Dual Cisco CCIE #18532 Security/R&S - George Morton, argues that by moving from high-end T1 MPLS-VPN services to DSL/Cable access services, a company's monthly network communications cost will be reduced.
At the same time, Morton believes with DSL/Cable services having up to 18Mbps of download availability, the move to cloud computing is more reasonable and will impact the entire IT business case for cloud computing.
Morton also reasons that by offering multiple paths to branches with download availability up to 18Mbps per circuit, you could move Active Directory, Exchange services, file sharing, digital training and database services over multiple links to the cloud, reducing both edge operating and network access services costs.
For those networks that require all Internet traffic to be managed at the data center, Morton says DSL/Cable with the Cisco 1811 makes sense.
Morton's design would route all requests over the DMVPN-mGRE. With download speeds of 18Mbps, Internet access at the branch would run faster than traditional T1 services. For those companies that need Quality of Service there are many options, multiple pipes with QoS for voice dedicated to one uplink and data services on the second link.
According to Morton, the end game is to evaluate DSL/Cable for all remote connections to the data center and headquarters. The savings he believes, will not only be on hardware and network services, but also the ability to expand data center options in order to reduce costs while increasing productivity in branches.
Finally, to make any progress in reducing T1 costs, Morton believes the following DSL/Cable myths need to be busted once and for all:
Myth 1: DSL and Cable are only for homes and small businesses, because they don't scale and aren't reliable.
|DSL and Cable are for the most part transmitted over fiber SONET rings like T1 service. Higher speed DSL and Cable require shorter loops than T1 and can be more reliable because of the shorter copper loops than traditional T1.|
|AT&T U-Verse is under 3,000 feet from the VSLAM. The VSLAM is serviced by fiber in a SONET ring.|
|Verizon is fiber to the building with FiOS. So you have fiber end-to-end.|
|Comcast and others are moving from the cable digital standard DOCSIS 2 to DOCSIS 3. With DOCSIS 3 the fiber like AT&T is in the neighborhood and co-axial cable is used for the last mile to the building.|
|If you choose two providers to bond up stream services and create higher reliability you will have two very unique paths from the building to the Internet. Everything will be redundant at N+N. T1 service is a unique end-to-end path, but adding a second T1 does not provide a unique secondary path, just a redundant link.|
|Slow and unreliable bandwidth. This is true for low end residential DSL and Cable. With as many as 900 subscribers per 1Mbps it is likely that you would find many slow periods. With advanced business DSL, FOiS and Cable DOCSIS 3 the available bandwidth is still shared but with 18Mbps down and 2Mbps up the speed of bandwidth plus the carrier requirements for VoIP, IP-Video, etc. expand the availability of bandwidth for the business.|
|Truth is that DSL/Cable is just cheap and no one makes a big profit selling it. The carriers are happy that you order it, but the sales margins prohibit your direct sales force from having you flip a 20 T1 MPLS-VPN from $11,000 a month to a $1,800 a month order that has a month-to-month or one year term.|
|T1’s are more reliable, yes, in part because they are at lower speeds than DSL or Cable. The interesting thing is that almost all T1 service is HDSL. Yes, T1 service for most copper installation since the 1990’s has moved from expensive repeaters and careful cable studies to what is called High capacity DSL, or HDSL. So you T1 is just a symmetrical DSL circuit.|
|It is true that the FCC requires the old Bell System to report its T1 outage and that the repair needs to be under 4 hours for 95% of all T1 outages. With the competition heating up in the DSL/Cable G3/G4 cellular, WiMax; market failures for business class DSL/Cable is unacceptable if market share is to be maintained or grown.|
Myth 2: No one is doing this.
|Yes they are. The Federal Reserve has moved from complex Cisco routers with T1 service to Cisco low end routers (ISR 1811) with DSL. Sorry if it's good enough for your money it's good enough...|
|McDonald’s and the rest of the fast food industry discovered that T1 service to each store was cost prohibitive. Higher-end restaurants are still running T1 service, but Morton expects not for long.|
|Retail is migrating to DSL for inventory and credit card processing. High-end is still T1 but with the expected savings the migration has to start.|
|Banking has started to move, diversity and AES-256 encryption.|
Myth 3: If this was a good idea why didn’t my VAR, Cisco Rep and/or telephone people tell me about it?
|All three will tell you it won’t scale. It does. The Cisco 1811 can provide 100Mbps of firewall stateful inspection, 40Mbps of VPN services and 50 VPN tunnels at the same time without WiFi for around $800.00. All managed by Cisco SDM software.|
|DMVPN-mGRE has been tested in networks with 10,000 nodes connecting to multiple diverse hubs.|
|It is true that an $800.00 design will not support the Cisco Call Manager software, but you can upgrade the unit to a router that supports your Call Manager requirements.|
|If you're lowering your network from a Cisco 2811 with a Cisco 2960 switch for eight users for thousands verses an $800 solution with eight switch ports you can understand why. The price is simply too low to present to you by your Cisco VAR.|
|The price change from $550.00 to $85.00 per circuit is substantial. So much so, that no one at the phone company who values their job would want you to cut your costs by that much.|
|A Cisco VAR’s maintenance and configurations reflect the value of the Cisco equipment being sold. A CCIE would be an expensive person for this assignment. With the CCNA Security program, Cisco is enabling CCNAs to perform the entire setup with the SDM:
Secure the 1811 with the SDM is press the AUTO Secure button.
Configure the firewall service with the SDM.
Dynamic VPN – multipoint GRE tunnel from the branch to corporate users with the VPN wizard.
The Quality of Service can be done with the QoS button.
Open Shortest Path First, routing wizard
Dual WAN connectivity with the SDM.
|The Cisco 1811 is now standard on the Cisco CCIE Security Lab with IOS 12.4T.|
|The Cisco 1811 IOS 12.4 with SDM is the standard for Cisco CCNA – Security Labs.|
|The 1811 expands to 384Mbps of DRAM and 128Mbps of Flash.|
|Ten ports, two WAN, eight switch supporting 8 VLAN’s all fully managed.|
Myth 4: I can’t make it work like I want it to, because Cable/DSL does not do...
|There is no all in one box that supports DOCSIS 3.0 or the newer DSL services. So what. The design for the 1811 is two WAN Fast Ethernet ports. One port connects to the Cable modem, and one port connects to the DSL modem. With this design, the carrier has the ability to troubleshoot the circuit to the modem. Just like a Smartjack on a T1. As your ISP increases the performance of your connection you can just change out the Cable/DSL modem box, no router change.|
|If you are not running OSPF, RIP, EIGRP, or yes BGP that supports multi-pathing, you still can have a primary and secondary path. With the Cisco IOS 12.4 you can use the Cisco protocol IP-SLA to monitor the two links and provide failover from DSL to Cable in the event of a single circuit failure.|
|VoIP, yes you can, the issue is that you are traversing the Internet not a private line. VoIP will vary based on the number of connections. This should be tested before deploying. For 911 services your users must have access to 911 services on any phone. This could move your VoIP/IP-Phone solution to a larger router that supports POTS service.|
What's your take, is George Morton on to something here?
Brad Reese cofounded BradReese.Com Cisco Refurbished, which enables affordable Cisco networks globally by assuring customer satisfaction with guaranteed one year warranties on both Cisco Repair as well as Refurbished Cisco.
Don't be shy, contact Brad Reese online or call him at 717-707-0704.