T1 - MPLS and Encryption

I do not know if this is an appropriate place to ask and if not I applogize
for this and please ignore this post.

We have a Dedicated T1/MPLS circuit between locations (different states)
(provided by a carrier such as AT&T).

My Question...
Should we be encrypting the traffic that goes accross this cirucit (via
vpn?)? If this was via Internet I would be encrypting the traffic.

Thank You

 

If you have a physical point to point connection (ie a dedicated cable)
you do not need to encrypt the data using it. The data just goes in one end
and out the other. VPN and MPLS are attempts to emulate a dedicated cable
connection through a switched network.

A VPN connection (Cisco or Windows for example) through the Internet
encrypts its data because it is creating a virtual point to point connection
by tunneling the data through the public network.

MPLS emulates a dedicated cable by having dedicated routers keeping the
private network traffic separate from the public traffic. (ie the traffic
goes over the carrier's own backbone network, not the public switched
network). Some people criticise calling it VPN since the strict definition
of VPN (as above) includes encryption. The MPLS people saty that they are
using "VPN-like" techniques to tunnel the data.

If the private traffic is kept separate from the public stream the net
effect is the same as for a dedicated cable and encryption isn't necessary.

 

Do you trust the carriers/providers and their employees with your data?

 

That is essentially what it boils down to!