Lead

MPLS VPN tops the enterprise connectivity charts

Service providers and large enterprises are rethinking their network strategies to reduce both capital and operational costs and at the same time grow revenues in a competitive market. One way to do that is to adopt MPLS VPN, says Akhtar Pasha

Today, large customers can get IP Quality of Service (QoS), multicast, extranet e-commerce and VoIP via flexible IP networking with security comparable to what they can get from a typical Layer 2 network—in a single service package. However, until recently, few have been able to effectively articulate or demonstrate why Multiprotocol Label Switching (MPLS) VPNs can be an important addition to a company’s arsenal of competitive weapons. These implementations, while not directly related to specific customer-facing VPN services, have allowed Service Providers (SPs) to accumulate detailed operational experience in the MPLS realm. Additionally MPLS VPNs are also the platform of choice for carrier-based VoIP, multicast, and other value-added services, which are difficult for an ordinary Layer 2 network to provide. As an MPLS VPN offers any-to-any connectivity amongst sites in a VPN, it provides inherent disaster recovery capabilities because sites use IP routing and not the predetermined logical links used in Layer 2 VPN deployments.

Profit margins on raw connectivity services such as pure voice are in steep decline and SPs need to differentiate themselves and create additional revenues-generating services. By extending existing MPLS VPN capabilities such as remote access to the last mile over broadband, digital subscriber line (DSL), or cable, service providers can achieve a higher return on investment (ROI) for existing MPLS core infrastructure. Once remote access MPLS VPNs are in place, the SPs can offer incremental VPN services to remote access VPN customers including multimedia applications, content delivery, packet telephony, e-commerce, and application hosting. With a strong MPLS-based VPN portfolio, a service provider can meet customer needs, differentiate itself in the marketplace, generate new revenue streams, and build customer loyalty.

MPLS moves to the forefront

ISPs are offering MPLS/IP VPN services, as an increasing number of ISPs have obtained unified licenses. MPLS VPN is becoming a popular data solution, and is expected to grow by 17.5% in 2008 according to an analyst firm whose analysts expect MPLS/IP VPN revenues to be Rs 1,784.5 crores by end 2008.

BFSI and IT/ITES services are the biggest consumers of data services. Banks rely upon their IT infrastructure to stay connected to all branches/ATMs, all the time. On the other hand, the ITES industry fueled by the BPO industry requires high-speed connectivity to stay connected with its clients. The highest users of VPN services are the manufacturing and services industries. Sub segments especially consumer durables, heavy engineering and FMCG are the biggest adopters of VPN. They use it to connect in real-time and enable the usage of enterprise applications from branch offices. Deepinder Singh Bedi, Executive director, Tulip Telecom Ltd., is bullish on the technology’s prospects. According to Bedi, “Although the bulk of MPLS VPN deployments are going into connecting branch and remote offices typically in the case of banks and ITES companies, there remains a substantial opportunity in connecting the branches of petroleum companies across India. There are lakhs of petroleum dealers, which are not networked yet. Ditto is the case of retail companies that are fast expanding their outlets in the country. We feel that the market would see higher adoption for MPLS VPN in 2008.”

Bedi pointed the market would be further fueled by the National e-Governance Plan (NEGP) as it proposes the creation of State Data Centers for States to consolidate services, applications and infrastructure and ensure the efficient electronic delivery of G2G, G2C and G2B services. These services can be rendered by the States through common delivery platform seamlessly supported by core Connectivity Infrastructure such as State Wide Area Networks (SWAN) and Common Service Centers (CSC) will extend connectivity extended up to village level. State Data Centers would provide many functions including acting as a Central Repository of the State, Secure Data Storage, Online Delivery of Services, Citizen Information/Services Portal, State Intranet Portal, Disaster Recovery, Remote Management and Service Integration etc.

Nagendra Venkaswamy, Managing Director, India & SAARC, Juniper Networks India Pvt Ltd., said, “SPs are significantly investing in MPLS VPN. That apart, although the enterprise segment has been in the forefront of adopting MPLS VPN, the market has seen more SME adoption than in the past because these companies do not have the expertise to manage their connectivity and network devices. Additionally the entry point for MPLS VPN is quite attractive for SMEs. The operational cost of managing an entire network with hundreds of IP addresses, traffic engineering, and routers and CPE becomes prohibitive for most businesses that are using FR/ATM or VSAT type of connectivity.”

Bedi continued, “Most businesses are deploying network-centric applications such as CBS, ERP and collaboration applications and exchanges and they want to leverage cheaper technology such as IP.” They are also setting up disaster recovery centers using IP. Additionally manufacturing, retail, utilities and SP are expanding their locations rapidly putting pressure on the CAPEX and OPEX in managing their networks on their own. “MPLS VPN reduces TCO to a large extent and gives companies the agility to provision new customer services quickly. The complexity of managing branch offices and remote offices now becomes the service provider’s responsibility. In addition, they do not have to start with oversized networks. They can allocate bandwidth to customers when the demand peaks,” said Bedi.

Corroborating the same points, Bedi said that three major applications are forcing businesses to deploy MPLS VPN. These are the rollout of Core Banking Solutions, ERP and CRM applications. “Some of our customers that are using MPLS VPN services from us include HDFC Bank, ICICI Bank, Barclays Bank, Punjab National Bank, NPDL, BSES, MPSEB, Reliance Retail and More,” he said.

As per RBI guidelines for online banking and e-Commerce based services, banks and financial institutions must avoid any direct connection between the Internet and their core system. The best option available with banks is to place the core network on an IP VPN to take advantage of the technology’s enhanced security features.

MPLS is beginning to take its place and provides a secure connection environment that allows for the traffic engineering (TE) of backbone IP networks and securely isolates connections of one IP VPN from another. Bedi explained, “In an MPLS TE application, incoming packets are assigned a ‘label’ by a Label Edge Router (LER). Packets are then forwarded along a label switch path (LSP) where each label switch router (LSR) makes forwarding decisions based solely on the contents of the label. At each ‘hop’—the short, individual trips that packets make, from router to router—the LSR removes the existing label and applies a new label, which tells the next hop how to forward the packet. Further, large LSPs are established by network operators for a variety of traffic engineering purposes including performance guarantees, routing around network congestion points, and creating tunnels for network-based IP VPNs.

MPLS can be mapped directly on any Layer 2 connection, including ATM, frame relay, PPP over SONET (POS), and Ethernet. When used with these technologies, labels simplify the integration of cell switches and routers by providing a set of addressing, routing, and management procedures common to both Layer 2 and Layer 3 equipment. When used in a VPN context, a Provider Edge (PE) router interfaces to a Customer Edge (CE) router that can belong to different VPNs. An MPLS core network connects these PE routers using tunnels. MPLS VPN technology then uses an additional MPLS label inside the tunnel to keep VPN traffic from one customer securely separate from that of another. This ‘stacking’ of labels gives MPLS considerable flexibility beyond that found in older systems, such as FR and ATM.

P K Saji, Vice President-Technology, Sify Ltd., said, “MPLS in its initial stages was deployed as just another forwarding mechanism over and above IP, but today with more applications like TE, Pseudo-wire VPNs, Inter-provider MPLS VPNs, Carrier supporting Carrier etc. it has become the protocol of choice in the core. It brings label switching and traffic engineering functions of FR/ATM networks to IP networks.”

Because of the inherent economics of scale, better manageability, lower TCO and agility, many SP are moving away from FR/ATM/VSAT type of connectivity to MPLS networks. Even end customers applications and growth are fueling the demand for MPLS VPM connectivity. Saji said, “MPLS VPN are primarily deployed for inter branch connectivity and to connect to remote offices and we have customers such as ICICI, Insurance companies such as Oriental Insurance, HDFC SLIC, retail establishments such as Pantaloon, Future Group, Shoppers shop, Vishal Retail. Similarly Tulip has customers such as BSE (Stock Exchange), Kansai Nerolac Paints, Ginni Filament, Daikin Air Conditioners, Sanghi Industries (a cement manufacture) and JP Industries that have moved from VSAT to MPLS/VPN

Rationale for a migration

Let’s analyze the above trend of why larger businesses and SPs are migrating from FR/VSAT/leased line customers to MPLS VPN environments. Typically, data network managers adopt FR/ATM/VSAT/leased line because of the technology’s proven track record of providing reliable, securely isolated, and economical transport services. Typically a SP can offer feature-rich services, support global coverage, and service all their locations. MPLS VPN from a SP promises to deliver additional value for frame relay networks, shifting the flow of responsibility for keeping track of network connections from the customer to the carrier network. The highly scaleable design of an MPLS VPN helps customers to consolidate multiple local access circuits that have been dedicated to separate types of traffic (e.g. data, Internet, voice, and video) to a single port connection without compromising security or performance when IP QoS is ordered with an MPLS VPN. An MPLS VPN also provides for the straightforward implementation of any-to-any connectivity between sites within a customer’s network.

In addition, an MPLS VPN has QoS functionality that even FR does not. QoS is a key feature that can optimize the network’s efficiency and enable certain real-time applications. An MPLS VPN is an essential extension of the WAN evolution that helps network and transport services to deliver a broad range of new value-added e-business solutions for an intranet or extranet environment.

Trim capital and operating expenditure

SP are under constant pressure to improve network efficiencies, reduce capital expenditure (CAPEX) and operating expenditure (OPEX), and generate top-line service revenue over basic connectivity. By leveraging their existing MPLS core infrastructure, they can offer value-added services, such as managed remote access VPNs, to meet the changing network access needs of enterprise and SMB customers.

Venkaswamy said, “MPLS traffic engineering improves IP network traffic management, streamlines and optimizes traffic pathways, minimizes congestion, and creates tunnels that are used in an MPLS VPN.”

Saji added, “Traditional IP-VPNs used a restricted IP transport. In some cases private RFC 1918 IP networks were used to isolate it from the global Internet. MPLS technologies have inherent features that support isolation of IP-VPN network traffic from the global Internet even when used in a converged core. It also has granular security measures that isolate a customer VPN from the others in a single SP network. In addition to this MPLS based VPNs support easy access to advanced features like IPv6, Multicast, QoS etc., with minimal network changes. Most of the BFSI, IT/ITES, BPOs, FMCG companies who were traditionally using private leased circuits [IPLC/NPLC] have started to move their domestic and global networks to MPLS based IP-VPNs.”

Today, a managed VPN network gives SP providers a compelling set of services that reach new corporate customers and take maximum advantage of the efficiencies of IP. Voice over IP and Video over IP features are offered to the VPN customers at moderate increment in costs. Enterprise mobility solution gives remote users a secure access to applications running on the VPN backbone. Companies have designed industry specific products such as contact center solutions designed to cater to the needs of the BPO industry.

Demand for these VPN services is growing in part because they are less expensive and more easily managed than their private line, frame relay or ATM or VSAT/leased. It is easier to connect new sites to an existing VPN than to add legacy endpoints or expand traditional meshes—the SP simply configures the endpoints for the new connection. Additionally enterprises are now beginning to include the MPLS VPN capability in Requests for Proposals (RFPs) and it is being viewed as a next-generation service, replacing traditional frame relay and ATM networks.

akhtar.pasha@expressindia.com