Low-cost VPN offers new way of exchanging data

Netscan iPublishing Inc., a legislative and regulatory information publisher on the Web, shuffles 10GB of data per year among its offices in Falls Church, Va., Exton, Pa., and Jacksonville, Fla. The company used to do it the old-fashioned way: via e-mail attachments and file transfer protocol across the Internet via T-1, cable modem and Digital Subscriber Line connections.

Since last summer, when Falls Church-based Netscan signed up for OpenReach Inc.’s TrueSpan service, its employees have been using a new method of exchanging data: sharing files over the company’s virtual private network (VPN). For US$99 per office per month, Woburn, Mass.-based OpenReach connects Netscan’s three business offices over their existing Internet connections.

“It was easy to install and runs reliably,” says Harvey Golomb, Netscan’s president. “The security seems to be excellent. And it’s very cost-effective.”

Ease of use and a low price were OpenReach CEO and co-founder Mark Tuomenoksa’s goals. Hardware-based VPNs are pricey and difficult to manage, he says, especially for businesses that lack a highly trained technical staff. But by offering TrueSpan as a service, Tuomenoksa says, it can work with low-cost, low-maintenance devices such as PCs. Setting up the VPN requires dedicating a spare PC on the LAN as the gateway and installing a setup disk supplied by OpenReach, he says.

Tuomenoksa identifies the company’s network operations centre as the key technology foundation for TrueSpan. The network operations centre not only drives the service, he says, but it also allows OpenReach to offer features that a dedicated VPN couldn’t. For example, the centre monitors the state of each client’s network connection.

Another benefit of the centre, Tuomenoksa points out, is that it enables the TrueSpan service to work seamlessly with a company’s existing Internet service provider connections.

For example, many businesses use a connection with a variable IP address. OpenReach’s network operations centre identifies clients by name, Tuomenoksa says, not by IP address. That lets the centre resolve the name to the assigned IP address, as well as reconcile among LAN environments in the various offices linked by the VPN.

At Nebo Systems Inc., an Oakbrook Terrace, Ill.-based health care claims processing and management service, the problem isn’t with connecting branch offices; it’s with creating a viable, cost-effective extranet. Since August, Nebo Systems has been using TrueSpan to link its central claims office and three client hospitals. TrueSpan was chosen for locations where an alternative – a leased or frame relay line – would be wildly expensive, says Nebo’s director of network administration, Andrew Yashchuk.

According to Yashchuk, Nebo Systems considered other VPN products based on firewall features but rejected them because their complexity put a burden on internal hospital IT people to build and manage the link.

The company couldn’t ask its clients to shoulder too high a cost – in terms of time or equipment – of a dedicated connection to a single supplier, Yashchuk says. He even installed the TrueSpan software on a PC himself, then shipped the configured machine to one hospital, which had only to plug it into the LAN.

Furthermore, he says, Nebo Systems can get a TrueSpan connection running and start serving a client in a matter of days, rather than wait several weeks for a leased line.

Sam Alunni, president of Sterling Research Inc. in Sterling, Mass., says one of OpenReach’s strengths is its personnel.

Tuomenoksa worked at the former AT&T Bell Labs, and key personnel at OpenReach have a deep understanding of communications networks, says Alunni. “They come out of a culture of thinking in terms of large back-end [network operations centre] engineering investments that make things simple for the user,” he says.

Tuomenoksa says that OpenReach’s next steps are to add remote access for laptops and to offer a wider range of security choices. Once a solid communications framework is in place, he says, OpenReach also plans to offer ancillary services such as application hosting.