Talk about a distributed workforce. More than half of Prudential Insurance Company's 60,000 worldwide workers access corporate network applications and services remotely - from branch offices, storefronts, private offices, customer sites, as well as from home. Until last year, workers dialed in over analog or ISDN lines using AT&T remote dial services. But mounting pressure from company brass eager to cut costs, as well as from employees frustrated with slow connections, meant Ed Mann had to find a better way.
Mann, Prudential's vice president of network technology, had to solve a two-pronged problem. First, he targeted the network side and looked to replace the company's costly outsourced remote dial service with an in-house VPN. Built with Nortel Networks' extranet VPN switches, Mann and his team created a redundant environment between Prudential's New York and Roseland, N.J., data centers with total failover. Security is the tightest, using Triple-DES for encryption and RSA's secure ID for authentication.
"We'll have one of the largest enterprise VPNs when we're finished," Mann says.
So far, the company has migrated about 15,000 users to the system. Mann anticipates a 50% to 75% cost savings with the VPN. "This year, we've already seen savings in the millions of dollars," he says.
Although pleased with the savings, Mann knew the VPN solved only half of Prudential's problem. Faced with ever-increasing availability of residential broadband services, employees were pushing hard to access com-pany systems over their own high-speed connections - a prospect fraught with management and security problems. Mann envisioned thousands of workers securing DSL and cable contracts from a slew of providers, and sought to maintain control over the roll out. He also needed to control how workers were using their connections. "Once the worker is beyond the physical confines of the campus, it's very difficult to set policy and police what people do," Mann says.
As important, Prudential also wanted workers to experience the same work environment in-house as they do remotely and maintain or even increase their productivity. Faced with the challenge of migrating 30,000-plus workers to high-speed residential connections, Mann considered business-class DSL offerings from eight ISPs. But because he demanded service-level agreements for all the remote connections, most competitors were knocked out.
Even tougher to please, Mann also wanted a private network and voice capabilities. The only company to make the cut was Exario Networks, a New Jersey managed IP services provider. Exario provides high-speed line provisioning, VPN and voice to enterprise companies over its unique private carrier-class network. Because the company data never crosses the Internet, firms like Prudential, as well as financial institutions such as American International Group, Soros Fund Management and Credit Suisse First Boston (formerly DLJ) are signing up. So far, Exario has rolled out 25 Prudential employees in a pilot program, and another 1,000 are signed up for service. By outsourcing its remote access needs to Exario, Mann says Prudential is laying the groundwork to offer the telecommuting option to new employees who don't want to relocate to its corporate offices. DSL services are paid by Prudential, but it's up to the business managers to determine which employees are eligible. Prudential's policies for accessing company resources are strict, and employees are not permitted to use the DSL connection for personal use. Because all traffic is routed through Exario's network to Prudential's servers, Mann can monitor Internet and e-mail traffic on remote machines the same way he does on campus.
For Mann, DSL provisioning is a headache that's no longer his. Exario handles all the employee provisioning and systems management. Its unique Web-based customer service and network management tools let pre-approved Prudential employees enter their customer information on Exario's site. Exario is also building Prudential an employee intranet site where remote workers can access company policies and procedures, and specific information related to their departments.
However, Prudential's also got an eye on Exario's voice services. Mann says Prudential will likely provide an integrated voice and data solution for its full-time teleworkers, so they can dial four-digit extensions just like in the office, and program their phones to take advantage of many calling features. As Exario has relieved Prudential's deployment head-ache, some concerns still linger about the DSL industry in general.
"We had two NorthPoint customers in our pilot program who're now out of luck," Mann says.
Exario isn't tied to DSL, though. For line provisioning, the company tries DSL first, but if an end user doesn't qualify, Exario can roll out ISDN, frame relay and point-to-point T-1 connections, with wireless and satellite coming soon. Exario doesn't offer cable connections because it says cable doesn't provide the "viability or reliability" for its type of customers.
This story, "Prudential takes total remote control" was originally published by Network World.