You are previewing [Read Me First] Building or Buying VPNs.
O'Reilly logo
[Read Me First] Building or Buying VPNs

Book Description

[Read Me First]: Building or Buying VPNs (Digital Short Cut)

Kunjal Trivedi

ISBN-10: 1-58720-134-8

ISBN-13: 978-1-58720-134-9

One of the most popular approaches to establishing a secure computing and network environment is the virtual private network (VPN), which enables organizations to use Internet transport securely to connect remote offices and remote users to the main corporate site, thus eliminating expensive dedicated WAN links and modem banks. Furthermore, with the advent of cost-effective, high-bandwidth technologies such as DSL, organizations can use VPNs to reduce their connectivity costs while simultaneously increasing remote connection bandwidth.

[Read Me First]: Building or Buying VPNs helps managers and network security engineers understand and evaluate the costs and benefits associated with this fast-growing technology. This Digital Short Cut helps you to evaluate technology choices, such as whether to build or buy VPN services and how to efficiently manage and lower costs of VPN solutions. From the networking professional to the CEO, this Digital Short Cut provides important information on the business strategies behind the technology.

Table of Contents:

Chapter 1: The VPN Technology Promise: Secure Access from Anywhere to Anything

Chapter 2: Making the Business Case for Building or Buying a VPN

Chapter 3: VPN Technology Primer and Comparisons of VPN Technology Options

Chapter 4: Cisco Case Study: Deploying VPN Services for WAN Connectivity and Disaster Recovery

Chapter 5: Case Study: Managed VPN Services for Teleworkers Using IPsec Technology

Appendix A: Decision Maker Checklist: VPN Planning, Design, Implementation, and Operation Stages

Appendix B: Decision Maker Checklist: VPN Vendor Selection

About the author:

Kunjal Trivedi, CCIE No. 3460, initially joined Cisco in 1999 as a

consulting engineer but soon moved into security consulting. He then

worked in product management covering Cisco IOS infrastructure security.

Currently, he is helping Cisco shape the marketing vision and strategy

for managed security services.

A widely respected networking security expert, Kunjal has published

articles and presents infrastructure security, IP security, and managed

security topics at Cisco Networkers events and at conferences such

as the Asia Pacific Regional Internet Conference on Operational

Technologies.

Kunjal has a bachelor of engineering degree with honors in electrical

and electronics engineering from the University of Wales, College of

Cardiff, and a master of science degree in artificial intelligence from

Cranfield Institute of Technology, UK. He holds CISSP and CCIE

designations in routing and switching and security. Recently, Kunjal

was awarded Chartered Engineer status by the Institute of Engineering

and Technology in the United Kingdom. He can be reached at

kunjal@cisco.com.

Table of Contents

  1. Copyright
    1. Dedication
  2. About the Author
  3. About the Technical Reviewers
  4. Acknowledgments
  5. Introduction
  6. 1. The VPN Technology Promise: Secure Access from Anywhere to Anything
    1. The Challenge: Matching Technology to Deliver Business Solutions
      1. What Businesses Require to Operate and Compete
        1. Living with “The Model Of Pervasive Distrust”
        2. Regulatory Requirements
      2. What VPN Technology Can Deliver Today
        1. Matching the Business Requirements with VPN Technology Offerings
    2. VPN Scalability, Performance, and Maintenance
  7. 2. Making the Business Case for Building or Buying a VPN
    1. VPN Business and Financial Considerations
      1. Reviewing Business Analysis Tools
      2. Comparing the Business Analysis Tools
    2. Making the Decision: Build or Buy
    3. How VPN Networks Save Money
      1. Mobile Workforce
      2. Telecommuters
      3. Reduced Overheads
      4. Advantages of Deploying a VPN Solution
    4. Life After Decision Making: Successful Rollout of a VPN Solution
      1. Monitoring and Management After Migration to a VPN Solution
        1. VPN Resource Management
        2. Capacity Planning
        3. Monitoring and Reporting Frameworks to Generate Service Level Agreement Information
        4. Metrics
        5. Granularity
      2. Managing Ongoing Costs
    5. Summary
  8. 3. VPN Technology Primer and Comparison of VPN Technology Options
    1. Choosing the Right VPN Solution—A Technology Primer
      1. Indicators That MPLS Is a Good Choice
        1. MPLS User Experience
        2. MPLS Strengths
        3. When to Implement MPLS
        4. MPLS VPN Considerations for Building Versus Buying
        5. Drawbacks of MPLS VPN
      2. Indicators That IPsec Is a Good Choice
        1. IPsec User Experience
          1. Remote-Access User Experience
          2. Site-to-Site User Experience
        2. IPsec Strengths
        3. When to Implement IPsec
        4. IPsec VPN Considerations for Building Versus Buying
        5. Drawbacks of IPsec VPN
      3. Indicators That SSL Is a Good Choice
        1. SSL User Experience
        2. SSL Strengths
        3. When to Implement SSL
        4. SSL VPN Considerations for Building Versus Buying
        5. Drawbacks of SSL VPN
    2. Classifying Virtual Private Networks
    3. Summary
  9. 4. Cisco Case Study: Deploying VPN Services for WAN Connectivity and Disaster Recovery
    1. Industry Analysis
    2. Background
    3. Challenge
    4. Solutions
      1. WAN Links Between Cisco Offices
        1. Primary Connectivity with Backup
        2. Primary Connectivity Without Backup
        3. Backup Connectivity with Dedicated Primary Circuits
      2. Disaster Recovery Between Global Regions
      3. Links Between Cisco and Partner Location
        1. Extranet Remote LAN Model
        2. Interconnect Model
    5. Results
      1. WAN VPN Connectivity Summary
      2. Deployment Pointers
        1. Monitoring Considerations
        2. Standardized Configuration
        3. Rely on Trusted Partners
        4. Set Expectations with Extranet Partners
        5. WAN VPN May Not Always Be the Best Choice
        6. Total Cost of Ownership Should Determine Choice
        7. Latency Issues
    6. Next Steps
    7. Conclusion
  10. 5. Case Study: Managed VPN Services for Teleworkers Using IPsec Technology
    1. Industry Analysis
    2. Background
    3. Challenge
      1. The Drawbacks of a DIY VPN Home Solution
    4. Solution
    5. Results
    6. Business Analysis to Make a Build or Buy Decision
      1. Self-Managed VPN Cost Estimate
      2. Buying a Managed VPN—Cost Estimate
      3. Comparing TCO for Build Versus Buy
    7. Conclusion
  11. A. Decision-Maker Checklist: VPN Planning, Design, Implementation, and Operation Stages
    1. Assets
    2. Risks and Threats
    3. Assessment of Security Posture
    4. User Profile
    5. Solution and Technology
    6. Network Management
  12. B. Decision-Maker Checklist: VPN Vendor Selection
    1. VPN Vendor Selection
    2. Identifying the Rollout Strategy and Managing the Continued Vendor Relationship