Enterprise Wanman Architecture Comparison

Enterprise WAN/MAN architectures have common characteristics that allow the network designer to compare the advantages and disadvantages of each approach. Table 6-2 compares the characteristics of Private WAN, ISP Service, SP MPLS/IP VPN, and Private MPLS architectures.

Table 6-2 WAN/MAN Architecture Comparison

Characteristic

Private WAN

ISP Service

SP MPLS/ IP VPN

Private MPLS

High availability

Excellent

Good

Excellent

Excellent

Growth support

Moderate

Good

Excellent

Excellent

Security

IPsec (optional)

IPsec (mandatory)

IPsec (optional)

IPsec (optional)

Ongoing expenses

High

Low

Moderate to high

Moderate to high

Ease of management

High

Medium

Medium

High

Voice/video support

Excellent

Moderate

Excellent

Excellent

Effort to migrate from private WAN

Low

Moderate

Moderate

High

The Cisco Enterprise MAN/WAN architecture includes Private WAN, ISP Service, SP MPLS/IP VPN, and Private MPLS:

■ Private WAN generally consists of Frame Relay, ATM, private lines, and other traditional WAN connections. If security is needed, private WAN connections can be used in conjunction with encryption protocols such as Digital Encryption Standard (DES), Triple DES (3DES), and Advanced Encryption Standard (AES). This technology is best suited for an enterprise with moderate growth outlook where some remote or branch offices will need to be connected in the future. Businesses that require secure and reliable connectivity to comply with IT privacy standards can benefit from IPsec encrypted connectivity over the private WAN. Disadvantages of private WANs are that they have high recurring costs from the carriers and they are not the preferred technology for teleworkers and remote call center agents. Some enterprises may use encryption on the network, connecting larger sites and omitting encryption on the smaller remote offices with IP VPNs.

■ ISP Service (Internet with site-to-site and remote-access VPN) uses strong encryption standards such as DES, 3DES, and AES, which make this WAN option more secure than the private WAN. ISP service also provides compliance with many new information security regulations imposed on some industries, such as healthcare and finance. This technology is best suited for basic connectivity over the Internet. However, if you need to support voice and video, consider IPsec VPN solutions that have the desired QoS support needed to meet your network requirements. The cost of this technology is relatively low. It is useful for connecting large numbers of teleworkers, remote contact agents, and remote offices.

■ SP MPLS/IP VPN is similar to private WAN technology, but with added scalability and flexibility. MPLS-enabled IP VPNs enable mesh-like behavior or any-to-any branch-type connectivity. SP MPLS networks can support enterprise QoS requirements for voice and video, especially those with high growth potential. SP MPLS features secure and reliable technology with generally lower carrier fees. This makes it a good option for connecting branch offices, teleworkers, and remote call center agents.

■ Private WAN with self-deployed MPLS usually is reserved for very large enterprises that are willing to make substantial investments in equipment and training to build out the MPLS network. The IT staff needs to be well trained and comfortable with supporting complex networks.

Figure 6-4 illustrates SP MPLS, Private WAN with encryption, and IPsec VPNs WAN

architectures.

Figure 6-4 WAN Architectures

Figure 6-4 WAN Architectures

SP MPLS

Private WAN with Encryption IPsec VPNs

SP MPLS

Private WAN with Encryption IPsec VPNs

Was this article helpful?

0 0

Post a comment