February 27, 2001, 11:13 AM — An independent maker of IP service delivery switches has added Multi-protocol Label Switching capability to its flagship platform.
The move by CoSine Communications, announced last week, is designed to make its IPSX 9000 switch for service providers capable of delivering enterprise-grade IP VPNs with little or no requirement for new customer premises gear.
Together with the IPSX 9000's existing IP Security (IPSec), network-based firewall and virtual routing capabilities, CoSine executives hope the MPLS support convinces carriers to use the switch as the basis for enterprise IP VPNs serving corporate and off-net sites.
MPLS is an increasingly popular traffic-engineering technique that uses discrete labels for distinct user and application groups to separate forwarding information from IP headers. The idea is to create multiple VPNs without requiring switching and routing gear to dive deep into headers to divine quality-of-service characteristics all the way through the network.
But unlike many existing MPLS-based services from large carriers, in CoSine's implementation MPLS is tightly coupled with IPSec for a full range of end-user access options.
As called for under the IETF's MPLS specifications, the IPSX 9000 acts as a Label Edge Router to create a label-switched path through the carrier network between any two corporate sites. But the switch also adds firewall and IPSec encryption application services for public Internet communications outside the MPLS VPN -- all to give organizations fully secured extranets for extended numbers of authorized end users.
CoSine, a 1998 start-up that went public last year, largely competes with IP service switch vendors that have been snapped up by large manufacturers, such as Lucent's Spring Tide acquisition and the market-leading Nortel Networks' Shasta family of products. But the MPLS capability also brings the IPSX 9000 into the orbit of competition with carrier gear providing frame relay and ATM services, as well as customer premises gear supplied under carrier-managed IP VPNs.
Betting on all-in-one
CoSine officials are betting that service providers will spring for a network-edge platform that provides label switching and IPSec encryption all in one at the carrier site -- while eliminating the need for outfitting customer premises with their own security. "For a carrier, the notion of supporting a multinational corporation with [customer premises equipment (CPE)] is kind of scary," says David Messina, CoSine's director of product marketing.