December 19, 2000, 10:37 AM — DETROIT -- For a year now, the Automotive Network Exchange (ANX) has been the U.S. auto industry's high-security IP network for sharing data among trading partners. But now the ANX is starting to open its doors to the insurance and steel industries as well.
The ANX is also reaching out to overseas companies, including Toyota, which just joined the network. New network installations are also planned in Europe, Japan and Latin America.
The Big Three car companies -- General Motors, Ford and Chrysler (now DaimlerChrysler) -- originally built the ANX with their trade association, the Automotive Industry Action Group (AIAG), to secure data communications within the busy Detroit/ Windsor car manufacturing zone. These organizations are now looking to expand their electronic commerce circle and bring more network users into the ANX, which is losing money and struggling to bring down costs.
"We believe ANX is entering a new era of acceptance . . . with new capabilities," Ford's ANX development leader, Dennis Kirchoff, recently told the thousands of auto suppliers attending the AutoTech show in Detroit. "We claim ANX is an open virtual private network, while most VPNs you learn about are proprietary. But ANX needs to grow by penetrating other industries."
The ANX has a lot of things going for it to entice new participants. However, the network still needs to overcome some problems, including high prices and a lack of interoperability among security technologies.
The managed 56K bit/sec to T-3 IP links for the ANX are provided exclusively by a set of Certified Service Providers (CSP) - EDS, AT&T, MCI WorldCom, BCE Emergis and Ameritech. Frontier Technologies appears set to join their ranks soon. These CSPs must meet technical requirements enforced by the ANX's official overseer, Telcordia Technologies (formerly Bellcore).
Auto suppliers that want to use the VPN have to install ANX-approved IP Security (IPSec) firewalls, gateways or routers for authentication and encryption. Because of the difficulty in getting IPSec-based equipment to work together, the ANX has limited users to security products from Axent, Check Point, Cisco, Radguard and TimeStep, says Karl Schohl, AIAG's network manager.
"We're still having interoperability problems, so we're choosing IPSec equipment that the CSPs use," Schohl says. This way, ANX users can opt to have CSPs offer IPSec as an encryption service if users can't manage the equipment themselves.
The AIAG's original plan called for ANX users to have digital certificates for gateway and client-side authentication. But ANX-approved equipment still can't reliably swap digital certificates from Entrust, the sole vendor chosen. So ANX users -- there are now 200 of them -- have to manually input long text strings called 'shared secrets' instead of using digital certificates.