Today’s businesses expect a lot when it comes to their data networks. Speed, reliability, robustness, and scalability are just a few of the performance benchmarks with the high standards of business users. One particular area that requires special emphasis is security. Choosing the right network infrastructure is critical to ensuring your security requirements are met end-to-end … and everything in between.
For example … DO NOT fall so in love with a traditional VPN backbone (for example, Layer 2-based VPN services like ATM and Frame Relay) that you overlook the inconvenience of maintaining the secure environment that your applications will require. company. A standard VPN will not offer the same level of privacy and security as a dedicated private backbone. At least not without extra effort on your part … and therefore higher costs in the long run.
A typical virtual private network (VPN) is a computer network that overlaps an underlying computer network. Usually it is a public telecommunications infrastructure such as the Internet. The private nature of a VPN means that the data traveling through the VPN is generally not visible or is encapsulated from the underlying network traffic. Although it runs in “layers” on top of a public road (Internet) … the secure segregation of the two is done through the use of encrypted tunnels to ensure that data cannot be accessed without authorization.
The purpose of a VPN is to allow remote locations and / or individual users (for example, remote staff) to access a company’s network with some expectation of secure activity. An additional intention is to avoid the high perceived cost of owned or leased lines (dedicated circuits) that can only be used by one company. Therefore, the goal of a VPN is to provide the organization with the same secure capabilities as a dedicated network. But at a much lower cost.
However, that presumption is misleading. A traditional VPN network is not as secure as you probably expect and need. After all … it is still tied to a public infrastructure. A talented and persistent intruder can still defeat most encryption safeguards. Additionally, a hardware or software failure leaves your information open to the public eye. The look of privacy and failsafe security is really just that … a look.
As for the cost … the price of the additional hardware and software to enable encrypted communication throughout your network is not cheap. Although it may seem so compared to other options you may be considering. The cost involves much more than the setup, installation, and encryption software. Don’t overlook the maintenance, monitoring, and troubleshooting of those safeguards. Particularly because you’re responsible for all of that … forever … just to try and save a few pennies.
This is where MPLS comes in.
The architecture and protocols of MPLS (Multiprotocol Label Switching) are based on absolute privacy and security enabled through a dedicated network infrastructure. Simply put … the whole network is completely separate and on its own. It owns it, it does not share it with anyone and there is no connectivity of any kind with a public infrastructure. That is security.
To further drive home the main point of this entire article in simple terms ….. with private lines or MPLS solutions, there is no path from the public to those network facilities. With VPN over the Internet, the path is there and it is your responsibility to provide your own security. Think of the difference between a brick wall and a brick wall with a door. VPN over the Internet is the wall with a door, and you have to manage the lock and keys.
Once your MPLS kernel is up and running … you’re done. In fact, you are unlikely to get very involved in it. Your provider will do it all for you. Since it is a dedicated circuit network, you are not responsible for the maintenance, monitoring, and troubleshooting that you would have with a VPN. In short … don’t worry. No recurring costs, except the monthly “lease” fee for the lines that make up your network.
Before playing the cost card … take a closer look. The price of all dedicated circuits has dropped dramatically over the last few years. Whether copper or fiber based … the shock days of stickers of yesteryear for dedicated T1 lines, DS3 bandwidth or SONET circuits (eg OCx) are long gone. In fact … probably the best deal for you today is to search for MPLS over an Ethernet backbone. You will get the best of security and cost savings.