* Honda Raffle - Click Here
MPLS-Based IP VPN Service
Businesses of all types and sizes are facing
the challenge of integrating data, voice, and video traffic in easily managed,
scalable, economical, and flexible networks. Virtual private networks (VPNs)
have emerged as a fundamental solution for meeting this challenge and business
customers are now looking to service providers for value-added, cost-effective
VPN services. By outsourcing VPNs to a service provider, business customers gain
the advantages of reduced capital and personnel costs, simpler network
management, "and pay-as-you-grow" scalability.
To deliver VPN services profitably, service providers want to
leverage the efficiencies of Multiprotocol Label Switching (MPLS) technology.
MPLS-based IP VPN services offer a tremendously appealing revenue opportunity
for service providers. Predictions from the market-research firms IDC and Ovum
indicate that by 2006, MPLS-based services will represent a US$14 billion
"MPLS VPNs offer an entry for managed IP services," says Todd
Hanson, principal analyst at Gartner, a technology research and advisory firm
based in Stamford, Connecticut. "The clever service providers will base their
business models and long-term profitability on value-added services, not
exclusively on access."
This document describes how service providers can
benefit from MPLS-based IP VPNs and MPLS solutions from Cisco
The Advantages of MPLS
By deploying MPLS technology, service providers can reduce the
complexity and costs of delivering VPN services to a diverse base of large,
small, and midsized businesses. MPLS simplifies deployment of IP VPNs because
service providers can reduce the cost and effort of provisioning individual
virtual circuits. In addition, network routes can be restricted to only member
routers of the VPN, meaning service providers can ensure privacy and security
equal to that of Layer 2 networks. (More information on VPN security is provided
in the report on testing conducted for Cisco by Miercom; this report is
available at http://www.cisco.com/offer/sp/
MPLS technology enables service providers to deliver
differentiated VPN services to numerous enterprise customers over a single,
shared network infrastructure (Figure 1).
Figure 1 - MPLS enables delivery of
VPN services on a single, shared network infrastructure.
Service providers also gain other immediate business benefits by
adding Cisco MPLS technology to their networks, such as the
- Seamless integration of voice and data networks under one
- Differentiated, end-to-end IP services with simpler
configuration, management, and provisioning
- Scalable, any-to-any connectivity that can encompass multiple
- Simpler requirements for provider-managed networks with support
for service-level agreements (SLAs)
- The ability to provide advanced quality of service (QoS)
features that ensure network priority for mission-critical
- Guaranteed bandwidth for streaming services such as multimedia,
voice, videoconferencing, and e-learning
- A standards-based technology; MPLS is an Internet
Engineering Task Force (IETF) standard designed to ensure interoperability in
- Integration with Cisco IOS(r) software in Cisco routers,
switches, and other network elements
Service providers can also benefit from MPLS technical advantages. MPLS is
deployed primarily in the core of a service provider's network, and is
compatible with pure IP architecture as well as networks with a mix of IP and
ATM and other Layer 2 technologies.
MPLS integrates the switching performance and traffic management capabilities
of Data Link Layer 2 with the scalability and flexibility of Network Layer 3
routing. At the network edge, routers apply simple labels to data packets or
frames. MPLS-enabled ATM switches or routers in the network core can then switch
packets according to those labels with minimal lookup overhead.
Traffic engineering and class of service (CoS) are two key features of MPLS.
Traffic engineering is enabled through MPLS mechanisms that direct traffic
through a specific path, even if it is not the least-cost path. By using these
mechanisms in the core network, engineers can implement policies to ensure
optimal traffic distribution and improve overall network utilization.
The CoS features enable network administrators to provide differentiated
services across the MPLS network by marking packets with a specific DiffServ
Control Point (DSCP). With this technique, MPLS CoS supports packet
classifications and improves capabilities for congestion avoidance and
MPLS VPN Service Description
MPLS-based VPNs can support an enterprise's basic communication needs today,
as well as future value-added applications. MPLS-based VPNs also can create an
intranet that links a corporate headquarters to remote offices over a shared,
prioritized network and offer a cost-effective alternative to traditional
leased-line, ATM, and Frame Relay technologies.
Extranet VPNs can link an enterprise's network resources with third-party
vendors and business partners. MPLS provides the flexible, any-to-any
connectivity that links any members of the VPN to each other, a requirement for
the dynamic nature of extranets.
MPLS VPN Service Features
With a MPLS-based IP VPN, service providers can offer business customers a
variety of service features, such as the following:
- A fully-managed network solution that encompasses customer premises
equipment (CPE) and network services, with support for any access speed and any
- Distinct classes of service for data, voice, video, and storage traffic with
guaranteed service levels (determined by the service provider for each traffic
- IP multicast, a technique for using bandwidth efficiently when sending
routine or common information to multiple sites. Multicast sends a single packet
stream once to a group address that encompasses all of the recipients. Without
multicast, the network must replicate the packet stream multiple times to reach
- Managed Internet access with security and privacy features such as
integrated firewall and intrusion detection.
- Off-net calling for voice-over-IP (VoIP) service.
- Support for a customer's private IP addressing scheme, including network
address translation (NAT) and Dynamic Host Control Protocol (DHCP) services.
- Automatic failover features to assure high network availability.
Cisco Systems offers service providers exceptional network solutions for
delivering these service features of MPLS VPNs (Figure 2).
Figure 2 - MPLS VPN Service
MPLS is an ideal solution for enabling a service provider to offer a
site-to-site VPN service for business customers. This service can connect a
customer's multiple branch offices and other small facilities into a single VPN
over the service provider's shared infrastructure. A site-to-site VPN contrasts
with a remote access VPN service, which is concerned largely with connecting
individual teleworkers and mobile users.
Managed IP VPN services will yield US$20 billion in revenues worldwide by
2006 according to projections by IDC and Ovum. MPLS-based managed services will
generate the majority of this revenue at $14 billion; the remaining $6 billion
in revenue will be generated from IPSec-based VPN managed services.
Several factors are driving the interest of business customers for MPLS-based
- Growth in network traffic due to increasing business use of networked
- The need for businesses to connect more remote offices, teleworkers,
business partners, and others to internal networks-over connections that are
secure, reliable, and economical.
- Interest in new applications, such as IP telephony, that can significantly
simplify networks, reduce costs, and enable new levels of communication
A 2002 survey of US network managers, conducted by Cisco, found the majority
of responding companies either had or were planning to implement IP-based VPNs
for applications such as e-mail, Web browsing, remote access to corporate
databases, and exchange of mission-critical data. This finding suggests the
promising revenue opportunities available to service providers today for VPN
services such as enhanced security (for example, management of firewalls,
encryption, and user authentication) and access to internal Ethernet LANs. In
the future, service providers may gain incremental revenues as business
customers choose VPN expansions and additional services such as redundancy,
classes of service, and wireless access.
This document segments the VPN services market according to company size, a
factor that differentiates service requirements and opportunities.
Large enterprises (500+ employees) are prominent candidates for IP-based VPN
service offerings. In the face of continually rising IT expenses, many large
enterprises see the financial advantages of outsourcing the communications
infrastructure. These customers have complex requirements for VPN design,
including domestic and international connectivity, strong security, and
integration with an existing network infrastructure.
A service provider must be able to handle the required network scalability
and complexity of a large enterprise, as well as seamless integration of the
enterprise's legacy networking technologies and applications. Certain SLA
parameters are also critical: service availability, network latency, packet
loss, mean time to recovery (MTTR), and jitter.
Midsize businesses (100-500 employees and remote offices) are also prime
candidates for IP-based VPNs. The requirements of these businesses for VPN
services include: increased bandwidth for remote users, greater geographic
coverage, the ability to add users quickly, strong security, and service quality
backed by SLAs.
Small businesses (20-100 employees) face the challenges of rapid growth, lack
of in-house technical expertise, and limited ability to keep pace with new
applications. Because a VPN is likely to be the only wide-area network service
deployed by these customers, they require an affordable and secure VPN solution
that encompasses all necessary equipment, accessories, and network services.
This solution must also reduce the costs of dialup access, equipment, and
maintenance; increase network uptime; and assure quality with SLAs.
Trends and Opportunities
The analyst firm Gartner
Dataquest describes several opportunities for service providers when deploying
MPLS-based IP VPNs:
- Improved customer retention and increased profitability by offering
cost-effective and flexible VPN services based on IP and MPLS.
- VPNs offer an entry point for selling managed IP services in addition to
access, increasing long-term profitability.
- The ability to customize VPN services for each business customer, increasing
differentiation and adding value through bundled services for data, voice,
video, network security, wireless access, and other options.
- Improved profitability through reduced costs for VPN service provisioning
and network operation, as well as simpler management of a single
- Flexibility to quickly change the internal network architecture for
efficient resource use.
- MPLS supports network scalability for delivering customer-specific,
Cisco MPLS VPN Solutions
Cisco Systems is uniquely
positioned to help service providers deploy MPLS networks that enable new,
profitable revenue opportunities through VPN services. Cisco site-to-site MPLS
VPN solutions encompass carrier-class network equipment, customer access
devices, network management applications, and VPN features implemented in Cisco
The Cisco MPLS VPN solutions offers secure data, voice, and video
communications among corporate locations, with QoS guarantees. Service providers
can leverage the MPLS solutions to deliver affordable VPN services to customers
with a wide range of access technologies and speeds (from 64 kbps to STM-1 at
155 Mbps). Site-to-site MPLS VPN services can be offered as bundled (with
managed CPE) or as an unbundled (without managed CPE).
All VPN services can be managed with the Cisco VPN Solution Center, which
includes applications for fault management, security services, end-to-end
provisioning of VPN services, and SLA monitoring.
Cisco IOS software, implemented in the core network routers and switches,
supports Cisco MPLS for Managed Shared Services, a group of MPLS-enhanced
networking features. This solution set includes VPN-aware Network Address
Translation (NAT), On-Demand Address Pools (ODAP), and multicast capabilities.
The VPN Select feature enables service providers to extend a customer's MPLS VPN
service to remote users across broadband access networks, irrespective of the
last-mile access provider. To boost the uptime of MPLS VPN services, the Cisco
hot standby failover protocols support dual homing. Cisco Hot Standby Routing
Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) can be used in
MPLS provider edge (PE) routers to deliver this access-link redundancy.
Cisco MPLS VPN solutions go through a rigorous cycle of feature development,
testing, early field trials, and deployment documentation. These testing and
validation efforts give service providers assurance of solution quality that
enables fast VPN service deployment and minimized operational costs.
Cisco's continued development of
MPLS technology will enable service provider networks to deploy many new types
of VPN services for competitive differentiation. New MPLS-based VPN developments
are expected to offer enhancements in service features for off-net integration,
class of service, multicast, and IP telephony.
ECOS Research, Inc.