Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Extranet takes China's e-government nationwide TextStart A standardized, nationwide, and fully connected e-government extranet is providing China with a solid platform for intensive e-government applications and optimized administrative efficiency. Since e-government made its debut in China some twenty years ago, many local government departments have deployed their own e-government infrastructure. However, the isolated nature of local authorities has largely prevented applications from being deployed by more than a single department or region. A unified, cohesive, and national extranet is therefore necessary to achieve the efficiency promised by e-government. In December 2009, China's State Information Center completed Phase I of the National e-government Extranet Project, which connects 400,000 terminals and the e-government systems of 70 central departments, and more than 10,000 local ones. The Extranet places all these units under the direct administrative control of the central government. Covering most parts of the country, this project represents the largest e-government Extranet in China both in terms of organization and geography. Internally, the e-government Extranet forms a reliable and secure administrative platform. Externally, it bridges web portals and e-government application systems, and facilitates the role of the government as a unified public service provider. Four factors are crucial to constructing an effective e-government Extranet: security, interoperability, quality of transmission, and network management. Controllable, visible, and credible Ensuring the integrity and security of government data is of paramount importance, given that failure to do so could undermine national security. To achieve this, Huawei has adopted a three-tier concept for e-government Extranet solution: controllable, visible, and credible. Controllable: User access to resources is limited by prior authorization, and lean traffic management is realized through NetStream and traffic cleansing. Events that threaten information security are detected and prevented, and unauthorized terminals are isolated from the e-government Extranet through the Access Control List (ACL). Controllability also covers bandwidth management, traffic delivery, and data prioritization. These features combine to realize an efficient and fluid top-down and edge-to-edge traffic stream. Visible: Traffic is comprehensively analyzed based on either application or user, and network-wide trends are clearly displayed through a graphical NMS. Complete system visibility allows administrators to detect and combat traffic abnormalities and security protocol violations in real time. Credible: Authentication control is unified to prevent hackers from intercepting, changing, or sending data using forged or stolen IDs. IP Security (IPsec), Secure Sockets Layer (SSL), and powerful encryption algorithms fully safeguard data during transfer. Top-down and edge-to-edge The e-government Extranet underpins the IT application systems of networked government units. The mature, flexible and scalable MPLS VPN features an elegant top-down and edge-to-edge organizational frame. China's five administrative levels – national, provincial, prefecture, county, and town – are linked top down to achieve a coherent and transparent chain of command. In turn, the edge-to-edge structure laterally joins administrative units at the same level to unify the nationwide provision of one-stop civic management services. Flexible: To enable precise and smooth data movements, the solution is designed to separate e-government applications of different levels, and connect those of the same level. Central government, local authorities, and State Council(China's chief administrative authority) agencies realize this structure by applying the Huawei MPLS VPN over their intranets. Supporting inter-site point-to-point, full-mesh, and star networking, the Huawei solution can deploy vertical, horizontal, Layer 2, and Layer 3 VPNs. Scalable: Previously, the fragmented deployment of the e-government project at various levels created a system of vertical efficiency and horizontal inefficiency that satisfactorily connected the central government with local authorities top-down, but isolated local departments at the same level. The MPLS tunnels connect all government departments based on a scalable data-carrying platform with a multilayer label stack. With each layer of labels supporting up to one million connections, the MPLS fully integrates the e-government Extranet, creating solid connections both vertically and horizontally. Mature: With nationally significant applications at stake, the e-government Extranet must employ a network technology that is proven in the field. Current MPLS VPN technology is mature, and this has been evidenced through several years of application in the mainstream networks of operators and enterprises. Underpinned by extensive experience in massive deployment scenarios and MPLS VPN management, Huawei can easily support the efficient running of applications over the e-government Extranet. Smooth transfer optimizes user experience The e-government Extranet carries a range of services and applications for State Council agencies, including data transmission, videoconferencing, and video surveillance. However, these place high requirements on the bearer network; for example, end-to-end and point-to-point failback must be completed within 200 milliseconds and 50 milliseconds respectively. Breaching these times compromises the integrity of VoIP and interrupts video streaming, which impairs data service QoS and videoconferencing QoE. Troubleshooting and failback Huawei's end-to-end troubleshooting and rapid failback mechanism for the e-government Extranet is widely applied to the backbone networks of various-level MANs to safeguard services and applications. The BFD protocol accelerates all routing protocols, Ethernet OAM, VPN fast rerouting (FRR), TE-FRR, VLL-FRR, and detection and failback. The mechanism applies these features to network faults occurring in any scenario and topology, and meets the 200-millisecond and 50-millisecond failback requirements for emergency communications, videoconferencing, IP calls, and key data services. Video optimization Videoconferencing has evolved from standard to high definition, though limited bandwidth forces ISPs to use high compression ratios for data and video streams. Losing even a small amount of streaming data on the bearer network during a videoconference can result in mosaic display, asynchronous voice and images, image stagnation, frozen frames, and black screens. To prevent this, Huawei's network equipment intelligently identifies video traffic and stores key data I-frames in video streams encoded with MPEG-2 or H.264, retransmitting I-frames if any are lost accidentally. This ensures the integrity of the video stream, and significantly improves videoconferencing QoE. Enhanced QoS Different departments and IT applications have differing requirements for network delays, packet loss, and jitter. For example, an emergency communications system is of higher priority than other systems, video and voice services have priority over data services, and key data services are more important than ordinary data services. Huawei's Hierarchical QoS (H-QoS) technology easily solves transmission quality issues for various applications. Supporting 128,000 application streams, it independently assures bandwidth for each application, guarantees statistical division multiplexing (SDM) for multiple application streams, and ensures high-quality transfer across the emergency command system. For example, in response to the 2008 earthquake in Sichuan, the State Council's Office of Emergency Management could rapidly transfer data and video images to officials at the Emergency Command Office and to Premier Wen Jiabao in real time, thus providing crucial network support for disaster relief. Fast deployment and easy management The e-government Extranet incorporates multiple users and applications, thus ease-of-use (EOU) and simple maintenance are vitally important. Visible and automated management is necessary to facilitate rapid application deployment and fault detection, and unify the management of all network resources. Visualization: Network planning is streamlined and efficient, which simplifies and accelerates configuring data; analyzing traffic; detecting anomalies; locating, isolating, and fixing faults; and outputting reports. Automation: Automated network management includes an intelligent fault management system that analyzes massive amounts of fault alarms, identifies how they correlate, allows higher-level alarms to repress lower-level alarms, and automates configuration and upgrades for newly deployed equipment and terminals to realize plug-and-play functionality. Usability is improved and users can identify and rectify faults quickly and easily. Unified management: The NMS can be deployed in modules to manage data, user access, and optical network equipment. Modules include the following systems: application management, traffic analysis, Internet behavior management, desktop security, and security authentication. These can be deployed as required to suit a specific scenario. Supporting third-party network interfaces, Huawei's unified NMS can interwork with other mainstream management systems to unify the management mechanism. The e-government Extranet enables local government networks to connect with the central government network and run smoothly. The solution creates a basic environment that integrates government resources at all levels, creates a fluid information-sharing platform, and coordinates applications. TextEnd