How secure is MPLS
From Bandipedia
MPLS is highly secure. Its security is equivalent to that found in traditional Layer 2 networks such as Frame Relay or ATM. This is due to the fact that an MPLS VPN provides a customer complete segmentation from other customers that may be riding over the same carrier network. This is accomplisehd through a number of mechanisms:
- Virtual Routers (VRs): Virtual Routers are a component of a MPLS VPN that completely segements one customer's routes from anothers. It is located on the provider's network edge router (PE). Each customer's routes are logically separated from each other via a number of security mechanisms that are inherent to a VR. The net-net is that one customer's routes are not visible to any unauthorized outside party.
- Inner and Outer Labels: MPLS uses two sets of labels that completely encapsulate a customer's traffic as it rides across a carrier's backbone. This effectively provides two sets of secure tunnels that isolate a customer's traffic over the network. This is analogous to a PVC in Frame Relay with the exception that a PVC only provides a single layer of separation and MPLS utilizes two layers (an inner and outer label).
- Private IP Addressing: Because an MPLS VPN provides a customer a completely private network, the customer does not have to use public IP addressing to route between two physically separate sites. Each customer site simply pushes up its private IP addressing scheme to their Virtual Router. These routes are securely contained in the Virtual Router and are automatically and securely propagated to other customer sites that are mapped to the same Virtual Router. Consequently, there are no public IPs which are viewable or "pingable" from the public Internet.
What do you think about this page?
Comments are appreciated and assist in building this site.
We welcome comments, question, and suggestions in the following manner:
1. Click here to leave a comment.
2. Send an e-mail to wiki@bandwidth.com
3. Call 919-297-1069 and record your comments
