Administrators of local area networks (LANs) frequently purchase network services, such as Internet access or network management services, from entities known as network service providers. To receive these network services, a customer must connect its LAN to the network service provider's LAN, which presents several security concerns. Among these concerns are unwanted infiltration of the network service provider's LAN by its customers and by other outside entities, unwanted access to a customer's LAN by other customers, and unwanted interception of information passing between the network service provider and its customers.
The network service provider often deals with security concerns such as these by erecting firewalls or providing dedicated connections to its service machines. In general, these solutions require a dedicated firewall for each customer or a private connection for each customer to each service machine.