VPN: past, present, future

The terms “frame relay”, “packet switching” and “dial-up” sounded weird in the 80s and 90s, but these technologies were the basis that made possible point-to-point remote connections and based on which many enterprise-level networking technologies have been developed. Having gone from prehistoric protocols like X.25, people now use networks connected to the Internet to create data connections in the place and at the time when it is necessary.

The Internet not only united humanity, but also allowed the creation of dedicated communications that are more in demand in the corporate environment. Virtual private networks (VPNs) work "on top" of public connections, while hiding the contents of communication - this is very convenient and functional. In practice, a VPN is used to connect remote points — users, databases, or entire offices — to a secure enterprise network. VPN is much cheaper than buying a dedicated communication channel, and its convenience makes this technology an excellent choice for businesses of almost any size.

VPN Security

VPN security is achieved through encryption and tunneling. Data is encrypted at each end of the tunnel before it can be transported; network addresses at both ends can also be masked. All this (encryption and synchronization) occurs at the second level of the seven-level OSI model.

Despite the fact that it is not so difficult to establish such a connection, business representatives often have questions about using this technology. Here are three main ones:

IPsec

Like a standard VPN, IPSec is a highly flexible and highly customizable tool that can be used to connect two networks (or a single computer) to a corporate network. Traffic transmitted over this type of VPN is encrypted and password protected to prevent changes in the path from the sender to the destination. IPSec operates at the protocol level of the OSI model, making this technology an ideal “VPN for general tasks."

At the same time, despite the fact that IPSec is described as a standardized technology, some of its implementations may not be particularly compatible. IPSec is a good choice for companies that have the resources for IT staff capable of supporting such connections.

SSL

SSL VPN connects a single computer to a gateway on the corporate network. Since in the case of SSL VPN, the user browser is used as the interface, most often it does not need to install additional software. This, in turn, simplifies installation and support, and also allows you to establish a connection with computers running under different operating systems.

The downside here is the fact that, despite the ability to work through a browser, VPN connections via SSL can only be used with applications that work with HTML / HTTP. This restriction can be circumvented by installing special applications on the client computer, but this will limit the flexibility, so it may be more advantageous to use IPSec VPN.

Mobile VPN

The third question that interests business representatives is work in a mobile environment. Mobile VPN is often used in various industries, for example, in the field of security, and mVPN itself differs from the usual settings and working scheme. The main difference is that the endpoint from which the connection is established is not fixed, so mVPN must be able to restore the user connection when moving the client.

Check Point Software Technologies CTO Tom Davison says modern VPN implementations are extremely flexible and can be integrated with the company's core security system.

Today, security is provided by a package of technologies running on IPSec Internet Protocol (IP), with the help of which, in particular, data is encrypted inside a VPN channel. This allows you to protect the connection between the remote computer and the main gateway in the main office of the company. In the case of two offices (for example, headquarters and branch), a VPN connection is usually established between the gateways located in each of them. For users, of course, it is more convenient to implement without clients, since this removes the need to download and install additional software or use tokens for authentication.

Davison's company, Check Point, is just developing VPN applications for iOS and Android. With their help, corporate users can connect to the company’s network using the VPN settings specified by the IT department.

Best VPN for business

It is important to understand that there are many types of companies in the world, and each of them has its own characteristics. This means that the choice of a VPN solution, ideally, should not be based on the size of the organization, but on how the business functions.

Network Engineer at PEER 1 Hosting, Liam Enticnap, says customers who want to securely access their servers from anywhere in the world can use a VPN solution, supplemented by flexible access policies and firewall rules.

Suppose we have a client-to-office VPN, a user can install a VPN client on his machine and connect to the office from anywhere on the planet. There are certain restrictions that depend on the hosting or model of the firewall - a different number of allowed simultaneous connections is possible.

If we are talking about the “office-office” scheme, when a static tunnel is created between two offices and the firewalls located in them, then users can not worry about data safety, only when connecting between these specific locations. The combination of the two methods described can better meet the needs of the business and provide greater flexibility.

In general, the reason that a company wants to use a VPN is the need for data security, control over their distribution, and the ability to do all this from mobile devices.

Timo’s CTO Trevor Davis believes that in a way VPN technology has not changed a bit over the years and in various areas has been replaced by mobile and cloud solutions that work just as well, and even better, providing a more reliable connection.

The proliferation of high-performance tablets and smartphones has led to an increase in the use of mobile VPN services. A mobile VPN usually encrypts the data and sends it through a tunnel over the Internet to the corporate firewall. But there is MAM-VPN (mobile access management) that works exclusively within a private network and is not connected to the Internet in any way. Historically, MAM has been used by large businesses that could afford the associated costs. However, today many Internet providers have partially integrated their systems with mobile operators, which allows them to subdivide MAM into segments that are cheaper and which small businesses can afford.

Elephant in a china shop

There are several types of VPNs, there are dedicated mobile communication channels, and there are also clouds. But will clouds become the elephant that will smash that do-it-yourself VPN service store? Jun Geip Networks senior marketing solutions director Paul Gainham emphasizes the fact that many small businesses have pledged to promise cloud solutions from Amazon and Microsoft.

The flexibility of applications and payment schemes combined with the outsourcing of some IT tasks really seems like a pretty tempting offer. But can these new public products provide guaranteed security for the familiar VPN business? Now these two worlds are gradually mixing. Some VPN service providers are starting to offer integrated VPN services along with VPNs. This allows the business to access the cloud while guaranteeing a secure connection.

Growth with VPN

Duncan Higgins, Product and Marketing Director at Virgin Media Business, advises business executives to consider future business growth when choosing a VPN provider and technology. There is no point in paying in advance for VPN solutions that in a few months will either not be needed or will not be able to solve all the problems that arise.

Last year, we did a little research on which British leaders (in privacy, CIO) adhere to VPN service renewal policies. It turned out that more than a third of them needed a VPN update once a year, which every time translates into spending of £ 30,000. Needless to say, small and medium-sized businesses simply can not afford such costs? They need a VPN that allows them to grow and continues to be relevant to the current tasks of the company.

VPN enables millions of people and businesses around the world to transfer information securely. Therefore, it is obvious that this technology will continue to play an equally significant role in the foreseeable future. However, changes in the workflow of many companies and the ever-deeper penetration of cloud technology may lead to the emergence of a new cloud variety - VPN 2.0. It may well be that we are witnessing the emergence of this process now.