• 07/29/2002
    4:00 AM
  • Network Computing
  • Commentary
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

The Next Revolution in VPNs

Frame relay can do most things that the new network-based VPNs' can do. But NB-VPNs' reduced pricing structure -- they reduce the number of circuits and are easier to budget
But though Internet VPNs are very successful in those network domains, they have not displaced traditional WAN services for LAN-to-LAN connectivity. Internet VPNs lack the reliability, security and simplicity of conventional WAN services. Often the cost of support and the cost of downtime eat away the savings of using cheap Internet bandwidth. So users have stuck with services like frame relay.

Now a new type of VPN is aimed at LAN interconnection. It's still early days for the technology, and network-based VPNs (NB-VPNs) will not become a broad success quickly, though some carriers are far ahead of the pack. The global carrier Equant has more than 500 customers on its MPLS-based service; many of those moved out of frame relay. Savvis, which has a history of providing services to the financial community (a demanding group -- you don't skimp on reliability when the network moves millions of dollars), has more than 350 customers on its Nortel Shasta-based VPN service, with the largest customer having more than 7,000 sites. Other carriers, such as AT&T and Qwest, have had more moderate success with network-based VPN services. And there are many other carriers just now starting services.

From the carrier's point of view, these services are indeed something new. They use new technologies, like virtual routing, MPLS, IPsec in the cloud or GRE tunnels. They may be layered on ATM or directly over optical. Relative to pure ATM or frame relay switching, there are cost and scale benefits for the carriers. But from the customer's perspective, it's difficult to see what's unique here.

Like frame relay, NB-VPNs let a controlled number of users share a pool of bandwidth on a common carrier backbone, isolating traffic so each customer perceives he or she is the only user on the network. But there is an important difference, and it's not the technology, but in its pricing structure.

Rather than charging for virtual circuits between locations as with frame relay, most NB-VPNs bill each network site based on an access charge, port and bandwidth/delay guarantees, making it easier to budget for and provision new services.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments