Access Options for an IP VPN - PowerPoint PPT Presentation

slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Access Options for an IP VPN PowerPoint Presentation
Download Presentation
Access Options for an IP VPN

play fullscreen
1 / 11
Download Presentation
Access Options for an IP VPN
Download Presentation

Access Options for an IP VPN

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Access Options for an IP VPN

  2. Remote VPN Access • What does it enable you to do? • Network-based solution provides secure connection to your network • Connects off-net locations/users from almost anywhere • ISP independent, uses any Internet access – dial-up, DSL, cable, DIA, etc. • Seamless integration with FR/ATM and IP VPN services • Leverage IP Gateways in GC IP VPN • Backup IP Gateways can be selected for redundancy & resiliency • Security via IPSec encryption using 56- or 168-bit 3DES • Secure tunneling over the Internet to IP Gateway to GC IP VPN • All traffic marked as Basic, and billable under the usage model • Only available to Layer 3 VPNs • Two options: Mobility (Existing) & Site (NEW)

  3. Remote VPN Mobility Access Options • Software-based client, single laptop/desktop • For remote or mobile single-users • Hosted RADIUS AAA server option– network-based authentication w/ redundancy • Split tunneling not supported from Client • Ability to have a tunnel to the corporate WAN and still access the Internet or local resources via the local connection • Two Billing Models • User Reservation Model - Per Concurrent user (Per Tunnel) • Tunnel speeds: 56Kbps, 128Kbps, 256Kbps & 384Kbps • 10-1,000 in increments of 10 concurrent users (tunnels); Maximum of 1,000 concurrent users • All Tunnels must be the same size within a Domain (or Realm with Hosted Radius) • Multiple regions can be selected • Innovative “over-booking” economics • Bandwidth Reservation Model – reserve bandwidth to be shared among multiple users • 1 Mbps increments only up to Maximum of 45Mbps Reservation per Port (Instance) • Maximum 1,000 Concurrent Sessions per instance • Maximum tunnel size = port, TCP controls flow rates as new users connect (tunnel balancing)

  4. Hosted RADIUS For Remote VPN Access • What is it? • Hosted (Managed) RADIUS AAA server for authenticating Remote VPN Access users (mobility option only) • Can only be used to authenticate services - uses user name and password • Leverages carrier’s-c AAA servers hosted in network • Multiple mirrored devices deployed in network for redundancy • Can purchase multiple Domains on the AAA server – MRC per Domain • Unlimited users per Domain & low cost MRC per domain • Customers use online self-service portal to add, change and delete users accounts • Benefit(s) • Customer no longer needs to support RADIUS server on site. • Eliminates onsite RADIUS security concerns & provides redundancy.

  5. Remote VPN Access Site Option • Hardware-based, single location, multiple PCs (LAN) • Suitable customer provided CPE (supported/tested: IPSec capable) • Cisco & Nortel • Split Tunneling from CPE SUPPORTED • Each site MUST have it’s own Remote VPN Access (IP Gateway Port) allocated • 1 Mbps Increments up to Max of 36 Mbps (throughput) per Instance (port) • Provider integrates IPSec- & MPLS-based IP VPN solutions • Billing – Bandwidth Reservation Model only - purchase bandwidth per Port • Support for existing IP VPN performance SLAs

  6. Red Site Green Site OC3/OC12 ATM Port GC ATM pr.den1 IP VPN Cloud OC3/OC12 ATM Port pr.lon3 Denver IPSec Tunnel Slough Green Site Internet 1 PVC per VPRN-VRF interconnection (OSPF used to exchange reachability information) Green VPN Red VPN MOBILITY OPTION LAN MOBILITY OPTION SITE OPTION IP VPN Access Options • Advantages • Mobility & Site options • Leverages existing IPSec CPE • Access for both IP VPN & FR/ATM networks • Integrated w/ network-based MPLS-based IP VPN

  7. IP VPN Access Options DSL • Business-class (private) DSL for IP VPN • United Kingdom DSL Offering • NO contention (1:1) for superior performance; BT multi-class CoS w/ QoS • Leverage DSL PoPs in UK & address market/competitive need • 30-40% savings vs. local loop • Managed IP VPN with DSL access option • U.S. DSL Offering • Leverage 3,000 DSL PoPs in 50 major markets in the U.S. - great PoP density! • Lower access costs, especially for sub-rate speeds; 20-50% savings vs. local loop • Not sold as a stand-alone service - access for GC IP VPN only • Future availability in Europe, Latin America & Asia Benefit(s) • Lower cost access option versus traditional local loop access

  8. Internet Dial lP VPN Access • Internet access, email account(s), news & FTP with global roaming features • Supports small offices, home offices, remote users and traveling users • Saves on domestic and international long distance charges – over 20,000 local access numbers in up to 150 countries • Support for analog & digital (ISDN) up to 128 Kbps • Industry leading SLAs – network accessibility, connect speed, help desk, etc. • Seamlessly integrates with GC RAS and IP VPN services • Online account management w/ uCommand – add/delete users, etc. • 24x7 customer support - international toll-free service help desk

  9. Global IP VPN Access Options • Dedicated Dial (U.K. Only) • Provides Dedicated Dial VPN Capability • Business quality dial – NO contention (1:1) for superior performance • Fully private AND secure – NOT via the Public Internet • User/site gets own dial # • Charged by Concurrent user • Usage based billing on roadmap • Supports up to v.92 (analog) and MLPPP (128Kbps) ISDN • ISDN Backup (U.K. Only) • Provides CPE originated ISDN call into GC VPN - Not via Internet • Leverages Dedicated Dial Infrastructure • Each ISDN site gets own phone number • Sold by channel (maximum of 16 channels – 1024Kbps) • Charged by number of 64Kbps channels purchased per site • Low-cost backup solution to primary service connection

  10. More IP VPN Internet Access Options • Dedicated Internet Access (DIA) for IP Services • “TIER ONE” ISP - top level global peering status (connections) • Single Global AS# - enables higher performance, lower latency • Access speeds – 64Kbps up to 45Mbps • Available in Flat-rate only • Multiple service options – IP addressing, IPv6, DNS, multicast enabled, BGP-4 routing, BLACK HOLE SERVER, etc. • Integrated DIA and IP VPN link to customer site saves costs! • Secure Internet Access (SIA) • Network-based solution provides remote users/sites with secure access to Internet without having to go through corporate site – bandwidth saver • Security features - NAT/PAT, firewall w/ filters for DoS & other attacks • All traffic marked as Basic, and billable under the usage model • Max 45 Mbps per SIA reservation (multiple instances can exist) • IP Gateways positioned at key locations globally – redundant option available

  11. Want to Know More? WANT TO KNOW MORE ABOUT OUR SERVICES AND OFFERINGS? To contact one of our knowledgeable sales representatives, click here. Or in North America call (800) 836-7000. You may also contact us here. You can also view a list of our office locations. Headquarters: Global Crossing 200 Park Ave, Ste 300 Florham Park, NJ 07932