[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

VPN vs, MPLS connectivity

I have a non -critical network resource that is currently riding over an 100M pipe to a MPLS cloud.
I was considering just connecting that resource to the network by VPN as a cost savings. In your estimation would this be a cost effective solution to a dedicated connection into the cloud?
0
Phoenix43
Asked:
Phoenix43
  • 4
  • 3
  • 2
1 Solution
 
atrevidoCommented:
Let me restate your question to see if I understand what you are asking - you want to get rid of a 100 MB MPLS pipe to a non-critical network resource and change it to VPN over public internet (some connection yet TBD) to save money.  Is that correct?

If that is correct then I guess you have to ask yourself what connection speed you will have/need for that resource and will it be enough.  I would imagine any internet latency won't be an issue because it isn't VoIP or video.  So, I would say yes its doable, it will probably save you $ depending on what you put in its place and it would be secure.  There are always security types out there that are totally paranoid and will say its not enough but if you set your encryption to the max, big long complex passwords you should be fine.
Does that 100 MB MPLS have a contract?  They usually do.  Is yours expiring or do you not have an ETF?
0
 
Matt VCommented:
A non-critical application is the perfect place to use a VPN over MPLS.  If you were doing voice or video then MPLS is definately the way to go.
0
 
Phoenix43Author Commented:
Yeah,  no VOIP or vid.
What might be the best VPN appliance to go for???  I wanted to terminate VPN connectivity to the firewall but leadership prefers an appliance
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
Matt VCommented:
Cisco ASA is a great VPN appliance.  But any business class router or firewall should work.
0
 
atrevidoCommented:
I am partial to the Cisco 5500 ASA
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e39.html

You can use a vmware VPN appliance thru there solutions exchange but if it were MY network there is no way I would do that, but hey...it's cheap.

I hate Juniper, so I wouldn't use that, I have a client with a couple of those and every time you want to change or do something its a call to product support.  Horror show....set up is insane.
0
 
Phoenix43Author Commented:
While I wait for a security resource perhaps you can advise me on best practice . My question is I have a sales force that I want to exclude from various network domains, servers etc. I know that I can terminate my VPN connectivity to a ASA 5510 lets say.
However, If cost were not a huge issue would it not be best to go with a VPN Concentrator into the Environment
That said what may be a suitable concentrator to handle this task??
0
 
Matt VCommented:
The ASA replaces the older VPN concentrators, it can handle the VPNs and gives you more access control.  I would stick with the ASA.
0
 
Phoenix43Author Commented:
What are your thoughts on Palo Alto?
0
 
Matt VCommented:
I have never used them before.  Maybe another expert can comment?
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now