A Smart Network enables your organisation to converge multiple services over one resilient connection.

, , ,

Cloud Security elements every business should consider

Cloud Security has been a serious issue since the concept of the cloud began. The classic example was initially the discomfort of a shift from physically seeing the IT security infrastructure to simply trusting someone else with it virtually. Back in 2012, Serviceteam IT carried out major business process project for an insurance sector organisation. The conversation regarding data being located in the the Cloud was very short. Under no circumstances, no matter how much cheaper or how much more flexible, as cloud security was considered low.

Thankfully both the marketplace, and the organisation in the example above, have moved on and are cautiously adopting the benefits the cloud can offer. Last year the Enterprise Cloud Computing Survey from IDG revealed concerns that cloud security are still significant at 52%. Our own UK Cloud Snapshot Survey reveals 43% of respondents from UK organisations still cite cloud security as being the greatest barrier to cloud adoption. We can take encouragement from the downward trend, perhaps due to both improved cloud security and better end-user understanding.

One way to ensure a full understanding of cloud security, and security in general, is to understand the levels of your infrastructure that require protection. A simplistic multi-level infrastructure model, from the physical level, to the network level, to the applications.

Physical Security

Not so long ago physical security was a significant issue, as data centres were vulnerable and accessible to anyone almost, especially an in-office comms room. Companies recognised this risk, and therefore took the necessary steps to safeguard the physical infrastructure. Cloud has been has been a key player in alleviating physical security concerns. The expansion of the data centre for colocation, to the then centralisation of servers to purchase a ‘slice’ to now deploying applications without having to consider the server.

With almost all cloud providers, physical security concerns almost completely disappear, Partially due to the additional checks and measures carried out at data centre locations. Partially due to the distributed nature of the application, as the data will not only be encrypted on disk, but most probably meaningless as it’s balanced between multiple buckets.

Network Security

The second area to consider is the network, which is of upmost concern to Serviceteam IT. As an industry, cloud and IT professionals have made a great deal of progress in securing operating systems and basic networking.  Almost all organisations have the necessary cyber security tools, firewalls, access control lists and intrusion detection to safeguard against outside attacks to an internal network.

The greater challenge has come with the adoption of an ‘outside’ network, where the end-point is trusted, however, the traversal has been via the Internet. Cloud Connectivity can now take care of the network cloud security concerns, as the links have become both dedicated and secure.

Application Security

As the bottom of the ‘funnel’ has been, and can be, better secured, this has forced potential attackers to target higher up the stack. A common trend is tampering with customised applications, impersonating users or compromising some other user end-point. Whilst application security is a continual challenge, businesses can implement tools such as application monitoring. multi-factor authentication or group policy for additional protection and user verification.

Within the application layer, the emphasis should be on identifying vulnerabilities. Simple house keeping such as log file analysis, patch management, filters, scanners and yes, good old back-up! The digital world can be rather dangerous, therefore, security-aware application design, application security testing, and runtime application self-protection all combined with context-aware and adaptive access controls are needed.

Cloud Security Conclusion

Positioning as “inside” or “outside” security is very much for the past. Along with three digit passwords, open relays and no user-access controls. The simple recognition that perimeter defence is simply not enough. Applications need to be considered more actively in regards to their impact upon security as a whole.

Perhaps in the coming years the number of organisations expressing concerns regarding cloud security will continue to fall. Most probably when organisations are more comfortable with network security and application security is more robust.

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

, , , , , , , ,

Cloud Connect Explained | An Introductory Guide

Cloud Connect uses the latest in fibre hardware technology to create a physical link between your network, and the cloud. While most data will travel across the public Internet, Cloud Connect is a dedicated connection between your network and your cloud services. Learn what it is, how it works, why you need it.

, , , , , , ,

Cloud Network Providers | Connect Your Private Network to the Cloud

Organisations are not limited to only a single cloud network providers solution option. Furthermore, they’re not merely able to access valuable cloud resources via the Internet. We advocate a combination of the solutions below to form a resilient, high-speed, high-availability, hybrid cloud network.

We’ve covered Cloud Connect and Cloud Connectivity Providers previously. Subsequently, a customer asked us to provide an overview of the options that they had available to them. The brief was “How do I connect my private network to my cloud network providers”.

In order to implement a connection from their private network space to their cloud network providers, there were questions we needed to ask:

Will the connection be temporary or permanent?

Temporary connections limit available options because of the potential contractual commitments. These can often be mitigated by utilising existing arrangements if your current suppliers are flexible and technically capable.

What is the capacity required?

If you are moving a large volume of data utilising already hard pressed capacity via the Internet is going to struggle and will impact on existing usage. Bursting capacity for a short period of time may be an option, dependent upon your existing supplier delivery. Serviceteam IT have previously moved very large data volumes (tens of Terabytes) via 10Gbps internet access within our colocation provider.

How resilient does it need to be?

This is of course dependent upon how important access to the data you’ll have with the private cloud network provider. You should already have resilient access to the Internet. Meaning it will be simpler to ensure access to the cloud network provider is equally resilient.

Where will the connection be coming from?

Is the private network located at a fixed office site?

  1. Are there multiple office locations?
  2. How are the multiple office locations connected, physically and logically?
  3. What is the primary leased line from the site? Is it fibre Ethernet?
  4. Does the primary leased line provider support 802.1Q VLANs?
  5. What major data centres, such as Telehouse or Telecity, is the primary leased line provider present in?
  6. What resiliency exists for the leased line?
  7. Who provides the physical connectivity resiliency?
  8. Who manages the physical and logical resiliency?
  9. Is the logical private network resilient, such as failover routes via alternate leased line providers to another site?
  10. What firewall devices are present at the site?
  11. How are they configured, such as High Availability Active/Active?
  12. Are site-to-site licenses available on the devices?
  13. Are there VPN failover policies enabled?
  14. Who manages these devices?
  15. Do the office locations have sufficient internet access capacity?
  16. Is there sufficient fibre Ethernet capacity to upgrade internet access?

Is the private network in a colocation facility?

  1. Are there multiple colocation facilities?
  2. Who provides the network connectivity between the facilities?
  3. Do the colocation providers supply backhaul via 802.1Q VLANs?
  4. What physical and logical connectivity resiliency is in place?
  5. Are the colocation providers supplying Managed Internet Access (MIA)?
  6. How are they connecting you to the internet, such as their own feed or a third party transit provider?
  7. How are the public peering arrangements organised? What are the private peering arrangements?
  8. In which major data centres, such as Telehouse or Telecity, are the colocation providers present in.
  9. What firewall devices are present at the colocation sites?
  10. Who manages the firewall devices?
  11. What edge routers do they operate?

As an aside, we’ve worked with customers who have infrastructure in colocation facilities, where not only has the colocation facility been unable to supply backhaul via 802.1Q VLANs, but also had no internet peering arrangements. They at least had two colocation facilities for resilience!

Virtual Private Network (VPN)

In almost all cases, public cloud services begin via publicly accessible services, such as websites. As organisations become ever increasingly comfortable with public cloud, the practicalities of hosting more business critical information increases. And yet, the security of the information and access to the information remains paramount. An Internet VPN is the first, and arguably the simplest, option. It provides the shortest lead time of all of the options.

Public cloud providers offer VPN appliances, or an option for native VPN through the cloud providers control panel. Device support includes many options from hardware VPN concentrators to OS-based VPN solutions, such as OpenVPN. Cloud network providers will charge for the compute instances hosting the VPN appliance. Bear in mind cloud network providers charge for the bandwidth. Data transferred via a VPN counts against data transfer cost. There are no minimum commitments associated with VPN options. VPN connections to the cloud network provider are most suited to temporary or network failover.

Direct Connectivity

The VPN option limits the ability to offer a consistent experience over a common internet connection. It’s bandwidth you share with user and service access, which can become saturated with high capacity users, or reduce service effectiveness for voice and video. For a far more predictable connection, cloud network providers offer direct private connections via major data centre facilities.

Cloud providers ordinarily partner with large data centre operators. These operators terminate multiple cloud provider networks into their facilities, often via a meet-me room. Other providers rent facilities from these data centre providers, and the data centre provider offers a cross-connect, known as an Xconnect, from the cloud provider’s facilities to customer facilities. This can sometimes involve many parties. For example, if your private network is located in a colocation data centre, you will need to:

Creating your own connection to Cloud Network Providers

  • create a VLAN to the local edge router, lets call it A, of the colocation provider;
  • backhaul via a VLAN to an edge router, lets call it B, of your third party colocation provider in the major data centre provider facility;
  • set-up a cross-connect from edge router B, to the edge router, lets call it C, of the major data centre provider;
  • install a cross-connect from edge router C, to the edge router, lets call it D, of the probable additional cabling provider within the facility;
  • organise a cross-connect from edge router D, to the edge router, lets call it E, of the cloud network provider;
  • enable a Cloud Connect service from edge router E, to the LAN, lets call it F, of the VPC;
  • in each of the steps you will have options for either a port based VLAN or an ID based VLAN, sometimes both, sometimes only one;
  • once all the physical connections have been enabled and tested, then the real fun begins as you have to logically address and apply a routing schema, ordinarily BGP, between your private network and the cloud network provider.

Direct connections generally come in two Ethernet speeds of 1Gbps or 10Gbps. With AWS you then have a CDR, which is carried over the Ethernet capacity, and is a minimum of 10Mbps. The data centre provider charges for the cross connect, while the cloud provider charges for the port, and everyone else charges for backhauls and cabling.

Most cloud providers allow unlimited transfer over direct connect, which brings down the per gigabyte transfer cost. Often the major data centre providers offer shorter terms, such as 1-month commitments. Cross-connects usually carry a 12 month term. Customers can leverage the shorter commitments for short-term projects to transfer lots of data, or to test a new service from a cloud provider.

Connect to Cloud Network Providers with Serviceteam IT

Telco providers are increasingly offering services based on a Cloud Connect model. Capacity (speeds) between 1Gbps and 10Gps are more desirable. Telco providers bundle connectivity to a cloud network provider. More often, these connections are Cloud Connect to the major data centre providers without the complications of cross connects or VLAN type mismatch, robust physical failover and resilience of the route with a cohesive routing schema between the private network to the cloud network provider.

Organisations have a far wider variety of connectivity options. Telco providers can offer Ethernet connection options with MPLS and VPLS to your preferred cloud network provider. This can be delivered as one-to-many, many-to-one or many-to-many. Telco terms don’t always mimic existing WAN commitment lengths, ordinarily 24 or 36 months, as we have contracts with 36 month resilient fibre Ethernet connections and only 12 month Cloud Connect services carried over the resilient fibre Ethernet.

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

, , , , , , ,

Cloud Connectivity Providers Explained

Cloud Connectivity: It’s probably safe to say that enterprise, private and hybrid cloud are here to stay. These services have vastly improved the way in which we deliver resources, support new types of users, and create new types of business strategies. Continuing growth in adoption of public services means that even the most risk averse organisations are looking at the many ways to leverage cloud computing environments to help their businesses become much more agile. Spending on cloud network, infrastructure and platform could rise to around $203 billion by 2020, according to the IDC Worldwide Semiannual Public Cloud Services Spending Guide. Admittedly, the same report suggests that only around 5% of total worldwide technology expenditure in 2017, $122 billion, will be cloud related. Some of the rest of the $2.4 trillion will be from traditional in-house delivery, consumers (20%) and tellingly from software (20%). It stands to reason a proportion of the expenditure will be on Cloud Connectivity.

One of the main barriers regarding adoption is security, along with reliability, access and compliance related to data location. These issues raise the perfectly legitimate concern of “How do I create a cloud connectivity strategy that will allow me to leverage my on-premise investment and public architecture?”

What is Cloud Connectivity?

Cloud connectivity enables the interoperability between on-premise resources and public environments. The on-premise environment can be a branch office, the IT services division, a third party data centre with colocated equipment, or a major enterprise data centre. The obvious goal is to create an optimal cloud network strategy, where the business can adjust or scale according to demand whilst increasing security and availability coupled with decreasing expenditure.

Cloud connectivity uses a variety of secure, and high capacity (fast) connections, to enable organisations to integrate with cloud network, storage, compute, and end user environments. The greatest step forward has been the ease of creating these connections and how they can help transform a business. In the past, these connections were made manually and required a lot of know-how and administration. Today, major providers are offering far easier ways to integrate with your resources. Even further back, access to those resources was made available only via the Internet, which is inherently problematic from the perspective of security, availability and capacity. Think of cloud connectivity as the VIP entrance, avoiding traversing the Internet with everyone else.

Cloud Connectivity providers understand that you’ve made significant investment in your on-premise and data centre operations. They know that you’re probably not all that ready to rip everything out and move everything. This is why there have been some major initiatives regarding optimising the way businesses connect into the public cloud. These new solutions enable a far easier way to integrate on-premise resources with powerful cloud services. Ultimately, this helps businesses create faster, more reliable, and far more secure cloud network connections into their services using Cloud Connectivity.

Examples of Cloud Connectivity:

AWS Direct Connect

Amazon Web Services is easily the most popular. They support compliance-based workloads, integrate with complex storage environments, and even provide new types of workload delivery methodologies. More recently, Amazon has made it even easier to connect into its ecosystem without having to attempt to arrange a peering agreement between the customer network and the AWS public cloud network.

AWS Direct Connect enables a dedicated network connection between the customer network and an AWS Direct Connect location. It uses industry standard 802.1q VLANs, so that the dedicated connection can be partitioned into multiple virtual interfaces.. This allows you to use the same connection to access public resources, objects stored in Amazon S3 using public IP address space for example. Along with private resources, such as Amazon EC2 instances running within an Amazon Virtual Private Cloud using private IP address space. All whilst maintaining total network separation between public and private environments. Virtual interfaces can be reconfigured at any time and on the fly in order to meet your changing needs.

This kind of enterprise cloud connectivity comes with very real business benefits:

  • Bandwidth controls regarding cost and delivery
  • Higher Service Level Agreements (SLAs) for consistent cloud network performance
  • Fully integrated with all AWS services
  • Greater levels of business and data centre elasticity

If you’re integrating with an AWS environment, make sure to look at AWS Direct Connect. It allows your organisation to directly align with a specific strategy, which can be an all-encompassing extension into the AWS, or you can use a specific AWS service, such as integrating with Amazon S3 storage. The best part is that Direct Connect helps ease the adoption of your specific use case securely and privately.

Cloud Connectivity: AWS Direct Connect

Microsoft Azure ExpressRoute

Microsoft Azure ExpressRoute allows you to create private connections between Azure data centres and on-premise infrastructure inside your network, be it your data centre or a colocation. Microsoft ExpressRoute connections do not go over the public Internet. The connection architecture allows for far greater reliability, higher capacity (speed), much lower latency, and significantly more security than typical internet connections. Each Microsoft ExpressRoute circuit consists of two connections to two Microsoft Enterprise cloud network edge routers from the cloud connectivity provider and your network edge which requires optional dual BGP connections from the connectivity provider and your network side.

Using ExpressRoute connections to transfer data between on-premise systems and Azure can yield significant cost benefits. For example, you can establish connections to Azure at an ExpressRoute location, such as an exchange provider facility, or directly connect to Azure from your existing WAN network, such as a multi-protocol label switching (MPLS) VPN provided by a network service provider.

There are several benefits to using this type of cloud connectivity:

  • Data centre and services extension
  • Building an ecosystem for hybrid applications
  • Creating an architecture build on auto-scaling and provisioning
  • Integrating Active Directory services across multiple locations

With Microsoft ExpressRoute, you can establish connections to additional Microsoft services, not only Azure. These include services such as Office 365, Skype for Business and CRM Online. Connectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, a VLAN via Smart Network or a virtual cross-connection through a connectivity provider at a colocation facility.

Cloud Connectivity: Microsoft Azure-ExpressRoute

Google Cloud Interconnect

Google Cloud Interconnect enables you to connect your infrastructure to Google, via enterprise-grade connections to Google’s cloud network edge. The connections are offered by Google Interconnect service providers in order to connect. Google Interconnect will enable your infrastructure to connect to Google Platform Services with higher availability and lower latency connections.

Google Interconnect allows Google Platform Services customers to connect to Google via enterprise-grade connections with higher availability and lower latency than existing Internet connections. Connections are offered by Google Interconnect service provider partners, and offer higher SLAs than standard Internet connections. Google also supports direct connections to its cloud network through direct peering. Customers who cannot meet Google at its peering locations, or do not meet peering requirements, may benefit from Google Interconnect.

The flexibility of the Google Platform with cloud connectivity enables many business benefits:

  • Great for data intensive applications
  • Lower latency access to platform services
  • Reduced cost with up to 50% reduction on Egress pricing
  • Direct peering at over 75 locations in 33 countriles

Google Interconnect links can be used to access any of the Google Platform resources: Google Compute Engine, Google Storage, Google BigQuery, etc. You can even extend your private network into your private Compute Engine network over Google Interconnect links by using a VPN tunnel between the networks.

Oracle FastConnect

FastConnect addresses one of the most important issues that affect migration to a cloud service: the unpredictable nature of the Internet. With FastConnect, you can create a high-speed, dedicated, and low-latency extension that allows you to reap the benefits of a true hybrid setup. It also offers better security than exchanging your data over the Internet.

Oracle Network Service also offers Site-to-Site VPN for Dedicated Compute customers. FastConnect is for all Oracle Cloud customers. Site-to-Site VPN securely extends your on-premises network to your dedicated Oracle Compute zone. FastConnect provides a high bandwidth connection between your data centre and Oracle services.

There are many benefits to FastConnect for cloud connectivity:

  • Get a faster and more secure connection to Oracle
  • Pay less for predictable performance
  • Get a redundant connection, so your traffic can quickly fail over in case of network failures
  • Connect your data centre to Oracle in a few simple clicks

If you are colocated in the same datacenter as Oracle, you can establish connectivity by provisioning direct single mode fibre cross-connects from your datacenter provider. It also offers better security than exchanging your data over the Internet. With FastConnect-Standard Edition, you are connecting your edge routers directly to the Oracle cloud network edge routers in the specific location and establish a BGP peering session directly with Oracle.

HP Enterprise Rapid Connect

HPE Rapid Connect enables you to bypass the public internet when it connects to HPE Helion Managed  Services. The new direct connectivity gives customers access to HPE’s portfolio of services when they need to build and consume computing workloads. It gives businesses more reliable and secure access, better performance and lower latency.

The flexibility of HPE Helion in tandem with Hyoer Converged Appliances is not to be ignored:

  • Great for extension of existing assets
  • Significantly improved latency between cloud network and on-premise
  • On-demand access to compute as an extension
  • Increasing availability at Ingress locations

HPE Helion is a portfolio of software, integrated systems, and services for computing, including distributions of OpenStack® and Cloud Foundry®. HPE Helion makes it easier for you to build, manage, and consume workloads in a hybrid IT environment that includes private and public clouds working in tandem with your on-premises systems.

And Finally . . .

There are many more Cloud Connectivity options, including BlueJeans, Box, Cisco, CSC, IBM, Salesforce, Sungard and VMware. Many of the Tier 1 network providers, whether they be Telecoms or Data Centre, can implement interconnects, known as XConnects, between their cloud network edge routers and your network edge. Additionally backhaul via VLAN through your existing Ethernet Fibre, depending upon provider, will be available.

Serviceteam IT can supply interconnects and backhaul from almost all of the providers, at wholesale rates, and link connections between different carriers and service providers together. Our Smart Network service is the most effective option for connecting.

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

, , , ,

Leased Line Providers Explained | Tier 1 UK

Leased Line Providers in the UK

Even though we work with all of the Tier 1 network and leased line providers, we don’t often talk about it. This is due in part to our customers’ network and ethernet fibre leased line services being both commercially sensitive and a security risk should we divulge their details. It is also a relatively complex area of IT infrastructure, where one size rarely fits all and the options for fibre ethernet, transit, IP, backhaul and VLANs with Cloud Connect and Smart Network. Coupled with the resiliency options of leased lines makes the choices almost limitless.

A note regarding Leased Line resilience

Ethernet leased lines in the UK usually carry at least a 99.9% Service Level Agreement. I have in the past competed with companies selling services with a single fibre carrying a 100% SLA. Which, as any budding techie will tell you, is an engineering impossibility.

The likelihood of all Tier 1 leased line providers in the UK being on-net is low. Many of the Tier 1 providers will need to use BT for the final part of the circuit. The tell-tale signs are an install fee and higher rentals on a 36 month term.

Almost all UK leased line providers make use of dedicated circuits from their competitors’ wholesale divisions as it is often cheaper for them to do this than to extend their physical networks by digging the road or pavement. There are some notable exceptions depending upon location and building, which you can learn about below.

When we quote for resilient services we:

  1. Inspect the internals of the site, such as the comms room.
    My most memorable initial inspection was at a global brand hotel chain, at an hotel here in Birmingham. We found the ethernet fibre ingress with the comms cabinet, all of which was below the lowest point of the swimming pool it was behind. Needless to say our initial recommendation was raising the cabinet to a higher point in the building and moving the fibre ethernet ingress to suit.
  2. Assess the external area for access routes.
    This usually entails wandering around the outside of the building making measurements for where a known egress from the building lies, often looking for tell-tale signs of raised paving slabs or renewed tarmac heading off the site.
  3. Survey the surrounding areas physically identifying a DP (demarcation point).
    Once the egress from the building is identified, plus the route from the building, we then need to find the DP covers starting with the nearest. Photographs are taken and GPS location recorded. Main link routes can be identified easily enough as they ordinarily have multiple covers and will usually be found at road junctions. I always feel a little conspicuous wandering up and down roads, photographing the floor trying to contain my excitement at finding a Mercury five cover DP – that’s a big one!
  4. Qualify identified DPs with providers.
    The Tier 1 providers rarely know what they have and where it is located, so this step takes a little more time, normally relying upon the local engineers. We have a lot of contacts outside of the ‘normal’ process which enables us to find fibre that the provider we’re trying to purchase it from had no idea they had. One such incidence is with a provider who is strong in Birmingham, and shall remain nameless (Colt), where they had made the building on-net in circa 2002-2003. However, a bar chain had moved in on the lower ground floor, and their renovation and refit in 2010 had ‘disappeared’ some fairly expensive kit behind a stud wall.
  5. Confirm route and location with providers.
    This step is very difficult to carry out with BT, however, with the correct contacts the gaps can be filled so it’s not impossible. BT maintain they won’t share route maps due to security, however, we all know the real reason is they just don’t know. For an example route map from Virgin Media see page six of Leased line survey – SAMPLE below.
  6. Insist providers identify other carriers in use applied to the quote supplied.
    For commercial reasons leased line providers here in the UK are often extremely reticent to openly share from whom they are purchasing the initial leased line circuit. Heaven forbid they tell you and then you ask them for a quote! We maintain very close relationships with sales and operations to ensure transparency. Our contracts where resilience is identified as the primary purpose also carry a caveat regarding third party failure and liability where we have explicitly requested all parties involved.
  7. Identify suitable media resilient options, such as Microwave or Radio, if the diversity cannot be confirmed.
    Simple resilience via ADSL or FTTC are viable options, although not our preferred recommendation. Cost effective media resilience, in the case of an ethernet fibre leased line, include 4G. For the gold standard in media resilience a fixed band Microwave is the only option. Many years ago I provided such a solution to the Birmingham Head Quarters of a high street opticians, and the employees on the site believed their brains were being cooked by the Microwave dish outside. I seem to remember people refusing to work in the office and wearing aluminium foil hats when they did. Needless to say, a great deal of technical data was provided to allay their totally unfounded fears, especially given the fact they would receive a far greater amount of radiation from hugging a Henge Stone.
  8. Using provider route maps and our own photographs create a visual map report with locations marked by GPS.
    You can read a sample report carried out for a customer below, Leased line survey – SAMPLE:

What are Tier 1, Tier 2 and Tier 3 providers?

Excellent question, which as usual does not have a simplistic answer. There are Global Tier 1 providers, such as Level3, NTT, AT&T. There are partial Global Tier 1 providers, such as C&W (acquired by Vodafone), Liberty Global (who acquired Virgin Media in 2013) and Telia. The list is not exhaustive.

In the UK I’ll refer to Tier 1 providers who provide Ethernet Fibre, not to be confused with fibre broadband, to the site or premise. UK Tier 1 leased line providers include: BT, Vodafone, Colt, Virgin Media and SSE along with providers, such as KCOM, with legacy presence in specific areas.

National Tier 2 and Tier 3 providers can be described as either having to use a Tier 1 or Tier 2 for some portion of the leased line, or they have a contractual arrangement which places them in Tier 2 or Tier 3. A Tier 2 example would be ourselves, where we have a leased line provided end-to-end by a Tier 1.

In very simple terms what makes the Internet work is the Tier providers each have their own network, or portion of a network, which is private to them. Where they all meet, typically an Internet Exchange or IX, is how traffic from a source, such as a browser requesting a web page, is passed to the host provider, the server which hosts the website. This is either via Public Peering or via Private Peering between the two or more respective providers. The London Internet Exchange, LINX, is arguably the largest peering point in the UK. You can find the list of public peers at their LON1 node here: LINX LON1.

Leased lines prior to around 2002 were usually low capacity, as little a 64kbps. In the UK circuit options were available for 2mbps (E1), 34mbps (E3) 45mbps (DS3) and 155mbps (STM1). Today leased line providers ordinarily supply an Ethernet leased line circuit which is at least 100mbps, however, all our customers have at least 1000mbps which is 1gbps.

Leased Line Providers We Use:


British Telecom is still easily the largest leased line provider, the reasons for which I’ll cover below.

British Telecommunications Plc was formed in 1984, from the GPO. In 2001, right here in Birmingham, BT was de-merged from its wireless division. Following the Communications Act 2003 BT was split, this importantly formed Openreach. BT Global, BT Wholesale, BT Business, BT Retail, BT Corporate and a whole host of other subsidiaries were formed since.

The existence of Openreach is important as BT, in its many guises, purchases network and leased line services from Openreach. Meaning BT buy the exact same service for the exact same price non-BT providers, such as ourselves, buy. Openreach has the largest network of any of the UK leased line providers. You can get a BT circuit without buying it from the many BT retail businesses.

Virgin Media

Created from a patchwork of UK cable franchises, such as Birmingham Cable, in 2006 Virgin Media was formed from the acquisition of Virgin Mobile and operated as a license using the Virgin brand for the two main cable providers, Telewest and NTL, who had acquired or amalgamated the local cable franchises.

In 2010 the NTL:Telewest Business subsidiary became Virgin Media Business, a simple rebranding of the business which continued to sell existing leased line and other services to businesses.

Libery Global acquired Virgin Media and subsidiaries for approximately £15bn in 2013. Virgin Media UK operations are ultimately controlled by Virgin Media (UK) Group Inc. in Delaware USA, so we have no idea of the ownership of Virgin Media as the law in Delaware does not require disclosure of controlling ownership.


Founded in 1992 City of London Telecommunications began by providing leased lines to Britain’s financial district after being awarded a Telecommunications Licence in 1993. The group expanded significantly in the ten years following and increased its network coverage to many European cities, including Birmingham.

In 2014 Colt was acquired by Japanese Telecoms company KVH. Colt was once again acquired in 2015 by it’s earliest investor, Fidelity Investments.

Colt operates primarily in metro city zones throughout Europe with a presence, known as on-net, in around 20,000 buildings in almost 200 cities. If you’re in Birmingham, Docklands or Manchester  it is very likely they will be on-net for you.


Vodafone acquired Cable & Wireless in 2012, where I worked between 1999 and 2001. C&W had a long history of network provision, laying undersea cables between British colonies since 1870, and acquiring assets following the first cable war in 1917.

Cable & Wireless was the very first UK leased line provider to offer an alternative to BT. In 1982 Mercury Communications Ltd was founded as a subsidiary of C&W, then in 1997 Mercury was absorbed into C&W. In 1998 C&W acquired MCI Worldcom creating Cable & Wireless Global in 1999.

Between 2001 and 2010 C&W bought many corporate leased line providers including Exodus, Energis and Thus.

SSE Telecoms

SSE Telecoms acquired Neos Networks in 2003 and SSE Telecoms is the telecommunications business of Scottish and Southern Energy. It had the ingenious idea of stringing fibre from SSE’s electricity pylons providing a competitive way to link cities together, without having to pay a fortune to run fibre on terra firma such as alongside railway lines, motorways and canals.

Network assets are primarily Scotland and the South of England with around 265 points-of-presence and they are on-net in 75 data centres. SSE Telecoms are an excellent choice to connect data centre assets with very high capacity interconnects, 10gbps and higher. Perfect for real-time synchronisation of large data volume SANs.

Finally . . .

There are a number of UK Leased Line Providers, other than those listed. Many of the other Tier 1 leased line providers buy a portion of their circuits from BT, typically the first mile or last mile of the route from the served site to the providers Point of Presence.

Serviceteam IT can supply circuits from all the above providers, at wholesale rates, and link circuits from different carriers together.

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!