VPN & WAN Solutions

Private VPN Solutions

Resellers can benifit hugely by offering their clients VPN/WAN solutions. This value added service operates over the USIC broadband network as a fully managed solution. USIC will provide the reseller with the required hardware and service, pre-configured for the client. This makes a roll-out easy to plan and manage and also means that it can be supported centrally too.

As with all of our resller solutions, USIC remain transparent to the end user, as far as they are concerned you are providing this service directly

DSL WAN

A private DSL solution allows clients to build a managed wide area network environment utilising the USIC DSL netowrk.

End points at client sites can be either ADSL or SDSL if symmetric bandwidth is required, perhaps for a hosted application in a head office.

The private DSL solution does not operate in the same way as other VPN solutions that rely on unnecessary and expensive hardware at each site.
Sites are invisibly and privately tunnelled through the USIC DSL network and connected to the core WAN routers and isolated from the ‘Internet’.
Sites are provided with a pre-configured router that is set-up to offer non-NAT routing to the WAN.
A range of internal IP addresses is allocated for all of the devices at each site.

The USIC WAN solution also provides full size Ethernet packets (and MTU if 1500) to travel accross the WAN. This isn't the case with any solution provided using hardware at each site becuase the VPN tunnel carries overhead on each packet, reducing the size of the real data that will fit into the packet. This causes fragmentation of Ethernet packets and affects the flow of traffic between sites.

End point ADSL is usually provisioned using one of the BT IPStream ADSL MAX products where sites can download at up to 8Mb and upload at up to 800Kb. The actual rates will depend on the line quality and distance from the serving telephone exchange.
In the future ADSL2+ services will also integrate with the system.

SDSL can be provisioned at up to 2Mb providing a symmetrical bandwidth. This is normally used where one of the sites needs to have a greater upload speed in order to serve data to the rest of the WAN. SDSL is usually provisioned over a LLU network, but in areas where this is not possible, BT Wholesale SDSL products are used.

Internet breakout can be provided in the data centre via a firewall gateway appliance. Additionally content filtering and rules based access control can be provisioned to restrict all or selected site access to the Internet (even down to per user). By provisioning the breakout in the data centre, Internet access for the WAN isn’t reliant on one of the VPN site’s connectivity (as it would be in a typical self managed VPN set-up).

Road warrior access. An important part of a VPN solution is the ability to allow selected users access to the network when away from one of the connected 'on net' sites. This is achieved by adding a VPN gateway to the WAN in the data centre at the core of the network. Users can access the network via an encrypted tunnel over the Internet, from anywhere in the world, and access the WAN as if they were at one of the sites.

Outgoing VPN calls can also be set-up allowing links from the WAN to other networks (as may be required to integrate with suppliers or contractors), via an encrypted secure tunnel.

Hosted services. The private VPN solution is a hub and spoke design, where each site in the WAN is a spoke while the hub is hosted in a secure London data centre. This arrangement lends itself to making certain services available from the central location. The key benefit of this configuration is that the head office WAN link does not become saturated due to having to handle traffic for all of the sites. Allowing for future expansion; when a new site is added to the WAN, the size of the links to existing locations do not have to be increased to compensate. Removing this bottleneck provides a reliable and fast link into core applications and shared services, for example VOIP servers, file sharing storage or Email/collaboration accounts.

Future expansion;

New sites can be added to the WAN with a short lead-time, assuming that a DSL service can be provisioned on an appropriate analogue telephone line.

Flexibility and reliability. There is a lot of flexibility built in to a managed solution which means that as your business grows, the service is able to evolve with you.

We are in control of all aspects of your service and this means that should there be a problem, we will know how to resolve it, without passing you around.

Enhanced care is a BT Wholesale service that allows us to raise faults 24/7. It also provides a 24 hour resolution of faults, rather than the standard 40 working hours, should they occur.

Monitoring: Your DSL sites can be monitored for connectivity 24 hours a day and should a fault be detected we will either automatically request the appropriate line tests or checks or notify the customer of a potential problem.

For larger scale VPN/WAN solutions with higher bandwidth requirements, USIC can provide resellers with bespoke quoatations for fibre or microwave based services too.

An example configuration is shown below;