Hello David
As with many of these choices, it primarily comes down to a balance between service and cost. If you only have a few sites, and each site has few users, then cost-wise, it’s preferable to use IPSec VPNs. If you have many sites with many users and you need a high level of administration and coordination to set all of this up, then it would probably cost less to go with a service provider’s offering of MPLS since you won’t have to deal with configuration and maintenance.
These are the two extremes. However, additional characteristics that you should take into account for each case include:
IPSec VPNs
- They’re free (assuming you already have the Internet connection and the appropriate equipment)
- They can be set up and torn down by you or your staff so you have full control
- They’re typically easy to set up and manage, assuming you have a small number of sites.
MPLS
- It’s a service you typically have to purchase from a provider, so there is a cost
- It’s a black box for you so you don’t have to configure anything, it’s all taken care of by the service provider
Both choices are safe and typically will provide you with what you need. However, you should also consider other options as well including:
- DMVPN
- FlexVPN
- SD-WAN
Leased lines are very rare today because they are very expensive (since they require a dedicated circuit) and because other WAN technologies such as those mentioned are much more flexible.
I hope this gives you an overview of the kinds of things you should keep in mind when choosing a WAN technology for your particular scenario.
I hope this has been helpful!
Laz