Since it first began shipping products in October 2000, Woburn, Mass., startup OpenReach has deployed its virtual private network (VPN) overlay technology for more than 150 customers with 50 or more locations each.
The company's technology is designed to help enterprises with a large number of remote offices or locations create single VPNs out of disparate means of Internet Protocol access. The company has so far raised $52 million in two funding rounds, and its technology is reshaping the way enterprises and their partners communicate across VPNs.
While all-software VPNs are gaining in popularity, their vendors still find themselves making the argument that the technology is a cheaper alternative to frame relay or ATM, which can nonetheless offer adequate security. OpenReach is hoping to find a sweet spot among enterprises, such as hotel chains that have large numbers of locations, each of which has largely been responsible for its own IP systems. OpenReach's value proposition – and one that has clearly impressed investors, as they've come through with significant capital in hard times – is that its software can give such enterprises the ability to construct what appears to be a seamless network out of a series of unrelated and marginally compatible IP connections.
OpenReach's software sits on generic Pentium III servers at each enterprise remote location. Those servers then connect back to the enterprise network operating center (NOC), where the central NOC IT manager manages and monitors the VPN through a Web-based interface. Using that interface, the administrator can see the whole network, although in many cases, enterprises have divided up their maintenance and monitoring duties to administrators in many locations.
Through that interface, administrators are able to establish connections between locations using drag and drop technology. Thus, if an enterprise has offices in Chicago and Los Angeles, in order to establish a VPN connection between the two, the administrator would click on one location and then drag and drop it to the other. Once that procedure was done, the connection would be established.
Part of the value of the software, says OpenReach chairman and founder Mark Tuomenoksa, is that it provides automatic distribution of certificates and setting up of security policies. Thus, he says, IT administrators don't have to be experts on Ipsec or public key infrastructure or encryption or even authentication systems. Instead, they have the ability to set those policies and determine where the connections will be.
OpenReach's mutual consent trust technology allows enterprises and their partners to each maintain control over access to the other's network. Thus, for the first time, he says, each side is unilaterally responsible for the connection and either party can choose to turn the connection off at any time.
SmartPipes and huge networking companies like Cisco and Nortel, not to mention the smaller NetScreen, make up the bulk of OpenReach's competition. Like OpenReach, SmartPipes provides enterprises with managed VPN access, but SmartPipes and the big networking companies prefer that enterprise customers restrict themselves to specific, expensive networking gear, while OpenReach allows the use of cheap Pentium III boxes. Cisco, Nortel and NetScreen expect their enterprise customers to spend thousands on VPN routers.
the451 (www.the451.com) is an analyst firm that provides timely, detailed and independent analysis of news in technology, communications and media. To evaluate the service click here.