[c-nsp] Good doc. on VRF's?

Nick Shah Nick.Shah at aapt.com.au
Wed Dec 15 18:38:38 EST 2004


Dave

A few months ago I had been in search of something on similar lines to
position a MPLS VPN product against L2 (FR/ATM) products. Unfortunately
I didn't find much, except for the MierCom report. I then created a Q&A
format on the basis of questions most frequently asked to our Pre Sales
engrs. On the basis of that I wrote a document outlining the security of
an MPLS VPN and how it fares against traditional FR/ATM based VPN's.
There is a fair bit of stuff from the MierCom report, and some stuff
that I read up on. 

It answers questions such as :

- Analysis of MPLS VPN security
- How do MPLS VPN achieve routing separation between customer VPNs ?
- How are customer routes carried through the MPLS CORE ?
- The need to hide the MPLS core from the world ?
- How does an MPLS VPN compare to a Frame Relay (or ATM) based Layer 2
VPN ?
- How does internet access from FRAME RELAY VPN & MPLS VPN compare ?
- What is Label Spoofing ? 
- So, does the customer need IPSEC ?

Email me offline if you need it, I will send it to you.  (ps. Some of
the stuff is the way our core is designed, but its more or less industry
standard)

Rgds

Nick
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dave Temkin
Sent: Thursday, 16 December 2004 3:53 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Good doc. on VRF's?



Does anyone have a link to a good document (whitepaper style) on VRF's
that I can show some security ppl?

I could try to explain it, but it'd be easier for them to read it.

Thanks,
-Dave
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


------------------------------------------------------------------------------
This communication, including any attachments, is confidential. If 
 you are not the intended recipient, you should not read it - please 
 contact me immediately, destroy it, and do not copy or use any part of 
 this communication or disclose anything about it.

------------------------------------------------------------------------------




More information about the cisco-nsp mailing list