Leveraging the 'Net for business

Communications News, July, 1998

As a vendor of software tools for deep sub-micron chip design, Avant Corp. needed to create a secure, tightly-controlled environment for its clients to upload and download highly confidential semiconductor designs and software for debugging and testing by Avant application engineers. The assets to be interchanged via the Internet were digital property with a value exceeding $100 million.

The problems that Avant faced in deploying an extranet, or extended intranet, were:

How to securely manage 1,000 customer accounts.

How to reliably move large (greater than 100 MB in size), proprietary data files of semiconductor designs over the Internet.

How to delegate management of customer accounts and access permissions to account engineers and representatives without requiring an administrator's intervention.

Using Differential's Extranet Creator software, Avant created a tightly controlled environment where customers can securely exchange semiconductor design files with Avant application engineers for debugging, performance testing, and verification.

Customers can also browse and download software from an access-controlled software library. The software's security features allow competitors' information to coexist without violating any intellectual property rights.

The program manages, controls, and tracks interactions between customers and their account representatives. Web-accessible accounts are created and managed by account executives.

Avant's experience is indicative of a growing trend: small and medium businesses using the Internet for inter-company business. Financial services companies have traditionally led the development of secure inter-company networking systems, but other industries such as semiconductors, digital media, and health care may have similar requirements for advanced security, reliability, and management. A new generation of extranet products is becoming available to solve the needs of these mission-critical applications.

Commerce conducted over the Web, better known as e-commerce, is taking business beyond the traditional leveraging of physical assets to digital assets. These assets are companies' intellectual knowledge, and relationships and connections to employees as well as to suppliers, distributors, and customers. Digital assets can use the Internet as an important source of revenue and cost control for businesses.

Large firms in the banking, financial services, and manufacturing industries have been using inter-company networking technology for almost 20 years to decrease costs and generate added revenues. But this technology, called electronic data interchange (EDI), is both expensive, due to the use of private network and mapping requirements, and hard to configure, which explains why it has only been adopted by 1% of large companies in the U.S.

EDI has never gained much popularity among smaller and medium-sized businesses. The evolution of e-commerce over the Internet is now offering small business access to what was saving millions for large corporations.

Extranets allow companies to increase their competitiveness by securely using the Internet to work more closely with customers, create new revenue streams and service opportunities, decrease turnaround times, reduce costs, and work better with partners and suppliers.

A NEW SPACE IN COMMERCE

Extranet applications that manage highly valuable digital assets are particularly challenging to design and implement due to the complexity of ensuring system security, integration, management, reliability, and performance among all members of the extranet. Security is particularly important in such an environment, as organizations must ensure that internal corporate systems remain protected and that partner companies can only access specified and approved resources. Approval, tracking, and auditing are all challenging in this environment.

An effectively designed corporate extranet grants partners and customers permission to access portions of an organization's intranet in a tightly controlled manner, as follows:

1) Business policy and procedures: Extranet software must sort, select and dispose of information in a manner that is customized to meet the organization's business rules and procedures. Information must be distributed only to authorized users or partners, according to business rules that may be unique to each user or partner.

2) Security: Security is the primary concern for businesses connecting to the Internet, because it can potentially expose confidential intellectual property, leaving it prey to hackers and thieves. Extranets protect the information in corporate intranets while at the same time allowing limited, controlled access to internal information to external users or partners.

One key to a successful and secure extranet is to ensure that all access is controlled through a single gateway that can monitored, audited, and controlled. It is a bad idea to make this gateway simply the main firewall for your company. A much safer architecture is one that uses a 'demilitarized zone' (DMZ), where a set of servers is available outside of the firewall for partners to access. A DMZ can be made quite secure by using two firewalls, one that is the gateway from the DMZ to the corporate intranet, and a second outside firewall that lets partners into the DMZ servers from the external network (for example, the Internet).