Issue No.01 - January/February (2002 vol.4)
Published by the IEEE Computer Society
Virtual Private Networks
Solving the VPN Riddle
Virtual Private Networks: Technologies and Solutions, Ruixi Yuan and W. Timothy Strayer. Virtual private networks (VPNs) take advantage of the Internet's low-cost data communications capabilities by sending internal network traffic (the sort traditionally sent over private data links) through the Internet. The savings, however, come with the need to ensure that the potentially sensitive information is properly protected during its trip through open channels.
This book examines this engineering challenge, providing network architects with information about possible problems, the technologies that have been developed to solve those problems, and various products.
Topics covered include tunneling, the IPSec protocol, authentication, public-key infrastructure (PKI), gateways, and clients. Part one—VPN fundamentals—contains an introduction and basic concepts, and also introduces VPN architectures.
Part two—VPN technologies—consists of five chapters: Tunnels, IPSec, authentication, public-key infrastructure, and access control. Part three—VPN solutions—consists of four chapters: gateways, clients, network and service management, and VPN directions beyond connectivity.
Addison Wesley, Boston, Mass.; http://www.awl.com; ISBN 0-201-70209-6; 336 pp.; $44.95.
IPSec's Role in a VPN
IPSec: Securing VPNs, Carlton Davis. This book describes IPSec components, implementation, and VPN interoperability. The author aims to help readers implement IPSec across a VPN, showing how to implement these security protocols. The book also includes a case study detailing the configuration of a VPN client and security gateway with PKI components.
Readers can learn how to improve network security. The author believes that implementing IPSec across a VPN will ensure the highest level of network security available. This book explains IPSec protocols, and ways to implement them and VPN interoperability.
It also provides information on the technological components of IPSec, symmetric-key cryptographic algorithms, the relative strength and speed of cryptographic algorithms, and details about elliptic-curve cryptography, digital signature standards, hash functions, and message authentication code.
Mcgraw-Hill, New York; http://www.mcgraw-hill.com; ISBN 0-07-212757-0; 432 pp.; $49.99.
NetworkWorld Fusion Research: VPNs
More remote and mobile workers require secure global connectivity, often over IP networks, and some believe that this is contributing to the growth in encrypted and authenticated VPN technology. This technology allows organizations to create a virtual private WAN (wide-area network) via the Internet.
The primers and tutorials section contains links to articles and audio presentations on topics such as the pros and cons of VPN technology, and an overview of VPNs and various authentication technologies. Another article deals with costs and the issues involved in deciding what kind of VPN to use.
One article that deals with a security issue is "Standards Work Should Reinforce VPNs." This article covers the various standards people are proposing to secure VPNs, including Just Fast Keying (JFK), which would replace Internet Key Exchange (IKE), the standard for negotiating VPN sessions and managing the encryption keys used in each session. The author discusses how some fear that IKE is overly complicated, making it unsecure.
Web Host Industry Review: VPNs
The Web Host Industry Review is a resource for Web hosting news and information for service providers, enterprises, resellers, and consumers. It offers features, columns, and investigative reports.
WHIR also features sections that deal with related topics like virtual private networks. This section features its own daily newswire, a collection of articles and FAQs, and provides profiles of several VPN service providers.
The research and help section provides information on how to choose a VPN, the benefits of operating a VPN, how a VPN works, security and encryption aspects, and how to negotiate a service level agreement (SLA).
Using a VPN to Trim the Fat
Virtual Private Networks: Making the Right Connection, Dennis Fowler. A company can create its own VPN using the Internet or buy VPN services from a provider. This book begins by considering VPN cost savings over traditional WAN solutions. According to the author, these range from 20 to 80 percent, depending on the activity.
The author targets business managers or executives concerned with lowering costs while improving workforce efficiency. He explains his suggestions for using the Internet to knit distant facilities and even a mobile workforce into an enterprise-wide computer network. Using real-life examples, the author shows how he believes you can save 40 to 60 percent over the cost of leased lines and long distance charges for remote network access.
The book lays out what the author sees as the benefits and hazards of establishing a VPN, so you can make informed decisions for implementing an appropriate system.
Morgan Kaufmann, San Francisco, Calif.; http://www.mkp.com; ISBN 1-55860-575-4; 222 pp.; $34.95.
Making Your VPN Airtight
A Guide to Virtual Private Networks, Martin Murhammer and colleagues. Many IT managers want to understand what IPSec has to do with securing a VPN. This book tries to explain the processes that meld IPSec and VPNs, covering the data handling and security aspects of VPNs. Readers can find an explanation of technologies that create VPNs governed by the IPSec specification.
This book explains how the Internet Security Association and Key Management Protocol (ISAKMP) and the Oakley key-exchange protocol work. It also provides details on how Internet Key Exchange (IKE) works under ISAKMP/Oakley.
Via three scenarios, the authors describe how to implement VPNs based on authentication, encryption, and the exchange of security keys. The IPSec standard and draft documents are key to these secure implementations.
Prentice Hall, Upper Saddle River, NJ; http://www.prenticehall.com; ISBN 0-13-083964-7; 174 pp.; $38.
VPNcon Spring 2002
13-16 May 2002
San Jose, Calif.
VPNcon aims to show you how to implement VPNs with exhibits concentrated on new VPN technologies, products, and services. People who are considering implementing VPNs will be interested in attending this event.
Infonetics Research projected that over 70 percent of US networked organizations would implement VPNs by 2001 in remote access, site-to-site, or extranet solutions. IT professionals should know about VPNs to help reduce the complexity and costs of remote access.
The conference will present an introductory class on public-key infrastructure (PKI), providing an overview of the cryptographic technology and the components of a PKI-based system. The course will address the particular application of digital certificates for authenticity, trust, and privacy in implementing secure VPN environments.
A session on PKI-enabled VPNs will consider lessons learned from two PKI-enabled VPN deployments. This presentation will provide an overview of the real-life deployment issues encountered by Intelispan—a managed VPN service provider—and Baltimore, a provider of global e-security.
Networld + Interop
5-7 March 2002
With networking playing such an integral role in helping to make companies competitive, many executives and managers are focusing on how networking, the Internet, and telecommunications are collectively changing business. IP and the growth of data traffic are playing a role in this change, along with the convergence of data, voice and video, and the importance of services like DSL (digital subscriber line) and VPNs.
As IP has developed into more than a bandwidth technology, the corporate enterprise has converged with service provider networking. This has prompted more companies to invest in alternative solutions, such as infrastructure equipment, servers and systems, applications, and services. The conference will examine industry trends from these viewpoints.
Strategic Digital Billing
4-5 December 2002
There are a variety of payment methods for e-commerce transactions. The birth of online banks, increased online services offered by traditional finance institutions, and mobile billing services are all viable alternatives. However, some people involved with online payment technology remain interested in building a safe and easy-to-use monetary system in cyberspace.
Despite the increased population of online shoppers, cash-oriented societies such as those in Japan and many other countries in Asia have yet to take advantage of e-business. So the absence of a secure, practical, and trustworthy online billing system could be hindering further growth into these potentially lucrative e-commerce markets. That's why this conference will offer delegates case studies highlighting various digital billing strategies.
Adding the "E" to Your Business
Developing E-Business Systems and Architectures: A Manager's Guide, Paul Harmon, Michael Rosen, and Michael Guttman.
Written for executives and managers, this book is for those in medium to large companies who are considering converting to an e-business. It especially targets IT managers with responsibilities for designing and developing new corporate software systems.
The authors provide managers with a road map to help develop a strategic plan for transition. They also focus on e-business architectures and software development practices that might need to change, and how the company itself must change to accommodate software development with components. The text includes case studies. In addition to changes companies can make in their IT groups to support e-business initiatives, the authors also describe an enterprise component architecture framework.
Morgan Kaufman, San Francisco, Calif.; http://www.mkp.com; ISBN 1-55860-665-3; 304 pp.; $34.95.
Learning How to Manage the E-Team
Bionic eTeamwork, Jaclyn Kostner. As its premise, this book claims that the age of colocated teams is dead. Instead of working with the people down the hall, many companies now have people working with others around the globe. To achieve real success, the author contends that companies can't just plug into the new technology. They must learn how to collaborate effectively when people are not in one place. They must create fast, cohesive teamwork from afar, what the author calls virtual teamwork.
This book explains the author's team-building process, which aims at creating fast, effective teams that use technology's power to extend their human capability and touch. In this book, the author also includes best practices from SAS Airlines, Dow Chemical, Hewlett-Packard, and IBM.
This book teaches the author's three-step evolution to teamwork; four ways to quickly transition a team to teamwork; best practices for creating trust in teams that communicate virtually; and three kinds of emotion that build a sense of team, even from afar.
Dearborn Trade, Chicago; http://www.dearborn.com/dfp/trade_home.asp; ISBN 0-793-14834-0; 224 pp.; $25.
E-Commerce Best Practices
This Web site is a library of what ZDNet considers the best and worst that the Web has to offer in e-commerce design. If you're involved in e-commerce architecture, the best practices section can give you examples of what ZDNet believes works, what doesn't, and why.
For example, a guide to color theory explains how to use colors to advantage in a site. Another section contains tips on how to give a site a luxurious feel. Suggestions include cutting down on pop-up ads, offering clear product placement and pricing information, removing links to sites that will lead visitors away from your site, and recognizing and rewarding repeat customers. The Web site also offers a link to a white paper on how to keep customers moving along the purchasing path.
How you display your products can be critical to making a sale. A link to "The Art of Online Merchandising" offers six steps to more effective merchandising.
There's also a section of examples of ineffective sites, as chosen by ZDNet reviewers.
Let Your Voice Do the Surfing
The Voice XML Handbook: Understanding and Building the Phone-Enabled Web, Bob Edgar. Do you know telephony but need to learn about the Web? Do you know the Web but need to learn telecom? Are you a Webmaster who needs to enable your site to handle telephony?
If you answered yes to any of these questions, then this book could help you. The author explains how to understand and use VoiceXML, "HTML (Hypertext Markup Language) for telephony." It begins with background on how the Web, telecom, and computer telephony work; what XML (Extensible Markup Language) is; and how to use voice browsers. Next, the book introduces a VoiceXML page that answers the phone and speaks to you, and then leads you through the features of VoiceXML, including VoiceXML 2.0.
The author covers graphical Web browsing, HTML and HTTP (Hypertext Transfer Protocol), telecommunications and computer telephony, voice recognition and text-to-speech conversion.
CMP Books, Gilroy, Calif.; http://www.cmpbooks.com; ISBN 1-578-20084-9; 481 pp.; $39.95.
Iconocast Research Publication
Iconocast is on online media organization that offers Internet marketing strategy, research, advice, resources, and events. The weekly Iconocast e-marketing newsletter reports news, analysis, and trends affecting the online marketing industry.
The online periodical primarily targets advertising and public relations agencies, analysts, Web marketing strategists, and market research firms. Iconocast also publishes Iconomap, an Internet reference guide, with 1,000 Internet stats and Web marketing tips.
Members can join an online forum to discuss Internet marketing topics. Iconocast also offers consulting services targeted at research, business planning, and strategy.
The research section of the site's resources department has a collection of 50,000 publications from over 350 research firms.
B2B E-Commerce in CEE Markets
13-14 March 2002
Prague, Czech Republic
B2B e-commerce and e-procurement help increase the profile of purchasing within businesses. Some companies use B2B applications and network-based services to exchange information, interact, and transact with customers and suppliers.
B2B e-commerce and e-procurement can reduce the cost and burden of traditional procurement and can also improve return on investment. The adoption of a common business framework helps provide a structured mechanism for system-to-system transactions across organizational boundaries.
This conference will explore strategic issues through case studies presented by a speaker's panel.
Speakers will cover the status of e-commerce legislation in Central and Eastern Europe (CEE); the current status and future trends of B2B e-commerce and e-procurement in the CEE region; the influence of European Union enlargement on B2B e-commerce; and payment solutions for B2B e-commerce.
Mapping Your E-Business Chain
E-Business 2.0: Roadmap for Success, Ravi Kalakota and Marcia Robinson. The authors of this book present a survey of how business processes have changed as a result of computer-assisted communications, data storage and data analysis. They explain recent technological advances—and those that they think could take place soon—and explain how companies can use them.
The authors explain how inefficiencies in the selling chain can make it prohibitively expensive to provide built-to-order products. They then present their recommendations for solutions: Internet and customer relationship management software, sales automation systems, and proposal automation tools. In each case, the authors cite examples (usually companies and products). Similar attention goes to enterprise resource planning (ERP) and trend-spotting tools.
Addison Wesley, Boston, Mass.; http://www.awl.com; ISBN 0-201-72165-1; 544 pp.; $39.95.