Secure Virtual Private LAN Services: An Overview with Performance Evaluation

Virtual Private LAN Services (VPLS) is a widely utilized Layer 2 (L2) Virtual Private Network (VPN) architecture in industrial networks. In the last few years, VPLS networks gained an immense popularity as an ideal network architecture to interconnect industrial legacy SCADA (Supervisory Control and Data Acquisition) and process control devices over a shared network. However, legacy VPLS architectures are highly vulnerable to security threats which are initiated at the insecure shared network segment. Thus, secure VPLS architectures are becoming popular among industrial enterprises. In this article, we provide an overview of existing secure VPLS architectures with a performance evaluation. We evaluate the performance penalty of security on throughput, latency and jitter in a real world testbed. From these experiments, we seek to highlight the drawbacks of existing secure VPLS architectures after implementing them in a real networking environment. Moreover, we try to underscore future research questions that will help to improve the performance of secure VPLS networks.