How much does BT Secure Plus RA02 cost?

An article with a summary of BT Secure Plus RA02 and how to request pricing from BT Partner Sales.

Adding Secure Plus provides the highest possible uptime for connectivity across MPLS, VPLS and BTNet leased line services. In this article, we will walk you through some of the considerations and offer access to RA02 Secure Plus pricing & design. Please use our BT services page if you would like to receive a quote for BT Secure Plus RA02 for new or existing clients.

The options to create diversity are normally governed by budget vs the availability of BT POPs which are required to support your capability. All diverse pricing is dependent on your office location vs 100Mbps, 1Gbps or 10Gbps bandwidth and distance to the nearest POPs.

If dual Ethernet circuits are out of budget, there are a number of other methods such as using EFM (Ethernet First Mile) which will not create the same level of diversity but will offer an alternative path.

Premier-partner-of-BT-outline-CS5

About Secure Plus RA02

  • Secure Plus designs are based on no single point of failure.
  • All designs are subject to BT site survey.
  • Where possible, your second circuit will route via diverse building entry points, BT exchanges and BT PoP/Provider Edge.
  • Available for both MPLS/VPLS and BTNet leased lines.

What is BT secure plus?

The product name has been used by BT to describe adding failover connectivity to MPLS, VPLS, Ethernet point to point or multipoint and BTNet services.

  • Dual Routers running HSRP (Hot Standby Routing Protocol).

In order to protect against router failure, BT will configure dual routers which maximises uptime in the event the primary router fails. Without going into too much detail, HSRP allows the primary and failover Cisco to monitor connectivity between devices. In the event the primary router encounters issues, the secondary will take over as a primary service. It is worth noting that BT will also configure services as load balanced where required. Where Cisco CPE (Customer Premise Equipment) is not being used, an alternative open standard exists entitled VRRP (Virtual Router Redundancy Protocol).

Dual Building Entry Points

How network and circuit diversity is achieved? Providing access to your building via dual entry points is often a little hit and miss. The access largely depends on whether or not the building is governed by listed status. With listed buildings, businesses are not able to make structural changes to add an additional point of entry. In addition, landlords of buildings which are not listed may not allow further entry points to be constructed for multiple reasons. With this said, a building may well already include dual feeds or you may be in a position to add a further point of entry. Where possible, feeding diverse circuits into east / west or north / south entry points is certainly the best option.

Dual Tail Circuits

Using Open Reach as the provider of tail circuits (for example), perhaps one of the most common ‘gotcha’s’ we hear about is when service providers design networks with multiple wholesale tail circuits – e.g. perhaps one from Open Reach and another from COLT. In this situation, organisations believe that using two tails from multiple providers will in some way add diversity. However, this is certainly not the case. The issue is that neither provider has a process to interact and therefore there are no shared circuit routing plans.

The result is a capability which looks to be diverse on paper but actually contains multiple points of failure. The reality is that the only method to achieve a solid diverse solution is to order from a single provider. In this case, BT Secure Plus, which is designed to request two separate tail circuits from Open Reach.

We know of several UK and Global organisations which are under the assumption using different tail circuit providers or implementing other connectivity from the BT portfolio will provide diversity. As of writing this article, there is only one way to provide uptime with no single point of failure.

BT Local Exchange Diversity

The Open reach tail circuits should, where possible, connect to different hardware within dual local exchange sites. This kind of design will ensure any issue with the exchange is factored in such as flood, fire or power loss.

Dual PE nodes (Provider Edge)

The BT MPLS, VPLS and Ethernet core network is well scaled and engineered. The result is access to multiple PE nodes which ensures organisations have coverage from a nationwide choice of entry points into the BT core WAN infrastructure. This kind of coverage is a clear differentiator between telco’s such as BT and smaller operators. The majority of smaller network providers only operate a couple of core provider edge nodes which is in contrast to the multiple options provided by BT’s core network. Whether or not this is important to you is largely governed by your office locations and requirements vs provider capability.

What does Subject to Survey really mean?

With any BT Secure Plus deployment, all diverse circuits are subject to survey. This means that BT may survey your requirement and find there are pinch points within the network. If this is the case, clients are often given the option to pay additional costs or, in some instances, to cancel the request. In certain circumstances, creating a true ‘no single point of failure’ is cost prohibitive. With this said, the majority of solutions work out fine. All secure plus orders able to be cancelled in the event the survey provides unsatisfactory results.

Anything else?

For clients which are working with tight timescales, the secure plus service effectively bundles both primary and failover circuit together. Why is this important? The reason is because when Open Reach deliver the solution, they will not handover any connectivity until both circuits are live. This will undoubtedly create delay to your project if not correctly managed. It is possible to request Open Reach to deliver a primary in advance of the failover which will at least provide connectivity. However, this scenario is not a given and permission will need to be granted.