Virtual Private Networks
Telecommuting, Info-Sharing Spur Growth<@VM>What Are Virtual Private Networks?
- By Joab Jackson
- Nov 16, 2001
As the federal government pushes for more teleworking and greater information sharing among agencies, officials are finding that virtual private networks are a low-cost way to securely connect far-flung employees and disparate offices.
"We're seeing a lot of momentum in this space because of the desire to make telecommuting more ubiquitous in the federal government," said Mike Rau, director of systems engineering for Cisco Federal Systems, a division of Cisco Systems Inc., San Jose, Calif., that sells VPN software, hardware and services to the government.
In the past, government agencies would set up their own dial-in modem pools to provide teleworkers with remote access to agency systems and data, he said. But with the ease and low cost of VPN installation, agencies have "shifted in a big way over to VPN services," Rau said.
Much of this urgency for telecommuting comes from a law enacted in October 2000, as part of the 2001 transportation appropriations measure, which required that all eligible federal personnel be allowed to telework by fiscal 2004.
Telecommuting encompasses working at home and working at General Services Administration-sponsored telecenters, which provide office amenities in suburban locations.
With a VPN, a home worker can tap into an agency network using only a standard modem and Internet connection. This is far simpler and cheaper than using a wide area network, the traditional method of connecting multiple sites within or among organizations and remote workers.
VPNs are fast catching on in the commercial world. International Data Corp., the IT market analysis division of Boston's International Data Group, forecasts the sales for VPNs will explode from $400 million in 1998 to more than $8 billion in 2004, with telecommuting one of the key factors driving growth.
"The commercial world is a little bit ahead of the government," Rau said. "But the federal government is quickly understanding that providing telecommuting resources is very important, so we expect there to be rapid growth in this market as well."
"Over the last two years we've probably deployed about $2 million worth of VPN solutions just for the Navy alone," said Mike Paluzzi, vice president of U.S. federal sales for Paris telecom giant Alcatel, which has a wholly owned subsidiary, Alcatel Federal Inc., in
Alcatel is providing the VPN services for the Navy-Marine Corps Intranet, the Navy's Information Systems Security Program Office and the Navy Personnel Office. Alcatel has also provided large solutions for the Air Force Office of Special Investigations, the Army's recruiting office, the Energy Department's headquarters, NASA and the Federal Reserve.
Symantec Corp. of Cupertino, Calif., a software security provider, also reports a booming public-sector market for VPN. "We're seeing it now in smaller organizations that may not have had the bandwidth to tackle it before," said Vince Steckler, Symantec's vice president of public sector.
For instance, Symantec has been working with Computer Sciences Corp., El Segundo, Calif., on the $2 billion Groundbreaker outsourcing contract with the National Security Agency. Also using Symantec VPN solutions are the State Department, Department of Housing and Urban Development and Congress, Steckler said.
In addition to telecommuting, the increased need for agencies to share information, especially after the Sept. 11 terrorist attacks, is driving demand for VPN solutions.
One VPN software provider particularly tuned in to helping agencies share resources is V-One Corp., Germantown, Md. Science Applications International Corp., San Diego, used V-One SmartGate security software for the National InfraGard Program, a FBI pilot project to encourage the law enforcement and industry to share information regarding physical and cyberthreats.
V-One has also outfitted the Justice Department's Regional Information Sharing Systems to allow 5,700 federal, state and local law enforcement agencies to share information among authorized individuals, while assuring security of all other data on the network.
Although there are other methods of securely linking geographically dispersed offices, VPNs offer a significant cost advantage. According to a white paper released in September by Secure Computing Corp., San Jose, Calif., VPNs can cost 75 percent less to deploy than WANs because, unlike WANs, VPNs do not require expensive leased circuits and modem banks.
A second advantage of VPNs is ease of use. "VPNs are easy to deploy because you are using a network that is already in place and that people are familiar with," said Tim Hale, director of product marketing for Quarry Technologies Inc., Burlington, Mass., a manufacturer of switches and management tools for applications on VPNs.
According to Janel Crabtree, director of global IP VPN services for WorldCom Group, Clinton, Miss., VPNs can offer the same performance as frame relay- or asynchronous transfer mode-based private networks.
And despite their use of the Internet, VPNs can offer a level of security equal to that of leased lines. "You can nail down a VPN so tight that sites can only communicate with other sites on that VPN," said Randy Richmond, program manager at Verizon Federal Network Services, a division of Verizon Communications Inc., New York.
The added security that VPNs bring to an Internet environment is another selling point. Richmond said VPNs offer increased protection over that offered by an organization's firewalls, though he said security-conscious organizations may still want to adopt additional measures.
While agencies can purchase the software and set up a network in-house, a growing number of large telecommunications carriers and data network service providers offer managed solutions for both agencies and integrators.
The advantage of using a large provider, such as Verizon, for VPN services is that it is a one-stop shop, Richmond said.
"A small company could act like a front man for everybody, but it has separate service agreements with all its vendors, so it is at the mercy of its providers," he said.
In contrast, Richmond said, Verizon owns its own Internet backbone lines and can offer stronger guarantees of reliable service.
"We guarantee within 10 minutes of outage, we have restoration, or we will start giving money back," Richmond said. Verizon also takes measures to ensure that data throughput is maintained at acceptable levels as well. Verizon's government customers include the departments of Defense and Treasury, Richmond said.
Selling directly to agencies, WorldCom also offers fully managed VPN services in remote dial-up and site-to-site. Since WorldCom is also an Internet service provider, it offers the connectivity along with the services. Its largest customer, Toyota Motor Corp., has 1,100 sites.
The large telecom companies, however, are facing stiff competition from smaller data network providers, such as Virtela Communications Inc., Greenwood Village, Colo. Virtela was launched in October after obtaining $75 million in startup funding to compete in the growing market.
Formed by industry veterans with Internet experience at Qwest Communications International Inc., Sprint Corp. and GTE Corp., Virtela plans to both market to agencies directly as well as
act as subcontractor to systems integrators.
"We offer a flexibility in installation and support that larger vendors can't match," said Vab Goel, chairman and chief executive officer of Virtela.Virtual private networks are organizationwide networks that use the Internet to connect geographically dispersed offices and users, thus offering a cheaper alternative to the privately leased lines that a traditional wide area network would require.
By using firewalls to protect the internal network, authentication tools to identify users and encryption to secure traveling data packets, a VPN establishes a tunnel through the public Internet, establishing site-to-site, trusted pathways among the enterprise's local area networks.
VPNs also allow remote users to dial into the home office using only an Internet dial-up account, eliminating the need to lease modem banks. And VPNs allow outside trusted partners to tap into an organization's network without opening it up to the entire Internet, allowing for greater ease of sharing of information.
"In the past, an agency might have had a five-employee branch sitting somewhere in the country. You might have had to dedicate a leased line or frame relay services to connect that office. With VPNs, you can provision any Internet connection to get access back to the headquarters," said Mike Rau, director of systems engineering for Cisco Federal Systems.
Joab Jackson is the senior technology editor for Government Computer News.