Inherent Security Capabilities
An MPLS VPN service offering allows a service provider to utilize its Layer 3 backbone to provide a common infrastructure that customers can share, supporting the paradigm of “Build Once and Sell Many.” To facilitate such a service, the service provider must rely on the inherent security capabilities that were built into MPLS from day one of its inception. These capabilities have been previously explained in Volume 1 of MPLS and VPN Architectures; however, it is appropriate to revisit some of them so that we can evaluate MPLS from a security perspective. These inherent security capabilities can be categorized as follows:
Address space and routing separation
No visibility of the core network
Resistance to label spoofing ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access