Indonesian Political, Business & Finance News

Build a private network on infrastructure

| Source: JP

Build a private network on infrastructure

By Zatni Arbi

JAKARTA (JP): In the not-so-distant past, if you were an IT
manager of a growing company, connecting branch offices and
plants in different cities and towns in Indonesia would mean
building your own Wide Area Network (WAN), based, perhaps, on
Very Small Aperture Terminal satellite links. This would be
particularly the case if dial-up connection was no longer
adequate to support increasing business demands.

Of course, if you just want to have the convenience but not
the headaches inherent to managing networks, you can use the
services offered by companies like Aplikanusa Lintasarta, which
offer data communications services on their extensive Frame
Relay, VSAT and other types of networks.

However, with the sprawling availability of the Internet,
businesses now have an alternative. They can use the public
infrastructure, and new technology has made it possible for them
to have safe and secure links to their branches at a fraction of
the cost. Today we'll have a brief look at the technology and
some of the products that are available on the market.

VPN

When you build a network using public infrastructure, it is
called a Virtual Private Network, or VPN. The clearest benefit
is, of course, the slashed cost. Instead of having to dial
directly to the headquarters in Kuningan, Jakarta, for example, a
branch office on Jl. Slamet Riyadi, Surakarta, can remotely
access the company database by connecting to the Point of
Presence (POP) of a local ISP.

The phone charge would be local instead of long-distance. The
same would hold true for mobile workers who may not be in the
branch offices at the time they need to access their company's
data. Naturally, the key concerns that will immediately come to
mind are safety and security of the data that is being pumped
along the line.

While tapping digital data that travels along the public
network may not be as easy as tapping phone conversations between
political figures in Indonesia, it is still legitimate to worry
about data being leaked to competitors.

VPN helps by ensuring that data will be able to go back and
forth through a "tunnel" that is established between the
salesman's notebook to the corporate VPN gateway in the
headquarters. Because it uses heavy-duty encryption, the tunnel
is relatively secure and well protected.

Two types of VPNs are available. Based on a special agreement,
the ISP may create a secured tunnel from its POP to the company's
LAN. However, in such an arrangement, which is known as ISP-
dependent, there is no protection to the data traffic between the
client PC and the POP of the ISP. Another disadvantage is that
there is still a very limited number of ISPs that offer VPN
service.

The situation is made more complicated by the fact that data
may traverse a number of different Internet Protocol (IP)
networks, and not all of them offer the service. On the other
hand, the advantage is that a large number of users can take
advantage of the VPN.

In an ISP-independent VPN setup, users have to run a VPN
client application on their PC. Once they are connected to the
ISP, this VPN client application will establish the tunnel to the
VPN gateway of the LAN at the central site.

To the ISPs, the encapsulated data traveling through the
tunnel are just common digital data. They don't know that a
tunnel has been created. The benefit is end-to-end security. The
downside is that each of the users should have a copy of the VPN
client application.

Currently there are at least three different standards for
tunnel protocols being developed by leading networking players
such as Cisco Systems and Nortel. These are Layer 2 Forwarding
(L2F), Point to Point Tunnel Protocol (PPTP) and Layer 2
Tunneling Protocol (L2TP). The last one was actually a hybrid of
the earlier two.

Enter Intel

The name Intel Corporation should be as familiar to us as the
name of the President's close confidante that has been making
interesting public statements on TV lately.

Intel has been bringing us faster and faster microprocessors
that power our PCs (the latest demo was a 700 MHz Pentium III
processor). However, Intel has also been increasingly active in
the networking market as well.

The Gospel according to Intel is that we are going to have a
billion connected PCs throughout the world in just a couple of
years' time, and to make it a reality the company has been
working hard to push networking technologies forward.

As part of its strategy, Intel has been acquiring companies
with promising networking technologies. One of them is Shiva, a
company whose products allow companies and large organizations to
provide secured remote access.

At an Intel press gathering recently, Ivan Lim, Intel Shiva's
systems engineer, showed off his company's VPN solutions that
allowed businesses not only to establish an intranet (a network
internal to a company but based on Internet technology) but also
an extranet to link them with their suppliers and customers based
on the same technologies.

A series of products were also demonstrated at the briefing.
"With Shiva VPN Client Application running transparently on a
remote worker's or a business partner's computer, he can use the
Internet to access the corporate network without incurring long-
distance phone charges," explained Werner Sutanto, Intel Country
Manager for Indonesia. On the other end of the tunnel, Shiva
offers LanRover VPN Gateway.

However, a VPN is only as good as the public infrastructure
that it uses. At the time when latency so typical of Internet
connections has become intolerable, a direct remote access is a
better solution. A salesman at his client site may require
instant access, and only a direct connection to his company's LAN
will help him. To support such needs, Shiva also offers products
such as its LanRover Remote Access server and Access Manager. The
latter will provide centralized authentication, authorization and
accounting of remote users.

Acquisition of Shiva has not been Intel's only bold move in
the networking industry so far. In another initiative just
announced last week, Intel introduced a family of new network
processors that can be used to build faster and more intelligent
networks. It has even set aside US$200 million "communications
funds" to be invested in companies that help develop what it
calls Intel Internet Exchange (IX) architecture-based systems and
software.

Now, could these initiatives mean that Intel has foreseen that
it may not be able to continue to rely heavily on its flagship
chip business in the future due to the fact that computer
microprocessors have now become far too powerful for the majority
of computer users?

View JSON | Print