Customer

The client is one of the biggest Insurance groups in USA. The Client has Data Centers at multiple locations in Los Angeles, Baltimore and Connecticut. Insurance claims are filed and settled over the web. Large proportions of users are mobile requiring secure remote/web connectivity. The company also has a number of satellite offices without direct WAN connectivity to their data center. It was essential to put adequate infrastructure to connect the remote offices as well as more than three thousand mobile users and to identify the security needs and design and implement a robust infrastructure to ensure high availability and security.

Challenge

The client wanted the VPN solution to be fully redundant and available 24*7. To address this requirement, the central VPN concentrators were designed to work in High Availability mode. Also Internet Access link was procured from two different ISPs to have link level redundancy as well.

Solution

After doing initial study of the company’s existing infrastructure and their business needs, we have designed and implemented a VPN network for the company based on Nortel Network’s VPN Concentrators. The VPN network Access diagram can be seen in Diagram1 on the following page.

The design was made keeping two Contivity 4600 concentrators at the central location and Contivity 100/ 400 at the satellite offices to form site-to-site IPSec VPN tunnel. For the mobile users, VPN client software was loaded at each remote desktop/laptop. The users dial nearest ISP and then through the VPN client software, establish a VPN tunnel with the central VPN concentrator.

The highlight of the solution was implementation of High Availability at the central site by having two VPN concentrators in Failover mode. The mobile users are authenticated by the corporate NT server before they are allowed access to any internal resource. Authenticating users through NT server helps in keeping a unified user profile for both Intranet login and VPN based extranet login.

Benefits