| |
|
|
|
|
|
Wide Area Network (WAN)
A WAN (Wide Area Network) is an extended network that connects multiple LANs to one another over great geographic distances.
A point-to-point link in a Wide Area Network (WAN) provides a single, pre-established communication path from corporate office sites through a carrier network and are usually leased from a carrier (thus are often called leased lines) that are run on dedicated pairs of wire and facilities and are priced based on bandwidth and distance between two connected end points.
A Wide Area Network (WAN) Interface Card (WIC) is a card (circuit board) that fits into a router and serves as the physical interface to an access circuit connecting to the WAN.
A Wide Area Network (WAN) operates in the same way as a LAN in that WAN technology defines the frame format to be used and each computer connected to a switch is allocated a physical address that allows many WANs to use hierarchical addressing which simplifies forwarding that divides an address into two parts, one identifying the packet switch and the other the computer connected to that switch.
Wide Area Network (WAN) acceleration is a method of optimizing networks to better utilize existing bandwidth. Many new and old technology companies are offering forms of WAN acceleration by using a combination of techniques such as data compression and caching.
Multiprotocol Label Switching (MPLS) is an IETF initiative that integrates Layer 2 information about network links such as bandwidth, latency, and utilization into the Layer 3 Internet Protocol (IP) within a particular autonomous system (or ISP) to increase network performance by improving the speed and consistency of IP-packet exchange on a Wide Area Network (WAN).
On a Frame Relay Wide Area Network (WAN), if physical security is maintained, the network is arguably as secure as connecting network end points with dedicated private lines. For example, Customer As FRAD cannot connect to Customer Bs FRAD unless the service provider sets up a PVC between the two FRADs. Because there is no connectivity between different customer FRADs (unless both customers want to be connected), frame relay automatically creates a closed user group that completely eliminates the threat of a user on one customer network using a FRAD to access another customer FRAD.
IP VPNs may be public or private. A public IP VPN configuration uses the public Internet to establish secure connectivity. Private IP VPNs run completely on one service provider’s IP network. IP VPNs that run on private IP backbones are more secure than an IP VPNs that run completely across the public Internet because private addressing schemes and access lists are used to control network access.
Regardless of the security and privacy afforded by IPSec, digital certificates, and firewalls for data across the network, every router on one customer’s IP VPN has the potential to access every other customer router on the IP VPN via TCP/IP, which has many well-documented security flaws such as vulnerability to Denial of Service (DoS) attacks, firewall holes that may allow intruders to tunnel illegitimate traffic into or out of corporate networks, etc. Unlike frame relay networks, IP VPNs are inherently vulnerable to the risk of a user on one customer network using a router to access another customer router across the network. Vulnerability reports post new security threats to firewalls, routers, and other VPN equipment on a daily basis as VPNs are hacked. No similar problem exists for frame relay networks.
|
|
| |
|
|
|
|
