Inherent Security Capabilities
An MPLS VPN service offering allows a service provider to utilize its Layer 3 backbone to provide a common infrastructure that customers can share, supporting the paradigm of “Build Once and Sell Many.” To facilitate such a service, the service provider must rely on the inherent security capabilities that were built into MPLS from day one of its inception. These capabilities have been previously explained in Volume 1 of MPLS and VPN Architectures; however, it is appropriate to revisit some of them so that we can evaluate MPLS from a security perspective. These inherent security capabilities can be categorized as follows:
Address space and routing separation
No visibility of the core network
Resistance to label spoofing ...
Get MPLS and VPN Architectures, Volume II now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.