Verizon Business Marlin Forbes Vice President Defense and International Services global capability. personal accountability. © 2007 Verizon. All Rights Reserved. PTE 12079 03/07
Verizon Communications Three Key Business Units • • Mobile services for U. S. consumer and business Nation’s most reliable wireless network Highest in customer loyalty Nearly 55 M customers • • 2 Communications services for consumer and small business Building one of the most advanced broadband networks Handling 1+B* calls a day with 99. 99% reliability Serving 30 M U. S. households Global Solutions for large business and government Created by merger of Verizon and MCI in January 2006 Most connected IP Backbone Serving 94% of Fortune 500 *Average number of calls handled each business day.
Global Industry Trends Telecom Industry Trends • IP Everywhere • Migration to Private IP • Broadband Everywhere • Convergence of Voice, Data and Imagery • Application Layer embedded in network • Optical Networking • Seamless Networks • Migration to IPv 6 Strategic Network Programs • Upgrade Backbone to Ultra Long Haul fiber • Access Moves to Converged Packet Architecture • Voice Network Migration to IP • Fully meshed networks with enhanced survivability 3
Global IP Network Delivering Around the Globe • 6 continents • 150+ countries • 2, 700 + cities • Expansive coverage of Internet data centers • Fully meshed transatlantic IP network 4
Europe • Services in 23 countries • Metro loops in nine countries, 44 cities • National networks in eight countries • Transatlantic connectivity • One of only two U. S. / European carriers in 160 Gbps SEA-ME-WE-4 consortium • Private IP available in nearly 50 countries in Europe 5 Existing Node Planned Expansion During 2006
Asia Pacific • Metro networks in Singapore, Tokyo, Osaka, Melbourne, and Sydney • National networks in Japan and Australia • Facilities based licenses in Hong Kong, Australia, Japan, and Singapore • Investments in 22 major submarine cable systems serving the region Seoul Hong Kong Tokyo Osaka Taipei Guam Singapore • Migrated to Self-Healing Rings • Singapore to Paris latency reduced to 180 ms with SEA-ME-WE-4 6 Sydney Existing Node Auckland
India • Partner solutions are in place with VSNL, Reliance, and Bharti • Added Direct Private IP and IP connectivity with Europe and Asia to improve latency New Delhi Cox’s Bazaar Mumbai Chennai Banglalore Existing Node 7
China • Established agreements with many major Chinese carriers to extend coverage • Working with five major Asian carriers to develop Trans-Pacific Express (TPE) Cable – expected completion in 2008 Beijing Shanghai • IP peering with Chinese carriers for reduced latency Guangzhou Existing Node 8
Global Reach and Investment Americas Regions Sweetwater Blaine Seattle Spokane Fargo Billings Minneapolis Eau Claire Portland Rouses Pt. Kalamazoo Boise Albany Syracuse Rochester Sioux Falls Eugene Alden Evanston Flint Grand Rapids Chicago Sioux City Cheyenne Midland Mil. Cedar Rapids Topeka Salt Lake City Co. Sprgs. Pueblo San Francisco LA Wichita Eugene Kansas City Joplin Cincinnati St. Louis Springfield Baltimore Washington Louisville Richmond Nashville Knoxville Palmdale Las Vegas Rialto Santa Fe Phoenix Amarillo Albuquerque Lubbock Dominguez Hills San Diego New York Newark Pittsburgh Columbus Denver Reno Salinas Scranton Indianapolis Lincoln Chico Poughkeepsie Cleveland Omaha Davenport Tucson El Paso Tuls a Charlotte Memphis Okla. City Raleigh Huntsville Wichita Dallas Falls Little Jackson Rock Shreveport Columbia Birmingham Atlanta Abilene Midland Macon Montgomery Savannah Albany Austin Mobile San Antonio Houston Tallahassee Gainesville Lafayette New Lake Corpus Christi. Charles Baton Orleans Rouge Harlingen Tampa Orlando Mc. Allen Jacksonville Cocoa Beach West Palm Beach Boca Raton Ft Lauderdale Miami United States: Long Distance Americas • • 9 Network in 10 Countries Facilities Based Licenses in 3 Counties 18 Major Submarine Cable Routes 7 Data Centers • • • 48, 000+ Route Miles 31 Submarine Cable Routes 125+ Voice Switches 2100+ Data Switches 200+ Data Centers Hartford Buffalo Detroit
Expanding the Reach of Global IP Network • Private IP Services continue to expand: – 356 edge switches deployed in 128 cities for direct access – Ethernet Access available in US and 21 countries in Europe and Asia Pacific – Expansion plans for an additional 100+ edge switches in 12+ new cities in 2007 10 Private IP available in 116 countries
Global Reach and Investment Pan-European Regions • Network in 23 Countries • Facilities Based Licenses in 9 Countries • Metro Loops in 9 Countries, 41 Cities • 31 Submarine Cable Routes • Trans-Atlantic Cable Mesh Network Completed 2006 Atlantic Mesh Backbone • 54 Data Centers Cable System 1 a Cable System 3 a 60 Hudson Ca ble Sy ste m m Bude, UK 1 b y e. S bl 2 a Ca London UK 2 111 8 th Ave b London UK 5 m 2 Crystal Lake, NJ yste le S Cable System 3 b Terrestrial 11 Wet Paris Terrestrial
Taiwan Earthquake Verizon Performance • Taiwan Earthquake – 12/26/06 – Earthquake of magnitude 7. 2 – Unprecedented 20 cuts on 8 cables – Isolation of Taiwan from the Public IP and Data networks • PIP Continued to Operate at Full Capacity • Public IP & Data Restored as much as 24 hours Earlier than other Carriers – Restoration with backhaul & SMW-4 within the first night – Leveraged Partnerships to obtain additional capacity 12 Epicenter
Trans Pacific Express (TPE) Cable System • First Multi-Terabit Optical Submarine Cable System Directly Linking the U. S. Mainland China • Vz. B is only U. S. Carrier of 6 Consortium Members • First Cable System with Direct 10 Gbps Wavelength Access to China • Adds Diversity, Speeds Provisioning, Reduces Latency • Planned Completion: 3 Q 08 – Initial Capacity: up to 1. 28 Tbps – Design Capacity: up to 5. 12 Tbps • Provides direct connectivity to Beijing, Shanghai, Taipei, Seoul, Hong Kong (via China), and India (via China) 13
Ultra-Long Haul (ULH) & Dual Rail Architecture § Reduces Network Elements by up to § § 70% Lowers DS 3 Per Mile Cost by up to 70% Enables Wavelength Services Dual Rail ULH Architecture Metro Ring Current Technology Regenerator ULH Technology Regenerator 14 ULH Technology ULH Rails Interconnected with OADM Technology § Provides a Higher Level of § § Resiliency and Performance Improves Latency Lessens Customer Impact during Maintenance
Converged Packet Access Long Distance PBX Customer Premise Local Internet Private IP Frame Relay ATM Today: Multiple Access Circuits Converged IP Core Customer Premise With CPA: Ethernet Aggregation • Enables Logical / Automated Service Provisioning • Enables Scaleable Bandwidth on Demand • Reduces Traditional TDM Bandwidth Requirements up to 60% • Expanding from 30 to over 60 sites 15
Customer Portal Providing Information on Demand • Verizon Business Customer Center: – – Global view Support in 6 languages More than 55 applications Dashboard with key statistics • e. Bonding: – Links your back office with ours – Scalable for large transactions Online tools that enable you to monitor performance around the globe 16
Security Intelligence Portal Available on Verizon Business Corporate Website • Analyst Diary – Daily summary of observed security events and information from Verizon Business Analyst team • Activity Dashboard – Dashboard representation of security information observed from various data sources • Event Calendar – Trending calendar allowing a user to view dashboard trending from previous days • Data Key – TCP and UDP port and protocol legend • Publications – Various relevant security publications from Verizon Business’ security experts 17
Deriving Intelligence 18 Data Capture, Collection, Analysis, and Sharing Security Intelligence Console Capturing, Collecting, and Analyzing Internal and External Data Sources Managed Services Operation Center NOC, SOC, Internet IP Backbone Operations Verizon Business Internet and Public Internet Internal IT Operations Verizon Business Enterprise IT Operations Third Party Open source, Network and Technology Providers Global Customer Security Event Management; managing network and security devices and technologies deployed at various demarcation levels within an enterprise, and supported on multiple provider networks worldwide. Global IP backbone operations and managed services support; worldwide IP traffic visibility on Verizon Business backbone and across public peering relationships with other network providers, including technology vendor relationships for networking hardware and software. Global enterprise IT operations; visibility to all IT security areas resulting from the support of Verizon Business office locations, infrastructure assets, and employees that are deployed worldwide. Global relevant outside sources; news and media, government, industry affiliation, peering agreements and relationships, technology vendors and partners.
Network Security Environment External Breaches Over the Past 12 Months Virus/worms Phishing/pharming Spyware/malware Social engineering Brand hijacking Hacking Denial of service Zombie networks Other form of external breach Website defacement Web application breach Wireless network breach Online extortion 0 10 20 30 40 50 60 70 Internal Breaches Over the Past 12 Months Virus/worms Insider fraud Leakage of customer data Internal network breach Wireless network breach Other form of internal breach Have not been breached 19 Source: Deloitte 2006 Global Security 0 10 20 30 40
Global Information Sources Providing Massive Amounts of Data in Near Real Time Scope Information Source Description Derivative Information Remarks Near real time capture of flow traffic between hosts Identification of infected source address, unique distribution host address or port, remote access port, Distributed Denial of Service attack profiles Over 4 million records captured per minute Network wide activity snapshot Identification of origin of a security incident, historical analysis of emerging threats or outbreaks Over 422 million records captured per hour Global Routing security events captured from Verizon Business’s IP backbone infrastructure assets Identification of malicious, mis-configured or otherwise misdirected hosts on the public Internet Approximately 30, 000 records captured per hour Global Honeynet – Simulated enterprise environment Identification of exploit methods and malware propagation methods Up to 5 million network segments or hosts monitored Global Operating System and Link characterization of TCP sessions Identification of OS identity trends in the infectious, malicious attacking or distribution hosts One observance per minute typical; up to 5 million network segments or hosts monitored Global Passive network statistics collection Capture, trend and characterization of payload emerging from network trends for scope verification Event-driven Intrusion Detection Systems Identification of Zero-day attacks and other malicious activity Up to 2 million event records observed per day USA Global 20
Global Information Sources Providing Massive Amounts of Data in Near Real Time (cont’d) Scope Information Source Description Derivative Information Remarks Traces – Payload capture Identification of zero-day attacks and other malicious activity; cross reference capabilities against port and protocol trending indicators Up to 1. 5 million records per day Global Verizon Internal IT Operations Network, computer, server, endpoint, and application security events Event-driven Global DNS Alerts Domain Name Services variations and abnormalities Event-driven Managed Services Event Information Identification of unique or common exploits affecting various networking and security demarcations, devices and technologies deployed on various networks Event-driven IP Backbone operations Identification of network traffic and network device events impacting or interesting to IT security; including abuse tickets reported on Verizon Business’ Internet backbone Event-driven External sources: News, Government, Security group, Network providers, technology vendors and providers Identification of public or third-party security event or information; situational awareness, unique, or common threat identification, product and platform threats and vulnerabilities Event-driven Global 21
Secure Information Portal • How to provide: » » Assured authentication File and data security Capability for sending sensitive data Security for mobile devices (PDA’s) • How to allow: Secure Intra/Inter Agency or Coalition/Allied Collaboration • How to ensure: Data Integrity and Non-Repudiation Non-repudiation is the concept of ensuring that a contract, especially one agreed to via the Internet, cannot later be denied by one of the parties involved. 22
Hosted Federated Authentication Value Proposition – Authentication CONUS 23 of choice – Leverage existing infrastructure – Enable information exchange – Supports ad hoc secure collaboration
Collaboration Portal • Text Collaboration (Chat & IM): Provides ability for users to initiate and participate in low bandwidth text chat sessions • Web Conferencing – – – Audio over IP: Video over IP Whiteboarding & Annotation: Ability to import objects Application Sharing/Broadcasting Presence and Awareness: Ability to identify users Cross Domain Participation: Ad hoc conferencing • Session Management: Management, customization, and control • Accessible through web portal 24
The New Reality • Voice/Data/Video is IP • Security concerns driving Private IP migration • IP Convergence offers opportunity to address issues • Network is now providing critical IT tools • COOP planning easier with “mesh” and smart portals • Global threat requires significant flexibility in IT delivery • OPTEMPO and sophisticated threat forcing all options 25
Скачать презентацию Verizon Business Marlin Forbes Vice President Defense and
5e7d03ffea7de99176c3812c54201ed4.ppt