Implementing large scale VPN systems in complex enterprise environments with lots of different applications highlights the performance and security challenges of providing a remote “in-office” experience to hundreds or thousands of telecommuters. Modern remote workforces are sometimes spread across wide geographic areas, and may be connecting in from environments with largely unknown levels of physical security and access. Further, many enterprise applications were designed to run on local campus networks (LANS), and may exhibit unpredictable behaviour when distance, latency and jitter are introduced, which can lead to performance issues and workflow disruption for telecommuters who are accustomed to high responsiveness.
In addition to managing endpoint protection for the myriad devices used to connect to VPNs, managing VPN gateway access policies for enterprise systems can quickly scale up and become administratively burdensome with even moderate numbers of applications. Luckily there are some options in addition to conventional VPN gateways, which may be a better fit in certain circumstances, and can offer substantial performance, security and administration advantages over traditional remote connectivity methodology.
Network Computing breaks down some of the pros and cons of three current options for connecting remote workforces…
In this article, we’ll compare three popular remote access technologies. Those are traditional VPN, VDI, and teleworker gateways. We will point out the benefits of each and situations where one may be a better fit over the others.
Remote access VPN
If your employees are working from home (WFH) right now, chances are they are using remote access VPN to reach applications and data that resides inside the corporate network. The deployment architecture of a remote access VPN deployment is simple. At the corporate internet edge, a VPN gateway or firewall running VPN software is used as the headend for all remote access clients. A client device then uses either uses VPN software built-in to the device operating system (OS) – or third-party VPN software is installed. Once that is complete, the WFH employee will use the VPN software to initiate a connection over the internet and between the employee’s remote device and the VPN gateway residing at the corporate network edge. The user must then successfully authenticate with the VPN gateway. Once granted access, the WFH user is permitted access based on the access levels their authentication grants them.
For most businesses, VPN has been acceptable for allowing some employees to work remotely. That said, it’s likely that many VPN gateways weren’t built to support the number of simultaneous users that are now working remotely