Introduction and Problem Description
Ullman, Manly & Ulysses Corporation (UMUC) is an international service provider serving over 75000 customers worldwide. The corporation employs approximately 250 individuals, has over 1000 catalog parts and offices in the United States and in Europe. UMUH’s operations are heavily dependent on its telecommunication network, which is externally managed. The corporation has however experienced exponential growth over the past years, which has put strain on the existing network. As a result, the network crashes often resulting in interruptions that increase UMUC’s avoidable expenses. When the network crashes, the corporation’s employees are denied access to the Internet.
The company takes pride in offering real time online support to its customers through chats, emails and voice over Internet Protocol. However, the frequent network crashes make providing such exceptional customer service a challenge. Additionally, the corporation’s offices in different locations use an email to communicate, which is also adversely affected by the frequent network crashes. Delays in these business operations have increased the amount of avoidable expenses incurred by the corporation. Although this is a major concern for UMUC, the company charged with the corporation’s network management has been non responsive to the issue.
UMUC’s contract with the network management company is about to expire and the corporation has decided to look for a more dependable and secure network solution. The Chief Information Officer (CIO) has recommended that UMUC should design and implement its own network using virtual private network (VPN) technologies. This white paper discusses how implementing the virtual private network would serve the company’s needs.
Virtual Private Network
Virtual private network is a term used to depict a telecommunication network that uses several combinations of technologies. This type of network connection is ideal for organizations with a series of offices in different locations such as UMUC since these technologies secure connections that are tunneled through an unsecure network. In line with this, virtual private network will allow the corporation’s employees connect with other employees and customers securely via Internet Protocol Security.
VPN uses a connection made virtually between users in different geographical locations over a shared network in place of dedicated connections (Lakshman & Lobo, 2005). Although VPNs use public networks, they transmit data as if it was being transmitted through a private connection. The data is transmitted in data packets, which re usually wrapped in new packets with a new header. The header provides routing details thus allowing the packet to traverse the public network. The paths through which the wrapped packets are transmitted through are known as tunnels. Once the packet reaches the tunnel’s endpoint, it is unwrapped and forwarded to its destination, the user (Ravi, Raghunathan, Kocher & Hattangady, 2004). While using this mode of communication, both ends of the tunnel must support a similar tunneling protocol.
Business needs and solutions
The new network should be easy to repair, reliable, have capacity to support the corporation’s future network needs, secure, responsive to the corporation’s changing needs, fast, easy to manage and economically efficient. A virtual private network will be able to serve all these needs. However, the corporation should design the network with the extent of future expansions in mind and discuss the same with the potential Internet service provider to avoid any disruptions in future (Lakshman & Lobo, 2005).
Impact or risks of the Implementing virtual private network
Technology has improved the way virtual private networks are installed. Currently, forming a secure connection requires less equipment than what was previously required. Using frame relay corporate networks is less expensive than other networks such as leased lines (Kosiur, 1998). This will not only ensure that the corporation has a secure and reliable network but it will also reduce installation expenses. Such a network will foster effective business communications between employees and between the corporation and its stakeholders including customers. Better communications boost trust, which results to improved relationships. The company will also be able to build and maintain a good reputation, which is likely to result in improved business and more revenue. In addition, a reliable network connection will facilitate sharing of crucial business information on timely basis (Lakshman & Lobo, 2005). This will help UMUC prevent incurring avoidable costs, which will in turn help facilitate profit maximization.
While PVN is cheaper than other networks, it might not be as cheap as the current network. The corporation will be required to pay monthly rental fees to the Internet Service Provider and also maintain its network (Kosiur, 1998). This might increase the corporation’s monthly expenses. Installing the PVN can be time consuming and might cause disruptions which can be inconveniencing for the corporation. Lastly, UMUC will be required to cover the PVN’s installation costs. All these could result in additional expenses.
Challenges and security risks of virtual private network networks
Although VPNs are considered relatively secure, they do have some areas of weaknesses that intruders can exploit. Since VPNs use already existing networks, they inherit those networks’ vulnerabilities. The key areas of PVN’s security concern include hacking attacks, user authentication, client’s side risks, virus infections, and incorrect network access rights (Ravi, Raghunathan, Kocher & Hattangady, 2004).
Mitigation strategies for the challenges and risks identified
The corporation can improve the virtual private network’s security in order to minimize its vulnerabilities. Among the measures that can be used include use of firewalls, installing an intrusion detection system to help monitor attacks, Installing an Anti-virus software on remote network servers to reduce chances of virus infection and spread, and disallowing unsecured systems that have no authentication from making virtual private network connections to the network (Ravi, Raghunathan, Kocher & Hattangady, 2004). Lastly, the network should have logging functions in order to record network connections and the logs inspected regularly for easy detection of unauthorized access. The log should be reviewed regularly (Ravi, Raghunathan, Kocher & Hattangady, 2004).