Problem solve Get help with specific problems with your technologies, process and projects.

What should you do before deploying your VPN?

In this Ask the Expert response, VPN expert Rainer Enders provides a checklist of things to do before deploying a VPN in order to make maintaining it easier.

What should I do before deploying my VPN in order to make maintaining it easier? Can you provide a checklist of procedures?

If you’ve decided to deploy a VPN, you have made a conscious choice to protect your assets. My suggested checklist is:

  • Plan for a software VPN solution that can scale and be easily upgraded. End-of-life hardware issues often cause you to extend platforms which can have detrimental effects on operations and security.
  • Plan for a software VPN solution with integrated management of all VPN components such as servers, clients, users, certificates, etc. Management is key to maintaining control and reducing time-consuming operations.
  • Ensure all relevant client platforms are supported. This will be important for company-wide acceptance of the solution.
  • Ensure the solution has a concept of rollout and client updates, as well as upgrades that do not require administrator intervention. Client and configuration updates should be configurable at any time and pushed out to the users automatically afterwards.
  • Ensure the solution integrates with your user directories (LDAP/AD) and allows automated synchronization of identities between the user directory and VPN system. Every additional required manual configuration task increases the risk for incomplete user provisioning or de-provisioning.
  • Pay particular attention to usability and user-friendly features and functions. These will effectively reduce support calls and enhance end-user satisfaction.

Email your VPN-related questions to editor@searchenterprisewan.com.


This was last published in December 2011

Dig Deeper on WAN optimization and performance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.