Jane C. Blake
Managing Editor

DIGITAL has pioneered many networking developments in its 40-year history. A recent development, AltaVista, has captured the popular imagination, as evidenced by worldwide accesses, averaging 18 million per day, to this Internet search engine. Introduced in 1995, AltaVista indexing of the entire Internet was made possible by 64-bit VLM Alpha technology. The index proceeds today at a pace of more than 6 million pages per day. DIGITAL’s Internet developments, however, go well beyond search functions. Business users need greatly improved security and protection to integrate the power of Internet connectivity into their businesses. It is this need that is addressed in the papers on tunnels, firewalls, and electronic mail. Additional papers in the issue feature high-performance, low-cost Alpha microprocessor-based workstations with unique design features, such as a single-chip core logic ASIC.

"Tunnel" and "firewall" are strong metaphors that developers use to connote the kind of security software necessary to protect business communications transmitted over the Internet. Tunneling protects data as it travels in the public Internet by providing secure encapsulation within the standard TCP/IP protocol. However, as Ken Alden and Ted Wobber explain, additional security measures are necessary, specifically, cryptographically secure encapsulated packets. The authors describe how secure network-level routing can be achieved by combining the well known technologies of tunneling and secure channels. The paper includes their experiences in deploying the AltaVista Tunnel within DIGITAL.

Once data arrives—almost—at its destination, the firewall is a filtering router that determines which data packets will be allowed to pass from the public to the private network. Mark Smith, Sean Doherty, Ollie Leahy, and Der Tynan compare types of firewalls; describe firewall functions such as alarm systems, authentication, and reporting; and present the design of the AltaVista Firewall for DIGITAL UNIX. The AltaVista Firewall comprises both application-level and packet-filtering functionality and implements the principle "that which is not expressly permitted is denied."

The development of the AltaVista Mail product is presented by Nick Shipman as a case study in the issues facing engineers who design products for business users of the Internet. He relates several of the fundamental assumptions about engineering projects that were overturned by the engineering team; for example, product definition had conventionally started with the technical issues to be addressed and now started instead with a product purchase price. Further, in an effort to ensure product simplicity for the target customer, they imposed the principle of simplicity throughout the project—simplicity in presentation, in design, in methods, and in implementation.

A low-cost, high-performance workstation has been designed by DIGITAL’s workstation engineering group. In the first of two papers about the DIGITAL Personal Workstations, Ken Weiss and Kenny House discuss the primary reasons for initiating a wholly new design: simultaneously to take advantage of new, high-performance memory technologies and to implement at a low cost. A new, low-cost core logic design was needed to function as the CPU to- memory interface. The result, described by Reinhard Schumann, was the 21174 single-chip core logic ASIC for the Alpha microprocessor. Designers were able to meet their own aggressive performance goals by focusing on reductions in the main memory latency that was attributable to the memory controller subsystem and by using as much of the raw bandwidth of the Alpha 21164 CPU’s data bus as possible.

Subjects for papers in the next issue of the Journal include the parallel SCSI technology, shared desktop software, and a high-performance debugger.