This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. --------------9C85BCBFF6F7C4A936480BAE Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.SUN.3.96.990123000952.16660Hat_private> Forwarded From: darek milewski <darekmat_private> http://www.infoworld.com/cgi-bin/displayShow.pl?990121.wnvpn.htm VPN technology bandwagon grows By Stephen Lawson InfoWorld Electric Virtual private network (VPN) initiatives from mainstream vendors, as well as advances from specialized companies that will boost the power of VPNs to serve large enterprises, will put the spotlight on the expanding VPN market at next week's ComNet '99 conference in Washington. VPN technology, which can secure communications via the Internet or a shared IP network, is expected to reach more enterprises this year. Resistance to VPNs is giving way to enthusiasm, as VPN standards gain wider acceptance, performance increases, and large vendors join the fray, analysts and users say. Using the Internet or a shared service provider network for corporate communications can represent huge savings from leased lines or frame-relay services. In addition, it can open up channels of communication where none existed before - such as among partner companies or between headquarters and an isolated branch office. What has held some large enterprises back are concerns about security, reliability, ease of use, and performance. But the latest moves by large vendors, as well as products to be introduced next week by VPN specialists, promise to ease those fears. 3Com will make a VPN push this spring that includes support for digital certificates, as well as a client software that supports the IP Security (IPSec) and Lightweight Directory Access Protocol standards. The company recently introduced a co-processor for network devices that encrypts traffic at 100Mbps. And this week Cisco Systems outlined its strategy for enterprise VPNs, complementing its VPN initiative for service provider products. Users are responding well to advances in the technology. "It's matured significantly over the last 12 months," says Dave Brown, an IS manager at the New York Times, in New York. Brown cited greater reliability, as well as wider acceptance of IPSec and digital certificate technology from companies such as Entrust and VeriSign. One 3Com user who had avoided deploying applications over the Internet for security reasons is now trying out a recently introduced 3Com VPN router to link outlying doctors' offices with his Albuquerque, N.M., medical center. "What really appealed to me is that it's a supported product [made] by 3Com," says Ed Carpenter, an infrastructure engineer at St. Joseph Healthcare. "The fact that they've jumped on the bandwagon is good." Analysts say big players are diving in because enterprises are starting to demand VPN technology. "It'll be what you need to get through the door to an enterprise in 1999," says Jeremy Duke, president of Synergy Research Group, in Phoenix. As the giants wield their name recognition, VPN specialists are not standing still. One analyst says VPNs have reached a new milestone. "We are now seeing third-generation VPN products," says Greg Howard, an analyst at Infonetics Research, in San Jose, Calif. The first VPN products were software-based, Howard says, and the second generation consisted of hardware-software combinations. The latest generation will address scalability and reliability. A start-up set to unveil its first product at ComNet epitomizes this development. Network Alchemy will introduce and demonstrate a VPN server, the VPN Server 5000, that can be clustered with as many as 255 others, forming a resilient lineup of devices that can provide the capacity to support massive enterprise VPN applications. A potential use would be connecting a credit card company with all of its customer stores. A server co-location provider believes the Network Alchemy product could vastly expand its service to enterprises. "It will allow us to promote outsourcing of high-speed, high-capacity servers for the enterprise," says Dennis Nugent, a project manager at AboveNet, in San Jose, Calif. "Before, the speed just wasn't high enough." Nugent says the hardware would allow AboveNet to host demanding applications such as enterprise resource planning and voice-over-IP services. Each VPN Server 5000 can perform IPSec encryption and authentication on traffic at Fast Ethernet rates. Until recently, the fastest IPSec devices could handle only approximately 45Mbps. Network Alchemy officials say each server will support 20,000 concurrent sessions. In addition, if one server fails, the sessions it is handling can shift automatically to other servers in the cluster. Because the sessions are not lost, there is no interruption while users are reauthenticated. VPNet also will unveil and show off clustering capability and higher performance. Its VPN Service Unit 1100 will perform IPSec functions at 90Mbps and support 5,000 concurrent sessions. A software upgrade to be introduced at the show will allow each server to be linked to a second server for fail-over. The VPNWare 2.5 software also will allow administrators to distribute security configurations to clients from a central location. A big performance boost is also coming from Nokia, a European maker of telecommunications products that wields technology from IP switch pioneer Ipsilon. Nokia will introduce at the show IP 650 Reliant, its latest combined router and firewall. The 650 will feature a 450-MHz Pentium II processor for faster IPSec processing. But continued advances into the VPN market by established vendors are moving the technology closer to the mainstream. In addition to Cisco and 3Com, Nortel Networks and ATM equipment vendor Newbridge Networks are placing major bets on VPNs. Newbridge will introduce the first product in its Versatile-IP strategy for VPNs. The MainStreetXpress 36100 Access Concentrator is designed to feed into centrally managed VPNs that run over existing technologies such as frame relay and ATM. "Things are maturing," says Dan Merriman, an analyst at the Giga Information Group, in Cambridge, Mass. "We are starting to see some major corporations do product-level implementations of VPNs for remote access." But Merriman still advises users to weigh the benefits of a VPN against the risks of adopting a relatively new technology. "There are ways of saving money, but you have to realize the maturity and performance issues you're taking on," Merriman says. --------------9C85BCBFF6F7C4A936480BAE-- -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:14 PDT