Agility Blog

What are the Benefits of Point-to-Point Ethernet Versus VPN

Written by Mike Terry | Nov 7, 2018 4:59:32 PM

With the introduction of SD WAN (software defined networking) VPNs have made a come back. But before you consider scraping your private network for the latest VPN technology consider the following benefits of Ethernet Private Line.

 Private connectivity vs encrypted traffic

Point-to-Point Ethernet networks are formed by connecting each site to other sites using fiber lines that are leased by service providers. Often referred to as MOE (Metro Optical Ethernet) this is a private connection type capable of speeds in excess of 10GB per second. It is also typically a layer 2 handoff so no routing is necessary unless wanted. It allows all sites to communicate to each other and can either be connect to a branch router or being that it is layer 2 can be connected directly into a switch.  Its essentially an extension of your LAN to wide area locations. It is the most secure because it is physically private network with no connectivity to the public Internet.

By contrast, a VPN traverses a public network, namely the Internet and uses encryption to protect from hackers. Usually a firewall of some sort is placed on each end and an encrypted tunnel is created allowing that branch site to connect to the corporate office or data center.  Today VPN has been upgraded by SD WAN devices which basically do the same thing however more than just create an encrypted tunnel they also allow for multiple circuits to load balance or failover if the Internet circuit becomes un-reliable. In addition there is now the addition of cloud controllers which allow the management of multiple locations as well as routing capabilities not previously available. VPN has improved dramatically but the downside is it is less secure and still subject to the flaws of Internet reliability.

Although the security of VPN has greatly improved Private Ethernet is still the most secure networking available offering a physically separate network with no public access.

 

High Speed and traffic prioritization

Ethernet service allows tagging of packets and traffic prioritization. What that means is voice traffic or any other mission critical application can get bandwidth priority to ensure reliable, consistent performance. Ethernet offers speeds in excess of 10 Gigabit per second. 


VPN traditionally does not allow any traffic prioritization and the speed is dependent on Internet availability. Often times branch offices use broadband DSL or cable connections and speed is limited however if there is fiber present Internet speeds can reach 1Gigabit or more.  SD WAN has also fixed the traffic prioritization issues of VPN. Administrators can now manage and prioritize traffic in the cloud via a controller in the carriers network.

Quality of Service QOS continues to be a superior advantage with metro ethernet.

 

Reliability and SLA

Ethernet private line or MOE is dedicated bandwidth with service level agreements guaranteeing the reliability of the service. VPN is best effort using the Internet as transport. SD WAN now allows customers to connect multiple carrier circuits allowing some redundancy but are still subject to the performance of Internet which is not guaranteed but best effort.

Again if high reliability is mission critical Ethernet is best option.  

Cost Effectiveness

This is where a hybrid network makes the most sense using both technologies. First of all the cost of Fiber has gone down dramatically in the past 3 years. 50mb private connections such as MPLS or Ethernet private line which used to lease for $3-5,000.00 per month just a few years ago can now be found for $7-900 a month or less.  That makes the benefits of security and reliability very compelling. However there are often times satellite branch office locations where fiber is not readily available or its expensive. This is where an SD WAN site can come in handy. By using wireless and broadband a remote site can still get 50-100 mb bandwidth and using VPN technology such as SD WAN connect back to the corporate site with some level of redundancy. In most cases SD WAN will be a less expensive solution based on the cheap cost of Internet for example a 100mb cable broadband connection runs about $180 and a wireless 100mb connection maybe another $150 plus the cost of the SD WAN service $250 for a total of $580.  

When the differences are apparent, decisions for an organization are easier. Security and reliability are the primary reasons companies will want to deploy private networks over VPN based networks. However often times hybrid networks make the  most sense when it comes to scaling a complete wide are network. The good news is cost keeps getting cheaper for both solutions and the technology keeps getting better. When all of the different options are considered, a better decision can be made so don't just jump on a cost reduction bandwagon, deploy both technologies where they make sense and take advantage of those reduced costs of fiber to get the most bang for your buck.