In order to compare pricing for VPN service and MPLS service, it is important to note that there are three main components to a Virtual Private Network:
1. Connection - Every user within a VPN must have some type of connection to the public network or Internet. As with any Internet-based service, performance will always be improved with a faster and more reliable connection.
2. Authentication - It is crucial for everyone involved to determine exactly who is on the other end of the VPN. There are many different methods to authenticate users to a session or network. Proper authentication will keep unauthorized or unwanted users from disrupting a network.
3. Encryption - This is the key to ensuring the privacy of the information being sent. Again, there are a number of different encryption techniques, obviously the higher the level of encryption, the less likely the data is to being compromised should someone intercept it. As encryption and encapsulation is a fairly intensive process, the encryption device should be able to quickly handle the traffic to avoid becoming a bottleneck within the network.
To make a connection across a VPN, the VPN Access Device at the sending location must first contact the VPN Access Device at the receiving site. The sending location must also authenticate the other location and the two devices form a temporary sending path, referred to as a "tunnel". After the two have agreed upon an encryption technique, the sending device encrypts the data and encapsulates it into an IP packet. The data is sent through that tunnel, over the public network, where the receiving device reverses the process; stripping the IP information, decrypts the contents and forwards the sent data to the appropriate user at that site.
In a similar comparison to Frame Relay, the local telephone company is typically used to provide the physical connection to the ISP or chosen carrier's Point of Presence (POP). A dedicated connection is not required for every site using the VPN, as a user may access the network via a wireless technology, but there does need to be some type of connection to the public network. Many new access technologies, such as ISDN or DSL, are being praised as low-cost, high-speed alternatives to traditional local connections to a carrier's network. Connections to sites within a VPN can be of varying bandwidth, thus allowing companies to save on unnecessary monthly access costs.
In addition to the connection to the public network, there must also be some form of added security to create a "true" VPN. These added levels of security can be performed at either end of the public network connection. At the customer's site, there may be some type of VPN access device; as explained before, these devices can be hardware or software-based. Hardware-based VPN access devices are typically certain security features within a router or FRAD, but can also be stand-alone components. Stand-alone VPN devices, both hardware and software-based, are usually more robust with features and management. Most carriers current VPN offerings include the installation and remote management of this type of equipment at a customer's site.
Some carriers are now offering a "Network-based" VPN service. With this type of service, the standard connection equipment (router and CSU/DSU) is still installed at a customer's site, but the added security is implemented by the provider somewhere within their network. This type of arrangement makes the monitoring and management of VPN services that much easier for the carrier. Upgrading and repairing VPN equipment is much easier with everything in one central location. Configuration and changes can also be made rather quickly and easily.
In order to compare pricing of a Managed VPN services, it is important to remember that service is dependent upon a number of factors and will vary by provider, but the access portion is figured the same as any Internet connection. With a dial-up line, there are monthly charges for having the line in addition to usage. A dedicated connection, however, is priced just like a Leased Line, in that the cost of an LDC is based primarily upon bandwidth and physical distance (mileage) from the long distance carrier's POP. In addition to the physical connection, there is typically a monthly fee for accessing to the provider's network (this may or may not be usage-based).
The additional pricing for Managed VPN service, again varies by carrier, but is typically a set monthly charge per site depending upon the equipment and additional services. These contracts will also vary upon the type of service and length of commitment (term) of contract with the carrier. As always, any portion of the circuit cost may vary from month-to-month, which is exactly why our quotes are only good for 30 days. We will always make available any current discount or promotion to give you the best prices available from each carrier at that time, making it easy to compare VPN service and MPLS service pricing.