CoSine moves to make IP VPNs easier

By David Rohde, Network World |  Networking

An independent maker of IP service delivery switches has added Multi-protocol Label Switching capability to its flagship platform.

The move by CoSine Communications, announced last week, is designed to make its IPSX 9000 switch for service providers capable of delivering enterprise-grade IP VPNs with little or no requirement for new customer premises gear.

Together with the IPSX 9000's existing IP Security (IPSec), network-based firewall and virtual routing capabilities, CoSine executives hope the MPLS support convinces carriers to use the switch as the basis for enterprise IP VPNs serving corporate and off-net sites.

MPLS is an increasingly popular traffic-engineering technique that uses discrete labels for distinct user and application groups to separate forwarding information from IP headers. The idea is to create multiple VPNs without requiring switching and routing gear to dive deep into headers to divine quality-of-service characteristics all the way through the network.

But unlike many existing MPLS-based services from large carriers, in CoSine's implementation MPLS is tightly coupled with IPSec for a full range of end-user access options.

As called for under the IETF's MPLS specifications, the IPSX 9000 acts as a Label Edge Router to create a label-switched path through the carrier network between any two corporate sites. But the switch also adds firewall and IPSec encryption application services for public Internet communications outside the MPLS VPN -- all to give organizations fully secured extranets for extended numbers of authorized end users.

CoSine, a 1998 start-up that went public last year, largely competes with IP service switch vendors that have been snapped up by large manufacturers, such as Lucent's Spring Tide acquisition and the market-leading Nortel Networks' Shasta family of products. But the MPLS capability also brings the IPSX 9000 into the orbit of competition with carrier gear providing frame relay and ATM services, as well as customer premises gear supplied under carrier-managed IP VPNs.

Betting on all-in-one

CoSine officials are betting that service providers will spring for a network-edge platform that provides label switching and IPSec encryption all in one at the carrier site -- while eliminating the need for outfitting customer premises with their own security. "For a carrier, the notion of supporting a multinational corporation with [customer premises equipment (CPE)] is kind of scary," says David Messina, CoSine's director of product marketing.

Join us:






NetworkingWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question