home
NEWS       BLOGS       FORUMS       NEWSLETTERS       RESEARCH       EVENTS       DIGITAL LIBRARY       CAREERS  
Network Computing Network Computing Powered by InformationWeek Business Technology Network

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers

Security
C E N T E R F O L D  
Firm Plots Legal Battles From Makeshift VPN Sites

  June 10, 2002
  By Kelly Jackson Higgins


TOC Issue TOC
Printer Print this page
Printer Download article as PDF
Printer Download centerfold graphic as PDF
E-Mail E-Mail this URL

They call it the "war room"--the temporary office that law firm Sonnenschein Nath & Rosenthal sets up for attorneys during out-of-town court cases or extended off-site client consultations. The war room functions just like any other site on the firm's VPN, with an on-premises LAN and a T1 VPN link to the Chicago home office.



Sonnenschein built its first VPN-based war room last year during a litigation case for Prudential Life Insurance Co. Twenty attorneys flew to Miami for the court date and set up shop in their hotel suite, complete with workstations, servers, a Nokia/Check Point firewall appliance, a Cisco VPN router and a T1 (1.5 Mbps) link to the firm's VPN, which was still under construction. The LAN also had wireless support, so attorneys could roam from room to room in the suite.

The three-month remote setup was a step up for the attorneys, who were used to working on briefings, notes and other documents individually on their laptops, dialing up to the home office with client-based remote-access VPN software. "Working in the war room was just like working in the home office," says Adam Hansen, lead information security engineer for Sonnenschein, which has 500 attorneys in nine offices nationwide. The firm, whose other big-name clients include IBM and Sun Microsystems, specializes in business litigation, intellectual property and technology issues.

Sonnenschein went with the VPN to decentralize its operations. And while the VPN cost about $200,000 to set up, it will save the firm money over the long run by eliminating expensive point-to-point connections. The old WAN configuration also posed a single point of potential failure: Sonnenschein's Chicago hub housed many of the firm's main applications, including Lotus Notes and a SQL-based document-management system. The new VPN has backup firewalls and routers at each site. It runs over WorldCom's Internet service with Cisco 2610 routers, and Nokia IP330s and Check Point software as the firewalls.

But the VPN's debut wasn't exactly smooth. When the VPN first went live in late April, some traffic got trapped in an asymmetric routing loop, where a portion of the IP packets ended up on the wrong path. That left Sonnenschein's attorneys at the home offices unable to run some of their SQL-based applications. So Hansen temporarily rerouted the traffic to the company's backup private network while he and the IT staff added BGP (Border Gateway Protocol) to its firewalls.

The problem stemmed from Sonnenschein's strategy of keeping BGP off its firewalls so only the routers had to make routing decisions. "Enabling BGP in the firewalls adds overhead, since BGP tends to load things into memory," Hansen says. The idea was to minimize the latency associated with heavy SQL-based traffic. With BGP now running on the Nokia/Check Point firewalls, the devices take a slight performance hit, Hansen says, but Sonnenschein's users don't notice it.

The Miami war room wasn't susceptible to the routing-loop problem because Sonnenschein had previously reconfigured the firewall there with BGP. Sonnenschein will use the same equipment, but with reconfigured IP addresses and occasional software updates, for each future war room. "We always have a unit staged and ready to go," Hansen says. "We're prepared for multiple, simultaneous war rooms, and we can deploy them as rapidly as needed."

The next big step for Sonnenschein's VPN is voice and streaming media, Hansen says. Sonnenschein's attorneys already send video depositions over the Internet in real time and plan to stream video clips to co-workers and clients for training and other purposes. Says Hansen: "We are looking to push content closer to our users."

On the Job

  • Hansen's Biggest challenges in setting up the firm's WAR ROOM: Time, and working with telecom providers to provision and test the circuit within our time line.

  • Biggest hurdle in building the VPN: Deciding which routing protocol to use, where to use it, and getting the entire system to make dynamic routing decisions for various traffic types. It's harder than it sounds to make the planning decisions, and determining the design is even more complex.

  • Next time I build a VPN, I will: Address the routing protocol as a critical issue and not underestimate its complexity. A multisite solution becomes exponentially complex when there's redundancy for the overall WAN architecture at and between each office, as well as support for client-based VPNs at every entry point and dynamic failover.

  • Job Perks: Reaching consensus among diverse groups of people and motivating them to think about security without being told they have to. I also enjoy incident response and forensics.

  • My next job: Information security management.








Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space


App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |  Advertising Contacts  |   Briefing Centers
Copyright © 2008  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights