Replacing ATM frame with MPLS for educational facilities

Unanswered Question
Feb 6th, 2007

I currently have an ATM frame in place with 2 hub locations where my frame PVC all come back to for corporate apps and Internet. I want to implement MPLS and am nervous about the any to any when a virus were to spread from one remote site to another while not infecting a hub site and go undetected.

Cisco's proposal is to ASA at the hub sites all remote traffic and remove the any to any theory of MPLS with routing to a hub site.

How will this impact performance, routing, VoIP or any future network plans?

I don't want unecessary traffic to the hub sites if I don't have to, but I want it a secure as possible.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
keegan.holley Mon, 02/19/2007 - 09:20

I can understand your concerns about the security aspects of the any-to-any aspect of mpls. However, the ability to offload external traffic from your core to your ISp's is worth considering. Also you could deploy desktop solutions such as ISS (IDS/IPS) and a more resilient virus scanner to combat the security concerns. In the current hub-and-spoke topology your discovery of the new virus may happen when it takes your hub site down.


This Discussion