A Business Case for Broadband Site-to-Site VPN

Mike Houghton dispels the myths and makes the case for switching from Frame Relay.
(Page 1 of 2)

Network managers and engineers, the time for broadband site-to-ite Virtual Private Networks (VPN) has arrived. Although Frame Relay has served, and continues to serve, us all very well, the recurring costs associated with Frame Relay continues is expensive compared those with a broadband site-to-site VPN and it doesn't appear that the carriers intend to drop rates anytime soon.

All the while, your bandwidth requirements increases exponentially due to new applications the software development teams churn out to meet the needs of your business. At the same time, your directive, straight from the CIO, is to make sure business applications are responsive at remote locations and hold down costs, of course.

Well you can rest easy as I am going to tell you how you can go back to your CIO and advise him or her that not only are you going to double the bandwidth, but you are going to reduce overall costs as well.

Simple Definition of a Broadband site-to-site VPN

The most simple and cost effective network is a network that leverages the public Internet as the long haul transport mechanism. Simply speaking, you provision a circuit to the Internet at your datacenter, which terminates at a VPN aggregation router, e.g. Cisco 7206 with VPN Module.

Obviously you employ your existing corporate firewall and/or a choke router to ensure that access is limited to business-related traffic. At your remote location, you provision Internet access via ADSL, DSL, or cable modem and terminate with a VPN router such as the Cisco 1711 VPN router.

Once the Internet circuit and routers are installed, a VPN tunnel, which traverses the Internet, is built by configuring a tunnel between the remote router and the aggregation router at the Corporate Data Center. This is a simple router configuration that must be done on both the end-point and head-end aggregation routers.

We will get into the gory details of that in the next installment of this series.

The Myths

First and foremost, let's cut through the myths about "network availability" and "the Internet is not reliable" stories you are hearing from those doubting engineers that have a Frame Relay security blanket wrapped tightly around them. Can you remember the last time your DSL or Cable Modem Service was out of service at your home? I would venture to guess the answer is you can't remember the last time you lost service, and if so, it was due to a major event such as a storm, hurricane or cable cut that impacts all network services including Frame Relay.

As a matter of fact my experience has been that DSL and Cable systems are more resilient and recover much more quickly than the Frame Relay locations during the punishing hurricane seasons of the past couple of years. The fact of the matter is it's not uncommon for site-to-site VPN networks to achieve 99.99 and better availability.

Folks, this is right up there with Frame Relay and at less than half the cost!

"Yes, but you forgot about latency", quips doubting engineer in the background. Well I am here to tell you latency is not an issue. Latency will typically be less than 120 ms, and in some cases with high-speed cable, this will drop to the neighborhood of 30 to 40 ms. I am actually transmitting call center voice traffic over my network, which is the acid test.

Page 2: Invoicing Headaches & One-Stop Shopping

Page 1 of 2

1 2
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.