Preparing for next-gen extranets

At Supercomm 2005 earlier this month, I hosted a panel on extranets. With the increased reliance on sourced partners, a firm's extranet can no longer be treated as an afterthought or a junior version of the corporate intranet. From a branding perspective, it is critical that the firm has end-to-end service ownership, reliability (business continuity) and security. Fortunately, new services have emerged that companies can leverage to meet evolving extranet needs.

Extranet environments fall into the following categories, in increasing complexity:

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

At Supercomm 2005 earlier this month, I hosted a panel on extranets. With the increased reliance on sourced partners, a firm's extranet can no longer be treated as an afterthought or a junior version of the corporate intranet. From a branding perspective, it is critical that the firm has end-to-end service ownership, reliability (business continuity) and security. Fortunately, new services have emerged that companies can leverage to meet evolving extranet needs.

Extranet environments fall into the following categories, in increasing complexity:

• Casual but periodic file transfer/update environment.
• Electronic data interchange-based environment.
• Web-based data exchange, either via HTTP mechanisms or Simple Object Access Protocol.
• Real-time, transaction-oriented interactions, such as a point-of-sale/credit card validation environment.
• Medium-complexity/medium-traffic connections to sourcers, supporting application-specific situations.
• High-complexity/high-traffic connections to sourcers, supporting application-specific situations (for example, implemented via T-1/T-3 or ATM links).
• Integrated voice and data environments, such as contact centers.
• Full intranet extension that supports not only application-specific traffic and office-related functions such as e-mail, but also integrated voice connectivity and video conferencing.

In the past, distinct technologies, often based on traditional VPNs, supported these environments. Fortunately, with the emergence of MPLS-based services, a single technology now can do the job. Specifically, MPLS-level QoS mechanisms can support voice and video traffic. Security (confidentiality) can be supported either by packet-level encryption and tunneling (for example, IPSec) or session-level encryption and tunneling (for example, SSL Transport Layer Security). Front- and back-end DMZs that use protocol-level firewalls, proxies and/or XML firewalls can control access. The use of MPLS for evolving extranet environments is preferable to traditional VPN approaches because of the improved grade of service, improved traffic management and traffic engineering, QoS capabilities, more restricted user population, and cost effectiveness.

Compared with ATM services or high-speed, point-to-point solutions, MPLS is expected to be more prevalent in the future.

When corporations take a rational view of their extranet and re-architect the extranet apparatus that might have developed incrementally over the years, they can achieve savings of 20% to 30% in monthly recurring charges. As large firms increasingly come to rely on a galaxy of externally based, yet online-connected suppliers, it is critical that they put in place an efficient, converged, state-of-the art extranet. Fortunately, the building blocks are now available.

Minoli is an adjunct professor at the Stevens Institute of Technology's graduate school and author of several books about enterprise networking. He can be reached at minoli@att.net.

Read more about lans & wans in Network World's LANs & WANs section.