|
|
|
|
|
|
| ISP Resources |
| ISP-Lists ISP Glossary ISP News The List ISPCON Events Free Newsletters |
|
|
|
||
| internet.commerce | ||
|
Partner With Us |
Virtual Private Networks
Customer Premise Equipment for VPN Services - continued
Software-based VPNs
One more option to consider is the software-based VPN server. Products
like Aventail's Extranet Center are essentially software deployed on general-purpose
computers—typically someplace inside the customer's
firewall. Software-based VPNs may operate as proxies that intercept application
traffic and redirect it to another server. From an ISP perspective, this
alternative can be attractive because it involves a single, dedicated
device with greater independence from routing and firewall concerns. However,
software servers only scale so far, and some customers may consider a
general-purpose platform to be a security risk.
Customer sensitivities
Of course, there are other alternatives to consider: adding VPN support
to a router that sits inside the firewall, locating VPN hardware on a
DMZ, or placing VPN CPE parallel to your customer's router or firewall.
Placement of CPE is not a simple question, and there are no easy answers.
However, service providers must pay attention to a number of customer
sensitivities regarding CPE placement and management.
- Customers who already own a firewall or access router may prefer to purchase a VPN add-on from the same vendor, rather than introduce another vendor's product. This is most relevant for turnkey VPN services. ISPs may be wise to qualify several products and allow customers to select the product that best meets their business needs.
- Customers may more readily accept introduction of new CPE than installing new software on existing customer-owned CPE. Turnkey service providers may find it useful to offer preconfigured "drop in" VPN hardware; managed service providers are better positioned to absorb the reconfiguration and tuning required to add VPN support to an existing managed firewall or access router.
- Customers will look to ISPs to recommend placement of CPE with respect to access routers and firewalls. This does not mean customers will allow ISPs to dictate placement—but it does mean that the most successful ISPs will be those prepared to discuss network topology issues, identify obstacles before deployment, and recommend solutions that overcome them.
The bottom line: treat CPE selection as a critical component of service deployment. Don't be swayed by vendor pitches that argue the best kind of CPE is the kind they happen to market. Listen to vendors, weigh their arguments, and talk to your prospective customers before making this strategic decision.
—End
return to the top of the article
Questions? Comments?
Drop a line to the Author or the
Editors.
|
|
| Best of ISP-Planet | ||
|---|---|---|
|
ISP-Planet
Guide
ISP-Planet's Principal Studies Directories:
Q2 2008 Top U.S. ISPs by Subscriber (Updated 08/29/2008)
ISP-Planet's Blogroll | ||
ISP-Planet's
RSS feed
Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia
Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers