CALL 1-877-797-0000 Secure MPLS Networks
Business Broadband & Data
- Business Broadband
- Dedicated T1 Internet Access
- Bonded T1 Line
- Backup T1 Connection
- Multi-Office
- Dedicated T3 Broadband Line
Business VoIP & Hosted PBX
The Money Issue.
Which brings us to cost. Typically an M P L S link costs about the same as a T1 Internet link. So if you have one main site and five remote sites, and the average price on the T1 is $400, you would usually buy two MPLS T1s at the main site, and five single MPLS T1s at each remote site. Your monthly cost would be $2800. In an IPSEC multi-firewall configuration your remote sites already have internet access, so you would just need to buy seven Internet T1s, for a total of $2800 per month. M P L S typically costs more than Internet T1s, not in loop costs, but to cover the price of the additional T1s required at the main site to reach the internet.
So why MPLS?
If MPLS is more expensive than Internet T1s using IPSEC firewall VPNs, why go M P L S? Well, IPSEC firewalls cost money. They are an up-front capital cost, and not a recurring charge. They also require technical know-how and resources to maintain, not just at the main site but at each remote site also. The more sites you have, the more firewalls to maintain. That is an indirect expense that comes in the form of employee cost. Some ISPs, like ourselves here at Tierzero* offer IPSEC or GRE services as another affordable alternative.
Safety
Security is another benefit for those considering MPLS. M P L S is truly secure because it is virtually a private link. No Internet, no security threat. Many banks, government institutions and security agencies require the security of MPLS because the Internet is vulnerable to attacks, hackers and other malicious activity. IPSEC encryption is only as secure as your last employee. Internet T1s have public IP address space which leaves room for human error, such as bad firewall rules. MPLS T1s are private and since nothing is exposed, there is no vulnerability. The only place the network could be hacked into is through the Internet T1 connection, not the MPLS T1s, which is why you have the firewall at the main site. Keeping track of one firewall is far easier than keeping track of six or more at every remote site. MPLS decreases your vulnerability from multiple points to a single point. This is good, very good.
Commitment
Contractual obligations are another key factor in the equation of WAN connectivity. All of your sites may not have all the same contract end dates. This is a drawback because M P L S usually requires you to move all circuits at once, if you don’t want to end up double paying for service. One option is to hold on to your Internet connection to the main site while replacing your IPSEC Internet T1s with MPLS T1s. This way you fulfill your contractual obligations but still move your network to M P L S. If this doesn’t work, then consider running a hybrid of MPLS and IPsec and as your contracts expire, you can move your circuits from the IPSEC to MPLS. Still some ISPs may allow you to move their Internet T1s to an M P L S T1 if they have the offering.
In conclusion, M P L S can give you significant benefits in terms of simplicity, scalability and security. Its drawback is monthly expense and the need for packet classification and prioritization. IPsec VPNS can give you savings in monthly expense, but bring extreme complexity and maintenance obligations as well as higher upfront costs. These are the factors you need to weigh before opting for either solution. If you have any questions, please feel free to contact us anytime - mike.gach@tierzero.com
*Tierzero is a Los Angeles based ISP specializing in M P L S and IPsec VPN.
So why MPLS?
If MPLS is more expensive than Internet T1s using IPSEC firewall VPNs, why go M P L S? Well, IPSEC firewalls cost money. They are an up-front capital cost, and not a recurring charge. They also require technical know-how and resources to maintain, not just at the main site but at each remote site also. The more sites you have, the more firewalls to maintain. That is an indirect expense that comes in the form of employee cost. Some ISPs, like ourselves here at Tierzero* offer IPSEC or GRE services as another affordable alternative.
Safety
Security is another benefit for those considering MPLS. M P L S is truly secure because it is virtually a private link. No Internet, no security threat. Many banks, government institutions and security agencies require the security of MPLS because the Internet is vulnerable to attacks, hackers and other malicious activity. IPSEC encryption is only as secure as your last employee. Internet T1s have public IP address space which leaves room for human error, such as bad firewall rules. MPLS T1s are private and since nothing is exposed, there is no vulnerability. The only place the network could be hacked into is through the Internet T1 connection, not the MPLS T1s, which is why you have the firewall at the main site. Keeping track of one firewall is far easier than keeping track of six or more at every remote site. MPLS decreases your vulnerability from multiple points to a single point. This is good, very good.
Commitment
Contractual obligations are another key factor in the equation of WAN connectivity. All of your sites may not have all the same contract end dates. This is a drawback because M P L S usually requires you to move all circuits at once, if you don’t want to end up double paying for service. One option is to hold on to your Internet connection to the main site while replacing your IPSEC Internet T1s with MPLS T1s. This way you fulfill your contractual obligations but still move your network to M P L S. If this doesn’t work, then consider running a hybrid of MPLS and IPsec and as your contracts expire, you can move your circuits from the IPSEC to MPLS. Still some ISPs may allow you to move their Internet T1s to an M P L S T1 if they have the offering.
In conclusion, M P L S can give you significant benefits in terms of simplicity, scalability and security. Its drawback is monthly expense and the need for packet classification and prioritization. IPsec VPNS can give you savings in monthly expense, but bring extreme complexity and maintenance obligations as well as higher upfront costs. These are the factors you need to weigh before opting for either solution. If you have any questions, please feel free to contact us anytime - mike.gach@tierzero.com
*Tierzero is a Los Angeles based ISP specializing in M P L S and IPsec VPN.