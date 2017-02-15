IDC recently made a strong case for enterprise adoption of hybrid network-based IP virtual private network (VPN) services that combine Multiprotocol Label Switching (MPLS)-enabled VPNs for larger sites and IPSec network-based VPNs for smaller locations.

Many enterprises rely on MPLS for high-performance, critical communications. With an ability to support multiple protocols and to direct traffic more speedily from point to point, such as between data centers and major office hubs, MPLS has been a preferred option for knitting together enterprise virtual private networks (VPNs) over wide area networks (WANs).

But, as enterprises have decentralized their workforces, they have adopted IPSec VPNs to accommodate remote and mobile workers using a variety of devices.

“Today, many enterprises employ more than one type of VPN service: a managed MPLS VPN for some locations, a separate IPSec VPN for remote access, and possibly even an SSL-based VPN solution for some employees,” says IDC. “Integrating application performance requirements across an enterprise is extremely complex.”

But, says IDC, a hybrid network-based VPN “enables enterprises to maintain consistent service policies, application performance, and secure connectivity to corporate applications for workers from any location.”

Automatic failover to wireless

Utilizing such a hybrid VPN enables enterprises to automatically use 3G and 4G wireless as an alternate when there is an outage at an MPLS-connected site, says IDC. One of the most popular applications is “an enterprise telepresence service that extends telepresence sessions between corporate office locations that are part of the MPLS VPN network to remote access IP VPN sites or even individual workers accessing the VPN.”

But because hybrid network-based VPNs can also entail greater management challenges, IDC says it is crucial to develop a comprehensive network strategy and select the right service provider. The market research and consulting organization recommends that enterprises consider a hybrid network based on 6 key attributes:

Breadth of access and extended global reach

Flexibility

Resiliency

Security

Proactive management and reporting

Service agility

“Today's service provider has to be able to offer a VPN platform solution that has the flexibility to support the use of hybrid network-based MPLS and IPSec VPN networks for diverse enterprise environments,” says IDC. “These hybrid platforms increasingly have to provide 99.99% or 99.999% network availability and SLAs that enterprises are accustomed to with a managed MPLS VPN network.”

SDN brings flexibility

In the past, MPLS WANs generally have required deployment of hardware-based appliances dedicated to specific WAN functions, such as firewalls and VPN access. But with software-defined networking (SDN), enterprises can take advantage of greater network flexibility and centrally managed deployment of virtual network functions to standards-based platforms rather than proprietary appliances.

AT&T is providing the benefits of NFV to its customers in the form of AT&T FlexWare. Offered in conjunction with AT&T VPN service, FlexWare supports Juniper and Cisco virtual routers, Fortinet virtual security, and Riverbed virtual WAN accelerator. These AT&T-certified FlexWare Applications can be deployed on either small or medium industry-standard FlexWare Devices and come with flexible AT&T or customer management options.

In October 2016, AT&T announced its Software-Defined Wide Area Network, which will add SD-WAN service to the FlexWare options. “AT&T expects most customers to operate hybrid WANs with both MPLS and broadband connections,” IDG News Service reported. “With the SD-WAN service, the carrier can run these hybrid networks in a unified fashion and make sure the applications that the enterprises need most will get the performance they require.”

For more information on AT&T VPN developments, please visit www.att.com/vpn