VPN (Virtual Private Network)
A VPN is a private network that uses secure data tunnels over the Internet to connect multiple sites and/or remote users together.
VPN vs MPLS / PWAN
VPN’s have long been a very effective solution for connecting multiple sites and offices, both from a cost and delivery perspective and VPN’s still very much have their place.
However, as data needs and applications become more complex and speed, security and reliability of transmission ever more critical, the cost of data circuits, hardware and hosting falling, has made MPLS networks more accessible, even preferable to a VPN based structure.
The main downsides of a VPN solution today is that:
1. Secure tunnels are created to pass traffic across the Internet. With your traffic traversing the Internet, no guarantees or SLA’s can be applied to the transportation or delivery of your critical data, something that can be guaranteed within an IP-VPN network.
2. Voice or VoIP is not recommended over a VPN. Again, due to not being able to guarantee SLA’s, it is highly inadvisable to have voice traffic relying on a VPN network solution.
3. In order to create a VPN, multiple firewalls are required in order to create the VPN tunnels and route traffic securely from office to office. If you have the IT resource to manage multiple devices, firewall policies and manage the VPN network, then this isn’t so much of a problem. With the opportunity to centralise your firewall within an MPLS network, managing a single device becomes much less of an IT resource burden.
4. CoS (Class of Service) is not something that can be applied within a VPN. Because your traffic crosses the Internet and no SLA can be provided for that, CoS cannot be truly implemented. If you have multiple data services moving across your network, some may carry a higher level of priority than others (e.g. ERP solution vs web surfing). Greater demands on bandwidth demand that we look at the priority of the services crossing the network and provide them with a Class of Service.
In summary, it really is dependent upon the requirement, VPN’s are still a very relevant solution, but are limited in their ability to support more complex or tight service level requirements.