Secure MPLS Networks
Business Broadband & Data
- Business Broadband
- Dedicated T1 Internet Access
- Bonded T1 Line
- Backup T1 Connection
- Multi-Office
- Dedicated T3 Broadband Line
Business VoIP & Hosted PBX
Is MPLS Right for You?
It's a challenge for Corporations with multiple sites to deploy a communications network that connects offices together securely and reliably, never mind affordably. The following information is based on Tierzero's experience designing and installing MPLS and should help you decide whether or not it’s the right solution for your organization. Key factors to consider are budget, technical resources, contract expiration dates, and security risks among others.
History
M P L S arose from the need to create private wide area networks that scaled easily and economically. Before MPLS, the only way to connect remote sites was to do a star and hub topology and buy expensive point-to-point links.
Internet was an alternative, but it was complex and not secure. Before long, people developed firewalls with site-to-site VPN technology that allowed them connect offices via the internet using IPsec encryption. Aside from the expensive hardware, you needed advanced knowledge to design and deploy it. While things were still complex, M P L S started to become mainstream, allowing remote sites to connect to a local provider that would then “Label Switch” traffic to another remote site. The price was about the same as a typical Internet link and accomplished the private connection between sites that managers needed.
Since MPLS was not supported by all carriers and not all carriers provided service nationwide or even worldwide, MPLS suffered from “gaps” in geographical coverage. For example, if you had a Verizon connection in Los Angeles and an Altel connection in New York, and both offered MPLS, you still couldn’t really deploy M P L S because the system required the same carrier covering each end. Consequently, managers had to rely on IPSEC tunnels, which require expensive firewall equipment at each site, (like Cisco PIX, Netscreen, Checkpoint, or some other firewall). Typically consultants had to be hired to pull all of this together. So MPLS and IPsec were “competing” technologies, both providing viable solutions, but each with their own drawbacks.
The Tipping Point
Even today there's still a bias for one solution over the other. Most IT professionals think MPLS is the way to go and IPsec is over. They see buyers ready at any price to dump their IPSEC equipment in order to migrate to an MPLS backbone. There’s a tipping point at work here, partly influenced by all the industry magazines claiming MPLS to be the best technology, or running stories about Fortune 500 companies switching over and saving a bundle. While much of the hype is true, the process of migrating to M P L S takes smart planning. While it's our job to make it as headache free as possible, we encourage clients to make a thorough analysis of their current situation and to gain a proper understanding of the pros and cons.
History
M P L S arose from the need to create private wide area networks that scaled easily and economically. Before MPLS, the only way to connect remote sites was to do a star and hub topology and buy expensive point-to-point links.
Internet was an alternative, but it was complex and not secure. Before long, people developed firewalls with site-to-site VPN technology that allowed them connect offices via the internet using IPsec encryption. Aside from the expensive hardware, you needed advanced knowledge to design and deploy it. While things were still complex, M P L S started to become mainstream, allowing remote sites to connect to a local provider that would then “Label Switch” traffic to another remote site. The price was about the same as a typical Internet link and accomplished the private connection between sites that managers needed.
Since MPLS was not supported by all carriers and not all carriers provided service nationwide or even worldwide, MPLS suffered from “gaps” in geographical coverage. For example, if you had a Verizon connection in Los Angeles and an Altel connection in New York, and both offered MPLS, you still couldn’t really deploy M P L S because the system required the same carrier covering each end. Consequently, managers had to rely on IPSEC tunnels, which require expensive firewall equipment at each site, (like Cisco PIX, Netscreen, Checkpoint, or some other firewall). Typically consultants had to be hired to pull all of this together. So MPLS and IPsec were “competing” technologies, both providing viable solutions, but each with their own drawbacks.
The Tipping Point
Even today there's still a bias for one solution over the other. Most IT professionals think MPLS is the way to go and IPsec is over. They see buyers ready at any price to dump their IPSEC equipment in order to migrate to an MPLS backbone. There’s a tipping point at work here, partly influenced by all the industry magazines claiming MPLS to be the best technology, or running stories about Fortune 500 companies switching over and saving a bundle. While much of the hype is true, the process of migrating to M P L S takes smart planning. While it's our job to make it as headache free as possible, we encourage clients to make a thorough analysis of their current situation and to gain a proper understanding of the pros and cons.
[Next]