Despite the push virtual private networks (VPNs) are experiencing for remote access and extranets, they can often be held up, or even scuttled, by inter-company politics and the complexity of setting up and administering them, according to Flatrock Inc. founder Alex Hickenbottom.
“VPNs are nearly impossible outside the company,” he said.
Not only that, but VPNs – networks that let remote users connect to the corporate network over the Internet as if they were connecting locally – also pose security risks in that they allow people other than employees access to the network, he says.
And Hickenbottom is not the only one who thinks so.
“Traditional IPSec (IP Security) VPN technology doesn’t cut it for building extranets,” said Jim Slaby, senior industry analyst with the Giga Information Group Inc.
But it just so happens that Hickenbottom thinks he has a solution in the form of the Flatrock Instant Extranet, which Flatrock announced Jan. 22.
Instant Extranet is a combination hardware and software system that allows companies to share their data and existing applications securely over the Internet without creating a VPN or granting non-company personnel access to their network, said Roger Wood, senior product marketing manager at Flatrock. Rather, Instant Extranet “virtualizes” application servers, making them appear to be local servers even though the applications are being sent over the Internet, he said.
In order to share applications using Instant Extranet, the company that’s doing the sharing and the one accessing the data must each have a Flatrock Application Router, a device that marries the bundled telecommunication hardware with Flatrock’s software. The router used by the sharer, the provider in Flatrock’s terminology, is different than the one used by the company accessing the data, called the subscriber.
First, each company installs the router on its network. Next, the provider uses a Web-based management console – included in the product – to set up the extranet by including the IP (Internet Protocol) addresses of the servers hosting the applications to be shared, the name of those servers, the communications ports they use and the level of encryption to be assigned to each application, Wood said. The provider then generates a one-time use password and sends it to the company that will be using the applications.
On the subscriber’s end, they also install the Application Router, but use the subscriber version, whose only user interface is a small LCD (liquid crystal display) screen on the front of the box, according to Wood. The subscriber then enters the password generated by the provider into the LCD panel, along with the provider’s IP address, as well as a range of IP addresses on the subscriber’s network to be used by the shared applications. Eventually, the subscriber version of the router will be miniaturized enough so that it can fit on a PC card or a PCI board, Wood said.
Once that is done, the devices connect using Flatrock’s TruTunnel technology and exchange the specified applications, Wood said.
Though the applications are being sent in over the Internet, Wood added, they appear to the network to be locally-hosted.
“To the network, we appear to be an application. To the applications, we appear to be the network,” he said.
Because of this, setting up an Instant Extranet usually requires no changes to the corporate firewall, and usually only very minimal ones when changes are needed, Hickenbottom said.
Furthermore, the company claims security is not a concern with the Instant Extranet since the Application Router boxes don’t allow connections on communications ports other than those assigned to the specified applications, Wood said.
Though the product is targeted at medium- to large-sized enterprises, with a particular focus on the manufacturing sector, organizations of all kinds will find Instant Extranet useful, Wood said. Though the TruTunnel appears to be a single application to the network, inside the tunnel, each application is broken out and can be encrypted, compressed and monitored individually, according to Wood. The ability to control the applications this way, as well as to manage the bandwidth that each program gets, will make Instant Extranet a popular product for Application Service Providers and companies that have service-level agreements that they must meet, Hickenbottom added.
Giga’s Slaby expects that the product could be an immediate hit with sales and supply chain customers, and later grow beyond those markets.
“The technology looks like a very elegant solution,” he said. “I’ve been waiting for someone to come along with a product like this.”
Rajendra Mruthyumjayappa, director for operations for online services with Talisma Corp., was also looking for such a product and beta tested Instant Extranet. Talisma sells a customer relationship management application that it offers as both a standalone product and a hosted service, he said. Many of Talisma’s customers who used the hosted service wanted to use a more secure method of connecting to the service and were considering VPNs, he said.
Instead of using a VPN, however, Talisma used Instant Extranet, which pleased its customers, Mruthyumjayappa said.
“It’s a very intriguing technology,” he said. “It solves the problem,” is easy to install and is cost-effective, which is “what every client wants,” he said.
Though he would like to see future versions of the product sport more detailed reporting features, Mruthyumjayappa called Instant Extranet “a simple solution for a complex problem.”
Despite the optimism, Flatrock’s Hickenbottom knows that he has an uphill battle to fight against the momentum gaining behind VPNs.
“We have an education (process) ahead of us,” he said. But he expects that other companies doing what Flatrock does will spring up soon.
“We won’t be the last (company) who does this,” he said.
Along with the challenge from VPNs, Flatrock may also run into competition from Web services and Web-enabled applications, according to analysts.
“The biggest issue that they face is this push on Web services. There’s an awful lot of weight behind Web services,” with Microsoft Corp. as one of the heaviest backers of Web services, according to Van Baker, a vice-president with Gartner Inc.’s GartnerG2 unit.
With Web services poised to become a standard way of delivering applications over the Internet in the future, “they’ve got to convince people that (Instant Extranet) is a better investment,” he said.
Giga’s Slaby agrees.
Web services “diminishes the unique value of (Instant Extranet). But the question is, when does the world get completely Web-enabled? My guess is no time soon,” he said.
Even if Web services were to catch on in a big way, not all applications will be made Web-enabled, GartnerG2’s Baker said, since that often requires rewriting the application.
“The simplicity is the big advantage they have,” he said.
Flatrock’s Instant Extranet has been shipping since September and is available immediately worldwide. The provider version of the Application Router costs US$29,995, with the subscriber box selling for US$5,995. There is also an annual maintenance fee of about 20 per cent of the purchase price for software updates.
Flatrock, in Portland, Ore., can be reached http://www.flatrock.com.