ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells

Feature Article
February 2002

Information Security For The Internet Reaches Maturity


When Virtual Private Networks (VPNs) arrived on the technology scene they promised bulletproof security for corporate networks at a fraction of the leased-line cost. As time passed, the enthusiasm for VPNs waned -- the encryption technology available didn�t match companies� dual expectations of high-speed performance and maximum-security requirements.

This technology hurdle has now been addressed with sophisticated developments in high-speed crypto ASIC design and production. VPN infrastructure manufacturers are now meeting expectations with the highest level of security (IPSec using 3DES � CBC mode) at speeds of 2G bit/sec. These performance improvements are essential in reflecting the momentum of VPN adoption. Both service providers and company-managed networks have focused expectations relative to return on investment, flexibility, and better-centralized management. By meeting these expectations, VPN product revenues more than doubled to $706 million in the first half of 2001, up from $313 million in the first half of 2000, according to Infonetics Research.

VPNs are maturing at a time when secure network accessibility is becoming increasingly important to companies with multiple branches, telecommuters, and workers-on-the-go. Companies are also embracing VPNs for their intrinsic ability to slash operating costs and prevent unauthorized access to sensitive corporate information. VPNs are so compelling that over 50 percent of all companies plan on deploying VPNs by 2002, according to analysts.

Since the events of September 11, 2001, companies are revamping IT budgets and making information security a key objective. A survey taken by J.P. Morgan Securities shows 64 percent of companies are increasing security spending in 2002 as a result of the terrorist attacks. Integrated VPNs are a significant component of the new security strategy for many companies. For companies with over $500 million in revenue, 64 percent plan to deploy VPN and SSL solutions in 2002, according to the J.P. Morgan report.

Enterprises aren�t the only ones embracing VPNs. Telcos and service providers also gain a competitive advantage by offering VPN capability bundled with their existing applications and services. For these providers, VPN solutions are deployed seamlessly to customers at a fraction of the cost individual companies could implement a comparable VPN. Reselling VPN services is also a lucrative opportunity for telcos and service providers. A VPN solution combined with an IPSec client and a firewall secures access to critical corporate resources and provides solid protection against unwanted Internet intrusion.

With VoIP revenues not materializing as quickly as some had forecasted, and the effects of the dotcom crash still being felt, money is tight for service providers. Projects requiring building costly infrastructure -- infrastructure that doesn�t yield quick returns on investment -- are being put on the back burner. The good news for service providers is managed security is a service in high demand. In the past year, the number of companies offering managed intrusion detection, virtual private networks and managed firewall services grew 72 percent, according to a recent report from Giotto Perspectives called Managed Security Services Report.

�VPN services were first introduced as low-cost alternatives to private line and fast packet networking but at the time, service providers found margins lacking,� said Dan Taylor, Partner at Giotto Perspectives. �Security and VPN technologies have evolved to a point today where service providers can offer their VPN customers high bandwidth and high performance. In addition, service providers can now deliver VPN management capabilities directly to their customers, to create high-value services.�

This increasing supply is met with mushrooming demand. Almost half of all small businesses, and a quarter of all large ones, will use a managed security service by 2003, according to Infonetics Research. Service providers are positioned well in this lucrative market.

Service providers looking to increase their average revenue per user are flocking to VPNs as high profit margin addition to their services. On average, every remote user adds an additional $20 or $30 a month in revenue for the service provider. By enrolling larger enterprises with site-to-site VPNs the revenue per user ramps more quickly. Also, by extending the VPN to the enterprise, service providers can either sell the equipment needed at the customer premise or increase monthly service charges to offset the cost of the equipment.

Some of the key capabilities companies should demand of their VPNs are:

Speed is a crucial criterion in choosing a VPN. For large enterprises VPN solutions exist that run at speeds up to two Gbps and offer from 100 to over 40,000 VPN tunnels. The critical component of exploiting the speed is the technology�s capacity to scale over a line of products. By having the ASIC engine that can be implemented in every VPN appliance from the SOHO to the medium-sized business, up to the high-density service provider or Fortune 500 HQ, the installation strategy can be managed effectively with no compromise on performance.

Security And Cost Reduction
VPNs are a compelling business solution because they provide the highest end-to-end security at wire-speed at a sizable cost reduction compared to a private network. They provide strong security (3DES-CBC mode) for users and managers of Fortune 500 companies, hosted e-business sites and applications, branch offices, and mobile or remote workers. A VPN solution, an IPSec client and a firewall combine to control access to information, while protecting against Internet intrusion. By implementing a VPN solution that integrates additional security applications such as intrusion detection, digital certificate support, DOS, Radius capability, and client authentication, a powerful communications platform is developed using the Internet for the transport of company business information.

Vastly Increased Flexibility
VPN infrastructure equipment today should provide a scalable architecture to evolve with your business. VPN appliances should provide multiple network interfaces, solid high-availability functionality, a scalable product line, interoperability with existing infrastructure equipment, and network management, eliminating the need for additional network devices. Port configurations include failover provisioning, so that in an event of port failure, another port will automatically take over, thus keeping your network operational. Virtual LANs (VLANs) and virtual routers enable multiple virtual networks to be hosted on one physical infrastructure. Implementation flexibility should include a management interface that allows customization of the communication platform as well as rock solid failover for nearly every hardware and software component, as is warranted within the network infrastructure.

Ease Of Management
Advanced network management capabilities reduce the need for additional hardware as well as provide detailed application reporting and incident recognition alerting. VPNs should feature a total management solution that provides network professionals with easy, integrated access tools for global, site, and unit management. A single point of control is required for monitoring and provisioning the entire network by supporting widely used enterprise-class management tools.

VPN products have evolved to integrate many capabilities into one appliance, which is essential for managing mission-critical VPN applications trusted with the digital assets of an organization. Some of the functionality available in a single VPN appliance are firewalling, load balancing, content checking, URL checking, intrusion detection, denial-of-service detection, anti-virus protection, policy routing, and management. Centralizing the management of these key networking capabilities dramatically streamlines network management and frees up network administrators to concentrate on other projects.

As VPN requirements become more exacting and integral to a company�s overall IT success, products exist today that are designed to meet or exceed these expectations. VPNs are now living up to their highly touted promises and enterprises, telcos, and service providers are at last poised to reap the benefits. c

Robert Bova is executive vice president of The Americas and Pacific Rim at Asita Technologies and can be reached at [email protected]. Asita Technologies, a global provider of fully integrated high-speed VPN solutions, can be reached on the www.asitatechnologies.com.

[ Return To The February 2002 Table Of Contents ]

Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas