• United States

Bank eyes lower support costs with mobile IP VPN

Jan 11, 20063 mins
Cellular NetworksNetwork SecuritySecurity

* Bank pilots “always-on” mobile IP VPN

Securing and supporting mobile workers is a formidable challenge.

Guaranty Bank, based in Brown Deer, Wis., learned this when it decided that mobile sales staff would input mortgage loan information online using cellular wireless Internet access rather than working offline with paper and pen.

“We found instances where PCs were getting infected when not connected [to the home network], primarily with adware and popups,” says Jim Laux, vice president of network infrastructure planning and operations. As a result, “we were spending more than we wanted to in support costs to re-image PCs.”

Laux says that while the 2000-employee, 200-office company had used traditional VPN technology for many years, he sought a solution whereby the VPN session always remained live.

“With our traditional VPN, the user has the ability to disable the VPN tunnel. Our concern was how to protect the devices with sensitive information by keeping them always connected.”

To meet these needs, Guaranty Bank is in the final stages of a pilot implementation of the Ecutel Viatores Mobile IP VPN. Mobile IP VPNs are generally client/server products that support internetwork roaming across different Layer 1 and 2 network technologies. Roaming prevents users from having to frequently restart their devices and sessions as they move among networks or patches of coverage and, likewise, maintains the user’s IPSec VPN session as users roam.

With an “always-on” connection, Laux explains, IT staff can view users’ wireless connectivity as if it were a local LAN environment. IT staff can therefore distribute anti-virus updates and software patches and troubleshoot issues whenever required because of having constant visibility onto the mortgage staff’s PCs.

Currently, the Guaranty Bank mortgage sales staff uses EV-DO and 1XRTT services from Verizon Wireless for remote access. Corporate policy has traditionally precluded the use of Wi-Fi (both in-house and public hot spot services) for security reasons.

However, Laux says one of the reasons for piloting the Ecutel Viatores product is to be able to securely add public Wi-Fi hot spot services to the mix of mobile services. He will likely do so once Viatores has been proven and stabilized in his environment, he says.

Laux adds that he pursued a mobile IP VPN rather than an SSL VPN for this niche of users because “SSL VPNs are certified for use with certain applications, and we don’t know what applications we’ll be running in the future. I was looking for something more generic.”