| Today's businesses expect a lot when it comes to | | | | As for cost.... the price tag of the extra hardware and |
| their data networks. Speed, reliability, robustness, and | | | | software to enable encrypted communication over |
| scalability are just a few of the performance | | | | your entire network is not cheap. Even though it may |
| parameters with high standards from business users. | | | | appear so compared to other options you may be |
| One area in particular requiring special emphasis is | | | | considering. There's much more to the cost than |
| security. Choosing the right network infrastructure is | | | | set-up, installation, and encryption software. Don't |
| critical to ensuring that your security requirements are | | | | overlook the maintenance, oversight, and trouble |
| met end to end...and everywhere in between. | | | | shooting of those safeguards. Particularly since you |
| For example.... do NOT be so enamored with a | | | | are responsible for all of that.... forever.... just to try and |
| traditional VPN backbone (e.g. Layer 2-based VPN | | | | save a few pennies. |
| services such as ATM and Frame Relay) that you | | | | This is where MPLS comes in. |
| overlook the drawbacks in maintaining the secure | | | | The architecture and protocols of MPLS (Multi-Protocol |
| environment that your company applications will require. | | | | Label Switching) are predicated on the absolute |
| A standard VPN will not offer the same level of | | | | privacy and security enabled via a dedicated network |
| privacy and security as will a private dedicated | | | | infrastructure. Put simply..... the entire network is |
| backbone. At least not without extra effort on your | | | | completely separate and unto itself. You own it, share |
| part... and higher costs therefore in the long run. | | | | it with no one, and there is no connectivity of any kind |
| A typical virtual private network (VPN) is a computer | | | | with a public infrastructure. Now that is security. |
| network that is layered on top of an underlying | | | | To further drive home the main point of this entire |
| computer network. This is most commonly a public | | | | article in simple terms..... with private lines or MPLS |
| telecommunication infrastructure such as the internet. | | | | solutions, there is no path from the public into those |
| The private nature of a VPN means that the data | | | | network facilities. With VPN over the internet, the path |
| travelling over the VPN is not generally visible to, or is | | | | is there and it's your responsibility to provide your own |
| encapsulated from, the underlying network traffic. | | | | security. Think of the difference between a brick wall, |
| Although it is run "layered" on top of a public pathway | | | | and a brick wall with a door. VPN over the internet is |
| (the internet).... secure segregation of the two is | | | | the wall with a door, and you have to manage the lock |
| enacted through using encrypted tunnels to ensure that | | | | and keys. |
| data cannot be accessed without authorization. | | | | Once your MPLS core is configured and operating..... |
| The purpose of a VPN is to enable remote locations | | | | you're done. In fact it's unlikely you would even have |
| and/or individual users (e.g. telecommute staff) to | | | | much involvement with that. Your provider will do it all |
| access a company's network with some expectation | | | | for you. Since it's a dedicated circuit network you are |
| of secure activity. An additional intent is to avoid the | | | | not responsible for the maintenance, oversight, and |
| perceived high cost of owned or leased lines | | | | troubleshooting you would be with a VPN. In short.... it's |
| (dedicated circuits) that can only be used by one | | | | hands off for you. No recurring costs except the |
| business. So, the goal of a VPN is to provide the | | | | monthly "leasing" fee for the lines comprising your |
| organization with the same, secure capabilities, as a | | | | network. |
| dedicated network. But at a much lower cost. | | | | Before you play the cost card..... look deeper. The price |
| However that presumption is misleading. A traditional | | | | of all dedicated circuits has been dropping dramatically |
| VPN network is not as secure as you likely expect | | | | for the last few years. Whether it's copper or fiber |
| and need. After all... it is still tied to a public | | | | based.... the sticker shock days of old for dedicated T1 |
| infrastructure. A talented and persistent intruder can still | | | | lines, DS3 Bandwidth, or SONET circuits (e.g. OCx) is |
| defeat most encryption safeguards. Plus, a glitch in the | | | | long past. In fact.... probably the best deal for you today |
| hardware or software leaves your information open to | | | | is pursuing MPLS over an Ethernet backbone. You'll |
| public eyes. The appearance of failsafe privacy and | | | | get the best of both security and cost savings. |
| security is really just that.... an appearance. | | | | |