-
8/19/2019 VPN Ethernet 2552144855
1/17
June2015,IDC#229838R3
WHITE PAPER
Choosing the Best Enterprise IP VPN or Ethernet
Communication Solution for Business
CollaborationSponsoredby:AT&T
NavChanderJune2015
EXECUTIVE SUMMARY
Today'senterpriseinformationandcommunicationstechnology(ICT)staffaredemandingincreasingly
largeramountsofbandwidthandanextremelyreliablesetofconvergedvirtualprivatenetwork(VPN)
servicesfromtheirserviceproviderssothattheycandeliverarichsuiteofvoice,video,andbusiness-
criticaldataapplicationstotheiruserswiththedesiredlevelofperformanceandqualityofservice(QoS).ServiceprovidersmustbepreparedtoofferasuiteofWANservicesthatcanbetailoredtotheir
customers'needsrapidlyandcost-effectively.
ThisIDCwhitepaperanalyzesthetrendsandbusinessdriversthatarepropellingenterprisestoward
network-basedIPVPNandEthernetWANservicesandthetypesofapplicationsandvertical
segmentsthatareleadingtheadoptionofthesepopularservices.Thepaperfirstexaminesthemajor
differencesbetweenanEthernetWANandanetwork-basedIPVPNandthendiscussesthebenefits
andadvantagesofthetwotechnologies.Thepaperreviewssometypicalexamplesofwhenitisbest
touseanetwork-basedIPVPNsolution,anEthernetWANsolution,andacombinedhybridIP
VPN/EthernetWANsolutionbasedondifferententerpriserequirements.BothIPVPNandEthernet
WANservicesofferenterprisesarangeoftechnologyandbusinessbenefitsandperformbestwhen
deployedinenvironmentsthatcloselymatchtheircapabilities.
SITUATION OVERVIEW
Introduction
WANconnectivityoptionsforenterprisesrangefromtraditionalprivateline,framerelay(FR),and
ATM-basedWANconnectivitytonewerservicessuchasnetwork-basedIPVPNservicesandEthernet
WANservices.IP-basedWANsarewidelyavailableandubiquitousandofferQoSthatisthe
foundationofnetwork-basedIPVPNs.Therefore,manyenterprisesareoptingfornetwork-basedIP
VPNsandEthernetWANsastheirWANserviceofchoice.
Today'sIPVPNsarebasedonmultiprotocollabelswitching(MPLS)technology.MPLSisanIETFstandardthatdefinesapacketlabel-basedswitchingtechnique,whichwasoriginallydevisedto
performfastswitchinginthecoreofIPnetworks,helpingcarriersandlargeenterprisesscaletheir
networksasincreasinglylargeroutingtablesbecomemorecomplextomanage.
Today,MPLSiswidelyusedbyserviceproviderstoconnectorganizations'datanetworkswith
multiple,dispersedlocations.Byencapsulatingthesevaryingprotocolsin"labels,"anMPLSnetwork
-
8/19/2019 VPN Ethernet 2552144855
2/17
©2015IDC #229838R3 2
canmakepacket-forwardingdecisionswithoutunderstandingthecontentsofthepacket.Enterprises
caneliminatemultiplecomplexoverlaynetworksandtransportmanynewandexistingvoice,video,
anddataapplicationsoverasingleMPLSnetwork.
IP VPN Services
AnIPVPNserviceisasite-to-siteconnectionwiththeserviceprovidermanagingtheend-to-end
networkandcanbedeployedinoneoftwomethods:
1. A network-based IP
VPNisalsosometimesreferredtoasaprivateIPVPNwhenitusesthe
secureinfrastructureofasinglenetworkprovider.
2. A public IP
VPN(orInternetVPN)carriesbest-effortdataacrossmultipleandnonspecifiedIP
backboneinfrastructures,oftenusingcustomer-ownedorcustomer-managedpremise
equipment(CPE)andIPSecurity(IPSec)tunneling,whichisanend-to-endsecurityscheme
thatencryptseveryIPpacket.
Network-basedIPVPNservicesareenabledoveracarrier'sprivateMPLSnetwork.Theirunique
attributesenablethecreationofvirtualcircuitsthatcanscalenationallyandevengloballytoconnecta
largenumberofremotenetworks.WhileorganizationsstillmaintaintheiruniqueLANinfrastructures
andvaryingWANaccessapproachesintheseconfigurations,MPLSunifiesthem.
BecauseaprivateIPVPNcarriestrafficacrossasingleinfrastructure,theprovidercandelivergreater
andmorestandardsecurity,manageability,andconnectivityserviceattributesthanapublicservice
thatreliesondisparatenetworkinfrastructures.PrivateIPVPNsofferenterprisestrafficprioritization,
security,dataintegrity,andhigherQoSguaranteessupportedbycontractuallybindingSLAsthanan
equivalentpublicInternet-basedVPNemployingIPSec.AccordingtoIDC's2014U.S.Enterprise
CommunicationsManagerSurvey ,42%ofU.S.businessrespondentsacrosscompanysizesegments
utilizenetwork-basedIPVPNs.
Ethernet
Ethernet'spopularityasaWANtechnologyisgainingrapidlybecauseitoffersawiderangeofhigh-
speedconnections(fromMbpstoGbps)atlowercostcomparedwithSONETservicesofsimilar
speeds.Ethernetisacost-effectiveoptioninpartbecauseofitsunderlyingsupportofubiquitousIEEE
industrystandardsforEthernetphysicalinterfacesintheLANsandbecauseitworksacross
homogeneoushardwarethatisreadilyavailablefrommultiplevendors.Thismakesitinexpensive
comparedwithalternativessuchasframerelayorATM.
AnEthernetWANserviceisaVPNserviceoperatingatLayer2oftheOpenSystemsInterconnection
(OSI)model,whichisareferencemodelthatdescribestheseven-layerstructureofhowdataflows
betweentelecommunicationandcomputernetworkingproducts.Layer2providesframingofpackets
anderrorcorrection.TheEthernetWANserviceenablesenterprisestomaintaincontroloftheirrouting
policiesandalsoextendtheirexistingvirtualLAN(VLANactslikeanordinaryLAN,butconnected
devicesdon'thavetobephysicallyconnectedtothesameLANsegment)architecturestoconnect
theirenterpriseWANsites.EthernetWANservicestypicallyoperateathigherspeeds,rangingfrom
1Mbpsto10Gbps,andenterprisesareincreasingtheiruseofhigherbandwidth(typically100 – 200Mb
services),wheredirectfiberconnectionsareavailable.Inadditiontofiberaccess,newEthernetover
coppersolutionsareextendingtheavailabilityofEthernetWANstoconnectadditionalregionalor
branchsites.EthernetWANservicessuchasEthernetvirtualprivateline(EVPL)andEthernetvirtual
privateLANservice(VPLS),whichisbasedonMPLStechnology,arebecomingincreasingpopular
choicesfororganizationsthatarecurrentlyemployingpacketservices.
-
8/19/2019 VPN Ethernet 2552144855
3/17
©2015IDC #229838R3 3
Enterprise Data Application Drivers and Challenges: State of the
Ethernet WANand IP VPN Services Market
IDCresearchindicatesthatover55%ofenterprisesarecurrentlyrunningtheirVoIPovertheir
corporateVPNorEthernetservice,andanadditional30%ofenterprisesplantotransitiontoIP-based
voiceandvideoservicesovertheircorporateWANwithinthenextonetotwoyears.Unified
communications,videoconferencing,videosurveillance,andmobileenterpriseapplicationsaredrivingincreasingbandwidthrequirementsandtheneedtoprioritizetheapplicationsforenterpriseICT
managers.VideoservicesalonearepushingthelimitsonbandwidthrequirementsintheWAN.IT
decisionmakershavetobalanceend-userapplicationneedswithWANconnectivityrequirementsand
associatedbudgets.
CIOsareincreasinglylookingtoconsolidatetheirdatacenters(DCvirtualization)toasmallnumberof
datacenterlocationstoreducespace,energy,equipment,personnel,andmaintenancecostsand
adoptcloud-basedservicemodelswhileprovidinguniformWANaccesstoallapplicationsinareliable
manner.Withthisapproach,aWANplaysavitalrole,connectingallenterpriseofficelocationstothe
datacenters,toeachother,andtotheInternet.
Anothercost-savingstrategythatCIOsareemployingistomoveawayfrombuildingandmanagingtheir
ownWANsbasedontheuseofATM,framerelay,orleasedlineservices.Insteadofusingthese
technologies,someCIOsareprocuringEthernetWANandIPVPNservices,whichallowthemtofocuson
theircorebusiness.Consequently,therelianceonEthernetWANandIPVPNserviceshasbecomecritical.
AccordingtoresultsfromIDC's2014U.S.EnterpriseCommunicationsManagerSurvey ,continuing
enterprisefocusonconvergenceisthesinglemostimportantdriverfuelingadoptionofnetworkIP
VPNs,ascustomersrealizethecostbenefitsofmigratingtheirvoice,data,andvideoapplicationstoa
singleIP-basednetworkcomparedwithrunningthreedifferentexpensivenetworksforeachofthese
applications.AsthemarketmigratestonetworkIPVPNstotakeadvantageofthenetwork'sabilityto
supporttrafficprioritizationthroughclassofservice(CoS),thereisagrowingfocusonnetworkand
applicationperformancemonitoringtools.ThesetoolsarecriticalforthesuccessofanIPVPN
implementationascustomersmigratetoaconvergedarchitectureanddemandmorecontrolovertheapplicationstheywishtorunonthenetwork.
EthernetWANservicesareflexibleandcancarrymultipletypesoftraffic,includingvoiceandvideo,as
wellasnon-IP-basedtrafficandstoragetraffic.EthernetWANisaLayer2solution,whichappealsto
organizationsthatprefertomaintaincontrolovertheirroutingtablesandarelookingforanalternative
toLayer3IPVPNs.
VPN Service Choices: Ethernet or IP VPN, or Both? Services,
Solutions,and Benefits
Network-Based IP VPN Services
Network-basedIPVPNserviceshavebeenavailableforoveradecadeandarecurrentlyofferedby
manyoftheleadingserviceprovidersworldwide.Anincreasinglylargenumberofenterpriseshave
adoptedthistypeofservice,allowingthemtointerconnecthundredsorthousandsofdisparate
regional,national,andgloballocationsinaveryefficientmanner.
-
8/19/2019 VPN Ethernet 2552144855
4/17
©2015IDC #229838R3 4
Today'sMPLSnetwork-basedIPVPNsarethefoundationofmanyenterprises'distributeddata
communication.IPVPNsareoftenthecommunicationplatformofchoicetoenableadditionalvalue-
addedenterpriseapplicationsontopoftheirVPN,suchasVoIP,security,videoconferencing,and
unifiedcommunications.
IDC's2014U.S.EnterpriseCommunicationsManagerSurvey offersinsightsintotheEthernetandIP
VPNWANadoptioncriteriaandusageofenterpriseITpersonnel,providingagoodindicationoftheleadingrequirementsforVPNselectionandindicatorsofmigrationoptionsfromlegacyWANpacket
andprivatelineWANservices.AccordingtoIDC's2014U.S.EnterpriseCommunicationsManager
Survey ,60%ofrespondentscurrentlyuseIPVPNsforremoteWANaccess,makingitthemostwidely
usedfeature.55%ofrespondentsnowuseIPVPNstotransportVoIPtrafficasthesecondmost
widelyusedfeature,a5%increasefromIDC's2012U.S.WANManagerSurvey asVoIPadoption
accelerates.ThesurveyindicatesthatenterprisesincreasinglyareusingIPVPNsforsmallerlocations
andEthernetconnectivityforlargesitesordatacenterswithfiberaccess.
Figure1depictstheIPVPNusecaseadoption.
FIGURE 1
Key IP VPN Adoption Criteria
U.S.onlyn=274
Source:IDC'sU.S.EnterpriseCommunicationsManagerSurvey,2014
31
32
34
36
37
39
41
46
52
55
55
60
0 10 20 30 40 50 60 70
On-demand/dynamic bandwidth viaself-service
Multicasting
Class of service (CoS)
Application performancemanagement
Managed CPE
Route management
Proactive management andmonitoring
Multiple VPNs on same accesscircuit
Security applications
VoIP
Site to site
Remote access
(% of respondents)
-
8/19/2019 VPN Ethernet 2552144855
5/17
©2015IDC #229838R3 5
Figure2isatypicalnetwork-basedIPVPNtopology.
FIGURE 2
Network-Based IP VPN Topology
Source:AT&T,2015
Benefits of Network-Based IP VPNs
Therearebenefitsandadvantagesofanetwork-basedIPVPNthatarespecifictotheserviceprovider;
however,themostimportantcharacteristicsofanetwork-basedIPVPNservicehavethefollowing
importantbenefits:
Outsourced routing
control.Withnetwork-basedIPVPNs,enterpriseITmanagersgainasingle
andcentralizedsolutionforWANconnectivity,eliminatingtheoperationalandresourceplanning
inefficienciesofmaintainingseparateduplicativenetworksandthusenablingafocusonthe
enterprise'scorecompetencies.EnterpriseITstaffcanrelyontheserviceproviderasatrusted
partnertohelpprioritizethedifferenttraffictypessuchaslatency-sensitivevoiceandvideoand
utilizetheclassofservice.Theserviceproviderisresponsibleformanagingandmaintaining
enterpriseWANconnectivity.Theenterpriseoutsourcesroutingandtrafficpoliciesfordata,voice,
andvideoapplicationstotheserviceprovider,relyingontheexpertiseoftheserviceproviderto
createpoliciesthatprioritizemission-criticaldataandreal-timeapplicationsaboveother
applicationsandensurethatthereissufficientbandwidth.Anychangestotheenterprise
applicationsthatrequireroutingcontrolchangesaremanagedbytheserviceprovider.
Flexible access
connectivity.Accessservicereferstothelastmiletelecomconnectionbetweenanetworkdeviceattheenterpriselocationtothelocalexchangecarrier,anditalsoprovidesthe
serviceinterfacetotheIPVPN.IPVPNsupportsarangeofaccessoptions,includingleasedline,
Ethernet,FR,andATM.Remote/branchsitestypicallyhavelower-speedconnectivityoptions
(56KuptoT1/E1orn*T1/E1speeds).Largersitesmayhavehigher-speedconnections
(DS3/E3/OC-3/STM-1/Ethernet),buttheyaretypicallyamuchsmallersubsetofVPNaccess
connections.Thisvarietyofaccessoptionsprovidesuserswithasimplermigrationpathfromthe
currentstandardATM/FR/TDMconnectivitytowardanIPVPNsolution.
End-user
Corp sites
MPLS IPInfrastructure
VPN
VPN
HQ
Remote
Worker
VPN
VPN
VPN
Corp sites
-
8/19/2019 VPN Ethernet 2552144855
6/17
©2015IDC #229838R3 6
Scalability.IPVPNsareroutedandofferahighlyscalableplatformforsupportingverylarge
enterprisenetworks(withhundredsorthousandsofenterpriselocations)thatrequiresite-to-
siteandany-to-anyconnectivity.Theserviceprovider'sIPVPNinfrastructureandnetwork
accessenablerapidscaling.
Extensive service
reach.IPVPNservicestendtobeofferedbyalargernumberofservice
providersandthusprovidealargergeographiccoverageandservicereachtoenterprisesthat
arehighlydistributedorexpanding.
Inherent
security.Internalandindependentlabeladdressingschemesforadditionalsecurity
preventdenialofservice(DoS)attacks.
ThefollowingverticalenterprisesegmentsillustratehowIPVPNsareusedinenterprises:
Finance/banking.
Regulatorychanges,mergersandacquisitions,andtechnologychangesare
impactingfinancialandretailbankingWANs.OftentheseWANsareanamalgamationof
separateWANs,somestilloperatinglegacybankingapplicationsthatsupportmultiprotocols.
Accessspeedsvaryfromhigherspeedsatdatacentersorheadquarterstomoderatespeedsat
branchofficesandlowerspeedsatATMterminalsorkiosks.Thisdistributedarchitecture
makesitdifficultandexpensivetomaintaintechnicalsupportresourcesateverysite.Today's
IPVPNscansupportlegacyandIPprotocols,voicetraffic,andworkacrossallspeedlinks,providingamanagedandsecurenetworkthatreducestheamountoffinancialservices
enterpriseITmanagementresources.
Insurance.
Regionalandnationalinsurerstypicallyemployalargeheadquartersfordata
warehousingandclaimsprocessingandahighlyregionalizedemployeebasetoservice
customers.Collaborationandcommunicationbetweencentraladministrationandremotefield
officesareimportant.IPVPNsenableanintegratednetworkbyloweringoperatingcostsfor
insurers,whileprovidinguniformaccesstoinformationacceleratesdecisionmakingand
improvescustomersatisfaction.
Retail.
Retailchainstoresoperatelargenationalorregionalnetworksconnectingeachstore's
voice,data,andvideo(surveillance)traffic.Accessisalsorequiredtotheheadquartersfor
inventoryupdateandtransactionreporting,datacenters,andacommonWebdatabaseof
storeproductitemsandservices.NetworkIPVPNscaninterconnectallthestores,offices,datacenters,andWebhostingsitesandnetworkallapplications,includingvoice.
Manufacturing.
Thevoiceanddatanetworksofmanufacturingcompaniesarehighlymeshed,
interconnectingamyriadofdevelopers,suppliers,partners,anddealers.Infact,connections
areasdynamicasthenatureoftheirbusiness.IPVPNsinterconnectbandwidth-intensive
CAD/CAMapplications,videoconferencing,andstoragebackupaswellaslower-speed
connectionstodealersandsuppliersandforinventorytrackingandreplenishment.
Ethernet WAN Services
EthernetWANserviceshaveevolvedduringthepastfiveyears,initiallyofferedinmetronetworksand
nowofferedinmetro,regional,andglobalnetworksfromleadingserviceprovidersworldwide.IDC
interviewswithenterpriseIT/communicationsmanagersrevealedthatrapidadoptionofEthernetWAN
serviceshasbeendrivenbycost,easeofimplementation,andafamiliaritywithEthernetarchitecture
alreadyemployedincorporateLANs.
-
8/19/2019 VPN Ethernet 2552144855
7/17
©2015IDC #229838R3 7
FIGURE 3
Key Ethernet WAN Features
n=526
Source:IDC'sU.S.EnterpriseCommunicationsManagerSurvey,2014
EthernetWANsutilizeEthernetandemployindustry-standardtechnologies,suchasthefollowing:
MAC address
learningisdefinedintheIEEE802.1standardtohelpminimizetrafficonthe
attachedLANsbystoringsourceMACaddressessothatonlypacketsdestinedforagiven
addresswillbesenttothataddress,improvingthenetworkperformance.
VLANs
referstoagroupoflogicallynetworkeddevicesononeormoreLANsthatare
configuredsothattheycancommunicateasiftheywereattachedtothesamephysical
network,providingflexiblebandwidthandresourceoptimization.
CoS,whichenterprisesalreadyutilizeintheirLANs,isawayofclassifyingandprioritizing
packetsbasedonapplicationtype(voice,video,email,filetransfer,transactionprocessing,
etc.),usertype(VIPornormal,etc.),orotherwaysofclassification.A"firstclass"prioritylabel
isassignedtodataapplications — suchasmission-criticaldatatransactionsorvideoorvoice
transmissions — whichrequirefasterturnaround,whilealower-prioritylabelisassignedtoless
time-sensitivetraffic,suchasemailandWebsurfing.
TheseEthernetWANservicescanbeeitherpointtopoint(EPL/EVPL)ormultipointtomultipoint
(ELAN/VPLS).
23
29
31
32
33
35
44
46
61
0 10 20 30 40 50 60 70
Q in Q VLANs tag stacking
Burstable bandwidth
On-demand/dynamic bandwidth viaself-service portal
Managed CPE
Class of service (CoS)
Application-aware performancemanagement
Proactive monitoring and reporting
Combination of Ethernet and IP VPN(either MPLS or DIY)
Security applications
(% of respondents)
-
8/19/2019 VPN Ethernet 2552144855
8/17
©2015IDC #229838R3 8
EnterprisescontinuetochooseEthernetservicesbecauseofitsrelativeprice/capacity,flexibility
andlowcost,andtheseremainthemostwidelyusedbusinesscriteria.AnotherreasonforEthernet's
popularityisaccesstoIPVPNandInternetservices.AccordingtoresultsfromIDC's2014
U.S.EnterpriseCommunicationsManagerSurvey showninFigure3,46%ofrespondentscurrently
utilizethehybridEthernet/IPVPNfeaturescombiningthebestofbothLayer2andLayer3services
(34%ofrespondentsplantoemploythesehybridfeaturesinthenextyear).Supportforsecurity
applicationsremainsthemostpopularfeature,with61%usage.Figure4showsatypicalEthernet
WANwithseveralapplications,includingdatacenterconnectivity.
FIGURE 4
Ethernet WAN
Source:IDC,2015
-
8/19/2019 VPN Ethernet 2552144855
9/17
-
8/19/2019 VPN Ethernet 2552144855
10/17
©2015IDC #229838R3 10
Financial
services.Financialservicesorganizationsthatgenerateorprocessahighvolumeof
data,includingsecuritiestrading,commodities,exchanges,institutionalinvestment,and
commerciallending,oftenrequirelowlatency,highbandwidth,highavailability,redundancy,and
theabilitytoprovisiontheirownCoSaspartoftheirnetworkrequirements.EthernetWANscan
enablethelow-latencyandbandwidth-intensivefinancialtradingapplicationsthatoftenrequire
500Mbandhigherbandwidthrates.Someoftheimportantlow-latencyfinancialapplications
includedatastreaming,financialtransactionreconciling,andlivetrading,whichrequiremillisecondresponsetimes.Manytradingorganizationsalsohavetocomplywithregulatory
requirementstohaveasecondary,redundantoffsitestorageoffinancialandtransactiondata,
whichcanbeaccommodatedwithanEthernetWAN.Videoconferencingandothercollaboration
applicationsarealsoenabledwiththeEthernetWAN.High-speedsecureWANconnectionsto
globalfinancialexchangesaremostoftensupportedbyEthernetWANservices.
Campus LAN
extension.Connectingcorporateenterprise,government,andeducationcampus
sitesinmetronetworksandacrosstheWANusinghigh-speedLANinterconnectivityisan
increasinglyimportantrequirementascontentandapplicationsbecomemorebandwidth
intensive.Distancelearningapplications,videoconferencing,anddesktopsharingare
examplesofapplicationsthatdemandextremelyhighthroughputbutinarelativelylimited
geographicarea.EthernetWANssuchasVPLScansupporttherequiredconnectionsand
high-bandwidthrequirementsandallowenterprisestoutilizetheirexistingenterpriseVLANpoliciesacrosstheWAN.
Cloud computing services and software as a service
SaaS).Agrowingnumberofenterprise
softwarecompaniessuchasSalesforce.com,Google,Citrix,SAP,Oracle,andmanyothers
aremovingawayfromsellingsoftwarelicensesandinsteadaresellingtheirtechnologyina
pay-per-usemodel.ITWANmanagersfacethechallengeofhowtoplanforadoptionoftheir
SaaSofferings,andconventionalWANconnectionscanquicklybecomecongested.Ethernet
WANservicesofferhigh-speedconnectionsthatcanscaleveryrapidlyandoftencanbe
configuredforburstingoftrafficathigherratesorenablecustomerstoself-provisioning
additionalbandwidth.
Contact center
connectivity.High-speedEthernetWANservicescaninterconnectglobalor
regionalenterprisecallcentersandalsoprovidehigh-bandwidthconnectionstodatacenterswith
CoStoensurefastdataretrievaltodeliversatisfactorycustomerservice.UsingEthernetGigE
connectivityensuresthatcustomerdataisavailabletocontactcenteremployeesinstantly.
Video or other rich content
delivery.Manyenterprisesareincreasingtheuseofvideoon
demandforemployeeskillstraining,HRcompliancetraining,corporatetownhallmeetings,
andcustomersupport.Thethroughputrequirementsaremanymagnitudeshigherthanthose
oftraditionaldataaccess,andanEthernetprivateline(point-to-point)servicecanprovidethe
scalablebandwidthtoenableenterprisestoeasilymeetdemandasneeded.
Hybrid Ethernet and IP VPN WAN Solutions: Coexistence of
Ethernet WANand Network-Based IP VPN Services
AmajorityoftherespondentsfromIDC's2014U.S.EnterpriseCommunicationsManagerSurvey
chooseto"mixandmatch"EthernetandIPVPNservicesthatarespecifictotheirenterpriserequirementsforbandwidth,cost,flexibility,QoS,andITcontrol.ThishybridVPNsolutioncombines
andoptimizesthebestWANservicebasedonenterprisebusinessapplicationandbandwidth
availabilityattheenterpriseWANlocations.Forexample,Figure5illustrateswhereanEthernetWAN
serviceisideallysuitedforWANconnectivitybetweenheadquarters,datacenters,andregionalsites
wherehigh-bandwidth,low-latency,andhigh-performanceapplicationssuchasdocumentstorage,
videostreaming,oron-demandvideoorapplicationsharingcanuseaconfigurableCoSEthernet
-
8/19/2019 VPN Ethernet 2552144855
11/17
©2015IDC #229838R3 11
WANcapability,whichtheenterprisecanmanage.Forotherapplicationssuchaspeer-to-peer
applications,Webapplications,transactions,andvoice,theselargersitescanusetheIPVPNto
connecttoothersitesonthenetwork.Thesmallerbranchoffice/remotesitesuseanIPVPNserviceto
connecttoanysiteonthenetwork.
FIGURE 5
Ethernet WAN and Network-Based IP VPN Services
Source:IDC,2015
-
8/19/2019 VPN Ethernet 2552144855
12/17
©2015IDC #229838R3 12
Table1comparestherequirementsofEthernetWANservicesandnetworkIPVPNservices.
TABLE 1
Comparing Ethernet WAN Service and Network-Based IP VPN
Service
Requirements
WAN Requirement Ethernet WAN Network IP VPN
Protocol transparency (non-IP)
Enterprise manages WAN connectivity
Routing control outsourced to service provider
Connection speeds 1Mbps –10Gbps 56Kbps –1Gbps
Managed connectivity to large number of sites, globally
distributed
Diverse access choices (PL, DSL, FR) for smaller
enterprise sites
Enterprise self-provisioning of bandwidth changes
High-bandwidth connectivity between core sites and
datacenters plus managed connectivity for branch sites
Support for multiple CoS
Support for enterprise VoIP within a VPN service
Source:IDC,2015
-
8/19/2019 VPN Ethernet 2552144855
13/17
©2015IDC #229838R3 13
Figure6illustratesanotherexampleofhowEthernetWANsusingVPLS,Ethernetaccess,andmetro
Ethernetcanprovideaninterconnectionbetweeneachofthefourmetrofiber-basedsitesandthenuse
anIPVPNtointerconnectthesesamefoursitestothecorporateIPVPNforregional,global,and
remoteaccessconnectionstotheVPN.
FIGURE 6
Hybrid Network Using Metro and Regional Ethernet WANs, Ethernet
Access, and
Network-Based IP VPN
Source:AT&T,2015
Ethernet Access
Remote Access
VPN
VPLS
50 Mbps
Metro 1 Metro 2 Metro 3 Metro 4
10 Mbps 20 Mbps 10 Mbps 20 Mbps
Metro
Ethernet
Country 1
Metro 1
Metro 1
Country 2
-
8/19/2019 VPN Ethernet 2552144855
14/17
©2015IDC #229838R3 14
Thefollowingverticalenterprisesegmentsillustratehowhybridnetworksareusedinenterprises:
Financial services.
FinancialservicesorganizationscanutilizeacombinationofanEthernet
WANserviceforhigh-bandwidth,low-latencyconnectionsbetweendatacenterlocationsand
backupsitesandnetwork-basedIPVPNservicesdeployedatregionalofficelocationswhere
voice,data,andvideoconferencingapplicationsareusedbetweenalloftheenterprisesites.
Thishybridsolutionprovidestheenterprisewiththeflexibilitytoleveragetheappropriateservicebasedonitsneeds.
Healthcare.
Healthcareorganizationsoftenrequirehybridnetworkstosupport
amyriadofapplications.Highbandwidthandhighavailabilityarekeyrequirementssupported
byEthernetWANservicesformedicalimagingapplicationsthataretransmittedfroma
hospitaltoothermedicalfacilities.High-speedstorageofmedicalrecordsalsobenefitsfrom
usingEthernetWANservices,whichareidealforlow-latencystorageprotocolssuchas
VMware.IPVPNservicessupportthehealthcarevoicenetwork,email,patientdata,andother
applicationsrequiringconnectivitybetweenhospitals,doctors,insuranceproviders,
laboratories,andotherprovidersofservicesthatarepartoftheextendedhealthcarenetwork.
Figure7illustratesatypicalexampleofhowenterprisescanconnecttheirbranchoffices,regional
offices,anddatacentersusingamanagedIPVPNserviceforany-to-anyconnectivityandaEthernet
WANforhigh-bandwidthpoint-to-pointconnectionsbetweendatacenterandheadquartersorasa
gatewaytooffloadtraffictothepublicInternet.
FIGURE 7
Enhancing Existing IP VPN Service to a Hybrid Network Using
Ethernet WAN
Source:IDC,2015
Ethernet Access to Hybrid Ethernet WAN and IP VPN
Ethernetaccessisnolongerlimitedtoafiber-onlyconnectiontoreachtheend-customersite.There
areotherflexibleaccessoptionsforimplementinganEthernetWANserviceorasanon-ramptoanIP
VPNservice.InadditiontoEthernetoverfiber(ActiveFiber,PON,SONET/SDH),Ethernetaccessis
supportedandavailableoverPDH(T1,DS3),copper(EFMCu),wireless(WiMAX,broadbandwireless,
andmicrowave),andHFC/DOCSIS,asshowninFigure4andFigure8.Ethernetaccessenables
higher-accessbandwidths,oftenatratesmuchhigherthanT1/T3.
-
8/19/2019 VPN Ethernet 2552144855
15/17
©2015IDC #229838R3 15
TheenterprisecustomerforEthernetWANserviceshasalsoevolvedfromlargeenterpriseslocatedin
fiber-richmetropolitancenterstothosewithgloballydistributedoperationsandmidsizebusinessesin
suburbanandruralsettings.ManyofthosesameenterprisesalreadyuseanIPVPNservicefortheir
WAN.EthernetaccesscanalsoprovideaccesstoaIPVPNservice,asdepictedinFigure7,as
EnterpriseBinterconnectstwobranchlocations,oneusingEthernetaccesstoconnecttotheIPVPN
service(ontheright)andthesecondbranchtoanEthernetPoP.
FIGURE 8
Ethernet Access to the Internet, IP VPN, and VPLS
Source:AT&T,2015
SUMMARY
Network-basedIPVPNsandEthernetWANsaretwoofthemostpopularWANconnectivity
alternativesformanyoftoday'sleadingenterprises.Enterprisesshouldselectserviceprovidersthat
offerrobustsolutionsbasedonanMPLS/IPbackbonenetworkthathavetheflexibilitytodelivereither
typeofservice,includinghybridsolutionsutilizingbothservices.
Bothnetwork-basedIPVPNservicesandEthernetWANservicesofferenterprisesarangeof
technologyandbusinessbenefitsbutperformbestwhendeployedinenvironmentsthatcloselymatch
theircapabilities.Network-basedIPVPNprovidesaflexibleplatformtounifycommunicationsacross
anenterprise'sdistributedlocations,andEthernetWANsarebestatsupportinghigh-throughput
applicationswithinamorelimitedfootprintandareoftenusedtoconnectmultipleLANsinasingle
metroareaorinterconnectmetroWANs.Byevaluatingtheirneedsacrosstheappropriaterangeof
criteriaoutlinedinthispaper,enterprisescanmatchthenetworkingcapabilitiestotheirbusiness
needsandevaluatecarrierswithanestablishedbackgroundofofferingacomprehensivesuiteof
-
8/19/2019 VPN Ethernet 2552144855
16/17
©2015IDC #229838R3 16
globalnetwork-basedIPVPNandEthernetWANfeatures,alongwithnetworkplanning,management,
WANoptimization,andmanagedapplicationservicechoices.Enterprisesshouldchooseacarrierthat
canpartnerwiththemonanetworkWANstrategyonaregularbasis,proactivelyadvisingthemon
improvingandoptimizingthenetworkastheirbusinessandnetworkapplicationsevolve.
-
8/19/2019 VPN Ethernet 2552144855
17/17
About IDC
InternationalDataCorporation(IDC)isthepremierglobalproviderofmarketintelligence,advisory
services,andeventsfortheinformationtechnology,telecommunicationsandconsumertechnology
markets.IDChelpsITprofessionals,businessexecutives,andtheinvestmentcommunitymakefact-
baseddecisionsontechnologypurchasesandbusinessstrategy.Morethan1,100IDCanalysts
provideglobal,regional,andlocalexpertiseontechnologyandindustryopportunitiesandtrendsinover110countriesworldwide.For50years,IDChasprovidedstrategicinsightstohelpourclients
achievetheirkeybusinessobjectives.IDCisasubsidiaryofIDG,theworld'sleadingtechnology
media,research,andeventscompany.
Global Headquarters
5SpeenStreet
Framingham,MA01701
USA
508.872.8200
Twitter:@IDC
idc-insights-community.com
www.idc.com
CopyrightNotice
ExternalPublicationofIDCInformationandData — AnyIDCinformationthatistobeusedinadvertising,press
releases,orpromotionalmaterialsrequirespriorwrittenapprovalfromtheappropriateIDCVicePresidentor
CountryManager.Adraftoftheproposeddocumentshouldaccompanyanysuchrequest.IDCreservestheright
todenyapprovalofexternalusageforanyreason.
Copyright2015IDC.Reproductionwithoutwrittenpermissioniscompletelyforbidden.
