Microsoft VPN provides a new range of opportunities for CIOs, MIS directors, net administrators and third-party developers. VPN will also be vital to Internet service providers, or other public network operators such as telephone companies that are trying to get into the Internet service business.
Many corporations would like to eliminate the cost and overhead of purchasing and managing their own modem pools, and out-source dial-up access to their corporate backbones. This needs to be done in a manner that is cost-effective, hassle-free, protocol-independent, secure, and that requires no changes to existing network addressing. Microsoft VPN provides the solution for telephone companies and ISPs to use in meeting such corporate needs.
PPTP will allow dedicated hardware devices (such as those manufactured by US Robotics and Ascend) deployed by Telcos in Points-of-Presence to act as "front-ends" to Windows NT RAS servers deployed at corporate premises by tunneling PPP packets through Wide Area Networks. An end user would make a local V.34 or ISDN dial-up call into a hardware device (such as a FEP) that is situated in the same city as the user. The FEP would then connect to a Windows NT Server located in a different city via a WAN such as frame relay or X.25. The FEP does this by taking PPP packets from the end-user and tunneling them through the WAN.
Telephone companies can take advantage of many of the Windows NT strengths to provide a dial-up access solution that is scalable, secure and easy to administer from the standpoint of both network addressing and security.
VPN and the robust Windows NT platform will allow service providers to manage server farms for customers, either on a customer's premises or through a POP. This is a significant benefit to companies that don't want to invest in the financial and management overhead required to operate their own data networks. Another major value of VPN and RAS is that because they sit on a Windows NT platform, they provide full integration with Microsoft BackOffice. This enables a service provider to offer a range of value-added services beyond remote access¾including server support and application support.
Using VPN, dense and integrated communications solutions from companies like US Robotics can be used as front-end processors across a LAN to Windows NT Servers. This would enable easy to handle dense RAS server configurations that are well integrated with the Windows NT - NOS environment.
As Windows NT Internet support is enhanced by adding routing protocols and demand-dial support, the PPTP protocols of a VPN will enable corporations to connect IP and IPX LANs across the Internet¾again in a secure manner. And if the need is only intra-corporate connectivity, these connections can be made without requiring universal addressing of the respective corporate LANs.
In addition to VPN support, PPP tunneling also enables use of dense modem/ISDN front-ends to Windows NT RAS servers, thus enabling access server vendors to easily integrate their solutions from a management perspective (user accounts, logging, etc.) into a Windows NT network.
By exploiting the infrastructure that the Internet Domain Name Service (DNS) offers, combined with Windows NT 4.0 feature enhancements (such as auto-dial support in RAS), it will be possible for Microsoft to significantly enhance business-to-business communications across the Internet in the 1996 time frame.
While the most important focus for VPN is to provide a secure way to extend private network access through the Internet, it can also work in virtually any type of network over which IP packets can be sent, including X.25 and Frame relay networks.
VPN allows the Internet to be treated as if it were a telephone network being used to reach the network that the user wants to be on. Companies taking advantage of VPN will be in a position to offer users what the telephone companies might call IP dial tone, meaning very high-speed PC access from the home. By default the transport mechanism will be IP. So users can make use of the giant telecommunication networks, tunneling through to get to wherever they want to go. That same tunnel might also go through the Internet, but the pathway would be transparent to the user.
Microsoft is working with telephone and cable companies to create high-speed, dedicated links between home computers and company networks, taking advantage of the existing telephone or cable wiring to the home. Because PPTP isn't bandwidth-constrained, it works with the underlying communications services, whether it be analog POTS, ISDN, or even ADSL and cable modems. That is because PPTP makes use of PPP transport.
Phone companies can use a device called an Asynchronous Digital Subscriber Line (ADSL) modem, which would be installed both at the central office and the customer's home. It would not interfere with regular phone service, but would multiplex data traffic onto the same line. Using an IP connection, caching Internet servers could be installed at the central office, to provide a connection to the Internet, CD-ROM servers, or other system resources. Users could then connect to either the Internet or a private network. PPTP would allow users to tunnel through the service provider's bank of servers and through the different address types. A router at the central office could be connected to the Internet, so that users could reach distant corporate networks. Or the corporate network could be directly attached, permitting direct access.