|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: MPLS and VLAN info
Michael, Network Magazine just ran a fairly lengthy article on various approaches to VPN's, including network-based versus CPE approaches. You can find it at: http://www.networkmagazine.com/article/NMG20010125S0013 If memory serves me correctly, they did address the security issues of MPLS vs. encrypted VLANs. In a nutshell, MPLS VPN's, from a security aspect, aren't all that different from other PVC based services such as Frame Relay and ATM. Traffic is basically isolated into the MPLS label switch path (or PVC). IPsec-based VPNs provide additional security by encrypting the traffic that rides on top fo the MPLS LSP. Depending on where the encryption occurs, it is quite possible to run IPsec over an MPLS-VPN. The real benefit to MPLS-VPNs is the elimination of the need for dedicated intelligent CPE, which "in-theory" should make it easier and cheaper for service providers to roll out IP-VPN services. In terms of VLAN security, have a look through the archives of the firewall wizards mailing list at http://www.nfr.com/pipermail/firewall-wizards/. This topic has been addressed quite a bit in the past. You might also want to check out my MPLS site at www.mplsrc.com for links to articles & drafts on MPLS topics. Irwin ------ Irwin Lazar, Senior Consultant The Burton Group - www.tbg.com [email protected] 703-742-9659 (office) 703-402-4119 (cell) The Ultimate Resource For Network Architects > -----Original Message----- > From: Michael Long [mailto:[email protected]] > Sent: Monday, February 19, 2001 8:00 PM > To: [email protected] > Subject: MPLS and VLAN info > > > > > I need to educate some coworkers (who aren't all that familiar with > networks) and my boss on the security advantages of MPLS and VLAN's. I > guess I don't seem to be communiating it very well because > they just don't > get it. Can anyone point me to some good technical docs that > specifically > deal with some of the benefints of MPLS and VLAN's. > Specifically security > related would help. > > TIA, > > Michael Long > >
|