At present, many growth-type enterprises in China are faced with these challenges: branches, distributors, partners, customers and personnel on a business trip need to access the company’s resources through the public network.
At present, many growth-type enterprises in China are faced with these challenges: branches, distributors, partners, customers and personnel on a business trip need to access the company’s resources through the public network. Such resources include internal information, OA, ERP system, CRM system, e-mail, project management system, etc. While accessing the network resources, a highly reliable security link needs to be built.
In order to further meet the VPN application requirements of the growth-type enterprises, we have launched a comprehensive solution based on integrated service router (ISR) enterprise-level virtual private network (EVPN). In terms of the scalable platform, security, service, application and management as five VPN implementation elements, it is of a standard-based open architecture, scalable and end-to-end network interconnection capability. With the advanced Cisco ISR, we have provided growth-type enterprise users with a variety of VPN connections, safe and reliable encryption ways to protect the enterprise's information resources.
Implementation of VPN solution
In order to meet the VPN application requirements of growth-type enterprises, we have provided a variety of VPN connection ways through ISR, such as IP security VPN (IPSec), secure socket VPN (SSL), dynamic multipoint VPN (DMVPN) and VPN for mobile phone access.
Security assurance: Although there are many technologies and ways to realize VPN technology, all VPN should ensure the specificity and security of data transmitted through the public network platform. In terms of security, VPN is directly built on the public network, simple, convenient and flexible operation can be realized, but the security issue becomes more prominent. The enterprise must ensure that the data transmitted on its VPN is not peeked and tampered by the attacker and that illegal users’ access to network resources or private information should be prevented.
Quality of service (QoS): VPN network should provide different levels of service quality assurance for enterprise data. The requirements of different users and services for QoS vary widely. In network optimization, another important requirement for building VPN is to make full and efficient use of limited WAN resources and provide reliable bandwidth for important data. The uncertainty of WAN traffic makes its bandwidth utilization very low, causing network congestion at peak traffic, making the data with a high real-time demand fail to be sent timely and resulting in a lot of idle network bandwidths at low traffic. Through traffic prediction and traffic control strategy, QoS can realize bandwidth management according to the priority level, making all kinds of data be sent in a reasonable way and preventing congestion.
Scalability and flexibility: VPN must be able to support any type of data stream through Intranet and Extranet, add new nodes conveniently, support multiple types of transmission media and meet the requirements of high-quality transmission and bandwidth increase for transmission voice, image, data and other new applications.
Manageability: It can be easily managed and maintained from the perspectives of users and operators. VPN management objective includes: to reduce network risk and feature high scalability, economical efficiency and high reliability. In fact, VPN management includes security management, device management, configuration management, access control list management, QoS management and other contents.
Multiple VPN connections: The VPN solution of Cisco based ISR provides growth-type enterprise users with various VPN connections.