VPN Configuration

[TC Wolsey]

I am working on a WAN design for a 130 store retail operation in 5
states. I want to do credit card authorizations as well as data transfers
and web applications. The 2 main designs recommended by different
companies are a 56K Frame or a 56K VPN.

Has anyone gone through this analysis already and found that one or the
other is better in uptime, throughput and security? I am leaning towards
a VPN but am concerned about the credit card authorization and the costs
to manage the VPN.

Thanks -

Jeanne Wright
Director of IT
jeannew at thorntonoil.com

--------------------

Frame, like any semi-permanent network setup is probably going to be more
reliable in terms of uptime and throughput. This does not really have much
to do with Frame Relay (compared to ATM, SMDS, etc) or VPNs really - it is
simply a matter of having a greater degree of control over the transit
path of the network. With a private FR network you control what goes into
the PVCs and hence the what you receive at the far end of the pipe. If
your VPN options means a 56k line into an ISP at each retail site you may
not have much control of the flow of data while it is between your retail
locations.

You indicate that you are concerned with the security of the credit
authorizations, I assume that you mean confidentiality of the
transactions. If confidentiality is a concern, use crypto to establish a
confidential channel - this does not necessarily mean a VPN. There are
many methods of crypto for private nets at both the network and Frame
Relay layers.

You also indicate that your traffic mix will consist of file transfers and
Web traffic. If the transport for this traffic is TCP, then the FR
solution may have an advantage that the VPN does not - TCP header
compression on point-to-point PVCs. 56k of bandwidth does not leave much
room for error and most crypto and VPN schemes add additonal per-packet
overhead.

Regards,

tcw

VPN is sponsored by SecurityFocus.COM