VA will extend its benefits reach via a VPN

VA will extend its benefits reach via a VPN

VBA specialists Minh Nguyen, left, and Bob Meisel set the VPN so officials could access systems remotely.

By Frank Tiboni

GCN Staff

The Veterans Benefits Administration is testing a virtual private network as a way to set up a worldwide network of remote sites to provide veterans with benefits information.

The VPN provides a portable and secure means to send and receive data from legacy systems, said John Muenzen, director of VBA's field liaison staff.

'The VPN gives us more flexibility as to where we can set up shop,' Muenzen said. 'Now veterans don't have to schlep across the state to come to a regional office to get services.'

The system comes as VBA is restructuring to provide better services to veterans.

The Veterans Affairs Department agency, which has traditionally operated out of 58 regional offices, will expand to more than 200 locations worldwide, including some military bases, Muenzen said.

Autumn start

VBA and Performance Engineering Corp. of Fairfax, Va., the VPN's designer, are testing the service at 14 sites in preparation for an end-of-summer rollout, he said.

Because of budget constraints, VBA will deploy the VPN capability in small clusters.

'We're excited about providing better access in a cheaper way,' Muenzen said.

Using Internet service providers across the country, VBA can eliminate the need to constantly procure, maintain, upgrade and replace costly remote communications equipment, he said.

Agency claims representatives and accredited veterans service organizations will use their desktop or notebook PCs to link to the VPN via the Internet. The VPN will authenticate the users and give them access to the systems at VBA's Philadelphia Benefits Delivery Center, said Minh Nguyen, a VBA computer specialist who helped configure the system.

First, users go through a firewall on a 250-MHz Sun Microsystems Enterprise server running SunSoft Solaris 2.6. Each user must have an authorized account or the firewall will deny access. After the firewall approves the user, an authentication application on a second Enterprise server does a second check of the user, Nguyen said.

To clear the authentication process, each user must have SecureID'a handheld security token from Security Dynamics Technologies Inc. of Bedford, Mass. The devices are available for $50 on the company's General Services Administration schedule contract.

The key fob randomly generates a mathematics algorithm that produces personal identification numbers every minute.

When the system asks users to authenticate, they key in their user identification, a PIN and the current number on the key fob, said Bob Meisel, another VBA computer specialist who helped set up the VPN.

After receiving the three pieces of information, the VPN server provides an encrypted link between a user's computer and the benefits system he or she wants to access. For further protection, the VPN server will prompt users to reauthenticate who they are after working a certain amount of time, Meisel said.

Once in, users can access multiple applications, from benefits approval packages to
e-mail on VBA's internal network, he said.

For example, the VPN lets users access the Benefits Delivery Network, which contains specific information on veterans for claims processing. The network requires yet another log-in and password as its security layer, Meisel said.

Faster, please

To the user, the VPN link will be equivalent to working directly on the internal network. But Internet or Internet service provider slowdowns will affect the connection, he said.

inside gcn

  • cloud video processing

    Sprocket kicks video processing into high gear

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above