Vendors Bring SLAs to VPNs

Virtual private network (VPN) service providers are beginning to offer service level agreements (SLAs) for VPNs. This movement toward IP-based SLAs is taking place on both the hardware manufacturer and service provider fronts.

Cisco Systems Inc., for instance, announced new VPN solutions that offer Multi Protocol Label Switching (MPLS) and Cisco Service Management System (CSM) for VPNs. These solutions help service providers offer secure VPN services that deliver IP quality of service and end-to-end SLAs.

The two new Cisco solutions include enhanced management and provisioning functionality through CSM, a suite of network and service management applications for reducing the cost associated with maintaining the network. The company says CSM allows service providers to provision and manage intranet and extranet VPNs seamlessly, resulting in cost savings for customers.

Also, UUNET ( and Xedia Corp. ( announced a partnership, at Networld + Interop ’99 in Las Vegas, that will bring service level agreements to IP-based VPNs.

Under the terms of the agreement, UUNET will offer the end-to-end, fully managed UUSecure VPN for dedicated access with high-speed Internet connectivity, ranging from ISDN to T3s, to provide communications between a company's branch offices or with its partners, suppliers and vendors.

Xedia's Access Point QVPN routers will be deployed as UUSecure VPN access equipment that resides at the customer premises, providing a secure end-to-end connection with granular service level management and control among the VPN sites. With Access Point QVPN, UUsecure VPN will provide customers with a one-box solution for dedicated and dial connectivity, end-to-end tunneling and encryption with VPN monitoring and reporting.

The UUSecure VPN service accommodates scalability for large-scale, meshed Intranets as well as hub and spoke extranets. It also will provide bandwidth management technologies for outbound packet prioritization for optimal use of bandwidth by year's end. The bandwidth management feature helps customers prioritize packets by applications or user groups. For example, network managers can ensure that bandwidth needed for business-critical applications is allocated to higher-priority applications than Web browsing.

The new service will be supported by global VPN SLAs and standards-based IPSEC encryption and tunneling.

John Freeman, principal analyst at market research firm Current Analysis (, says guaranteeing levels of service across IP, at least in a fashion similar to the way it is offered across frame relay, has been nearly impossible. There are factors outside the control of service providers that make it unrealistic. IP traffic, for instance, travels across many service provider’s backbones, so one company cannot feasibly guarantee the services of another.

"This agreement is UUNET saying ‘we guarantee that a specific type of application will get specific performance results, on a per-connection basis,’" Freeman says.

Freeman points out that the market is headed in this direction. In addition to Cisco and Uunet, Nortel Networks ( ) and Newbridge Networks ( are working on solutions, and CoSine Communications ( recently announced a solution.

"Enterprise traffic is moving to IP, so it’s better to create SLAs for IP than write it in frame relay and extrapolate the usable parts for IP," he says.

Must Read Articles