SlideShare a Scribd company logo
1 of 12
Download to read offline
Automated and secure service activation at
the network edge with zero touch
provisioning
April 10, 2018
© 2018 ADVA Optical Networking. All rights reserved.22
Empowering the network edge – secure, zero touch service delivery
Physical and virtual network edge
Secure networking
Zero touch operations
Cloud-native hosting
Openness and assurance
Aggregation Hand-overDemarcation
Virtual appliance
hosting
Programmable
edge services
CE 2.0 and IP
services
Ensemble NFV software
solutions
Metro
network
FSP network
management suite
© 2018 ADVA Optical Networking. All rights reserved.33
NFV and SDN create business
opportunities but adds complexity
 Relieve provisioning work load
Minimizing manual processes for faster innovation and lower production cost
IoT and 5G increase the number of
intelligent edge devices
 Minimize cost of installation
Configuration but also functionality of
edge devices need to adapt to changes
 Automated
configuration/provisioning
Site visits create cost and take time;
manual configuration is failure prone
 Reduce need for human input
Intelligent edge devices Time to revenue
Increasing complexity High number of devices
What’s driving the need for zero touch operation?
Motivation: Automation at the network edge
© 2018 ADVA Optical Networking. All rights reserved.44
Manual steps:
- Install device
- Plug in network connection
- Power it up
Automated processes:
- Network connectivity
- Upload/install software updates
- Load and activate configuration
- Service test and activation
High-volume products need to self-start without human intervention
Zero touch service activation
Simplifying operations
© 2018 ADVA Optical Networking. All rights reserved.55
• Human-driven activation
and commissioning:
security relies upon skilled
and trustworthy field
engineers
• Automated provisioning:
security mechanisms are
needed to mitigate lack of
human control
Automation needs to come with security controls mitigating new attack vectors
Elimination of manual processes increases attack surface
Threat landscape at the automated edge
Cloud and
internet access
Rogue user installs
manipulated device
Fake server provides
corrupted firmware
Malicious
software installed
during shipment
© 2018 ADVA Optical Networking. All rights reserved.66
Vendor
• Provides hardware and
software
• Runs private CA for own
products and servers
Service provider
• Runs NOC
• Operates software server
with boot-images, config
Public CA creates certificates
for vendor and service provider
(optional)
Edge devices need to be securely authenticated and provisioned
Three stakeholder model: vendor, service provider and CA
Use case: Zero touch provisioning
Communication service
provider’s NOC
Software
server
Untrusted
connectivity
network
On-premises
edge device
Certification authority (optional, not considered
in the following, simplified case)
© 2018 ADVA Optical Networking. All rights reserved.77
The device requests a secure
connection to Ensemble
authentication server
The device knows the
server’s IP address and has
trust anchor certificate of
server
Trust relation established
with mutual authentication
Mutual authentication
ZTP with FSP 150 ProNID and Ensemble
authentication server #1
UNI Service provider
access/core network
DHCP
File
Server
© 2018 ADVA Optical Networking. All rights reserved.88
Creating a device identity:
entering UID and
credentials
Using the UID as a key the
correct onboarding
information is sent to the
NID
With established trust
relation and secured
connection, the onboarding
information staged on the
server might be unsigned
Device authorization through User ID (UID)
ZTP with FSP 150 ProNID and Ensemble
authentication server #2
UNI Service provider
access/core network
DHCP
File
Server
© 2018 ADVA Optical Networking. All rights reserved.99
The onboarding
information contains
configuration information
as well as post-
configuration script
NID uses down ECPA on
network port to test the
connection
The PE‘s port facing the
NID is preconfigured with
facility loopback on and will
loop back ECPA test frames
Post-configuration script to test the physical bearer
Automated service pre-activation testing
UNI
Customer xyz
PE
ECPA
© 2018 ADVA Optical Networking. All rights reserved.1010
Automated device
configuration and
activation of business
services
Zero touch instantiation
of virtual network
functions with uCPE
Applicable with electrical
and optical products
ZTP is a unifying feature across our wider product portfolio
Automation is widely applicable
Demarcation
Virtual appliance
hosting
Programmable
edge services
High bandwidth
business access
FSP network
management suite
© 2018 ADVA Optical Networking. All rights reserved.1111
Eliminating time-
consuming and failure-
prone manual processes
Cryptography becomes
essential competence for
ZTP as well as IoT
Available with FSP 150
and Ensemble software
solutions
Improving network security and operational efficiency with ZTP
Standard compliant for easy integration
Summary: ZTP, an essential step towards ZT operations
Thank you
IMPORTANT NOTICE
The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any
reproduction, publication or reprint, in whole or in part, is strictly prohibited.
The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA
Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special
damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation.
Copyright © for the entire content of this presentation: ADVA Optical Networking.

More Related Content

What's hot

SatAware assures satellite-based timing
 SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timingADVA
 
Machine learning for optical networking: hype, reality and use cases
Machine learning for optical networking: hype, reality and use casesMachine learning for optical networking: hype, reality and use cases
Machine learning for optical networking: hype, reality and use casesADVA
 
Operationalizing SDN
Operationalizing SDNOperationalizing SDN
Operationalizing SDNADVA
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
Ensemble Activator makes disaggregation truly carrier-grade
Ensemble Activator makes disaggregation truly carrier-gradeEnsemble Activator makes disaggregation truly carrier-grade
Ensemble Activator makes disaggregation truly carrier-gradeADVA
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters ADVA
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network securityADVA
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud ADVA
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a serviceADVA
 
Wholesale network slicing for 5G access
Wholesale network slicing for 5G accessWholesale network slicing for 5G access
Wholesale network slicing for 5G accessADVA
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...ADVA
 
Disaggregation, automation and autonomy in optical networking
Disaggregation, automation and autonomy in optical networkingDisaggregation, automation and autonomy in optical networking
Disaggregation, automation and autonomy in optical networkingADVA
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...ADVA
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityADVA
 
Artificial intelligence in IoT-to-core network operations and management
Artificial intelligence in IoT-to-core network operations and managementArtificial intelligence in IoT-to-core network operations and management
Artificial intelligence in IoT-to-core network operations and managementADVA
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services nowADVA
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...ADVA
 
FSP 150-GO102Pro Series: Redefining demarcation for the small cell era
FSP 150-GO102Pro Series: Redefining demarcation for the small cell eraFSP 150-GO102Pro Series: Redefining demarcation for the small cell era
FSP 150-GO102Pro Series: Redefining demarcation for the small cell eraADVA
 

What's hot (20)

SatAware assures satellite-based timing
 SatAware assures satellite-based timing SatAware assures satellite-based timing
SatAware assures satellite-based timing
 
Machine learning for optical networking: hype, reality and use cases
Machine learning for optical networking: hype, reality and use casesMachine learning for optical networking: hype, reality and use cases
Machine learning for optical networking: hype, reality and use cases
 
Operationalizing SDN
Operationalizing SDNOperationalizing SDN
Operationalizing SDN
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...
 
Ensemble Activator makes disaggregation truly carrier-grade
Ensemble Activator makes disaggregation truly carrier-gradeEnsemble Activator makes disaggregation truly carrier-grade
Ensemble Activator makes disaggregation truly carrier-grade
 
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
A new benchmark for timing success - OSA 5412 and 5422 access grandmasters
 
BSI approval and what it means for network security
BSI approval and what it means for network securityBSI approval and what it means for network security
BSI approval and what it means for network security
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud
 
Introducing spectrum as a service
Introducing spectrum as a serviceIntroducing spectrum as a service
Introducing spectrum as a service
 
Wholesale network slicing for 5G access
Wholesale network slicing for 5G accessWholesale network slicing for 5G access
Wholesale network slicing for 5G access
 
ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids ADVA’s telecommunications solutions for smart grids
ADVA’s telecommunications solutions for smart grids
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
 
Disaggregation, automation and autonomy in optical networking
Disaggregation, automation and autonomy in optical networkingDisaggregation, automation and autonomy in optical networking
Disaggregation, automation and autonomy in optical networking
 
ADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructureADVA launches new aPNT+™ platform to protect critical network infrastructure
ADVA launches new aPNT+™ platform to protect critical network infrastructure
 
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
Live demo of low-latency and timing-accurate mobile x-haul based on SDN-enabl...
 
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacityNew FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
New FSP 3000 TeraFlex™ capabilities dramatically boost network capacity
 
Artificial intelligence in IoT-to-core network operations and management
Artificial intelligence in IoT-to-core network operations and managementArtificial intelligence in IoT-to-core network operations and management
Artificial intelligence in IoT-to-core network operations and management
 
Back to the future with simple wholesale services now
Back to the future with simple wholesale services nowBack to the future with simple wholesale services now
Back to the future with simple wholesale services now
 
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...Putting the M in MANO: Major new Ensemble release delivers NFV management and...
Putting the M in MANO: Major new Ensemble release delivers NFV management and...
 
FSP 150-GO102Pro Series: Redefining demarcation for the small cell era
FSP 150-GO102Pro Series: Redefining demarcation for the small cell eraFSP 150-GO102Pro Series: Redefining demarcation for the small cell era
FSP 150-GO102Pro Series: Redefining demarcation for the small cell era
 

Similar to Automated and secure service activation at the network edge with zero touch provisioning

Network management re-architected as a services incubator
Network management re-architected as a services incubatorNetwork management re-architected as a services incubator
Network management re-architected as a services incubatorADVA
 
Creating New Business Services for the IoT With Network Functions Virtualization
Creating New Business Services for the IoT With Network Functions VirtualizationCreating New Business Services for the IoT With Network Functions Virtualization
Creating New Business Services for the IoT With Network Functions VirtualizationADVA
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProADVA
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018   a look at network assurance in dna centerCisco connect winnipeg 2018   a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco Canada
 
Customer Presentation - Aruba Wi-Fi Overview (1).PPTX
Customer Presentation - Aruba Wi-Fi Overview (1).PPTXCustomer Presentation - Aruba Wi-Fi Overview (1).PPTX
Customer Presentation - Aruba Wi-Fi Overview (1).PPTXssuser5824cf
 
Network Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyADVA
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerADVA
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018   sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018   sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
Democratizing Network Automation Through Low-Code
Democratizing Network Automation Through Low-CodeDemocratizing Network Automation Through Low-Code
Democratizing Network Automation Through Low-CodeItential
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018   Simple ITCisco Connect Halifax 2018   Simple IT
Cisco Connect Halifax 2018 Simple ITCisco Canada
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...NetworkCollaborators
 
ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2Nguyen Binh
 
Managing Student Devices on the School Wireless Network
Managing Student Devices on the School Wireless NetworkManaging Student Devices on the School Wireless Network
Managing Student Devices on the School Wireless NetworkSecurEdgeNetworks
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Javaterrencebarr
 
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...mfrancis
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco Canada
 

Similar to Automated and secure service activation at the network edge with zero touch provisioning (20)

Network management re-architected as a services incubator
Network management re-architected as a services incubatorNetwork management re-architected as a services incubator
Network management re-architected as a services incubator
 
Creating New Business Services for the IoT With Network Functions Virtualization
Creating New Business Services for the IoT With Network Functions VirtualizationCreating New Business Services for the IoT With Network Functions Virtualization
Creating New Business Services for the IoT With Network Functions Virtualization
 
Introducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118ProIntroducing the FSP 150-XG118Pro
Introducing the FSP 150-XG118Pro
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018   a look at network assurance in dna centerCisco connect winnipeg 2018   a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
 
Customer Presentation - Aruba Wi-Fi Overview (1).PPTX
Customer Presentation - Aruba Wi-Fi Overview (1).PPTXCustomer Presentation - Aruba Wi-Fi Overview (1).PPTX
Customer Presentation - Aruba Wi-Fi Overview (1).PPTX
 
Network Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our Strategy
 
NOD
NODNOD
NOD
 
Secure Connectivity on Every Network Layer
Secure Connectivity on Every Network LayerSecure Connectivity on Every Network Layer
Secure Connectivity on Every Network Layer
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018   sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018   sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Democratizing Network Automation Through Low-Code
Democratizing Network Automation Through Low-CodeDemocratizing Network Automation Through Low-Code
Democratizing Network Automation Through Low-Code
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018   Simple ITCisco Connect Halifax 2018   Simple IT
Cisco Connect Halifax 2018 Simple IT
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform  SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform
 
ICC Networking Value Proposition
ICC Networking Value PropositionICC Networking Value Proposition
ICC Networking Value Proposition
 
ICC Networking Value Proposition
ICC Networking Value PropositionICC Networking Value Proposition
ICC Networking Value Proposition
 
ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2
 
Managing Student Devices on the School Wireless Network
Managing Student Devices on the School Wireless NetworkManaging Student Devices on the School Wireless Network
Managing Student Devices on the School Wireless Network
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Java
 
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...
Service Scenarios and Learnings from the Belgacom EasyHome Lab - Bernard Boël...
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
 

More from ADVA

Industrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockIndustrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockADVA
 
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...ADVA
 
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350  SePRC™ optical cesium clockIndustry's longest holdover with the OSA 3350  SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clockADVA
 
Addressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureAddressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureADVA
 
Precise and assured timing for enterprise networks
Precise and assured timing for enterprise networksPrecise and assured timing for enterprise networks
Precise and assured timing for enterprise networksADVA
 
Introducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandIntroducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandADVA
 
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ADVA
 
Sync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareSync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareADVA
 
Meet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingMeet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingADVA
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkADVA
 
Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...ADVA
 
Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)ADVA
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networksADVA
 
Introducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorIntroducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorADVA
 
Meet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceMeet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceADVA
 
Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™ADVA
 
10G edge technology for outdoor environments
10G edge technology for outdoor environments10G edge technology for outdoor environments
10G edge technology for outdoor environmentsADVA
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networksADVA
 
From leased lines to optical spectrum services
From leased lines to optical spectrum servicesFrom leased lines to optical spectrum services
From leased lines to optical spectrum servicesADVA
 

More from ADVA (20)

Industrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clockIndustrial optically pumped cesium beam clock
Industrial optically pumped cesium beam clock
 
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
The need for GBaaS as GPS/GNSS is no longer a reliable source for critical PN...
 
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350  SePRC™ optical cesium clockIndustry's longest holdover with the OSA 3350  SePRC™ optical cesium clock
Industry's longest holdover with the OSA 3350 SePRC™ optical cesium clock
 
Addressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructureAddressing PNT threats in critical defense infrastructure
Addressing PNT threats in critical defense infrastructure
 
Precise and assured timing for enterprise networks
Precise and assured timing for enterprise networksPrecise and assured timing for enterprise networks
Precise and assured timing for enterprise networks
 
Introducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demandIntroducing Ensemble Cloudlet for on-premises cloud demand
Introducing Ensemble Cloudlet for on-premises cloud demand
 
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
ePRTC in data centers - GNSS-backup-as-a-service (GBaaS)
 
Sync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with softwareSync on TAP - Syncing infrastructure with software
Sync on TAP - Syncing infrastructure with software
 
Meet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networkingMeet stringent latency demands with time-sensitive networking
Meet stringent latency demands with time-sensitive networking
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical network
 
Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...Optical networks and the ecodesign tradeoff between climate change mitigation...
Optical networks and the ecodesign tradeoff between climate change mitigation...
 
Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)Trends in next-generation data center interconnects (DCI)
Trends in next-generation data center interconnects (DCI)
 
Open optical edge connecting mobile access networks
Open optical edge connecting mobile access networksOpen optical edge connecting mobile access networks
Open optical edge connecting mobile access networks
 
Introducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchorIntroducing Adva Network Security – a trusted German anchor
Introducing Adva Network Security – a trusted German anchor
 
Meet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation deviceMeet the industry's first pluggable 10G demarcation device
Meet the industry's first pluggable 10G demarcation device
 
Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™Introducing ADVA AccessWave25™
Introducing ADVA AccessWave25™
 
10G edge technology for outdoor environments
10G edge technology for outdoor environments10G edge technology for outdoor environments
10G edge technology for outdoor environments
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networks
 
From leased lines to optical spectrum services
From leased lines to optical spectrum servicesFrom leased lines to optical spectrum services
From leased lines to optical spectrum services
 

Recently uploaded

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 

Recently uploaded (20)

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 

Automated and secure service activation at the network edge with zero touch provisioning

  • 1. Automated and secure service activation at the network edge with zero touch provisioning April 10, 2018
  • 2. © 2018 ADVA Optical Networking. All rights reserved.22 Empowering the network edge – secure, zero touch service delivery Physical and virtual network edge Secure networking Zero touch operations Cloud-native hosting Openness and assurance Aggregation Hand-overDemarcation Virtual appliance hosting Programmable edge services CE 2.0 and IP services Ensemble NFV software solutions Metro network FSP network management suite
  • 3. © 2018 ADVA Optical Networking. All rights reserved.33 NFV and SDN create business opportunities but adds complexity  Relieve provisioning work load Minimizing manual processes for faster innovation and lower production cost IoT and 5G increase the number of intelligent edge devices  Minimize cost of installation Configuration but also functionality of edge devices need to adapt to changes  Automated configuration/provisioning Site visits create cost and take time; manual configuration is failure prone  Reduce need for human input Intelligent edge devices Time to revenue Increasing complexity High number of devices What’s driving the need for zero touch operation? Motivation: Automation at the network edge
  • 4. © 2018 ADVA Optical Networking. All rights reserved.44 Manual steps: - Install device - Plug in network connection - Power it up Automated processes: - Network connectivity - Upload/install software updates - Load and activate configuration - Service test and activation High-volume products need to self-start without human intervention Zero touch service activation Simplifying operations
  • 5. © 2018 ADVA Optical Networking. All rights reserved.55 • Human-driven activation and commissioning: security relies upon skilled and trustworthy field engineers • Automated provisioning: security mechanisms are needed to mitigate lack of human control Automation needs to come with security controls mitigating new attack vectors Elimination of manual processes increases attack surface Threat landscape at the automated edge Cloud and internet access Rogue user installs manipulated device Fake server provides corrupted firmware Malicious software installed during shipment
  • 6. © 2018 ADVA Optical Networking. All rights reserved.66 Vendor • Provides hardware and software • Runs private CA for own products and servers Service provider • Runs NOC • Operates software server with boot-images, config Public CA creates certificates for vendor and service provider (optional) Edge devices need to be securely authenticated and provisioned Three stakeholder model: vendor, service provider and CA Use case: Zero touch provisioning Communication service provider’s NOC Software server Untrusted connectivity network On-premises edge device Certification authority (optional, not considered in the following, simplified case)
  • 7. © 2018 ADVA Optical Networking. All rights reserved.77 The device requests a secure connection to Ensemble authentication server The device knows the server’s IP address and has trust anchor certificate of server Trust relation established with mutual authentication Mutual authentication ZTP with FSP 150 ProNID and Ensemble authentication server #1 UNI Service provider access/core network DHCP File Server
  • 8. © 2018 ADVA Optical Networking. All rights reserved.88 Creating a device identity: entering UID and credentials Using the UID as a key the correct onboarding information is sent to the NID With established trust relation and secured connection, the onboarding information staged on the server might be unsigned Device authorization through User ID (UID) ZTP with FSP 150 ProNID and Ensemble authentication server #2 UNI Service provider access/core network DHCP File Server
  • 9. © 2018 ADVA Optical Networking. All rights reserved.99 The onboarding information contains configuration information as well as post- configuration script NID uses down ECPA on network port to test the connection The PE‘s port facing the NID is preconfigured with facility loopback on and will loop back ECPA test frames Post-configuration script to test the physical bearer Automated service pre-activation testing UNI Customer xyz PE ECPA
  • 10. © 2018 ADVA Optical Networking. All rights reserved.1010 Automated device configuration and activation of business services Zero touch instantiation of virtual network functions with uCPE Applicable with electrical and optical products ZTP is a unifying feature across our wider product portfolio Automation is widely applicable Demarcation Virtual appliance hosting Programmable edge services High bandwidth business access FSP network management suite
  • 11. © 2018 ADVA Optical Networking. All rights reserved.1111 Eliminating time- consuming and failure- prone manual processes Cryptography becomes essential competence for ZTP as well as IoT Available with FSP 150 and Ensemble software solutions Improving network security and operational efficiency with ZTP Standard compliant for easy integration Summary: ZTP, an essential step towards ZT operations
  • 12. Thank you IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright © for the entire content of this presentation: ADVA Optical Networking.