Johna Til Johnson: The when, where and why of IP VPNs

Every few years the concept of IP VPNs gets a lot of press. The idea is simple: a company can use one infrastructure (an IP network) to connect branch offices, headquarters, remote users and third parties such as suppliers and customers. Yet most large organizations continue to use a patchwork of frame relay, ATM and remote-access services to handle these needs.

If IP VPNs are such a great idea, why haven’t more companies taken advantage of them?

Two reasons: the state of the technology and the maturity of most enterprise organizations. I’ll be exploring the basic concepts of IP VPNs, discuss where and when they’re effective, and cover the anticipated evolution of the services.

There are three basic flavors of IP VPNs, each with an associated set of business requirements and technology enablers.

Remote-access VPNs: these let individual users such as road warriors and telecommuters connect to a corporate network. In most large corporations, remote-access VPNs are based on a combination of two things: carrier services such as AT&T Corp.’s Global Network, which provide the dial-up connectivity, and security software such as Nortel Networks Corp.’s Extranet Access, which provides encryption.

An important nuance is that the two don’t require each other, but using them in tandem expands their effectiveness. Security software enables fixed-site remote access across the Internet (for example, cable modems and DSL), and dial-up services ensure consistent access for traveling users.

Branch-office VPNs: this type connects branch offices to headquarters. Frame services and ATM typically serve the market, primarily for reasons of cost and service quality. Private IP networks can come close to the quality of a frame or ATM network, but using Internet services can make service quality dicey.

Extranet VPNs: these let companies connect with partners (suppliers, customers, joint ventures). They require a mix of IP services and layered security software.

Why does this matter? Well, especially in this economy, companies have the funny habit of deploying technology only if it helps them cut costs, improve performance or generate new revenue. Each VPN flavour serves a different purpose.

So if you’re making the business case for IP VPNs to your CIO, consider this that remote-access VPNs save money (compared with direct-dial solutions). If you’re still using direct-dial, you’re behind the curve; roll out an IP VPN today. Branch-office VPNs lower costs slightly – on the order of 10 per cent – but more importantly, may improve the performance of some key applications. Many leading-edge companies are beginning to explore branch-office IP VPNs, and yours may need to as well. Extranet VPNs accelerate revenue generation by improving communication with suppliers and business partners. Most companies are still fleshing out the business processes that will make this happen – stay tuned.

Johnson is senior vice-president and CTO at Greenwich Technology Partners Inc., a network consulting and engineering firm. She can be reached at