written 5.1 years ago by |
The Cisco Enterprise MAN and WAN architecture employs a number of MAN and WAN technologies engineered and optimized to interoperate as a contiguous system, providing the integrated QoS, network security, reliability, and manageability required to support a variety of advanced business applications and services.
■ Private WAN: Private connectivity takes advantage of existing Frame Relay, ATM, or other connections. To provide an additional level of security when connecting sites, strong encryption (using Digital Encryption Standard [DES], Triple DES [3DES], and Advanced Encryption Standard [AES]) can be added. A private WAN is ideally suited for an enterprise with moderate growth expectations, where relatively few new branches or remote offices will be deployed over the coming years. Businesses that require secure, dedicated, and reliable connectivity for compliance with information privacy standards, and that also require support for advanced applications such as voice and video, benefit from encrypted private connectivity. However, this technology can result in relatively high recurring monthly carrier fees and is not the preferred technology for extending connectivity to teleworkers and remote call agents. An enterprise might choose encrypted private connectivity to network its larger branch offices, but opt for other technologies, such as a VPN, to connect remote users and smaller sites.
■ ISP service (site-to-site and remote-access IPsec VPN): These technologies take advantage of the ubiquity of public and private IP networks. The use of strong encryption standards (DES, 3DES, and AES) makes this WAN option more secure than traditional private connectivity and makes it compliant with the many new information security regulations imposed on government and industry groups (such as healthcare and finance). When implemented over the public Internet, IPsec VPNs are best suited for businesses that require basic data connectivity. However, if support for delay-sensitive, advanced applications such as voice and video is required, an IPsec VPN should be implemented over an SP’s private network where an adequate level of QoS is assured to support voice and video traffic. Relatively low monthly carrier fees make this technology appropriate for businesses seeking to connect a high number of teleworkers, remote contact center agents, or small remote offices over a geographically dispersed area.
■ SP MPLS and IP VPN: A network-based IP VPN is similar in many ways to private connectivity, but with added flexibility, scalability, and reach. The any-to-any nature of an MPLS-enabled IP VPN (any branch can be networked to any branch), combined with its comprehensive QoS for voice and video traffic, suits the needs of many enterprises, especially those with high growth expectations, where many new branches and remote offices will be added over the next few years. The secure, reliable connectivity and relatively lower carrier fees that are inherent in this technology make a network-based IP VPN a good choice for businesses looking to use a managed service solution to connect branches, remote offices, teleworkers, and remote call agents.
■ Self-deployed MPLS: Self-deployed MPLS is a network segmentation technique that allows enterprises to logically segment the network. Self-deployed MPLS is typically reserved for very large enterprises or an SP willing to make a significant investment in network equipment and training, and for those that have an IT staff that is comfortable with a high degree of technical complexity.