Questions slow VPN plans
By Tim Greene
Network World, 5/4/98
Orlando, Fla. - Not ready for prime time.
That's the state of virtual private network (VPN) offerings, according to a dozen network administrators interviewed by Network World last week at Gartner Group, Inc.'s remote access conference here.
While the net administrators admit they haven't thoroughly checked out the hardware, software and services needed to make VPNs work, too many questions remain for them to trust VPNs with sensitive corporate information just yet.
The administrators certainly don't want to be the ones blamed if VPN shortcomings result in stolen data or users who are disgruntled by poor performance.
Their top concern: security.
''If it's not secure, I lose my job,'' said the network administrator for a major pharmaceutical
company.
He said he is worried about packet security over the Internet and the performance delay encryption can introduce. It will be a year before he is even ready to run a pilot VPN. ''It all sounds great in theory, but I will not be bleeding edge,'' he said.
The network administrator for a Washington state insurance claims firm was not worried so much about the security of the Internet. It would be difficult to capture encrypted packets that travel diverse paths across the Internet and piece them together, he said. ''The greater danger is people having a way to get in through your firewall,'' he said.
Safe or not, administrators have to deal with whether their bosses think the Internet is not secure, said Ann Melton, laptop deployment administrator at Raytheon TI Systems, Inc., in Dallas.
''The Internet scares the devil out of everybody. Is the tunnel really secure, and how do we prove that? There's a perception that what is there is not secure, and it will be a big selling job to get [doubters] to agree [VPNs are] a good thing,'' Melton said.
Manage this
While security was clearly a leading concern, administrators looking to implement VPNs were also worried about managing remote users. All interviewed agreed that once proven, VPNs will dramatically increase re-mote access use.
Even without a VPN, the number of remote users among city employees of Coral Springs, Fla., is booming. The increase makes managing the remote PCs and laptops more difficult, according to the city's network administrator, Wylie Stokes.
Stokes wants management tools that check whether remote clients have current software versions that are properly licensed.
A network administrator from Maine Medical Center, in Portland, said she, too, needs more efficient management of remote client software. Mary Lou Johnson spends increasing amounts of time talking users through problems that remote management software could eliminate.
Management hassles aside, network administrators have to crunch the numbers to determine whether VPNs really do save money. The theory goes that remote dial users make a free local call to an ISP, and ride the Internet back to corporate headquarters, thereby ducking toll calls.
That sounds so deceptively simple that it is difficult to convince higher-ups they need to make any capital investment in a VPN.
But the costs of setting up a remote PC or laptop, installing VPN security and administration are not trivial, Stokes said.
Gartner Group estimates annual remote access costs through 2001 will range between $4,841 and $13,741 per person, not including workstation costs.
Stokes said he is looking for a way to sell VPNs to city directors, who think the infrastructure is in place for anyone with Internet access to hook up with the city government network. They do not realize the costs involved, he said. ''The [city] directors ask, 'You just dial [the Internet] up and you get [a VPN], so why do you need such a big budget? '' Stokes said.
Melton said she believes it could cost a company less to set up a VPN than a direct dial
network. But she was not sure whether VPNs would be a cheaper option when expanding an existing remote access network.
Despite major questions, the potential for savings with VPNs is still alluring.
The advent of inexpensive broadband access to VPNs via digital subscriber line and cable modems, and IP service providers developing assured quality of service, sweeten the prospect of VPNs even more, Melton said. |
