Skip to site navigation

IP VPN v IPSec

Zen's IP VPN (Internet Protocol Virtual Private Network) offers the same level of security as legacy Frame Relay and ATM private networks but at a fraction of the cost. It offers significant performance benefits over internet based IPSec VPNs as no complex tunnels need to be created and managed between sites.

Unlike IPSec VPN's data passing between sites in an IP VPN does not need to be encapsulated improving speed of information transfer and reducing overall bandwidth requirements. Sites within the IP VPN are also more secure as they cannot be accessed directly from the public internet offering a significant increase in security when compared to IPSec VPN.

Zen's IP VPN also offers much better scalability as sites can be added within standard provisioning times without reconfiguration of CPE at existing sites and complex configuration of new CPE offering operational cost savings. Traffic engineering within the core network also ensures priority of critical traffic between sites with 24/7 network monitoring in place to ensure maximum reliability.

A comparison of IP VPN technology and IPSec VPN technology is illustrated below:

  IP VPN IPSec VPN
Topology Virtual mesh topology. Mainly hub-and-spoke.  Mesh topology complex to implement and manage.
Authenticating Users Only specific circuits can access the IP VPN. Authenticates through digital certificate or pre-shared key.
Confidentiality Inter-site traffic completely separated from public traffic.  Offers same level of security as Frame Relay or ATM networks. Uses a flexible suite of encryption and tunneling mechanisms to transfer data over public Internet.
Quality of Service (QoS) Guaranteed Quality of Service (QoS) within network including traffic-engineering capabilities. Limited Quality of Service (QoS) features.  No guaranteed performance.
Scalability Highly scalable because no site-to-site peering is required.  Sites easily added and removed without complex configurations.  Capable of supporting thousands of locations. Scalability becomes challenging for a large, fully meshed IPSec VPN deployment.  Will require detailled planning and coordination.
Management WAN managed by Zen.  No complex configurations to manage.  Network reporting features and technical support ensure performance of network. Site to site tunnels require complex configuration and management.
Remote access Yes, can include remote workers as part of IP VPN or connect into IP VPN via firewall using IPSec, PPTP and SSL VPN. Yes, IPSec client required for remote workers.
Provisioning Requires one-time provisioning to enable the site to become a member of the IP VPN. IPSec tunnels require configuration to connect each new site.
VPN client Clients are not required because IP VPN is a network-based VPN service. A client is required for each mobile device but not for LAN to LAN VPNs.
Performance Data transmitted in its raw form enabling fast packet delivery. Overhead introduced from encryption - in terms of additional data in encapsulation and processing.
Pricing No expensive on-site firewalling.  Network managed by Zen freeing up IT resources. Inexpensive on small scale.  Expensive to scale as firewall required at each location with additional costs associated with configuring and managing IPSec tunnels.

Want to find out more?

For further information on our IP VPN solutions, and to discuss your objectives and network requirements with a member of our Sales team call 0845 058 9000 or fill in the enquiry form.

Skip to site navigation