Taking stock of the new WAN architecture

About seven years ago, I described what at the time was the canonical architecture for most large enterprise networks. It was called the three-tiered WAN: ATM or FDDI was at the core, linking large data centres and other bandwidth-intensive sites. Frame relay linked geographically distributed branch and field offices. And for remote offices, field workers and home offices, there was a hodgepodge of technologies, but primarily direct-dial remote access, with a smattering of ISDN.

It’s time to update the picture. How is that architecture changing in the new millennium and why?

The core: Companies today are moving toward Gigabit Ethernet to link large data centres, with ATM showing up mostly as a legacy. Why the change? Ethernet has become virtually as reliable as FDDI, and far faster and less expensive. And finally, many telephone companies are offering – or planning to offer – transparent LAN services that can stretch Ethernet across the WAN. If you go this route, make sure to focus on redundancy. Ethernet lacks some of the built-in features that FDDI and SONET-based services (such as ATM) provide.

The branch network: You’re probably thinking I’m about to say Multi-protocol Label Switching, or more specifically, MPLS-based IP VPNs, because MPLS is a technology, not a service.

Well, yes and no. By most analyses, IP VPNs (MPLS and otherwise) don’t save more than about 10 per cent to 15 per cent over frame relay and ATM services – not enough to justify a big upgrade. So why make the switch?

Before we get to the three reasons, here is one caveat: The reasons might not apply to your network environment. So please don’t jump into an MPLS-based IP VPN only because it’s the hot new thing. And if you do, don’t blame me.

Now the reasons:

Bandwidth. Unlike frame and ATM, IP has no defined upper (or lower) bandwidths. Sites can connect to the same network at 56Kbps or 10Gbps. If your network features a range of bandwidth requirements, IP VPNs can save you the hassle of multiple network-to-network interfaces.

Convergence. One clear, compelling case in which there are cost savings is when video can travel across the IP network, eliminating the need for separate data and video networks.

Extranets. Increasingly, companies require easy-to-manage links with third parties (customers, suppliers, manufacturers) that include defined quality of service. IP VPNs can help – and in fact, over the next few years, I expect this driver to become increasingly important in motivating the rollout of IP VPNs.

Finally, remote access. Most large companies have settled on a two-tiered strategy for remote access. Home offices and small remote sites connect via IP Security-based Internet VPNs, typically across cable modem or DSL. Travelling users and road warriors take advantage of the dial-in services provided by the likes of AT&T Corp., Equant NV and Infonet Services Corp.

Over time, expect the former to dominate and the latter to decline, as broadband access via public wireless LANs, cable and DSL proliferates. Someday soon, you’ll forget what it was like to “dial in” to the corporate WAN.

Johnson is senior vice president and CTO for Greenwich Technology Partners, a network consulting and engineering firm. She can be reached at johna@greenwichtech.com.