Going Public

Bypassing private network services, corporate IT is moving more traffic onto the Internet, which is now faster and more reliable than ever.

A few years ago, the idea of using the public Internet as the primary network connection at MasterCard International Inc.'s branch offices wouldn't have been a serious option. Today, some of the financial services company's smaller offices are doing exactly that. For those locations, the Internet has become the access point for data entry, e-mail and other internal functions.

"All of that is supportable," says Jim Hull, vice president of engineering services, because end-to-end reliability and performance have improved to the point where the Internet is now "good enough."

MasterCard isn't the only organization to take notice. "The Internet is improving in its performance and in its price point," says Doug Hill, associate technical fellow and network chief architect at The Boeing Co. in Chicago. "We're using it a lot more than we used to."

In addition to supporting smaller remote offices, Boeing even runs some voice-over-IP traffic over the Internet, although broader adoption will need to wait for quality-of-service (QoS) functions to evolve, Hill says.

By using the Internet, both companies cut operating costs because the traffic no longer moves over ISDN, leased lines or other private network services.

"Enterprises are increasingly interested in Internet substitution. They're finding that they can offload a great deal of [network traffic]," says David Passmore, an analyst at Burton Group in Midvale, Utah.

Today, the Internet is chipping away at the periphery of the private network services that make up global networks. As the Internet continues to evolve, more of corporate IT's global traffic will be routed over it.

Although the Internet is likely to play a bigger role in corporate networks, it isn't likely to replace private network services anytime soon. Among the limitations: a lack of QoS capabilities needed for multimedia applications such as videoconferencing, and relatively weak security.

Faster, Better, Cheaper

The Internet is not only a better network than it was a few years ago, but it continues to improve rapidly.

"The Internet is larger than it was five years ago by a factor of at least five," says Vinton Cerf, co-inventor of the Internet and chief Internet evangelist at Google Inc. "It continues to function reliably, and the underlying systems have higher absolute capacity."

Long-term studies of the Internet back up Cerf's assessment. At Stanford University, the International Committee for Future Accelerators has been tracking Internet performance and reliability for several years. Its tests show that the global reliability of the Internet has been improving by 40% to 50% annually, while performance has increased at an annual rate of 10% to 20%.

Even carriers acknowledge the growing role of the Internet. "Performance on the Internet is great," says Stu Elby, vice president of network architecture and enterprise technologies at Verizon Communications Inc. in New York. "You see more and more business being conducted over the Internet because it's more reliable."

But the Internet still can't deliver for critical applications that require a guaranteed QoS, and it doesn't offer the same level of security as private network services, Elby says. Users agree.

"What we haven't gotten is services and features such as QoS. That's our motivation for building private infrastructures," says Hill. Boeing is well into a massive project to re-create its global private network services built on Multiprotocol Label Switching (MPLS) technology. Carriers use the IP-based network service to tag and logically separate IP traffic into secure virtual private networks for different corporate clients, as well as to route traffic using the shortest possible path. Service providers see an MPLS-based infrastructure as a consolidation platform that lets them efficiently deliver all traffic types, including voice, video and data.

Whether the Internet will overcome current limitations is a matter of fractious debate. Telecommunications carriers play up the Internet's weaknesses, which they claim are inherent in its connectionless, best-efforts delivery architecture. "We believe a [QoS] Internet mechanism is almost impossible," says Chae-Sub Lee, chairman of the Focus Group on Next Generation Networks at the International Telecommunication Union.

The ability to meet QoS needs is a function of bandwidth, and with today's Internet backbone running at 2.5Gbit to 10Gbit/sec., there is plenty, counters Scott Bradner, an Internet expert and university technology security officer at Harvard University. The problem, he notes, is not the core but the tail circuit, which can be upgraded if end-to-end performance is insufficient. But IT can't always justify the cost of bigger pipes. "There will always be a need for QoS, or you'll end up with a very costly infrastructure," Hull says.

Global companies also need to operate in places where the telecommunications infrastructure is government-controlled and end-to-end QoS through the public Internet can't be achieved because of reliability and performance limitations, according to Hull.

Others think these problems will eventually be solved. Verizon's Elby says the more sophisticated QoS controls used in private network services will migrate onto public peering points as the public and private IP networks coalesce. "It's all in the routers, so that technology might get sucked into the bigger Internet as well," he says.

When that happens, says Hill, the Internet's role in Boeing's global network could expand significantly.

Security remains a major stumbling block, however. "The problems are severe and lie at several layers in the protocol hierarchy," as well as in operating systems and application software, Cerf says. Remedying those problems won't be easy. "There are no easy architectural mechanisms to fix it," says Guru Parulkar, program director at the National Science Foundation's Computer and Network Systems division. The NSF funds research into future Internet technologies.

But Robert Kahn, co-inventor of the Internet and chairman, CEO and president of the Corporation for National Research Initiatives, says security is a problem for intelligent endpoints that use the Internet, not for the network itself. "I don't know if [security is] a limitation. It's just an aspiration for something that could be better," he says.

In the meantime, many enterprises are redesigning their networks around private MPLS services. As carriers continue to consolidate their own networks around more-efficient IP-based architectures such as MPLS and the emerging IP Multimedia Subsystem (designed to transform the circuit-switched public telephone network), some cost savings are slowly trickling down to corporate customers.

"We saw that in the MPLS competitive-bid activity that we went through," Hill says. He says private services such as MPLS are vital to his company's use of videoconferencing and other high-bandwidth applications that require QoS and multicast capabilities.

Although using MPLS gets Hill out of the business of procuring individual circuits, even private MPLS network services don't deliver on QoS globally. The reason: No single vendor covers all locations, and the industry lacks a set of common QoS definitions and standards for network-to-network interfaces.

Carriers are working to remedy the problem. Verizon expects to start offering interoperable services late this year or early next. But Boeing's Hill remains skeptical that competing carriers will cooperate. "They want customers... getting locked into their services. They are singularly unmotivated to make those services interoperable," he says.

Net Convergence

Will enterprises eventually build out global networks using the public Internet? In another decade, the convergence of public and private networks could make the question moot.

As carriers redesign voice and data services around IP, the differences between the public Internet and private network services are already blurring. At MasterCard, Hull sees little difference between the architecture of the MPLS network services the company is using to redesign its global network and the public Internet. "We're all going into the same cloud, and we're all sharing the same networks," he says.

Hill agrees. "The carriers we're using for our private corporate network are the same ones doing the Internet. It's the same infrastructure. There is no distinction between the Internet and the carrier services we're talking about," he says.

The difference may boil down to whether traffic is routed through public or private peering points within the Internet cloud, says Verizon's Elby.

Whether the two structures eventually converge entirely or remain separate, parallel architectures is the billion-dollar question, says Burton Group's Passmore.

The NSF's Parulkar says that the evolution could go either way: Although carriers' private networks appear to be merging into the public Internet today, the Internet itself could ultimately merge into the carriers' networks.

But Cliff Naughton, director of network services at Boeing, thinks business needs will ensure that parallel infrastructures continue to evolve. "I don't see one subsuming the other," he says. "There's a market for both, and there always will be... a need for higher levels of service."

Copyright © 2006 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon