Asp Configuration Handbook

John Gunson, Syngress

ISBN:1928994261, Edition: 1, 2001-05-01

Price: $49.95

Contents

Foreword ~ xxix

Chapter 1 An Introduction to ASPs for ISPs ~ 1
Introduction ~ 2
Why This Book Is for You ~ 3
What This Book Can Do for You ~ 4
Whom This Book Is Written For ~ 5
Definitions of Common ASP Terms ~ 5
What Is an Internet Service Provider? ~ 5
What Is an Application Service Provider? ~ 6
The Pure ASP ~ 6
What Is Information Technology Outsourcing? ~ 6
Application Outsourcing ~ 7
Business Process Outsourcing ~ 7
Platform Information Technology Outsourcing ~ 7
The Elements That Make an ASP Viable ~ 8
Life Cycle for the Cost of Ownership ~ 8
The Initial Cost of Hardware Acquisition ~ 9
Hardware Maintenance and Associated Costs ~ 10
Initial System Software Package Acquisition ~ 10
Initial Application Software Package Acquisition ~ 10
Implementation ~ 10
The Cost of Hardware Upgrades ~ 11
The Cost of System Software Upgrades ~ 11
The Cost of Application Software Upgrades ~ 12
Network Administration Resources ~ 12
Other Support (Training, Help Desk, Etc.) ~ 12
Possible Business Models and Offerings ~ 12
Types of ASP Firms ~ 13
Professional Consulting ~ 14
Project-Based Service Providers ~ 14
Outsourcing Providers ~ 15
Staff Augmentation Providers ~ 15
Education and Training Providers ~ 16
Value-Added Resellers ~ 16
The OSI-ISO Seven Layer Model ~ 16
Layer 1:The Physical Layer ~ 17
Layer 2:The Data-Link Layer ~ 18
Layer 3:The Network Layer ~ 18
Layer 4:The Transport Layer ~ 18
Layer 5:The Session Layer ~ 19
Layer 6:The Presentation Layer ~ 19
Layer 7:The Application Layer ~ 19
The Upper Layers ~ 21
The Lower Layers ~ 21
The Pseudo Layers ~ 21
Layer 8:The Political Layer ~ 21
Layer 9:The Religion Layer ~ 22
Layer 10:The Financial Layer ~ 22
Choosing the Best Platform for Your ASP ~ 22
Hardware ~ 23
Servers ~ 24
Hewlett-Packard ~ 24
Sun Microsystems ~ 25
Compaq ~ 25
Network Equipment ~ 25
Data Traffic Explosion ~ 25
Alcatel Networks ~ 26
Cisco Systems ~ 26
Extreme Networks ~ 26
F5 Networks ~ 27
Foundry Networks ~ 27
Juniper Networks ~ 27
Lucent Technologies ~ 27
Nortel Networks ~ 28
Cache Appliance Makers ~ 28
Akamai ~ 28
Intel ~ 28
Inktomi ~ 28
Software ~ 29
Load-Balancing Software ~ 29
BEA Systems ~ 30
Hewlett-Packard WebQoS ~ 30
IBM ~ 31
Microsoft ~ 32
Resonate ~ 32
Segue ~ 33
Business Drivers for the Conversion to ASP ~ 34
Business Factors That Impact the ASP Model ~ 34
Enabling Technologies ~ 35
Technical Factors ~ 36
Barriers to the ASP Business Model ~ 37
ASP Business Model Strategies ~ 38
System Integrators and Implementers ~ 40
Internet Service Providers ~ and
Telecommunication Companies ~ 41
Independent Software Vendors ~ 42
Independent Software Vendor Companies ~ 43
Why All the Mergers? ~ 45
Performance Issues ~ 45
Amount of System Uptime (Five Nines) ~ 46
Failover ~ 47
Clustering ~ 47
Sun Microsystems ~ 47
Hewlett Packard ~ 47
Compaq ~ 48
Problems That Could Arise from Conversion ~ 48
Major Issues in the Implementation of ~ an
ASP Model ~ 49
What Is Needed to Sell Your Services? ~ 49
Necessary Components ~ 50
Summary ~ 51
Solutions Fast Track ~ 51
Frequently Asked Questions ~ 57

Chapter 2 The Business Case ~ 59
Introduction ~ 60
ISP Market Conditions ~ 61
The Onset of Commoditization ~ 63
Broadband—The Enabling Technology ~ 64
Service Provider Business Requirements ~ 67
The New Model ~ 68
Customers’Demands ~ 69
Investor Demands ~ 71
The Evolving ISP ~ 72
The Steps Necessary to Offer Value ~ 73
Deployment of Services ~ 75
Value-Added Services and Core Competencies ~ 78
The Service Provider of the Future ~ 80
The Finances Involved ~ 82
The Case for Application Service Provider Conversion ~ 82
Market Factors ~ 84
ASP Customer Value Proposition ~ 86
ISP Value Proposition ~ 88
ASP Services Also Enable Future Migration Up the Value Chain ~ 91
ISP to ASP:The Perfect Fit? ~ 91
Critical Success Factors ~ 94
Business Models ~ 94
Determining Your Offerings ~ 96
Customer Issues ~ 99
Summary ~ 103
Solutions Fast Track ~ 104
Frequently Asked Questions ~ 106

Chapter 3 Server Level Considerations ~ 109
Introduction ~ 110
Implementation,Where to Begin ~ 111
Server Hardware ~ 111
Central Processing Unit ~ 112
Symmetric Multiprocessing ~ 114
Random Access Memory ~ 115
Mass Storage ~ 116
Network Adapters ~ 118
Software Solutions for Your ASP ~ 133
System Software ~ 133
Application Software Types ~ 137
Web Applications ~ 137
Database Applications ~ 141
Middleware Software ~ 142
Server Redundancy ~ 143
Shared Device ~ 144
Shared Nothing ~ 144
Under- and Over-Subscription ~ 145
Network Service Considerations ~ 147
Network Storage ~ 147
Network File System Protocol ~ 148
Server Message Block Protocol ~ 149
Common Internet File System ~ 159
Data Backups and How They Can Affect You ~ 159
Software Selection ~ 162
Virus Scanning Suggestions ~ 168
Thin Client Solutions ~ 171
ICA Protocol ~ 172
Maintenance and Support Issues ~ 174
Planned Upgrades ~ 174
Break/Fix ~ 176
System Monitoring ~ 177
Summary ~ 179
Solutions Fast Track ~ 180
Frequently Asked Questions ~ 184

Chapter 4 Performance Enhancement Technologies ~ 187
Introduction ~ 188
What Is Web Caching? ~ 189
What Is Load Balancing? ~ 189
What Is Content Routing? ~ 189
Web Caching and How It Works ~ 189
What Is Data Caching? ~ 190
The Benefits of Data Caching? ~ 191
What Happens With and Without a Solution in Place ~ 193
How to Reduce Bandwidth Usage ~ 195
Key Requirements for a Caching Solution ~ 195
Deployment Models for Data Caching ~ 197
Forward Proxy ~ 198
Transparent Caching ~ 198
Reverse Proxy ~ 198
Cache Locations and Placement ~ 199
Cache Hierarchies ~ 199
What Are Cache Appliances? ~ 201
Cost Effectiveness ~ 201
Ease of Installation and Management ~ 201
Fault Tolerance ~ 202
Scalability and Flexibility ~ 203
Performance and Speed ~ 203
Load Balancing in Your Infrastructure ~ 204
Localized Load Balancing ~ 204
Distributed Load Balancing ~ 204
Comparing Different Load-Balancing Systems ~ 205
Software-Only Solutions ~ 206
Switches ~ 207
Routers and Caching Systems ~ 207
Clustering ~ 208
Network Appliances ~ 208
Criteria You Should Look for in a Superior Load-Balancing Solution ~ 209
Dependability ~ 209
Quality of Service ~ 210
High Availability ~ 210
Can Load Balancing Enhance and Extend Your Network? ~ 211
Vendor Credibility and Their Support Infrastructure ~ 211
Load-Balancing Solutions from F5 ~ 212
First-Generation Load-Balancing Solutions ~ 213
What Takes a Site Down? ~ 213
Guaranteeing Availability to Your Client ~ 214
Cisco Systems’ LocalDirector ~ 215
Scaling a Server Farm ~ 215
High Availability ~ 217
Managing Your Server Connections ~ 218
Security with the LocalDirector ~ 219
LocalDirector Configuration Samples ~ 219
Multiple Virtual Servers and One Real Server ~ 223
Multiple Virtual Servers and Multiple Real Servers ~ 226
Foundry Networks’ ServerIron ~ 228
Content Delivery Networks ~ 230
Today’s Content Delivery Landscape ~ 231
Functional Components of a CDN ~ 232
How Do CDNs Work? ~ 232
Who Needs CDNs? ~ 233
Content Providers ~ 234
What Do Content Publishers Require from CDNs? ~ 235
CDN Service Providers ~ 237
What CDN Service Providers Require ~ 238
CDN Deployment Basics and Considerations ~ 239
Network Service Providers ~ 239
Satellite-Based Network Service Providers ~ 240
What Network Service Providers Require from CDN Service Providers and CDN Component Product Makers ~ 240
CDN Product Manufacturers ~ 240
Enterprises ~ 241
Consumers ~ 241
The CDN Services Landscape ~ 241
Industry Standardization Efforts ~ 241
The Content Alliance ~ 242
The Content Bridge Alliance ~ 243
CDN Solutions from Various Vendors ~ 244
Inktomi Content Delivery Suite ~ 244
Inktomi Content Distributor ~ 246
Inktomi Content Manager ~ 247
Cisco System’s Content Delivery Networks and Next-Generation Content-Based Services ~ 247
Cisco’s CDN Group ~ 248
Akamai and F5 Networks’ Combined Offerings ~ 249
Akamai’s Solution ~ 249
F5 Products ~ 250
Summary ~ 251
Solutions Fast Track ~ 252
Frequently Asked Questions ~ 255

Chapter 5 Storage Solutions ~ 257
Introduction ~ 258
Upfront Concerns and Selection Criteria ~ 259
Concerns for Your Storage Devices ~ 259
Host Independence ~ 259
Mixed Vendor Support ~ 260
Security ~ 260
Legacy Support ~ 261
System Availability ~ 262
Price versus Performance ~ 262
Directly Attached Storage in Your Infrastructure ~ 263
Network Attached Storage Solutions ~ 264
Quality of Service ~ 266
Location of NAS in Your Network ~ 266
Storage Area Networks ~ 267
The Need for SAN ~ 267
Benefits of SAN ~ 268
SAN Virtualization ~ 270
Multihost Arrays ~ 270
Logical Unit Number Masking ~ 271
In-Band Virtualization ~ 272
Storage Domain Servers ~ 273
NAS versus SAN ~ 274
Comparing Fiber Channel to SCSI ~ 275
The Benefits of Fiber Channel ~ 276
What Are the Limitations of SCSI? ~ 277
All Fiber versus Mixed Solutions ~ 277
SAN Management ~ 280
Capacity Management ~ 281
Configuration Management ~ 281
Performance Management ~ 281
Availability Management ~ 281
Scalability and How It Affects Your Business ~ 282
Storage in Your Infrastructure ~ 282
Wire Speed and How It Can Help You ~ 284
One versus Many ~ 287
Fault Tolerance Features and Issues ~ 288
Shared Resources ~ 289
Data Backup ~ 289
Remote Mirroring ~ 290
Synchronous ~ 290
Asynchronous ~ 291
Redundant Array of Inexpensive Disks ~ 291
RAID-0 ~ 293
RAID-1 ~ 293
RAID-2 ~ 293
RAID-3 ~ 293
RAID-4 ~ 294
RAID-5 ~ 294
RAID-6 ~ 294
RAID-10 ~ 294
RAID-53 ~ 295
SAN Solutions Offered by Various Vendors ~ 295
IBM’s SAN Solution ~ 295
The IBM SAN Strategy ~ 295
Summary ~ 297
Solutions Fast Track ~ 298
Frequently Asked Questions ~ 301

Chapter 6 ASP Security System
Provisioning ~ 303
Introduction ~ 304
Security Policy ~ 306
Developing a Security Policy ~ 306
Privacy Policy ~ 308
Security Components ~ 309
Authentication ~ 309
User Authentication ~ 309
IP Addresses and Spoofing ~ 312
Confidentiality Protection ~ 313
Key Length ~ 314
Types of Algorithms ~ 315
Further Cryptographic Considerations ~ 316
Incident Response ~ 317
Security Auditing and Risk Assessment ~ 319
Security Technologies and Attacks ~ 320
Virtual Private Networks ~ 320
Perimeter Firewalls ~ 321
Stateful Inspection ~ 323
Packet Filtering ~ 324
Embedded Firewalls ~ 328
Intrusion Detection Systems ~ 330
Types of Attack ~ 332
Applications Attack ~ 332
Denial-of-Service ~ 333
Buffer Overflow Attacks ~ 334
SYN Attacks ~ 335
IP Fragmentation Attack ~ 336
Smurf Attack ~ 336
Fraggle Attack ~ 338
Physical Attacks ~ 338
Distributed Denial of Service ~ 339
Trinoo ~ 341
Tribal Flood Network ~ 341
Tribal Flood Networks 2000 ~ 342
Stacheldraht ~ 342
Prevention Techniques ~ 343
Filtering RFC1918 Address Spaces ~ 344
Ingress and Egress Filtering ~ 346
Rate Limiting ~ 348
Flood Attacks ~ 350
SYN Attacks ~ 351
TCP Intercept ~ 352
TCP Intercept Mode ~ 353
TCP Intercept Timers ~ 354
Drop Mode ~ 354
Aggressive Mode Thresholds ~ 354
Capturing Evidence ~ 355
Syslog ~ 356
Packet Capturing ~ 357
Summary ~ 358
Solutions Fast Track ~ 359
Frequently Asked Questions ~ 361

Chapter 7 Management and Monitoring ~ 363
Introduction ~ 364
The Effect of Outsourcing ~ 364
Service Level Agreements ~ 365
Some Common SLA Guarantees ~ 365
What Are the Basic Components of SLAs for Frame Relay Circuits? ~ 366
What Service Levels Should the Service Provider Consider? ~ 368
Network Availability ~ 369
PVC Availability ~ 369
Average Network Delay and Average PVC Delay ~ 370
Effective Throughput ~ 370
Response Time ~ 371
Time to Resolution or Repair ~ 371
The Realities of Customer Compensation ~ 371
What Will Your Customers Look for in Their Implemented SLA? ~ 372
What Are the Guidelines for Implementing the Monitoring Necessary to Handle These Tasks? ~ 372
Where Is Your Weakest Link? ~ 373
Network SLAs ~ 374
System Level SLAs ~ 374
Application SLAs ~ 374
Making Your Company More Customer Oriented ~ 375
How Service Providers Have Responded ~ 376
Acceptable Performance ~ 376
The Added Bonus ~ 377
The Operation Support System Model ~ 377
What Are the Basics of OSS? ~ 378
The Workflow Engine ~ 378
Ordering ~ 379
Inventory and Allotment ~ 379
Engineering and Provisioning ~ 379
Activation and Service Management for the Field ~ 379
Network Management and Support ~ 380
What Is OSS Interconnection, and What Does It Mean? ~ 381
What Are the Challenges Facing Interconnection? ~ 382
Upgrading the OSS ~ 382
Efficiencies in Your OSS ~ 383
Remaining Flexible ~ 383
API Functionality and Gateways ~ 383
Supporting Your Data Services ~ 384
Provisioning Data Service ~ 385
Activation of Data Services ~ 386
Broadband Access Changes the Market ~ 386
Getting Access to the Masses ~ 386
Quality of Service ~ 387
Management Systems for Your ASP ~ 388
The TMN Outline ~ 388
TMN Standards ~ 389
The Building Blocks of the TMN Model ~ 391
How the OSI Functions in the TMN Model ~ 392
Manager and Agent Roles ~ 393
The Standard Interfaces ~ 393
The Logical TMN Model ~ 394
What Tools Do You Need to Automate TMN? ~ 396
The ASP Transformation ~ 397
Industry Examples of Successfully
Deployed ASP Management Tools ~ 398
ASP Infrastructure Operations ~ 399
Network Operating System ~ 400
Pricing Models and Billing ~ 401
Billing ~ 404
Managing Billing with Partners ~ 405
Summary ~ 407
Solutions Fast Track ~ 408
Frequently Asked Questions ~ 414

Chapter 8 Designing the Infrastructure ~ 415
Introduction ~ 416
Design Considerations ~ 417
Getting Started:The Design Process ~ 418
Data Center,WAN, and Remote Links Defined ~ 419
The Design Process—Getting Down to Business ~ 420
Site Considerations ~ 421
Physical Equipment Space ~ 421
Network Equipment Basics ~ 424
Designing with the Hierarchy in Mind ~ 425
Scalability of Hierarchical Internetworks ~ 426
Manageability of Hierarchical Internetworks ~ 427
Optimization of Broadcast and Multicast Control Traffic ~ 427
Possible Types of Topology Design ~ 428
Star Topologies ~ 428
Fully Meshed Topologies ~ 429
Partially Meshed Topologies ~ 430
Broadcast Issues ~ 431
Performance Issues ~ 432
Frame Relay Internetwork Design Considerations ~ 432
Hierarchical Design for Frame Relay Internetworks ~ 433
Hierarchical Meshed Frame Relay Internetworks ~ 434
Hybrid-Meshed Frame Relay Internetworks ~ 436
Regional Topologies for Frame Relay Networks ~ 437
Star Topologies ~ 437
Fully Meshed Topologies ~ 437
Partially Meshed Topologies ~ 438
Broadcast Issues for Frame Relay Networks ~ 439
Creating a Broadcast Queue for an Interface ~ 440
Committed Interface Rates ~ 440
Capacity Planning for Your Infrastructure ~ 442
Connection and Expansion ~ 442
Best Practices ~ 442
Protocol Planning Concerns ~ 444
Routing Protocols ~ 444
Interior Gateway Protocols ~ 444
External Protocols ~ 448
Choosing the Right Interior Protocol ~ 448
Route Selection ~ 449
Addressing Considerations ~ 450
Topology ~ 451
Application and Network Services ~ 453
Designing the Data Center Network ~ 454
Terminal Data Centers ~ 454
Application-Aware Networking ~ 455
Traffic Detection and Classification ~ 455
Admission Control ~ 455
Traffic Classification ~ 456
Congestion Avoidance ~ 457
Scheduling ~ 458
Scalability Considerations ~ 458
Scaling Bandwidth ~ 458
Scaling Considerations ~ 458
Multimedia Services ~ 460
IP Multicast ~ 461
Virtual LANs and Emulated LANs ~ 462
Policy in the Core ~ 463
WAN Link Considerations ~ 464
Routing and Scalability ~ 464
Planning for the Future Growth of Your Company’s Infrastructure ~ 465
Even More Network Scalability ~ 465
Layer 2 Switching ~ 466
Layer 3 Switching ~ 466
Layer 4 Switching ~ 467
Bridged Protocol Needs ~ 467
Bridging in the Multilayer Model ~ 468
Security in the Multilayer Model ~ 468
High-Availability Design ~ 469
High Availability ~ 469
Things to Consider When Implementing High-Availability ~ 469
Summary ~ 472
Solutions Fast Track ~ 473
Frequently Asked Questions ~ 477

Appendix A Sample Configuration for an Application Service Provider Network ~ 479
Introduction ~ 480
The Test Network ~ 481
The Logical Network Overview ~ 481
The Access Layer ~ 481
The Distribution Layer ~ 482
The Core Layer ~ 484
Configuration with Cisco Systems Commands and References ~ 485
Configuration for a Cisco Systems 7200
Router That Is Located within the Core Layer ~ 486
Configuration for a Cisco Systems Gigabit Switch Router Router That Is Located within the Distribution Layer ~ 509
Configuration for a Second Cisco Systems Gigabit Switch Router Router That Is Located within the Distribution Layer ~ 522
Configuration for a Third Cisco Systems Gigabit Switch Router That Is Located within the Distribution Layer ~ 532
Configuration for a Cisco Systems MGX Router That Is Located within the Access Layer ~ 537
Summary ~ 553

Appendix B ASP Configuration Handbook

Fast Track ~ 555
Index