Pertino: Meshing Remote Access Flexibility with Corporate IP VPN Manageability
December 11, 2013 Leave a comment
- Pertino uses software clients to build overlay IP VPNs that support mesh networking and add easy-to-use management, targeting mainly SMBs.
- NTT Communications looks to have some similar concepts, to strengthen its upcoming IP VPN service, designed to support enterprises.
Back in February 2013, Pertino, a startup out of Cupertino, CA, released its flagship Cloud Network Engine, which the company described as a ‘SDN-powered cloud networking’ service. At first glance, the technology looks almost like old-fashioned SSL or IPsec VPN remote access: it’s an overlay VPN that connects to an array of common computer and mobile device platforms. The difference is in Pertino’s use of its own downloadable app, which adds features that you don’t usually get with remote access. The software client is currently available for Microsoft Windows client and server operating systems as well as for Apple OS X and Ubuntu Linux clients; an Android client has been released, and an iOS client is in the works.
There are two key things that Pertino does differently. First, where regular remote access is hub-and-spoke (clients all connect back to a remote access server), Pertino, using its software client, builds mesh networks. Corporate servers and client devices are all reachable across the VPN in a peer-to-peer way, without a VPN concentrator. Second is the visual management interface, which shows what devices are on the network and whether they’re active, and can institute moves/adds/changes/deletes intuitively with a few mouse clicks, without the IT administrator having to understand the underlying network configuration details.
As for the software-defined networking (SDN) component, Pertino’s software that powers its IP VPN services runs on virtual machines in a cloud environment. This is not overly interesting on its own, though it does make the company fast and flexible in terms of spinning up additional resources to serve customers, or in failing over to other cloud infrastructure in case of a problem.
Pertino’s IP VPN services are interesting to watch, though the concept still has two shortfalls: First, the customer has to be willing to deploy Pertino’s client on all networked devices. That might go against the grain of corporate security or (for servers) reliability policies. It will leave some servers/devices out in the cold, if Pertino doesn’t support the operating system (e.g., legacy servers, non-Android/iOS clients, networked printers, or network devices). Second, Pertino today mainly targets SMBs needing to connect 10-40 devices. It can go bigger, but doesn’t sound ready to scale to larger enterprises.
Why does this SMB-oriented IP VPN service matter? On December 10, NTT Communications announced Arcstar Universal One Virtual Option, a service that will launch in 21 countries starting in March 2014. The upcoming service will use SDN technology and a client application installed on end-user devices; customers will be able to create, modify and control overlay corporate networks on demand. Knowing NTT Communications, expect the flexible VPN service launched under Arcstar Universal One Virtual Option to scale and fully support enterprise clientele. For example, the provider intends to ship not just software clients, but also a hardware adapter as an alternative to deploying a software client. I suspect NTT Com is also not the last we’ll hear of this new approach to deploying this new hybrid breed of IP VPNs.