Saturday, 26 April 2014

DIFFERENCE BETWEEN VPN AND MPLS

Difference Between VPN and MPLS
Virtual Private Network (also known as VPN) is a computer network. This network is layered on top of a computer network that resides underneath it. The privacy connotes that the data that travels over the VPN is not visible to, or encapsulated from, the traffic of the underlying network. This is possible because of strong encryption –most VPNs are deployed to be high security network tunnels. As such, the traffic that happens within the VPN is seen as another traffic stream to the underlying network. In a technical sense, the link layer protocols of the virtual network –that is, the lowers layer of the Internet Protocol Suite– are tunnelled through the transport network underneath. In lay terms, the connection is thought of as a pipe in a pipe –the outer pipe is your internet connection.

Multiprotocol Label Switching (also known as MPLS) is a mechanism that directs and carries data from one network node to the next. It makes it easier to create virtual links between distant nodes. It also has the ability to encapsulate packets of a variety of network protocols. It is a highly scalable, protocol independent, data carrying mechanism. This basically means that data packets are assigned labels and decisions are made regarding where they will be forwarded based on the contents of the label, without ever having to examine the packet itself. As such, a user is able to create end to end circuits across any type of medium used for virtual transportation and using any protocol. The main objective is to eliminate dependence on any specific Data Link Layer technology (ATM, frame relay, SONET, or Ethernet, for instance).

Secure VPNs use cryptographic tunnelling protocols in order to provide the necessary and intended confidentiality, sender authentication, and message integrity in order to achieve the highest level of security. The protocols that carry out these functions include many features that include, but aren’t limited to Internet Protocol Security (or IPsec), which is a standard based security protocol with mandatory support; Transport Layer Security (or SSL/TLS), which is used for tunnelling the traffic of an entire network; and Secure Socket Tunnelling Protocol (or SSTP), which tunnels PPP or L2TP traffic through an SSL 3.0 channel. 

MPLS is operable at the OSI Model layer –which lies between traditional definitions of Layer 2 (the Data Link Layer) and Layer 3 (the Network Layer). It is often times referenced as the Layer 2.5 protocol. It was designed specifically to provide unified data carrying service for circuit based clients and packet switching clients –that provide a datagram service model. It was also designed to be able to carry a variety of traffic (IP packets, native ATM, SONET, and Ethernet frames, for example).

Summary:
1. VPN is a network layered on top of a computer network; MPLS directs and carries data from one network node to the next.
2. VPN use cryptographic tunnelling protocols to provide high level security; MPLS is operable between the Data Link Layer and the Network Layer.

No comments:

Post a Comment