From the editor

Virtual Private Networks (VPNs) can take many forms. They can be an outsourced service provided by a service provider and backed by Service Level Agreements (SLAs), allowing a firm to connect its branch offices back to its corporate headquarters over the Internet. Or they can be the same carrier-provided service, backed by SLAs, but used to allow business partners to communicate securely with one another over the Internet. Or they can be software sitting on a remote workstation, allowing enterprise employees to access their corporate network securely from home.

No matter what form a VPN takes though, its essential objective is to make the public private. Put more simply, a VPN allows enterprises and individuals to take advantage of the low cost and ubiquity of Internet access without losing the assurance of secure communications. A VPN creates a “tunnel” through the Internet, consisting of encrypted information that only people possessing the specific “key” for that particular VPN tunnel should be able to decrypt and understand.

The feature in our Signature Series looks at how IBM Canada Ltd. is deploying VPNs to enable its mobile and work at home employees to connect back into IBM’s corporate network. IBM has provided its employees remote access in the past over dedicated lines and IBM’s own network. But the VPNs offer IBM a number of benefits it wasn’t able to realize before. They’ve also come in handy now that IBM no longer operates its own network.

An opinion piece from Daniel Briere and Christine Heckart looks at whether IP VPNs will replace frame relay. Frame relay has been around forever, but it’s slower than an IP VPN and more expensive. However, IP VPNs are still relatively new technology and have some growing pains to overcome before being proved as reliable as frame relay.

A news piece from Jaikumar Vijayan looks at one of those growing pains —

a potential hole in an on-line service being offered by a unit of Standard & Poor’s. The hole, according to one analyst, could give subscriber’s to the Standard & Poor unit’s services access to other subscribers’ systems and networks.

An article from Brian Fonseca looks at Public Key Infrastructure implementations and the steps some firms are going to in order to make PKI simpler and more seamless for enterprises to use. For intrpid enterprises Fonseca looks at some of the do-it-yourself PKI options available on the market.

We hope you’ll enjoy our VPN Signature Series and that it helps resolve any questions you might have had about VPNs. If you have any feedback for us, please don’t hesitate to send it.