SlideShare una empresa de Scribd logo

Sparton Corp WAN Analysis

T
tcollins3413
1 de 9
Descargar para leer sin conexión
Contents The Case for Frame Relay The Case for MPLS The Case for IPsec VPN Conclusion Sparton Corporation Wide Area Network (WAN) Analysis September 25, 2009 Page 1 of 9
Contents Table of Contents Introduction 3 Definition of terms 4 The Case for Frame Relay 5 The Case for MPLS 6 The Case for IPsec VPN 7 Comparison Matrix 8 Recommendations 9 Proposed Solution Diagram 9 Page 2 of 9
Introduction When it comes to connecting all of Sparton Corporations’ remote locations via a wide area network (WAN) there is a choice of 3 viable provisioning technologies: Frame Relay, MPLS, and IPsec VPN. Each option comes with its corresponding strengths and weaknesses. The solution most appropriate for Sparton Corporation will be measured and weighted against the following business requirements: • The classification of information being transferred between sites. Standard classifications are data, voice, & video each of which has specific latency requirements for the applications they serve. • The level of reliability and quality of service (QoS) required supporting departmental Service Level Agreements (SLAs). • The level of security required to meet all regulatory requirements and established best practices. • Flexibility and cost effectiveness. The purpose of this Analysis is to study the existing, WAN design and typology of Sparton Corporation, and determine which of the available provisioning technologies will best suit the organizations near-term and long-term needs relative to its intensive turnaround efforts. Page 3 of 9
Definition of Terms The following definitions will be used throughout this paper. Frame Relay Frame Relay is a communication protocol for the data transmission between local area networks (LANs) and between end-points in a wide area network (WAN). For most services providers, they provides a permanent virtual circuit (PVC), which means that the customer sees a continuous, dedicated connection without having to pay for a full-time leased line, while the service-provider figures out the route the data travels to its destination and can charge based on usage. A fully meshed design which provides any-to-any connections between sites increases the complexity and the monthly recurring cost of frame relay exponentially. MPLS - Multiprotocol Label Switching MPLS is a high performance, highly flexible communication protocol for the data transmission between local area networks (LANs) and between end-points in a wide area network (WAN). MPLS allows a business to have a fully meshed network where each location can communicate with one another without any additional charges, unlike Frame relay IPsec VPN IPsec VPN is a cost effective, highly flexible “virtual” communication protocol that transmits data across the WAN in a virtual, IPsec encrypted tunnel utilizing existing Internet connections at each remote site. It provides a fully meshed network design and collapses the WAN and Internet access on to a single network that reduces costs. Latency Latency measures the data transmission time from the source sending a packet of data to the destination receiving it. Several applications like voice, and especially video are sensitive to increases, or delays in data transmission latency. QoS – Quality of Service Quality of Service refers to the consistent performance of a network as supported by the network Service Level Agreements (SLAs). Fully meshed Design In a fully meshed network design all locations of the WAN are connected directly to each other. A meshed network offers redundancy in that if a single location becomes unavailable the other sites can continue communicating. Page 4 of 9
Existing WAN The Case for Frame Relay Frame Relay is the current technology used to provision the WAN throughout Sparton Corporation. Frame Relay is a data link layer communications protocol that enables the establishment of multiple independent circuits, or data links, over a single physical connection. In a frame relay network, each individual logical connection is called a Permanent Virtual Circuit (PVC). Beyond cost savings, PVCs have a distinct advantage over traditional leased lines because PVCs are software defined, so they can be created, altered or dismantled in a matter of hours. Frame Relay networks are considered private because each customer’s individual traffic is separated into a predetermined path, the PVC. Unintended recipients cannot view traffic that is not deliberately sent to them. Key Strengths • Ability to support multiple Layer 3 protocols. Frame relay is a data link layer technology, and thus can support any Layer 3 protocol. Businesses applications based on non-IP protocols, such as IPX, SNA or AppleTalk benefit from this feature. • Installed base. Frame Relay is the most prevalent of the three WAN provisioning methods (but is quickly losing ground to MPLS). Key Limitations • High cost and complexity of meshed configurations. • Potentially high network delay. Depending on the topology of the frame relay network at Sparton, packets traveling over the WAN may experience high latency relative to other IP network designs with any- to-any connectivity. Page 5 of 9
How About MPLS? The Case for MPLS One of the top benefits of MPLS is that it creates a fully meshed network by default. So by being connected to a MPLS network at each location, Sparton will have a direct, any-to-any connection throughout the organization without any of the additional cost or configuration that would be necessary with frame-relay or IPSec VPN. An application that most benefits from this "any-to- any" connectivity is Voice-over-IP (VoIP). VoIP is challenging to implement over IPSec site-to-site VPN tunnels because the encryption and going through multiple Internet carriers can cause too much latency. The other main benefit of MPLS is the quality of service (QoS). Either the carrier will offer QoS in its standard offering or it will be an add-on feature. With the QoS of MPLS, Sparton can prioritize certain delay sensitive traffic (such as voice and video) all the way through the carrier’s network. Key Strengths • More flexible than Frame Relay. MPLS gives the network manager a great deal of flexibility to divert and route traffic around link failures, congestion, and bottlenecks. • Fully meshed design built-in allowing any-to-any connections. • Quality of service (QoS) built-in. • Disaster Recovery Site services. Many providers provide access to a corporate DR site as an affordable, easy to setup option. Key Limitations • MPLS is a private IP network service and requires separate, dedicated connections at each location (similar to frame relay). Page 6 of 9
How About IPsec VPN? The Case for IPsec VPN The flexibility and ubiquity of the Internet has made it a logical substitute for the private lines, Frame Relay or MPLS ports that many companies use today to connect their remote locations. One obvious drawback, however, is the fact that a network this widely accessible is not inherently secure. IPsec VPNs use a protocol known as IP Security, or IPSec, to ensure the privacy of data traveling over the public Internet. The “virtual tunnels” that IPsec VPN uses connects remote sites across existing, lower cost/higher bandwidth internet connections and is thus, the least expensive WAN provisioning method. Key Strengths • Variety and cost-effectiveness of bandwidth options. • Fully Meshed design allowing any-to-any connections with additional configuration work. • Inherent ability to connect remote users. • Need for only one connection per site. An IPsec VPN allows Sparton employees to use the same connection for both Internet and WAN connectivity. Key Limitations • More complex access control plus dedicated routers that support IPsec VPN tunneling are required at all locations. • QoS is not supported and latency is dependant upon the internet’s “best effort” of data delivery. Page 7 of 9
Comparison Matrix Feature Frame Relay MPLS IPsec VPN Latency Latencies in a Frame Relay Latencies in a MPLS WAN are Latencies in a IPsec VPN WAN WAN are usually quite low as usually quite low as this too is can be variable as this traffic this is a “Private” data service a “Private” data service with travels across the public with very strict service level very strict service level internet which generally has agreements or SLAs. Frame agreements or SLAs. MPLS will poor SLAs. Internet traffic is Relay will support latency support latency sensitive delivered based on a “best sensitive applications like applications like voice and effort” model which can see voice and video very well. video very well. significant congestion at times. Reliability You have to receive all You will have to receive all Operating all your IPSec VPN Frame Relay circuits through MPLS circuits through a single tunnels through the same a single carrier, which should carrier, which helps with Internet Service Provider could increase reliability. In general, reliability. In general, Frame increase reliability (but Frame Relay and MPLS will be Relay and MPLS will be more decrease fault tolerance) over more reliable than IPSec reliable than IPSec VPNs using multiple Internet carriers. VPNs because there is less because there is less complication in the tunneling complication in the tunneling and firewall configuration. and firewall configuration. QoS While Frame Relay services QoS may be included with QoS features are limited. Once providers have very good the carrier’s MPLS offering or you send your encrypted data SLAs the configuration of QoS it may cost extra. Either way, over the Internet, little can be has to be done on Sparton with MPLS QoS, you can done to prioritize it. You can routers and ads to the prioritize certain traffic all the only prioritize data inside of amount of configuration way through the carrier’s Sparton’s AS (autonomous work involved. network. This is great for system). latency-sensitive applications, like VoIP. Security Used as a private network, Used as a private network, Although with an IPsec VPN Frame relay offers the same MPLS offers the same security WAN data is sent across the security as a MPLS network. as a Frame Relay network. public internet it is encrypted However, keep in mind that However, keep in mind that via IPsec and thus arguably as with MPLS, data sent over as with Frame Relay, data more secure. a Frame Relay network is not sent over an MPLS network is encrypted. not encrypted. Cost The cost of Frame Relay is MPLS does not charge for An IPsec VPN WAN is generally generally the highest of the individual PVCs and offers the least costly as it leverages three. The cost increases site-to-site connections as a the existing internet depending on the CIR built-in feature at no connections at each location. (committed information rate) additional cost. and number of PVCs needed to support every site-to-site connection. Page 8 of 9
Conclusions Recommendations While Sparton Corporation’s existing Frame Relay WAN has served its original intent this analysis has revealed that implementing new technologies (like MPLS) and leveraging existing low cost/high bandwidth internet connections at each location, the following could be achieved: • Decreased operating costs. With the proposed solution below, the existing Frame Relay WAN would be replaced with MPLS. The port speeds at each location would be sized to support only delay sensitive traffic like voice and video. The high bandwidth traffic of email messaging and file transfers would be routed through the IPsec VPN tunnels. • Built-in redundancy. Effectively having a second WAN the IPsec VPN tunnels could act as a backup path for the sensitive data which normally flows over the MPLS WAN in the event of an outage. • Quick and convenient access to a disaster recovery site. With a disaster recovery port on the MPLS WAN, we can redirect traffic from a compromised site or sites to a location we have designated as a backup location (or DR site). Proposed Solution Diagram Page 9 of 9

Recomendados

Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Juniper Networks
 
Vpls%20backgrounder
Vpls%20backgrounderVpls%20backgrounder
Vpls%20backgrounder
PHIL110
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
Ameen Wayok
 
Ip virtual leased line
Ip virtual leased lineIp virtual leased line
Ip virtual leased line
Zahraddeen Muhammadnafiu
 
Virtual Private LAN Service (VPLS)
Virtual Private LAN Service (VPLS)Virtual Private LAN Service (VPLS)
Virtual Private LAN Service (VPLS)
Johnson Liu
 
Access Network Evolution
Access Network Evolution Access Network Evolution
Access Network Evolution
Cisco Canada
 
Trill spb-comparison-extract
Trill spb-comparison-extractTrill spb-comparison-extract
Trill spb-comparison-extract
IssacYuan
 
Mpls vpn1
Mpls vpn1Mpls vpn1
Mpls vpn1
rel comm
 

Recomendados

Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Juniper Networks
 
Vpls%20backgrounder
Vpls%20backgrounderVpls%20backgrounder
Vpls%20backgrounder
PHIL110
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
Ameen Wayok
 
Ip virtual leased line
Ip virtual leased lineIp virtual leased line
Ip virtual leased line
Zahraddeen Muhammadnafiu
 
Virtual Private LAN Service (VPLS)
Virtual Private LAN Service (VPLS)Virtual Private LAN Service (VPLS)
Virtual Private LAN Service (VPLS)
Johnson Liu
 
Access Network Evolution
Access Network Evolution Access Network Evolution
Access Network Evolution
Cisco Canada
 
Trill spb-comparison-extract
Trill spb-comparison-extractTrill spb-comparison-extract
Trill spb-comparison-extract
IssacYuan
 
Mpls vpn1
Mpls vpn1Mpls vpn1
Mpls vpn1
rel comm
 
Mpls vs ip_sec VPN's
Mpls vs ip_sec VPN'sMpls vs ip_sec VPN's
Mpls vs ip_sec VPN's
alainwin3
 
Brocade Ethernet Fabrics and the ODDC
Brocade Ethernet Fabrics and the ODDCBrocade Ethernet Fabrics and the ODDC
Brocade Ethernet Fabrics and the ODDC
EMC Nederland
 
#NSD14 - Sécuriser l'infrastructure réseau des datacenters
#NSD14 - Sécuriser l'infrastructure réseau des datacenters#NSD14 - Sécuriser l'infrastructure réseau des datacenters
#NSD14 - Sécuriser l'infrastructure réseau des datacenters
NetSecure Day
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solution
Tony Antony
 
PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLSPLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PROIDEA
 
MPLS_vs_IPSec article
MPLS_vs_IPSec articleMPLS_vs_IPSec article
MPLS_vs_IPSec article
Alain Nguyen
 
Конференция Brocade. 2
Конференция Brocade. 2Конференция Brocade. 2
Конференция Brocade. 2
SkillFactory
 
Sitel
SitelSitel
Sitel
Cisco Case Studies
 
Mplsvpn seminar
Mplsvpn seminarMplsvpn seminar
Mplsvpn seminar
HARRY CHAN PUTRA
 
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
SkillFactory
 
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
SkillFactory
 
VPLS versus MPLS
VPLS versus MPLSVPLS versus MPLS
VPLS versus MPLS
InTechnology Managed Services (part of Redcentric)
 
White Paper: IP VPN and Ethernet WAN Services
White Paper: IP VPN and Ethernet WAN ServicesWhite Paper: IP VPN and Ethernet WAN Services
White Paper: IP VPN and Ethernet WAN Services
Metrodata Limited
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
Cisco Service Provider
 
Network Virtualization using Shortest Path Bridging
Network Virtualization using Shortest Path Bridging Network Virtualization using Shortest Path Bridging
Network Virtualization using Shortest Path Bridging
Motty Ben Atia
 
Mellanox Storage Solutions
Mellanox Storage SolutionsMellanox Storage Solutions
Mellanox Storage Solutions
Mellanox Technologies
 
Advancing Applications Performance With InfiniBand
Advancing Applications Performance With InfiniBandAdvancing Applications Performance With InfiniBand
Advancing Applications Performance With InfiniBand
Mellanox Technologies
 
Enterprise Connectivity
Enterprise ConnectivityEnterprise Connectivity
Enterprise Connectivity
ST Engineering iDirect
 
Mpls vs IPSec VPN's
Mpls vs IPSec VPN'sMpls vs IPSec VPN's
Mpls vs IPSec VPN's
alainwin3
 
How to Re-evaluate Your MPLS Service Provider
How to Re-evaluate Your MPLS Service ProviderHow to Re-evaluate Your MPLS Service Provider
How to Re-evaluate Your MPLS Service Provider
Idan Hershkovich
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?
Phani Kumar
 
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
IBM India Smarter Computing
 

Más contenido relacionado

La actualidad más candente

PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLSPLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PROIDEA
 
MPLS_vs_IPSec article
MPLS_vs_IPSec articleMPLS_vs_IPSec article
MPLS_vs_IPSec article
Alain Nguyen
 

La actualidad más candente (18)

Mpls vs ip_sec VPN's
Mpls vs ip_sec VPN'sMpls vs ip_sec VPN's
Mpls vs ip_sec VPN's
 
Brocade Ethernet Fabrics and the ODDC
Brocade Ethernet Fabrics and the ODDCBrocade Ethernet Fabrics and the ODDC
Brocade Ethernet Fabrics and the ODDC
 
#NSD14 - Sécuriser l'infrastructure réseau des datacenters
#NSD14 - Sécuriser l'infrastructure réseau des datacenters#NSD14 - Sécuriser l'infrastructure réseau des datacenters
#NSD14 - Sécuriser l'infrastructure réseau des datacenters
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solution
 
PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLSPLNOG 5: Rafał Szarecki - SEAMLESS MPLS
PLNOG 5: Rafał Szarecki - SEAMLESS MPLS
 
MPLS_vs_IPSec article
MPLS_vs_IPSec articleMPLS_vs_IPSec article
MPLS_vs_IPSec article
 
Конференция Brocade. 2
Конференция Brocade. 2Конференция Brocade. 2
Конференция Brocade. 2
 
Sitel
SitelSitel
Sitel
 
Mplsvpn seminar
Mplsvpn seminarMplsvpn seminar
Mplsvpn seminar
 
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
Конференция Brocade. 4. Развитие технологии Brocade VCS, новое поколение комм...
 
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
Конференция Brocade. 1. Новые тренды в сетях ЦОД: Программно-определяемые сет...
 
VPLS versus MPLS
VPLS versus MPLSVPLS versus MPLS
VPLS versus MPLS
 
White Paper: IP VPN and Ethernet WAN Services
White Paper: IP VPN and Ethernet WAN ServicesWhite Paper: IP VPN and Ethernet WAN Services
White Paper: IP VPN and Ethernet WAN Services
 
Unified MPLS
Unified MPLSUnified MPLS
Unified MPLS
 
Network Virtualization using Shortest Path Bridging
Network Virtualization using Shortest Path Bridging Network Virtualization using Shortest Path Bridging
Network Virtualization using Shortest Path Bridging
 
Mellanox Storage Solutions
Mellanox Storage SolutionsMellanox Storage Solutions
Mellanox Storage Solutions
 
Advancing Applications Performance With InfiniBand
Advancing Applications Performance With InfiniBandAdvancing Applications Performance With InfiniBand
Advancing Applications Performance With InfiniBand
 
Enterprise Connectivity
Enterprise ConnectivityEnterprise Connectivity
Enterprise Connectivity
 

Similar a Sparton Corp WAN Analysis

Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business Models
Cisco Service Provider
 
Software Based Traffic Separation at the Access Layer
Software Based Traffic Separation at the Access LayerSoftware Based Traffic Separation at the Access Layer
Software Based Traffic Separation at the Access Layer
IJERA Editor
 
1Running Head Network Design3Network DesignUn.docx
1Running Head Network Design3Network DesignUn.docx1Running Head Network Design3Network DesignUn.docx
1Running Head Network Design3Network DesignUn.docx
eugeniadean34240
 

Similar a Sparton Corp WAN Analysis (20)

Mpls vs IPSec VPN's
Mpls vs IPSec VPN'sMpls vs IPSec VPN's
Mpls vs IPSec VPN's
 
How to Re-evaluate Your MPLS Service Provider
How to Re-evaluate Your MPLS Service ProviderHow to Re-evaluate Your MPLS Service Provider
How to Re-evaluate Your MPLS Service Provider
 
SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?SD WAN VS MPLS – Which is better for your Business?
SD WAN VS MPLS – Which is better for your Business?
 
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
Towards an Open Data Cente with an Interoperable Network (ODIN) Volume 5: WAN...
 
SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?
 
Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN
 
Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business Models
 
5 Factors for MPLS Migration - XO Communications
5 Factors for MPLS Migration - XO Communications5 Factors for MPLS Migration - XO Communications
5 Factors for MPLS Migration - XO Communications
 
Software Based Traffic Separation at the Access Layer
Software Based Traffic Separation at the Access LayerSoftware Based Traffic Separation at the Access Layer
Software Based Traffic Separation at the Access Layer
 
Edge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
 
63151777 core-design
63151777 core-design63151777 core-design
63151777 core-design
 
1Running Head Network Design3Network DesignUn.docx
1Running Head Network Design3Network DesignUn.docx1Running Head Network Design3Network DesignUn.docx
1Running Head Network Design3Network DesignUn.docx
 
Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...
Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...
Evolve IT: Why Performance Matters When Building Your New SD-WAN, Not all SD-...
 
Silver Peak presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
Silver Peak presentation used during the SWITCHPOINT NV/SA Quarterly Experien...Silver Peak presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
Silver Peak presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
 
Key Factors To Consider When Selecting Your Mpls Provider
Key Factors To Consider When Selecting Your Mpls ProviderKey Factors To Consider When Selecting Your Mpls Provider
Key Factors To Consider When Selecting Your Mpls Provider
 
SD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloudSD-WAN for Service Providers - VeloCloud
SD-WAN for Service Providers - VeloCloud
 
Intelligent Transport
Intelligent TransportIntelligent Transport
Intelligent Transport
 
Qo s
Qo sQo s
Qo s
 
Vivpn pp tfinal
Vivpn pp tfinalVivpn pp tfinal
Vivpn pp tfinal
 
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
OVNC 2015-Open Ethernet과 SDN을 통한 Mellanox의 차세대 네트워크 혁신 방안
 

Sparton Corp WAN Analysis

  • 1. Contents The Case for Frame Relay The Case for MPLS The Case for IPsec VPN Conclusion Sparton Corporation Wide Area Network (WAN) Analysis September 25, 2009 Page 1 of 9
  • 2. Contents Table of Contents Introduction 3 Definition of terms 4 The Case for Frame Relay 5 The Case for MPLS 6 The Case for IPsec VPN 7 Comparison Matrix 8 Recommendations 9 Proposed Solution Diagram 9 Page 2 of 9
  • 3. Introduction When it comes to connecting all of Sparton Corporations’ remote locations via a wide area network (WAN) there is a choice of 3 viable provisioning technologies: Frame Relay, MPLS, and IPsec VPN. Each option comes with its corresponding strengths and weaknesses. The solution most appropriate for Sparton Corporation will be measured and weighted against the following business requirements: • The classification of information being transferred between sites. Standard classifications are data, voice, & video each of which has specific latency requirements for the applications they serve. • The level of reliability and quality of service (QoS) required supporting departmental Service Level Agreements (SLAs). • The level of security required to meet all regulatory requirements and established best practices. • Flexibility and cost effectiveness. The purpose of this Analysis is to study the existing, WAN design and typology of Sparton Corporation, and determine which of the available provisioning technologies will best suit the organizations near-term and long-term needs relative to its intensive turnaround efforts. Page 3 of 9
  • 4. Definition of Terms The following definitions will be used throughout this paper. Frame Relay Frame Relay is a communication protocol for the data transmission between local area networks (LANs) and between end-points in a wide area network (WAN). For most services providers, they provides a permanent virtual circuit (PVC), which means that the customer sees a continuous, dedicated connection without having to pay for a full-time leased line, while the service-provider figures out the route the data travels to its destination and can charge based on usage. A fully meshed design which provides any-to-any connections between sites increases the complexity and the monthly recurring cost of frame relay exponentially. MPLS - Multiprotocol Label Switching MPLS is a high performance, highly flexible communication protocol for the data transmission between local area networks (LANs) and between end-points in a wide area network (WAN). MPLS allows a business to have a fully meshed network where each location can communicate with one another without any additional charges, unlike Frame relay IPsec VPN IPsec VPN is a cost effective, highly flexible “virtual” communication protocol that transmits data across the WAN in a virtual, IPsec encrypted tunnel utilizing existing Internet connections at each remote site. It provides a fully meshed network design and collapses the WAN and Internet access on to a single network that reduces costs. Latency Latency measures the data transmission time from the source sending a packet of data to the destination receiving it. Several applications like voice, and especially video are sensitive to increases, or delays in data transmission latency. QoS – Quality of Service Quality of Service refers to the consistent performance of a network as supported by the network Service Level Agreements (SLAs). Fully meshed Design In a fully meshed network design all locations of the WAN are connected directly to each other. A meshed network offers redundancy in that if a single location becomes unavailable the other sites can continue communicating. Page 4 of 9
  • 5. Existing WAN The Case for Frame Relay Frame Relay is the current technology used to provision the WAN throughout Sparton Corporation. Frame Relay is a data link layer communications protocol that enables the establishment of multiple independent circuits, or data links, over a single physical connection. In a frame relay network, each individual logical connection is called a Permanent Virtual Circuit (PVC). Beyond cost savings, PVCs have a distinct advantage over traditional leased lines because PVCs are software defined, so they can be created, altered or dismantled in a matter of hours. Frame Relay networks are considered private because each customer’s individual traffic is separated into a predetermined path, the PVC. Unintended recipients cannot view traffic that is not deliberately sent to them. Key Strengths • Ability to support multiple Layer 3 protocols. Frame relay is a data link layer technology, and thus can support any Layer 3 protocol. Businesses applications based on non-IP protocols, such as IPX, SNA or AppleTalk benefit from this feature. • Installed base. Frame Relay is the most prevalent of the three WAN provisioning methods (but is quickly losing ground to MPLS). Key Limitations • High cost and complexity of meshed configurations. • Potentially high network delay. Depending on the topology of the frame relay network at Sparton, packets traveling over the WAN may experience high latency relative to other IP network designs with any- to-any connectivity. Page 5 of 9
  • 6. How About MPLS? The Case for MPLS One of the top benefits of MPLS is that it creates a fully meshed network by default. So by being connected to a MPLS network at each location, Sparton will have a direct, any-to-any connection throughout the organization without any of the additional cost or configuration that would be necessary with frame-relay or IPSec VPN. An application that most benefits from this "any-to- any" connectivity is Voice-over-IP (VoIP). VoIP is challenging to implement over IPSec site-to-site VPN tunnels because the encryption and going through multiple Internet carriers can cause too much latency. The other main benefit of MPLS is the quality of service (QoS). Either the carrier will offer QoS in its standard offering or it will be an add-on feature. With the QoS of MPLS, Sparton can prioritize certain delay sensitive traffic (such as voice and video) all the way through the carrier’s network. Key Strengths • More flexible than Frame Relay. MPLS gives the network manager a great deal of flexibility to divert and route traffic around link failures, congestion, and bottlenecks. • Fully meshed design built-in allowing any-to-any connections. • Quality of service (QoS) built-in. • Disaster Recovery Site services. Many providers provide access to a corporate DR site as an affordable, easy to setup option. Key Limitations • MPLS is a private IP network service and requires separate, dedicated connections at each location (similar to frame relay). Page 6 of 9
  • 7. How About IPsec VPN? The Case for IPsec VPN The flexibility and ubiquity of the Internet has made it a logical substitute for the private lines, Frame Relay or MPLS ports that many companies use today to connect their remote locations. One obvious drawback, however, is the fact that a network this widely accessible is not inherently secure. IPsec VPNs use a protocol known as IP Security, or IPSec, to ensure the privacy of data traveling over the public Internet. The “virtual tunnels” that IPsec VPN uses connects remote sites across existing, lower cost/higher bandwidth internet connections and is thus, the least expensive WAN provisioning method. Key Strengths • Variety and cost-effectiveness of bandwidth options. • Fully Meshed design allowing any-to-any connections with additional configuration work. • Inherent ability to connect remote users. • Need for only one connection per site. An IPsec VPN allows Sparton employees to use the same connection for both Internet and WAN connectivity. Key Limitations • More complex access control plus dedicated routers that support IPsec VPN tunneling are required at all locations. • QoS is not supported and latency is dependant upon the internet’s “best effort” of data delivery. Page 7 of 9
  • 8. Comparison Matrix Feature Frame Relay MPLS IPsec VPN Latency Latencies in a Frame Relay Latencies in a MPLS WAN are Latencies in a IPsec VPN WAN WAN are usually quite low as usually quite low as this too is can be variable as this traffic this is a “Private” data service a “Private” data service with travels across the public with very strict service level very strict service level internet which generally has agreements or SLAs. Frame agreements or SLAs. MPLS will poor SLAs. Internet traffic is Relay will support latency support latency sensitive delivered based on a “best sensitive applications like applications like voice and effort” model which can see voice and video very well. video very well. significant congestion at times. Reliability You have to receive all You will have to receive all Operating all your IPSec VPN Frame Relay circuits through MPLS circuits through a single tunnels through the same a single carrier, which should carrier, which helps with Internet Service Provider could increase reliability. In general, reliability. In general, Frame increase reliability (but Frame Relay and MPLS will be Relay and MPLS will be more decrease fault tolerance) over more reliable than IPSec reliable than IPSec VPNs using multiple Internet carriers. VPNs because there is less because there is less complication in the tunneling complication in the tunneling and firewall configuration. and firewall configuration. QoS While Frame Relay services QoS may be included with QoS features are limited. Once providers have very good the carrier’s MPLS offering or you send your encrypted data SLAs the configuration of QoS it may cost extra. Either way, over the Internet, little can be has to be done on Sparton with MPLS QoS, you can done to prioritize it. You can routers and ads to the prioritize certain traffic all the only prioritize data inside of amount of configuration way through the carrier’s Sparton’s AS (autonomous work involved. network. This is great for system). latency-sensitive applications, like VoIP. Security Used as a private network, Used as a private network, Although with an IPsec VPN Frame relay offers the same MPLS offers the same security WAN data is sent across the security as a MPLS network. as a Frame Relay network. public internet it is encrypted However, keep in mind that However, keep in mind that via IPsec and thus arguably as with MPLS, data sent over as with Frame Relay, data more secure. a Frame Relay network is not sent over an MPLS network is encrypted. not encrypted. Cost The cost of Frame Relay is MPLS does not charge for An IPsec VPN WAN is generally generally the highest of the individual PVCs and offers the least costly as it leverages three. The cost increases site-to-site connections as a the existing internet depending on the CIR built-in feature at no connections at each location. (committed information rate) additional cost. and number of PVCs needed to support every site-to-site connection. Page 8 of 9
  • 9. Conclusions Recommendations While Sparton Corporation’s existing Frame Relay WAN has served its original intent this analysis has revealed that implementing new technologies (like MPLS) and leveraging existing low cost/high bandwidth internet connections at each location, the following could be achieved: • Decreased operating costs. With the proposed solution below, the existing Frame Relay WAN would be replaced with MPLS. The port speeds at each location would be sized to support only delay sensitive traffic like voice and video. The high bandwidth traffic of email messaging and file transfers would be routed through the IPsec VPN tunnels. • Built-in redundancy. Effectively having a second WAN the IPsec VPN tunnels could act as a backup path for the sensitive data which normally flows over the MPLS WAN in the event of an outage. • Quick and convenient access to a disaster recovery site. With a disaster recovery port on the MPLS WAN, we can redirect traffic from a compromised site or sites to a location we have designated as a backup location (or DR site). Proposed Solution Diagram Page 9 of 9