Acceleration's Accelerated Private Network (APN) can be configured many different ways, offering clients a configuration that fits just about any security and bandwidth requirement. The two most popular configurations involve the placement of the corporate firewall. The following diagrams demonstrate each of those configurations and their advantages. For the purposes of the diagram, all the branch locations are represented by T1's. However, these can be any transport medium; that is the beauty of the APN. They can be line-share ADSL, dedicated ADSL, SDSL, T1, Metro Ethernet, or DS3. Likewise, the host or corporate location can use any of these transport mediums, but is referenced in these diagrams as either Metro Ethernet or DS3. Your bandwidth requirements and budget will dictate what type of transport types are used.
APN with Local Firewall
Click to enlarge
This option places the corporate firewall at the main corporate location and sizes the host circuit large enough to sustain two-way public IP traffic (public traffic from the remote locations will move up this circuit to the firewall and back out again to get to the Internet). The advantage is hands-on, local control of the firewall and the possibility of a dual-homed public IP architecture at the corporate location to provide additional redundancy.
APN with Hosted Firewall
Click to enlarge
Another popular configuration places the corporate firewall within the core Acceleration network.
The corporate IT staff will manage this firewall remotely. Public IP traffic from the remote locations
will not have to traverse the host circuit, since it can go out directly from the firewall to the Acceleration Internet backbone. This allows the host circuit to be smaller because it will be used only for private traffic from the remote sites and public IP only from the corporate location. This is better engineering in respect to bandwidth utilization across the network.