[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec VPN v.s. MPLS VPN
This might help you for start...
http://www.ietf.org/internet-drafts/draft-behringer-mpls-security-01.txt
Franjo
At 04:21 2/25/2002, Takaoka Takayoshi wrote:
Hi,
everyone!
I want to discuss the superiority
both type of VPN, IPsec and MPLS.
Now our company run after the
tech of VPN to provide the secure zone for all customer, and this
classfication is as following I think;
IPsec VPN -use the Internet for
this infrastructure, don't be needed the additional capital investment,
so this is match for the enterprise security solution. But there is no
expectation to ensure the intelligent Traffic Engineering that MPLS VPN
can do.
MPLS VPN - use the closed network
with the exclusive router, and this closed network is provided by the
carrier, this complecated switching network can give us high performance
and perfect ToS, and no need to encrypt the traffic data.
Now I think, it's just my
opinion, if the internet infrastructure become has a big pipe and high
performance, of couse the investment for this owe to all of carrier, the
intelligent traffic engineering is no use anymore and great through put
can provide to anyone connecting to internet. That means, in the future,
the intelligent ToS isn't neccesary, we don't need to care of the ToS,
extremely I can say.
That fact also means, the end
security gateway only take care of high performance encryption &
decryption, that based on ASIC.
I wonder, there is some
possibility in the future, all of client has exclusive ASIC for
encryption for itself, and also the internet has security gateway routing
protocol, this system can be swith the all of client request with IPsec.
The client can connect to all of internet server or client using security
tunnel that provided by VPN swith network which spreading all over the
world!
Anyway, now I want to change my
question to you like that,
"Do you think the MPLS tech
can survive in the security solution?"
Best regards,
Taka
Network Value
Components, Ltd.
GroupSystemNameTakayoshiMailttakaoka@nvc.co.jp
Phone0468-20-1800
FAX0468-25-8053
URLhttp://www.nvc.co.jp
.............................................................................................................
Franjo Majstor CCIE #1507 Access,Security
EMEA Consulting Engineer CISSP
Phone : +32-2-778.4395 Fax : +32-2-778.4300
Mobile: +32-475-36.3202 PGP Key: available on request
Cisco Systems, Av. Marcel Thiry 77,1200 Brussels, Belgium
_______________________________________________