You can connect between your organizations (such as a head office and branch offices) geographically with our site-to-site VPN service.

IT-Kwest provides two types of site-to-site VPN service:

• VPNs that allow connectivity between sites of a single organization (Intranet VPN)
• VPNs that allow connectivity between organizations (Extranet VPN)

A number of technologies and protocols are used to enable site-to-site VPNs. It-Kwest uses the following protocols and technologies to enable site-to-site VPNs:

• IP Security (IPsec)
• Generic Routing Encapsulation (GRE)
• Draft Martini
• Layer Two Tunneling Protocol version 3 (L2TPv3)
• IEEE 802.1Q tunneling (Q-in-Q)—802.1Q
• MPLS Label Switched Paths (LSP)

The categories of Service Provider Provisioned Site-to-Site VPNs services provided by IT-Kwest are:

• Point-to-point (P2P) circuit-based VPNs or Virtual Private Wire Service (VPWS) VPNs
• Multipoint-to-multipoint (M2M) VPNs
• Virtual Private LAN Service (VPLS) VPNs
• IP-Only LAN Service (IPLS) VPNs
• PE-based VPNs
• Virtual Router (VR) based
• CE-based VPNs

We provide provisioned site-to-site VPNs using:

• VPWS, VPLS, and IPLS
• BGP/MPLS, VR, IPsec, GRE, and IP-in-IP

We deploy customer provisioned site-to-site VPNs using:

• IPsec
• GRE
• IP-in-IP

The following are the most important technical considerations that IT-Kwest performs before deploying site-to-site VPNs:

• Ensuring the point-to-point or multipoint connectivity is inherent.
• Checking the provision to deploy a full range of topologies
• Considering the scalability factor to deploy a VPN with a large number of sites
• Geographic reach on service provider backbone and internet
• Verifying traffic security for authentication, encryption, replay attacks and resistant to insertion attacks
• Inherent multicast support supported across the VPN
• Inherent multiprotocol transport
• Quality of service (QoS) support to differentiate levels of service for voice, video, and data applications