Wide area networks (WAN)

Wide area networks (WAN) are all about connecting various sites together when network segments from providers (such as telecommunications or ISP) are needed.

I am not a network architect, but I’ve had the great fortune to have fabulous architects as team members and colleagues, and I’ve learned much from them.  If it is a match to your business requirements, I can highly recommend a company, a service, and a technology. I am in no way affiliated with this company – but I did have the good fortune to work with them for over two years.

The company: OpenSystems

OpenSystems (http://open.ch) is a small Swiss company that provides WAN services (among other network-based security services) for other companies, anywhere in the world. (They have an installed base in 175 countries.) The fabulous aspect of OpenSystems is that they have chosen to remain small, and that every member of the company (from sales manager to company president) spends one day per week in their support center, carrying out 24×7 customer support. The customer-focus this provides – as well as the technical talent from their staff it requires – it’s amazing.

OpenSystems

The service: Full

OpenSystems will advise, consult, and design what you need to connect your sites with the security features you need. They’ll order the hardware, get it through customs in any country (including exotic countries such as North Korea and Syria), install it, then tune and monitor it 24×7. But the best aspect: OpenSystems has detailed knowledge of the local ISPs and telecom providers in the 175+ countries in which they do business. This will help ensure you get the best contracts, or the best service, without needing detailed market expertise in your worldwide locations, or without needed WAN engineers in those locations. To achieve 24×7 they have a dedicated support center in Zurich and one in Sydney, Australia.

This is something I have really come to appreciate: even if you have your own 24×7 team of network specialists, having access to the OpenSystem’s know-how can be very valuable.  Case in point: without going into confidential details, in one previous job we were informed by the U.S. FBI that our network had been penetrated and that a very careful attack was underway by (apparently) Chinese hackers.  With one call to OpenSystems and a total elapsed time of about 3 minutes, we had reconfigured our network and stopped the attack.

The technology: Mission Control Security Gateway (MCSG)

The OpenSystem’s solution involves appliances, so-called MCSGs, that are located at each site. Larger sites may choose to have multiple MCSGs for redundancy. The boxes can be remotely or locally operated, and they provide ultra-secure VPN connections (the level of security depending, of course, on what’s permitted by that local government, since not all governments allow the same type of encryption).

What’s most attractive, however, are not the boxes (by the way, they are blue!). One key selling point is the 20+ services that can be ordered with the boxes, topics such as URL and content filtering, anti-spam, intrusion detection, etc. In future other capabilities such as WAN-acceleration may be offered. Another key selling point is the “Mission Control Portal,” a web-based tool that let’s your network administrators have an overview of the complete network, status, settings, as well as dozens of reports. The portal has a hierarchical model, so administrators, architects, but senior managers as well can each get customized views with the information they need.

Client VPN and other services

When I struggled with various client VPN challenges, I also turned to OpenSystems for a “turn-key” solution: they provide client VPN as a managed service, including two-factor authentication and other features, naturally integrated into their portal application. Of course many companies have the expertise and support abilities to provide solutions like this internally, but in my case (too many sites, too few engineers) there were advantages from sourcing this service from OpenSystems.

ClientVPN

 

First Switzerland Wide-Area-Networking Roundtable, November 20, 2013

I was honored and privileged to be invited to the first roundtable discussion, held on November 20, 2013 in Zürich.  The panel consisted of some 15 senior executives responsible for WAN topics, plus several industry experts (including a professor, Prof. Plattner, from ETH in Zurich), and a professional moderator. The discussion was first-rate.

This was a very exciting opportunity for me, and I learned a few things: (1) even though I am not a network architect by training, you don’t have to be: I was absolutely at the same level as all my industry colleagues; (2) no matter small company or large, and no matter what the domain (manufacturing, finance, even health care) we all struggled with the same set of core technical challenges; and best of all (3) there were promising new technologies and products under development to address our challenges.