Summary

This chapter discussed security within an NGN framework and pointed out the Cisco IP NGN vision and architecture overview as an example. Additionally, it identified the three security pillars of architecture, implementation, and operation and the relationship of these three pillars to MPLS security. We explored the security aspects of MPLS and defined common requirements that VPN users have for a VPN service. We have further explored the attack scenarios and recommended best practice guidelines.

The result is that, based on the architecture described in RFC 4364, MPLS VPNs (BGP-VPNs) can be provided securely, meaning that

• VPNs are separated (addressing and traffic).

• The core is protected from miscreant intrusions.

• Protection against VPN spoofing exists.

• The core is invisible to the VPN user.

In general, MPLS VPNs provide equivalent security compared to traditional Layer 2 VPNs, such as ATM and Frame Relay.

We also examined the architectural security of Inter-AS and Carrier's Carrier architectures. Although CsC networks are quite secure, care must be taken with Inter-AS scenarios when connecting different carriers because not all architectures provide the same level of security between providers. Furthermore, a customer can deploy IPSec and MPLS because these are not competing technologies.

A number of issues exist that MPLS VPNs do not address. Amongst those are the internal security of a VPN, attacks from the Internet into a VPN, and VPN data confidentiality. These issues are independent of MPLS and have to be solved separately.

MPLS VPN networks are secure only when the network implementation is correct and when the network is operated correctly.