The modern and networked economy increasingly relies on timeous business communication within an organisation and with its business partners. In an environment where e-commerce has become a major driver to derive new business and stay relevant, the question often arises what part virtual private networks (VPNs) can and should play. This article will address this issue in some depth.
Building a VPN over the Internet allows full-featured IP communication to flow between an office and remote users, and between central and remote offices and business partners. As the business communications flowing over these VPNs require far more than web-based access, the technology used to build them must make provision for transparent but secure access.
One of the major technologies used in the construction of VPNs over the Internet is the IP Security protocol suite, called IPSec for short. IPSec was developed by the Internet Engineering Task Force (IETF) and provides many security services, of which the most important is authentication (through the use of a PKI) and privacy (through the use of encryption of data). VPNs can be very effectively utilised in many e-Commerce applications.
VPNs and e-Commerce
There are a wide variety of applications for VPNs in e-commerce. The following examples illustrate the broad scope that exists to creatively implement VPNs:
Multi-tier applications that link customers and business to one another, either as B2C or B2B applications. A typical example is where a client is connected to a transaction server, which is in turn connected to a database server. The client`s browser may establish the link to the transaction server with SSL, but a VPN can link a number of transaction servers to a database server.
Inter-company connectivity is one of the major drivers behind the adoption of VPNs. Organisations want to have an electronic means of communicating a variety of business-related information with business partners, suppliers and clients. Because these relationships fluctuate in number and intensity, a considerable degree of flexibility and ease-of-use is required to make it truly valuable to the participants. IP-based VPNs deliver on these requirements.
Fat client applications that connect a number of workstations to a central server. The fat clients can be located anywhere in the world and establish a connection to the central server with an IP-based VPN. Typical examples are easily found in most large organisations, and include ERP implementations. Access to a hosted website. Where a service provider hosts a number of client websites, the client may want to connect to the web server to update and maintain the content on his website. A VPN between the host and the owner of the website is the ideal solution.
Server-to-server applications, for example business-to-business EDI communication, can now be done using the Internet as a backbone. An IP-based VPN will take care of all the security issues, and has proven to be very cost-effective, and is now also within the financial reach of smaller enterprises.
Middleware applications, such as messaging middleware, is often used within and between companies, especially in the financial industry. Instead of using expensive means to connect the various branches and business partners, these organisations can deploy an IP-based VPN to handle the connectivity and security issues.
Centralised firewalling. A number of networks that participate in a VPN over a private or service provider`s backbone may want to use one centralised firewall at the boundary between the VPN and the Internet. This method of connection can lead to substantial savings in cost of ownership since the firewalling is centralised. It also allows a higher level of security to be attained, since the firewalling solution can now cater for faster centralised changes in policy.
Multi-IP-protocol environments. There are many applications that use proprietary or application specific protocols. IPSec allows these to be transported over a VPN without requiring changes to the applications.
An inter-office VPN that connects a number of branch-offices enables an organisation to effectively share resources and information electronically. Branch offices, whether small one-man offices or large and extensive sites, can now communicate with one another over a public network in full privacy.
Many other opportunities exist where a VPN can be effectively utilised in an e-commerce environment.
One instance where VPNs do not prove ideal is with browser-based applications. In these cases, Transport Layer Security (TLS & SSL) is the ideal way to secure communication between browser and server.
How VPNs add value to ISP, ASP and NSP offerings
There are a variety of ways in which the various service providers can use VPNs to add value to their market offerings. Service providers can play a very active role in providing or facilitating some of the above solutions to their clients, or include a VPN as a system component in a more comprehensive market offering to separate traffic or to connect sites securely. Additional opportunities and benefits not yet mentioned include the following:
Use of the Internet as a backbone for connectivity instead of a dedicated private backbone or leased lines. Prior to advent of IPSec, this was too risky for most companies to consider. With VPNs, the Internet becomes a cost-effective and viable option. Even organisations that already use a private backbone will find it more cost-effective to bring in smaller branches and partners over the Internet with an IPSec-based VPN.
Provide a wider range of services. By utilising VPN technology, service providers can go beyond the provision of e-mail and web access to Provide secure connectivity into an ISP and to other VPN participants
Sell VPN products and complementary value-added services Attract new customers who are sensitive to security issues Add strong security to existing links and offerings. Service providers can now provide their customers with privacy and integrity of their data communication, and with strong authentication technology.
No rewriting of applications to Internet-enable them. Service providers who offer the use of software to customers often spend precious time and other resources to enable the product for Internet-based access. By implementing VPN technology, network-enabled software can be used without rewriting the user interface for a web browser. This will reduce complexity and time to market.
Conclusion
VPNs can add substantially to a service provider`s market offerings, allowing them to deliver innovative and valuable solutions to their clients. Progressive ISPs, ASPs and NSPs will do well by integrating VPNs with their e-Commerce products and services.
Share