Remote access 1999
Prognosticators point to the remote access technologies that will best
meet your needs.
By Arielle Emmett
Network World, 4/6/98
In 1999, American road warriors will connect to enterprise networks using
wireless links that provide bandwidth-on-demand more economically than
wireline connections. Counterparts in small offices will fire up asymmetric
digital subscriber line (ADSL) connections, linking them to the corporate LAN at
T-1 speed upstream and 6M bit/sec downstream. National carriers and local
Internet service providers will offer virtual private networks (VPN) - enhanced
Internet-based data backbones tying together corporate workgroups on far-flung
LANs. Between larger branch offices, public frame relay will continue to rule.
Welcome to the dizzying world of corporate remote access.
Your access options are already varied, but they're going to get even more so in
the coming year. The choices include 56K bit/sec modems, wireless IP telephony,
ADSL, cable modems and secure VPNs, to name a few. Add to that stalwarts
such as frame relay and you've got a veritable remote access cacophony.
To find out which options have the best chance of meeting your myriad
long-term requirements, we polled analysts, users, service providers and
vendors. Though no scenario is cut and dry, their responses point to certain clear
trends.
The Internet will play a much greater role in providing a wide-area alternative
for corporations seeking to outsource all or part of their remote access network.
Tunneling protocols, security and quality of service (QoS)-like guarantees will
dominate the "premium'' Internet - a highway supporting different classes of
service. In addition, corporate managers will see lower cost access routers,
streamlined IP addressing and the transformation of core service provider
networks from analog to digital.
It all amounts to a push toward less expensive Internet-enabled access technology,
with many ways to tap in, including wireless, cable modems and xDSL.
For high capacity - frame relay
At the high end of the remote access requirement ladder is the need to tie larger
branch offices into the corporate net. Here it appears frame relay will reign
supreme.
Telco Systems, Inc., a Norwood, Mass.-based maker of integrated access devices
for public carriers, uses a hybrid of public and private frame relay and dial-in
access for its remote corporate users, according to Anand Prikah, vice president
of marketing and business development. "If you have 10 people in a branch
office, you'd want to have frame relay access for data as opposed to a leased line
or modem connection because of two factors: cost and performance,'' Prikah
says.
Using multiple modem lines will yield unpredictable and often poor response times, along with high
distance-based costs, Prikah says. But users can employ frame relay to fashion what, in effect, are VPNs.
For example, Telco Systems uses a carrier's fractional T-1 service to get six DS-0s of bandwidth, but
attaches its own frame relay access devices (FRAD). "It's a true hybrid of public and private frame
relay,'' Prikah says. "It's cheaper for us to do it this way than to go for a full T-1 on a public frame
relay service.''
By 1999, corporations looking for multiple levels of priority and QoS may migrate to some level of
ATM and frame relay interworking, says Inbar Lasser-Raab, a director of product management for
RAD Data Communications, Inc. interexchange carriers, for example, are looking at ATM/ frame relay
interworking to satisfy complex access requirements for institutions with many branch offices, such as
banks and retail companies.
The VPN boom
In the meantime, branch office connectivity to the Internet is becoming hotter, as vendors make it easier
to accomplish, Lasser-Raab says. For example, small to mid-size branch offices can access a wide-area IP
backbone using a fractional T-1 access router that has an integral DSU/CSU and a firewall, such as the
Rad Web Ranger II-T-1. As a result, remote access customers can take advantage of ISP-based network
services - including enhanced e-mail, Web access and enterprise LAN connectivity.
"Enterprises now use the Internet as a WAN, a vehicle to provide remote access to teleworkers,
after-hours workers, remote offices and traveling employees,'' says Eric Bocish, director of core
network services at US WEST's !nterprise group. "The big question still is, 'How do I keep my traffic
safe?' ''
The big answer is VPNs, a portion of the 'Net that users carve out and call their own. Indeed, this is one
of the options generating the most excitement in remote access circles.
Many ISP- and carrier-based VPNs are in the early stages of development, so their availability can't be
considered a certainty. Nonetheless, they do seem to be the best bet for achieving different classes of IP
backbone services.
"VPNs provide connectivity within a closed user group, offering directories, security, authentication,
even content,'' says Liza Henderson, a broadband consultant with TeleChoice, Inc., of Verona, N.J. With
continued improvement in security protocols, some companies, generally smaller ones, are ready to
outsource remote access nets entirely to public VPN service providers.
However, Bocish notes that "a large enterprise customer with an IT staff will want to maintain a level of
control using our network transport products to construct their own VPNs.''
You can access a VPN in any number of ways, including dial-up analog, ISDN, DSL, a FRAD, an IP
router or cable modem. "In the case of a packet-switched service like frame relay, for example, those
packets are isolated from other traffic, yet placed on the public switched infrastructure,'' Bocish says.
The main incentives for using an ISP backbone are the cost, ubiquity and availability of Internet ports,
says John Coons, director and principal analyst for Internet Infrastructure at Dataquest, a Gartner
Group, Inc. company. "But the secret of VPN access is to address the issues the enterprise would have in
moving to the Internet,'' he says. Those issues come down to security and QoS guarantees.
To tackle the security issue, VPN providers such as AT&T WorldNet offer secure encryption and
firewalls. They also may throw in private vanity addresses that include a company's name and other
unique identifying information.
But Coons says it will take service-level agreements between users and their carriers or ISPs to address
QoS issues. These issues include availability, reliability and performance in terms of throughput, delay
and packet loss.
Carriers are addressing these matters. Concen-tric Network Corp., an ISP in Cupertino, Calif., is now
offering money-back guarantees that latency across its network won't exceed 125 msec, a real draw for
enterprises concerned with fast access and network performance.
"Concentric runs on an ATM backbone and built its network originally to address Internet multiuser
gaming, where latency is an issue,'' Coons says. "I don't know of any other carrier in the business ready
to rat on itself by reimbursing customers for lost performance.''
ISPs also are looking to offer different tiers of VPN service, says Hilary Mine, senior vice president of
Probe Research, Inc. Using technology such as the Resource Reservation Protocol, designed to reserve
bandwidth on a net, and additional tunneling protocols for security (see story, page 43), carriers can
offer QoS-type services and carve out secure channels to boost performance, she says.
"We see ISPs charging higher fees per port when they offer premium service or guarantee lower
numbers of users per port,'' Mine says. For example, UUNET Technologies, Inc. sells premium dial
access. "You can also see this for AT&T WorldNet and others - the ones that are catering to business
users to differentiate themselves,'' she added.
DSL for power telecommuters
The options for reaching the corporate server via IP nets vary widely. Aside from standard analog
access, ISDN and frame relay, some analysts are betting that various flavors of DSL will become viable
options. xDSL will be an especially good fit for power telecommuters, including engineers, financial
analysts and anyone with large files and a need to tap into corporate LAN servers at multimegabit data
rates.
"I can see ADSL running over copper wires to interconnect branch offices,'' says Steven Taylor, the
principal of Distributed Networking Assoc-iates, a network consultancy in Greensboro, N.C. "Another
option is to use ADSL as the access piece to connect to a local ISP; you'd have a fast link to the ISP from
the corporate side and would be limited only by the capabilities of the ISP network.''
Beth Gage, senior broadband consultant with TeleChoice, expects ADSL to roll out and be more widely
used this year, and to really start becoming a viable option in 1999.
Before that happens, xDSL pricing will have to come down a bit. The services are now pricing out at
$100 to $300 per month at moderate data rates, says Dataquest's Coons. That pricing isn't low enough to
meet some users' requirements immediately, but pricing is expected to become more competitive.
Mike Lutz, a senior network and systems administrator with Intermec Technologies Corp.'s Norand
Mobile Data Systems Division, a maker of wireless data communications equipment and software in
Cedar Rapids, Iowa, says he has about 30 power users - people who could benefit from ADSL - sending
10M- to 20M-byte files back and forth from home to corporate servers. "In our area, ISDN costs over
$80 per month - it's insane,'' Lutz says. "So if DSL came along and we could do it for $40 per month
per user, we'd probably have engineers, finance and IS people using that for remote access from the
home and leaving it up 24 hours a day.''
Dean Heltemes, remote access service manager for Cargill Inc., a $60 billion commodities firm in
Minneapolis, predicts xDSL will supplant ISDN for tele-commuters when bandwidth requirements
outstrip the existing ISDN 128K bit/sec data rate.
"Although ISDN is really doing it for us today, it won't be by 1999,'' Heltemes says. "I've read xDSL
should be priced less expensively than ISDN and it's faster, so if xDSL is widely available, we'll go for
it.''
Lone warriors
For the more mobile laptop-toting road warriors, analog 56K bit/sec modem access is pretty much the
rule today. However, one new twist has come along, with some modem vendors offering analog channel
bonding, which enables you to tie two phone lines to get twice the bandwidth. The downside to the idea is
you need two modems and two phone lines and you have to make two phone calls to an ISP. It also puts
additional burdens on ISPs, which need more phone lines, modems and larger remote access
concentrators to accommodate the increased user traffic.
Other interesting new options may be available for telecommuters by 1999. A new flavor of IS-95, the
U.S. Code Division Multiple Access (CDMA) wireless standard, offers 384K bit/sec of bandwidth for
data, paving the way for faster "third-generation'' wireless connections between mobile workers and
corporate nets.
Such a link has already been proven experimentally in Japan. NTT DoCoMo, the largest wireless carrier
in Japan, is now scheduling deployment of a wideband CDMA multimedia network throughout the
country.
Ira Brodsky, president of Datacomm Research Co., a Chesterfield, Mo., wireless consulting firm,
believes the next generation of IS-95-based services, expected within the next two years, will make
wireless access competitive with wireline in the U.S. as well.
"If you take 384K bit/sec data rates and an IP telephony solution in your laptop, you could download
e-mail or share a document, or talk to another corporate worker who is mobile like yourself,'' Brodsky
says. The principal benefit, aside from cost, is coverage and ubiquity. "What you're really comparing
this to is a somewhat petrified wire-line infrastructure that's been promising high speed for years,''
Brodsky adds. "A 3-G wireless system will provide ubiquitous high-speed access; clearly you want to use
that on the road, maybe at home, or in the office.''
Lone telecommuters and small branch offices also may be able to use cable modem technology, which
zips data across the Internet at multimegabit speeds. Some cable modems can now reach speeds of 5M to
10M bit/sec, although most cable providers do not deploy at that level. The success of cable modem
technology for the telecommuting population will depend on how aggressively cable companies move
their outside plant to commercial zones - right now cable is almost exclusively residential.
TeleChoice's Gage says cable companies are already putting the moves on the commercial sector, citing
US WEST's MediaOne Connect in the Los Angeles area as a prime example. "It's not a consumer-only
product anymore,'' she says. If op-erators make use of available cable plant and are aggressive on
pricing, "it could work,'' Gage says.
Dataquest's Coons thinks the price is right. "Some advertise around $45 per month for everything,
including equipment lease, the ISP and Ethernet interface that plugs into your PC,'' he says.
Whichever access methods companies choose now, most analysts are betting that premium data highways
built over the Internet will become increasingly important.
"The No. 1 change that's happening is an explosion of QoS and bandwidth requirements for services,''
says Tim McShane, director of marketing, remote access, at Cisco Systems, Inc. "People are getting on
the 'Net and staying on, continuously using the lines that are open. That means big requirements for QoS
and latency control, and a rich set of protocols to prioritize sessions on the 'Net.''
Corporations will benefit from outsourcing portions of their nets and choosing access devices that can
handle more sophisticated connectivity. In turn, McShane says, "ISPs are getting ready for where these
services are going; they're making sure the infrastructure will scale appropriately.'' |
