/
VPNs take center stage
Trimble Navigation finds VPNs useful for remote access
VPN vulnerability
Face-off: Build your own VPN or outsource?
VPN service provider market share
Archive of Network World features
Subscribe to our VPN e-mail newsletters
Hiring a service provider lifts the burden of dedicating staff time and expense to setting up the VPN. You still decide what provider to use, but a good chunk of the work becomes someone else's problem. At the same time, using a service provider limits your options. It means the service provider puts in the gear it wants and will likely offer a set of cookie-cutter configurations that may not exactly meet your requirements. These services vary widely. For instance, AT&T has a dial-up VPN service that lets you pick what tunneling protocol you want to use: Point-to-Point Tunneling Protocol, Layer 2 Tunneling Protocol (L2TP) or IP Security (IPSec). You can pick 56-bit or 128-bit encryption. You can also use digital certificates to authenticate users and have AT&T manage them. Customers also have a choice between Nortel- and Linux-based customer-site equipment. UUNET offers Total Access edition of its UUsecure VPN service that includes managed dedicated and dial-up access and manages connections with business partners. The service is rolling out now in the U.S. and will be extended to Europe and Asia by year-end. Similarly, Genuity (formerly GTE Internetworking) offers Internet dial-up and dedicated access to its VPN service, and also supports digital certificates. Genuity is one of the few VPN service providers to offer a service-level agreement (SLA) on how many packets are lost on its network: customers receive a credit when there is a 1% or greater loss rate. International service provider Infonet offers just a site-to-site VPN service that includes managing Cisco routers at each customer site and calls for traffic to stay on Infonet's network and off the public Internet. Sprint can arrange for users of other service providers' VPN services to link securely into its VPN customers' VPNs, essentially enabling extranet VPNs. Sprint lets customers buy or rent customer equipment. In short, there are plenty of options. A service might be the best way to establish a VPN with business partners. Mutual mistrust could be solved by putting the network in the hands of a third party. Service provider Aventail focuses on such extranets. Beware that service providers face the same problems deploying VPNs that companies do, says Jeff Wilson, an analyst with Infonetics Research in San Jose. Service providers have more resources than a company, but they also have thousands of users, so they can run into resource problems and need to enlist help. For example, UUNET runs its own VPN service, but resells the services of SmartPipes to customers if they want the service managed. Give yourself plenty of lead time and seek references from other customers before signing a contract. SLAs depend on how much of the network the service provider owns. No one can guarantee the performance of the Internet. You should be able to get SLAs for network availability and latency, but that latency will likely be for a certain portion of the network. It might be from edge-to-edge of the provider's network, excluding access links from customer sites. Make sure you know which parts are included. There are compromises between buying and building. If you lack resources to deploy your own VPN, but want to retain control of it, high-end, value-added resellers such as GNP, Atrion and Inovatia can build it and turn it over to you. OpenReach lets customers download software from the Internet to turn idle PCs into VPN servers and can have your VPN up and running the same day.
Related links
Employees find joy in setting up a VPN. VPN vulnerability
Personal firewalls for remote users are recommended to protect the network from hack attacks. Face-off: Build your own VPN or outsource?
Indus River Networks' Dave Zwicker and Concentric Network's Mark Fisher face off. Archive of Network World features Subscribe to our VPN e-mail newsletter
VPN service providers
There are plenty of options if you want to outsource your VPN.
 
|
|||
 | |||
|
By BY TIM GREENE
Network World, 08/14/00
Sometimes it just doesn't pay to keep control of everything, and that includes VPNs.
VPNs take center stage
Trimble Navigation finds VPNs useful for remote access
VPN vulnerability
Face-off: Build your own VPN or outsource?
VPN service provider market share
Archive of Network World features
Subscribe to our VPN e-mail newsletters
Hiring a service provider lifts the burden of dedicating staff time and expense to setting up the VPN. You still decide what provider to use, but a good chunk of the work becomes someone else's problem. At the same time, using a service provider limits your options. It means the service provider puts in the gear it wants and will likely offer a set of cookie-cutter configurations that may not exactly meet your requirements. These services vary widely. For instance, AT&T has a dial-up VPN service that lets you pick what tunneling protocol you want to use: Point-to-Point Tunneling Protocol, Layer 2 Tunneling Protocol (L2TP) or IP Security (IPSec). You can pick 56-bit or 128-bit encryption. You can also use digital certificates to authenticate users and have AT&T manage them. Customers also have a choice between Nortel- and Linux-based customer-site equipment. UUNET offers Total Access edition of its UUsecure VPN service that includes managed dedicated and dial-up access and manages connections with business partners. The service is rolling out now in the U.S. and will be extended to Europe and Asia by year-end. Similarly, Genuity (formerly GTE Internetworking) offers Internet dial-up and dedicated access to its VPN service, and also supports digital certificates. Genuity is one of the few VPN service providers to offer a service-level agreement (SLA) on how many packets are lost on its network: customers receive a credit when there is a 1% or greater loss rate. International service provider Infonet offers just a site-to-site VPN service that includes managing Cisco routers at each customer site and calls for traffic to stay on Infonet's network and off the public Internet. Sprint can arrange for users of other service providers' VPN services to link securely into its VPN customers' VPNs, essentially enabling extranet VPNs. Sprint lets customers buy or rent customer equipment. In short, there are plenty of options. A service might be the best way to establish a VPN with business partners. Mutual mistrust could be solved by putting the network in the hands of a third party. Service provider Aventail focuses on such extranets. Beware that service providers face the same problems deploying VPNs that companies do, says Jeff Wilson, an analyst with Infonetics Research in San Jose. Service providers have more resources than a company, but they also have thousands of users, so they can run into resource problems and need to enlist help. For example, UUNET runs its own VPN service, but resells the services of SmartPipes to customers if they want the service managed. Give yourself plenty of lead time and seek references from other customers before signing a contract. SLAs depend on how much of the network the service provider owns. No one can guarantee the performance of the Internet. You should be able to get SLAs for network availability and latency, but that latency will likely be for a certain portion of the network. It might be from edge-to-edge of the provider's network, excluding access links from customer sites. Make sure you know which parts are included. There are compromises between buying and building. If you lack resources to deploy your own VPN, but want to retain control of it, high-end, value-added resellers such as GNP, Atrion and Inovatia can build it and turn it over to you. OpenReach lets customers download software from the Internet to turn idle PCs into VPN servers and can have your VPN up and running the same day.
Related links
Contact Senior Editor Tim Greene
Other recent articles by Greene
VPNs take center stage
Virtual private networks merge IP technology with encryption to offer significant cost savings on WAN traffic.
Employees find joy in setting up a VPN. VPN vulnerability
Personal firewalls for remote users are recommended to protect the network from hack attacks. Face-off: Build your own VPN or outsource?
Indus River Networks' Dave Zwicker and Concentric Network's Mark Fisher face off. Archive of Network World features Subscribe to our VPN e-mail newsletter
