical and logical information required for automated, predictable and efficient provisioning.
Carriers would reap operational advantages from auto-discovery features that poll network equipment in real time and upload this information to multiple OSS applications. This would create flexibility for delivering scalable VPN services. Bi-directional flow-through of information between the network and back-end OSS infrastructure would allow providers to improve every step involved in creating and activating services and running a network. Successful service providers for the new public network realize that planning an effective, data-oriented OSS infrastructure requires the adoption of a bi-directional information flow from the onset.
Telecom carriers then could reduce VPN activation time, automate the inventory process, recover stranded assets and benefit from automation of VPN provisioning. They also could allow enterprise customers to self-provision VPN services.
For example, a customer could submit a single order through the Web or through a customer service representative to self-select an end-to-end VPN service. Providers would be able to immediately - and accurately - assess resource availability, send an acknowledgement back to the customer and activate the service without delay. For the first time, providers could enable direct interaction of customer care and service provisioning systems to develop a scalable, robust and sustainable revenue-generating business model.
By automating the new public network, carriers can rapidly create diverse VPN service offerings that scale to support skyrocketing customer demand. Carriers can gain operational advantages over competitors by proactively tuning the network to ensure maximum billable revenue and the recovery of stranded assets that can be immediately placed back into productive service.
Automated provisioning allows telecom carriers to leverage investments in the new public network to create major competitive advantages in service delivery, scalability and operational efficiency. Carriers that do not automate their networks will lose business to more productive carriers that automate VPN provisioning and integrate service creation and activation with back-end OSS infrastructure.
Want to use this article? Click here for options!
© 2012 Penton Media Inc.
advertisement
Learning Library
Webcasts
Using Real-Time Offers, Alerts and Interactions To Improve the Mobile Broadband Experience
In this Webinar you will learn how to create a real-time relationship with your customers, how to proactively improve the customer experience, and how to successfully target and cross-sell services to boost incremental revenue.
- Megabytes to Megabucks, Bandwidth to Business Models: How 4G Is Changing Everything
- How to Unplug Your Redundant Telco Apps To Save Money and Improve Efficiency
- When IaaS Isn't Enough: Service Provider Business Models to Drive Growth and Build Margin
- How to Transform Your Aging Telco Voice Network to Drive New Profits and Revenue
- Creative Licensing Approaches for Telcos & Their Network Equipment Vendors
- Smart Home Opportunity: Balancing Customer Data & Privacy
White Papers
The Role of Diameter in All-IP, Service-Oriented Networks
This paper discusses the rise of Diameter and benefits of Diameter Protocol.
- Conducting The Orchestration – Order Management at the Speed of Business
- Toward a Converged Network Edge
- Beyond Spam – Email Security in the Age of Blended Threats
- 6 Important Steps to Evaluating a Web Filtering Solution
- The Expertise to Protect You from Botnet and DDoS Attacks
- Seeing is Believing – Bridging the Order Visibility Gap
Featured Content
A time and money saving approach to fiber deployment
Service providers are under tremendous pressure to turn up new services faster then before and, at the same time,
to do it at less expense - and intra-office fiber is one of the biggest challenges in terms of both cost and service
turn-up.
Stay Connected
of interest
The Latest
News
From the Blog
Briefingroom
Join the Discussion
advertisement
Resources
Get more out of Connected Planet by visiting our related resources below:
Connected Planet highlights the next generation of service providers, as well as how their customers use services in new ways.
Subscribe Now