VPN Over Satellite: More Than Viable

 

Internet Protocol (IP)-based virtual private networks (VPNs) have become more popular as companies realize that when it comes to secure and reliable  networking, owning a dedicated network is not the only option.

While VSAT solutions are adapting to a world where the emphasis now is on a hybrid approach using satellites and terrestrial solutions, many niches will need to be filled in the process. VPN over satellite solutions are much in demand thanks to increasing business globalization, says Randy Neck, vice president of marketing at Houston-based CapRock Communications. The solution, which can reduce overhead and increase agility for users, represents an important component in this new and expansive networking arena.
The term VPN is used in the industry to mean a range of solutions, says Sampath Ramaswami, senior director, service development, in the North American division of Hughes Network Systems LLC. “A private network that connects the numerous sites of a distributed enterprise is a VPN, as is secure access over the Internet used by teleworkers to reach a corporate server. The latter is sometimes referred to as remote access VPN,” he says. “… Legacy networks such as dialup and frame relay are being rapidly replaced by always-on, broadband VPNs.”
However, this migration often fails to reach 20 percent to 50 percent for most distributed enterprises, and as a result, “satellite broadband offers a highly effective, cost-competitive, fill-in compared to other terrestrial fill-in options, such as leased line,” says Ramaswami. “We are seeing demand for satellite-based VPNs in two areas — as a complete, unified networking technology connecting all sites of an enterprise and as part of a hybrid terrestrial-satellite broadband network.”

TCP Can Spell Trouble

The VPN-over-satellite environment presents its own set of operating challenges, but VSAT vendors are overcoming them.
Satellite-induced latency coupled with Transmission Control Protocol (TCP) can often yield disappointing results. “The main reason for [signal] degradation is that TCP algorithms are not suited for the long latency of the satellite link and are not optimized by the VSAT,” says Doron Elinav, director of strategic marketing at Gilat Satellite Networks. “The trend we see is towards encrypted VPNs usually based on Internet protocol Security (IPsec). The trend is growing and is common throughout the telecom industry. IPsec has emerged as the modern standard for data security supports key-based authentication, and encrypts the complete data packet — both data and headers — and adds its own header. Thus, it foils most threats — and also any attempt at TCP acceleration.”
For remote access VPNs, the Hughes VPN Accelerator is an off-the-shelf solution that supports IPsec VPNs over satellite. “If a VPN tunnel using IPsec originates on a client (that is, for remote access VPN) residing on a LAN behind a satellite router, then traditional acceleration techniques used to mitigate latency-related performance issues will be inoperable,” says Ramaswami. “The VPN Accelerator enhances performance by using satellite acceleration techniques prior to transmission through the VPN tunnel while maintaining the integrity of the VPN security. [It] integrates easily into the existing corporate security policies and infrastructure of enterprises using Nortel, Cisco or Check Point VPNs.”
One of the key issues for a VPN is ensuring data confidentiality, says Adrian Amelse, director of marketing for Cisco’s data center security technology group. “Identity and encryption are fundamental requirements for customers, and we incorporate these capabilities into all of our communications technologies, including satellite VPNs,” he says. “Based on that, we definitely view VPN over satellite as being viable.”
In addition, these new end-to-end VPNs now permit secure connections to remote locations over the Internet without the need for costly backhaul circuits. “This flexibility and cost effectiveness has created strong demand for VPN capability over satellite,” says Neck. “In the future, as businesses continue to expand globally, the speed and ease with which VPN over satellite solutions can be deployed is a clear advantage over the cumbersome and time consuming point-to-point backhaul alternatives.”
 

• GNC Architect (Guidance Navigation & Control) - EADS
• Research Physical Scientist - National Aeronautics & Space Administration, Goddard Space Flight Center
• 12104 - Jet Propulsion Laboratory (JPL)
• Field Operations Technician - Iroquois Pipeline Operating Co.
• Sales Executive - Ground Control

• Home Depot Now Selling Winegard Digital TV Antennas to Meet Growing Demand for Free HDTV Viewing in Communities
• National Space Club Announces 2013 Award Recipients
• Lockheed Martin Aegis System Intercepts Ballistic Missile Target Using Satellite Information
• Orbital-Built Landsat Satellite Successfully Launched
• MTN Government Services CTO Richard Hadsall Appointed to World Teleport Association Board
• XTAR Plans Expansion Beyond the U.S. and Europe as African and Asian Hot Spots Drive Change

• Disaster Recovery: A Blueprint For Better Response
• Performance Enhancers: Striving For End-To-End Solutions
• The Future Of Private Networks: What Next For VSAT Systems
• The Evolving World of Private Networks
• Russia: Deploying Satellite Applications, Gaining Market Strength