Huawei agile park solution
Date:2019-09-30Click:1156
Huawei agile park solution
Network development trend
The prosperity of the digital world is built on the ICT network. With ubiquitous basic network, users can access a variety of digital applications through various access methods. In addition to meet the needs of internal office digital, more and more enterprises require Internet administration, finance, marketing, human business, sales and supply chain department scrapers, transfer of original data and analysis, intelligent office, business enterprise of super large data precision marketing digital scheme needs to be relying on the network to complete.
As the cornerstone of digital transformation of enterprises, enterprise park network is faced with many challenges as new technologies and new applications emerge endlessly as BYOD mobile office, cloud computing, SDN software definition network, Internet of things, artificial intelligence and big data continue to heat up, and these applications and businesses enter enterprise parks. Access terminal and business diversification, need to integrate carrying park network traditional enterprise park network, wired, wi-fi and IoT three business, independent planning and deployment, independent management, the overall network construction cost is high; Corresponding network management, operation and maintenance workload also doubled. With the rapid expansion of campus network scale, the difficulty and complexity of network deployment continue to rise. Under the traditional mode, network deployment requires manual configuration of devices by means of command line or Web management, etc. For large-scale industrial parks, manual repetitive workload is large and configuration is tedious. The launching of new business requires the addition of new dedicated business network, and the deployment of each equipment is conducted with a long cycle and high cost. The policy deployment oriented to users and business, traditional policy management through VLAN+ACL, requires manual configuration strategy, heavy maintenance workload, and low efficiency of network deployment. Being unable to perceive user experience anytime and anywhere becomes the biggest challenge of network operation and maintenance.
Under the traditional operation and maintenance mode, network management can only monitor the network KPI and cannot perceive the user experience. IT staff cannot perceive the business failure in the first place. After the occurrence of the fault, it is more dependent on the operation and maintenance experience of professionals to determine the cause of the fault. After the deterioration of network indicators, the IT staff evaluates the network status with the help of network management, and makes targeted optimization strategies and deployment, but the network cannot be independently optimized. With new and unknown threats ranging from "invasion" to "internal proliferation", border defences are stretched. It is estimated that more than one million new malware are born every day. Traditional security detection tools have low threat detection rate and high alarm rate when they are faced with "disguised" gray traffic. For malicious threats hidden in encrypted traffic, there is no effective detection method without decryption; The traditional security defense system with single passive defense can only fight against each other when the threat occurs. Traditional security defense means can only dispatch network equipment or security equipment separately, once the threat breaks through the security boundary, it is easy to overflow in the enterprise Intranet and difficult to control.
Traditional park network is facing challenges. Enterprises' digital transformation relies on ICT network to realize their business intention. However, there is a gap between commercial intent and ICT networks, and the current inability of networks to understand commercial intent requires the artificial translation of intent into a language (strategy) that the network can understand. Today, the development of new technologies such as cloud computing, artificial intelligence and big data has made it possible to build a "digital twin" to build a digital network world between business intentions and network infrastructure and to bridge the gap between the network and business intentions. The future network is autonomous and self-healing, capable of self-learning, automatic deployment, real-time state awareness, and predictive maintenance. To this end, huawei launched the intent-driven Network (intent-driven intelligent Network) solution to equip the Network with an intelligent engine to understand business intentions. Driven by user business logic and business intention and based on the concept of ultra-wide, minimalist, intelligent, open and safe, the intelligent network is constructed to focus on user experience, accelerate enterprise business innovation, maximize enterprise business value and help enterprises fully prepare for the digital future.
Huawei agile park solution is based on the concept of idns, enterprise market release of the next generation of campus network integrated solutions, it inherits the SDN concept and research results, make full use of the technology of artificial intelligence and big data analysis, and blend in huawei 20 years experience in quality and efficient network deployment, let network can fast, flexible, and safely for business services. Agile park solutions can build a super wide, integrated access (wired/wi-fi /IoT), intelligent operation and maintenance, intelligent security defense, open, etc
Advantage of the boutique park network. Provide integrated access services for wired, wi-fi and IoT terminals, provide deep access control for users and businesses, and provide full life cycle management for network operation and maintenance personnel, including planning, deployment, daily operation and maintenance, and quality perception; At the same time, the whole network can support rapid function expansion and docking with the third party system, so that the park network can better serve the business.
Solution overview
Deep wired wireless integration of virtual Internet of things: excellent performance and convenient operation and operation, huawei idn-ready switch realizes unified forwarding of wired and wireless traffic by integrating AC (Access Controller), eliminating the performance bottleneck of AC equipment or plug-in centralized forwarding. By integrating user authentication and management functions and policy linkage functions, unified authentication and access policy control are provided for wired wireless users, and administrators can obtain consistent user management experience and simplify the operation and maintenance management of wired wireless network. Full-scene WLAN: to meet customers' differentiated access requirements for common indoor, high-density venues, outdoor scenes and dense rooms, huawei provides high-density AP and distributed wi-fi solutions to achieve high-density WLAN coverage without dead space and user access experience guarantee, convenient deployment, saving investment costs. For Internet of things scenarios, huawei integrates AP with Internet of things to realize the integrated deployment of wi-fi network and IoT network, share the same site, share the return, and save the cost of network construction and deployment. Wi-fi and IoT devices can be centrally managed to simplify network operation and maintenance efforts and reduce network operation and maintenance costs. Multi-gig access: higher bandwidth, more flexible network deployment with the advent of 802.11ac standard and products, wireless terminal access rate has been up to 2.5Gbps, gigabit port access can no longer meet. Huawei provides the most abundant 2.5g switch in the industry, suitable for the use of 2.5g AP of huawei's indoor/outdoor/smart antenna, and supports 200m (PoE++) long-distance power supply function, realizing the flat deployment of the network and reducing the investment cost.
Plan highlights
Super wide park network architecture physical network automation: equipment pre-configuration, plug and play through SVF (Super Virtual Fabric) technology, huawei innovatively Virtual convergence layer, access layer switch and AP equipment as the core frame switch board card and port respectively, to simplify network management. The supporting eSight network management platform, as a configuration management tool of SVF, integrates network planning, configuration file production, device deployment, start management and operation and maintenance on the same platform to realize automatic deployment, plug and play of devices. In addition, through the intelligent error correction function of eSight network management platform, automatic error correction prompt and visual presentation can be carried out for the inconsistencies between actual deployment and planning.
Virtual network automation: build the Virtual network automatically and realize the multi-purpose deployment of UVF (Unified Virtual Fabric) through huawei Agile Controller. Build the VXLAN tunnel automatically based on the control surface of bgp-evpn to realize the fully automated Virtual network construction. The Agile Controller is used for business centralized configuration and automatic business distribution.
User strategy automation: centering on users, business and experience, user strategy is accompanied, and business experience is accompanied by planning user groups and inter-group strategies through huawei Agile Controller, defining user groups to which users belong, and policies are automatically distributed to network devices. After the user authentication is passed, the Agile Controller will automatically identify the user's identity when the user is in different locations and using different terminals to access, and issue relevant policies to the corresponding execution devices in the network, so as to achieve the effect of no difference in access and guaranteed experience. No matter where users access, they will get a unified strategy and a consistent business experience.
Agile park solution is introduced into huawei CampusInsight park network analyzer, subverts the traditional focus on resource state monitoring, real-time network data, through Telemetry technology based on machine learning algorithms and baseline characteristics analysis operations, can automatically identify network fault, and through the rich graphical interface to the analysis results are presented.
Intelligent campus network operation and maintenance
CampusInsight USES industry fact standard Telemetry technology to dynamically capture network KPI data at the second level with fault traceable. Through multi-dimensional data collection, the network portrait of each user is presented in real time, and the whole journey network experience (who, when, which AP is connected to, experience, problem) is visible.
Automatic identification of network problems
Through big data and AI technology, it can automatically identify problems of connection, gap performance, roaming and equipment, and improve the recognition rate of potential problems by 85%. Machine learning historical data is used to dynamically generate baselines, which are compared with real-time data to predict possible failures. Intelligent delimitation of network problems, analysis of root causes based on network operation and maintenance expert system and a variety of AI algorithms, intelligent identification of fault modes and impact areas, to assist administrators to delimitation of problems; Based on the big data platform, analyze the possible causes of problems and give Suggestions for repair. The structure of the agile park network is open at all levels, supporting 150+ service apis, co-building the ecosystem with 30+ industry ecological partners, and accelerating the digital transformation of the industry. In addition, huawei's equipment development process fully complies with international general standards and industry standards, and supports perfect connection with the equipment of third party manufacturers to achieve interconnection.
Agile campus network through open API interface will network identification of user identity, the network resources, service quality, the location information in the network, network topology, and other information, open to the upper business, through the standardization of open interface, the third party can tailor business innovation applications according to their own business requirements, meet in education, business, enterprise, government, and other fields of business requirements.
The development process of network equipment in the agile campus network strictly follows IEEE, IETF and other international common protocol standards and industry standards, and supports the connection with the equipment developed according to the standards by the third party manufacturers. In addition, huawei park equipment also supports docking with some manufacturers' private agreements (such as PVST, MST, HSRP, etc.) to ensure the normal availability of customers' business functions through protocol adaptation or replacement, so as to achieve perfect docking.
Open park network ecology
Suppliers interconnect huawei agile park solution innovation proposed big data security cooperation prevention scheme, based on CIS big data platform network data analysis, build "network traffic sand table". Make full use of big data processing technology and AI technology to accurately identify new security threats and encryption threats. By using network spoofing and service simulation technology, the whole network ensnared threats, positioned and isolated the threat sources actively, and realized active security defense. Through the cooperation between the security Controller and the Agile Controller, the Agile Controller issues security policies to the firewall, switch and other devices in the network, effectively controls specific users or businesses, blocks threats in real time, and eliminates horizontal diffusion. Threat detection based on AI, accuracy > 99%, using big data processing technology, accurate identification of new security threats and threats of encryption based on AI depth senior threat detection of neural network algorithm, shortening the time of threat detection was 90%, and the entire network trap, realize the active defense, take advantage of simulation technology, and business network of the threat to the source of active positioning and isolation of network security help, minutes closed-loop disposal threat level, use of firewalls, switches and other equipment, response and security threats of closed-loop disposal task, the garden analyzer with the controller, so the real-time block threats, put an end to lateral diffusion, Reduced threat response time by 90%
Huawei agile park solution embodies the core demands of customers for the future network. It is user-centered, automatic deployment of network resources, automatic location of faults, and more sophisticated and friendly network management. From the network basic mechanism to eliminate the traditional network lack of experience guarantee, inefficient deployment, single point security defense and slow response problems, from the passive adaptive network to the active adaptive network, so as to build a business-friendly network. Let video Mosaic, blurred voice, slow Internet access and telecommuting, mobile office bad experience no longer bother customers; From the network state unknowable, network management difficulties, to the active perception optimization network; Let the business add the wings of software definition, and help the customer to get the continuous leading in the industry by 4 times the speed of business evolution.
The ultimate goal of huawei agile park solution is to help customers realize the dream of free communication without distance barriers, so that the communication between people, people and things, and people and information can be free, comfortable and efficient without any interference or restriction of any factor, and the experience, operation and efficiency can be completely liberated. Huawei agile park solutions can be widely applied to the park network and similar park network of all industries, such as campus network, hospital park, government office building, enterprise park, etc., especially the scene of multi-tenant park, such as innovation incubator, etc..