Business Solution Overview
Cisco Remote Access to MPLS VPNs
In today's challenging economy, service providers are rethinking their network strategies on how to reduce both capital and operational costs and at the same time grow revenues in a competitive market. Profit margins on raw connectivity services are in steep decline, and as a result, service providers need to differentiate themselves and create additional revenue-generating services. The key to reducing costs and improving competitiveness lies in developing a service-centric network that bundles value-added services on top of transport services.
Cisco Systems is uniquely positioned to help service providers build networks that create new revenue opportunities through the development of managed virtual private network (VPN) services that business customers want today. The in-depth knowledge of network-driven applications and business services available at Cisco helps service providers identify and drive demand for new services with enterprise and small- to medium-sized business (SMB) customers. Cisco understands how to address the service provider productivity that is necessary for profit, and as a leading supplier of world-class products and solutions, can assist service providers in reducing capital cost and developing alternate business models for varying economic conditions.
The Cisco Remote Access to Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) solution enables service providers to offer managed VPN services and advance their service portfolio. The transition from connectivity to managed VPN services begins with one foundational service: MPLS-based VPNs. Once MPLS-based VPN capability is put into place, other managed VPN services can be deployed.
By extending existing MPLS VPN capabilities such as remote access to the last mile over dial, digital subscriber line (DSL), or cable, service providers can achieve a higher return on investment (ROI) for existing MPLS core infrastructure. Once remote access MPLS VPNs are in place, the service provider can offer incremental VPN services to remote access VPN customers including multimedia applications, content delivery, packet telephony, e-commerce, and application hosting. With a strong MPLS-based VPN portfolio, a service provider can meet customer needs, differentiate itself in the marketplace, generate new revenue streams, and build customer loyalty.
Market Drivers for Remote Access VPNs
VPN technology has progressed significantly from the "early adopter" phase to the "early majority" phase, as defined in Geoffrey Moore's theory titled Technology Adoption Life Cycle. In particular, Access VPNs are being driven by the phenomenal growth of the Internet and the rapidly increasing number of telecommuters and mobile users. Access VPN technology has enabled more and more people to work from remote locations, which can be convenient for employees and a cost-saver for companies, as it eliminates old corporate boundaries and geographic restrictions and replaces them with more efficient paths of communication. As these trends continue, the need for secure and reliable remote access to corporate networks will grow.
The worldwide access VPN opportunity is strong. Recent research from Ovum research group indicates that the global VPN market size for carrier-based VPN services in 2002 is US$8.66 billion, and will grow to US$32.5 billion by 2006. The remote access VPN market is US$2.0 billion in revenue in 2006, and will grow to US$4.2 billion in revenue in 2006.
Astute service providers are seizing the opportunity to build incremental revenue into their business models using VPN technology. New managed services such as remote access, site-to-site connectivity, and extranet VPNs extend a service provider's revenue stream far beyond basic connectivity and transport services.
Need to Reduce Capital and Operating Expenses
Service providers are under constant pressure to improve network efficiencies, reduce capital expenditures (CAPEX) and operating expenses (OPEX), and generate top-line service revenue over basic connectivity. Service providers must evaluate their service portfolio and determine how to offer more cost-effective and revenue-generating services. By leveraging their existing MPLS core infrastructure, service providers can offer value-added services, such as managed remote access VPNs, to meet the changing network access needs of enterprise and SMB customers.
Telecommuting Population on the Rise
Telecommuting of all flavors is skyrocketing worldwide. Telecommuters can be defined as employees who work from home (or another remote location) more than one day per week, but many telecommuters work remotely on a full-time basis. Day-extenders are defined as employees who access the network from home after regular business hours. Telecommuters and dayextenders require high availability, broadband access, voice access and integration (for DSL and cable users), user authentication, and simple security management.
By bringing work to the worker via a secure remote access connection to the corporate LAN, companies can reduce office-space and facility expenses, save money, increase productivity, improve employee retention, reduce absenteeism and stress levels, improve employee job satisfaction, and recruit high-quality candidates who are unable to relocate. Companies of all sizes recognize the importance of offering flexible working styles for valuable employees who need to balance work/life issues. Remote access VPNs give employees the flexibility to work where and when they can be most productive. Simply put, employees can improve their productivity by working at home on either a full-time, part-time, or after-hours basis.
IDC estimates the number of telecommuters working at home either part time or full time at the end of 2001 in the United States at 8.9 million, with an additional 20.3 million day-extenders remotely accessing their corporate networks. More than half of all U.S. telecommuters are employed by small businesses—defined as firms with fewer than 100 employees. These small businesses tend to have many employees working from home three or more days a month.
In a similar comparison, the number of telecommuters in Western Europe is expected to rapidly increase. According to a Gartner report, the European teleworking population—which includes part-time and full-time telecommuters as well as day-extenders—was estimated to be 12.3 million in early 2002. European countries with the largest number of teleworkers are ranked as follows: Germany, United Kingdom, Finland, Sweden, the Netherlands, and Denmark.
Mobile Worker Population Growing Dramatically
Mobile workers are defined as individuals who travel frequently and work from multiple locations, who spend at least 20 percent, if not more, of their annual working hours away from home, main place of work, or both. After a day of travel, meetings, sales calls, or meeting sessions, mobile professionals often return to their hotel rooms and log on to the home office network to check e-mail, respond to customer demands, submit orders or file reports, review critical documents, or prepare for the next day's work.
To access corporate networks, using dial-up conections, mobile workers require widely distributed dial-in access, user authentication, and simple security management. Ease of use and service reliability are both essential to this user community in order to maintain their productivity while out of the corporate office. Industries most likely to have a strong telecommuter and mobile worker population include: business consulting, architectural firms, engineering firms, health care companies, the real estate industry, and insurance companies.
According to IDC, in late 2001, the United States had roughly 45 million mobile workers. In comparison, there were about 11 million European mobile workers users. Both markets are expected to grow rapidly during the next five years.
Dial Is Top Choice for Remote Access, but Broadband on Increase
Access VPNs enable remote-access connectivity and allow telecommuters, day-extenders, and mobile workers to securely access corporate resources. In the United States, dialup is the prevalent choice for remote access into the network. According to Infonetics, approximately two-thirds of telecommuters and day extenders using VPNs are still creeping along on 56K or slower modems. In Western Europe, IDC reports that 40 percent of the remote user population (both telecommuters and day-extenders) are using dial.
Residential broadband is in the early phase of the technology adoption life cycle and provides an additional catalyst for service providers to deploy remote access VPNs for telecommuters and day-extenders. Although dialup is a popular and convenient choice for remote access, telecommuters and day extenders are starting to choose cable and DSL over dialup access, with many smaller companies preferring cable. Cable service has not been targeted at medium-sized and large organizations, so the adoption rate with these companies is lower.
Outsourcing on the Rise
As companies become larger and more geographically dispersed, there is a direct impact upon the complexity and manageability of wide-area networks. As the mobile and telecommuting user base increases, it becomes increasingly cumbersome for IT departments to scale remote access operations, especially in a distributed enterprise environment. Businesses are opting to outsource remote access VPNs for many reasons:
- Limited resources—Lack of internal technical support to manage remote access internally
- Secure access—No consistent security policy across the network
- Cost savings—Reduction in operations and management costs by outsourcing
- Faster connection—Higher bandwidth access requirements by remote users ( cable and DSL)
- Ease of use/convenience—Scalability and simple provisioning required to quickly add new remote access users
- Design and implementation—New remote access network services require quick roll out
- Global reach —Mobile users access network through local toll-free call
Enterprise and SMB customers want to reduce their total cost of overall network ownership, improve security, enhance IP-based services, and enable their employees to be more productive through telecommuting and working while traveling. Outsourcing remote access VPNs can be a viable alternative for achieving this goal.
Service Description
Managed access VPN services enable enterprises and SMBs to offload ongoing maintenance of remote access services to their service provider. Remote access needs can be met for telecommuters, day-extenders, and mobile workforces across a wide range of access technologies. Remote access VPNs are cost effective for all types of users, permit local or toll-free call capability for dialup users, and allow telecommuters and mobile users to gain access to applications available across corporate intranets or extranets when needed.
Benefits to Service Providers
Business customers will typically look for a single service provider that can fulfill all of their VPN requirements. For service providers, there are ample growth opportunities to deploy VPN services to enterprise and SMBs.
By furnishing remote access VPNs to business subscribers, service providers can achieve the following benefits:
- Maximize use of MPLS core services
- Expand VPN service portfolio by providing remote access, intranet, and extranet
- Extend MPLS VPN services to last mile over dial, DSL, or cable
- Reduce CAPEX by leveraging existing network infrastructure
- Reduce OPEX through easier provisioning/changes of remote VPNs
- Meet evolving remote access needs of business customers in terms of network scalability, reliability, and performance
- Generate greater differentiation in competitive market
- Create new revenue streams
- Increase customer loyalty
Benefits to Businesses
Businesses recognize the advantages of outsourced communications as a way to strengthen their market position, focus on their core business, and reduce costs. Companies that formerly handled their own communications requirements are choosing to partner with service providers to manage some or all of their network infrastructures. Outsourced VPN solutions permit IT managers to simplify their remote access implementations and replace expensive and often difficult-to-manage legacy remote access networks.
For many companies, VPNs are the starting point to connect widely dispersed workgroups in an efficient, cost-effective manner because they enable real-time access to centralized business applications and resources. Outsourcing provides an excellent opportunity for companies that want to improve their flexibility and competitiveness, but lack the in-house resources for deploying new programs/services.
Table 1 End User Benefits of Outsourcing Remote Access VPNs
| Business benefits: | Technical benefits: | |
|---|---|---|
Cisco Network Solution
By leveraging an existing core MPLS infrastructure, service providers can offer managed, scalable, and efficient remote access VPNs. The functionality of the solution for dial, DSL, or cable is very similar, if not identical to one another.
Functional elements of the Cisco Remote Access to MPLS VPN solution include:
- Cisco-based MPLS core and virtual home gateways (provider edge/PE)
- Existing remote access network (based on existing basic connectivity through dial, DSL and cable routers and access servers), supported by Cisco technology
- User authentication procedures
- User address management mechanisms
- Network management
Various international service providers have extensively tested the functional elements of the Cisco Remote Access to MPLS VPN solution for robustness, reliability, scalability, flexibility, ability for expansion, and easy implementation, and are now offering remote access VPN services to their customers.
Figure 1 illustrates the topology included in a VPN-capable MPLS backbone operated by the service provider. The end-user customer has outsourced all remote access operations to its service provider. In addition, but not explicitly shown, the service provider operates an MPLS VPN that connects teleworkers and mobile workers to the network.
Figure 1
Remote Access to MPLS VPN Solution Diagram
Dial Remote Access Solution Components include:
Table 2 Cisco Dial Remote Access Solution Components
| Access Technology | Cisco Product |
|---|---|
|
Cisco 6400 Access Concentrator Node Route Processor |
|
DSL Remote Access Solution Components include:
Table 3 Cisco DSL Remote Access Solution Components
| Access Technology | Cisco Product |
|---|---|
Cable Remote Access Solution Components include:
Table 4 Cisco Cable Remote Access Solution Components
| Access Technology | Cisco Product |
|---|---|
The true promise of managed VPN services lies in a service provider's ability to deliver a range of bundled, scalable VPN solutions that integrate access VPNs with intranet and extranet services. Service providers are gaining credibility as networking service experts by being able to manage their customers' inter- and intra-business communications needs. Incremental VPN services, including multimedia applications, content delivery, packet telephony, e-commerce, and application hosting can be offered to telecommuters and mobile workers once the remote access VPN service is established.
For more information go to http://www.cisco.com/go/vpnsolutions or contact your local Cisco sales representative for more details on this solution.