CARRIER-GRADE AS A FOUNDATION FOR CAMPUS ACCESS NETWORKS

Introduction to Ethernet increase overall network reliability, targeting Existing campus access networks are constrained by dissimilar five- or six-9s availability using classic telecommunications and often stressed data networks—typically using numerous equipment supplier specifications to produce network legacy technologies such as ATM and Frame Relay. These elements with ultra-high reliability. In addition to increased disparate networks are becoming increasingly difficult to reliability, the scalability of carrier-grade Ethernet is several manage, leading to higher operational and maintenance costs. orders of magnitude higher than traditional Local Area Additionally, these legacy networks do not cater to the kinds Network (LAN) designs. of emerging real-time applications that are crucial for an Carrier-grade Ethernet technology has become widely effective Information and Communications Technology (ICT) adopted in the carrier and enterprise environments because environment, including VoIP, video, and cloud-based data of its ability to offer differentiated service at a highly attractive processing. These applications are all IP/Ethernet based, cost. Standards-based carrier Ethernet is defined by the Metro requiring a next-generation, highly resilient, scalable, and Ethernet Forum (MEF) and the Optical Interworking Forum packetized campus access network. (OIF) as a connection-oriented Layer 2 service. Carrier-grade To this end, many government agencies have embarked upon Ethernet enables the ability to offer bandwidth-assured, Layer modernization efforts that intend to transform ageing and 2 Virtual Private Networks (VPNs) with up to eight layers of legacy communications infrastructure into a consolidated, Quality of Service (QoS), allowing differentiated service next-generation network. This usually includes refreshing the offerings for voice, video, and data IP networks. desktop environment to provide a more efficient and cost- It is important to note that the carrier-grade Ethernet standards effective method to transport packet-based applications and frameworks mentioned above are built on the well-known, to a high density of end-users. existing networking principles defined by IEEE 802.3. When There are several approaches available that attempt to provide applied to Carrier-grade Ethernet, the benefit of this a cost-effective access network. These include a pure Layer 2 adherence to established principles is that the technologies Ethernet-based solution, otherwise known as “carrier-grade still use standards-based Ethernet components to realize the Ethernet;” Passive Optical Networking (PON), which uses a lowest-cost solution per bit, delivered by leveraging the shared medium to distribute traffic; and a Layer 3 IP/ millions of ports of Ethernet deployed around the world. MultiProtocol Label Switching (MPLS)-based solution. For an optical LAN or campus environment, carrier-grade This paper will examine how a Layer 2 switching capability Ethernet provides the following benefits, described in based on carrier-grade Ethernet offers the most scalable, detail below: reliable, and secure networking solution for a campus-based > Increased network flexibility access network, and provides the lowest Total Cost of > Flexible deployment options Ownership (TCO). > High levels of resiliency Carrier-grade Ethernet as a Network Layer > Network and user scalability Carrier-grade Ethernet leverages well-known Layer 2 > Service security networking principles to provide standards-based transport > Carrier-grade Operations, Administration, for packet-based applications. Carrier-grade extensions and Maintenance (OAM)

A Application Note Model NNI/UNI Ports UNI Ports Total Gbps Form Factor Target Markets Temp Range 3000 Family (Service Delivery Switches) (8) 10/100M RJ45 3180 (2) 100M/1G SFP (8) T1/E1 2 1RU Multiservice Delivery -40°C to +65°C (8) 10/100M RJ45 3181 (2) 100M/1G SFP (16) T1/E1 2 1RU Multiservice Delivery -40°C to +65°C (40) 100M/1G SFP (16/32) STM-1/OC-3 3190 (2+2) 10G SFP+ (4/8/32) STM-4/OC-12 84 3RU Multiservice Aggregation 0° to +50°C 3902 (1) 100M/1G SFP (1) 10/100/1G RJ45 2 Desk/Wall SMB Intelligent NID (2 port) 0° to +50°C 3911 (2) 100M/1G SFP (8) 10/100/1G RJ45 10 Outdoor Weather-proof Ethernet Demarcation -40°C to +65°C (2) 100M/1G SFP 3916 (2) 100M/1G SFP (2) 100M/1G SFP/RJ45 6 1RU, ETSI Ethernet Demarcation 0° to +50°C 3920 (2) 1G/10G SFP+ (8) 10/100/1G RJ45 12 1RU, ETSI Ethernet Demarcation 0° to +50°C (4) 100M/1G SFP Extended-temp Ethernet 3930 (2) 1G/10G SFP+ (4) 100M/1G SFP/RJ45 28 1RU, ETSI Service Delivery -40°C to +65°C (4) 100M/1G SFP Weather-proof Ethernet 3931 (2) 1G/10G SFP+ (4) 10/100M/1G RJ45 28 Outdoor Service Delivery -40°C to +70°C (4) 100/1G SFP/RJ45 Ext-temp Ethernet/TDM 3932 (2) 1G/10G SFP+ (4) 100/1G SFP (16) T1/E1 29 1RU, ETSI Service Delivery -40°C to +65°C 3940 (4) 100M/1G SFP/RJ45 (20) 100M/1G SFP/RJ45 24 1RU 1st Tier Ethernet Aggregation 0° to +50°C (2) 10G XFP 10G Premium Ethernet 3960 (2) 10G XFP (8) 100M/1G SFP/RJ45 48 1RU Service Delivery 0° to +50°C 5000 Family (Service Aggregation Switches) 5140 (4) 100M/1G SFP/RJ45 (20) 100M/1G SFP/RJ45 24 2RU, ETSI Ext-temp 1st Tier Aggregation -40°C to +65°C Ext-temp 1st Tier dense 5142 (4) 1G/10G SFP+ (20) 100/1G SFP/RJ45 60 1RU, ETSI 1GbE Aggregation -40°C to +65°C (2) Dual 10G XFP 5150 Option Slots (48) 100M/1G SFP 88 2RU, ETSI Ext-temp Ethernet Aggregation -40°C to +65°C 5160 (24) 1G/10G SFP+ (UNI or NNI) 240 1RU, ETSI Ext-temp dense 10GbE Aggr -40°C to +65°C (5) Slots->(2) 10G XFP 5305 or (24) 100M/1G SFP N/A 50 6RU Ethernet Aggr/MPLS Edge 0° to +40°C (10) Slots->(10) 10G XFP 5410 or (32) 1G SFP N/A 1000 22RU High-capacity Aggr/MPLS Edge 0° to +40°C

Figure 1. Ciena’s Packet Networking Portfolio

These attributes are critical for an effective campus network, flooding and learning, Ethernet can automatically discover especially in an environment that requires a highly available, paths through the network to enable communication. With this scalable, and secure network. Carrier-grade Ethernet is the high level of built-in intelligence and adaptability, Ethernet can best option for a campus-based access network, compared be deployed in any physical topology. Topologies include to alternative technologies such as PON. mesh, partial mesh, ring, and hub-and-spoke, or any mix of these architectures. Because Ethernet networks can adapt to Network Flexibility growth and change, these topologies can expand easily or Ethernet is inherently a multi-point technology routinely change over time. characterized as “plug and play” when adding devices to the All of these topologies have advantages depending on their network. With well-established mechanisms such as MAC application. With the flexibility Ethernet provides, there is no

2 restriction on how fiber can be rolled out to accommodate Ethernet Configurations and Equipment Flexibility the network. This increased flexibility reduces overall Ethernet has widespread global deployment and can be installation cost. thought of as the de facto data link standard for carrying Additionally, Ethernet standards provide for the use of bi- TCP/IP-based traffic. Deployments are ubiquitous in the user directional optics, where both transmit and receive are appliance connection to the edge, campus networks, and the performed on a single fiber, from 100 Mb/s to (WAN). As such, equipment manufacturers (GbE). This efficiency greatly maximizes the use of fiber—often have created a large range of devices with varying options for cutting fiber costs in half. port type, speed, density, and multiple form factors. Ciena offers a wide breadth of carrier-grade Ethernet devices in its Along with flexibility in physical topology, Ethernet provides Packet Networking Portfolio, as shown in Figure 1. flexibility in “logical” topology. This refers to how services (Layer 2) are routed in the network. Traditionally, Ethernet Ciena’s Ethernet product portfolio is particularly robust in the networks were completely auto-learning, as mentioned above. campus environment, which was the initial design target, so This is still a valid premise in a campus environment, but these options effectively meet the requirements of medium enhancements have been made to Ethernet that allow for to large enterprises. Included are options for high-density, connection-oriented switching, with paths defined by low-footprint switches, high port count (48 Ethernet ports or identifying specific connections during route provisioning. more) for high-density fan-out, and small, single-port desktop This arrangement allows deterministic path identification, devices. A variety of physical interfaces are available, including letting network operators choose the network path services multi-speed copper RJ45 or fiber-based options, which can be take to better manage latency or maximize fiber and changed with the simple addition of an SFP module. bandwidth utilization. This becomes more relevant as network topologies change and grow. Connection-oriented switching Resiliency gives the network operator the ability to offer network security Networks carrying mission-critical information require high on par with circuit-based applications, yet with the flexibility tolerance to network disruptions such as fiber cuts or and robustness of packet switching. Combined with carrier- equipment outage. Network resiliency is essential to the ability grade Ethernet’s OAM tools, a network operator can define to support critical command and control applications, data and monitor network performance while providing assured center connectivity, and even desktop applications. information technology infrastructures for critical missions. Due to Ethernet’s ability to be deployed in various topologies, Finally, because Ethernet is a well-defined standard, new it is possible to set up multiple physical paths to specific vendor equipment can be interconnected to existing networks network elements. This flexibility allows network operators to with minimal testing. This ease of transition makes Ethernet provide resilient paths in the network. Traditionally, Ethernet a risk-free option with minimal lag time. LAN technology used spanning tree to manage failures in a network, often taking up to a minute to reconverge after a

Primary Tunnel Continuity Check Messages Primary Tunnel

Primary Failover Path Path PBB-TE

Backup Backup Tunnel Continuity Tunnel Check Messages

Ethernet Rings protected using PBB-TE /MPLS-TP domain supporting G.8032 ERP with 50 ms restoration sub-50 ms protection

Figure 2. Resiliency mechanisms

3 Traffic Traffic 20/0 Rate Limit 10/10020/0 50/100 Rate Limit 20/10010/100 50/100 20 Mbp/s 20/100 80/200 20 Mbp/s DENY 80/200 Burst Bandwidth Burst Bandwidth 10/40DENY 30/100 10 Mbp/s 20/5510/40 30/100 10 Mbp/s 20/55 Guaranteed Bandwidth Flow Interface Sub-Port Logical Port Guaranteed Bandwidth (e.g. ComboFlow of TCP/UDP Interface (e.g. DeptSub-Port (e.g. allLogical the client Port port, IP DSCP, MAC, etc.) VLAN range) ports of a Business) (e.g. Combo of TCP/UDP (e.g. Dept (e.g. all the client Time port, IP DSCP, MAC, etc.) VLAN range) ports of a Business) Time

Figure 3. QoS granularity failure. This lag is not acceptable in today’s highly demanding 50 Mb/s. Every service configured to Silver is automatically networks. Operators are looking for failover rates closer to the changed, dramatically reducing the number of configuration/ TDM gold standard of 50 ms to ensure applications such as provisioning steps required by the operator. VoIP are not impacted. The MEF utilizes standards such as IEEE Flexible bandwidth scaling and granular bandwidth control 802.1Qay Provider Backbone Bridging – Traffic Engineering are important in a campus environment where there is a high (PBB-TE), MPLS-TP, and ITU-T G.8032 Ethernet Ring Protection density of users with a dynamic mix of traffic requirements, and (ERP) to ensure reconvergence times below 50 ms in the event increasingly higher traffic usage as more bandwidth-intensive of failure. These failover times are applicable to any network applications are introduced. Specific links or portions of the topology—mesh, ring, or linear—yet this configuration does network can be upgraded seamlessly as required, without not preclude using unprotected hub-and-spoke architectures impacting the entire network. No rip-and-replace of an where redundancy is not required. entire network is required, as all data rates can co-exist on separate links. Bandwidth Scalability and Granular Bandwidth Control

Today’s Ethernet networks provide interfaces from 10 Mb/s Service Security to 100GbE interfaces. Because Ethernet hardware enjoys such To support critical enterprise applications, assured networking large-volume deployments, even 10GbE connections are solutions are critical to provide required levels of service. becoming reasonably priced. The change from lower to higher Assured networking refers to all aspects of the network speeds is basically seamless; in many cases, the equipment’s lifecycle, including network architectures, product features, basic configurations support multiple connectivity options. network services, and the supply chain. This means that GbE and 10GbE ports exist on the same hardware, the latter of which does not need to be used until Beyond network firewalls, gateways, and other mechanisms it is required. Additionally, it is now possible to upgrade from aimed at defending the borders of a network, security also GbE to 10GbE with the simple addition of a software license. can be enhanced by incorporating protection into the network This option is becoming a more popular trend among Carrier- architecture itself. The core structures of the Ethernet grade Ethernet switches. extensions built into the frameworks by the MEF let the Ethernet standard scale to carrier networks, allowing robust Ciena’s solution provides unprecedented levels of service security architectures to be built in the campus environment. classification. Ciena’s service aggregation switches provide Layer 2 VPNs can be used to segregate traffic, limit the up to 64 class-of-service levels, allowing greater flexibility potential for contention and congestion to affect critical traffic, than the typical eight found within competitive offerings. and ensure traffic prioritisation decisions remain private. In addition, operators can configure certified MEF-compliant Committed Information Rate (CIR), Excess Information Rate Secure services are classified in the Ethernet standards defined (EIR), and burst parameters. by the MEF by appending VPN tags, which differentiate the VPN service type and priority, to an expanded Ethernet frame. An example of a Ciena innovation is the use of service This service can be scaled by consecutively adding layers of templates defining QoS parameters. For instance, a provider’s VPN tags to create network VPNs that are logically isolated “Silver” service can be easily changed from 40 Mb/s to from edge VPNs.

4 The ability to stack VPN tags was crafted by IEEE 802.1ah to These core elements of the Ethernet standard, when used in enable both the customer and the network operator to set up conjunction with Layer 2 encryption, provide powerful tools VPNs independently, with no possibility of mixing between the to enable network operators to build assured network security domains. This technique, also known as MAC-in-MAC, can architectures into their networks. Internal network addressing, be added as a security element in the Ethernet network. By traffic prioritization and QoS targets, and data are best kept establishing a customer VPN inside a particular security zone private for mission-critical applications. Judicious application or sub-network and then using PBB in the network, details of of encryption and VPN tag-stacking provide these key assured the internal topology of the sub-network can be isolated from networking benefits. Ciena’s Ethernet products have other elements of the network. undergone extensive interoperability testing with the SafeNet Layer 2 encryptor and will support all of these security features. Ciena also has implemented a patented technology, virtual switching, into its carrier-grade Ethernet portfolio. Virtual In addition to PBB-TE, there is a variety of encapsulation switching logically partitions a physical Ethernet switch into mechanisms such as MPLS-TP available to create these VPN separate switching domains; each virtual switch forwards traffic tags; in each case, user traffic is separated and there is a clear independently of the others, providing a unique mechanism segregation between end-user traffic and core network traffic. for isolating user traffic that is superior to other available The selection of encapsulation mechanism depends on a techniques. number of factors, including the need to interact with Layer 3 infrastructure, the extent of the security requirements, and the need for robust segregation in the network.

With carrier-grade Ethernet, Ciena can build a network architecture that offers the benefits of a segregated network on a common infrastructure, thus maintaining security principles at the lowest possible cost.

Operations and Maintenance A key element of MEF standards development was to build a framework that allows Ethernet networks to operate in manner similar to legacy TDM transport networks, including high-level or OAM capabilities. This factor includes “the ability to monitor, diagnose, and centrally manage the network, using standards-based, vendor-independent implementations.” Ciena has been a pioneer in introducing and pushing relevant Figure 4. Ciena’s virtual switching OAM protocols in standards bodies.

RFC 2544 Generator/Reflector Turn-up Acceptance and SLA Conformance Testing ITU-T Y.1564 Generator/Reflector

IETF RFC 5357 TWAMP Layer 3 SLA Monitoring & Metrics: Delay, Jitter Two-Way Active Measurement Protocol

Layer 2 SLA Monitoring & Metrics: Delay, Jitter, Frame Loss ITU-T Y.1731 Ethernet OAM

IEEE 802.1ag CFM Service Heartbeats, End-to-End & Hop-by-Hop fault detection Connectivity Fault Management

IEEE 802.3ah EFM Enhanced troubleshooting, rapid network discovery Physical Link

Figure 5. OAM toolkit implemented in carrier-grade Ethernet solutions

5 5

Service templates enable NOC creates point-and-click provisioning work order

Figure 6. Zero-touch provisioning process

With the addition of comprehensive OAM capabilities, The templates are extensible and incredibly powerful, allowing Ethernet offers a complete feature set that allows network many customizable parameters to be pushed down when the operators to troubleshoot networks effectively to ensure device is turned on. Service Level Agreements (SLAs) are met. IEEE, IETF, ITU-T, Ciena has deployed automated solutions at many carriers and MEF now describe mechanisms that allow an operator to and campus networks for Ethernet-based services and poll the status of a given end-to-end service, link, or beyond demonstrated that the time to turn up a service was reduced to provide detailed metrics around each. These mechanisms by up to 75 percent. are essentially proactive monitoring tools. The OAM tools also provide the ability to reactively troubleshoot the network. Carrier-grade Ethernet vs. PON/GPON Upon discovering a network fault or service degradation, the operator can rapidly isolate and correct the issues, thus Although this white paper focuses on the benefits of carrier- providing higher availability for business-critical services. grade Ethernet as a technology, alternatives are available within the access space for campus networks. PON and Gigabit OAM encompasses the ability to rapidly turn up services PON (GPON) have gained good traction within the residential and devices. Ciena’s solution provides a truly automated access market for many years due to their commercial benefits provisioning paradigm. All carrier-grade Ethernet devices in that market segment. shipped from the factory have the intelligence by default to request specific software and configuration templates PON is a shared medium in which a fiber is “passively” split from the Network Operations Center (NOC). into many end-user connections. The term “passive” refers only to the optical splitter, which does not require external In addition to the operational benefits, the OAM tools are electrical power. Each end-user has an active Optical Network another pillar of the assured networking strategy. The ability to Unit (ONU), and the fiber terminates at a central office in an generate real-time situational awarness, rapidly respond and Optical Line Terminal (OLT), which also requires electrical reconstruct after network disruptions, and monitor expected power. Studies by the U.S. Army have shown that an performance is vital to supporting critical government enterprise’s total power requirements for PON solutions and applications. The ability to detect and quickly respond to carrier-grade Ethernet are similar. Between the OLT and the a threat to the network is a key part of the network security ONU, there may be one or two stages of passive splitters that strategy, especially with respect to actions by an insider. By split the connection to multiple endpoints. PON is a shared maintaining a current network baseline and using the OAM medium and typically uses a two-stage splitter, where each tools to monitor the network for anomalies, network threats OLT is connected to a 1:4 splitter, followed by four 1:8 splitters, can be detected and quickly addressed. to accommodate 32 users. In addition, since it is a shared

6 PON Active Ethernet IP/MPLS

Outside required to Outside plant costs significant Outside plant costs significant Plant end user; local power still but fiber or copper may be used but fiber or copper may be used Cost needed at user site as available as available. L3 Devices required for full routing

User Density Designed for residential Ability to operate in hybrid IP/MPLS solutions are typically Flexibility suburban/urban access fiber-copper environment plus better utilised within the Core / based on MTU or STU product design options offer Aggregation. This can be models better solution for small to large cost-prohibitive if deploying to enterprise/agency user density the end-user domain

Security & Shares optical media Does not share common access Does not share common access Integrity among multiple users, media among users, includes media among users, includes lacks inherent deny/allow means to separate virtual LANs means to separate virtual LANs mechanism; requires and users based on deny/allow and users based on deny/allow encryption criteria criteria

Access Media Designed for fiber to the Designed to accommodate Designed to accommodate Flexibility home- based on fiber single or multimode fiber or single or multimode fiber or pedestal in a neighbor- copper to the end user. Fiber copper to the end user. Fiber hood cluster generally used for backbone generally used for backbone connections. Greater flexibility connections. Greater flexibility

Scalability Pedestal (OLT) - NIU Virtually unlimited VLAN scale Good scalability when utilising design allows for high possibilities through VPN VLAN scaling (QinQ) for IP aggregation density but tagging. Product also designed services. MPLS can get based on fixed density based on aggregation/delivery extremely complex if deployed assumptions model easily matched to user to the end-user and scale network size becomes an issue

Total Cost High deployment Ubiquitous deployment has L3 IP and MPLS equipment is volume results in lower resulted in large economies of typically much higher than it’s equipment cost scale for Ethernet components. CE/PON counterparts

Bandwidth/ GPON promises gig Existing CE supports 10GigE IP/MPLS routers and switches Capacity capacity based on lower to end user, Higher speeds also can offer speeds over 10G, speed implementations. supported in standards. Less risk however, there are very Rip and replace for 10Gig in current investment high-cost points associated deployments with 40G & 100G

Figure 7. Technology approaches of PON, carrier-grade Ethernet, and IP/MPLS medium, GPON makes each user dependent on the other network environment. This fluctuation creates an inherent users, so the optical budget of the PON has to be divided security vulnerability; a user can intentionally or unintentionally among the users of the network. Therefore, the service affect the service delivery to other users by changing the losses provider must have early, accurate, and granular planning on their connection and potentially flooding the bandwidth. data about the user requirements for each campus area and Carrier-grade Ethernet networks typically use an aggregation the distance of each of its users from the campus. The splitter switch located in the campus network control center, closer to architecture limits the reach of the fiber from each of the the end-user. PON uses a passive splitter at this aggregation splitters, so even a small serving area has to be planned to point. The use of a passive splitter is listed as a capital cost accommodate expected user requirements, and any variation advantage for PON, since it does not require electrical power results in decreased efficiency. Under-predicting user and has a small form factor. This difference can provide a requirements results in users who cannot be serviced without substantial advantage in the residential access environment; more investment; over-predicting results in investment that however, these advantages largely disappear in the campus goes unused. and enterprise environments. PON systems automatically balance signal power to account The table in Figure 7 provides an overview of the different for disparate transmission distances between user drops in a technology approaches.

7 What Ciena Delivers Range Desktop Campus Aggregation Campus Core Region Ciena’s solutions focus on four areas: Assured Networking, Ethernet for 1GigE Layer 2 Desktop Passive Carrier Ethernet Branch and Base Connectivity, Grid WDM 1GigE Layer 2 MOTR and Cloud Computing, and Data Core Ring Small EUB L2/G.8032/OTN/SDH Center Networking. Many elements combine to form these solutions— including technologies such as Medium EUB Optical Transport Network (OTN), 1GigE G.8032 Carrier Ethernet, software reconfigurable platforms, and data Large EUB 1GigE encryption—augmented by services such as network design, analysis, 10GigE deployment, and operation. Outdoor Service Delivery The solutions utilize elements of a broad networking portfolio that Figure 8. Architecture overview for desktop and campus services using carrier-grade Ethernet includes powerful optical transport and Layer 2 carrier-grade Ethernet Carrier-grade Ethernet as an Enabler of switching functionality. These Assured Campus Environment Communications hardware elements are managed by a unified, automated control plane that simplifies operation. Additionally, Ciena Carrier-grade Ethernet is a technology that could be deployed offers comprehensive network services to aid in the design, within the campus and desktop environments to provide an deployment, and operation of any network. alternative to shared-bandwidth solutions. As discussed earlier, carrier-grade Ethernet will enable and facilitate a full- Optical networking bandwidth service that gives enhanced security, greater deployment flexibility, and better resiliency. Ciena’s assured optical networking solutions comprise switching, transport hardware products, software components, Interconnecting a campus-wide Layer 3 network would utilize and services. Our 5400 Reconfigurable Switching Systems are an architecture that connects Provider Edge (PE) routers at the industry’s first multi-terabit-class optical switching systems each sub-network boundary with a set of Layer 2 VPN tunnels that utilize intelligent mesh networking to automate the that provide an A-to-Z connection with another PE at provisioning and dynamic bandwidth control of high-capacity the destination sub-network. Each of these tunnels will assign services. These core and metro core products support any a deterministic amount of bandwidth to the IP flows from mix of Carrier Ethernet/MPLS, OTN, Wavelength Division that router. Network operators can assign flows based on Multiplexing (WDM), and SONET/SDH switching to facilitate classification, data type, priority, or any other logical separation the transition to a service-enabling infrastructure. that meets the application needs. In this way, VoIP traffic can be segregated from video and other data traffic via assured Ciena’s optical transport products address any transport bandwidth tunnels. This segregation can be accomplished network requirement or application and offer a variety of on a customer-by-customer basis or in any logical grouping, service and interface options. With the company’s WaveLogic according to the security sensitivities of the end-users. coherent optical processor technology, Ciena platforms This is a particularly useful architecture for maintaining automatically accommodate a wide range of existing fiber assured network security when interconnecting geographically plants, making 40G and 100G as easy to deploy as 10G. In dispersed campuses and sub-networks that are interconnected addition, the platforms leverage common management and over a common carrier service. control plane interoperability to make each network scalable.

Equally importantly, if the required application is a dedicated Carrier Ethernet access Layer 2 connection (similar to a leased line), a carrier-grade Ciena provides carrier-grade access solutions based on Ethernet solution is ideal for campus networks, providing Ethernet service aggregation and delivery. Ciena’s Packet the lowest latency, highest bandwidth, and most cost- Networking portfolio combines intelligent devices and effective solution. software to create low-touch, high-velocity carrier-grade

8 Ethernet access and metro networks—resulting in a common, Security is critical in government networks. The emergence of consistent means to deliver the full range of Ethernet services carrier-grade Ethernet standards has given network operators that significantly accelerate and automate service creation and the ability to introduce segmentation and provide enhanced activation. Assured networks built on Carrier Ethernet access security. When combined with Layer 2 encryption, these allow operators to build highly reliable networks that scale capabilities offer improved performance at a lower cost. easily and offer service diversity with a high degree of inherent Carrier-grade Ethernet solutions offer the ability to isolate security and economy. user sets based on their authorization levels, offering implicit protection to adjacent VPNs. The use of Layer 2 switching The Packet Networking portfolio includes aggregation and offers significant reliability improvements in the event of a service delivery switches that are sized to match the needs major security break or catastrophic event. Robust OAM tools of a specific application. Service delivery switches are available allow efficient network operations and rapid response and with a range of 10/100 Ethernet, GbE, and 10GbE physical remediation for network disruptions. By utilizing modern port counts to fit small, medium, and large customer sites, architecture concepts and equipment, the appropriate amount with placement in customer premises, on the sides of of security may be embedded in each layer, allowing operators buildings, or on utility poles. Service aggregation switches to construct an assured network that yields trusted, reliable, provide 10/100 Ethernet/GbE/10GbE aggregation to better and secure services to all user classes. fill the transport facilities within both the metro access and aggregation tiers and ultimately minimize the number of Ciena understands that governments need a variety of options IP/MPLS router ports with which they interwork. These switches to create efficient next-generation networks. As the worldwide can be deployed in a wide variety of locations, including leader in coherent technology for 40G and 100G deployments, business parks, outside plant cabinets, and in central offices. OTN and mesh networking, and packet transport with cell tower deployments, Ciena also is leading the packet transport Conclusion evolution by offering comprehensive data, transport, and Ciena collaborates with government customers to unlock the OAM products. Furthermore, MPLS-TP, Carrier Ethernet, strategic potential of their networks and fundamentally change OTN, and coherent technology will help the industry move the way they operate. Ciena’s carrier-grade Ethernet solutions toward the packet-optical integration Ciena has been allow organizations to optimize IP and Ethernet services for advocating for years. campus locations onto a converged service delivery and aggregation network based on a broad, integrated family Ciena may from time to time make changes to the products or specifications contained herein without notice. Copyright © 2016 Ciena® Corporation. All rights reserved. AN086 2.2016 of purpose-built Carrier Ethernet switches with low-touch operations. Our Ethernet service delivery solutions combine the low cost and high capacity of Ethernet with the reliability, manageability, and service quality usually associated with SONET/SDH networking solutions. Ciena employs advanced OAM features and the latest innovations in Ethernet switching technology to deliver sophisticated QoS capabilities, superior Virtual LAN (VLAN) and virtual switching functions in scalable, cost-effective products that address the performance and capacity needs of any enterprise—large or small.