Need some help please. A company with 75,000 customers worldwide, 250 employees

Question

Need some help please. A company with 75,000 customers worldwide, 250 employees working in four location in the US and three European offices, with a catalog of more than 100,000 parts grew from just a single location with local customers and has thus overwhelmed its telecom network. The CIO has outlined the key requirements:

- Availability

- Reliability

- Scalability (future part supplier acquisitions)

- Security

- Flexibility

- Performance

- Manageability

- Economic Efficiency (O&M costs should offset the initial investment costs, reducing the long-term total cost of ownership of the network).

The CIO has proposed that the company design and implement it's own netowrk, using advanced technologies for high availability, efficiency, and security management, that can be operated by a very small IT department with VPNs to connect remote offices and users security and to facilitate company expansion.

Need to define the business or technical problem (system crashes frequently interrupting customer service and e-mail), propose a vpn technology solution, propose processes and policies, discuss business and managerial impacts and risks, identify cybersecurity challenges and risks, and mitigation strategies. Format is a 3 page white paper.

I need to present this from a telecommunications standpoint (showing an understanding of WANs, OSI layers, packet delivery and receipt, etc) and also from a knowledge of which type of VPN is best suited (IPsec or SSL VPN or network based or public or MPLS?)...

Explanation / Answer

Answers:

If we are open to opt any VPN technolgy i would preferbly go for MPLS for various reason that i will be discussing here.

As per requirement:

We need to deploy a VPN infrastructure to connect remote branches with the design considerations: Parameters discussed here are with reference to MPLS VPN. This VPN can also be configured cross service providers .

High availability : This is totally network based VPN . There is no client support needed here.

Efficiency: Efficiency and priortisation can be configured and ensured easily.

Transparency: MPLS VPN operates at the IP+ATM or IP environment. it is completely transparent to the applications.

Security: In VPN services ensures business-critical traffic remains confidential via security mechanisms such as tunneling,encryption, traffic separation, packet authentication, user authentication, and access control.

MPLS VPN , one has to rely on service providers to ensure that the data is secure and not visible to other customers sharing the same infrastructure. We can therefore put onus and aggreement of that level with service provider.

Scalability: Scalable to over millions of VPNs. Highly scalable since no site-to-site peering is required. A typical MPLS-based VPN deployment is capable of supporting tens of thousands VPN groups over the same network.

QoS implementation: Per VPN QoS is possible and can easily be implemented compare to other VPN model. Best within a service provider’s core network where QoS, traffic engineering, and bandwidth utilization can be fully controlled, especially if SLA or service-level guarantee (SLG) is to be offered as part of the VPN service .

MPLS VPN structure:

MPLS framework (labels) in the core

VRF (Virtual Routing/Forwarding) context to keep VPNs seperate

RD attached to prefixes to make VPN prefixes unique

Route targets (ext BGP community) attached to VPN prefixes to

BGP in the core to advertise VPN prefix and VPN label to all
Provider Edge (PE) routers

VRF : Virtual Routing/Forwarding :Each protocol needs to be “VRF-aware” when running across VRF interface.

RD: Route distinguish value

RT:Route target value

BGP : iBGP carries the vpnv4 prefix
vpnv4 prefix = RD + IPv4 prefix

Keeping answer reasonably short. Hope , it will help you.

Thanks

Related Questions

Navigate

• Browse (All)
• Browse N
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.