ICI is poised to sign a deal that could save it millions
of pounds by allowing it to transfer non-essential internet
traffic from its wide area network onto a secure broadband link
based on DSL consumer technology.
With non-essential traffic removed, the Wan would be reserved
for transferring business-critical data. This would allow the
chemicals company to run its network for far longer without
upgrading its bandwidth.
The company has drawn up a shortlist of suppliers to provide the
necessary global service to supply highly secure DSL-based internet
access for staff working across its international office network.
It hopes to have signed a global deal for a managed security
service by the end of the year, which should pave the way for the
new network to be in place in the first half of next year.
ICI's Wan connects its 30,000 employees worldwide, but a recent
internal audit of the firm's network usage found that 30% of
traffic was browser-based.
Paul Simmonds, chief security officer at ICI, said that there
were potentially big savings to be made by "offloading internet
usage".
He said the main stumbling block to adopting the strategy had
been finding a suitable managed network provider to secure ICI's
global staff from internet security threats, but a deal was now
looking likely.
Simmonds called the architecture required a "within-cloud
filtering service" which would make use of multiple low-cost local
DSL broadband network connections to link employees' networked PCs
to the internet via the secure service.
The approach will effectively replicate the sophisticated IT
security found inside ICI's Wan, including firewall, anti-virus,
intrusion protection and content filtering.
Robert Whiteley, senior analyst at Forrester Research, said, "We
are seeing a number of industries where 50% of the traffic on their
network is internet traffic."
With multimillion-pound annual charges for running a global Wan,
Whiteley said a large company could make substantial cost savings
if it sends this traffic elsewhere.
Large companies have tried to achieve this in the past by
deploying local DSL connections and hardware security appliances in
regional offices, but Whiteley said the infrastructure was
typically hard to keep up-to-date. "ICI's approach is unique", he
said.
Simmonds said the project was based on a concept he helped to
develop for IT security user group the Jericho Forum.
www.opengroup.org/jericho
Comment on this article:
computer.weekly@rbi.co.uk