What is a VPN? Some vendors maintain that any network service deployed over shared infrastructure while appearing to offer exclusive use is a VPN—for example, a Frame Relay PVC with CIR riding over a provider's ATM backbone. Others equate privacy with security, and define VPNs as encrypted tunnels with access control and host or user authentication.
Lack of vendor consensus on this definition nearly two years after initial deployment left me wondering: What do ISP customers expect from an outsourced VPN service today?
Today's net consumer often begins with a web search; what he or she finds helps to shape customer expectations. So, to answer my question, I conducted a modest survey of ISP web marketing material, searching for "VPN" services. Information garnered was predominantly about big, national/global providers—not surprising, since they've been the trail-blazers in VPN outsourcing. What was surprising was that a number of clear trends and differentiators emerged.
Managed vs. Turnkey
Today's VPN services fall into two distinct categories: managed VPN services and turnkey VPNs. Rhythms NetConnections and Savvis are two ISPs that offer turnkey VPNs. These providers sell or rent customer premise equipment (CPE) for use with their local access facilities and backbone network connectivity. Customers install and manage CPE like FreeGate's OneGate and CheckPoint's Firewall-1, and then configure their own VPN. GTE, Pilot, Savvis, and MCI WorldCom offer managed VPN services that include CPE and network connectivity, plus 24x7 management and service-level monitoring. For a higher monthly recurring charge, these providers not only build your VPN, they operate it for you.
Different Maps for Different Apps
Expectations are also driven by customer application—remote access VPNs for travelers and teleworkers, site-to-site VPNs for intranets and branch office connectivity, and extranets that link business partners by spanning corporate network boundaries. Many top-tier ISPs offer separate remote access and site-to-site VPNs. For example, MCI WorldCom's UUSecure VPNSM connects customer sites with anything from ISDN to T3 into full mesh or hub & spoke topologies using Xedia's QVPN. But for remote access, MCI's UUDial uses an IndusRiver server at each site and dial-up client software on roaming PCs.
Extranet VPN services appear to be less common today. One example: Pilot's Corporate Partner Networking (CPN) allows participants to dial one of seven Pilot Network Security Centers, where a proxy server controls access by group and user.
http://www.isp-planet.com/technology/vpn-customers-a.html