Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dennis Kirchoff ANX Development Leader Dealer and Supplier Infrastructure Telecommunications Services Information Technology Infrastructure AIAG AUTO-TECH.

Similar presentations

Presentation on theme: "Dennis Kirchoff ANX Development Leader Dealer and Supplier Infrastructure Telecommunications Services Information Technology Infrastructure AIAG AUTO-TECH."— Presentation transcript:

1 Dennis Kirchoff ANX Development Leader Dealer and Supplier Infrastructure Telecommunications Services Information Technology Infrastructure AIAG AUTO-TECH 2003 Conference August 28, 2003, Cobo Conference Center, Detroit, Michigan ANX Network Status and Direction

2 2 Presentation Topics l Ford ANX Network Versus Public Internet Usage l Ford ANX Network & Applications Status l Ford ANX High Availability Enhancement Plans l ANXTunnelz Service Model Approach to IPSec Technology Management l ANXTunnelz Subscription Process and Ford ANX High Availability/ANXTunnelz Migration Process l Ford Support for Supplier Connections to Ford

3 3 Ford – ANX & Public Internet Usage l Use the ANX network for Business Critical applications that require: u Low latency, high performance u High availability u End-to-end accountability u Real-time performance u High service quality l Use the Public Internet for applications that are not Business Critical and do not require: u Low latency, high performance u High availability u End-to-end accountability u Real-time performance u High service quality OR u ANX is not affordable or not available

4 4 Ford ANX Network Status l Ford has ANX connections to two ANX CSPs: u AT&T and SBC u Two DS3 circuits each running at 20 to 25 Mbps u Engineered to maximize diversity, basis for fail-over design l Ford ANX network usage: u Exchanging production data with 784 trading partners (TPs): 644 gate-to-gateway VPNs (TP has a dedicated connection) 140 client-to-gateway VPNs (TP has a dial connection) u Primary applications are CAD/CAM/CAE/PIM, mainframe access, and high volume batch EDI u New applications: logistics support and financial transactions

5 5 Ford ANX Network Use for JIT Logistics l At some plants, logistics providers supporting assembly plant operations connect to Ford via the ANX network l If the provider has a corporate ANX connection and a robust internal network infrastructure, critical Ford traffic rides over the providers intranet l If the providers internal network infrastructure does not meet Ford availability/reliability criteria, the provider connects his site to the ANX network, so that critical Ford traffic bypasses his intranet l Lesson: A TPs intranet infrastructure can be critical for some Ford business processes

6 6 Ford EDI Deployment on ANX l Global Electronic Commerce (GEC) Hub has replaced SOLMIS for EDI at Ford u Bisync network access for EDI ends Jan. 1, 2004 u Move to TCP/IP =>Major improvement in reliability & transmission speed ( times faster) l Supported transport mechanisms: u FTP (machine-to-machine batch file transfer) u HTTP (web forms for interactive low-volume submissions) u No plans for support of AIAG E-5 message routing standard l Ford connects with four EDI VANs via ANX network

7 7 Additional Ford ANX Initiatives l Supplier access to Ford using the Raptor Mobile client-VPN system has been phased out, TPs now using Ideal/LDMI ANX dial service l FDX (Ford Data Exchange) from AutoWeb Communications, Inc. will be used for file transfers because FTPPAHs (FTP Properly Administered Hosts) are being retired u Initial rollout focused on Ford ANX TPs u Now also available via the public Internet u More info at: or

8 8 Ford ANX Network Enhancement Plans l SLAs with our business customers drive Ford usage of the ANX network: u SLA from ANX CSPs/ANXeBusiness for network transport u No SLAs available for the IPSec tunnels with Fords ANX TPs - need end-to-end management of the IPSec tunnels l Need to address high availability issues and increasing technology management costs l 3 projects address these issues: u Dynamic Routing BGP peering with our ANX CSPs u Highly Available Firewalls CP FW1 on Nokia appliances u Highly Available VPNs IPSec tunnel management service

9 9 High Availability ANX for Ford l Design objectives: u Eliminate single points of failure for ANX network connectivity u Automatically fail-over to alternate connectivity or redundant elements should an access line or an element fail u Achieve some level of load sharing u Utilize proven best practices in place on the Internet today l In addition, the solution needs to eliminate IPSec device/product interoperability issues between Ford and ANX TPs with dedicated network connections u Gateway-to-gateway VPNs over ANX need high availability, reliability, robustness, and single accountability u Eliminate diversity of IPSec products Ford needs to deal with u Centrally manage all IPSec devices, including S/W upgrades u IPSec interoperability not an issue for TPs with dial access

10 10 Legacy ANX Access Infrastructure

11 11 Access for Gateway-to-Gateway VPNs

12 12 Migration from Old to New ANX Access l Ford is requiring its ANX TPs with gateway-to-gateway VPNs to Ford to migrate to the new ANX access infrastructure as soon as possible l No new connections to the legacy ANX access infrastructure after October 1, 2002 l New Ford ANX infrastructure is in production with 117 Ford trading partners, most were migrated from legacy ANX access, some are new Ford ANX TPs l An additional 214 Ford TPs have subscribed to ANXTunnelz and are at various stages in the migration process

13 13 Migration from Old to New ANX Access l Ford ANX TPs need to subscribe to the ANXTunnelz service from ANXeBusiness in order to access the new infrastructure l A letter to targeted Ford ANX TPs covering these changes was sent on November 25, 2002 u Signed by TCS, C3P, Purchasing, Ford Financial IT managers l Follow-up s were sent in March, April, and July l Ford TPs should subscribe to ANXTunnelz by September 30, 2003

14 14 Migration from Old to New ANX Access l High Availability solution for Ideal/LDMI ANX dial service access to Ford is under development l Ultimately, all analog dial ANX access will be consolidated on one High Availability firewall u Dial ANX TPs on the four legacy firewalls will be moved to one new HA firewall u Some TPs may need to do a minor migration (IP address change) l All four of the legacy ANX firewalls will be removed from service as soon as possible

15 15 Legacy Ford ANX IPSec Environment ANX CSP/ANXeBusiness Network Transport SLA Ford Network Trading Partner Network IPSec Gateway IPSec Gateway Ford ResponsibilityTP Responsibility RRFW - Multiple IPSec Products from different vendors - Interoperability promised, but not really there - Each TP manages IPSec gateway differently - SLA for end-to-end tunnel management impossible

16 16 New Ford ANX IPSec Environment Ford Network Trading Partner Network ANX CSP/ANXeBusiness Network Transport SLA IPSec Gateway IPSec Gateway IPSec Tunnel Management Service SLA Ford Responsibility TP Responsibility RRFW - The service has sole responsibility for IPSec interoperability - Interoperability based on use of IPSec products from one vendor - The service provides uniform version control for IPSec products - The service provides SLAs for end-to-end tunnel management

17 17 ANX IPSec Tunnel Management Service l Ford developed a statement of work covering SLA, IPSec functionality, monitoring, maintenance, notification, reporting, and change control requirements l Designed as an ANX community, not a Ford, solution l In 2002, Ford signed a contract with ANXeBusiness for ANXTunnelz, their IPSec tunnel management service, for Ford and 500+ of its ANX TPs who have dedicated connections

18 18 ANX IPSec Tunnel Management Service l Ford wants this to be as painless as possible for ANX trading partners with dedicated network connections u Great majority of Ford ANX TPs have a T1 or lower bandwidth dedicated connection u For a T1 connected TP, price for first year will be $240; in following years, price will be $240 + $250 H/W maintenance fee u Higher bandwidths or HA may increase the initial, first-year cost and annual maintenance costs u Ford sponsorship of a TP waives a $3000 ANXeBusiness installation charge for the TP

19 19 ANXTunnelz Subscription Process Registration: Trading Partner registers and accepts contract via ANXTunnelz web site Site Assessment: ANXeBusiness completes site assessment with TP via phone and Hardware Configuration and Shipment: ANXeBusiness configures hardware using specifications from site assessment and ships to TP Hardware Installation: ANXeBusiness works with TP contact to complete physical and network installation of hardware Hardware Operational: ANXeBusiness completes installation - hardware is now managed using ANXTunnelz software Network Accessible: ANXeBusiness is able to access the hardware over the ANX network

20 20 Ford ANX HA Migration Process l ANXeBusiness will schedule TPs for migration from the old to the new Ford HA access infrastructure l Ford TPs start the process by subscribing to the ANXTunnelz service at l Initial migration rate will be 10 per week: u Monday through Friday except for Ford company holidays u One in the morning, one in the afternoon each day u A rework window is available at the end of each day u Investigating ways to increase migration run rate l Process designed to minimize impact on production

21 21 Ford ANX HA Migration Process (cont.) l Using data from ANXeBusiness, prior to the scheduled date and time for a TPs migration: u Ford GSEC updates its database for the TP u Ford GSEC causes firewall rules from old infrastructure to be copied to firewalls in new infrastructure u Ford GSEC updates Ford Helpdesk on the plan u Ford GSEC schedules change of static route within Ford l During the one hour scheduled migration window: u Existing application connectivity is demonstrated u ANXeBusiness implements changes with the TP at the TP site u Ford swings a static route from the old to the new access infrastructure u Application connectivity is demonstrated to prove success

22 22 Ford ANX HA Migration Process (cont.) l If the migration cannot be completed within the allocated hour u Ford reverts to the old static route u ANXeBusiness restores the TP site to its prior configuration u Ford and the TP resume production use of the ANX network u ANXeBusiness reschedules migration once problems have been identified l Migrations that failed during the first attempt are completed successfully during a rework window later in the same week or in the following week

23 23 Ford ANX HA Migration Tips l Ford trading partners drive the migration process through active involvement with ANXeBusiness u Use the online process proactively u Be available for site survey and follow-up u Keep scheduled appointments with ANXeBusiness u Have key resources available for the migration l ANXeBusiness relies on Ford to set priorities for migrating selected TPs l Drivers for prioritizing a TPs migration u History of IPSec problems u Support of critical business processes

24 24 Ford Support for Trading Partners l The Ford Global Supplier Electronic Communications (GSEC) ANX process is explained at: l Additional Information and Help: u HA/ANXTunnelz Migration: u ANX general questions:

Download ppt "Dennis Kirchoff ANX Development Leader Dealer and Supplier Infrastructure Telecommunications Services Information Technology Infrastructure AIAG AUTO-TECH."

Similar presentations

Ads by Google