• No results found

Implementing Cisco Managed Services Solution (MSS)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Implementing Cisco Managed Services Solution (MSS)"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

1

Implementing Cisco

Managed Services

Solution (MSS)

CCS-2041

Jan Husack

(2)

2

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

The Operational Support System (OSS)

Tools

P

eo

p

le

P

ro

c

e

s

s

e

s

(3)

3

Running Infrastructure Services is different

than Managed (Value Added) Services

(NOC) Operations

Assuran

c

e

Fulfillment

Assuran

c

e

Fulfillment

Traditional

Business

Interconnect

Wholesale or

Internet based

Interconnect

Configuration

Engine

Active Network

Abstraction

(ANA)

IP Solutions

Center: Security

Management

Service Fulfillment

Service Assurance

Oracle

(4)

4

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

Branch Office A

Voice

Enhanced

Security

Network

Remote Moves,

Adds & Change

Provisioning of

handsets

Remote monitoring

of VPN and Firewall

performance

Remote QoS SLA

management

Branch Office B

Branch Office C

Service Provider NOC

A Catalyst Demo for TeleManagement World, Nice 2007

(Extended MSS 1.x solution)

NGOSS Compliant Integration Layer + adapters

IP Solutions

Center (ISC)

Security Mgr

Active Network

Abstraction

(ANA)

NGOMIS Executive Ops Console

NGOMIS Customer Portal

Product

Lifecycle

Management

Policy

Control

System

Service Fulfillment

Service Assurance

Performance

Management & SLA

Reporting System

Mediation

& QOE

Analysis

Charging

&

Invoicing

Service Mediation & Billing

MTOSI

OSS/J

IPDR (Usage)

Deep Packet

Inspection

(Cisco SCE)

SMB or

Branch Office

Remote

monitoring and

automated

provisioning of

ISR

Managed IPSec VPN

Multi-Tenant

SMB Building

Service Provider NOC

OSS Mediation Layer

Configuration

Engine

Active Network

Abstraction

(ANA)

Executive Ops Console

Customer Portal

IP Solutions

Center: Security

Management

Service Fulfillment

Service Assurance

Service Management Frame

Managed Firewall

Oracle

Cisco MSS 1.x is a subset of the NGOSS Solution

for Managed IP Services (NGOMIS)

(5)

5

A use case to highlight some consideration for

MSS implementation

Operations

Supplier / Partner Relationship Management

Resource Management & Operations

Service Management & Operations

Customer Relationship Management

Configuration

Engine

Active Network

Abstraction

(ANA)

IP Solutions

Center: Security

Management

Service Fulfillment

Service Assurance

Oracle

Supply Partner

Infrastructure Management

(6)

6

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

Initial ISR(CPE) Configuration (Bootstrap

Config) used as part of MSS 1.x

Initial / Infrastructure / Bootstrap Configuration

!

hostname CPE-6-1841-IN-S2 !

username cisco password 0 cisco aaa new-model

! !

aaa session-id common ! interface FastEthernet0/0 ip address 10.10.20.1 255.255.255.0 ! interface FastEthernet0/1 ip address 100.1.1.2 255.255.255.252 ! ip route 0.0.0.0 0.0.0.0 100.1.1.1 !

snmp-server community ciscohh RW

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps isakmp policy add snmp-server enable traps isakmp policy delete snmp-server enable traps isakmp tunnel start snmp-server enable traps isakmp tunnel stop snmp-server enable traps ipsec cryptomap add snmp-server enable traps ipsec cryptomap delete snmp-server enable traps ipsec cryptomap attach snmp-server enable traps ipsec cryptomap detach snmp-server enable traps ipsec tunnel start snmp-server enable traps ipsec tunnel stop snmp-server enable traps cpu threshold snmp-server enable traps eigrp

snmp-server enable traps flash insertion removal snmp-server enable traps isdn call-information snmp-server enable traps isdn layer2

snmp-server enable traps isdn chan-not-avail snmp-server enable traps isdn ietf

snmp-server enable traps bgp

snmp-server enable traps memory bufferpeak snmp-server enable traps mpls ldp

snmp-server enable traps mpls traffic-eng

ƒ

Site engineer deploy devices and devices boot

up providing basic IP reachability to MSS setup

in Etisalat NOC.

ƒ

CNS Agent initiate connection with CNS-CE

(Configuration Engine).

ƒ

CNS-CE informs ISC about the existing device

getting live on the coming up on the network.

snmp-server enable traps mpls vpn snmp-server enable traps msdp snmp-server enable traps mvpn

snmp-server enable traps ospf state-change snmp-server enable traps ospf errors snmp-server enable traps ospf retransmit snmp-server enable traps ospf lsa

snmp-server enable traps ospf cisco-specific state-change nssa-trans-state-change

snmp-server enable traps ospf cisco-specific state-change shamlink interface-old

snmp-server enable traps ospf cisco-specific state-change shamlink neighbor

snmp-server enable traps ospf cisco-specific errors snmp-server enable traps ospf cisco-specific retransmit snmp-server enable traps ospf cisco-specific lsa snmp-server enable traps cpu threshold

snmp-server host 10.255.8.130 version 2c ciscohh logging 10.255.8.130

!

cns trusted-server all-agents 10.255.8.139 cns trusted-server all-agents 10.255.8.131

cns event 10.255.8.139 11011 source FastEthernet0/1 failover-time 10 reconnect-time 15

cns event 10.255.8.131 11011 backup

cns config notify all interval 5 old-format cns config partial 10.255.8.139 80 cns exec 80 ! end

Service

Assurance

Service

Fulfillment

(7)

7

IPSec with GRE Full-Mesh

Æ ISC generated as

part of MSS 1.x

Service Configuration

Configlet #1, Job ID 143 (Created: 2007-11-29 19:18:30) crypto isakmp policy 10

encr 3des hash md5 group 2 lifetime 86400 authentication pre-share !

crypto ipsec transform-set ISC_TS_1 ah-sha-hmac crypto isakmp invalid-spi-recovery

ip access-list extended ISC_IPSEC_ACL_1

permit 47 100.1.1.18 0.0.0.0 100.1.1.2 0.0.0.0 !

crypto map ISC_CME 1 ipsec-isakmp set peer 100.1.1.2

match address ISC_IPSEC_ACL_1 set transform-set ISC_TS_1

set security-association lifetime seconds 144 set security-association lifetime kilobytes 53000 set pfs group5

description Provisioned by ISC: Peer location = Site_1 device = CPE-6-1841-IN-S2

!

interface Tunnel0

description Provisioned by ISC: Peer location = Site_1 device = CPE-6-1841-IN-S2

tunnel source Hssi1/0 tunnel destination 100.1.1.2 ip unnumbered FastEthernet0/1 keepalive 10 3 ip mtu 14200 bandwidth 10000 exit ! ip route 10.10.20.0 255.255.255.0 Null0 249 crypto isakmp key

XIUPn87UL4yYIgQ1wh950pj1QXDjUmPALHq2QTGLZKLPUI2nTLOSpU8D Q9nJ4bKVYM1ZsqUmPAYCwYrWZU3eLJUCKvy98TnD7jZO4D52vDlTWyu5 9nJXKBDCfGYUcUP address 100.1.1.2 no-xauth

ip access-list extended ISC_IPSEC_ACL_2

permit 47 100.1.1.18 0.0.0.0 100.1.1.14 0.0.0.0 !

ip route 10.10.10.0 255.255.255.0 Null0 249 crypto isakmp key

Xm2CPULJDYIUQ1haQj1HUmbzhH027UTJuL0TrPdUnTLO3ApI8ZLQ9n74P BUZVA10RsxUxcPA6lYGCPwYUrUXWZDUXBJ2KfvU48viTKqD17Uj8ODS2r vl3yu579OJAXK address 100.1.1.14 no-xauth

interface Hssi1/0

description Provisioned by ISC (public interface) crypto map ISC_CME

exit !

interface FastEthernet0/1

description Provisioned by ISC (private interface) exit

!

router ospf 2650

network 10.10.30.0 0.0.0.255 area 2 !

crypto isakmp nat keepalive 5

ƒ

ISC activates services already configured for

the Customer

ƒ

ISC completes configuration audit for the

deployed service

ƒ

Etisalat NOC engineer perform “Functional

Audit”

Service is successfully deployed.

Service

(8)

8

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

MSS setup for small scale based on initial

Business Model deploying 2500 ISRs

Server #3

ISR ANA VNEs

ISR ANA VNEs

Zero-Touch

Provisioning

CNS Config

Engine

Zero-Touch

Provisioning

CNS Config

Engine

IPSec

Provisioning

ISC

IPSec

Provisioning

ISC

3

rd

party Order Mgmt, Workflow)

3

rd

party Order Mgmt, Workflow)

ISR

Platform

Customer Portals with RBAC

Customer Portals with RBAC

Discovery

ANA GW/Unit

Discovery

ANA GW/Unit

Fault

Fault

Server #1

Server #2

Data Store

Oracle

Data Store

Oracle

Operator

Console

Operator

Console

VNEs

VNEs

VNEs

VNEs

v490, (4 CPUx1.35GHz),

16GB RAM 150GB HD, Solaris 8

v490, (4 CPUx1.5GHz),

16GB RAM 150GB HD, Solaris 10

BQL API

Implementation of Cisco MSS1.1 at

Etisalat In two locations:

Abu Dhabi, Electra Street

Dubai, Zabeel Road

(9)

9

ƒ

Technology use can be

often demonstrated in show

cases like the NGOMIS

Catalyst demo

ƒ

Managed Services are a

perfect example of the

combination of people,

processes and tools

required to perform

efficiently

ƒ

Any type of Managed

Services (or SLA) impact

the business or

operational model in place

Orchestration of People, Processes and Tools

is the Key for Managed Services

(10)

10

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
(11)

11

Complete Your Online

Session Evaluation

ƒ

Presenter: Jan Husak, CA Solutions

Architect … (

[email protected]

)

ƒ

Session: CCS-2041

ƒ

Win fabulous prizes; Give us your

feedback

ƒ

Receive ten Passport Points for each

session evaluation you complete

ƒ

Go to the Internet stations located

throughout the Convention Center to

complete your session evaluation

ƒ

Drawings will be held in the

World of Solutions

Tuesday, June 20 at 12:15 p.m.

Wednesday, June 21 at 12:15 p.m.

Thursday, June 22 at 12:15 p.m. and

2:00 p.m.

(12)

12

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

References

Download now ( PDF - 12 Page - 455.62 KB )

Related documents

Configuring Simple Network Management Protocol (SNMP)

• Configuring an SNMP Community • Configuring an SNMP Contact • Configuring an SNMP Location • Configuring an SNMP Name • Configuring SNMP Generic Traps • Configuring an

System Message Logging

If you have enabled syslog message traps to be sent to an SNMP network management station by using the snmp-server enable trap command, you can change the level of messages sent

Autotuning based on frequency scaling toward energy efficiency of blockchain algorithms on graphics processing units

7 Hill Climbing: frequency optimization procedure of ZEC with starting points of minimal (above), medial (middle) and maximal (below) frequencies on the Titan X (left column)

Building Trans Human Immortals

superseded by the world brain world brain. Wells that was as mu#h ballyhooed as pre#ursor o the Internet *. Wells that was as mu#h ballyhooed as pre#ursor o the Internet as C.

HELICAL GEARBOXES Product Catalogue D/R-Series

Note : Above pictured shaft arrangement implies to the all stage (single, double, triple, quadruple) of the

Use of the VALIDATOR Dosimetry System for Quality Assurance and Quality Control of Blood Irradiators

1 | Technical Note 9: Use of the VALIDATOR Dosimetry System for Quality Assurance and Quality Control of Blood Irradiators | #102288.01.. Use of the VALIDATOR Dosimetry System

Visual Flight Rule Procedures. Instrument Flight Rule Procedures CUSTOMARY ATC AND FLIGHT PROCEDURES

Places of worship Pre-kindergarten Kindergarten Private schools Child care facilities located at places of worship and schools Open kennels Convalescent or rest homes.

Lab Use Network Inspector to Observe STP Behavior

The SNMP server host IP address must be defined with the snmp-server host command for a device to send SNMP traps to the Network Monitor. Enable SNMP by typing in the