Virtual Private Networks
Within the last few articles we took at look at server and OS alternatives, as our examination of core networking components has continued. This month I thought we'd explore intra-enterprise connectivity with an investigation of Virtual Private Networks or VPNs.
The times they are a changin'
It seems like only yesterday when should you desire to connect branch offices via an electronic link, you had to utilize ISDN or frame relay over leased lines which provided a direct point to point conduit. While this was relatively fast and secure, it remained very EXPENSIVE! Corporations had to seriously weigh the benefits of cybernetic inclusion for smaller or more remote offices before expending serious capital on what in most cases essentially constituted business process facilitation versus the myriad of other concerns facing contemporary industry. Now, with the impending maturation and acceptance of Internet based technologies which render that most public of networks a secure and inexpensive medium by which to expedite delivery of sensitive corporate data, Virtual Private Networks are becoming truly ubiquitous.
How do they work?
VPNs operate in much the same fashion as traditional WANs with the exception that they employ the Internet cloud by way of a router and the employment of authentication, encryption, tunneling or all of the above as the means by which remote connectivity is achieved. While the term encryption is fairly obvious, tunneling is less so. There are two primary encryption standards in use for VPNs: DES (Data Encryption Standard) a widely accepted data cloaking scheme which employs a 56 bit key, and Triple DES, the 168 bit DES extension which thus far has never been cracked.
Tunneling is a protocol (PPTP by Microsoft is the most broadly employed) wherein data is transported over IP, (other standard protocols such as IPX or NetBEUI may also be buried within the IP packet ensuring compatibility) most often in encrypted form, by way of a "tunnel" that crosses the gulf of cyberspace and terminates not at the remote connectivity hardware which is the traditional gateway to the WAN, but directly to the individual NT server the user in question has been authenticated to, bypassing all others in the organization. This provides very strong security indeed and has served to accelerate acceptance of the VPN as a viable alternative to conventional WAN architectures.
Why are VPNs so attractive?
As mentioned earlier the cost of leased lines is definitely prohibitive however, as an added bonus, the decreased demand on internal technical services personnel is evident as the maintenance of traditional modem banks, normally a constant source of frustration, has been conveniently offloaded to the ISP. Furthermore, extranets: extensions of the VPN which include trading partners, suppliers, customers and prospects within your electronic fold, may be employed to enormous benefit at a fraction of the cost of established ERP solutions from the likes of SAP or Baan, who upon realization, have incorporated VPN into their product suites as well. In today's rapid paced corporate world, as delivery cycles are decreasing due to fierce competition and unforgiving customer demands, management of the supply chain has become paramount. VPNs may be utilized to address this issue with great success. Consider the following fictitious scenario:
Fred, owner of the MightyMart chain of food stores, has been losing market share to his competition due to their ability to more effectively respond to client desires and somehow offer lower prices to boot. Upon careful consideration Fred decides to address the matter by taking his CIO's suggestion to implement a VPN. After six months of planning, design and piloting, the rubber meets the road for MightyMart's shiny new Virtual Private Network and extranet.
Fred has provided secure real-time connections to all of his chain stores, and has centralized accounting, shipping and receiving and inventory management within head office. This has dramatically reduced duplication of effort and consequently increased profitability. Fred can at a glance now see how his stores are doing on any given day. He has implemented an electronic stock balancing agent which automatically informs shipping and receiving to move product from locations experiencing surplus to those in situations of impending shortage. Additionally, Fred has the ability to closely monitor the stock levels of perishable foodstuffs and take appropriate action when expiry dates are approaching. This greatly reduces waste and again increases profits. He has constructed a central data warehouse which he may mine to spot trends and capitalize on fickle customer desires as well as discover problem areas and move to correct them.
Fred's extranet connects him with his suppliers who have been given the responsibility of automatically replenishing stores once specific target thresholds have been met. This again reduces staffing costs and has the collateral effect of dramatically improved customer satisfaction. Clients learn that if they want it... Fred'll have it. Further to this, Fred has secured better price points from his suppliers due to the fact that he has guaranteed orders over the course of the contract. He may also establish supplier performance metrics in order to accurately gauge whether or not to enter into follow-on agreements with them. Suppliers, being aware of this, make a genuine effort to keep Fred and his customers happy at all times.
Fred has also extended his extranet to his customer base, providing low cost marketing - including sale notifications, printable coupons and real-time ordering for registered clients. Fred has even instituted a program by which data from online transactions is analyzed and details of impending sales are emailed to customers who match a predetermined profile. As you can well imagine, Fred has now become a leader in the marketplace and has secured his position in this highly competitive, low margin industry.
A few caveats
While all this sounds great, there are a few things to bear in mind when considering a Virtual Private Network. Security, while essential, is definitely a prime consumer of network bandwidth. You must conduct a thorough study of the hardware available in order to determine what best suits your throughput needs and is scalable enough to support future requirements. Another point to note is that although this security is extremely resistant to malicious attack, nothing exposed to the Internet is impregnable. You must therefore weigh which systems are most vulnerable to violation and mitigate these exposures with all means at your disposal. If managed correctly VPNs are an excellent tool which should provide the means for sustained growth in IM well into the next millenium.
Originally published in Ottawa Computes! magazine, November, 1998, by technology columnist, Ray Richards.
Heading Level 3
Sidebar
Article Index
- Digital New Year's Resolutions - January 2009
- Networking Basics - June 1996
- Networking Basics Part 2 - July 1996
- The Media PC - April 2005
- WiMax - Metropolitan Networks - May 2005
- Digital Rights Management - June 2005
- Digital Rights Management - Part 2 - July 2005
- Adobe Creative Suite 2 Review - August 2005
- Windows Rant, Alpha Rave - August 1998
- DEC AlphaServer Lineup - August 1998
- The Year in Retrospect, 1996-1997 - August 1997
- Bluetooth & Wireless Networking - Nov. 2000
- How to Win Government Contracts - Oct. 1999
- Mobile Phone Plans Comaprison - August 2005
- Clones Versus Brand Name PCs - June 1998
- Adobe Illustrator vs. Corel Draw - March 2000
- Illustrator vs. Draw - Part 2 - March 2000
- The Death of Customer Service - August 2000
- Customer Service Solutions - September 2001
- Data To Diamonds - February 1998
- Data To Diamonds - Part 2 - March 1998
- The End of the Internet? - December 2000
- Your Digital Legacy - March 2008
- Disaster Recovery Planning - September 1997
- Threat and Risk Assessments - October 1997
- Dr. Jeff Williams Interview - November 1997
- Jeff Williams Interview - Part 2 - December 1997
- Magma's Data Center - October 2000
- Magma's ADSL Service Interview - January 1999
- Magma's ADSL Interview - Part 2 - January 1999
- Distributed Computing - September 2001
- Distributed Computing - Part 2 - October 2001
- Gaining Internet Exposure - Part 2 - May 1999
- Enterprise Resource Planning - October 1998
- Powering ERP Applications - April 1999
- Flash Versus LiveMotion - April 2001
- FreeBalance Financials - March 1999
- Globalization - May 2001
- Barriers and Benefits of Globalization - June 2001
- Google Desktop Review - May 2006
- Graphic Design Fundamentals - February 2000
- IBM Plant & Headquarters Tour - January 1997
- IM's Effect on Society & Culture - September 2005
- Compaq Servers Review - May 1998
- Citrix Winframe Review - May 1997
- Smart Cards Overview - July 1997
- Online Anonymity - October 2008
- An Introduction to Java - December 1996
- ERP: PeopleSoft - December 1998
- Photopaint vs. Photoshop - May 2000
- Photopaint vs. Photoshop - Part 2 - June 2000
- Starting a Small Business - Admin - July 1999
- SOHO Accounting Software - August 1999
- Accpac, Simply Accounting Review - October 1999
- Rogers Rant, Quickbooks Rave - November 1999
- Intuit Quickbooks Pro Review - December 1999
- Quickbooks Pro Review - Part 2 - January 2000
- SAP R/3 Review - November 1998
- How Standards Affect Everything - March 2001
- Teleworking - Your Office at Home - April 1998
- The Ultimate Office - February 2008
- Unicenter TNG - June 1997
- Virtual Private Networking - November 1998
- Web 3.0, The Semantic Web - July 2008
- Basic Web Design Principles - February 1999
- Women in High Tech - September 1995
- Windows Driver Nightmares - January 2001
- Post Y2K Commentary - February 2001
- Bored With Technology - July 2001