An Ipsec Vpn, And Bgp / Mpls-vpn Technology Of A Comparative Study

Today Internet has become an important means for companies and individuals to communicate with. More and more branches and remote officials made enterprise more requirements for network. The challeges of Enterprise are making full use of such situation and protecting their communication when using super management sevice they need. The proliferation of IP technology has given birth to IP VPN technology.IP VPN is a new service, which can establish virtual networks for enterprise and client by utilizing the common network , it saves net recourse and makes it easy to maintain the net. Using IP VPN, enterprise can use the network more efficient and make more effort to its core goal implementation as well as pay less attention on net running and maintenance, carrier can use net recourse more efficiently and obtain value added profits. Two types of modern IP VPNs-MPLS VPN and IPSec VPN-are becoming more and more popular.IPSec(IP Security) is a set of open standards that ensures secure and private communications over an IP network, the IPSec standard provides device authentication, digital certification , and network encryption. IPSec VPN use encryption and encapsulation technology, can tansfer data securely over hosts separated physically, are proliferating throughout the enterprise and medium_small business space due to the ability to connect remote users, disparate offices over an existing IP infrastructure.MPLS is protocol independent and allows for the mapping of IP addresses to MPLS labels, which are used to forward packets throughthe MPLS network. BGP/MPLS VPN use Route Distinguisher (RD) and LSP tunnels to provide a VPN within MPLS network. BGP/MPLS VPN allows routers to reduce their processing overhead and provided new traffic engineering and Quality of Service (QoS) such as resource reservation protocol (RSVP).Both BGP/MPLS and IPSec VPNs have their advantages. IPSec VPNs provide for better data confidentiality and integrity. However, BGP/MPLS VPNs are more scaleable and provide better availability. Both solutions are viable for site-to-site connectivity. But some application need QoS control on the backbone, on the other hand, some business data cannot be transported on public links without cryptographic protection. Combining IPSec and BGP/MPLS may satisfy both camps.The main reseach work in this paper is summarized as below:1. Discussed the mechanisms used to provide VPNs based upon BGP/MPLS and IPSec. The paper assesses the security provided by both solutions and suggests guidelines for network managers to assist in evaluating these two options.2. Based on comparing BGP/MPLS and IPSec VPNs , VPN solution integrated with two technologies are analyzed. Combining IPSec and BGP/MPLS VPN solutions are classified three types. Characteristic of each type soluton is discussed. A useful combining solution is gaven.