Connect with the world's leading business experts.
Get instant access to their expertise via world–class Q&A, Research, and Events.
0
Private WAN or Internet VPN?
Is anyone currently running corporate network links from US company HQ to International offices via Internet VPN and how are you securing the data and monitoring performance?
Events
- Social Media and Content Marketing For Business Q&A Feb 14 @ 11 am PT
- The Rise of Pinterest in B2B Feb 15 @ 11 am PT
- ERP – Priming Your Business to Deliver Value From Strategy to Operations Feb 15 @ 1 pm PT
- How Not to Coach Your Salespeople Feb 16 @ 1 pm PT
- BI's Intersection with Social Media Feb 22 @ 2 pm PT
Related Activity
7 Answers
We have (based on Cisco hw) now ipsec vpn between PIX/ASA and running tunnel on VPN routers via ASA ispec, in this case we have dynamical routing and subnet announcement.
2 ISP (prim and backup), BGP on GW, ASA or PIX always in failover configuration and 2 VPN routers on each location.
About monitoring, Cricket and Zabbix. Sure we have other monitoring tools, but it is more for network device monitoring (interfaces status etc.) Zabbix more used for application and infrastructure servers monitoring, like CPU usage, availability etc with email and SMS notification for Admin gorups.
Own network monitoring system do the same but for network devices only and also run daily configuration backups from network devices.
Don't forgot about vlan and access list , it allow to us run customers project more isolated with restricted access. We can join USA and EU teams via such solution and control it.
In the past I have been engaged on several implementations of IPSec based Internet VPN's which connect back in to private WAN's. The only problems encountered were that occasionally governments block IPSec but otherwise the performance and reliability were within customer spec. Most enterprises implemented some kind of optimisation technology within their WAN's to control traffic flows. Ipanema was a popular choice but there is a growing list of products out there which are worth looking at.
Of course the performance of Internet VPN's can't be guaranteed to perform consistently as well as a Private MPLS network and fault finding of poor performance can be really painful. However, if your business continuity requirements match with an Internet VPN provision then isn't going to be a problem.
From a monitoring point of view all the end devices used were Cisco with SMARTS InCharge being used for performance and status management. Any platform should be fine though and again it depends on the number of devices you are looking to monitor and if any event correlation is required
Thank you gentlemen. I cannot select a best answer because both are very helpful.
One more inquiry for Vitalijs and Richard; Are you running VoIP over these Internet VPNs?
Thank you for your comments.
If the set up is for Trunking or the VPN carries Customer calls then a private MPLS is generally used. However, there are a lot of homeworkers connecting via Internet VPN's who use IP soft phones for their telephony and with Quality of Service enabled this works really well for voice calls. I've used various soft phones over the years from a remote office and the quality has been perfectly acceptable even for client calls. It depends on how many concurrent calls you want to place as to which way you go.
Hope this helps
Yes, VoIP also running via this VPN tunnels. We have Siemens solution and Asteriks/PBX , Siemens for local needs but Asteriks for inter office calls.
This Question is closed