Huawei Agile Network Solution

—— Enable Networks to Be More Agile for Services

 Huawei Agile Network Solution Brochure-Detailed

1 Farewell to the Past, Step Toward Agility

1.1 Challenges Caused by Mobility: Experience, Security, and Management
1.2 Challenges Caused by Cloud Computing: Real-Timeness, Reliability, and Virtualization
1.3 Challenges of Real-Timeness: How to Guarantee Real-Time Service Experiences?
1.4 Challenges of Scalability: How to Handle Increased Traffic and Nodes?
1.5 Challenges Caused by Security Threats: Borderless Security
1.6 Smooth Evolution to Agile Networks

2 SDN Cannot Address All Problems

2.1 SDN Concepts and Scope
2.2 SDN Addresses Only Some Problems

3 Huawei Agile Network Solution

3.1 Solution Overview
3.2 Agile Campus Network
3.3 Agile WAN
3.4 Agile Branch
3.5 Cloud Fabric
3.6 Summary of the Agile Network's Benefits

4 Star Products
4.1 Agile Controller
4.2 Huawei Agile Switches

5 Why Huawei?
 1 Farewell to the Past, Step Toward Agility

Next-generation network

Multi-service transmission
MPLS/TE
QoS/HQoS
Bandwidth expansion BFD/50 ms switchover
L2/L3 switch NSF/NSR/ISSU

Service connectivity Hardware

forwarding router Multi-service phase CLOUD
Ethernet hub Voice/Video/Leased line…
Software forwarding
router
Popularity phase
Web + download
Initial phase
TUI

IP network development
Why does the enterprise need an agile network? The answer is in the history of the IP network.

An IP network is used to transmit data. The development of services and applications determine the development of
the network technology, which can be divided into the following four phases:

Initial phase: Typical services included text messaging, similar to email and Telnet. Networks were mainly used by
specialists, and requirements for network bandwidth and real-time operations were low. Networks needed only
provide basic connectivity functions. Typical network devices used during this initial phase included Ethernet hubs and
software forwarding routers.

Popularity phase: In 1995, Netscape began promoting the Internet. Users increased sharply, services became
diversified, web and download services became popular, and network traffic growth exploded. Network scale,
bandwidth, and performance problems were major hindrances. Layer 2/3 switches and hardware forwarding routers
were used to solve these problems.

Multi-service phase: In 2000, IP services became a major concern. The IP network was required to transmit voice,
video, and leased line services. Many new network technologies were introduced, including Multiprotocol Label
Switching (MPLS)/Traffic Engineering (TE), Quality of Service (QoS), Bidirectional Forwarding Detection (BFD), fast
switching, and NSF/NSR/ISSU. Multi-service transmission, quality of real-time services, reliability, and service isolation
were top priorities during this phase.

In recent years, the rapid growth of new services and technologies has brought more requirements. These services
include cloud computing, Wireless Local Area Network (WLAN), mobile office, social media, High Definition (HD) video,
Big Data, and Internet of Things (IoT). The next-generation network must face the challenges instigated by these new
services and resolve existing problems on the live network.

Huawei Agile Network Solution Brochure/ 1

1.1 Challenges Caused by Mobility: Experience, Security, and Management

How can terminal users at different

locations enjoy a unified experience? How are BYOD security policies deployed?

CIO Sharp increase of

Network users Intranet Internet
Extranet Extranet mobile device types
Wi-Fi access 3G/4G access 3G/4G access and quantities

WAN

Intranet
LAN access Employees want to bring
COOL HOME experience
into enterprises.
Branch access Extranet
Wi-Fi access

How can manual configurations

How can traffic spikes be dynamically adjusted?
adapt to user location changes?

User rights
User bandwidth Random
Security policies
Application policies
Work groups… Network
administrator
How are 140,000
user configurations
performed?

Swarming traffic

Challenges caused by mobility

For the Wireless Local Area Network (WLAN), mobile office, and Bring Your Own Device (BYOD), the physical locations
of user terminals are not fixed, causing the following problems on the traditional network, which mainly uses static
configurations:

1.How do terminals at different locations enjoy a unified experience?

2.How is the network security policy deployed? Traditional network security involves only the enterprise and Internet
egresses, whereas mobile terminals and WLAN bring multiple security vulnerabilities.

3.How are network policies — such as user rights, security, QoS, and priorities — dynamically configured? On the
traditional network, a user is bound to only one physical interface. A policy is manually configured by an administrator
on the network device closest to the user. When the user’s location is not fixed, manual configuration cannot be used,
the network must dynamically allocate resources and deploy policies.

4.The last challenge is to dynamically adjust traffic spikes. For example, when many participants with mobile phones,
tablet PCs, and computers join a conference at once, the network traffic increases immediately — a condition called
“swarming.” Swarming traffic often occurs when mobility increases. During traditional network planning, bandwidth is
not reserved for each corner. As a result, when traffic in an area increases sharply, other traffic may be affected.

Huawei Agile Network Solution Brochure/ 2

1.2 Challenges Caused by Cloud
Computing: Real-Timeness, Reliability, and Virtualization

Computing and storage

Traditional network resources are virtualized. What
about network resources?

Cloud fabric

Strict requirements for

real-timeness and availability

Local processing + Remote processing +

interaction interaction

Challenges caused by cloud computing

Cloud computing is an important technical transformation centered on computing and storage resource virtualization.
Cloud computing virtualization technology improves the average usage efficiency of traditional servers from 5% to over
60%, greatly lowering IT Capital Expenditure (CAPEX).

Today, cloud computing has been applied on an incredibly large scale. According to Forrester Research, the cloud
computing market is expected to rise to US$241 billion by the end of 2020, up from just US$40.7 billion in 2011.
As core infrastructure for transmitting cloud services, cloud data centers must transform and evolve to adapt to this
inevitable trend.

Enterprise cloud data centers will go through three stages of transformation: virtualization, automation, and multi-
cloud. Cloud data centers are currently migrating from the first to the second stage. The level of virtualization
performed within data centers today is considerably high, which allows for a large number of enterprise-grade servers
and storage devices to be virtualized. These virtual servers and storage devices, along with applicable virtual switches
(vSwitches) and cloud management platforms, work together to create a new landscape in data centers. While this
Information Technology (IT) transformation is a welcome change, a huge number of physical switching devices, Value-
Added Service (VAS) devices, and WAN routers are still at the physical entity stage, establishing a large physical network
in data centers. This is a big challenge in Communications Technology (CT).

Huawei Agile Network Solution Brochure/ 3

Unfortunately, the virtual world is separated from the physical world (the CT or network field). As a result, a set of
challenges, such as unified resource distribution and associative fault diagnosis, have become the biggest barriers for
improving cloud service deployment efficiency.

Enterprise data center management is divided into IT and network system management. IT system administrators
create services and allocate computing and storage resources through IT systems, while network system administrators
build and maintain network resources. IT system deployment efficiency has been substantially improved through
virtualization and automation technologies; however, cloud services demand network resources, in addition to
computing and storage resources. Low efficiency of physical network deployment and the existing disconnection
between physical networks and IT systems are tricky problems for cloud data centers.

Take an aviation enterprise as an example: Due to frequent service changes, the IT System Management Department
of the enterprise distributes 1,000 worksheets to its Network Management Department; however, employees in the
Network Management Department are always busy running between several data centers. They are usually only able
to complete about 70% of their worksheets, despite working around the clock adjusting their networks. As a result,
worksheets pile up, creating delays and hindering service growth. Consequently, once an IT system fails, only partial
faults can be detected, which prevents the faults from being accurately located due to a lack of information association
between the IT system and physical networks in data centers.

The disconnection that exists between IT and network systems hinders the development of cloud services. The
following critical problems plaguing network systems in cloud data centers must be solved quickly:

• Physical networks must accommodate cloud service demands and be rapidly and automatically deployed, like IT
systems.

• Physical networks must become part of the cloud platform, capable of being distributed together with IT resources
such as computing and storage.

• Physical networks must be displayed in the same view as that of virtual networks consisting of vSwitches and other
virtual devices to implement End-to-End (E2E) network management.

In addition to accommodating these requirements and supporting cloud service development, physical networks must
be stable and capable of smooth evolution to future networks.

Huawei Agile Network Solution Brochure/ 4

1.3 Challenges of Real-Timeness:
How to Guarantee Real-Time Service Experiences?

High-Definition (HD),
mobility, and other factors

Burst video traffic model
Heavy traffic: Unreliable Internet access Pixelation
128 times voice traffic
Slow cloud platform Low voice quality
response
68 times data traffic

Heavy burst traffic:

3 to 5 times average traffic

Sensitivity to packet loss: Why?

Video packet loss ratio <10-6
-2
Data Video VOIP Total Voice packet loss ratio <10
Data service is insensitive to the packet loss
Network is unaware of user experience.

Challenges of real-timeness

After the year 2000, real-timeness was required for voice and video services transmitted over the network, and the
requirements for reducing packet loss, delay, and jitter multiplied. Service interruption faults affect service experience;
for example, when voice and video packets are lost, service experience immediately drops. When a network fault
occurs, services can be switched quickly to the standby link, within 50 ms. In addition to interruption faults, many
other factors affect service experience, such as insufficient bandwidth, small switch buffer, lower link quality, hardware
aging, network attacks, and configuration errors. For example, when Internet access speed slows, it causes pixelation,
unidirectional communications, and inaudible speech. The network is unaware of quality problems, and network
administrators are unaware of the degraded user experience because the IP network uses connectionless architecture.
No service status information or mechanism exists to detect user experience and automatically locate faults, further
degrading service experience.

Huawei Agile Network Solution Brochure/ 5

1.4 Challenges of Scalability: How to Handle Increased Traffic and Nodes?

Exponential increase of network traffic Expanding new technologies Sharp increase of network nodes

User-friendly page: +40% each year Mobile terminals IoT

IETF RFC
6979

4998
SD HD

Potential traffic caused 2155

by Big Data collection 1068 1984 1000
751
1 1992 1 million
1969 1979 1989 1999 2009 2008 1 billion
2010 >10 billion
2020 >50 billion

Challenges of scalability

As traffic, services, and the number of network nodes increase and storage capacity continuously expands, network
scalability becomes a major concern.

1.Traffic/Bandwidth scalability: Internet user bandwidth increases an average of 40% each year because interface
changes cause a change in network traffic (for example, higher definition videos). Voice and video communications,
as well as more cloud applications, impose high requirements on the network. In 1998, the average cyber citizen
consumed roughly 1 Mbit/s of traffic, increasing to an average 1 Gbit/s of traffic in 2008. In 2014, a cyber citizen
consumes approximately 10 Gbit/s of traffic. During network construction, it is vital to consider not only network
architecture, but also bandwidth scalability and the proper use of scalable devices.

2.Application and feature scalability: In addition to increasing traffic, new technologies and services also increase
sharply. IETF Requests for Comment (RFC), which define network device functions, are used as an example. Ten years
ago, RFCs numbered about a thousand; today, that number has tripled. With the emergence of new technologies
and services, such as cloud computing, mobile office, social media, IoT, SDN, and Big Data, the network and network
devices must adapt to these technologies and services.

3.Network node expansion: Network devices are increasing exponentially. In recent years, as mobile terminals and
IoT have developed, the number of device nodes has increased rapidly. What is the relationship between increasing
network nodes and network devices? When purchasing network devices, one should consider entries (MAC address,
routing, and ARP entries), in addition to bandwidth. The switch with small entries cannot work on a large-scale
network.

Huawei Agile Network Solution Brochure/ 6

1.5 Challenges Caused by Security Threats: Borderless Security

WAN/Internet WAN/Internet
External attack External attack

Firewall single-point
 Single-point defense Ⅹ defense has no effect.
Mobile network attack

Wireless
eavesdropping attack
AP AP AP

Mobile terminal
attack

Due to mobility, offices are expanding and various types

Traditional network access modes and positions are fixed, and the
of access terminals are used. Attack points and measures
attack points and measures are simple.
are diversified.

Borderless security

Traditional network security vulnerabilities are often at the border between an enterprise intranet and the Internet.
Many enterprises deploy security devices such as firewalls at the border for security protection; however, service
mobility and diversified network attacks make the border indistinct. Wi-Fi, mobile terminals, and remote office lead to
many new security vulnerabilities. In addition, internal attacks, such as Trojan horse viruses and Advanced Persistent
Threats (APTs), may defeat traditional border security protection methods guarding the border. Solving security
problems brought about by multi-point security vulnerabilities and internal attacks has become the focus of next-
generation networks.

Huawei Agile Network Solution Brochure/ 7

1.6 Smooth Evolution to Agile Networks

Mobility
1.Shift the focus from technology, device, and
connectivity to services and user experience.
Cloud Computing
2.Shift from single-point security to united security.
Big Data 3.Shift from “Best Effort” of the IP network to real-time
quality awareness.
Social Networking 4.Shift from static configuration to dynamic, automatic
configuration deployment.
loT 5.Shift from hardware-defined to software-defined.

Agile network’s five transformations

Customers currently face the following problems with traditional networks:

1.Network resources are manually and statically configured and cannot immediately adapt to rapidly changing services.

2.The IP network lacks a service quality awareness mechanism, which means it cannot detect areas where users are
experiencing poor service quality. As a result, a smooth service experience cannot be guaranteed, especially when real-
time services must be provisioned.

3.Fault location efficiency is low. When a network fault occurs and the network cannot recover automatically, the
entire network must be inspected. Faults cannot be located quickly and accurately.

4.Single-point security protection mechanisms are obsolete. Security threats can now spread from a single egress to
any device on the network. The rapid development and widespread use of mobile applications creates vulnerabilities
that can be exploited across a network.

5.Service response is slow because network devices are hardware-defined. To add new functions, existing devices must
be replaced. Service response speeds of existing high-speed networks are still much slower than that of software-
defined service development, which causes a bottleneck in the development of services.

Agile networks will bring the following changes, freeing enterprise customers from traditional network constraints:

1.Traditional networks are centered on technologies, devices, and network connectivity.

Agile networks focus on how to provide excellent user experiences and service innovations, without paying much
attention to technologies, devices, and network connectivity.

2.Traditional networks are centered on a single device.

Huawei Agile Network Solution Brochure/ 8

Agile networks focus on the entire network, providing integrated services and experiences.

3.Traditional networks cannot detect poor user experience.

Agile networks can detect user experience and service quality in real time. When the user experience is poor, the network
can automatically detect it and accurately locate faults.

4.Administrators of traditional networks must focus on technological details, complex device configuration, and tedious
fault location.

Agile networks allow administrators to focus on user experiences and service innovations and can take over all manual
labor.

5.Traditional networks are hardware-defined and evolve slowly. To implement new services and functions, devices on the
traditional network must be replaced.

Agile networks are software-defined and can evolve four times faster than the traditional hardware-defined networks,
making it easier to quickly introduce new services.

Huawei Agile Network Solution Brochure/ 9

 2 SDN Cannot Address All Problems

2.1 SDN Concepts and Scope

Centralized Control + Device Capability Openness Network Openness

The controller provides

network device control Network capability
function. openness based on
Device capability openness: traditional networks
OpenFlow

Network Resource Virtualization Network Functions Virtualization (NFV)

Network resources are

dynamically allocated in the Universal IT architecture
Cloud same manner as computing
resources.
replaces specialized
network devices.
Overlay software network:
Nicira

SDN concepts

Widely recognized in the industry, SDN is not always well understood. SDN involves four concepts; however, some
organizations and vendors focus only on one concept and ignore the others.

1. Centralized control architecture: Control functions, such as route calculation of network devices, are centralized
on one controller, which generates the forwarding table and delivers it to devices. Network devices are responsible
only for forwarding packets, with OpenFlow as the control interface between the controller and devices. Centralized
architecture and OpenFlow are promoted and defined by the ONF.

2. Network capability openness: Third-party applications use Application Programming Interfaces (APIs) to invoke
network capabilities and implement flexible architecture, similar to the combination of the operating system and
applications. The ONF and IETF SDN working groups focus on network capability openness, but implementation varies
significantly. Network openness is irrelevant to centralized architecture; however, in existing network architecture,
network and device openness can be implemented.

3. Network resource virtualization: In cloud computing environments, computing and storage resources are
dynamically allocated. Customers only need to enter the quantity of required computing and storage resources on
the cloud management page. Virtual Machines (VMs) are then dynamically generated and allocated to departments
or tenants. To provide a complete IP system for a tenant or department, computing and storage resources, as well as

Huawei Agile Network Solution Brochure/ 10

network resources, must be dynamically generated. Nicira Overlay uses software to deploy a virtual network, which
is fully decoupled from the physical network. Overlay technology encapsulates Layer 2 packets into Layer 3 packets
for transmission and can be regarded as an upper-layer application after the physical network is virtualized. This kind
of technology is used in cloud data centers to effectively isolate multiple tenants and automate network-wide Virtual
Machine (VM) migration, fully satisfying the requirements of large cloud service providers and enterprises. Current
data encapsulation modes include Virtual Extensible LAN (VXLAN), Network Virtualization using Generic Routing
Encapsulation (NVGRE), and Stateless Transport Tunneling Protocol (STT).

4. NFV: Established by 13 ETSI carriers, Network Functions Virtualization (NFV) is designed to evolve telecom networks
into IT-oriented networks. Various types of devices on carrier networks, such as Digital Derived Services Networks
(DDSNs) and Content Delivery Networks (CDNs), increase Operating Expense (OPEX) and make it difficult for new
services to go online. To solve these problems, carriers must implement Layer 4 to Layer 7 functions using software
platforms.

SDN technologies will be discussed in detail later in this document.

Huawei Agile Network Solution Brochure/ 11

2.2 SDN Addresses Only Some Problems

SDN solves only some problems:

Through network capability openness, SDN can integrate the industry chain and quickly respond to customer
requirements. Centralized control of some functions improves network resource use efficiency, accelerates function
deployment, and speeds up O&M. Network resource virtualization allows network resources, similar to computing/
storage resources in cloud computing, to be flexibly scheduled and allocated. This is important for mobility and cloud
computing services.

SDN cannot solve the following problems:

1. Flexible function extension: Network capability openness and OpenFlow device abstraction cannot achieve software-
defined network functions and flexible scalability. Switches on enterprise networks use the ASIC chip with fixed
functions to forward packets (that is, packet processing functions are fixed). New features and functions that involve
changes in the packet processing functions can be achieved only by replacing devices and cannot be obtained through
software upgrade. OpenFlow changes frequently; a switch supporting OpenFlow1.0 cannot support OpenFlow 1.1
and later versions. To implement software-defined network functions, the basic architecture must be flexible and
programmable.

2. Overlay and NFC use universal CPU software to implement software functions. Universal CPU software intelligently
replaces network functions but cannot replace network performance. For example, an Intel 4-core CPU can process
only 3 Gbit/s traffic, whereas a specialized firewall forwarding hardware can process 20 Gbit/s to 30 Gbit/s traffic at the
same cost. The problem of software flexibility and hardware performance must be solved.

3. Smooth evolution. The existing network must smoothly evolve to the next-generation network on the live network.
Current SDN technologies do not solve this problem.

4. Service experience. The IP network is unaware of service experience. The next-generation network must solve
function and service experience problems. SDN does not offer a solution.

The Huawei Agile Network Solution can help enterprise customers solve the preceding problems.

Huawei Agile Network Solution Brochure/ 12

 3 Huawei Agile Network Solution

3.1 Solution Overview

Agile Campus Cloud Fabric Agile WAN Agile Branch

Chip Network
Devices

Huawei Agile Network Solution

Centralized Network capability Network Fully Quality Smooth
control openness virtualization Programmable Awareness Evolution

SDN Huawei's Enhanced Architecture

Huawei Agile Network Solution architecture

Based on Software Defined Networking (SDN) concepts and three architectural innovations, Huawei Agile Network
Solution is a next-generation enterprise solution that enables a swift and flexible network for services. The solution
provides rapid service innovation (four times faster than the industry average), helping enterprises seize business
opportunities amidst fierce competition.

The Huawei Agile Network Solution encompasses four sub-solutions: Agile Campus, Cloud Fabric, Agile WAN and
Agile Branch solution.Huawei's solution fully satisfies the requirements of new services, such as mobile applications,
cloud computing, social media, Big Data, and the Internet of Things (IoT), bringing significant benefits to enterprise
customers.

Fully Programmable: Ethernet Network Processor (ENP) + Protocol Oblivious Forwarding (POF) implements the change
from hardware- to software-defined networking.

Software-defined: Software upgrades and SDN programmability promoted by many vendors cannot actually be
implemented. New functions for packet forwarding (for example, added protocols and new protocol processing
functions), cannot be achieved. Huawei is the first to use ENP for packet forwarding, offering software flexibility and
hardware performance. Network functions can be flexibly changed and enhanced through software. Switches on

Huawei Agile Network Solution Brochure/ 13

enterprise networks provide fixed ASIC-based packet forwarding. Optimized SDN architecture and POF allow network
functions to be programmable and quickly expanded, transforming from hardware- to software-defined. Due to its
fully programmable architecture, Huawei’s agile network and agile switches provide free mobility, united security on
the entire network, Packet Conservation Algorithm for Internet (iPCA), and wired and wireless convergence.

Quality Awareness: iPCA technology is the first to enable IP network quality awareness, ensuring that users have a
good experience.

SDN does not enable detectable IP network quality; therefore, neither the network nor administrators are alerted to
service quality degradation regarding such real-time services such as voice, video, and desktop virtualization. To solve
this problem, Huawei uses iPCA, which can detect faults on the switching network, device, card, and link. When user
experience is degraded due to network faults, iPCA can detect and accurately locate the faults in a timely manner,
ensuring a good network experience.

Smooth Evolution: One device with dual planes makes this solution the first to allow SDN to be directly deployed on
the live network.

SDN uses centralized control, whereas the current network uses distributed control. Huawei uses one device with dual
planes to solve smooth evolution and interworking problems — the first solution to allow SDN to be directly deployed
on the live network.

Huawei Agile Network Solution Brochure/ 14

Fully Programmable: SDN-Ready, Implementing Rapid
Evolution (Four Times the Industry Average)

New Services/Functions

Hardware-defined: POF + open APIs Software-defined: hardware

Main functions cannot be expanded. performance + software flexibility
Evolution period: > 24 months
Agile Functions can be flexibly expanded.
Controller Evolution period < 6 months
The fixed ASIC is used to forward packets. To The ENP is used to forward packets. New
increase the packet forwarding function, you functions can be implemented through
need to purchase new devices. software upgrade or user-defined through POF.

Control plane (CPU) Packet forwarding (ASIC) Packet forwarding( ) Control plane (CPU)

Traditional switch Agile switch

Comparison between traditional switches and Huawei's agile switches

How can Information and Communications Technology (ICT) systems between enterprises be more competitive? How
can enterprises quickly introduce new services and functions?

The answer is a full programmable architecture, which allows networks to quickly introduce and evolve new functions
in a software-defined mode, much faster than traditional hardware-defined networks.

The fully Programmable architecture is a unique feature of Huawei’s agile network enhanced architecture.The core of
this architecture is, ENP + POF . This enhanced architecture is the first to implement a rapid expansion of software-
defined network functions, leading to more ubiquitous and innovative services.

The solution implements a new network function based on both the control and forwarding planes. The SDN-
enabled open APIs claimed by many device vendors support SDN only on the control plane. Essentially, these APIs
cannot implement new functions because packet forwarding is still implemented using nonprogrammable ASCI chips.

Huawei is the first in the industry to implement fully programmable control and forwarding planes, allowing new
services and functions to be easily defined — software-defined in the real sense.

Huawei Agile Network Solution Brochure/ 15

 Quality Awareness: Quick Fault Detection and Excellent
Experience

Known Factors Factors Ignored

 Bandwidth and Quality of Service (QoS)
problems: Insufficient bandwidth
 Network breakdown faults:
less integration
faults and traffic interruption
 Invalid flow control: Small switch buffer and burst service loss
 Security attack: Malformed traffic and exception handling
 Health faults: Packet loss caused by lowered fiber quality and
Device or link hardware aging
 Network configuration problems: Hidden configuration
errors

Ba nnin ring
pla
nd g in
En

wi ,10 sta
gin
tio

dth % lla
e
n

e
Hardw are

12
%
mismat chand
Link deterio deterior
ration, 17% ation42%

A method is required to detect and accurately locate factors that affect service experience. Config uration
error,19%

Online problem survey (2012)

Factors affecting user experience

It is a common misconception that service experience is ensured when there is sufficient bandwidth; however, in
addition to insufficient bandwidth and interruptions, many other factors affect service experience.

Many faulty networks cannot detect these factors, which can severely affect terminal user experience.

iPCA (Packet Conservation Algorithm for Internet)

Notify the administrator
Accurately locate failure
Automatic fault
detection
Low user experience can
0 Accurate
points.

100% potential
Agile Network be detected. Wait fault location risk elimination

Quality problems Slow Internet access

Slow cloud desktop
> 90% response Pixelation
tolerant Low voice quality > 70% faults are
services difficult to locate
Repeated fault occurrence
Network is unaware Manual fault location:
of user experience Several hours to
Traditional network degrading several days Lowered user experience

Comparison between traditional networks and Huawei's agile network

Huawei Agile Network Solution Brochure/ 16

Neither the traditional network by itself, nor the administrators, can detect network faults before receiving user
complaints. Even after receiving complaints, network faults are difficult to detect and thus lay dormant on the
network for long periods. According to Huawei's surveys, even though packet loss often occurs on networks where
users are present, users are often unaware of the problem. As traditional TCP service traffic can be retransmitted,
packet loss slows network access but does not interrupt services. As a result, many users overlook the problem, and,
consequentially, it becomes more pronounced when real-time services, such as voice, videos, and desktop clouds, are
deployed.

Huawei's proprietary iPCA technology enables the network to detect service quality and accurately locate faults. If a
user's experience is damaged, the network can automatically and accurately detect faults and provide detailed service
quality records. By leveraging this technology, administrators can easily detect faults that affect service experience.

Layered measurement: Network, device, card, link

Difficulty in monitoring connectionless networks

Out-of-band detection technology: BFD/NQA iPCA

iPCA iPCA
Single Single
input output

Single Single iPCA

input output iPCA
iPCA
In-band detection technology: Y.1731

Multi- Multi- First Multi-Input Multi-Output (MIMO)

Connectionless IP/Ethernet
input output
measurement technology

0 traffic cost
？
Multi-input and multi-output monitoring
How can connection problems be solved?
Applicable to any network scale

Real-time quality detection and accurate fault

location

iPCA
Why do IP networks lack quality awareness The IP network is a connectionless-oriented network, which is different from the
traditional TDM, SDH, and ATM networks, on which an end-to-end network connection is set up prior to communications.
Data packets are transmitted on an IP network, and there is no service connection information.

Connectionless networks can be deployed on a large scale, but quality monitoring is problematic. As shown in the diagram
above, current detection technologies, such as BFD/NQA/Y.1731, are targeted for point-to-point connections, which create
connection problems when deployed on the IP network because all communication nodes must be deployed symmetrically,
which is unacceptable. Therefore, there are no quality awareness measures on IP and Ethernet networks.

Through years of research, Huawei has developed iPCA Multiple-Input Multiple-Output (MIMO) detection technology. iPCA
can simultaneously detect communications among multiple nodes. iPCA can monitor the network, devices, cards, links, and
even chips, as well as detect any problems that affect terminal user experience.

iPCA does not cause extra performance problems or traffic costs and avoids interworking issues with third-party devices.

Huawei Agile Network Solution Brochure/ 17

Smooth Evolution: Perfect Compatibility with Traditional
Networks
Agile Controller
(Optional)

Enhanced Control Plane

Rights/Security/QoS/Path

Traditional Network Plane

Agile Switch
STP/OSPF/BGP/…

Dual control planes on one switch

Huawei agile switches and other agile devices provide dual planes and allow the traditional network to be seamlessly
migrated to the agile network.

Agile switches provide two planes: traditional network control plane and enhanced control plane (Agile Controller),
which can be independently deployed. The Agile Controller is optional and is required only when global coordination is
required.

Even if the controller is faulty, traditional network plane connectivity not affected. Huawei implements the Agile
Controller in redundancy mode.

Huawei Agile Network Solution Brochure/ 18

3.2 Agile Campus Network

L2 SW L2 SW
Branch Branch Internet access
AR AR

eSight NMS
WAN/Internet

Campus Network egress Agile Controller

NE/AR/SVN Coordinated control on the entire network
Dynamic allocation of network resources
Agile Controller Service orchestration and dynamic path
Security Agile core
resource center
Agile switch
NGFW
Agile aggregation

Agile switch Agile switch

Agile detection and execution
Converged access
Users and applications
Quality control and problem detection
Switch AP AP Agile switch Security events

Huawei agile campus network architecture

The Huawei Agile Network Solution is implemented on the agile campus network. When compared with the traditional
campus network, the agile campus network differs as follows:

•The addition of the Agile Controller: The Agile Controller controls the campus network (including the egress router/
SVN device) and dynamically schedules and allocates network resources, ensuring good service experience in mobile
environments. It can allocate and schedule security resources on the entire network to implement united security.

•The agile switch replaces the traditional switch, adding agile detection and execution capabilities to detect users,
applications, network quality, problems, and security events.

•Security resources such as firewalls can be shared on the entire network.

Huawei Agile Network Solution Brochure/ 19

Free Mobility: Ultimate Experience of Mobile Applications

Good experience for remote office and mobile office

WAN/Internet
User: xx
Network
resource
Position: Shenzhen

Network
resource Agile Controller
Silicon Valley
Auto translation
Network
resource Auto deployment
1. Right
Shenzhen
2. Priority/Bandwidth

Beijing
3. Security
4. Storage
Service mobility, auto resource allocation, enhanced experience

Free mobility

Users today expect to work in a mobile office style — anywhere and anytime. However, the fixed resources of
traditional networks are allocated based on physical location, without much focus on user experience. As a result,
remote and mobile office experiences are poor, and enterprise intranet access rate is rather low.

By introducing the Agile Controller and agile switches, Huawei is the first in the industry to allow network resources to
move with users, enhancing user experience and securing network resource utilization. The agile network is the first
to make traditional networks user-friendly, while freeing employees from the constraints of the traditional network
experience.

United Security: Shifting from Single-Point Security Protection to

Comprehensive Network Protection
Agile Security
Controller Resource Center
1. Collects security events on the entire network
② Performs Big Data ④ Dynamically NGFW Security events include network and security device logs, terminal
analytics. allocates the
security resource.
user behavior logs, and abnormal traffic logs.
Third -party
security device
2. Performs Big Data analytics
The controller analyzes collected mass data and detects potential
security risks.

3. Quickly responds to security events

Sends alarms in real time and recommends a response; flexibly
delivers security policies and quickly responds to security events.

4. Dynamically allocates security resources

Carries out resource pooling of security devices on the entire
network and dynamically allocates the security resource according
Collects security events. to area, user group, and security event, significantly improving the
security protection capabilities of the entire network.
Enables security policies.

united security over the entire network

Huawei Agile Network Solution Brochure/ 20

Confidential information leakage is a serious security concern for mobile office, especially possible leaks through Wi-Fi
and remote access points over the Internet egress. Traditional firewalls can prevent confidential information leakage at

only single points but cannot protect multiple points on the network.

To solve the problem of borderless security, Huawei uses the Agile Controller, firewalls, and agile switches to
implement comprehensive security protection. In this architecture, security functions are not executed by the egress
firewall alone. The Agile Controller collects security events, performs Big Data association analysis, and automatically
applies security policies spanning the entire network.

Huawei Agile Network Solution allows all devices to listen for security events. When suspicious traffic, or traffic from
an untrusted zone, is detected, the Agile Controller dynamically diverts the traffic to a shared security center for in-
depth inspection and cleaning. When the traffic is identified as attack traffic, the Agile Controller instructs network
edge nodes to directly isolate the traffic or lower its priority to prevent network threats.

Wired and Wireless Convergence: One Network, One Device,

and One Type of Management

Authentication gateway Independent AC

Wired policy Agile campus Wireless-to-Wirde

control point 1.An AP is virtualized into a switch port.
Wired and wireless separation Agile switch 2.A unified NMS discovers devices and delivers
Integrated AC configurations.
Integrated Wired network + Wireless network=One switch
CAPWAP tunnel
authentication
Traditional campus gateway
Wired and wireless Wired-to-wireless
AC card policy control point 1.Access switches are managed in the same
Authentication gateway Wired and wireless convergence manner as APs.
2.Access switches are plug-and-play
Access switch=AP/Aggregation switch=AC
Wired policy
control point
Wired and wireless integration

Wired and wireless convergence

The Huawei Agile Network Solution implements an unprecedented simple wireless network deployment for enterprises
through the following approaches:

1.By leveraging the fully programmable provided by the Huawei agile network, wireless functions are embedded into
wired cards without the need for the deployment of independent Access Controller (AC) devices or AC cards.

2.The wired management and wireless management interfaces are fully integrated. As a result, wireless networks can
be managed in the same way as traditional wired networks. Like wireless Access Points (APs), these access switches
implement Zero-Configuration and feature a single learning, single management, and single deployment experience.

Huawei Agile Network Solution Brochure/ 21

3.3 Agile WAN

Agile Controller 400M

30% usage
Shanghai 400M, 30% (link
usage efficiency)

1G 1G
1G
Beijing Shenzhen
900M, 90% (link usage efficiency)

Nanjing 300M new services cannot be launched.

Tianjin

• Centralized traffic control

Shanghai • Preferential forwarding of
Beijing
high-priority services such as
services marked in red

Agile Controller

Guangzhou Shanghai
400M 400M
300M 300M
1G 1G
Shenzhen Hongkong 1G
Beijing Shenzhen
900M, 90% (link usage efficiency)

Agile WAN

WAN leased link bandwidth cost is a key element influencing the experience of most services. According to statistics

provided by leading Internet Service Providers (ISPs), data center leased link use efficiency is only about 30%. Improving

inter-data center link bandwidth use is critical for reducing link deployment costs and enhancing user experience.

Huawei uses the independent path control plane and Agile Controller to calculate the path according to network

status to improve bandwidth use efficiency. Huawei provides network status and service priority detection to display

service network characteristics, implementing path planning and calculation to increase link use efficiency on the entire

network to more than 90%. In addition, high-priority services are scheduled first.

Optimized WAN shows WAN links between the data centers in Beijing, Shanghai, and Shenzhen. A new service

(requiring 300 Mbit/s bandwidth) must be provided between Beijing and Shenzhen. The bandwidth on this link (shortest

link) is insufficient, preventing provision of new services; however, bandwidth use between Beijing and Shanghai, and

between Shanghai and Shenzhen, is only 40%. To address this, Huawei introduced Path Computation Element (PCE)

technology. Now, the Agile Controller centrally calculates paths, obtains the real-time status of each Network Element

(NE), and automatically deploys the new service on the Beijing – Shanghai – Shenzhen link. The PCE ensures new

service provisioning and raises the link bandwidth use to 70% or higher, significantly reducing customer OPEX.

Huawei Agile Network Solution Brochure/ 22

3.4 Agile Branch

Enterprise branch networks currently face challenges brought about by Big Data, cloud computing, diversified IT
applications, wireless broadband, and IP-based transformation of industrial terminals. As a result, the number of CT
and IT systems keeps increasing, and branch networks become ever more complex. Service deployment, network
experience management, and maintenance of a huge number of branches have become major concerns and
challenges to branch networks, resulting in high network construction and maintenance costs.

Huawei Agile Branch Solution uses a two-layer architecture: Agile Controller + Agile Gateway.

• Huawei's solution is the first to introduce the Agile Controller into branches, implementing unified deployment and
control of branch network resources.

• The Agile Gateway supports a variety of functions, such as routing, switching, and voice of traditional branch gateways,
as well as dynamic uploading of IT applications, implementing CT and IT system convergence and resource sharing.

Software
Agile
Controller
Repository 1 One-click service
depioyment

WAN/lnternet 0 Zero-touch local

maintenance
Agile
Gateway ... $ Openness and VAS
Rranch 1 Rranch N

Agile Branch

The Huawei Agile Branch Solution helps customers implement one-click service deployment, zero-touch local
maintenance, and open and VAS provisioning capabilities.

• The Agile Controller performs unified orchestration of branch IT and CT services, as well as template-based
operations, implementing one-click service deployment.

• The Agile Controller monitors branch services in real time and automatically troubleshoots faults based on health
monitoring results, implementing zero-touch local maintenance. For example, health monitoring results show that the
branch has a poor quality WAN. The Agile Controller can then be used to enable the WAN to accelerate application
installation without manual configuration. The Agile Controller automatically delivers applications to the Agile Gateway.

• This solution provides open devices, networks, and applications, facilitating both the integration of third-party service
systems and that into third-party service systems, boosting innovative industry-leading solutions and delivering
economic benefits to enterprises.

Huawei Agile Network Solution Brochure/ 23

3.5 Cloud Fabric

Cloud
applications

Cloud Connecting
platforms cloud
applications
Openness

Agile
Controller
Cloud Fabric 2.0
Abstraction
Cloud Connect
VM VM Connecting
VM VM Connecting
VM Fabric VM
cloud
ICT resources
platforms

CloudEngine

Cloud Fabric

Rapid development of cloud computing, Big Data, and mobility have brought unprecedented challenges and
opportunities to data centers that function as service bearing infrastructure. Currently, the level of virtualization
inside a data center is very high. Virtual servers, storage, and switches (vSwitches) come together to build a new
virtualized network, supporting cloud computing development; however, data centers are deployed with a large
number of network devices that make up independent physical networks. A set of problems in service deployment,
unified resource delivery, associative fault diagnosis, and automatic service optimization exist due to the split between
virtualized and physical networks, causing a considerable barrier to service deployment and cloud computing data
center maintenance.

To help customers tackle these challenges, Huawei has put forward an innovative Data Center Cloud Connect Solution
in its Cloud Fabric 2.0. The major components of this solution include the industry-leading CloudEngine (CE) series
data center switches and the Agile Controller. The Cloud Connect Solution aims to simplify cloud computing. Huawei's
Cloud Connect Solution offers customers the following benefits:

• Connecting cloud services: being service-driven and allowing IT application administrators to easily
schedule network resources

Huawei's Cloud Connect Solution is service-centric and allows IT management personnel to easily schedule network
resources, enabling the network to flexibly migrate to cloud platforms; IT management personnel can use service
languages to define network requirements from the perspective of services. Different services have independent

Huawei Agile Network Solution Brochure/ 24

 application framework views, and IT management personnel can adjust the application frameworks on demand. The
Agile Controller can understand and transform three types of views: application framework, logical network, and
physical network views. It can automatically transform the application framework view to the logical network view
and deliver configurations to the physical network, implementing on-demand network resource allocation.

• Connecting cloud platforms: seamlessly connecting to mainstream platforms in the industry and
unified delivery of ICT resources

Huawei has been building an open cloud computing data center ecosystem. It has carried out cooperation efforts
with well-known IT device vendors and standards organizations across the globe in Huawei's Cloud Connect
Solution, featuring the following advantages:

·
·Cloud Connect seamlessly connects to VMware's vCloud cloud management platform and NSX network virtualization platform and builds a

joint online network policy migration solution and a joint VXLAN hardware gateway solution.

·
·Couples with and connects to Microsoft's CloudOS and builds a Hybrid Fabric solution in Overlay mode together with Microsoft. This

solution has been applied to large-scale cloud computing data centers.

·
·Connects to OpenStack and other mainstream cloud platforms, implementing unified management of network and IT resources.

·
·Works with Huawei's FusionSphere cloud platform to build an end-to-end Distributed Cloud Data Center (DC2) Cloud Fabric Solution.

• Connecting ICT resources: awareness between virtual and physical networks and unified display of
resources

Huawei's Cloud Connect Solution gives IT management personnel and network administrators a global view of the
data center and displays virtual and physical networks in a unified manner. In this way, IT management personnel
and network administrators can learn the global layout, utilization, and fault situation of their ICT resources.

• Lowered TCO: compatible with a variety of physical network technologies and smooth evolution

Huawei's Cloud Connect Solution decouples logical networks from physical networks and shields differences among
various physical networks (including virtual networks) as well as those found in other specific network technologies.
This allows Huawei's solution to work seamlessly with a broad variety of physical networks, preventing device
replacements from causing losses.

Huawei Agile Network Solution Brochure/ 25

3.6 Summary of the Agile Network’s Benefits

Network user Enhanced O&M Simplified CIO Software-defined

user experience O&M services
Automatic deployment of Service evolution four times
No mosaic, clear voice, and network resources based on faster than through hardware
fast Internet access users and services

New experience for remote Coordinated security defense

and mobile offices Automatic fault location Single-point defense versus coordinated
security defense on the entire network

Huawei Agile Network Solution benefits

The agile network offers an unprecedented experience in quality and allows network administrators to optimize
Operation and Maintenance (O&M) efficiency, and Chief Information Officers (CIOs) can introduce new, innovative
services at unprecedented speeds.

• Enhanced Experience: Drops in service continuity, pixelation, unclear voice, slow operational response speeds are
reduced, and enterprise intranet access rates in remote and mobile office modes are significantly improved.

• Efficient O&M: By leveraging the Huawei Agile Network Solution, manual labor can be significantly reduced.
Network administrators are relieved from the difficulties of complex technical terms, massive network devices,
tedious manual network configuration, and the heavy workload of manual network fault location.

• Quick Service Innovation: Enterprise CIOs no longer need to worry about introduction and deployment of new
services. The agile network supports innovation by adapting quickly to the introduction of new services. The agile
network also enables enterprise ICT systems to implement service evolution four times faster than the industry
average.

Huawei Agile Network Solution Brochure/ 26

 Service Challenge Corresponding Huawei Agile Network Solution Features

Service mobility/Dynamic work group

Mobility/BYOD
Wired and wireless convergence

Cloud computing Cloud Fabric "Cloud Connect" Solution

Real-time services (for example, videos, iPCA: accurate service quality awareness
voice, and desktop clouds) Agile switch: large buffer

Full openness and programmability

Fast growing network traffic, functions,
Huawei agile switches: large-capacity table entries
and nodes
Huawei agile switches: high scalability (1.28 Tbit/s per slot)

Borderless security Security collaboration across the entire network

Low O&M efficiency and high difficulty in iPCA: fast fault location
locating faults Super Virtual Fabric (SVF): virtualizes a network onto a device

Massive branches, complex services, slow

service deployment, and difficult fault Agile Branch Solution
location

Huawei Agile Network Solution Brochure/ 27

 4 Star Products

4.1 Agile Controller

Huawei's Agile Controller is the core component of Huawei's Agile Network Solution. It is applicable to various
scenarios covering its four sub-solutions: Agile Campus, Agile Branch, Agile WAN, and Cloud Fabric. The Agile
Controller implements application policy control for E2E connection from access points to data centers, redefines
networks by concentrating on services and user experiences, and enables networks to be more agile for services.

Based on the SDN concept of centralized control, the user- and application-oriented Agile Controller automatically
allocates and dynamically adjusts network resources, enabling them to migrate based on the user's location. Under
the Agile Controller's smart control, networks tend to use natural languages and automatic policy deployment instead
of manual configuration. Additionally, networks shift from single-point edge security protection to united security
protection over the entire network. Networks also shift from concentrating on technologies, devices, and connectivity
to services, users, and experiences.

In addition, the Agile Controller seamlessly connects to mainstream cloud platforms in the industry, including Huawei's
FusionSphere, VMware's vSphere, the OpenStack cloud platform, and Microsoft's Hyper-V. The Agile Controller is
dedicated to building an elastic, open platform, integrating excellent practices in various fields, allowing users to
flexibly define networks based on service demands.

Huawei Agile Network Solution Brochure/ 28

4.2 Huawei Agile Switches

Fifth generation

Agile Switch
Fourth generation

Third generation Multi-Service

Switch
Second generation
First generation
L3 Switch
L2 Switch
HUB

Evolution of switches

Agile switches are the most important components of an agile campus network. When viewed from the switch
evolution perspective, agile switches are fifth-generation switches. Compared to predecessors, the biggest advantages
of agile switches are the use of ENPs to make packet forwarding programmable and the combination of the ENP and
POF to make switches software-defined to allow for rapid service innovations. If the previous four generations of
switches could be likened to traditional feature phones, agile switches can be thought of as smartphones.

ENP fully demonstrates the strength of Huawei’s proprietary chips. ENP is cost-effective and provides highly flexible
software and high-speed hardware for simultaneous forwarding performance. ENP is the only component that
can implement fully programmable on switches. Compared to ENP, other packet forwarding components have the
following disadvantages:

•ASIC: High hardware performance and cost-effective — but no flexible software

•CPU (including multi-core CPU): Flexible software, poor performance, and high cost

•Traditional NP: Flexible software, comparatively poor hardware performance, and high cost

Huawei Agile Network Solution Brochure/ 29

 S12700
Agile Switch

First native T-bit AC First Unified User Management

Wired and wireless convergence Highly accurate user management

Benefit now, stability for the future Switch cost

Agile expansion, 10-year Core Router quality

stable network platform

Huawei Agile Switches

The S12700 is Huawei’s first series of agile switches. Huawei S9700 and S7700 series switches can be easily evolved
into agile switches though the insertion of an agile card. The S5700 series switches can also evolve into agile switches
in this manner. By leveraging their fully programmable, agile switches implement innovative functions on the agile
campus network, including free mobility, united security across the entire network, quality awareness, and wired and
wireless convergence. In this manner, agile switches implement native AC and native user management functions.
Agile switch reliability conforms to Internet core router reliability design requirements, meeting demands for high
network reliability and quality in cloud networks. Most important, agile switches provide SDN capabilities, and new
function evolution is far faster than that of traditional switches; therefore, Huawei agile switches not only deliver direct
benefits but also allow enterprise networks to fully evolve into future networks.

Huawei Agile Network Solution Brochure/ 30

 5 Why Huawei?

Huawei is proudly backed by 20 years of accumulated experience in the IP field and a series of
network products and solutions. Recognized as one of the world’s leading network solution
providers, Huawei has an excellent long-term plan for network development and a firm
determination to invest in the network field. Most important, Huawei has world-leading research
capabilities armed with world-class experts, rich experience in pre-research into network standards,
and chip development capabilities.

As a member of ONF, IETF, and IEEE, Huawei participates in SDN standards research, contributing
greatly in areas of network migration to SDN, including product development and improvement
in customization capability. Huawei now aims to provide intelligent, programmable, and open
networks to customers through its accumulated carrier-grade network experience and innovative
products.

Huawei Agile Network Solution Brochure/ 31

2014

HUAWEI TECHNOLOGIES CO., LTD.

Bantian, Longgang District
Shenzhen518129, P. R. China
Tel:+86-755-28780808

Huawei Agile Network Solution Brochure/ 32