Calculating bandwidth requirements

Chris Carlson carlsonmail at yahoo.com
Sun Oct 10 22:11:24 EDT 1999 

Danilo,

Where are the satellite offices located?  Can you get
something other than leased-line to an ISP for your
VPN?  For example: DSL, ISDN, or cable modem? 
Leased-line wouldn't be much of a cost savings.

Those choices, possibly coupled with multilink PPP,
would give you over 56k access speeds, which I feel is
needed for your application mix.

One user may be satisfied with 56k speeds, but I don't
think a small office would.  Note, however, that 56k
modem dial-up to an ISP and using a VPN probably gives
you 20%-75% less bandwidth than a 56k leased-line
connection back to the home office due to latency,
congestion, etc.

I would almost recommend dial-on-demand, 2B channel
ISDN (128K) for your small offices, possibly going to
DSL and/or cable.  Dial-on-demand would keep
networking costs low by providing for connectivity
only when traffic is generated.  Make sure, however,
that your VPN devices don't time out during the ISDN
dial-up sequence.  You could almost use a Cisco 25xx
or 33xx series with BRI and an IPSec module.

Also, whatever you do, try to make sure that you
select the *same* ISP to connect your satellite
offices and home office to the Internet.  This way,
even though you'll be on the "Internet", those offices
are on the same ISP backbone so you'll actually get
better performance, less congestion, and even may
negotiate QOS levels over using a mix of ISPs.

For your home office, I would think you'd need at
least a burstable T-1.  Most VPN vendors say that a
single T-1 can support about 200 concurrent remote VPN
users, given that the traffic is an aggregate mix and
that users aren't always sending data at the same
time.

Good luck!

Chris
--
Carlson Consulting Group
Security/VPN/Internet Consulting
Reston, VA, USA
============================================

--- Danilo Dessi <ddessi at ibm.net> wrote:
> I am responsible for recommending a remote access
> solution for a small
> bank.  The requirements are:
> -connect the main branch office with three satellite
> offices
> -connect telecommuters and mobile users to the main
> branch office
> In order to meet this requirements I have ruled out
> dedicated lines
> between the offices and modem pools for
> telecommuters/mobile users.
> Instead I have chosen to implement a VPN solution.
> I have three viable VPN solutions on the table to
> choose from, however I
> am still unsure of what bandwidth I will require in
> the three satellite
> offices.  I am thinking of just installing a
> burstable T1 and seeing how
> things go, but it would be more economical if I can
> get away with plain
> old analog 56k modem dial-in.  Can anyone recommend
> the best way to
> determine sufficient bandwidth.  The VPN will be
> used for print/file
> sharing on a Novell file server in the main branch
> office and for AS400
> work.  The VPN will be used intermittently a few
> hours each day.  Thank
> you for all replies.  Danilo Dessi
> 
> 
>
****************************************************************
> TO POST A MESSAGE on this list, send it to
> vpn at listserv.secnetgroup.com
> 
> The VPN FAQ (under construction) is available at
> http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
> 
> We are currently experiencing "unsubscribe"
> difficulties.  If you
> wish to unsubscribe, please send a message
> containing the single line
> "unsubscribe vpn your-e-mail-address" to
> owner-vpn at listserv.secnetgroup.com
> 
>
****************************************************************
> 


=====

__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com

****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************

More information about the VPN mailing list