A Secure Niche in the Net
- Share via
Security has always been paramount to Rockwell Semiconductor Systems, which swaps new designs and other sensitive information between its headquarters in Newport Beach and an engineer in Iceland, a marketing team in the south of France and manufacturing facilities in South Korea.
The Internet couldn’t be trusted to keep such information secure, so for years Rockwell executives have paid millions of dollars annually for access to data lines that only they could use.
“Ours is a paranoid industry when it comes to security, but we need to be practical about costs,” said Ashwin Rangan, director of information technologies for Rockwell. “We had to cut costs.”
Slowly, the chip maker switched over to a “virtual private network,” or VPN, for all its internal communications. Put simply, a VPN is a data-transmission technique that creates a “private” path within a busy public network, such as the Internet. Because VPNs are cheaper to use than dedicated lines, such virtual channels are becoming a popular means for companies to connect with their workers, suppliers and customers without breaking their budgets or flirting with hackers.
“A private data line between our Orange County office and a developing country in Asia would cost us $150,000 a year in operating costs,” Rangan said. “A virtual line only costs us $20,000. You do the math.”
From aerospace to the telecommunications industry, companies are turning to virtual private networks to save money and stay flexible.
Advocates believe a VPN’s greatest appeal is its flexibility. An architectural firm can set up a connection between designers around the world for a short-term project, then dismantle it. A health-care organization can hook hospitals to an ever-changing collection of doctors’ offices, so everyone can access the same database of medical information. And laptop-toting salespeople can access the corporate network by dialing into a local number, regardless of where they plug in their modems.
Despite these benefits, experts warn that some serious issues, such as the reliability of the transmission once the data jump into the public fray, remain unresolved.
“A VPN as a concept sounds really appealing,” said Jim Bodio, a manager at Intel Corp. who tracks networking products. “It’s the idea of finally finding a way, amid all of the hype of electronic commerce, to actually use the Internet to do business and save money. But everyone has their own idea of how that way should work.”
VPNs use a combination of software and hardware to electronically separate each company’s data from other traffic on the network. That way, a number of businesses can share the same bandwidth without worrying that their information is going to get lost or that strangers are peeking at it.
Software from giants such as Microsoft Corp. as well as emerging companies such as VPNet Technologies Inc. in San Jose encrypts the data, ensures that the person receiving the information is who he claims to be and confirms that both parties are using the same pre-selected key to unlock the data file. Hardware components from Intel Corp., Cisco Systems Inc. and 3Com, among many others, provide links between the network systems.
The concept has been around since the mid-1980s, when telephone carriers such as Sprint Corp. and AT&T; Corp. began offering businesses with huge phone bills a way to cut their costs while retaining the luxury of private lines.
But for data transmission, the idea is relatively new; tens of thousands of companies still rely on expensive private networks.
One reason is the continuing popularity of an older technology known as electronic data interchange, or EDI, which is typically used over private lines. Long considered an e-commerce standard for automated transactions, EDI is notoriously pricey and complicated to set up, thereby cutting off smaller businesses that can’t afford the cost.
As the demand to send electronic data grows, so does the need for a faster, more open platform.
Take On Command Corp., a San Jose company that handles all the in-room video entertainment for such worldwide hotel chains as Hyatt, Hilton and Marriott. This year, On Command decided to dump the private data lines it leased from Sprint because they were too slow and expensive.
In their place, the company switched over to a virtual private network from Concentric Network Corp., which moves data nearly 24 times faster than the previous network at the same price.
The new links allow On Command’s field offices, numbering about a dozen, to log on to the corporate database and make changes right away. The outcome is a better-trained staff and improved customer service, executives said.
“Essentially, they’re managing our wide-area network for us,” said Jim Garcia, director of information technology for On Command. “We don’t have to do much of anything, which is great. It also means I don’t have to spend the money to staff up [information technology] personnel all over the country.”
The primary reason companies turn to VPNs is simple: to exchange text, graphics or other information--an order form, for instance--that normally would be exchanged on paper. Yet a growing number of companies, such as Rockwell, are starting to use this technology to transmit voice and video.
The technology world at large, always eager for new opportunities, has noticed the trend. Analysts at Infonetics Research Inc., a San Jose firm that tracks the networking industry, estimate that businesses will spend $545 million this year on VPN services. That’s expected to rocket to $4.2 billion in 2000.
Companies that specialize in private connections, fearful that their lucrative business will be made moot, are rushing to compete against the Internet service providers and equipment makers trying to cut into their core business. Many of the large telephone carriers are adapting to the trend, migrating into the VPN business or finding someone else who can.
GTE Corp. bought BBN Corp., SBC Communications Inc. grabbed part of Concentric, Cable & Wireless picked up part of MCI Communications Corp., and WorldCom Inc. acquired UUNet Technologies Inc.--allowing all of them to offer VPN services. Northern Telecom Ltd. of Canada, a giant in the traditional telephone equipment business, bought Bay Networks Inc. this summer and expanded its line of VPN products.
But other companies--notably smaller software firms that build applications for private networks--insist that VPNs will remain a fringe technology. They reason that big corporations will pay the extra money for guaranteed network performance rather than gamble on delays or busy signals associated with using an unpredictable public network.
Even if a company bypasses the Internet and relies on an Internet service provider’s public network, critics say, its private data are still being entrusted to an outsider.
But analysts insist that such concerns are misplaced.
“There is still tons of confusion about VPNs because everyone is trying to say that their existing products are actually a VPN,” said Jim Freeze, a senior telecom analyst with Forrester Research Inc. in Cambridge, Mass.
*
Times staff writer P.J. Huffstutter can be reached via e-mail at [email protected].
(BEGIN TEXT OF INFOBOX / INFOGRAPHIC)
Virtual Networks
To ensure the secure exchange of information lover the Internet, companies are turning to “virtual private networks” that use encryption to create secure pathways. The new networks are both cheaper and more flexible than wide-area-network or WAN connections, which involvededicated lines and long distance phone charges. VPNs allow text, graphics, voice and videofiles to be exchanged among as many as many groups of computers as needed, and let local usersconnect for the price of a local phone call, just as the Internet does.
TraditionaL WAN connection: Typical cost $150,000 a year
Virtual Private Network: Typical cost $20,000 a year
* Source: Intel
