[Cgirl]

If a customer wants a VPN device, what exactly (in laymans terms please) is that? I have looked it up on the web but am not getting the whole jist of what it exactly is? :confused: Also they want us to manage their firewall. Can you explain this also. SOrry, just beginning to learn what this stuff means. Any answers would be MUCH appreciated. :)

[Cgirl]

Oh and we are also CO-locating their rack servers, but does this have anything to do with the other?

[ScottGem]

VPN stands for Virtual Private Network. It's a way of tunneling through the Internet creating a secure and private channel. VPNs can be totally software, or they can use a hardware device on one or both ends (usually on the server end).

A Firewall is hardware and/or software that protects a system from outside attack.

If you are co-locating their servers then you would be responsible for security meaning the firewall. Since you have the servers in your data center, you need to provide a way for them to securely access them. That's where the VPN comes in.

[Cgirl]

OK, now I am getting it. Now why can't the definitions on the internet be more layman friendly like that?? :) Thanks!

[Curlyben]

Cgirl you need to bookmark This site, it will help you a great deal.

[ScottGem]

Usually because they aren't written by and for layman. :D

[Cgirl]

Are you guys getting e-mail notification for your posts... because I am not?? (see forum help post)

[cajalat]

Now that you've gotten some definitions and some pointers to get you started, let me give you another point of view from an ex-ISP engineer standpoint.

ISP's typically provide all sorts of services of which "managed" services is a big money maker for the ISP. These managed services can include a multitude of hosting services (Managed, Colo, managed-colo, etc), VPN, Firewall, DNS, mail, etc. One reason why customers go for colo or managed hosting services for their "rack of servers" is because the ISP can provide significantly higher bandwidth to the Internet than a customer typically has (amongst many other reasons). So the customer has an option to colocate their servers at an ISP's data center (aka colo) where the ISP is basically providing what's most commonly referred to as "Power, Ping, and Pipe". Or the customer can choose to have the ISP manage a portion of to the whole thing. A managed-hosting services is where the ISP manages the servers, typically the ISP has their own preconfigured builds of the Server hardware, Operating System Software, Database and Application software. The customer then just manages the content.

Now when a customer chooses to have the ISP manage some or all of their colocated setup (or just colo) then the customer usually needs some sort of a backend connection (a private connection) to manage database or application servers content and to transfer data securely... or even sometimes a staging environment. For that to happen you typically need a site-to-site VPN so that any number of developers at the customer site can transfer data and communicate with their colocated environment without having to worry about installing VPN software on their desktops/workstations at the customer site. This is typically a dedicated hardware/software solution at each end. Like Scott said, it basically sets up a secured tunnel between the two sites.

Now there is a different use of VPN called client to site which is what most people use when they connect back to their company. This can also be managed by either the customer or again by the ISP.

Now lets talk about the firewall... the firewall at the customer site is of course used to protect the customer's enterprise from the Internet. Generally enterprises manage their own firewalls but not always. ISP's can manage the firewall for the customer remotely.

So, now that you know about the above, the functions of each that I described (site-to-site VPN, Client-to-Site VPN, Firewalls) those can be the same devices and in some Enterprises they are the same devices. But for "security" purposes many Enterprises elect to have different boxes for each.

Hope that helps.

Casey