As more and more people rely on the ability to communicate data electronically, there is a growing dependency by firms and organizations on the computer networks used to connect its users to each other. For many businesses that have geographically distributed employees, customers and strategic partners, integrating and on-going management of the corporation's computer networks is a major and increasing challenge.
In general, global businesses and organizations have disparate requirements for data network services. There are several approaches to solving a business' network service requirements. One approach is to interconnect a company's offices or various site locations with dedicated or private communication connections via a wide area network (WAN).
An advantage of this traditional approach to building a customized private network is that it is generally owned and managed by the corporation; management of the network along with control of computing resources, is centralized. Another advantage is improved security of the network against unauthorized access.
However, a major disadvantage of a corporate-owned and controlled private network is the extremely high total cost of procurement, design, implementation, operations, management, skill retention, and facilities related to private networks. Also, private corporate networks are oftentimes underused as the dedicated resources must be configured to handle the peak capacity requirements of the business.
In an attempt to reduce costs and enhance their competitiveness, some companies chose to deploy some business applications over the public Internet, a second approach to solving a business' network service requirements. In other words, rather than undergoing the considerable expense of constructing a private network of dedicated communication lines, some companies opt to employ the Internet to facilitate communication between various remote sites.
An advantage of using the Internet as a transport mechanism is the Internet's ubiquity; Internet access is worldwide. It is also convenient. However, a major disadvantage is that the Internet is a public network. Data propagation is indeterminate, security is relatively low and performance is not guaranteed. Electronic communications are susceptible to interception, modification and replication by third parties, essentially compromising proprietary and confidential internal corporate communications.
Because the potential business related damage resulting from security breaches and unreliable performance has become such a critical factor in network services, companies often seek an alternative solution to the Internet to obtain virtual private network (VPN) services with a high degree of security and performance assurance.
As a practical matter, there are two approaches to providing VPN services today: “on-net” or “off-net”. These VPN services are generally a premium service offered by a service provider where a firm or business contracts with the service provider for a specified VPN service.
In the on-net approach, typically a service provider offers VPN service on its own network infrastructure only. An advantage of on-net service is that it does not require collaboration among multiple service providers, and generally uses standard service provider products and services only. However, a major drawback is the limited reach of a sole service provider's network. One service provider on its own often cannot offer service to corporate sites in all cases.
When a subscriber's requirements extend beyond the service provider's infrastructure, an off-net approach is used that sometimes employs the Internet to provide basic, easy-to-implement and easy-to-administer off-net capabilities. Alternatively, two or more service providers may collaborate which may involve some integration of transport networks, operations systems and business systems. Of course, a service provider may choose to extend its reach by building its own network to reach the off-net sites. But this often proves expensive.
The problem with one or more of the above-mentioned conventional approaches is difficulty of implementation. Significant time and coordination is required to arrange new service provider partnership(s), and to interconnect network(s) and/or technologies and/or configurations and/or operations systems and/or business systems. For example, a service provider must undertake to coordinate field support of off-net gateways with one or more third party groups. Additionally, the integration of operational and business systems to make the collaboration viable is complex and costly. Moreover, once set-up, the complex interconnections are difficult to change.
Another problem in one or more of the prior art approaches is the significant investment of financial resources. The cost of implementing and maintaining an off-net computer network, for example, is high. These high costs are compounded by the high costs for long distance charges for leased lines and switched services. In addition, the number of support staff necessary to manage these networks further increases the costs to manage them.
Yet another problem in one or more of the prior art approaches is non-deterministic route propagation. The route by which data communications travel from point to point over a public network, such as the Internet, can vary on a per packet basis, and is essentially indeterminate. This prevents per customer design, implementation and monitoring, essentially preventing a service being engineered to meet an individual customer's need. It also prevents differentiation between customers because per-customer state/status is not maintained throughout the network.
Yet another problem in one or more of the prior art approaches is unreliable network performance. There are little or no controls in the way that users use the Internet, for example. This generally means that one customer's use of the Internet may be adversely affected by another customer, for instance.
Yet another problem in one or more of the prior art approaches is the low level of data security. The data protocols for transmitting information over a public network, such as the Internet, are widely known. Consequently, electronic communications over the Internet are susceptible to interception. Packets can be replicated or even modified by unauthorized users.
Yet a further problem in one or more of the prior art approaches is significant delays in restoring service to customers. A significant number of performance-related faults occur at the interface between the off-net gateway and the off-net transport service, for instance. These problems prove very difficult to resolve and, again, the extending service provider must undertake to coordinate fault resolution with the off-net transport supplier.
Yet a further problem in one or more of the prior art approaches is lack of effective monitoring to determine whether one or more service providers are providing acceptable or unacceptable service. This creates a bottleneck for proper billing, settlement, fault-finding and fault resolution.
Yet a further problem in one or more of the prior art approaches is lack of service guarantees provided to customers. Fault resolution, a service guarantee highly valued by corporate customers, is often haphazard, without procedure, based on goodwill, and of indeterminate duration. This generally results in unacceptably long delays for VPN service to be properly restored.
These and other problems are shortcomings for which there is a need to overcome.