Evaluation of Private Leased Lines
versus Internet based VPNs 
for Enterprise Wide Area Networks
 
 
 
Prepared By:
 
Gavin Worden
 
December 20th, 2005
 
 
 
MSIT 526 Data Communications and Networking
 
Dr. Rebman
 
 
 
 


 

 

1)     Thesis Statement: Two of the most dominant wide area network options available to network mangers are leased lines and Internet based virtual private networks; however, in most cases, either option can meet the basic requirements of establishing connectivity. In order to make the right decision for the organization, the network manager must understand the pros and cons of either choice.

 

2)     Introduction to wide area networking technologies

 

a)     Definition of wide area network

i)        A wide area network (WAN) is a geographically dispersed telecommunications network. The term distinguishes a broader telecommunication structure from a local area network (LAN). A wide area network may be privately owned or rented, but the term usually connotes the inclusion of public (shared user) networks. An intermediate form of network in terms of geography is a metropolitan area network (MAN). (whatis.com)

 

b)     Evolution of wide area networking

i)        Brief overview of early data communication history (Case, Thomas & Stamper, David)

(1)   1837 - Telegraph

(2)   1876 - Telephone

(3)   1960’s - T-carrier system developed by AT&T for internal use.

(4)   1969 - ARAPNET (later becomes Internet) - first packet switching network

(5)   1970’s - Dataphone Digital Service (DDS) started deployment in 1974, bringing digital transmission facilities to the customer's premise. DDS circuit deployment also accelerated the conversion to digital networking within the Bell System. (Data Communications Milestones)

(6)   1984 - AT&T Divestiture caused the carriers to compete in the only unregulated area; business communications services. This resulted in an explosion in business communications, starting with the availability of T1 (1.544 MBPS) services in 1984. (Data Communications Milestones)

(7)   1990’s - The attractive Virtual Network options for voice services, combined with continued cost reductions in T1 services, have resulted in the segregation of voice and data in the Wide Area Network (WAN). As such, a "new" standard, known as Frame Relay, began deployment. Frame Relay is particularly adept at transporting LAN and X.25 traffic, and Public Frame Relay transport services are available from many carriers. (Data Communications Milestones)

 

ii)      Current Evolution of WAN

(1)   WAN transforming from a collection of separate service-specific networks (voice, frame relay, private line, and Internet) to a single converged network. (Bosco, Harry & Dowden, Douglas)

 

3)     Leased Lines

a)     Leased Line Overview

i)        T-carrier - A digital transmission service from a common carrier. Although developed in the 1960s and used internally, AT&T introduced it as a communications product to the public in 1983. Initially used for voice, its use for data grew steadily, and T1 and T3 lines are widely used to create point-to-point private data networks. T-carrier lines use four wire cables. One pair is used to transmit; the other to receive. (www.answers.com)

ii)      (Digital Signal) A classification of digital circuits. The DS technically refers to the rate and format of the signal, while the T designation refers to the equipment providing the signals. In practice, "DS" and "T" are used synonymously; for example, DS1 and T1, DS3 and T3. (www.techweb.com)

iii)    SONET (Synchronous Optical NETwork) A fiber-optic transmission system for high-speed digital traffic. Employed by telephone companies and common carriers, speeds range from 51 Mbps to 40 Gbps. SONET is an intelligent system that provides advanced network management and a standard optical interface. Specified in the Broadband ISDN (B-ISDN) standard, SONET backbones are widely used to aggregate T1 and T3 lines. The European counterpart to SONET is the Synchronous Digital Hierarchy, and the term "SONET/SDH" is widely used when referring to SONET. (www.techweb.com)

 

 

 

 

 

North American Hierarchy

Designator

Transmission
Rate

Number of
Voice Channels

DS-0

64 Kbps

1

T-1 (DS-1)

1.544 Mbps

24

T-1C (DS-1C)

3.152 Mbps

48

T-2 (DS-2)

6.312 Mbps

96

T-3 (DS-3)

44.736 Mbps

672

T-4 (DS-4)

274.176 Mbps

4032

 

SONET/SDH Digital Hierarchy

Optical Level

Electrical Level

Line Rate (Mbps)

Payload Rate (Mbps)

Overhead Rate (Mbps)

SDH Equivalent

OC-1

STS-1

51.840

50.112

1.728

-

OC-3

STS-3

155.520

150.336

5.184

STM-1

OC-9

STS-9

466.560

451.008

15.552

STM-3

OC-12

STS-12

622.080

601.344

20.736

STM-4

OC-18

STS-18

933.120

902.016

31.104

STM-6

OC-24

STS-24

1244.160

1202.688

41.472

STM-8

OC-36

STS-36

1866.240

1804.032

62.208

STM-13

OC-48

STS-48

2488.320

2405.376

82.944

STM-16

OC-96

STS-96

4976.640

4810.752

165.888

STM-32

OC-192

STS-192

9953.280

9621.504

331.776

STM-64

OC-9, OC-18, OC-24, OC-36, OC-96 are considered orphaned rates.  

 

b)     Private Point-to-Point

i)        A permanent telephone connection between two points set up by a telecommunications common carrier. Typically, leased lines are used by businesses to connect geographically distant offices. Unlike normal dial-up connections, a leased line is always active. The fee for the connection is a fixed monthly rate. The primary factors affecting the monthly fee are distance between end points and the speed of the circuit. Because the connection doesn't carry anybody else's communications, the carrier can assure a given level of quality. (webopedia.com)

ii)      AT&T offers private digital transmission at speeds ranging from 9.6 kbps, 56 Kbps, T1, Channelized DS1, E1, DS3, OC3c, OC12c, OC48c, OC192c, Ethernet and STM-1/STM-4. (www.att.com)

iii)    Management Issues

iv)    Security Issues

v)      Cost

c)      Frame Relay

i)        Frame relay is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN). (whatis.com)

ii)      Frame Relay networks in the U.S. support data transfer rates at T-1 (1.544 Mbps) and T-3 (45 Mbps) speeds. In fact, you can think of Frame Relay as a way of utilizing existing T-1 and T-3 lines owned by a service provider. Most telephone companies now provide Frame Relay service for customers who want connections at 56 Kbps to T-1 speeds. (webopedia.com)

iii)    Management Issues

iv)    Security Issues

v)      Cost

 

4)     Virtual Private Networks

a)     Virtual Private Network Overview

i)        A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link. The act of configuring and creating a virtual private network is known as virtual private networking. To emulate a point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information allowing it to traverse the shared or public transit internetwork to reach its endpoint. To emulate a private link, the data being sent is encrypted for confidentiality. Packets that are intercepted on the shared or public network are indecipherable without the encryption keys. The portion of the connection in which the private data is encapsulated is known as the tunnel. The portion of the connection in which the private data is encrypted is known as the virtual private network (VPN) connection. (MS VPN Overview)

 

ii)      VPN Technologies

SSL 3.0 or TLS with encryption. TLS is described in RFC 2246. An excellent book on SSL 3.0 and TLS is "SSL and TLS: Designing and Building Secure Systems" by Eric Rescorla (ISBN 0201615983).

IPsec with encryption in either tunnel and transport modes. The security associations can be set up either manually or using IKE with either certificates or preshared secrets. IPsec is described in many RFCs, including 2401, 2406, 2407, 2408, and 2409.

IPsec inside of L2TP (as described in RFC 3193) has significant deployment for client-server remote access secure VPNs. (VPN Technologies)

 

b)     Network to Network VPN

i)        Rather than using an expensive long-haul dedicated circuit between the branch office and the corporate hub, both the branch office and the corporate hub routers can use a local dedicated circuit and local ISP to connect to the Internet. The VPN software uses the local ISP connections and the Internet to create a virtual private network between the branch office router and corporate hub router. (MS VPN Overview)

ii)      Management Issues

iii)    Security Issues

iv)    Cost

c)      Client to Server VPN

i)        Rather than making a long distance (or 1-800) call to a corporate or outsourced network access server (NAS), the user connects to a local ISP. Using the connection to the local ISP, the VPN software creates a virtual private network between the remote user and the corporate VPN server across the Internet. (MS VPN Overview)

ii)      Management Issues

iii)    Security Issues

iv)    Cost

5)     Compare & Contrast the options - Company A has 10 sites across the US and wants to be able to utilize various data services between the sites, including: Secure E-mail, file sharing, intranet, network management, Managed Internet Access.

a)     Scenario 1 - Private Point-to-Point

i)        Pros

ii)      Cons

b)     Scenario 2 - Frame Relay

i)        Pros

ii)      Cons

c)      Scenario 3 - Internet based network-to-network VPN

i)        Pros

ii)      Cons

6)     Conclusion

a)     Revisit Thesis

b)     Revisit Alternatives

c)      The ultimate decision is based on many factors.

 


 

Works Cited

Answers.com Definitions. Retrieved October 23, 2005 from <http://www.answers.com/>.

 

AT&T Data Services. Retrieved October 22, 2005 from <http://www.business.att.com/service_fam_overview.jsp?repoid=ProductSub-Category&repoitem=eb_data&serv_port=eb_connectivity&serv_fam=eb_data&segment=ent_biz>.

 

Bosco, Harry & Dowden, Douglas (2000, January-March). Evolution of the Wide Area Network. Bell Labs Technical Journal.

 

Case, Thomas & Stamper, David (2003).  Business Data Communications, Sixth Edition. Upper Saddle River, New Jersey: Prentice Hall.

 

Data Communications Milestones. Retrieved October 22, 2005, from <http://telecom.tbi.net/history1.html>.

 

Microsoft VPN Overview. (1999). Redmond, Washington: Microsoft.

 

SearchNetworking.com Definitions. Retrieved October 22, 2005 from <http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci212153,00.html>.

 

Techweb.com Definitions. Retrieved October 23, 2005 from <http://www.techweb.com/>.

 

VPN Technologies: Definitions and Requirements. (July 2004). VPN Consortium. <http://www.vpnc.org/vpn-technologies.html>.

 

WhatIs.com Definitions. Retrieved October 23, 2005 from <http://whatis.techtarget.com/>.

 

Webopedia.com Definitions. Retrieved October 22, 2005 from <http://www.webopedia.com/>.