[bdNOG] Cisco VPN Router

Md. Khairul Alam khairulbd at yahoo.com
Fri Nov 15 22:14:13 BDT 2013 

Hi,

I think the the technology using by the SP is not the main concern of the banks. Banks should have own policy to secure the data transmission between HO and branches. As a customer I must want the maximum availability of the link from the SP and choose the security technology in my routers.

For small branches most are using 1900 series with K9 license I guess and 2900 series for larger bandwidth requirement.

Thanks very much bdNOG for giving us the opportunity to share.

BR//Khairul
--------------------------------------------
On Fri, 15/11/13, Aniruddha Barua <aniruddha.barua at colbd.com> wrote:

 Subject: Re: [bdNOG] Cisco VPN Router
 To: "NOG list, bdNOG" <nog at bdnog.org>
 Received: Friday, 15 November, 2013, 6:33 PM
 
 
 
  
  
 
 
 
 Dear Mr. Momen,
 
 
 
 I believe you are asking the question considering the
 entire architecture, not just from the customer (Bank) or
 the provider (SP) point of view. If a bank wants to connect
 their branch routers in Layer 2 over SP network, the SP has
 to give them either GRE based tunnels (Mikrotik's EoIP
 or PPTP-Bridge etc., are common technics) or MPLS Layer 2
 (EoMPLS, VPLS etc.). If a bank wants to connect the branch
 routers in Layer 3 over SP network, the SP can give them
 anything from simple routing (Static or Dynamic) to plain
 VRF (i.e. VRF Lite) to MPLS Layer 3 to even dedicated fiber
 (this is too much though!!).
 
 
 
 To maintain information security and confidentiality,
 regardless of what the SP is providing in its
 infrastructure, the bank has to encrypt-decrypt (mostly with
 IPSec) its traffic in between its routers, which will pass
 through either the Layer 2 tunnels or the Layer 3 routed
 paths provided by the SP.
 
 
 
 My question to all is, should banks demand a specific
 technology like VRF or MPLS or any other from the SP as long
 as their requirements are met perfectly well by the SP using
 its current technologies?
 
 
 
 bdNOG mailing list is on the jazz today. Regards to
 all,
 
 
 
 ANIRUDDHA BARUA 
 
 
 
 Email: aniruddha.barua at colbd.com, cto at colbd.com 
 
 
 
 Cell: +880.1713.111222 
 
 
 
 Web: http://www.colbd.com 
 
 
 
 
 
 
 
 ---------- Original Message 
 -----------
 
 
 From: Abdul Momen <abdulmomen918 at gmail.com> 
 
 
 
 To: ariful.islam at totalofftec.com 
 
 
 
 Cc: nog-bounces at bdnog.org, "nog at bdnog.org"
 <nog at bdnog.org> 
 
 
 
 Sent: Fri, 15 Nov 2013 17:22:33 +1000 
 
 
 
 Subject: Re: [bdNOG] Cisco VPN Router 
 
 
 
 
 
 > Thanks everyone. 
 
 > 
 
 > I believe it is mostly ipsec (CPE 
 router) inside GRE(PE router)? Is it possible to get VRF
 instead of GRE on PE 
 router.
 
 > 
 
 > Thanks & regards
 
 > 
 
 > 
 
 Momen     
 
 > 
 
 > On Fri, Nov 15, 2013 at 4:37 PM, Arif @
 TOTALOFFTEC 
 <ariful.islam at totalofftec.com>
 wrote:
 
 > 
 
 I have fortinet wifi router.
 
 > 
 
 -arif- +8801678005123 
 . Apologies kept short sent from my BlackBerry® smartphone
 - Airtel
 
 > 
 
 
 > 
 
 -----Original Message-----
 
 > 
 
 From: Nurul Islam <nurul at apnic.net>
 
 > 
 
 Sender: nog-bounces at bdnog.org
 
 > 
 
 Date: Fri, 15 Nov 2013 06:17:25
 
 > 
 
 To: fakrul at dhakacom.com<fakrul at dhakacom.com>;
 nog at bdnog.org<nog at bdnog.org>;
 Abdul Momen<abdulmomen918 at gmail.com>
 
 > 
 
 Subject: Re: [bdNOG] Cisco VPN Router
 
 > 
 
 > 
 
 Few more on the [UTF-8?]listÅ .MikroTik, Fortigate, What
 model? what 
 else?
 
 > 
 
 > 
 
 And obviously Cisco. (For the elite class I suppose. :).
 
 > 
 
 > 
 
 Regards
 
 > 
 
 > 
 
 -Roman
 
 > 
 
 > 
 
 On 15/11/13 3:42 PM, "Fakrul Alam" <fakrul at dhakacom.com>
 wrote:
 
 > 
 
 
 > 
 
 >Dear Mr Momen,
 
 > 
 
 >
 
 > 
 
 >Ya, it's mainly 800 series with K9 bundle. I know
 few banks who use 
 1900
 
 > 
 
 >series in metropolitan branches where there is higher
 b/w & pps
 
 > 
 
 >requirements.
 
 > 
 
 >
 
 > 
 
 >Thanks
 
 > 
 
 >
 
 > 
 
 >Fakrul Alam
 
 > 
 
 >
 
 > 
 
 >
 
 > 
 
 >On 11/15/13, 6:29 AM, Abdul Momen wrote:
 
 > 
 
 >> Dear bdnog people,
 
 > 
 
 >>
 
 > 
 
 >> I have a quick question. What are the commonly used
 VPN router used 
 in
 
 > 
 
 >>the
 
 > 
 
 >> bank brunches in Dhaka. I guess CISCO831-K9 still
 used in some 
 places.
 
 > 
 
 >> Correct? What are other cost effective
 alternatives.
 
 > 
 
 >>
 
 > 
 
 >> Regards
 
 > 
 
 >>
 
 > 
 
 >> Momen
 
 > 
 
 >>
 
 > 
 
 >>
 
 > 
 
 >>
 
 > 
 
 >> _______________________________________________
 
 > 
 
 >> nog mailing list
 
 > 
 
 >> nog at bdnog.org
 
 > 
 
 >> http://mailman.bdnog.org/mailman/listinfo/nog
 
 > 
 
 >>
 
 > 
 
 >_______________________________________________
 
 > 
 
 >nog mailing list
 
 > 
 
 >nog at bdnog.org
 
 > 
 
 >http://mailman.bdnog.org/mailman/listinfo/nog
 
 > 
 
 
 > 
 
 _______________________________________________
 
 > 
 
 nog mailing list
 
 > 
 
 nog at bdnog.org
 
 > 
 
 http://mailman.bdnog.org/mailman/listinfo/nog
 
 > 
 
 
 
 ------- End of Original Message 
 -------
 
 
 
 
 
 
 
 
 
 -----Inline Attachment Follows-----
 
 _______________________________________________
 nog mailing list
 nog at bdnog.org
 http://mailman.bdnog.org/mailman/listinfo/nog

More information about the nog mailing list