The Business Forum

"It is impossible for ideas to compete in the marketplace if no forum for
  their presentation is provided or available."           Thomas Mann, 1896


Remote Access for Business Continuity

Contributed by Array Networks, Inc.

 

 

Introduction

Business disruptions take many shapes and forms, from hurricanes and earthquakes to man-made problems such as transit strikes. No matter the nature of the disaster, they all have the potential to prevent employees from getting to their place of work — if not to render that place of work uninhabitable.

“The most critical success factor to any business continuity plan is a fast re-establishment of business processes,” according to Gartner analyst John Girard’s Nov., 2005 paper, “Ten Remote-Access Failures to Avoid in Emergency.” “However, if your disaster recovery plans do not include remote-access coordination steps, no amount of cool technology will save your operations.”

Considering the Threats

Natural disasters are always a wake-up call for businesses to assess their business continuity plans. Hurricane Katrina is the best recent example, displacing thousands of businesses based in New Orleans and other storm-ravaged regions. But the threats to business continuity reach far beyond hurricanes to include other natural forces that can strike most any region. They include snowstorms that can keep employees stuck at home, electrical storms that knock out power, and earthquakes that can cause widespread devastation.

Business continuity plans should also take into account disruptions caused by humans. Consider the December, 2005, transit strike in New York City, which left thousands of commuters without access to buses and trains for more than two days. Similar events have happened in Los Angeles in 2000 and Toronto in May, 2006; such a strike was only narrowly averted in San Francisco in July, 2006.

Sadly, terrorist attacks are also now on the list of events for which companies must have contingency plans that address the loss of a building as well as transportation disruptions. Disaster recovery experts are also now encouraging companies to plan for pandemics, such as an outbreak of avian influenza. Even fully expected occurrences can put a strain on business systems and threaten business continuity.

Dealing with such business disruptions requires proper business continuity planning, such that the business can continue to operate in the face of a disruption. Such a plan has to include detailed disaster recovery plans for servers and data, but it also should include a plan that enables workers to securely access company data from an alternate location, such as their homes or a temporary office. That requires a remote access solution that can provide secure access to users no matter where they are, at a moment’s notice, with the kind of performance they’re used to in the office environment.

Too often, when the time comes, customers fi nd that their remote access solution doesn’t adequately address the challenges that a real-world business continuity event presents. Common problems include new remote access users requiring lots of hand-holding from an already overburdened IT staff , remote access hardware that can’t handle the additional capacity, and an inability to quickly get additional licenses for new users. As they select a remote access vendor, customers need to ask some hard questions of their vendors in order to fi nd out whether their solution can really stand up to the demands of a widespread business disruption.

Examples include seasonal bumps in usage, such as a university registration system experiences when thousands of students arrive on campus each fall, or that online retailers can expect around the holiday season.

The point is that the threats to business continuity are many and varied, and they can affect any business in any region. And in many cases, ignoring the threats is simply not an option.

Keeping in Compliance

In some cases, regulatory compliance and government mandates dictate that companies have secure, auditable access to key information, even during unanticipated events. Requirements like Sarbanes-Oxley, HIPAA and others still apply, even if an organization is working under less than ideal conditions. Consider a health insurance provider that suffers a business disruption that forces key employees to work from home. Should any of those employees access sensitive data that falls under HIPAA regulations, the company must be able to prove those employees were authorized to do so.

While such safeguards and audit trails may be in place at the headquarters office, companies also need to ensure they apply to employees who access the data remotely. Indeed, compliance is one reason some government agencies are now mandating that the private sector organizations they do business with be able to demonstrate they have a credible business continuity planning implementation.

Competitive Imperative

From a competitive standpoint, most companies can’t aff ord to let an event such as a snowstorm inhibit its ability to respond to customers, supplies and other partners. If the storm should rage on for two days or three, competitors may well pick the slack for any company that can’t keep getting business done.

Finally, without a business continuity plan that includes secure remote access, companies may leave themselves exposed to hackers and other security threats during an unanticipated event. If an employee accesses company resources from a home PC that contains a virus, and winds up unleashing the virus on the corporate network, it may cause as much damage as the business disruption that kept the employee at home in the first place.

Case Study: Humana Finds Safe Harbor

The health insurance provider Humana, Inc. had a direct confrontation with Hurricanes Katrina and Rita in September and October of 2005. The company has employees in New Orleans and Texas, says Chuck Deaton, manager of information security architecture and design for Humana in Louisville, Kent.

“We were able to tell those folks to pack up, take their laptops and go to some safe harbor,” Deaton said. Once safely in an alternate location, the workers could log in to the Array gateway via any type of connection, be it dialup or broadband. “They could immediately connect to the network using any available PC and continue to be productive.”

Deaton, who uses a combination of Array devices including the SPX5000, SPX3000 and SPX2000, says the performance, end user experience and capacity they off er can’t be matched by any competitor. “It’s gaudy what Array can do compared to the closest competitor,” he said.

Remote Access for BCP: Critical Deployment Criteria

With respect to providing always-on access to applications and resources, any number of vendors will claim their solution provides secure remote access to meet business continuity planning requirements. But as customers look under the covers, they too often fi nd the solution is lacking in one or more areas. To provide a trustworthy foundation for business continuity planning, a remote access solution must satisfy seven critical deployment considerations:

• Secure anytime, anywhere access

• Zero service interruption

• Seamless capacity

• Maximum performance

• Automated VPN provisioning

• Cost-eff ectiveness

• Global redundancy

Secure Anytime, Anywhere Access

Fundamental to a business continuity plan is the ability for workers to be able to get at the applications and resources they need, even when they can’t make it to their normal place of work. It does no good to keep servers, applications and databases up and running if the workers who need them cannot get access to them. Access should also be available when the offi ce is no longer functional and the server infrastructure has been moved elsewhere. Similarly, should workers lose their primary access device — such as when a laptop is lost, stolen or broken — they should be able to access resources from any alternate device with a functioning Web browser.

All the while, however, the business has to be mindful that during an emergency, it is especially susceptible to a security breach, whether from internal users or unauthorized intruders attempting to take advantage of the relative chaos. In such a situation, strong encryption, access controls and end-point security are a must.

Zero Service Interruption

Service interruptions often occur after events that are either completely unforeseen, such as an earthquake, or for which there is little time to plan, such as a snowstorm. Just as you can’t be sure workers will be able to make it into the offi ce during such events, you can’t assume that your IT staff or outsourced solution vendor will either. Given that, your business continuity plan must be able to be implemented without IT help of any kind.

That means the plan can’t rely on being able to reach the IT department by phone, e-mail or Web. And it can’t assume that workers or IT will be able to add any additional hardware that may be required, such as additional remote access devices to support new users. To be truly effective, the business continuity plan must provide the capacity and performance you require with no IT intervention — and no downtime.

Seamless Capacity

During an unanticipated business disruption, it’s likely that your remote access system will be taxed far beyond its usual capacity, perhaps by as much as an order of magnitude. You need a hardware system that can not only easily support your day-to-day remote access needs, but be able to instantly scale to accommodate your entire workforce if needed employment Criteria p. 5

Maximum Performance

While scaling to increase capacity, a successful business continuity plan also demands a remote access solution that doesn’t sacrifice performance in the process. Metrics to consider include the amount of bandwidth available for each user, latency and per-user response time. With many remote access systems, performance in each of these areas degrades as the number of active users increases.

Automated VPN Provisioning

Workers who don’t normally have cause to use their organization’s remote access solution pose a special problem for business continuity planning. During a business disruption, these workers will be using laptops or workstations that may not be outfitted with required virtual private network (VPN) software or other critical components. They are also likely to be unfamiliar with the remote access solution and how to use it.

That makes it imperative that the business continuity plan include a remote access solution that can deliver any necessary software components “on the fly,” as they are required. It must also provide interactive “smart” training that makes it intuitive for even new users to successfully set up.

Cost-Effective Implementation

Outfitting a remote access solution with the licenses required to support all those workers who should be included in a business continuity plan can be cost-prohibitive. Most vendors require users to purchase additional hardware that goes unused day-to-day. Similarly, most don’t have licensing plans that enable customers to add additional licenses in case of an emergency, then revert back to their normal level once the business disruption has ended. What customers need is hardware that is priced at an appropriate level for their day-to-day needs, but that can scale to support the entire workforce if needed, along with a contingency license that covers such a scenario at a reasonable cost.

Global Redundancy

Of course a remote access solution that meets all of these requirements won’t do any good if the applications and resources normally present in the company data center are no longer functioning. A business continuity plan, then, must ensure that applications and other resources are available from multiple sites, in case the primary site fails. And that backup data center plan must work in conjunction with the remote access plan, such that workers can get at the servers they need no matter where they happen to be.

As you assess the remote access landscape, you are likely to fi nd that most vendors don’t effectively address these seven essential requirements, if indeed they’ve considered them at all.

Meeting BCP Challenges with Array Networks

The Array Networks SPX Series SSL VPN Access Gateway is the exception to the rule, allowing customers to meet each of these critical business continuity deployment considerations. The SPX Series is a third-generation SSL VPN solution, built on a platform purpose-built for SSL-based VPN remote access. As such, the SPX Series delivers a number of benefits as compared to general-purpose SSL VPN solutions, including:

• Improved security, flexibility and control

• Industry-leading performance, scalability and user experience

• Reduced total cost of ownership (TCO)

Indeed, the SPX Series is the only SSL VPN platform capable of meeting all seven critical deployment considerations of an effective business continuity remote access plan.

Secure Access On Demand

With the Array Networks SPX Series SSL VPN Access Gateway, there is no need for IT to pre-install software on each client. Rather, users can merely click on a URL and all the software they need will be automatically pushed to their machine and ready to use — with no IT involvement. That’s an important consideration in an emergency situation, where many workers who are normally in an offi ce location are instead relying on remote access. IT personnel are likely to be busy getting their own house in order; they won’t have time to field support request from all the new remote users. It’s also a productivity issue, in that the SPX Series allows the workers to quickly get at the resources they need, instead of wasting time trying to get their machines properly configured.

The SPX Series also allows for the same level of security, if not better, as if all workers were in the head office. That’s because IT can predefine which workers are allowed to access what resources, with a granular level of control over access to resources including e-mail, fi les, applications and the corporate intranet. Indeed, the SPX Series even allows IT to consolidate a plethora of such access control lists (ACLs) from their firewalls, LAN switches, wireless LAN devices and application security proxies — thus improving overall security for the organization by ensuring all the ACLs are synchronized with up-to-date information.

Capacity for All

The SPX Series also has sufficient capacity such that most customers will be able to support all of their additional users on their existing hardware. At the high end, with the ability to support 64,000 concurrent users and 100,000 concurrent SSL sessions, the Array Networks SPX5000 offers the highest capacity on the market, and is roughly 20 times more scalable than competing solutions.

But the story is much the same for the entry-level SPX2000 and mid-range SPX3000 models, each of which off ers far more headroom at their respective price points than competitive offerings. That means customers are not forced to buy a platform that far outstrips their day-to-day needs in order to meet business continuity planning requirements.

At every price point and for businesses of any size, Array offers far more spare capacity to support business continuity planning requirements than any competitor.

In a time of emergency, the SPX Series can, in effect, seamlessly transform into an extension office, enabling all users to access their usual resources with no downtime or service interruption.

Performance to Spare

Of course, the ability to support vast numbers of users doesn’t do much good if performance degrades as the user count goes up. The Array SPX Series suffers from no such problems. It maintains an average latency of less than 2 milliseconds, even as throughput scales from 100 Mbps to 850 Mbps, according to tests conducted on the high-end SPX5000 model by The Tolly Group.

The Tolly Group tests show that when subjected to variable traffic scenarios, the SPX5000 is able to step up from 500 to 64,000 concurrent users with ease,” the Tolly Group concluded. Even at its maximum capacity, Tolly Group found latency was not an issue for the SPX Series. “At 64,000 users, the SPX5000 introduced just 2.49 milliseconds of latency, well below levels that would adversely aff ect IP applications like voice or video that are sensitive to delay.” In short, the SPX is not going to be the bottleneck in your business continuity plan.

VPNs on the Fly

The customizable SPX user interface and Web portal make it simple for even first-time VPN users to log in. Interactive instructions guide users through the process, which typically involves no more than clicking a few tabs to select the desired applications. Any required software is pushed to the end user machine transparently and disappears once the session is over; no software installation is required.

IT can also be assured that any machines that log in to the Array system are secure because the SPX supports client-side integrity checking, to ensure client machines adhere to company security policies. The Array Intelligent Delivery feature provides the ability to push any required patches or components to end-users before they log in.

Flexible Purchase Options

The Array Networks ABC Flex License Plan means customers don’t have to scramble to procure licenses for new users in the event of an emergency. The plan enables additional users beyond those covered under the day-to-day concurrent user license to log in as needed, in some cases without any phone calls or other actions on the part of IT.

A number of plans are available, including:

• A 30-day certificate that covers the number of additional users you’ll have in the event of an emergency. The plan goes into effect as soon as IT calls, faxes or emails Array with an activation code.

• An insurance plan that allows customers to pay a monthly premium for the right to add additional users up to a predefined number in an emergency. Burst licenses are loaded on the system at purchase or via license key, and remain available for a period of one year. Users can log on seamlessly without IT intervention in the event of emergency. Customers can select the option to own the licenses outright if they purchase an additional 12-month insurance plan.

• A peak usage plan is available for customers with 500 or more concurrent users. Customers determine the number of additional licenses required in an emergency and pay a small fee annually to cover that number of users. In the event of an emergency, users can log on seamlessly without IT intervention. Customers pay only for users activated. Focus on Availability

The Array SPX Series ensures remote users can access IT resources, but IT must also ensure that those resources are available even during a time of disruption. That’s where the Array TMX Series of application availability solutions comes in. The TMX Series offers high-performance server load balancing, including on a global basis, such that servers in one data center can back up their counterparts in another data center in an N+1 redundant configuration.

The TMX Series helps IT weather the predictable Web application usage spikes that occur during emergency situations, and helps organizations with multiple data centers to remain operable when one goes down.

Case Study: ITG Wethers NY City Transit Strike

Investment Technology Group found out fi rst-hand how valuable the SPX Series can be in the event of an emergency. ITG is a specialized brokerage and technology firm with headquarters in New York and offices in North America, Europe and the Asia Pacific region. The company provides financial solutions to the most demanding of institutional investors, helping them get optimal prices for securities, route orders to desired markets, and manage the cost of trading — all in real time. For ITG, the ability to provide uninterrupted services is imperative, so its employees must be able to access critical business applications and resources at all times — even if they can’t get into the offi ce or if the offi ce is no longer functioning.

The company opted for the Array SPX to support its remote access requirements because it off ered a number of benefi ts that other SSL VPN solutions couldn’t match, including superior capacity and performance. The fact that the SPX enabled even users who don’t normally employ the VPN to quickly connect in the event of an emergency, without IT intervention, was another factor, along with the cost-effective ABC Flex License Plan.

All those factors came into play during the New York City transit strike of 2005. On December 20, the fi rst day of the strike, ITG took advantage of the ABC Flex plan to temporarily increase the number of user licenses it owned. Those employees who were not able to travel to the office responded as they had been trained; they stayed at home and logged in to the corporate SSL VPN portal, where they were able to access appropriate resources and continue to conduct business.

The Array Networks SSL VPN functioned as intended, such that:

• Every user that needed to log on was able to log on, each receiving a premium user experience

• No action was required on the part of ITG’s IT department in providing secure remote access over the course of the event

• ITG was billed only for excess SSL VPN usage over the duration of the event

• ITG did not experience business disruption as a result of the transit strike

Conclusion

The Array Networks SPX Series offers a combination of SSL VPN capabilities that is unique in the industry. At every price point, the SPX Series offers a platform that will not only address everyday requirements, but supply plenty of headroom to fulfill business continuity planning needs. That holds true even for the largest of enterprises, given the SPX Series can support up to 64,000 concurrent users and 100,000 SSL sessions.

The intuitive process users follow to connect to the Array network means even first-time VPN users can quickly connect and become productive, with no need to involve IT or pre-install software. And, in the event of an emergency, customers can be assured users will notice virtually no difference in performance, given that the SPX Series can deliver less than 2 milliseconds of latency even as throughput reaches 850 Mbps. Array Networks’ ABC Flex License Plan provides the final piece of the business continuity puzzle — a cost-effective licensing plan that allows additional users to log on when they need to, again without involving IT.

In short, Array Networks is the only SSL VPN provider that can ensure your workers are able to get at the resources they need when they need them at all times — the very essence of an effective business continuity plan.

As Gartner’s Girard wrote: “Telecommuting and mobile access can help enterprises cope with emergencies. However, when disaster strikes, your remote-access plan must be ready to deploy, and your staff must know how to use it to advantage.” Array Networks SPX Series can give you the assurance that you’ll be able to survive—and thrive — through most any business disruption.

Sources

1. Hoge, Patrick; St. John, Kelly; Squatriglia, Chuck. “BART settlement reached; Strike averted as management agrees to union’s last-minute proposal,” July 6, 2005. San Francisco Chronicle.

2. “Avian Infl uenza: Current Situation,” Centers for Disease Control and Prevention, May 17, 2006

 


About Array Networks

Founded in 2000, Array Networks is a leading provider of high-performance, secure universal access solutions. Array delivers product lines that address the rapidly growing SSL VPN market as well as the application acceleration market. More than 500 customers including enterprises, service providers, government and vertical organizations in healthcare, finance and education rely on Array to provide anytime, anywhere secure and optimized access. Array provides the world’s fastest and most scalable SSL VPN products on the market today. Array’s technology performs 8 times faster and scales 12 times higher than its nearest competitor. As a result, no other company can deliver high-performance SSL VPN solutions at a comparable cost. Array has been recognized by industry leaders including Deloitte, Red Herring, and Synergy as a market and technology leader.


Visit the Authors Web Site

Website URL:

 http://www.arraynetworks.net

Your Name:
Company Name:
E-mail:

Inquiry Only - No Cost Or Obligation

 


 3D Animation : red star  Click Here for The Business Forum Library of White Papers   3D Animation : red star


Search Our Site

Search the ENTIRE Business Forum site. Search includes the Business
Forum Library, The Business Forum Journal and the Calendar Pages.


Disclaimer

The Business Forum, its Officers, partners, and all other
parties with which it deals, or is associated with, accept
absolutely no responsibility whatsoever, nor any liability,
for what is published on this web site.    Please refer to:

legal description


Home    Calendar    The Business Forum Journal     Features    Concept    History
Library    Formats     Guest Testimonials    Client Testimonials    Experts    Search
News Wire
      Join Why Sponsor      Tell-A-Friend      Contact The Business Forum


The Business Forum
 

Beverly Hills, California, United States of America


Email: 
j[email protected]  

Graphics by:  DawsonDesign

Webmaster: 
bruceclay.com

 

© Copyright The Business Forum Institute. - 1982 - 2009