creates a VPN

The basic idea of a Virtual Private Network (VPN) is quite simple.  A corporation may have a number of offices (or groups of offices) in different locations, and each of these locations can have its own local network.  Many corporations also have an increasing number of employees working remotely – perhaps at home or on the road.  Interconnecting these separate networks and locations over a shared (non-private) network creates a VPN.  Despite this apparent simplicity, there is an ever-increasing number of types of VPN available, and a bewildering range of technologies for implementing these VPNs.  This makes it anything but simple to decide which VPN solution is the right one to use. In this white paper we give an overview of the technologies currently being studied for VPN solutions.  We focus mainly on VPNs where the management and maintenance is outsourced to a service provider.  Our aim is to provide a guide to current and nextgeneration VPN technologies for service providers and network managers. In order to do this, we first lay down some of the criteria that are important in a VPN (both from customer and service provider viewpoints).  Once we have done this, we go on to examine VPN solutions and look at how well these solutions meet up to our criteria. A VPN is a set of interconnected networks in different locations (we will refer to these separate networks as 'sites').  Up until recently, the most common way to connect the sites has been to use ATM or Frame Relay (FR) leased lines supplied by a service provider.  These leased lines have been relatively straightforward to provide, as service provider networks have traditionally been implemented using a variety of protocols including ATM and Frame Relay.   This is increasingly becoming a less than ideal solution.  Leased lines are costly, and may be inflexible about the amount of bandwidth available – the customer may have to choose between a leased line with too little bandwidth or a much more expensive connection with far more bandwidth than is needed, with nothing in-between.   These leased lines are usually not the only service purchased from a provider - it is common for each of the sites to require Internet connectivity.  So as well as paying for the leased line, the customer also has to pay for Internet connectivity (possibly from a different supplier) and is responsible for managing all of the routing between the different sites over the leased lines.   Another problem with VPNs that are based on leased lines is that service providers are now almost exclusively migrating to IP or IP/MPLS networks.  This makes it more difficult for the service provider to offer leased lines, as the service provider has to manage an ATM or Frame Relay network as well as a separate IP backbone.  This in turn makes leased lines more expensive for the customer.