Coast Guard plans to anchor its LAN with a VPN later this month

Coast Guard plans to anchor its LAN with a VPN later this month

By Mark A. Kellner

Special to GCN

At the end of this month, the Coast Guard will weigh anchor with a virtual private network that will connect remote users to its main LAN, save the agency money and boost productivity, said Tom Clark, chief of the advanced technology branch of the Coast Guard's Telecommunication and Information Systems Command in Alexandria, Va.

'We have approximately 500 locations, with one in Europe and one Japan, one in Guam, one in American Samoa, and a big presence in Hawaii and Alaska,' Clark said. 'We have approximately 30,000 to 40,000 users, including contractor staff that generally doesn't show up in the statistics. It's pretty much used as the digital nervous system' for the service, which is under the aegis of the federal Transportation Department.

The agency's introduction of a VPN comes as it shifts more traffic and information to IP networks, he said.

'We're transitioning from CTOS and an X.25 network, and now 80 percent of our users are off of that onto the newer [Microsoft Windows NT 4.0] network. Primarily, we're using this network for internal e-mail and Internet use. We're also building internal Web sites for internal Coast Guard customers,' he said.

Clark said the sophistication of remote users and the availability of new equipment fueled the move to a VPN.

On the rise

'We see a rising demand for a number of different groups outside this network to gain access,' he said. 'The first group is home users, who are people who come to work who, when they go home in the evenings, must not have a life, so they decide they want to return to work and do something from home.'

The next group driving the move is made of authorized telecommuters, whose numbers are likely to increase because 'DOT wants to support telecommuting to reduce transportation problems, specifically in the [Washington,] D.C. area,' he said.

The agency started evaluating its options for VPNs in 1998 and concentrated on vendors who offered systems compatible with the Internet Protocol Security standard, Clark said. The Nortel Contivity system from Nortel Networks Corp. of Brampton, Ontario, he selected supports open protocols and was easy to manage and configure, he said, thanks to a Web-browser style interface.

Carte blanche

'It gives you all your menu items, shows a hierarchy of choices and the general layout of interface on these Web browsers,' he said. 'With many other products, it's a command-line based system. You have to type the names right, instead of moving the mouse around.

'One of the nice things about the Contivity is I can go away from the product for three months and go back to it, and not lose anything; can pick it right up. With command-line interface, it's not that easy; I have to relearn things,' Clark said.

In testing the system, the Coast Guard was able to find five high-speed remote users, Clark said.

'We've had customers from around the country, technical people to begin with, digital subscriber line and cable modem users, who want to see how the box would perform at higher bandwidth,' he said. 'The tests went all very smoothly. We did not run into any glitches at all.'

As to security, the agency initially will use its VPN for unclassified traffic, although that will change as new security standards become available.

'I expect in the future that IPSec will offer as an encryption method whatever wins the National Institute of Standards and Technology's encryption algorithm competition,' Clar said. NIST has selected five finalists and is expected to make a decision in April.

Related Articles

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above