A fast broadband linkup along with user-friendly software provides
easy remote access to thousands of Microsoft employees
Today, businesses are asking their Information Technology Groups
(ITG) to deliver an increasing array of communication and
networking services, while squeezing the maximum possible from
budgets and support staff. At Microsoft, the situation is no
different. To meet these demands, the ITG at Microsoft looked to
the Windows operating system platform, software vendors and service
providers for the technology needed to meet the remote access
demands of its more than 25,000 mobile sales personnel,
telecommuters and consultants around the world.
Using Windows-based clients and enhanced Windows NT RAS technology
available in the Windows NT Option Pack, Microsoft's ITG is
currently using and deploying a custom Windows-based, remote
dial-up and virtual private networking (VPN) solution. New user
services, in concert with new Windows-based network services from
UUnet, provides users with quicker and easier network access while
significantly reducing network costs.Microsoft's ITG has learned
that the widespread adoption and use of technology largely depends
on how easy and transparent the experience is for the end user.
Likewise, ITG has learned not to deploy technologies whose
complexity results in an increased support burden on its limited
support staff. To simultaneously make the remote access solution
easy to use and easy to manage, ITG provided the
following:
Single clientITG provided a single client for both
the direct dial-up and virtual private network connections. Using
Windows integrated dial-up networking technology (DUN) and
Microsoft Connection Manager, users use the same client interface
for secure transparent access whether dialling directly to the
corporate network or connecting via a VPN.
Central
managementIt also provided central management of remote dial-up
and VPN access phone numbers. Microsoft ITG has found that one of
the most common support problems travelling users face is
determining and managing local access phone numbers. This problem
translates into one of the principal reasons for support calls to
Microsoft's user support centers. Using the Connection Manager
Administration Kit (CMAK) wizard, which is part of Microsoft's
remote access solution, Microsoft's ITG preloads each client PC
with an electronic "phone book" that includes every dial-up remote
access phone number for Microsoft's network. The result is that
Microsoft employees, connecting via the Internet, can easily and
securely access any Microsoft BackOffice-based application - the
Microsoft intranet and the Internet - through IPORT jacks in hotel
rooms and public places at rates of up to 50 times that of typical
dial-up modems. This high-bandwidth and easily available connection
helps Microsoft employees become more productive and have a better
online experience while on the road.The integrated and open
services of Windows enabled Microsoft to supplement its private
data network infrastructure and RAS with VPN services by working
with UUnet Technologies, Inc., the largest Internet service
provider in the world. Under this relationship, Microsoft's VPN
solution is integrated with the UUnet Radius Proxy servers through
the Windows NT Server 4.0 native support for RADIUS. This provides
Microsoft employees with secure local access to the Microsoft LAN
through more than 1,000 Internet point-of-presence locations
worldwide, at speeds ranging from 28.8Kb/s to 155Mb/s. Microsoft
ITG made reliable and secure local access to UUnet Technologies IP
network available to all Microsoft mobile employees, in part by
Windows NT Server 4.0, Remote Access Service integrated RADIUS
support. This resulted in the delivery of high-quality VPN services
over the UUnet Technologies, Inc. infrastructure at a reduced cost.
Microsoft ITG conservatively estimates that this use of Windows
based VPN service, as an alternative to traditional remote access,
will save the company more than $3.5 million per year in remote
access fees alone. Additional savings are expected from greatly
reduced remote access configuration support and the elimination of
call requests for RAS phone numbers.Directory in Windows NT Server
also allowed Microsoft to retain all authentication rights for
Internet and LAN access for its employees. This helps maintain
network security and requires no change or redundant replication of
directory information.Finally, Microsoft's ITG wanted to ensure
that its current investment in the remote access infrastructure
would not only be able to meet today's needs, but also enable it to
make the most of the opportunities provided by the digital
convergence of network-aware applications in the near future. The
momentum of Windows NT Server as a platform for IP telephony,
media-streaming technologies and the migration to PBX systems based
on Windows NT Server 4.0 is evidence of an increased need for
higher degrees of client/server network application integration.
The remote access solution ITG selected needed to be flexible
enough to meet the forecasted demand for increasingly sophisticated
and mission-critical network-aware applications."In the end," says
ITG program manager Ken Kubota. "What Microsoft remote employees
want is easy, fast, secure access to the corporate network."Using
Windows NT Server as the backbone of the remote access solution
provides the flexibility needed to economically address current and
future needs of Microsoft ITG. The selection of a Windows-based
solution allows ITG the freedom to both centrally manage and
incrementally extend the Microsoft direct dial and VPN
infrastructure at a controlled pace and in an open manner, through
partnerships with multiple service providers such as UUnet
Technologies. Furthermore, should outsourcing network WAN services
and equipment become even more prevalent, Windows provides ITG with
a platform that can accommodate this migration while still
preserving the value of current software and hardware
investments.The UUnet Technologies, Inc. network that supports
Microsoft's wholesale remote access and VPN services provides
access to one of the largest IP networks in the world. UUnet's
backbone infrastructure features a fully meshed network that
extends across both the Atlantic and Pacific, and includes direct
fiber optic connections between Europe, North America and Asia.
UUnet also provides satellite access services for remote areas that
lack Internet connections.
Compiled by Ajith Ram(c) 1999
Microsoft Corporation