Information Technology Reference
In-Depth Information
The Cisco enterprise MAN/WAN architectures includes private WAN, ISP service, SP
MPLS/IP VPN, and private MPLS:
Private WAN
generally consists of Frame Relay, ATM, private lines, and other tradi-
tional WAN connections. If security is needed, private WAN connections can be
used in conjunction with encryption protocols such as Digital Encryption Standard
(DES), Triple DES (3DES), and Advanced Encryption Standard (AES). This technology
is best suited for an enterprise with moderate growth outlook where some remote or
branch offices will need to be connected in the future. Businesses that require secure
and reliable connectivity to comply with IT privacy standards can benefit from IPsec
encrypted connectivity over the private WAN. Disadvantages of private WANs are
that they have high recurring costs from the carriers and they are not the preferred
technology for teleworkers and remote call center agents. Some enterprises may use
encryption on the network, connecting larger sites and omitting encryption on the
smaller remote offices with IP VPNs.
■
ISP service (Internet with site-to-site and remote-access VPN)
uses strong encryp-
tion standards such as DES, 3DES, and AES, which make this WAN option more se-
cure than the private WAN. ISP service also provides compliance with many new
information security regulations imposed on some industries, such as healthcare and
finance. This technology is best suited for basic connectivity over the Internet. How-
ever, if you need to support voice and video, consider IPsec VPN solutions that have
the desired QoS support needed to meet your network requirements. The cost of this
technology is relatively low. It is useful for connecting large numbers of teleworkers,
remote contact agents, and small remote offices.
■
SP MPLS/IP VPN
is similar to private WA N technology, but with added scalability
and flexibility. MPLS-enabled IP VPNs enable mesh-like behavior or any-to-any
branch-type connectivity. SP MPLS networks can support enterprise QoS require-
ments for voice and video, especially those with high growth potential. SP MPLS fea-
tures secure and reliable technology with generally lower carrier fee s. This makes it a
good option for connecting branch offices, teleworkers, and remote call center agents.
■
Private WAN with self-deployed MPLS
enables the network to be segmented into
multiple logical segments allowing for multiple VPNs internally. Self-deployed MPLS
is usually reserved for large enterprises that are willing to make substantial invest-
ments in equipment and training to build out the MPLS network. The IT staff needs
to be well trained and comfortable with supporting complex networks.
■
Figure 7-6 illustrates SP MPLS, private WA N with encryption, and IPsec VPNs WA N
architectures.
