Transcription

E-GuideMPLS VPN basicsIn this eGuide discover the differences between MPLS VPNs andtraditional virtual private networks, as well as the advantages anddisadvantages of the latest in service provider offerings. While anMPLS VPN can simplify the design of your wide area network (WAN),some compromises and changes to your WAN strategy are required.Sponsored By:

SearchNetworkingChannel.com E-GuideMPLS VPN basicsE-GuideMPLS VPN basicsTable of ContentsMPLS VPN basicsResources from MegaPathSponsored By:Page 2 of 7

SearchNetworkingChannel.com E-GuideMPLS VPN basicsMPLS VPN basicsBy Michael Brandenburg, Technical EditorMPLS VPN basics: What is an MPLS VPN?An MPLS VPN is a virtual private network built on top of a service provider’s MPLS networkto deliver connectivity between enterprise locations. Available in layer 2 or layer 3 options,the VPN leverages the multiprotocol and labeling capabilities of MPLS to deliver a flat, peerto-peer network to link all of an organization’s remote sites into a common network. Inmost cases, MPLS VPN services are sold without encryption, typically relying on the fact thateach customer is isolated from the others on his own private network. But for thosecustomers that require it, encryption schemes such as IPsec can be added on top of the VPNconfiguration.MPLS VPN basics: Comparing MPLS VPNs with other types of VPNsWhat is the difference between MPLS and MPLS VPN? The distinction between MPLSand MPLS VPN is actually straightforward, but marketing of the services, as well ascustomers themselves, blur the differences. When referring to MPLS services, manycustomers are often actually referring to an MPLS VPN service. Multiprotocol Label Switching(MPLS) is the underlining technology that enables service providers to offer customers highspeed private networks. The service provider provisions virtual circuits for each customer,insulating one customer’s data from another’s, even though both customers are on thesame physical telecom gear. To the customer, an MPLS network appears similar to a leasedline service, delivering a private network to link multiple corporate sites. Depending on thecustomer requirements, MPLS can deliver connectivity to an enterprise at either a layer 2Ethernet level or layer 3 IP level.What is the difference between traditional VPN and MPLS VPN services? Most VPNservices create a one-to-one link between two network endpoints (referred to as a point-topoint solution). While the VPN appliance at the head end may support multiple inboundlinks, each link is unique, with an encrypted tunnel created between each enterprise remotesite and headquarters, for example. In the point-to-point model, dedicated hardware orSponsored By:Page 3 of 7

SearchNetworkingChannel.com E-GuideMPLS VPN basicssoftware is used to encrypt the traffic between the two points. For data traffic travellingbetween two remote sites, this scenario creates an extra hop. In order to reach anotherremote site, traffic from one site has to traverse the VPN tunnel to the headquarters, thenroute through another tunnel to its final destination. This additional stop at the hub not onlyadds latency in routing these packets but also requires that the hub in this configuration beequipped with enough bandwidth to handle the load from multiple remote locations. Thistype of VPN service is designed to create secure, encrypted links over public networks,including Internet broadband links.MPLS VPN services, on the other hand, are designed as a multipoint technology by design,making specific VPN tunneling unnecessary. When data moves from one site to another, itlooks up the site in the routing table, adds a tag for that site, and sends the packet to thenext router. This approach not only reduces the latency of inter-site transfers, it alsoflattens the wide area network design, simplifying the approach WAN engineers can takewhen delivering services between sites. This approach does, however, require all remotesites to be connected to the MPLS network.What is the difference between L2 and L3 MPLS VPNs? As the names suggest, MPLSVPNs can be provisioned as a layer 2 connection, such as Ethernet, ATM or frame relay, orat layer 3 as an IP-based network. While the majority of customers opt for the IP-basedoption, customers with particular security or infrastructure needs may choose the layer 2option, handling the network layer themselves. MPLS enables service providers to offer arange of options to meet their customers’ specific requirements.MPLS VPN basics: Pros and consWhat are the advantages of an MPLS VPN? High performance and ease of deploymentare often cited as the advantages of an MPLS VPN over other solutions. Unlike traditionalVPNs, which presume that corporate data is being transmitted on public networks, MPLSVPNs use an isolated private network, making the need to encrypt data between sites anoptional feature, based on the organization’s level of trust that the service provider caneffectively segregate its customers’ networks.Sponsored By:Page 4 of 7

SearchNetworkingChannel.com E-GuideMPLS VPN basicsWhat are the disadvantages of an MPLS VPN? Like any managed service, an MPLS VPNsolution ultimately requires a leap of faith for both the organization and the wide areanetwork (WAN) engineers themselves. Unlike typical point-to-point VPN solutions, whichusually have been managed and maintained in-house, using MPLS requires outsourcing yourVPN. While relinquishing control of the VPN can take the workload off the WAN engineer, theorganization is still at the mercy of the service provider for any moves, adds or changes thatneed to occur. For many, having to submit a request to the service provider to haveconfiguration changes made, instead of simply making the changes themselves, could be asignificant culture shock.Sponsored By:Page 5 of 7

Partner Programwww.megapath.com/partner“We look goodby recommending MegaPath”“With MegaPath Hosted Voice the price point is right, the serviceand support is right - it's pretty much an easy sell.”- Matt McCraw, CEO, Rocket Science ConsultingMegaPath helps IT Partners succeed and stay competitive. Flexible voice services Reliable business class data Managed security to help ensure compliance andprotect critical data Nationwide end-to-end network Business expertise and focus Direct sales, installation support Online free product training Partner marketing materials Specific programs for Referral andMaster Agents nationwideRocket Science Consulting, anoutsourced IT department for smallbusinesses, serves businesses with10-250 employees with a full rangeof IT solutions.Learn more about the MegaPath Program www.megapath.com/partner

SearchNetworkingChannel.com E-GuideMPLS VPN basicsResources from MegaPathHow to Choose a Managed Network Services Provider: 6 Best Practices to Ensure aThorough EvaluationMPLS Networks for Small and Mid-Size Business: Performance-enhancing ITServices with Reduced CostsThe MPLS Network: A Future-Proof Engine for Voice-Data Convergence Addressing network traffic trends with new opportunities for businesscommunicationsAbout MegaPathMegaPath operates one of the largest end-to-end communications networks in the country.In 2010, the company combined with Speakeasy and Covad to form a single companyproviding a full range of data, voice and security services for small businesses andenterprises nationwide. MegaPath helps businesses of all sizes to easily and securelycommunicate between their headquarters, employees and business partners to lower costs,increase security and enhance employee productivity.Sponsored By:Page 7 of 7

MegaPath operates one of the largest end-to-end communications networks in the country. In 2010, the company combined with Speakeasy and Covad to form a single company providing a full range of data, voice and security services for small businesses and enterprises nationwide. MegaPath helps businesses of all sizes to easily and securely