Networking de empresas

UC&C

Computación en nube y centros de datos

Gestión y herramientas

Wireless

Industrias

Redes ágiles

Computación en nube y centros de datos

UC&C

Red privada inalámbrica

Casos de estudio

Soporte de productos

Descargas de software

Servicios de partner de canales

Soluciones de servicio

Soporte técnico

Capacitación de Huawei

Certificación de Huawei

Partners para las capacitaciones

Academia de red

Acceder a la capacitación como visitante

Cómo ser un partner

Pedido

Marketing

Material de soporte

Soporte

Evaluación

Noticias

Eventos

Página Anterior!

Prompt

No ha iniciado sesión o no esta autorizado!

Página Anterior

Solución extranet de e-Government a nivel distrito

Chinese e-Government extranets already cover provincial and municipal networks. County-level networks are the next stage of network development, and a unified network development solution is needed to facilitate Chinese e-Government extranet development.
This paper explores the requirements and challenges of existing county-level networks and summarizes the e-Government network features necessary to provide a dedicated network development solution.

Requirements and Challenges

  • Existing county-level e-Government extranets face the following challenges:

    • The extranet connects to multiple departments, such as the departments of education, public security, finance, construction, audit, statistics, agriculture, water supplies, and civil affairs.


    Access points are widely scattered. Some are centralized in central business districts, while others are scattered in remote areas.


    Connected networks are complicated.


    The extranet is required to provide access interfaces for upper-level departments, departments at the same level, local enterprises and organizations, and other public networks.


    The extranet must connect to lower-level network systems that lack dedicated network links and specialized network maintenance personnel.


    Existing e-Government extranet systems have many other problems, such as scattered resources, duplicate construction, various platforms, difficult maintenance, a lack of specialized network maintenance personnel, and poor network quality.


  • The public has the following requirements:

    • Services anywhere at any time


    Quality of Service (QoS)


  • County-level departments have the following requirements:

    • Reliable and flexible network access


    Backup network links and multiple upstream links


  • Government departments have the following requirements:

    • Security protection for background Metropolitan Area Networks (MANs)


    High network reliability and quick recovery mechanism


    Secure data exchange, information sharing, and network access


  • Civil servants have the following requirements:

    • Access to the office network anywhere at anytime


    Video, voice, and office service QoS


    Secure access to e-Government networks



Huawei Solution

Network Solution

The Huawei's e-Government extranet county-level network can be classified into an access layer, backbone network, and egress area.


The access layer enables network access from county-level and lower-level government department networks. Networks that connect via private lines can use Synchronous Digital Hierarchy (SDH)/Multi-Service Transport Platform (MSTP), Asymmetrical Digital Subscriber Line (ADSL)/High-speed Digital Subscriber Line (HDSL), and 3G Virtual Private Dial-Up Network (VPDN), while networks that connect over the Internet can use ADSL, xPassive Optical Network (xPON, 3G/LTE, and Wi-Fi. Government departments can also develop new private lines for network access. County-level government organizations can use two or more links to enable link backup. Remote organizations and government departments can use wired and wireless network access. A wireless link can be used to back up or replace the wired link if onsite cabling is difficult.


The backbone network uses a pair of core routers to connect access points. E-government networks use the unified egress to connect to upper-level e-Government networks. The backbone network uses a dual-node and dual-link design to ensure system reliability.


e-Government extranets connect to the Internet and municipal government networks using unified egress.


Figure 1:County-level e-Government network architecture


This solution features large network capacity, wide coverage, and high scalability.


Large counties have a high number of scattered access units, requiring the backbone network to have a ring or mesh networking solution with larger capacity. In this solution, the backbone network has multiple nodes connected to each other in ring, mesh, or full mesh mode and connected to the nearest backbone network segment. The network uses the unified egress; therefore, when there is considerable distance between two network nodes, users are advised to use fibers or optical devices to transfer data.


Figure 2:Large-sized county-level e-Government network architecture


The following devices are recommended:


  • Backbone network devices: NE20E-X6 (county-level government), NE40-E-X3 (medium-sized network), and NE40E-X8 (large-sized network)
  • Access devices: AR G3 AR 3200, AR 2200, and AR 1200 series multi-service integrated access routers, or S9700, S7700, S5700, and S3700 series high-end switches.


Comprehensive Security Protection Solution

County-level e-Government extranets have multiple access units and present complicated network conditions. To address growing threats to network security, e-Government extranets need more sophisticated security protection systems.


Huawei provides a comprehensive network security protection solution that covers the firewall, Intrusion Detection System (IDS), and Intrusion Prevention System (IPS) linked security protection, virus and Trojan horse detection, traffic control and analysis, network exception control, egress management, security protection for egress web-based applications, and Terminal Security Management (TSM).


Figure 3:Comprehensive security protection solution architecture


Service Isolation Solution

The e-Government network bears the services of multiple departments. Services must be isolated from each other to ensure service security. Huawei uses Virtual Private Network (VPN) technology to isolate services for different departments. The backbone network uses Border Gateway Protocol (BGP) and Multi-protocol Label Switch (MPLS) VPN to perform vertical and horizontal services isolation. Remote sites use IPSec and L2TP VPN to access the network. Secure Sockets Layer (SSL) VPN can be used to implement remote or mobile office.


Figure 4:Service isolation solution architecture


Network Migration Solution

County-level e-Government extranets integrate network resources that belong to different departments and service systems; therefore, development and access requirements vary with networks. As a result, e-Government extranets require a smooth transition and upgrade solution.


Figure 5:Network migration solution architecture


Unified O&M Solution

The e-Government network solution involves multiple network devices and various servers, which requires unified network management. Existing networks use devices provided by different vendors; therefore, the solution must support unified third-party device management.


The Huawei eSight unified network management platform:


  • Provides differentiated services to meet users' requirements.

    • The solution uses different versions of the eSight to meet customers' management and commercial requirements.


    The secondary development platform and Application Programming Interfaces (APIs) meet enterprise customers' integration and tool customization requirements.


  • Manages various network devices.

    • The eSight supports unified management of IP and IT devices provided by different vendors, which reduces network management costs.


    Customers can deploy devices in batches, which improves system operation and maintenance efficiency.


  • Supports visual network management.

    • The eSight uses the Service Level Agreement (SLA) protocol to enable visual service quality management.


    The eSight supports visual Wireless Local Area Network (WLAN) management and wizard-based configuration.


    The eSight uses the MPLS VPN to perform unified network management, enabling users to perform fault diagnosis with simple mouse clicks.


Highlights

The solution has the following highlights:


  • Multi-level networks and various network access modes

    • The solution features optimal MPLS VPN capabilities, vertical interconnection, horizontal data sharing, and wired and wireless (including 2G, 3G, Wi-Fi, and LTE) network access.


  • Comprehensive and highly reliable

    • The solution features equipment-level, network-level, and service-level reliability.


  • Comprehensive network security protection solution

    • The solution has the comprehensive network security, intrusion detection, and intrusion prevention systems.


  • Visual network management and easy maintenance

    • eSight manages devices from different vendors and supports visual network management for system operation and maintenance.


  • Optimal user experience

    • A quick recovery mechanism and optimized traffic control ensure optimal voice and video service user experience.



Customer Benefits

The solution provides the following customer benefits:


  • Advanced MPLS VPN services enable vertical connections between upper-level e-Government and county-level extranets.
  • A unified IPSec VPN access gateway enables remote site access.
  • Unified operation and maintenance reduce management costs and improve work efficiency.
  • Service collaboration and mobile office connect government departments, optimize workflows, and improve government reputation and public satisfaction
  • More communication channels enhance interconnections between citizens and government departments, improve economic environments, and attract foreign investments.

Technology TopicsMas