|
The virtual private network is developing from a simple multiple site
connectivity tool to enabling applications, collaborations and connecting
communities of individuals
Virtual private network (VPN), a key component of an enterprise service
offering, is evolving to shift the focus from 'plain vanilla' multiple site
connectivity to enabling applications and collaborations of individuals and
communities of individuals. The range of applications is huge, from healthcare
solutions that require a very high degree of robustness to networked industrial
facilities and services, such as online market exchanges that require very low
latency.
The migration from first to second VPN generations
The first generation of VPN services was based on TDM/PDH connections
typically provided over SDH/SONET network infrastructure. The lack of
flexibility, coarse granularity, lack of efficient bandwidth utilization, and
the relative high cost, together with the introduction of new technologies,
triggered a migration towards a second generation, in which TDM was replaced by
Frame Relay and ATM. Bandwidth flexibility and Class of Service (CoS) were
introduced. But the service provider's network only offered end-to-end
connectivity between sites. All the 'VPN intelligence' was located at the
customer premises.
Today's third generation: Flexibility to deploy VPNs of any topology
The present market is focused on the third generation, based on widely
available IP/MPLS infrastructure. The service provider manages VPN intelligence
using network-located devices. To put it simply, each VPN site sends all the
traffic to a device (provider edge equipment) controlled by the service
provider, which is responsible for forwarding traffic to the right destination
with the expected Quality of Service (QoS).
Tomorrow's fourth generation: Quality of experience
Tomorrow's fourth generation will be driven by the customer's desire to
completely outsource VPNs to service providers. CIOs prefer to focus on their
business processes, applications and the Quality of Experience (QoE) expected by
end-users rather than occupy themselves with the nitty-gritty of network
functionality.
In the fourth generation, therefore, customers will define their own VPN
service level agreements (SLAs) in a non-technical language that they
understand-the sites they have, the applications they run, and the QoE (rather
than technical QoS) they anticipate. The service provider will decide whether it
is preferable to deploy a layer 2 or layer 3 networking solution for each VPN.
Such a solution can also combine layer 2 Ethernet and layer 3 IP connectivity
for different VPN segments and even sites.
| Highlights: |
- First generation: VPN based on TDM/PDH
connections provided over SDH/SONET
- Second generation:
- TDM replaced by Frame Relay and ATM
Introduction of bandwidth flexibility and CoS
- Third generation: Based on IP/MPLS
infrastructure
- Fourth generation: Customized VPN SLAs
|
The key concept behind the fourth generation is that the service provider
should be able to identify the application that has generated a flow (a voice
call, a file download, Citrix activity, etc) and can use this information to
handle the flow's entire sequence of packets end-to-end according to the type of
application and its level of criticality as defined in the SLA. In addition to
controlled application-aware connectivity, some value-added functionality will
also be provided, such as visibility (end-to-end quality monitoring, resource
usage monitoring), online configuration, security, expense control (alerts when
new resources are required), security, and applications acceleration. Page(s) 1
| 
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
