Connected:Using the Internet to build your network

In the third of his fortnightly series on communications, Antony Savvas considers how companies should evaluate IPVPN security...

In the third of his fortnightly series on communications, Antony Savvas considers how companies should evaluate IPVPN security solutions and what timescales commercial 3G mobile services are working to.

In my last column I discussed the problems of wireless LAN security. While wireless provides users with a means to log on to their networks within the vicinity of their office, currently it is neither practical nor cost-effective to use wireless technology to connect remote users or branch offices.

3G mobile networks offer users hope for the future of remote access. However, the schedules for 3G rollouts are slipping so don't hold your breath for the technology to arrive.

Interim solutions
For the time being, businesses continue to deploy virtual private networks to provide remote access. The drawback to this approach is that it requires the business to set up a bank of modems for remote users to dial into the corporate network, hence the current popularity of IPVPNs. An IPVPN (Internet Protocol virtual private network) provides a secure connection to a company's network over the public Internet.

The enthusiasm for IPVPNs was highlighted recently when the Crown Prosecution Service appointed Energis to deliver an extensive secure network for the UK's legal system.

For companies wishing to take advantage of this technology there are several business factors to consider before choosing equipment and/or a service provider.

The three types of IPVN
Users need to be aware that there are many types of IPVPN. The most basic IPVPN often does not require any involvement from a service provider, with companies using a firewall and encryption
"Mobile operators are committed to delivering a 3G service to only 80% of the country by 2007 so expect a mobile digital divide when 3G does arrive"
Antony Savvas
software to establish intra-company communications over the public Internet. Such a solution means company users have to queue up with the rest of the world to use the Internet, meaning slow connection rates if broadband access like ADSL is not available. This option makes up what many would view as a traditional VPN.

Secondly, a service provider can deliver encryption, installing equipment on the customer's premises or providing some other network solution as well as giving quality of service (QoS) guarantees covering availability, delays (network latency), data packet loss, and other parameters. ISPs in particular are likely to offer this solution.

Thirdly, a service provider, particularly a phone company, can offer reserved capacity across its private phone network, possibly linked with parts of the public Internet. This guarantees bandwidth through the use of partitioned routers and should provide strong security and even tighter QoS guarantees. There is an argument, though, that some traditional phone companies are not necessarily suited to providing a full-managed IP-based service over their existing networks.

The risk is that users may be locked into one particular service provider's network, making it difficult to expand or modify their network as they would like to. A lock-in could also result in users missing out on good deals for carrying their data from rival phone companies and ISPs.

Bear in mind some ISPs have far more fibre in reserve to "light up" in response to increasing demand, compared with phone companies. Similarly, phone companies' network capacity for accommodating IPVPNs can vary substantially.

With so many different solutions available, it is easy for anyone shopping for an IPVPN to be dazzled by the choice. For IT users, the key point is to consider not only the quality of service on offer, but also the control the provider will have over users' future expansion plans.

Planning for 3G
When it finally takes off, 3G promises to simplify the way remote staff access corporate networks. With mobile operators across Europe cancelling or delaying 3G network installations because of financial and technical problems, it would be surprising if many potential users were making any real effort now to plan for the technology.

However, there is a timetable, developed by the International Telecommunications Union (ITU), they can work to. It shows that firms will have to wait until mid- to late-2003 to get anything approaching a commercial service, and a full 3G service will not be available before 2005.

So on the face of it businesses can relax for at least a year before they have to consider how best to approach 3G. But life in IT is never that simple. One issue that could stymie any long-term business plan is the extent to which the UK is wired up with 3G infrastructure. Mobile operators are committed to delivering a 3G service to only 80% of the country by 2007 so expect a mobile digital divide between different parts of the country when 3G does arrive.

While 3G may well be the future of networking, businesses would be wise to stick with what they know. Your trusted VPN, albeit as an IPVPN, may well be serving your remote users' needs for many years to come.

What's your view?
Are IPVPNs the best way to connect your remote users? Let us know with an e-mail >> reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication

Antony Savvas
is an independent observer and commentator on the telecoms and IT industries.

Read more on Voice networking and VoIP