Tuesday, December 16, 2008

VPN Technology

Improvements in routing and security protocols and increased capacity in the Internet led to the capability of IP networks to differentiate different types of corporate traffic and to improvements in secure remote access. The following are newer VPN services carried on IP networks:

VPNs for Site-to-Site Communications Within Organizations:
• Multiprotocol label switching (MPLS) VPNs provide any site-to-any site connectivity. This is referred to as meshed service. MPLS service is more flexible than frame relay to configure and is more suitable for intersite voice traffic. MPLS VPN traffic is carried separately from public Internet traffic to guarantee levels of service.

• IP-VPNs are for site-to-site data communications using the public Internet and mixing Internet traffic with site-to-site email and other applications with Internet protocol security (IPSec). IPSec creates a tunnel for each packet. The tunnel hides the destination IP address by surrounding it with a different address. IPSec also scrambles data by encrypting it.


Secure access on VPNs for Remote Access:
• Internet protocol security (IPSec) requires client software on computers. The IPSec protocol establishes a secure, encrypted link to a security device at the carrier or enterprise. This is referred to as tunneling.

• Secure socket layer (SSL) security is a newer VPN access method. Access is embedded in browsers so that organizations are not require to install special client software in each user's computer.

IP VPN and MPLS offerings enable carriers to migrate traffic to their existing IP networks rather than older networks designed to carry frame relay traffic.

No comments: