Executive Summary

Deep application intelligence, delivered inside the existing network

A UK-based business internet service provider deployed an Application Assurance solution across its existing IP/MPLS network to deliver real-time application visibility, reporting, and per-customer traffic management capabilities. The solution enabled the provider to launch two differentiated premium services, empowering enterprise customers to view, manage, and control application-level traffic via a self-service portal, which is a global first in network-delivered application performance management.

The deployment leveraged multi-service integrated service adapter cards inserted into existing edge and border routers, combined with a dedicated reporting and analytics platform, enabling deep packet inspection up to OSI Layer 7 without impacting existing network performance or stability.

The Challenge

Differentiating business services in a competitive market

The service provider faced increasing pressure to differentiate its business internet and WAN services in a competitive market.

01

Lack of Application Visibility

Enterprise customers had no insight into which applications were consuming their allocated bandwidth, making it impossible to optimize network resources for business-critical traffic.

02

No Per-Customer Traffic Control

The provider needed the ability to offer per-application, per-subscriber bandwidth policing, traffic reclassification, and blocking — all controllable by the end customer in real time.

03

Two Distinct Service Models

The solution had to support both a routed internet service (VPRN-based) and a Layer 2 VPN service (VPLS-based), each with unique traffic diversion and policy requirements.

04

Scalability Concerns

The design needed to scale to support 50 to 100 application signatures per customer across multiple nodes, with seamless hardware expansion capability.

05

Integration Requirements

The application analytics platform had to integrate with an existing network management system for data collection, and with a custom-built customer-facing self-service portal for real-time report delivery and policy control.

The Solution

Application Assurance built into existing routers

The vendor delivered an Application Assurance solution built on multi-service integrated service adapter (ISA) cards deployed within the provider’s existing edge routers and border routers, requiring no external appliances or network redesign.

Solution Components

Service Adapter Cards

Half-slot, hot-swappable multi-core processor blades providing Layer 7 deep packet inspection, application identification, statistics collection, and QoS enforcement.

Edge Routers

Existing multi-service edge switches deployed across the network, each equipped with a single ISA card for the first-of-application launch.

Border Routers

Pair of high-capacity core routers providing internet gateway functionality with symmetric traffic routing for accurate application reporting.

Analytics Platform

Redundant reporting and analysis system providing application traffic statistics warehousing, query capabilities, and portal-driven report access.

Network Management

Existing redundant management platform upgraded to support Application Assurance data collection and statistics retrieval.

Self-Service Portal

Customer-facing web portal (developed separately) integrated with the analytics platform for real-time reporting and policy override.

Key Design Features

Signature-Based Identification

Protocol identification for up to 100 distinct applications per partition, with configurable application groups for aggregate reporting.

Per-Subscriber Traffic Diversion

Diversion controlled on a per-subscriber (SAP) basis, so only customers subscribed to the premium service had their traffic inspected — preserving resources for future growth.

Per-Customer QoS Policies

Three enforcement actions: drop (block unwanted applications), rate-limit to predefined bandwidth tiers, and forwarding-class reclassification to prioritize business-critical traffic.

Per-Site VPLS Control

For the VPLS service, these actions could be applied independently per site within the same VPLS instance, enabling granular per-location control.

Fail-to-Wire Resilience

A fail-to-wire design ensured that ISA card failure would not disrupt traffic forwarding.

Comprehensive Statistics

Per-subscriber, per-application volume statistics (bytes, packets, flows) plus TCP performance metrics such as delay, jitter, and packet loss.

Key Results & Benefits

Outcomes delivered by the deployment

Market Differentiation

World-first launch of self-service application performance management for business internet, creating a unique competitive advantage.

Revenue Enhancement

Two new premium service tiers (internet and WAN) with per-application visibility, management, and reporting as value-added features.

Customer Empowerment

Enterprise customers gained real-time ability to prioritize business-critical applications and deprioritize non-essential traffic via the self-service portal.

Zero Network Impact

ISA cards offloaded all deep packet inspection to dedicated processors, with no impact on existing routing, switching, or service performance.

Seamless Scalability

Design supported incremental ISA card addition for capacity growth, scaling from 50 to 100+ application signatures with shared and private partition models.

Operational Simplicity

Integration with existing management infrastructure eliminated the need for separate appliance management, reducing operational overhead.

Comprehensive Analytics

Per-application, per-subscriber traffic volume and TCP performance statistics enabled data-driven network and service optimization.

Conclusion

Commodity services, transformed into premium offerings

This deployment demonstrated that deep application-layer intelligence can be embedded directly into an existing IP/MPLS network infrastructure, transforming commodity internet and WAN services into differentiated, premium offerings with real-time customer control.

The integrated approach, using service adapter cards within existing routers rather than external appliances, delivered carrier-grade application assurance with zero disruption to existing operations and a clear path for incremental scaling as customer adoption grows.

Explore how Telence Solutions can support your network initiatives

Discuss your network requirements with our team.

Contact Our Team