To support the expected communication needs of the Internet of Things, IoT, with more than three billion connections by the end of 2020 as predicted by Strategy Analytics, several low power wide area, LPWA, radio technologies are been developed and pushed to the market by the communications industry. The use cases or applications that the IoT will make possible are being widely discussed: wearables, asset tracking, metering, etc. But, is there any advantage or added value for the traditional networking or enterprise communications market?
In my last blog, I wrote about the origins of SD-WAN and its benefits. However, these advantages are certainly not without their challengers and threats, which all interested companies should consider when analyzing the various options offered by the market.
I have written an article on SD-WAN for Seguritecnia, an online and print magazine that is very present in the private security sector in Spain. In said article, I explained the concept of SD-WAN and the security implications associated to this technology (as befits a magazine that focuses on safety).
Given the enormous interest in SD-WAN, I decided to give our blog readers the opportunity of perusing the contents of said article.
Firstly, the move of IT infrastructure to the cloud means our current understanding of level 3 network traffic (IP) is insufficient to characterize applications transmitting over said network: Application servers had fixed, known IP addresses in traditional data centers, whereas IP addressing in cloud is no longer controlled by the organization using these services.
Secondly, far more applications (both corporate and personal) are in circulation today than a few years ago. Said applications have not, in general, been designed with bandwidth optimization in mind and all have different needs and behaviors. This means some applications can (and do) adversely affect others if the network is incapable of applying different policies to prevent this.
The vast majority of applications use http and https for communication mainly to evade, or minimize, possible negative effects arising from security policies or IP addressing (NAT) over the network. This means the transport layer (TCP or UDP port) is unable to adequately identify network applications as they tend to use the same ports (http 80 and https 443).
To further aggravate the problem, companies must provide connectivity to an enormous array of ‘authorized’ local devices. Remote local networks today, unlike the traditional single terminal of yesterday, are more varied and far less controlled: Wireless offices, guest access, home access, BYOD, IoT etc. Consequently, the difficulties in analyzing traffic, caching systems and CND also escalate
Finally this greater diversity increases security risks: viruses, malware, bots, etc. These, in turn, tend to generate “uncontrolled” network traffic that needs to be detected and characterized. At this point, the close link between visibility and security at the network level raises its head (with all its repercussions and analysis), a subject that we’ll tackle another day.
The above points make it very clear that analyzing network traffic has become more and more intricate over the last few years, boosting the need for new tools with greater capacity. Otherwise, we simply won’t know what is going through our network, placing it not only at risk but unnecessarily increasing its upkeep. Given the tremendous amount of information handled, using tools that are able to intelligently filter the information received and provide high level of granularity in analysis and reports is absolutely essential. It’s here where big data analysis technologies bring huge advantages when compared to traditional tools.
Well aware of this recent difficulty, users need application visibility and control solutions to meet these new needs.
- Said solutions must be able to scale down to small and medium corporate offices, and offer a sound compromise between CPU requirements (cost), needed for DPI (Deep Packet Inspection), and number of detected applications (customer service and quality of application detection).
- Integrating intelligent detection in remote routers and the use of a centralized management tool, versus current market solutions based on proprietor remote point polling and hardware appliances (also proprietor), allows for excellent detection granularity and affordable exploitation, scalable to any size of network.
- Instead of opting for proprietor solutions, it’s crucial to use suppliers who adopt standard protocols to communicate visibility information (Netflow / IPFIX for example). This allows customers to use their own information collection methods if they so wish.
As part of its access routers and management tool, Colibri Netmanager, Teldat offers visibility and control solutions for network applications capable of meeting the aforementioned market needs.
Traditional ISDN and POTS communication networks are now obsolete. Deployments using old technology, the devices making up these networks, etc., have reached, in many cases, the end of their lives. Another influencing factor is that experts and technicians in this field are approaching, or have even reached, retirement.
However, there are still millions of lines in service and millions of clients who use them on a daily basis, both at home and in companies, not only for voice communications but also for data. Communication carriers, the owners of said networks, are faced with the unavoidable fact that they must replace them with new technology. The dismantling of the old network goes hand in hand with deploying the new ultra-broadband.
Migration from traditional telephony to IP
The migration of traditional telephony to convergent services based on IP, plays a key role in dismantling the net. While data has been transmitted over IP for quite some time now, the vast majority of telephony services still continue to use the old ISDN and POTS networks.
One of the most important goals for carriers is to keep their customers during said migration. The latter, when faced with radical or abrupt changes, may well decide to change providers. Given this, the change for the end-user must be as transparent and staggered as possible while still meeting customer demands.
This boils down to three main factors:
- Customers should continue to use their existing voice infrastructure (PBX and phone handsets) for as long as they wish.
- The new networks retain all the advanced features currently used by said customers
- Quality of service remains optimum.
The carrier must be able to efficiently mass deploy the new convergent services. Integrated with the modern management and installation systems, all featured in ultra-bandwidth networks, the converging infrastructure, usually based on TR-69, must have zero-touch configuration ability.
Moreover, carriers require on-site product lines for customers, which integrate the advanced features of ultra-broadband networks, accessed through corporate devices, together with advanced telephony features: IP switchboards and media gateways for example. A perfectly integrated ecosystem of features and accessories (IP and DECT telephones, or wireless access points), for both voice and data, together with access routers, provide both customer and carrier with a simple, flexible, professional approach to new fully convergent IP.
The Teldat Grouphas been selected by a major ISDN network carrier, as the principal supplier to enable customer migration from ISDN to IP. Teldat’s expertise in telephony systems together with their successful range of access routers for carrier managed services, made them the ideal choice.