From: Jason Sinclair (sinclairj@xxxxxxxxxxxxxxx)
Date: Tue Aug 21 2001 - 23:37:07 GMT-3
The trade off of security with IPSEC is speed with MPLS.
Regards,
Jason Sinclair
Team Leader - NSG
POWERTEL Limited
Level 11, 55 Clarence Street, SYDNEY
Phone: 61-2-8264-3820
Mobile: 0416 105 858
jasons@powertel.net.au
-----Original Message-----
From: Paul Schultz [mailto:khyron@ninjageek.org]
Sent: Wednesday, 22 August 2001 13:04
To: Andy Singh
Cc: 'ccielab@groupstudy.com'
Subject: Re: OT: IPSEC Vs. MPLS for VPN tunneling
Simplicity - GRE
Security - IPSec
Scalability - MPLS (under argument)
At this point MPLS VPNs are more hype than anything. Unless
your carrier
actually agrees to do tag switching on the interface that
ties you into
the VRF you can't really do BGP across your VPN.. The main
difference is
GRE and IPSec VPNs are provisioned by you, MPLS VPNs are
provisioned by
your ISP and you have little or nothing to do with the
actual process. So
if you're not getting any additional benefits like TE
tunnels then just
stick to GRE or IPSec.
MPLS isn't near as secure as IPSec (as with MPLS nothing is
encrypted) but
it does give you almost the same security level as frame
relay. 3rd party viewing is possible but extremely
unlikely.
Paul
On Tue, 21 Aug 2001, Andy Singh wrote:
> Sorry for the off-topic message group. I was looking for
comments on IPSec
> vs. MPLS vpn tunneling. We have bunch of co-lo location
that are connected
> to each other over IPSEC. They are all being hosted by the
same provider and
> on the same backbone. I was wondering if there will be any
performance
> difference between ipsec and Mpls vpn.Also how secure is
Mpls vpn vs Ipsec.
> If we was to go Mpls route what are some of things we'd
need from the ISP
> and what would we configure at out co-lo.
> I'm just looking for some direction to go on. Thanks for
everyone's time.
> I'd appreciate any feedback.
>
> Andy Singh, CCIE #6821, CCNP, CCDP.
> Network Engineer, Slam Dunk Networks
> 650-632-5568
> www.slamdunknetworks.com
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**********************************************************************
This email (including all attachments) is intended solely for the named
addressee. It is confidential and may contain commercially sensitive
information. If you receive it in error, please let us know by reply email,
delete it from your system and destroy any copies.
This email is also subject to copyright. No part of it should be reproduced,
adapted or transmitted without the prior written consent of the copyright owner
.
Emails may be interfered with, may contain computer viruses or other defects
and may not be successfully replicated on other systems. We give no
warranties in relation to these matters. If you have any doubts about
the authenticity of an email purportedly sent by us, please contact us
immediately.
**********************************************************************
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:55 GMT-3