Point to Point Fiber Optic Connections

By: John Shepler

Say you want to link two business locations securely and with medium to high bandwidth. Do you use the Internet for this or…

The Advantage of Private Lines
The Internet has two big advantages: It goes almost everywhere on Earth and access is relatively cheap. Unfortunately, the Public Internet also has a couple of big limitations: Performance is iffy and security is genuine worry.

What’s better? Private lines. Particularly, dedicated point to point private lines. They’re called private because they really are.

Security is ratcheted up orders of magnitude because it’s really hard to hack into something where you have no access. Remember the old spy shows where someone surreptitiously taps into a phone line by connecting directly to the wires? That’s what it takes to get into a private line. You need access to the physical connections themselves. There’s none of this packet snooping on an Internet connection or, worse, over WiFi.

Want to make it even harder to get into your network? Go with fiber optics instead of wires. Even harder? Encrypt your data too. That’ll stop the little snoops in their tracks. Now they’ve got to get physically into your connection somewhere along the line and then break your encryption before they get caught. Good luck with that.

Security is Great. How About Performance?
You really can’t improve over private line performance unless you actually own the network from end to end. That’s actually a possibility. Of course, your LAN is limited to your building or campus. You’ll likely not be able to afford to string wires or trench fiber across town to link separate locations. But you may very well be able to lease dark fiber. If you install your own termination equipment, you pretty much have control over the entire link.

Most of us don’t need to go to that extent. We can lease point to point private line connections at just about any bandwidth we need. As long as you acquire enough bandwidth, network congestion should never be a problem. Packet loss, jitter and latency are minimized with dedicated private lines. There’s no traffic on the link other than yours.

You won’t get that performance consistently on the Internet. The Internet was designed to be robust in the face of line cuts and equipment failure. That’s a great goal, except you may find that your packets take varying routes even between two fixed end points. The packets will almost always get there with TCP/IP… eventually. That’s why real-time applications like VoIP telephone and video conferencing perform much better over private lines.

What Private Line Services are Available?
The two big contenders are SONET and Carrier Ethernet over Fiber. Yes, you can still get T1 lines and they work great. Bandwidth is a limitation, however, T1 is 1.5 Mbps. Bonding T1 lines will get you up to 10 or 12 Mbps, but that’s it. Even at 10 Mbps, fiber is a better deal if available. Fiber bandwidth start at around 10 Mbps and go up to at least 10 Gbps in most areas. For multiple locations or international connections, MPLS networks are an excellent choice.

About SONET Fiber Optic Bandwidth
SONET is the original switched circuit technology used for fiber optic transmissions. It’s implemented on a pair of fibers with a ring topology. That’s for reliability. If one fiber gets cut, the other picks up the load within 50 mSec and keeps going.

SONET is at the core of many networks, especially the legacy telco networks. The most basic service available is OC-3 at 155 Mbps. Other popular levels are OC-12 at 622 Mbps and OC-48 at 2.4 Gbps. Even T-Carrier DS3 service at 45 Mbps that is delivered on coaxial cables travels most of the way multiplexed over OC-3 fiber service.

SONET is a very mature and reliable technology. It’s the way most companies moved into fiber optic bandwidth when copper wireline just couldn’t cut it anymore. Prices have dropped dramatically over the last few years. Even so, there is a more flexible and cost effective solution available today. That is Carrier Ethernet.

Ethernet over Fiber Bandwidth Advantages
If you are wondering why Ethernet over Fiber is taking over the world, you need look no further than you own LAN. Ethernet is the dominant, pretty much universal, protocol used for computer networks. Electronic communications once was analog phone calls. Now the lion’s share of the traffic is digital data and the majority of that is IP video.

Carrier Ethernet, also called Ethernet over Fiber or EoF, is an extension of the LAN standards to make them work over long distances on common carriers. Ethernet has the advantage of directly interfacing to LANs with no protocol conversions required. Unlike SONET, it was designed to be highly scalable. You can get just about any bandwidth you want and upgrade or downgrade it quickly and easily.

Ethernet is also generally less expensive, Mbps per Mbps, than SONET or even the lower speed wireline services. Nearly all businesses can afford 10 Mbps EoF. Most go for 100 Mbps Fast Ethernet. Both GigE and 10 GigE are popular with more demanding applications and larger companies.

How do MPLS Networks Provide Private Lines?
MPLS or Multi-Protocol Label Switching networks are Wide Area Networks that are based on a propriety routing technology called label switching. It’s unique to these networks and hard to hack. That’s why MPLS is also known as MPLS VPN or virtually private networking.

Yes, MPLS is a multi-tenant network and not strictly a private line. However, MPLS networks serve a limited number of paying customers and are carefully managed to ensure that each customer has the resources committed to it at all times. You often even have the advantage or “burst” or use more resources than you have committed to as long as excess capacity is available.

Why MPLS? As large private networks, MPLS offers the opportunity to connect many locations at a lower cost than using multiple private lines. The cost advantage is such that it’s often better to use MPLS rather than dedicated private lines for even two internationally separated locations.

Your Best Bandwidth Option
Which bandwidth solution is right for your business? Before you choose, compare performance commitments and prices for SONET, Ethernet over Fiber and MPLS private line solutions


Note: Products with the point to point fiber laser data light burst design shown on this page, along with many other computer and networking themes, are available through the Gigapacket Tech Gifts Store.

Cyber Security Threat Protection In the Cloud

In days of yore, when castles were in vogue, the nobles found that massive stone fortifications were not enough to secure them from determined invaders. What they did was to ring the castle grounds with a deep water-filled ditch called a moat. This effectively prevented sieges from battering rams and tunneling under the castle walls. The lesson here is that your infrastructure is much easier to defend if you don’t let the bad guys anywhere near the main line of defense.

Now let’s fast-forward to the 21st century and see how these medieval lessons-learned can protect our networks. Our massive stone castle wall is now a firewall. It’s effective in preventing most penetrations into the network. Like real stone fortifications and wooden gates, that firewall can only hold out so long against massive assaults at the network edge. What we need is a modern day moat. This is an electronic moat, of course, and it needs to surround our network but not be in it. Where can we get that layer of protection? How about in the cloud?

The cloud might just be the perfect first line of defense for local networks. It’s an idea that makes so much sense that MegaPath, a major networking service provider, is taking exactly that approach in a solution they call Unified Threat Management (UTM). This suite of managed security services can be implemented completely in the cloud, completely on-site or within a hybrid private/public configuration.

MegaPath’s UTM suite is offered in the form of Security as a Service (SaaS). It’s a multilayer approach that can easily fend off unsophisticated attempted break-ins and stand up to higher threat blended attacks. This suite also coordinates security alerting, logging, reporting, compliance and response.

What’s in the SaaS suite? It starts with an advanced firewall that features deep packet inspection with up to 500 firewall policies. Intrusion prevention features multi-layered and blended attack detection that handles both known and unknown threats. A powerful anomaly detector identifies and stops zero-day threats to all network types, including wireless.

No good network security system would be without anti-virus and anti-malware these days. This one has both signature and rules based blocking. Anti-spam deals with the onslaught of unwanted messages and deletes or simply tags them depending on your policy. There’s nothing like having to work your way through hundreds or thousands of spam messages each day to kill employee productivity.

Speaking of productivity, just what are all those employees browsing on the Internet anyway? Make sure their time is spent on company sanctioned activities with white and black lists and policy-based content filtering. Web application control goes a step further to give you precise control of apps like IM, chat, and voice or video on social media sites.

You’ll have data loss prevention with real time detection and prevention of your sensitive company data being transferred outside the company. That includes credit card, healthcare or financial data that is literally worth its weight in gold. Vulnerability scanning checks internal and external IP addresses to find and fix vulnerabilities in real time. Quarterly scans are implemented for PCI compliance. File integrity monitoring watches for unauthorized access or changes to critical system or configuration files.

Managed logging and security information management round out the MegaPath SaaS suite. These collect data and provide the alerting, reporting and archival you need for proper management. Portal based workflow management and tracking demonstrates due diligence in meeting organizational security policies and compliance reporting.

Are you feeling a bit vulnerable with the limited firewall and virus protection you have now? Sadly, the cost of one major breaking can far exceed the amount you’d spend preventing it with an effective cyber security solution. Now would be an excellent to investigate managed security services from MegaPath and other top tier network service providers.



Note: Photo of medieval castle and moat courtesy of Christophe.Finot on Wikimedia Commons.