[ISN] VPN technology bandwagon grows

From: mea culpa (jerichoat_private)
Date: Sun Jan 24 1999 - 12:17:24 PST

  • Next message: mea culpa: "[ISN] CA taps security vendor for add-on to Unicenter"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990123000952.16660Hat_private>
    Forwarded From: darek milewski <darekmat_private>
    VPN technology bandwagon grows
    By Stephen Lawson
    InfoWorld Electric
      Virtual private network (VPN) initiatives from mainstream vendors, as
    well as advances from specialized companies that will boost the power of
    VPNs to serve large enterprises, will put the spotlight on the expanding
    VPN market at next week's ComNet '99 conference in Washington. 
      VPN technology, which can secure communications via the Internet or a
    shared IP network, is expected to reach more enterprises this year. 
    Resistance to VPNs is giving way to enthusiasm, as VPN standards gain
    wider acceptance, performance increases, and large vendors join the fray,
    analysts and users say. 
      Using the Internet or a shared service provider network for corporate
    communications can represent huge savings from leased lines or frame-relay
    services. In addition, it can open up channels of communication where none
    existed before - such as among partner companies or between headquarters
    and an isolated branch office. 
      What has held some large enterprises back are concerns about security,
    reliability, ease of use, and performance. But the latest moves by large
    vendors, as well as products to be introduced next week by VPN
    specialists, promise to ease those fears. 
      3Com will make a VPN push this spring that includes support for digital
    certificates, as well as a client software that supports the IP Security
    (IPSec) and Lightweight Directory Access Protocol standards. The company
    recently introduced a co-processor for network devices that encrypts
    traffic at 100Mbps.  And this week Cisco Systems outlined its strategy for
    enterprise VPNs, complementing its VPN initiative for service provider
      Users are responding well to advances in the technology. 
      "It's matured significantly over the last 12 months," says Dave Brown,
    an IS manager at the New York Times, in New York. Brown cited greater
    reliability, as well as wider acceptance of IPSec and digital certificate
    technology from companies such as Entrust and VeriSign. 
      One 3Com user who had avoided deploying applications over the Internet
    for security reasons is now trying out a recently introduced 3Com VPN
    router to link outlying doctors' offices with his Albuquerque, N.M.,
    medical center. 
      "What really appealed to me is that it's a supported product [made] by
    3Com," says Ed Carpenter, an infrastructure engineer at St. Joseph
    Healthcare. "The fact that they've jumped on the bandwagon is good." 
      Analysts say big players are diving in because enterprises are starting
    to demand VPN technology. 
      "It'll be what you need to get through the door to an enterprise in
    1999," says Jeremy Duke, president of Synergy Research Group, in Phoenix. 
      As the giants wield their name recognition, VPN specialists are not
    standing still. One analyst says VPNs have reached a new milestone. 
      "We are now seeing third-generation VPN products," says Greg Howard, an
    analyst at Infonetics Research, in San Jose, Calif. The first VPN products
    were software-based, Howard says, and the second generation consisted of
    hardware-software combinations. The latest generation will address
    scalability and reliability. 
      A start-up set to unveil its first product at ComNet epitomizes this
      Network Alchemy will introduce and demonstrate a VPN server, the VPN
    Server 5000, that can be clustered with as many as 255 others, forming a
    resilient lineup of devices that can provide the capacity to support
    massive enterprise VPN applications. A potential use would be connecting a
    credit card company with all of its customer stores. 
      A server co-location provider believes the Network Alchemy product could
    vastly expand its service to enterprises. 
      "It will allow us to promote outsourcing of high-speed, high-capacity
    servers for the enterprise," says Dennis Nugent, a project manager at
    AboveNet, in San Jose, Calif. "Before, the speed just wasn't high enough." 
      Nugent says the hardware would allow AboveNet to host demanding
    applications such as enterprise resource planning and voice-over-IP
      Each VPN Server 5000 can perform IPSec encryption and authentication on
    traffic at Fast Ethernet rates. Until recently, the fastest IPSec devices
    could handle only approximately 45Mbps.  Network Alchemy officials say
    each server will support 20,000 concurrent sessions. 
      In addition, if one server fails, the sessions it is handling can shift
    automatically to other servers in the cluster. Because the sessions are
    not lost, there is no interruption while users are reauthenticated. 
      VPNet also will unveil and show off clustering capability and higher
    performance. Its VPN Service Unit 1100 will perform IPSec functions at
    90Mbps and support 5,000 concurrent sessions. A software upgrade to be
    introduced at the show will allow each server to be linked to a second
    server for fail-over. 
      The VPNWare 2.5 software also will allow administrators to distribute
    security configurations to clients from a central location. 
      A big performance boost is also coming from Nokia, a European maker of
    telecommunications products that wields technology from IP switch pioneer
    Ipsilon. Nokia will introduce at the show IP 650 Reliant, its latest
    combined router and firewall. The 650 will feature a 450-MHz Pentium II
    processor for faster IPSec processing. 
      But continued advances into the VPN market by established vendors are
    moving the technology closer to the mainstream. In addition to Cisco and
    3Com, Nortel Networks and ATM equipment vendor Newbridge Networks are
    placing major bets on VPNs. 
      Newbridge will introduce the first product in its Versatile-IP strategy
    for VPNs. The MainStreetXpress 36100 Access Concentrator is designed to
    feed into centrally managed VPNs that run over existing technologies such
    as frame relay and ATM. 
      "Things are maturing," says Dan Merriman, an analyst at the Giga
    Information Group, in Cambridge, Mass. "We are starting to see some major
    corporations do product-level implementations of VPNs for remote access." 
      But Merriman still advises users to weigh the benefits of a VPN against
    the risks of adopting a relatively new technology. 
      "There are ways of saving money, but you have to realize the maturity
    and performance issues you're taking on," Merriman says. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:14 PDT