April 09, 2001, 1:36 PM — Curious about the state of the VPN scene, I recently looked up Jonathan Cohen, director of Advanced IP Network Services for AT&T's Data and Internet Services group.
Cohen says companies using ATM, frame relay and private lines are biting hard on the notion of Internet-based VPNs because the companies think they're less expensive. It turns out that isn't always the case.
Cost depends on many things, such as whether the VPN will be implemented in edge devices or delivered as a managed service by a carrier, and what it will replace. For example, VPNs are usually less expensive than private lines but not necessarily less than frame relay.
Regarding the build vs. buy decision, Cohen says "customers that look at total cost of ownership would be hard-pressed to match the reliability and functionality of a private VPN that's done in the core of the net. But, if they have to make all kinds of changes to the net and need incredibly flexible security policies, the utility of a net-based solution may not meet their business requirements."
Most interesting is where he sees VPNs going. He says the future is in integrated VPNs that mix and match transport technologies.
An automotive company, for example, will likely have a frame relay or ATM backbone (that will ultimately migrate to private IP over a Multi-protocol Label Switching core) and 'Net-based links to dealerships. Management functions will be served from one virtual central console.
"That console will provide a single point of control, a single view of all the logical elements," Cohen says. "The development goal is to get to a common set of provisioning, care and life-cycle management systems that give you a single logical view of your environment."
How far away is this nirvana? Cohen says AT&T is already working on many of the underlying subsystems. "We'll probably be doing some testing in-year," he says, although admits it will be some time before this becomes product.
"The future of VPNs is making them truly software-defined networks," he says. "The things we were so successful doing with the voice SDN will become the model for the data SDN."
Providing AT&T can deliver the bandwidth and latency guarantees this kind of integrated environment would require, this vision seems pretty compelling.