Global VPNs get a hand

An industry standard to facilitate corporate VPNs that cross multiple carrier networks could be ready for a vote by year-end.

The MFA Forum, meeting in Ottawa, last month moved closer to an agreement about how carriers whose networks support Multi-Protocol Label Switching (MPLS) can give customers guarantees from network to network. Different carriers are doing their own QoS models to support corporate [MPLS] VPNs, says Andy Malis, chairman and president of the forum and a Tellabs employee.

“But,” he noted, “they don’t necessarily match up with each other.”

The standard, formally called an implementation agreement, will likely be voted on by MFA membership later this year, he says.

The MFA Forum is an industry group resulting from the merger of the MPLS & Frame Relay Alliance and the MPLS Forum last year.

The agreement will also address keeping business traffic private as it crosses network boundaries.

“The end customers need to feel secure that no other customer of the service provider is able to snoop in and see any of the packets they are transmitting through what really is a common network,” says Rick Wilder, MFA’s vice-president of technology and an employee of Alcatel.

Within one carrier network it is simple to demonstrate that kind of privacy, but it is not so easy when multiple networks and multiple privacy schemes are involved, he says. “Customers want to have that same level of assurance when their packets are going between service providers,” he says.

This can be accomplished by defining what information service providers share, making sure it is secure as it passes between MPLS networks and making sure the parties sharing the information are who they say they are, Malis says.

For example, carriers must share some information to link their networks, and the standard will set limits so each carrier can maintain privacy, he says.

“There are policies that quantify exactly how much routing information you’re allowed to have go across the interface,” Wilder says. “Very often the details for the routing protocols within one network are felt to be proprietary information that you don’t want to leak out into a competitor’s network.”

The draft of the standard calls for authenticating all control sessions that have to do with configuring services to prevent hackers from posing as trusted carrier partners trying to set up a VPN, for example, Malis says.

Currently, there isn’t much interconnection among MPLS carriers, but a standard will make it simpler and more attractive for them to cooperate, Wilder says. “Carriers do compete with each other and so they don’t completely trust each other,” Wilder says.

QuickLink: 059639

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now