xpress vpn - secure wireless connectivity for remote offices, with assured quality of service
DESCRIPTION
Propel your business with greater productivity and efficiency, by ensuring a cost effective solution that gives you instant connectivity. Xpress VPN is a secure wireless connectivity solution that is ideal for quick deployment at new or remote locations like branches with few employees. With assured Quality of Service, the solution is reliable for applications that have low bandwidth requirement and are latency tolerant. Enabled with security features suitable even for banking applications, the Xpress VPN solution seamlessly integrates with your enterprise VPN.TRANSCRIPT
XPRESS VPN
2
Business Services
256 Kbps
64 Kbps
128 Kbps
Introducing Xpress VPN
Xpress VPN :
A secure wireless connectivity solution with QoS and
SLA
Benefits :
• 100% feasibility on HSIA / Photon Max network
• Quality Of Service
• SLA backed service
• No Public Internet only VPN
• Multiple Bandwidth option (32/64/128/256/512
Kbps)
Use Case scenario :
• Bandwidth Supported (32,64,128, 256 and 512
Kbps)
• Application with latency tolerance
• Fixed location users
• Ideal replacement for VSAT, Leased Line and
UBR
512 Kbps
3
Business Services
Benefits of Xpress VPN
• QoS with multiple bandwidth (32, 64, 128, 256 and 512 Kbps) options to choose from
• Highly secure solution due to proprietary 128-bit data encryption and IPSEC
• Service Level Agreement on throughput, latency and packet loss
• Wide coverage in India on EVDO Rev A
• Faster deployment as no regulatory or right of way permissions required
• Low OPEX model with unlimited usage
• Multiple choice of routers (With and without IPSec)
4
Business Services
The right choice for your thin VPN
VSAT Copper/Fiber Microwave Xpress VPN
Coverage J L K J
LOS Required J L L J
Regulatory Clearance K L L J
Easy & time for Deployment K L L J
Roof Top Rights/ROW L L L J
Choice of Bandwidth L J J K
Entry Capex K L L J
Opex K K J J
Uptimes J J K J
Throughput J J K J
Latency K J K K
Service Experience J J K J
5
Business Services
Xpress VPN alternate for VSAT/UBR/LL
Location BW Required BW
Subscribed
Accepted
Latency
Medium Before
Xpress VPN
Medium After
Xpress VPN launch
Head Office > 10 Mbps > 10 Mbps < 50 ms Fiber Fiber
DC/DR/BCP Site ~ 5/ 10 Mbps > 10 Mbps < 100 ms Fiber Fiber
Regional Offices ~4 Mbps ~4 Mbps < 100 ms Fiber/Copper Fiber/Copper
Metro Branch
offices ~ 2 Mbps ~ 2 Mbps < 100 ms Fiber/Copper/UBR Fiber/Copper/UBR
Branch Offices ~ 300 kbps 256/512 Kbps 120 to 350 ms Copper/VSAT/UBR Xpress VPN
Warehouses ~128 kbps 128/256 Kbps 120 to 350 ms VSAT/UBR/Copper Xpress VPN
Stores / POS/
Service Centers ~ 64 kbps 64/128 Kbps 120 to 350 ms VSAT/UBR/Copper Xpress VPN
C&FA /Depots ~ 64 kbps 64/128 Kbps 120 to 350 ms VSAT/UBR/Copper Xpress VPN
Employees on
Move ~ 64 kbps 64 Kbps 120 to 350 ms Internet
Road Warrior/SSL
VPN
6
Business Services
Scenario 1 : Hybrid VPN Service Provider
Multi-Access Options Connect Anywhere - Ubiquitous Network
Type Of
Connectivity
Best Fit
Technology
Solution
Head offices , Hubs ,
DR Sites
MPLS VPN + Ethernet
point to point
Regional Offices MPL S
Small offices , ware
house
Xpress VPN
External agents SSL VPN
Employees on move Road Warrior - Pan
India
Access to VPN when
abroad
Internet – SSL
Hybrid VPN – How many Service Providers can claim this today?
TD MPLS
Cloud
Cellular
Internet
Branch/C&F
TD SDH Cloud
VPN Gateway
Mobile
User
XPRESS VPN
ROAD
WARRIOR
Remote Dealer
DSL /
ISDN
Head
Office
FIBER Ethernet
DC
FIBER Ethernet
Regional
Office
FIBER
Ethernet
MW/RF
SSL VPN
Branch/C&F Remote
Branch
7
Business Services
Scenario 2 : Xpress VPN (MPLS)
Xpress VPN as the primary last mile connectivity with MPLS handoff
TD Core CDMA
Network
TD MPLS
Network Data
Center
Fixed Location
DELHI
XPRESS VPN
Fixed Location
Mumbai
XPRESS VPN
Fixed Location
Chennai
XPRESS VPN
Fixed Location
Bangalore
XPRESS VPN
8
Business Services
Xpress VPN Target Segments Connectivity
Options
Fiber
Copper
BFSI Bank ATMs, POS Terminals,
Small Branch Connectivity,
Backup to VSAT, Micro
Finance Terminals
MFG Automobile Segment, OEM
connectivity, Branch connectivity,
SAP
E-Ticketing, Utility Applications,
Census, Education, Mobile Health
Care, Emergency Medical Services
GOVT
Media Instant reporting,
Retailers/Modern Trade, Online
kiosks/Online Terminals, Electronic
Merchandise
Services
Others Field Payment Collections
Supports wide range of bandwidth applications
X
p
r
e
s
s
V
P
N
:
:
:
:
:
:
100 Mbps
10 Mbps
2 Mbps
1 Mbps
512 Kbps
256 Kbps
128 Kbps
64 Kbps
10 ms
20 ms
30 ms
40 ms
50 ms
60 ms
120 ms
150 ms
200 ms
> 350 ms
Application
Latency
Xpress
VPN
Bandwidth
9
Business Services
Xpress VPN Bandwidth Options
9
Bandwidth Options Xpress VPN Service available on
64 Kbps Yes Rev A
128 Kbps Yes Rev A
256 Kbps Yes Rev A or Rev B
512 Kbps Yes Rev A or Rev B
• In a city where only Rev A is available, we can offer XpressVPN 64,
128, 256 Kbps bandwidth on Rev A
• In case in a city both Rev A and Rev B are available, 64,128 Kbps
will be offered on Rev A and 256 and 512 Kbps will be offered on
Rev B
• Committed Throughput >=95% of time
• Symmetric bandwidth (same Upstream and Downstream)
10
Business Services
Xpress VPN architecture
CDMA Network
BSC
PDSN
AAA
Server
Shared
LNS
Edge
Router
Fixed
Location
PC with
Router
Radio Access
Network
TATA Docomo CDMA
Network
TD MPLS
Cloud
Customer
Servers
1
BTS
BTS
BTS
BTS
Customer
Router
Customer
Database
Server
Wireless
Access
HSIA
2 3 4 5 6
TD
MPLS
Priority on Wireless network
11
Business Services
1. CDMA device till PCF • CDMA uses spread spectrum technology
• CDMA uses the standardized CAVE(Cellular Authentication and Voice Encryption) algorithm to generate a 128-bit
sub-key called the “Shared Secret Data” (SSD) to encrypt data packets over the air interface
2. PCF till PDSN • Traffic is routed over secure Tata DOCOMO private data backbone.
• The traffic is tunneled from PCF till PDSN using standard GRE tunneling protocol
3. PDSN till LNS • Each PPP session is authenticated by AAA server at PDSN
• Further tunneled till LNS using layer-2 L2TP tunnel protocol
• PDSN & LNS authenticate each other using PAP/CHAP protocols
4. LNS till customer site • The final network segment: secure MPLS link between LNS located Tata DOCOMO PE router & customer
5. Optional and Additional Security (IPSec) • Additional security layer can be built using IPSEC between Customer’s server and Netaxcess router
Secure Solution
11
PDSN : Packet Data Serving Node LNS : L2TP Network Server CPE : Customer Premises Equipment IPSec : Internet Protocol Security RAN : Radio Access Network
User
5 CPE
L2TP BTS
BSC
2 GRE Tunnel
PDSN 3 L2TP
CDMA
Network RAN
MPLS
4 MPLS
LNS
1 CAVE Security
12
Business Services
Xpress VPN SLA
Performance parameters Class A City Class B City Class C City
Throughputs Upto >=95% of time Upto >=95% of time Upto >=95% of time
Network latency <350 ms <350 ms <350 ms
Packet Loss <=2% <=2% <=2%
MTTR 4 hrs 6 hrs 8 hrs
Network Uptime 99% 99% 98.5%
Throughput is measured in the green zone (Strong Signal strength)
Network uptime is calculated on a quarterly basis
Network uptime is for the RAN
Network latency is defined as the average value of the max and min