Business Drivers for VPNs


As the amount of data that traverses untrusted, shared infrastructures continues to increase, so does the need for secure transmission of that data. Now that you've seen some introductory concepts related to site-to-site VPNs, here are some examples of real-world business applications for site-to-site VPN deployments.

Global financial services organizations transfer billions of dollars worth of information across data links every day. Consider the common scenario of an institutional investor making a substantial equity trade based on real-time market data. The receiver of that instruction must be assured that the originator of the trade is authentic, or else millions of dollars could be lost by executing the transaction. Multiply the number of these types of transactions by thousands, and the economics of a VPN investment become apparentthe losses resulting from a single attack on such an institution could justify the investment required for the entire VPN deployment.

Large international retailers process thousands of orders daily from huge numbers of customers. In order to expand their customer reach, retailers are relying on online ordering systems, dependant on the Internet as a critical distribution channel. In each transaction, sensitive customer data is sent over untrusted mediathe service provider core. Retailers have responded by investing in transport-layer security mechanisms such as SSL to provide authentic, confidential exchange of data with ensured integrity. Providing VPN capabilities for additional security over connectivity to the retailer guarantees the private exchange of customer data, which is critical to consumer adoption of online ordering systems.

Regional hospitals and large insurance companies have been mandated by law to ensure the privacy of patient's medical information under the Health Insurance Portability and Privacy Act (HIPPA) of 1996. Consider the frequent communication of hospitals around the world to global health-insurance providers, and the need for large-scale deployment of site-to-site technologies becomes apparent. Health care providers represent just one element of critical infrastructure in which the demand for VPN technologies is growing. IPsec VPN solutions offer a robust and scalable solution to secure connectivity between hospitals and from hospital to insurance provider.

Remote Access VPN Business DriversA Practical Example

RAVPN business drivers are largely centered on enhancing workforce productivity and workforce flexibility. Organizations are now becoming more global in reach, and the need for a flexible, productive workforce is as critical as ever.

Workforce flexibility drives workforce productivity. The following RAVPN scenario describes how RAVPN investments translate in to direct hourly labor cost savings, ultimately impacting the bottom line. The economics for workforce flexibility can be illustrated with a simple scenario. Consider an organization that employs 10,000 employees at an average salary of $64,000/year. Each employee works approximately 2065 hours/year (40 hours/week), which includes paid time off of approximately two weeks (yielding labor costs of $640,000,000/year). The organization's chief security officer has authorized a pilot deployment for 10 workers to use an RAVPN solution. After inspecting the accounting records on the RAVPN concentrator, it was observed that the workers participating in the pilot program were logged on to the network approximately 12.5 percent longer than those who were not participating in the program. This translates in to a new average realized labor output of 45 hours/week with the new RAVPN solution in place. An RAVPN solution enabling the workforce to work an extra 5 hours/week would increase the total labor hours that the organization gets per year to 2346 hours/year. The final result is that the organization's direct hourly labor cost decreases from $30.99/hr to $27.28/hr (12.9 percent) with the new RAVPN implementation.

Site-to-Site VPN Business DriversA Practical Example

In the previous example, we discussed how a standard RAVPN deployment can decrease direct labor costs by enabling greater efficiencies in a mobile workforce. While IPsec RAVPNs provide costs savings in one form, site-to-site IPsec VPNs can yield cost savings in a different form, by decreasing the overall operation expenditures associated with the enterprise's maintenance of its dedicated WAN circuits.

Consider the case of an enterprise network in which the WAN architecture consists of a hub-and-spoke model with 160 branch sites connecting to the enterprise's headquarters over dedicated T-1 circuits. The enterprise's IT staff is interested in migrating their dedicated T-1 circuits to ISP broadband connections, but they cannot do so unless their data is guaranteed to be confidentially transmitted between the branch offices and headquarters. The enterprise addresses this need for confidentiality by establishing IPsec VPN gateways at each remote branch location and by building a site-to-site IPsec VPN tunnel between each branch IPsec VPN gateway and a VPN gateway located at the corporate headquarters.

The variable costs associated with the enterprise's current dedicated circuit deployments are approximately $480/month for a single site. Business-class single-site broadband service offered to the enterprise has been quoted at approximately $35/month, yielding a decrease in variable costs of approximately 92.7 percent. Although there are added fixed costs associated with migrating to an ISP-based site-to-site IPsec VPN solution, such as the initial fixed costs of buying the IPsec VPN headend router and associated branch site IPsec VPN gateways, the decrease in variable costs ($71,200/month or $854,400/year) greatly outweighs the initial expenditures associated with the architectural shift.




IPsec Virtual Private Network Fundamentals
IPSec Virtual Private Network Fundamentals
ISBN: 1587052075
EAN: 2147483647
Year: N/A
Pages: 113

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net