CASE STUDY: Support execs in their use of Apple iPhones
As the company grew from the garage stage to full-fledged valley startup, one of the first IT challenges raised its ugly head: Now that they had an office, what kind of remote access infrastructure would the fledgling company need?
The IT team got to work, setting up remote access using standard equipment from a leading networking equipment vendor. The network was quickly operational, though issues with performance and administration soon began causing headaches.
But it wasn't until a quorum of the mobile workforce, including several company executives, began to clamor for support for their Apple iPhone devices that RingCube's IT department began to investigate remote access in earnest, explains Charles Moore, director of operations for RingCube Technologies. By that time, a dozen RingCube employees had adopted iPhones.
“We're typical of many companies,” says Moore. “The executive staff and power mobile users are rapidly adopting the iPhone and are going to our IT folks asking for support. It's happening all over the country.”
The first solution RingCube tried was IPsec VPN client software from their incumbent networking solutions provider. It seemed a safe bet, especially as that particular remote access product was recommended in Apple's iPhone 2.0 launch. But this equipment quickly revealed some fatal flaws for RingCube. First, the IPsec VPN client didn't support split tunneling, meaning all traffic traveled across the company network.
“If the user is reading ESPN on his phone or buying music or downloading an application, all of that personal bandwidth is coming across the corporate network,” explains Moore. “You're already on AT&T or the wireless LAN, so there's no need to send that traffic back across the corporate network. It's just wasteful.”
The second problem was the client performance. Using the IPsec VPN client to get calendar, contact and email data took an extreme toll on iPhone battery consumption.
“We wanted a solution that would be efficient for bandwidth and battery life,” says Moore.
After reviewing analyst research, RingCube learned that Juniper Networks had just released a new version of its SSL VPN appliance that made support for iPhones easy and they decided to give it a try.
The company quickly discovered that the Juniper Networks Secure Access SSL VPN appliances could deliver on both of their primary requirements: reduced bandwidth over the corporate network, and providing better battery life for iPhone users, as well as employees and partners on Windows, UNIX and Mac clients. Besides email, calendar and contact data, Juniper's SSL VPN supports web browsing, allowing employees to use the same VPN connection they use for email to access the intranet, the engineering wiki, and other corporate web-based tools. And they can employ the same device for personal use without incurring the time or bandwidth penalties of having to route over the corporate network.
The company also uses Juniper Networks Secure Access for robust extranets where partners and customers can access internal resources.
“The extranet feature is huge,” says Moore. “The fact that we have a portal that we can use to transfer large amounts of data to partners means we don't have to send DVDs and CDs. We are much more efficient and responsive to partners.”
RingCube has three secure access appliances for different uses. An SA 5000 appliance is primarily used for the extranet with development partners. An SA 2000 serves as the primary appliance for employee remote access, while an SA 700 is used for developers in the Hyderabad location.
The SA 5000 is designed for best-in-class performance, scalability and redundancy for organizations with high-volume secure access and authorization requirements. It is designed to scale to the largest enterprise deployments and optimize application delivery.
The SA 2000 is designed for cost-effective remote access and intranet security. It provides endpoint client, device, data and server security controls. IT can manage the SA 2000 centrally. With fine-grained logging and auditing features, IT can keep close tabs on who's accessing the network, as well as when and where they've been.
The SA 700 is designed to provide secure, cost-effective remote access to the corporate network for small and medium businesses. It is designed for plug-and-play operation and installs in minutes.
In fact, the company leveraged the extranet even further recently as part of the company's press launch in September, 2008. Journalists and analysts from major industry research firms were able to log into the extranet and download a 100 MB press kit, including demos, whitepapers and data sheets — collateral that press agents used to have to distribute in hard copy format via snail mail or overnight delivery service. RingCube's PR consultant was able to create and administer this effort using a delegated user admin role within Secure Access.
“We were even able to track this traffic afterward,” says Moore. “We could see who logged in and who didn't. To do this on our website would have been too time-consuming and costly.”
RingCube uses the same features to provide top-notch support to its development partners and customers. They no longer have to rely on customers to use FTP to upload data for issue resolution or to download patches.
“The extranet part is so beneficial for a small company like ours where we can't spend a ton of money on web developers,” says Moore. “The extranet makes us much more productive.”
Although none of their employees has lost an iPhone, they've tested the remote wipe feature on the SSL VPN so they are ready to protect themselves against data loss. They're confident that should an employee lose their iPhone or have one stolen, they'll be able to thwart any risk or data loss.
Now that iPhone support is a done deal, RingCube's IT team is looking for a few plums to pluck from their Juniper SSL VPN for the future. Most notably, they are hoping that their sales, marketing and customer support people will be able to leverage Juniper Networks Secure Meeting solution for web conferencing, which will eliminate the high costs of using a third-party web conferencing service provider.
The biggest win for the company has been finding a complete and scalable solution that satisfies the entire wish list for the company's very eager iPhone user base. And as the company grows, they know that they'll be able to provide this valuable support to new employees as needed.