|
Problem
Are you prepared to be audited by NERC based on your compliance with CIP mandates? The financial implications of the large fines associated with NERC's cyber security standards - now mandates - are substantial. Fines can be assessed up to $1 million per instance, per day. If that number has your head spinning, now is the time to take control and make sure your network security measures are in compliance. To help you achieve this goal, Coastcom has been working with major Utilities and other suppliers that manage critical networks to address NOC control and security issues.
This application note explains one way to approach that process. While there are a number of solutions available, we can tailor a solution to a specific network.
Solution
This solution outlines the required support of full VT1.5 bridging and selection, across any of the optical facilities (OC-3/12/48/192), or a hybrid of optical and electrical facilities (DS1/DS3 TMUX). This feature also needs to be automatically revertive (i.e., when a failure has been cleared, the system will revert back to the original state). The feature should be supported across the entire VT1.5 matrix in the systems. Through this feature, the customer will be able to replicate all DS1 facilities across the network to two diverse data centers. This will allow for the two data centers to be active with one being primary. DS1 transmission will be broadcast to both data centers from the remote sites, but the primary data center will be the only data center transmitting to the remote sites. Only when there is a failure to the primary data center or the links connecting to the primary data center will the system allow the secondary data center to transmit to the remote sites.
The VT1.5 circuit is built in such a way that each node (both Remote and NOC-1) has a working and protect service built from the DS1 module (the source) to each of the optical ports going out to the ring. When one path is cut, the selector in the DS1 module (again, the source of each of these services) switches from the cut (working) optical path to the other (protect) optical path.
When either path is cut, the selector in the DS1 module of the nodes switches from the working path to the protect path out the other optical trunk port on the ring. This is a SONET, sub-50ms switchover. If the working path is restored, the selector will then switch back to the working path after the revertive time out has passed. This is also a SONET sub-50ms switchover.
The NOC-2 node is configured differently than the rest of the nodes in the ring. The VT1.5 circuitat the NOC-2 node is built from the East bound optical module (GCM w/oc48 optics in this case), and not the DS1 module as on the other nodes. The selector for the VT service resides on this optical module in this node.
When both the working path (Span 1) and protect path (Span 3) are cut, the VT1.5 selector on NOC2 east port (slot 16 port 1) receives an AIS from span 3 and switches to the tributary drop DS1 port (S2/P1). When span 3 is normalized, then it will switch back to this working path on the westbound optical port after the revertive time out (this is a sub-50ms switchover). This solution will satisfy compliance with NERC/FERC disaster recovery regulations.
Coastcom offers cost-effective products that range from T1 channel banks to Ethernet over SONET, MSPP that includes CWDM and DWDM platforms, and wireless Ethernet radios. This range of solutions makes it possible for Coastcom to create a cost-effective solution for Access or last mile connectivity. It also allows for security and disaster recovery requirements in any network. Choose Coastcom, be secure.
|
